d2l-ai/d2l-zh
3 workflows · maturity 17% · 1 patterns · GitHub ↗
Practices
○ Matrix✓ Permissions○ Security scan○ AI review○ Cache○ Concurrency○ Reusable workflows
Detected patterns
Security dimensions
Workflows (3)
build-docker perms .github/workflows/build-docker.yml
View raw YAML
name: Build Docker Image
on:
workflow_dispatch:
inputs:
image_torch:
type: boolean
description: Build PyTorch Image
image_tf:
type: boolean
description: Build TensorFlow Image
image_mxnet:
type: boolean
description: Build MXNet Image
image_paddle:
type: boolean
description: Build Paddle Image
image_builder:
type: boolean
description: Build D2L Builder Image
permissions:
id-token: write
contents: read
jobs:
build_docker_image:
name: Build D2L Docker Images
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./ci/docker
steps:
- uses: actions/checkout@v3
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::650140442593:role/D2L_CI_Docker
role-duration-seconds: 3600
aws-region: us-west-2
- name: Build D2L PyTorch Image
if: github.event.inputs.image_torch == 'true'
run: |
chmod +x ./login_ecr.sh; ./login_ecr.sh
docker build -f Dockerfile.d2l-zh-torch -t d2l-containers:d2l-zh-torch-latest .
docker tag d2l-containers:d2l-zh-torch-latest 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-zh-torch-latest
docker push 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-zh-torch-latest
# Clean up to reclaim space
echo "y" | docker system prune -a
- name: Build D2L TensorFlow Image
if: github.event.inputs.image_tf == 'true'
run: |
chmod +x ./login_ecr.sh; ./login_ecr.sh
docker build -f Dockerfile.d2l-zh-tf -t d2l-containers:d2l-zh-tensorflow-latest .
docker tag d2l-containers:d2l-zh-tensorflow-latest 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-zh-tensorflow-latest
docker push 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-zh-tensorflow-latest
# Clean up to reclaim space
echo "y" | docker system prune -a
- name: Build D2L MXNet Image
if: github.event.inputs.image_mxnet == 'true'
run: |
chmod +x ./login_ecr.sh; ./login_ecr.sh
docker build -f Dockerfile.d2l-zh-mxnet -t d2l-containers:d2l-zh-mxnet-latest .
docker tag d2l-containers:d2l-zh-mxnet-latest 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-zh-mxnet-latest
docker push 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-zh-mxnet-latest
# Clean up to reclaim space
echo "y" | docker system prune -a
- name: Build D2L Paddle Image
if: github.event.inputs.image_paddle == 'true'
run: |
chmod +x ./login_ecr.sh; ./login_ecr.sh
docker build -f Dockerfile.d2l-zh-paddle -t d2l-containers:d2l-zh-paddle-latest .
docker tag d2l-containers:d2l-zh-paddle-latest 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-zh-paddle-latest
docker push 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-zh-paddle-latest
# Clean up to reclaim space
echo "y" | docker system prune -a
- name: Build D2L CPU Builder Image
if: github.event.inputs.image_builder == 'true'
run: |
chmod +x ./login_ecr.sh; ./login_ecr.sh
docker build -f Dockerfile.d2l-builder -t d2l-containers:d2l-builder-latest .
docker tag d2l-containers:d2l-builder-latest 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-builder-latest
docker push 650140442593.dkr.ecr.us-west-2.amazonaws.com/d2l-containers:d2l-builder-latest
ci perms .github/workflows/ci.yml
View raw YAML
name: Continuous Integration
on:
# Triggers the workflow on push or pull request events only for the specified branches
push:
branches:
- master
- release
pull_request_target:
branches:
- master
- release
permissions:
id-token: write
pull-requests: write
defaults:
run:
shell: bash
jobs:
build_torch:
name: Build PyTorch
if: "github.repository == 'd2l-ai/d2l-zh' && !contains(github.event.head_commit.message, '[skip torch]') && !contains(github.event.head_commit.message, '[skip frameworks]')"
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Env Vars
uses: ./.github/actions/setup_env_vars
- name: Evaluate PyTorch on AWS Batch
uses: ./.github/actions/submit-job
with:
job-type: ci-gpu-torch
job-name: D2L-Build-PyTorch
command: chmod +x ./.github/workflow_scripts/build_pytorch.sh && ./.github/workflow_scripts/build_pytorch.sh "${{ env.REPO_NAME }}" "${{ env.TARGET_BRANCH }}" "${{ env.CACHE_DIR }}"
- name: Terminate Batch Job on Cancellation
if: ${{ cancelled() && env.Batch_JobID }}
run: |
echo "Terminating Submitted AWS Batch Job: "${{ env.Batch_JobID }}""
aws batch terminate-job --job-id "${{ env.Batch_JobID }}" --reason "Job terminated by cancelled workflow"
build_tf:
name: Build Tensorflow
if: "github.repository == 'd2l-ai/d2l-zh' && !contains(github.event.head_commit.message, '[skip tf]') && !contains(github.event.head_commit.message, '[skip frameworks]')"
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Env Vars
uses: ./.github/actions/setup_env_vars
- name: Evaluate Tensorflow on AWS Batch
uses: ./.github/actions/submit-job
with:
job-type: ci-gpu-tf
job-name: D2L-Build-Tensorflow
command: chmod +x ./.github/workflow_scripts/build_tf.sh && ./.github/workflow_scripts/build_tf.sh "${{ env.REPO_NAME }}" "${{ env.TARGET_BRANCH }}" "${{ env.CACHE_DIR }}"
- name: Terminate Batch Job on Cancellation
if: ${{ cancelled() && env.Batch_JobID }}
run: |
echo "Terminating Submitted AWS Batch Job: "${{ env.Batch_JobID }}""
aws batch terminate-job --job-id "${{ env.Batch_JobID }}" --reason "Job terminated by cancelled workflow"
build_mxnet:
name: Build MXNet
if: "github.repository == 'd2l-ai/d2l-zh' && !contains(github.event.head_commit.message, '[skip mxnet]') && !contains(github.event.head_commit.message, '[skip frameworks]')"
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Env Vars
uses: ./.github/actions/setup_env_vars
- name: Evaluate MXNet on AWS Batch
uses: ./.github/actions/submit-job
with:
job-type: ci-gpu-mxnet
job-name: D2L-Build-MXNet
command: chmod +x ./.github/workflow_scripts/build_mxnet.sh && ./.github/workflow_scripts/build_mxnet.sh "${{ env.REPO_NAME }}" "${{ env.TARGET_BRANCH }}" "${{ env.CACHE_DIR }}"
- name: Terminate Batch Job on Cancellation
if: ${{ cancelled() && env.Batch_JobID }}
run: |
echo "Terminating Submitted AWS Batch Job: "${{ env.Batch_JobID }}""
aws batch terminate-job --job-id "${{ env.Batch_JobID }}" --reason "Job terminated by cancelled workflow"
build_paddle:
name: Build Paddle
if: "github.repository == 'd2l-ai/d2l-zh' && !contains(github.event.head_commit.message, '[skip paddle]') && !contains(github.event.head_commit.message, '[skip frameworks]')"
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Env Vars
uses: ./.github/actions/setup_env_vars
- name: Evaluate Paddle on AWS Batch
uses: ./.github/actions/submit-job
with:
job-type: ci-gpu-paddle
job-name: D2L-Build-Paddle
command: chmod +x ./.github/workflow_scripts/build_paddle.sh && ./.github/workflow_scripts/build_paddle.sh "${{ env.REPO_NAME }}" "${{ env.TARGET_BRANCH }}" "${{ env.CACHE_DIR }}"
- name: Terminate Batch Job on Cancellation
if: ${{ cancelled() && env.Batch_JobID }}
run: |
echo "Terminating Submitted AWS Batch Job: "${{ env.Batch_JobID }}""
aws batch terminate-job --job-id "${{ env.Batch_JobID }}" --reason "Job terminated by cancelled workflow"
build_and_deploy:
name: Build Website/PDF & Publish
needs: [build_torch, build_tf, build_mxnet, build_paddle]
if: |
always() &&
github.repository == 'd2l-ai/d2l-zh' &&
!contains(github.event.head_commit.message, '[skip builder]') &&
(needs.build_torch.result == 'success' || needs.build_torch.result == 'skipped') &&
(needs.build_tf.result == 'success' || needs.build_tf.result == 'skipped') &&
(needs.build_mxnet.result == 'success' || needs.build_mxnet.result == 'skipped') &&
(needs.build_paddle.result == 'success' || needs.build_paddle.result == 'skipped')
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Env Vars
uses: ./.github/actions/setup_env_vars
- name: Build Website & PDFs on AWS Batch
uses: ./.github/actions/submit-job
with:
job-type: ci-cpu
job-name: D2L-Builder
command: chmod +x ./.github/workflow_scripts/build_and_deploy.sh ./.github/workflow_scripts/build_html.sh && ./.github/workflow_scripts/build_and_deploy.sh "${{ env.REPO_NAME }}" "${{ env.TARGET_BRANCH }}" "${{ env.JOB_NAME }}" "${{ env.LANG }}" "${{ env.CACHE_DIR }}"
- name: Terminate Batch Job on Cancellation
if: ${{ cancelled() && env.Batch_JobID }}
run: |
echo "Terminating Submitted AWS Batch Job: "${{ env.Batch_JobID }}""
aws batch terminate-job --job-id "${{ env.Batch_JobID }}" --reason "Job terminated by cancelled workflow"
- name: Comment on PR
if: ${{ github.event_name == 'pull_request_target' }}
uses: peter-evans/create-or-update-comment@38e799a33166c9a254f2e3660d4d49ecd67eb80c # v3
with:
issue-number: ${{ github.event.number }}
body: |
Job PR-${{ github.event.number }}-${{ env.SHORT_SHA }} is done.
Check the results at http://preview.d2l.ai/${{ env.JOB_NAME }}
clear-cache perms .github/workflows/clear-cache.yml
View raw YAML
name: Clear CI Cache
on:
workflow_dispatch:
inputs:
target_branch:
type: choice
description: Choose the cache associated branch
options:
- master
- release
cache_dir:
type: choice
description: Choose cache type, pull requests or push events
options:
- ci_cache_pr
- ci_cache_push
permissions:
id-token: write
contents: read
jobs:
clear_cache:
name: Clear CI Cache
runs-on: ubuntu-latest
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::650140442593:role/D2L_CI_Clear_Cache
role-duration-seconds: 3600
aws-region: us-west-2
- name: Delete Cache
run: |
CACHE_S3_URL="s3://preview.d2l.ai/${{ github.event.inputs.cache_dir }}/d2l-zh-${{ github.event.inputs.target_branch }}/"
echo "Removing cache in $CACHE_S3_URL"
aws s3 rm --recursive $CACHE_S3_URL