[Github][CI] Add separate container for code-format premerge job #1
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build CI Container | |
| permissions: | |
| contents: read | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - .github/workflows/build-ci-container-code-format.yml | |
| - '.github/workflows/containers/github-action-ci-code-format/**' | |
| - llvm/utils/git/code-format-helper.py | |
| - llvm/utils/git/requirements_formatting.txt | |
| - llvm/utils/git/requirements_formatting.txt.in | |
| pull_request: | |
| paths: | |
| - .github/workflows/build-ci-container-code-format.yml | |
| - '.github/workflows/containers/github-action-ci-code-format/**' | |
| - llvm/utils/git/code-format-helper.py | |
| - llvm/utils/git/requirements_formatting.txt | |
| - llvm/utils/git/requirements_formatting.txt.in | |
| jobs: | |
| build-ci-container-code-format: | |
| if: github.repository_owner == 'llvm' | |
| runs-on: depot-ubuntu-24.04-16 | |
| steps: | |
| - name: Checkout LLVM | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| sparse-checkout: .github/workflows/containers/github-action-ci-code-format/ | |
| - name: Write Variables | |
| id: vars | |
| run: | | |
| tag=$(git rev-parse --short=12 HEAD) | |
| container_name="ghcr.io/$GITHUB_REPOSITORY_OWNER/amd64/ci-ubuntu-24.04-code-format" | |
| echo "container-name=$container_name" >> $GITHUB_OUTPUT | |
| echo "container-name-tag=$container_name:$tag" >> $GITHUB_OUTPUT | |
| echo "container-filename=$(echo $container_name:$tag | sed -e 's/\//-/g' -e 's/:/-/g').tar" >> $GITHUB_OUTPUT | |
| - name: Build container | |
| run: | | |
| podman build --target ci-container-code-format \ | |
| -f .github/workflows/containers/github-action-ci-code-format/Dockerfile \ | |
| -t ${{ steps.vars.outputs.container-name-tag }} . | |
| # Save the container so we have it in case the push fails. This also | |
| # allows us to separate the push step into a different job so we can | |
| # maintain minimal permissions while building the container. | |
| - name: Save container image | |
| run: | | |
| podman save ${{ steps.vars.outputs.container-name-tag }} > ${{ steps.vars.outputs.container-filename }} | |
| - name: Upload container image | |
| uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 | |
| with: | |
| name: container-amd64 | |
| path: "*.tar" | |
| retention-days: 14 | |
| - name: Test Container | |
| run: | | |
| for image in ${{ steps.vars.outputs.container-name-tag }}; do | |
| # Use --pull=never to ensure we are testing the just built image. | |
| podman run --pull=never --rm -it $image /usr/bin/bash -x -c 'cd $HOME && clang-format --version | grep version' | |
| done | |
| push-ci-container: | |
| if: github.event_name == 'push' | |
| needs: | |
| - build-ci-container-code-format | |
| permissions: | |
| packages: write | |
| runs-on: ubuntu-24.04 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| steps: | |
| - name: Download container | |
| uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 | |
| - name: Push Container | |
| run: | | |
| function push_container { | |
| image_name=$1 | |
| latest_name=$(echo $image_name | sed 's/:[a-f0-9]\+$/:latest/g') | |
| podman tag $image_name $latest_name | |
| echo "Pushing $image_name ..." | |
| podman push $image_name | |
| echo "Pushing $latest_name ..." | |
| podman push $latest_name | |
| } | |
| podman login -u ${{ github.actor }} -p $GITHUB_TOKEN ghcr.io | |
| for f in $(find . -iname *.tar); do | |
| image_name=$(podman load -q -i $f | sed 's/Loaded image: //g') | |
| push_container $image_name | |
| if echo $image_name | grep '/amd64/'; then | |
| # For amd64, create an alias with the arch component removed. | |
| # This matches the convention used on dockerhub. | |
| default_image_name=$(echo $(dirname $(dirname $image_name))/$(basename $image_name)) | |
| podman tag $image_name $default_image_name | |
| push_container $default_image_name | |
| fi | |
| done |