name: Build and push docker image to internal registry on: workflow_dispatch: push: branches: - 'main' tags: - 'v*' pull_request: paths: - ".github/workflows/build.yaml" - "integration-tests/**" - "server/**" - "proto/**" - "router/**" - "launcher/**" - "Cargo.lock" - "rust-toolchain.toml" - "Dockerfile" branches: - 'main' jobs: # start-runner: # name: Start self-hosted EC2 runner # runs-on: ubuntu-latest # env: # AWS_REGION: us-east-1 # EC2_AMI_ID: ami-03cfed9ea28f4b002 # EC2_INSTANCE_TYPE: g5.12xlarge # EC2_SUBNET_ID: subnet-931b34f5,subnet-ecb993cd,subnet-943dc2d8,subnet-45371f1a,subnet-ee93e0df,subnet-fddc3dfc # EC2_SECURITY_GROUP: sg-030175c435ac141d6 # outputs: # label: ${{ steps.start-ec2-runner.outputs.label }} # ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }} # steps: # - name: Configure AWS credentials # uses: aws-actions/configure-aws-credentials@v1 # with: # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} # aws-region: ${{ env.AWS_REGION }} # - name: Start EC2 runner # id: start-ec2-runner # uses: philschmid/philschmid-ec2-github-runner@main # with: # mode: start # github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} # ec2-image-id: ${{ env.EC2_AMI_ID }} # ec2-instance-type: ${{ env.EC2_INSTANCE_TYPE }} # subnet-id: ${{ env.EC2_SUBNET_ID }} # security-group-id: ${{ env.EC2_SECURITY_GROUP }} # aws-resource-tags: > # optional, requires additional permissions # [ # {"Key": "Name", "Value": "ec2-tgi-github-runner"}, # {"Key": "GitHubRepository", "Value": "${{ github.repository }}"} # ] build-and-push-image: concurrency: group: ${{ github.workflow }}-build-and-push-image-${{ github.head_ref || github.run_id }} cancel-in-progress: true # needs: start-runner # required to start the main job when the runner is ready runs-on: [multi-gpu, nvidia-gpu, 4-a10, ci] #runs-on: [self-hosted, intel-cpu, 32-cpu, tgi-ci] permissions: contents: write packages: write # This is used to complete the identity challenge # with sigstore/fulcio when running outside of PRs. id-token: write security-events: write steps: - name: Checkout repository uses: actions/checkout@v3 - name: Initialize Docker Buildx uses: docker/setup-buildx-action@v3.0.0 with: install: true driver-opts: | "env.http_proxy=http://localhost:1055" "env.https_proxy=http://localhost:1055" "env.no_proxy='localhost,127.0.0.1,::1,*.ubuntu.com,*.github-runners.huggingface.tech,*.amazonaws.com,*.docker.io,*.docker.com,cdn.auth0.com,*.cloudfront.net'" - name: Inject slug/short variables uses: rlespinasse/github-slug-action@v4.4.1 - name: Tailscale uses: tailscale/github-action@7a0b30ed3517c2244d1330e39467b95f067a33bd with: authkey: ${{ secrets.TAILSCALE_AUTHKEY }} tailscaled-args: "--tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055" version: ${{ vars.TAILSCALE_CLIENT_VERSION }} - name: Login to GitHub Container Registry if: github.event_name != 'pull_request' uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login to internal Container Registry uses: docker/login-action@v2.1.0 with: username: ${{ secrets.TAILSCALE_DOCKER_USERNAME }} password: ${{ secrets.TAILSCALE_DOCKER_PASSWORD }} registry: registry.internal.huggingface.tech - name: Login to Azure Container Registry if: github.event_name != 'pull_request' uses: docker/login-action@v2.1.0 with: username: ${{ secrets.AZURE_DOCKER_USERNAME }} password: ${{ secrets.AZURE_DOCKER_PASSWORD }} registry: db4c2190dd824d1f950f5d1555fbadf0.azurecr.io # If pull request - name: Extract metadata (tags, labels) for Docker if: ${{ github.event_name == 'pull_request' }} id: meta-pr uses: docker/metadata-action@v4.3.0 with: images: | registry.internal.huggingface.tech/api-inference/community/text-generation-inference tags: | type=raw,value=sha-${{ env.GITHUB_SHA_SHORT }} # If main, release or tag - name: Extract metadata (tags, labels) for Docker if: ${{ github.event_name != 'pull_request' }} id: meta uses: docker/metadata-action@v4.3.0 with: flavor: | latest=auto images: | registry.internal.huggingface.tech/api-inference/community/text-generation-inference ghcr.io/huggingface/text-generation-inference db4c2190dd824d1f950f5d1555fbadf0.azurecr.io/text-generation-inference tags: | type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} type=raw,value=sha-${{ env.GITHUB_SHA_SHORT }} - name: Build and push Docker image id: build-and-push uses: docker/build-push-action@v4 with: context: . file: Dockerfile push: true platforms: 'linux/amd64' build-args: | GIT_SHA=${{ env.GITHUB_SHA }} DOCKER_LABEL=sha-${{ env.GITHUB_SHA_SHORT }} "http_proxy=http://localhost:1055" "https_proxy=http://localhost:1055" "no_proxy='localhost,127.0.0.1,::1,*.github-runners.huggingface.tech,*.amazonaws.com,*.docker.io,*.docker.com,cdn.auth0.com,*.cloudfront.net'" tags: ${{ steps.meta.outputs.tags || steps.meta-pr.outputs.tags }} labels: ${{ steps.meta.outputs.labels || steps.meta-pr.outputs.labels }} cache-from: type=registry,ref=registry.internal.huggingface.tech/api-inference/community/text-generation-inference:cache,mode=min cache-to: type=registry,ref=registry.internal.huggingface.tech/api-inference/community/text-generation-inference:cache,mode=min integration-tests: concurrency: group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true needs: # - start-runner - build-and-push-image # Wait for the docker image to be built runs-on: [multi-gpu, nvidia-gpu, 4-a10, ci] env: DOCKER_VOLUME: /cache steps: - uses: actions/checkout@v2 - name: Inject slug/short variables uses: rlespinasse/github-slug-action@v4.4.1 - name: Set up Python uses: actions/setup-python@v4 with: python-version: 3.9 - name: Tailscale uses: tailscale/github-action@7a0b30ed3517c2244d1330e39467b95f067a33bd with: authkey: ${{ secrets.TAILSCALE_AUTHKEY }} tailscaled-args: "--tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055" version: ${{ vars.TAILSCALE_CLIENT_VERSION }} - name: Prepare disks run: | sudo mkfs -t ext4 /dev/nvme1n1 sudo mkdir ${{ env.DOCKER_VOLUME }} sudo mount /dev/nvme1n1 ${{ env.DOCKER_VOLUME }} - name: Install run: | make install-integration-tests - name: Run tests run: | export DOCKER_IMAGE=registry.internal.huggingface.tech/api-inference/community/text-generation-inference:sha-${{ env.GITHUB_SHA_SHORT }} export HUGGING_FACE_HUB_TOKEN=${{ secrets.HUGGING_FACE_HUB_TOKEN }} pytest -s -vv integration-tests build-and-push-image-rocm: concurrency: group: ${{ github.workflow }}-build-and-push-image-rocm-${{ github.head_ref || github.run_id }} cancel-in-progress: true # needs: # - start-runner # - build-and-push-image # Wait for the main docker image to be built # - integration-tests # Wait for the main integration-tests runs-on: [self-hosted, docker-gpu, amd-gpu, multi-gpu, mi250] permissions: contents: write packages: write # This is used to complete the identity challenge # with sigstore/fulcio when running outside of PRs. id-token: write security-events: write steps: - name: Checkout repository uses: actions/checkout@v3 - name: Initialize Docker Buildx uses: docker/setup-buildx-action@v2.0.0 with: install: true - name: Inject slug/short variables uses: rlespinasse/github-slug-action@v4.4.1 - name: Tailscale uses: tailscale/github-action@7a0b30ed3517c2244d1330e39467b95f067a33bd with: authkey: ${{ secrets.TAILSCALE_AUTHKEY }} version: ${{ vars.TAILSCALE_CLIENT_VERSION }} - name: Login to GitHub Container Registry if: github.event_name != 'pull_request' uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login to internal Container Registry uses: docker/login-action@v2.1.0 with: username: ${{ secrets.TAILSCALE_DOCKER_USERNAME }} password: ${{ secrets.TAILSCALE_DOCKER_PASSWORD }} registry: registry.internal.huggingface.tech - name: Login to Azure Container Registry if: github.event_name != 'pull_request' uses: docker/login-action@v2.1.0 with: username: ${{ secrets.AZURE_DOCKER_USERNAME }} password: ${{ secrets.AZURE_DOCKER_PASSWORD }} registry: db4c2190dd824d1f950f5d1555fbadf0.azurecr.io # If pull request - name: Extract metadata (tags, labels) for Docker if: ${{ github.event_name == 'pull_request' }} id: meta-pr uses: docker/metadata-action@v4.3.0 with: images: | registry.internal.huggingface.tech/api-inference/community/text-generation-inference tags: | type=raw,value=sha-${{ env.GITHUB_SHA_SHORT }}-rocm # If main, release or tag - name: Extract metadata (tags, labels) for Docker if: ${{ github.event_name != 'pull_request' }} id: meta uses: docker/metadata-action@v4.3.0 with: flavor: | latest=false images: | registry.internal.huggingface.tech/api-inference/community/text-generation-inference ghcr.io/huggingface/text-generation-inference db4c2190dd824d1f950f5d1555fbadf0.azurecr.io/text-generation-inference tags: | type=semver,pattern={{version}}-rocm type=semver,pattern={{major}}.{{minor}}-rocm type=raw,value=latest-rocm,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }} type=raw,value=sha-${{ env.GITHUB_SHA_SHORT }}-rocm - name: Build and push Docker image id: build-and-push uses: docker/build-push-action@v4 with: context: . file: Dockerfile_amd push: true platforms: 'linux/amd64' build-args: | GIT_SHA=${{ env.GITHUB_SHA }} DOCKER_LABEL=sha-${{ env.GITHUB_SHA_SHORT }}-rocm tags: ${{ steps.meta.outputs.tags || steps.meta-pr.outputs.tags }} labels: ${{ steps.meta.outputs.labels || steps.meta-pr.outputs.labels }} cache-from: type=registry,ref=registry.internal.huggingface.tech/api-inference/community/text-generation-inference:cache-rocm,mode=min cache-to: type=registry,ref=registry.internal.huggingface.tech/api-inference/community/text-generation-inference:cache-rocm,mode=min # stop-runner: # name: Stop self-hosted EC2 runner # needs: # - start-runner # - build-and-push-image # # - build-and-push-image-rocm # - integration-tests # runs-on: ubuntu-latest # env: # AWS_REGION: us-east-1 # if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs # steps: # - name: Configure AWS credentials # uses: aws-actions/configure-aws-credentials@v1 # with: # aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} # aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} # aws-region: ${{ env.AWS_REGION }} # - name: Stop EC2 runner # uses: philschmid/philschmid-ec2-github-runner@main # with: # mode: stop # github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} # label: ${{ needs.start-runner.outputs.label }} # ec2-instance-id: ${{ needs.start-runner.outputs.ec2-instance-id }}