From 637a9482b24080f1a660ec3333547881be8b818a Mon Sep 17 00:00:00 2001 From: Aiden Grossman Date: Thu, 6 Nov 2025 13:37:23 -0800 Subject: [PATCH 1/5] [CI] Make Container Build Jobs use LLVM Actions Some common actions in https://github.com/llvm/llvm-project/pull/166663 were recently introduced to make building and pushing containers much simpler. Migrate the jobs in zorg to use them to avoid the duplication. --- .../build-operations-metrics-container.yml | 37 +++---------------- 1 file changed, 5 insertions(+), 32 deletions(-) diff --git a/.github/workflows/build-operations-metrics-container.yml b/.github/workflows/build-operations-metrics-container.yml index ff5c429ef..17ac3f687 100644 --- a/.github/workflows/build-operations-metrics-container.yml +++ b/.github/workflows/build-operations-metrics-container.yml @@ -28,30 +28,11 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: sparse-checkout: premerge/ops-container - - name: Write Variables - id: vars - run: | - tag=`date +%s` - container_name="ghcr.io/$GITHUB_REPOSITORY_OWNER/operations-metrics" - echo "container-name=$container_name" >> $GITHUB_OUTPUT - echo "container-name-tag=$container_name:$tag" >> $GITHUB_OUTPUT - echo "container-filename=$(echo $container_name:$tag | sed -e 's/\//-/g' -e 's/:/-/g').tar" >> $GITHUB_OUTPUT - name: Build Container - working-directory: premerge/ops-container - run: | - podman build -t ${{ steps.vars.outputs.container-name-tag }} . - # Save the container so we have it in case the push fails. This also - # allows us to separate the push step into a different job so we can - # maintain minimal permissions while building the container. - - name: Save Container Image - run: | - podman save ${{ steps.vars.outputs.container-name-tag }} > ${{ steps.vars.outputs.container-filename }} - - name: Upload Container Image - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: llvm/llvm-project/.github/workflows/build-container@c940bfd7e6218c01c6a517e8d6afc8067e933ffd with: - name: container - path: ${{ steps.vars.outputs.container-filename }} - retention-days: 14 + container_name: operations-metrics + context: premerge/ops-container push-operations-metrics-container: if: github.event_name == 'push' @@ -63,14 +44,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - name: Download Container Image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + - uses: llvm/llvm-project/.github/workflows/push-container@c940bfd7e6218c01c6a517e8d6afc8067e933ffd with: - name: container - - name: Push Container - run: | - podman load -i ${{ needs.build-operations-metrics-container.outputs.container-filename }} - podman tag ${{ needs.build-operations-metrics-container.outputs.container-name-tag }} ${{ needs.build-operations-metrics-container.outputs.container-name }}:latest - podman login -u ${{ github.actor }} -p $GITHUB_TOKEN ghcr.io - podman push ${{ needs.build-operations-metrics-container.outputs.container-name-tag }} - podman push ${{ needs.build-operations-metrics-container.outputs.container-name }}:latest + token: ${{ secrets.GITHUB_TOKEN }} From 81a75aa6f341e59eab2e7a2fc24ae376747a0b10 Mon Sep 17 00:00:00 2001 From: Aiden Grossman Date: Thu, 6 Nov 2025 14:29:07 -0800 Subject: [PATCH 2/5] try --- .github/workflows/build-operations-metrics-container.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-operations-metrics-container.yml b/.github/workflows/build-operations-metrics-container.yml index 17ac3f687..21150ab98 100644 --- a/.github/workflows/build-operations-metrics-container.yml +++ b/.github/workflows/build-operations-metrics-container.yml @@ -19,17 +19,13 @@ jobs: build-operations-metrics-container: if: github.repository_owner == 'llvm' runs-on: ubuntu-24.04 - outputs: - container-name: ${{ steps.vars.outputs.container-name }} - container-name-tag: ${{ steps.vars.outputs.container-name-tag }} - container-filename: ${{ steps.vars.outputs.container-filename }} steps: - name: Checkout LLVM Zorg uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: sparse-checkout: premerge/ops-container - name: Build Container - uses: llvm/llvm-project/.github/workflows/build-container@c940bfd7e6218c01c6a517e8d6afc8067e933ffd + uses: llvm/llvm-project/.github/actions/build-container@9ee130fa0c8bb163b69923f203f3b2399fea747d with: container_name: operations-metrics context: premerge/ops-container @@ -44,6 +40,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: llvm/llvm-project/.github/workflows/push-container@c940bfd7e6218c01c6a517e8d6afc8067e933ffd + - uses: llvm/llvm-project/.github/actions/push-container@9ee130fa0c8bb163b69923f203f3b2399fea747d with: token: ${{ secrets.GITHUB_TOKEN }} From 4dac9531cdfa53707130fef4908fc58040ab878b Mon Sep 17 00:00:00 2001 From: Aiden Grossman Date: Thu, 6 Nov 2025 14:31:04 -0800 Subject: [PATCH 3/5] fix --- .github/workflows/build-operations-metrics-container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-operations-metrics-container.yml b/.github/workflows/build-operations-metrics-container.yml index 21150ab98..e974f95e9 100644 --- a/.github/workflows/build-operations-metrics-container.yml +++ b/.github/workflows/build-operations-metrics-container.yml @@ -27,7 +27,7 @@ jobs: - name: Build Container uses: llvm/llvm-project/.github/actions/build-container@9ee130fa0c8bb163b69923f203f3b2399fea747d with: - container_name: operations-metrics + container-name: operations-metrics context: premerge/ops-container push-operations-metrics-container: From 7b6839c570702299499dd2c95fbe19c156a9449d Mon Sep 17 00:00:00 2001 From: Aiden Grossman Date: Thu, 6 Nov 2025 14:42:09 -0800 Subject: [PATCH 4/5] finish --- .../build-operations-metrics-container.yml | 8 ++-- .../build-premerge-advisor-container.yml | 41 +++---------------- .../build-premerge-buildbot-container.yml | 41 +++---------------- 3 files changed, 14 insertions(+), 76 deletions(-) diff --git a/.github/workflows/build-operations-metrics-container.yml b/.github/workflows/build-operations-metrics-container.yml index e974f95e9..ed3bd44f2 100644 --- a/.github/workflows/build-operations-metrics-container.yml +++ b/.github/workflows/build-operations-metrics-container.yml @@ -25,10 +25,10 @@ jobs: with: sparse-checkout: premerge/ops-container - name: Build Container - uses: llvm/llvm-project/.github/actions/build-container@9ee130fa0c8bb163b69923f203f3b2399fea747d + uses: llvm/llvm-project/.github/actions/build-container@883aa1207e0319362f9b9907158520d28f45fb72 with: - container-name: operations-metrics - context: premerge/ops-container + container-name: operations-metrics + context: premerge/ops-container push-operations-metrics-container: if: github.event_name == 'push' @@ -40,6 +40,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: llvm/llvm-project/.github/actions/push-container@9ee130fa0c8bb163b69923f203f3b2399fea747d + - uses: llvm/llvm-project/.github/actions/push-container@883aa1207e0319362f9b9907158520d28f45fb72 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/build-premerge-advisor-container.yml b/.github/workflows/build-premerge-advisor-container.yml index a85791184..9a921b683 100644 --- a/.github/workflows/build-premerge-advisor-container.yml +++ b/.github/workflows/build-premerge-advisor-container.yml @@ -19,39 +19,16 @@ jobs: build-premerge-advisor-container: if: github.repository_owner == 'llvm' runs-on: ubuntu-24.04 - outputs: - container-name: ${{ steps.vars.outputs.container-name }} - container-name-tag: ${{ steps.vars.outputs.container-name-tag }} - container-filename: ${{ steps.vars.outputs.container-filename }} steps: - name: Checkout LLVM Zorg uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: sparse-checkout: premerge/advisor - - name: Write Variables - id: vars - run: | - tag=`date +%s` - container_name="ghcr.io/$GITHUB_REPOSITORY_OWNER/premerge-advisor" - echo "container-name=$container_name" >> $GITHUB_OUTPUT - echo "container-name-tag=$container_name:$tag" >> $GITHUB_OUTPUT - echo "container-filename=$(echo $container_name:$tag | sed -e 's/\//-/g' -e 's/:/-/g').tar" >> $GITHUB_OUTPUT - name: Build Container - working-directory: premerge/advisor - run: | - podman build -t ${{ steps.vars.outputs.container-name-tag }} . - # Save the container so we have it in case the push fails. This also - # allows us to separate the push step into a different job so we can - # maintain minimal permissions while building the container. - - name: Save Container Image - run: | - podman save ${{ steps.vars.outputs.container-name-tag }} > ${{ steps.vars.outputs.container-filename }} - - name: Upload Container Image - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: llvm/llvm-project/.github/actions/build-container@883aa1207e0319362f9b9907158520d28f45fb72 with: - name: container - path: ${{ steps.vars.outputs.container-filename }} - retention-days: 14 + container-name: premerge-advisor + context: premerge/advisor push-premerge-advisor-container: if: github.event_name == 'push' @@ -63,14 +40,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - name: Download Container Image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + - uses: llvm/llvm-project/.github/actions/push-container@883aa1207e0319362f9b9907158520d28f45fb72 with: - name: container - - name: Push Container - run: | - podman load -i ${{ needs.build-premerge-advisor-container.outputs.container-filename }} - podman tag ${{ needs.build-premerge-advisor-container.outputs.container-name-tag }} ${{ needs.build-premerge-advisor-container.outputs.container-name }}:latest - podman login -u ${{ github.actor }} -p $GITHUB_TOKEN ghcr.io - podman push ${{ needs.build-premerge-advisor-container.outputs.container-name-tag }} - podman push ${{ needs.build-premerge-advisor-container.outputs.container-name }}:latest + token: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/build-premerge-buildbot-container.yml b/.github/workflows/build-premerge-buildbot-container.yml index b61f18abc..75f09d5b0 100644 --- a/.github/workflows/build-premerge-buildbot-container.yml +++ b/.github/workflows/build-premerge-buildbot-container.yml @@ -19,39 +19,16 @@ jobs: build-premerge-buildbot-container: if: github.repository_owner == 'llvm' runs-on: ubuntu-24.04 - outputs: - container-name: ${{ steps.vars.outputs.container-name }} - container-name-tag: ${{ steps.vars.outputs.container-name-tag }} - container-filename: ${{ steps.vars.outputs.container-filename }} steps: - name: Checkout LLVM Zorg uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: sparse-checkout: premerge/buildbot - - name: Write Variables - id: vars - run: | - tag=`date +%s` - container_name="ghcr.io/$GITHUB_REPOSITORY_OWNER/premerge-buildbot" - echo "container-name=$container_name" >> $GITHUB_OUTPUT - echo "container-name-tag=$container_name:$tag" >> $GITHUB_OUTPUT - echo "container-filename=$(echo $container_name:$tag | sed -e 's/\//-/g' -e 's/:/-/g').tar" >> $GITHUB_OUTPUT - name: Build Container - working-directory: ./premerge/buildbot - run: | - podman build -t ${{ steps.vars.outputs.container-name-tag }} -f Dockerfile . - # Save the container so we have it in case the push fails. This also - # allows us to separate the push step into a different job so we can - # maintain minimal permissions while building the container. - - name: Save Container Image - run: | - podman save ${{ steps.vars.outputs.container-name-tag }} > ${{ steps.vars.outputs.container-filename }} - - name: Upload Container Image - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: llvm/llvm-project/.github/actions/build-container@883aa1207e0319362f9b9907158520d28f45fb72 with: - name: container - path: ${{ steps.vars.outputs.container-filename }} - retention-days: 14 + container-name: premerge-buildbot + context: premerge/buildbot push-premerge-buildbot-container: if: github.event_name == 'push' @@ -63,14 +40,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - name: Download Container Image - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + - uses: llvm/llvm-project/.github/actions/push-container@883aa1207e0319362f9b9907158520d28f45fb72 with: - name: container - - name: Push Container - run: | - podman load -i ${{ needs.build-premerge-buildbot-container.outputs.container-filename }} - podman tag ${{ needs.build-premerge-buildbot-container.outputs.container-name-tag }} ${{ needs.build-premerge-buildbot-container.outputs.container-name }}:latest - podman login -u ${{ github.actor }} -p $GITHUB_TOKEN ghcr.io - podman push ${{ needs.build-premerge-buildbot-container.outputs.container-name-tag }} - podman push ${{ needs.build-premerge-buildbot-container.outputs.container-name }}:latest + token: ${{ secrets.GITHUB_TOKEN }} From 066e225b6d825d1f160337c4b00f9ea95fc907a5 Mon Sep 17 00:00:00 2001 From: Aiden Grossman Date: Thu, 6 Nov 2025 15:44:46 -0800 Subject: [PATCH 5/5] update commit --- .github/workflows/build-premerge-buildbot-container.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-premerge-buildbot-container.yml b/.github/workflows/build-premerge-buildbot-container.yml index 75f09d5b0..88aac7f84 100644 --- a/.github/workflows/build-premerge-buildbot-container.yml +++ b/.github/workflows/build-premerge-buildbot-container.yml @@ -25,7 +25,7 @@ jobs: with: sparse-checkout: premerge/buildbot - name: Build Container - uses: llvm/llvm-project/.github/actions/build-container@883aa1207e0319362f9b9907158520d28f45fb72 + uses: llvm/llvm-project/.github/actions/build-container@e30dc12640a21a0c25a4ca60e30fb56a6745a57b with: container-name: premerge-buildbot context: premerge/buildbot @@ -40,6 +40,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: llvm/llvm-project/.github/actions/push-container@883aa1207e0319362f9b9907158520d28f45fb72 + - uses: llvm/llvm-project/.github/actions/push-container@e30dc12640a21a0c25a4ca60e30fb56a6745a57b with: token: ${{ secrets.GITHUB_TOKEN }}