-
Notifications
You must be signed in to change notification settings - Fork 3.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[ci] Rebuild Docker images if necessary
This rebuilds Docker images and uses them in later stages in the same build. If the build is running on `main`, then the images are uploaded to Docker Hub automatically once the run is complete. Images are always rebuilt, but Docker Hub functions as a cache. If there have been no changes to `docker/` since the last available hash on Docker Hub, then the build will just use the images from Hub.
- Loading branch information
Showing
12 changed files
with
739 additions
and
300 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,166 +1,116 @@ | ||
def build_image(image_name) { | ||
hash = sh( | ||
def ecr_push(full_name) { | ||
aws_account_id = sh( | ||
returnStdout: true, | ||
script: 'git log -1 --format=\'%h\'' | ||
script: 'aws sts get-caller-identity | grep Account | cut -f4 -d\\"', | ||
label: 'Get AWS ID' | ||
).trim() | ||
def full_name = "${image_name}:${env.BRANCH_NAME}-${hash}-${env.BUILD_NUMBER}" | ||
sh( | ||
script: "${docker_build} ${image_name} --spec ${full_name}", | ||
label: 'Build docker image' | ||
) | ||
|
||
def ecr_name = "${aws_account_id}.{{ aws_ecr_url }}/${full_name}" | ||
try { | ||
withEnv([ | ||
"AWS_ACCOUNT_ID=${aws_account_id}", | ||
'AWS_DEFAULT_REGION={{ aws_default_region }}', | ||
"AWS_ECR_REPO=${aws_account_id}.{{ aws_ecr_url }}"]) { | ||
sh( | ||
script: ''' | ||
set -eux | ||
aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $AWS_ECR_REPO | ||
''', | ||
label: 'Log in to ECR' | ||
) | ||
sh( | ||
script: """ | ||
set -x | ||
docker tag ${full_name} \$AWS_ECR_REPO/${full_name} | ||
docker push \$AWS_ECR_REPO/${full_name} | ||
""", | ||
label: 'Upload image to ECR' | ||
) | ||
} | ||
} finally { | ||
withEnv([ | ||
"AWS_ACCOUNT_ID=${aws_account_id}", | ||
'AWS_DEFAULT_REGION={{ aws_default_region }}', | ||
"AWS_ECR_REPO=${aws_account_id}.{{ aws_ecr_url }}"]) { | ||
sh( | ||
script: 'docker logout $AWS_ECR_REPO', | ||
label: 'Clean up login credentials' | ||
) | ||
} | ||
} | ||
return ecr_name | ||
} | ||
|
||
def ecr_pull(full_name) { | ||
aws_account_id = sh( | ||
returnStdout: true, | ||
script: 'aws sts get-caller-identity | grep Account | cut -f4 -d\\"', | ||
label: 'Get AWS ID' | ||
).trim() | ||
|
||
try { | ||
// Use a credential so Jenkins knows to scrub the AWS account ID which is nice | ||
// (but so we don't have to rely it being hardcoded in Jenkins) | ||
withCredentials([string( | ||
credentialsId: 'aws-account-id', | ||
variable: '_ACCOUNT_ID_DO_NOT_USE', | ||
)]) { | ||
withEnv([ | ||
"AWS_ACCOUNT_ID=${aws_account_id}", | ||
'AWS_DEFAULT_REGION=us-west-2']) { | ||
sh( | ||
script: ''' | ||
set -x | ||
aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com | ||
''', | ||
label: 'Log in to ECR' | ||
) | ||
sh( | ||
script: """ | ||
set -x | ||
docker tag ${full_name} \$AWS_ACCOUNT_ID.dkr.ecr.\$AWS_DEFAULT_REGION.amazonaws.com/${full_name} | ||
docker push \$AWS_ACCOUNT_ID.dkr.ecr.\$AWS_DEFAULT_REGION.amazonaws.com/${full_name} | ||
""", | ||
label: 'Upload image to ECR' | ||
) | ||
} | ||
withEnv([ | ||
"AWS_ACCOUNT_ID=${aws_account_id}", | ||
'AWS_DEFAULT_REGION={{ aws_default_region }}', | ||
"AWS_ECR_REPO=${aws_account_id}.{{ aws_ecr_url }}"]) { | ||
sh( | ||
script: ''' | ||
set -eux | ||
aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $AWS_ECR_REPO | ||
''', | ||
label: 'Log in to ECR' | ||
) | ||
sh( | ||
script: """ | ||
set -eux | ||
docker pull ${full_name} | ||
""", | ||
label: 'Pull image from ECR' | ||
) | ||
} | ||
} finally { | ||
sh( | ||
script: 'rm -f ~/.docker/config.json', | ||
label: 'Clean up login credentials' | ||
) | ||
withEnv([ | ||
"AWS_ACCOUNT_ID=${aws_account_id}", | ||
'AWS_DEFAULT_REGION={{ aws_default_region }}', | ||
"AWS_ECR_REPO=${aws_account_id}.{{ aws_ecr_url }}"]) { | ||
sh( | ||
script: 'docker logout $AWS_ECR_REPO', | ||
label: 'Clean up login credentials' | ||
) | ||
} | ||
} | ||
} | ||
|
||
def build_image(image_name) { | ||
hash = sh( | ||
returnStdout: true, | ||
script: 'git log -1 --format=\'%h\'' | ||
).trim() | ||
def full_name = "${image_name}:${env.BRANCH_NAME}-${hash}-${env.BUILD_NUMBER}" | ||
sh( | ||
script: "docker rmi ${full_name}", | ||
label: 'Remove docker image' | ||
script: "${docker_build} ${image_name} --spec ${full_name}", | ||
label: 'Build docker image' | ||
) | ||
return ecr_push(full_name) | ||
} | ||
|
||
|
||
def build_docker_images() { | ||
stage('Docker Image Build') { | ||
// TODO in a follow up PR: Find ecr tag and use in subsequent builds | ||
parallel 'ci-lint': { | ||
node('CPU') { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
docker_init('none') | ||
init_git() | ||
build_image('ci_lint') | ||
} | ||
} | ||
}, 'ci-cpu': { | ||
node('CPU') { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
docker_init('none') | ||
init_git() | ||
build_image('ci_cpu') | ||
parallel( | ||
{% for image in images %} | ||
'{{ image.name }}': { | ||
node('{{ image.platform }}') { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
init_git() | ||
// We're purposefully not setting the built image here since they | ||
// are not yet being uploaded to tlcpack | ||
// {{ image.name }} = build_image('{{ image.name }}') | ||
build_image('{{ image.name }}') | ||
} | ||
} | ||
} | ||
}, 'ci-gpu': { | ||
node('GPU') { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
docker_init('none') | ||
init_git() | ||
build_image('ci_gpu') | ||
} | ||
} | ||
}, 'ci-qemu': { | ||
node('CPU') { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
docker_init('none') | ||
init_git() | ||
build_image('ci_qemu') | ||
} | ||
} | ||
}, 'ci-i386': { | ||
node('CPU') { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
docker_init('none') | ||
init_git() | ||
build_image('ci_i386') | ||
} | ||
} | ||
}, 'ci-arm': { | ||
node('ARM') { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
docker_init('none') | ||
init_git() | ||
build_image('ci_arm') | ||
} | ||
} | ||
}, 'ci-wasm': { | ||
node('CPU') { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
docker_init('none') | ||
init_git() | ||
build_image('ci_wasm') | ||
} | ||
} | ||
}, 'ci-hexagon': { | ||
node('CPU') { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
docker_init('none') | ||
init_git() | ||
build_image('ci_hexagon') | ||
} | ||
} | ||
} | ||
} | ||
// // TODO: Once we are able to use the built images, enable this step | ||
// // If the docker images changed, we need to run the image build before the lint | ||
// // can run since it requires a base docker image. Most of the time the images | ||
// // aren't build though so it's faster to use the same node that checks for | ||
// // docker changes to run the lint in the usual case. | ||
// stage('Sanity Check (re-run)') { | ||
// timeout(time: max_time, unit: 'MINUTES') { | ||
// node('CPU') { | ||
// ws({{ m.per_exec_ws('tvm/sanity') }}) { | ||
// init_git() | ||
// sh ( | ||
// script: "${docker_run} ${ci_lint} ./tests/scripts/task_lint.sh", | ||
// label: 'Run lint', | ||
// ) | ||
// } | ||
// } | ||
// } | ||
// } | ||
} | ||
|
||
// Run make. First try to do an incremental make from a previous workspace in hope to | ||
// accelerate the compilation. If something is wrong, clean the workspace and then | ||
// build from scratch. | ||
def make(docker_type, path, make_flag) { | ||
timeout(time: max_time, unit: 'MINUTES') { | ||
try { | ||
cmake_build(docker_type, path, make_flag) | ||
// always run cpp test when build | ||
} catch (hudson.AbortException ae) { | ||
// script exited due to user abort, directly throw instead of retry | ||
if (ae.getMessage().contains('script returned exit code 143')) { | ||
throw ae | ||
} | ||
echo 'Incremental compilation failed. Fall back to build from scratch' | ||
sh ( | ||
script: "${docker_run} ${docker_type} ./tests/scripts/task_clean.sh ${path}", | ||
label: 'Clear old cmake workspace', | ||
) | ||
cmake_build(docker_type, path, make_flag) | ||
} | ||
}, | ||
{% endfor %} | ||
) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.