From 17a77c2edd6968278b083e7779d86d65110c9da1 Mon Sep 17 00:00:00 2001 From: Carlos Eduardo Arango Gutierrez Date: Thu, 22 Feb 2024 07:48:59 +0100 Subject: [PATCH 1/7] Use go-version-file for go version in setup-go setp Signed-off-by: Carlos Eduardo Arango Gutierrez --- .github/workflows/go.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index ddab1ca7..ce4484bd 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -23,7 +23,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v4 with: - go-version: '1.21' + go-version-file: 'go.mod' - name: Build run: go build -v ./... From e28e83ec0121d1ff003b241b7bbb7029a0c3a3f3 Mon Sep 17 00:00:00 2001 From: Carlos Eduardo Arango Gutierrez Date: Thu, 22 Feb 2024 08:34:06 +0100 Subject: [PATCH 2/7] Add Dockerfile for container gh action Signed-off-by: Carlos Eduardo Arango Gutierrez --- Dockerfile | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..a7602918 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,26 @@ +## Copyright (c) 2024, NVIDIA CORPORATION. All rights reserved.## +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## + +FROM golang:1.21 AS builder + +WORKDIR /src +COPY . . + +RUN make build + +RUN echo "nobody:x:65534:65534:Nobody:/:" > /etc_passwd +# Run as unprivileged user +USER 65534:65534 + +ENTRYPOINT ["/holodeck"] \ No newline at end of file From 4aabd1ecb06ade40433d00f1adcca126545eedbe Mon Sep 17 00:00:00 2001 From: Carlos Eduardo Arango Gutierrez Date: Thu, 22 Feb 2024 08:34:26 +0100 Subject: [PATCH 3/7] Add GitHub action to build image Signed-off-by: Carlos Eduardo Arango Gutierrez --- .github/workflows/image.yml | 45 +++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/image.yml diff --git a/.github/workflows/image.yml b/.github/workflows/image.yml new file mode 100644 index 00000000..59bb5e06 --- /dev/null +++ b/.github/workflows/image.yml @@ -0,0 +1,45 @@ +name: image + +on: + pull_request: + branches: + - 'main' + - 'release-*' + push: + tags: + - 'v*.*.*' + branches: + - 'main' + - 'release-*' + +jobs: + docker: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + name: Check out code + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ghcr.io/nvidia/holodeck + tags: | + type=semver,pattern={{raw}} + type=ref,event=branch + - name: Build and push + uses: docker/build-push-action@v5 + with: + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + context: . From 03a83defd3acfe04abed61076a6cc48c0599e7a3 Mon Sep 17 00:00:00 2001 From: Carlos Eduardo Arango Gutierrez Date: Thu, 22 Feb 2024 11:15:42 +0100 Subject: [PATCH 4/7] Add missing license headers Signed-off-by: Carlos Eduardo Arango Gutierrez --- .github/workflows/go.yml | 15 +++++++++++++-- .github/workflows/image.yml | 14 ++++++++++++++ Dockerfile | 2 +- 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index ce4484bd..242ae636 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -1,5 +1,16 @@ -# This workflow will build a golang project -# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go +## Copyright (c) 2024, NVIDIA CORPORATION. All rights reserved.## +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## name: Go diff --git a/.github/workflows/image.yml b/.github/workflows/image.yml index 59bb5e06..62573976 100644 --- a/.github/workflows/image.yml +++ b/.github/workflows/image.yml @@ -1,3 +1,17 @@ +## Copyright (c) 2024, NVIDIA CORPORATION. All rights reserved.## +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## + name: image on: diff --git a/Dockerfile b/Dockerfile index a7602918..f1241e28 100644 --- a/Dockerfile +++ b/Dockerfile @@ -23,4 +23,4 @@ RUN echo "nobody:x:65534:65534:Nobody:/:" > /etc_passwd # Run as unprivileged user USER 65534:65534 -ENTRYPOINT ["/holodeck"] \ No newline at end of file +ENTRYPOINT ["/holodeck"] From 0c466f7bf867c84b9688c77f6f2dc6f05aeb9704 Mon Sep 17 00:00:00 2001 From: Carlos Eduardo Arango Gutierrez Date: Thu, 22 Feb 2024 12:32:51 +0100 Subject: [PATCH 5/7] Add GitHub action file Signed-off-by: Carlos Eduardo Arango Gutierrez --- action.yml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 action.yml diff --git a/action.yml b/action.yml new file mode 100644 index 00000000..4e8715f8 --- /dev/null +++ b/action.yml @@ -0,0 +1,38 @@ +## Copyright (c) 2024, NVIDIA CORPORATION. All rights reserved.## +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## + +name: Holodeck +author: NVIDIA +description: A tool for creating and managing GPU ready Cloud test environments. + +runs: + using: docker + image: `docker://ghcr.io/nvidia/holodeck:main` + entrypoint: 'run.sh' + post-entrypoint: 'cleanup.sh' + +inputs: + aws-access-key-id: + description: 'AWS Access Key ID' + required: true + aws-secret-access-key: + description: 'AWS Secret Access Key' + required: true + holodeck-config: + description: 'Holodeck configuration file' + required: true + +branding: + icon: 'cloud' + color: 'green' From 7a6db4ce3f02668282df5a64538b47ec8aecf541 Mon Sep 17 00:00:00 2001 From: Carlos Eduardo Arango Gutierrez Date: Thu, 22 Feb 2024 12:33:15 +0100 Subject: [PATCH 6/7] Add entrypoint and cleanup scripts for github action Signed-off-by: Carlos Eduardo Arango Gutierrez --- Dockerfile | 7 +++++-- scripts/cleanup.sh | 29 +++++++++++++++++++++++++++++ scripts/run.sh | 44 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 78 insertions(+), 2 deletions(-) create mode 100644 scripts/cleanup.sh create mode 100755 scripts/run.sh diff --git a/Dockerfile b/Dockerfile index f1241e28..2fbd36a8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,15 +12,18 @@ ## limitations under the License. ## -FROM golang:1.21 AS builder +FROM golang:1.21 WORKDIR /src COPY . . RUN make build +RUN install -m 755 /src/bin/holodeck /usr/local/bin/holodeck && \ + install -m 755 /src/scripts/run.sh /usr/local/bin/run.sh && \ + install -m 755 /src/scripts/cleanup.sh /usr/local/bin/cleanup.sh RUN echo "nobody:x:65534:65534:Nobody:/:" > /etc_passwd # Run as unprivileged user USER 65534:65534 -ENTRYPOINT ["/holodeck"] +ENTRYPOINT ["/usr/local/bin/run.sh"] diff --git a/scripts/cleanup.sh b/scripts/cleanup.sh new file mode 100644 index 00000000..ccd039a6 --- /dev/null +++ b/scripts/cleanup.sh @@ -0,0 +1,29 @@ +## Copyright (c) 2024, NVIDIA CORPORATION. All rights reserved.## +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## + +#! /usr/bin/env bash +set +x + +export DEBIAN_FRONTEND=noninteractive + +if [ ! -d /github/workspace/.cache ]; then + echo "Cache directory not found in /workspace" + exit 1 +fi + +/user/bin/holodeck delete -f /github/workspace/$INPUT_HOLODECK_CONFIG -c /github/workspace/.cache + +rm -rf /github/workspace/.cache +rm -f /github/workspace/key.pem +rm -f /github/workspace/kubeconfig diff --git a/scripts/run.sh b/scripts/run.sh new file mode 100755 index 00000000..9de2cef2 --- /dev/null +++ b/scripts/run.sh @@ -0,0 +1,44 @@ +## Copyright (c) 2024, NVIDIA CORPORATION. All rights reserved.## +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## + +#! /usr/bin/env bash +set +x + +export DEBIAN_FRONTEND=noninteractive + +if [ -n "$INPUT_HOLODECK_CONFIG" ]; then + if [ ! -f "/github/workspace/$INPUT_HOLODECK_CONFIG" ]; then + echo "Holodeck config file not found in /workspace" + exit 1 + fi +fi + +if [ -z "$INPUT_AWS_ACCESS_KEY_ID" ] || [ -z "$INPUT_AWS_SECRET_ACCESS_KEY" ]; then + echo "AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are not set" + exit 1 +fi + +export AWS_ACCESS_KEY_ID=$INPUT_AWS_ACCESS_KEY_ID +export AWS_SECRET_ACCESS_KEY=$INPUT_AWS_SECRET_ACCESS_KEY + +if [ -n "$SSH_KEY" ]; then + $(umask 077; echo "$SSH_KEY" > /github/workspace/key.pem) +fi + +mkdir -p /github/workspace/.cache + +/user/local/bin/holodeck create --provision \ + -f /github/workspace/$INPUT_HOLODECK_CONFIG \ + -c /github/workspace/.cache \ + -k /github/workspace/kubeconfig From 1e8d3af956b74480f20c57217c28da6edc8b1a1c Mon Sep 17 00:00:00 2001 From: Carlos Eduardo Arango Gutierrez Date: Tue, 27 Feb 2024 14:00:29 +0100 Subject: [PATCH 7/7] Update action.yml Co-authored-by: Evan Lezar Signed-off-by: Carlos Eduardo Arango Gutierrez --- Dockerfile | 2 +- action.yml | 3 +-- scripts/cleanup.sh | 11 ++++------- 3 files changed, 6 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2fbd36a8..92816360 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,7 +22,7 @@ RUN install -m 755 /src/bin/holodeck /usr/local/bin/holodeck && \ install -m 755 /src/scripts/run.sh /usr/local/bin/run.sh && \ install -m 755 /src/scripts/cleanup.sh /usr/local/bin/cleanup.sh -RUN echo "nobody:x:65534:65534:Nobody:/:" > /etc_passwd +RUN echo "nobody:x:65534:65534:Nobody:/:" >> /etc/passwd # Run as unprivileged user USER 65534:65534 diff --git a/action.yml b/action.yml index 4e8715f8..47ab3814 100644 --- a/action.yml +++ b/action.yml @@ -13,8 +13,7 @@ ## name: Holodeck -author: NVIDIA -description: A tool for creating and managing GPU ready Cloud test environments. +description: A tool for creating and managing GPU-ready cloud test environments. runs: using: docker diff --git a/scripts/cleanup.sh b/scripts/cleanup.sh index ccd039a6..42e6f00c 100644 --- a/scripts/cleanup.sh +++ b/scripts/cleanup.sh @@ -14,16 +14,13 @@ #! /usr/bin/env bash set +x +set +e export DEBIAN_FRONTEND=noninteractive - -if [ ! -d /github/workspace/.cache ]; then - echo "Cache directory not found in /workspace" - exit 1 -fi +rm -f /github/workspace/key.pem /github/workspace/kubeconfig /user/bin/holodeck delete -f /github/workspace/$INPUT_HOLODECK_CONFIG -c /github/workspace/.cache +exit_code=$? rm -rf /github/workspace/.cache -rm -f /github/workspace/key.pem -rm -f /github/workspace/kubeconfig +exit $exit_code