kserve/kserve
39 workflows · maturity 83% · 11 patterns · GitHub ↗
Practices
✓ Matrix✓ Permissions✓ Security scan○ AI review✓ Cache✓ Concurrency○ Reusable workflows
Detected patterns
Security dimensions
Tools: github/codeql-action/upload-sarif, securego/gosec, snyk/actions/docker
Workflows (39)
agent-docker-publish .github/workflows/agent-docker-publish.yml
View raw YAML
name: Agent Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "**"
- "!.github/**"
- "!docs/**"
- "!python/**"
- "!**.md"
- ".github/workflows/agent-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: agent
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Run tests
run: |
if [ -f docker-compose.test.yml ]; then
docker-compose --file docker-compose.test.yml build
docker-compose --file docker-compose.test.yml run sut
else
docker buildx build . --file agent.Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: ppc64le
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x
context: .
file: agent.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
artexplainer-docker-publish .github/workflows/artexplainer-docker-publish.yml
View raw YAML
name: ARTExplainer Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/artexplainer-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: art-explainer
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/artexplainer.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/artexplainer.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
automated-release .github/workflows/automated-release.yml
View raw YAML
name: Automated Release
on:
workflow_dispatch:
inputs:
releaseBranch:
description: "The existing branch name to release from, e.g. release-0.12"
required: true
releaseTag:
description: "The release tag, e.g. v0.12.0-rc1"
required: true
jobs:
prepare-release:
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ inputs.releaseBranch }}
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Install dependencies
run: |
go mod download
- name: Prepare Release
shell: bash
run: |
GOPATH=$(go env GOPATH)
KSERVE_PATH=$GOPATH/src/github.com/kserve/kserve
echo "KSERVE_PATH=$KSERVE_PATH" >> "$GITHUB_ENV"
mkdir -p $KSERVE_PATH
cp -a . $KSERVE_PATH
cd $KSERVE_PATH
export RELEASE_BRANCH=${{ inputs.releaseBranch }}
export RELEASE_TAG=${{ inputs.releaseTag }}
# Bump Versions
make bump-version
./hack/release/generate-install.sh $RELEASE_TAG
make uv-lock
# Update Release Branch and Push Tag
git diff
git config --global user.email "terrytangyuan@gmail.com"
git config --global user.name "terrytangyuan"
git add -A
git commit -m "Prepare release" || exit 0
git push
- name: Release
uses: softprops/action-gh-release@v1
with:
prerelease: ${{ contains(inputs.releaseTag, 'rc') }}
target_commitish: ${{ inputs.releaseBranch }}
tag_name: ${{ inputs.releaseTag }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
comment-cherry-pick .github/workflows/comment-cherry-pick.yml
View raw YAML
name: Cherry Pick On Comment
on:
issue_comment:
types: [created]
jobs:
validate:
name: Validate Cherry Pick Request
if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/cherry-pick') && (github.event.comment.author_association == 'OWNER' || github.event.comment.author_association == 'COLLABORATOR' || github.event.comment.author_association == 'CONTRIBUTOR')
runs-on: ubuntu-latest
steps:
- name: Check if PR is merged
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
PR_NUMBER="${{ github.event.issue.number }}"
PR_STATE=$(gh pr view "$PR_NUMBER" --json state -q .state)
PR_MERGED=$(gh pr view "$PR_NUMBER" --json mergedAt -q .mergedAt)
if [[ "$PR_STATE" != "MERGED" ]] || [[ "$PR_MERGED" == "null" ]]; then
echo "❌ Error: PR #$PR_NUMBER is not merged yet"
echo " Current state: $PR_STATE"
echo " Cherry-pick can only be performed on merged PRs"
exit 1
fi
echo "✅ PR #$PR_NUMBER is merged"
cherry-pick:
name: Cherry Pick
needs: validate
runs-on: ubuntu-latest
steps:
- name: Checkout the latest code
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
fetch-depth: 0
- name: Fetch PR commits
run: |
PR_NUMBER="${{ github.event.issue.number }}"
echo "Fetching PR #$PR_NUMBER commits"
git fetch origin "pull/$PR_NUMBER/head:pr-$PR_NUMBER"
- name: Automatic Cherry Pick
uses: hianhianhian/gha-cherry-pick@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}custom-model-grpc-publish .github/workflows/custom-model-grpc-publish.yml
View raw YAML
name: Custom model gRPC Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/custom-model-grpc-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: custom-model-grpc
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/custom_model_grpc.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/custom_model_grpc.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
e2e-test matrix .github/workflows/e2e-test.yml
View raw YAML
name: E2E Tests
on:
pull_request:
branches: [master, release*]
paths:
- "**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/e2e-test.yml"
- ".github/actions/**"
merge_group:
types: [ checks_requested ]
workflow_dispatch:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
TAG: ${{ github.sha }}
DOCKER_IMAGES_PATH: "/mnt/docker-images"
KO_DOCKER_REPO: "kserve"
# artifact prefixes for bulk download
PREDICTOR_ARTIFACT_PREFIX: "pred"
EXPLAINER_ARTIFACT_PREFIX: "exp"
TRANSFORMER_ARTIFACT_PREFIX: "trans"
GRAPH_ARTIFACT_PREFIX: "graph"
BASE_ARTIFACT_PREFIX: "base"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
detect-changes:
runs-on: ubuntu-latest
outputs:
install_methods: ${{ steps.set-matrix.outputs.install_methods }}
steps:
- uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
charts:
- 'charts/**'
non_charts:
- '**'
- '!charts/**'
- id: set-matrix
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
echo 'install_methods=["kustomize","helm"]' >> $GITHUB_OUTPUT
elif [[ "${{ steps.filter.outputs.charts }}" == "true" && \
"${{ steps.filter.outputs.non_charts }}" == "true" ]]; then
echo 'install_methods=["kustomize","helm"]' >> $GITHUB_OUTPUT
elif [[ "${{ steps.filter.outputs.charts }}" == "true" ]]; then
echo 'install_methods=["helm"]' >> $GITHUB_OUTPUT
else
echo 'install_methods=["kustomize"]' >> $GITHUB_OUTPUT
fi
kserve-image-build:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Build KServe images
run: |
sudo mkdir -p ${DOCKER_IMAGES_PATH}
sudo chown -R $USER ${DOCKER_IMAGES_PATH}
./test/scripts/gh-actions/build-images.sh
docker image ls
sudo ls -lh ${DOCKER_IMAGES_PATH}
- name: Upload controller image
uses: actions/upload-artifact@v4
with:
name: ${{ env.BASE_ARTIFACT_PREFIX }}-${{ env.CONTROLLER_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.CONTROLLER_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload localmodel controller image
uses: actions/upload-artifact@v4
with:
name: ${{ env.BASE_ARTIFACT_PREFIX }}-${{ env.LOCALMODEL_CONTROLLER_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.LOCALMODEL_CONTROLLER_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload localmodel agent image
uses: actions/upload-artifact@v4
with:
name: ${{ env.BASE_ARTIFACT_PREFIX }}-${{ env.LOCALMODEL_AGENT_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.LOCALMODEL_AGENT_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload agent image
uses: actions/upload-artifact@v4
with:
name: ${{ env.BASE_ARTIFACT_PREFIX }}-${{ env.AGENT_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.AGENT_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload storage initializer image
uses: actions/upload-artifact@v4
with:
name: ${{ env.BASE_ARTIFACT_PREFIX }}-${{ env.STORAGE_INIT_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.STORAGE_INIT_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload router image
uses: actions/upload-artifact@v4
with:
name: ${{ env.BASE_ARTIFACT_PREFIX }}-${{ env.ROUTER_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.ROUTER_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
predictor-runtime-build:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Build runtime server images
run: |
sudo mkdir -p ${DOCKER_IMAGES_PATH}
sudo chown -R $USER ${DOCKER_IMAGES_PATH}
./test/scripts/gh-actions/build-server-runtimes.sh predictor,transformer
docker image ls
sudo ls -lh ${DOCKER_IMAGES_PATH}
- name: Upload sklearn artifact
uses: actions/upload-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.SKLEARN_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.SKLEARN_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload xgb server image
uses: actions/upload-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.XGB_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.XGB_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload lgb server image
uses: actions/upload-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.LGB_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.LGB_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload pmml server image
uses: actions/upload-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PMML_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.PMML_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload paddle image
uses: actions/upload-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PADDLE_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.PADDLE_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload predictiveserver image
uses: actions/upload-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PREDICTIVE_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.PREDICTIVE_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload image transformer image
uses: actions/upload-artifact@v4
with:
name: ${{ env.TRANSFORMER_ARTIFACT_PREFIX }}-${{ env.IMAGE_TRANSFORMER_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.IMAGE_TRANSFORMER_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload custom model grpc image
uses: actions/upload-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.CUSTOM_MODEL_GRPC_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.CUSTOM_MODEL_GRPC_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload custom model transformer grpc image
uses: actions/upload-artifact@v4
with:
name: ${{ env.TRANSFORMER_ARTIFACT_PREFIX }}-${{ env.CUSTOM_TRANSFORMER_GRPC_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.CUSTOM_TRANSFORMER_GRPC_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload huggingface image
uses: actions/upload-artifact@v4
with:
name: ${{ env.HUGGINGFACE_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.HUGGINGFACE_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
explainer-runtime-build:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Build runtime server images
run: |
sudo mkdir -p ${DOCKER_IMAGES_PATH}
sudo chown -R $USER ${DOCKER_IMAGES_PATH}
./test/scripts/gh-actions/build-server-runtimes.sh explainer
docker image ls
sudo ls -lh ${DOCKER_IMAGES_PATH}
- name: Upload art explainer image
uses: actions/upload-artifact@v4
with:
name: ${{ env.EXPLAINER_ARTIFACT_PREFIX }}-${{ env.ART_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.ART_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
graph-tests-images-build:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Build test images needed for graph tests
run: |
sudo mkdir -p ${DOCKER_IMAGES_PATH}
sudo chown -R $USER ${DOCKER_IMAGES_PATH}
./test/scripts/gh-actions/build-graph-tests-images.sh
docker image ls
sudo ls -lh ${DOCKER_IMAGES_PATH}
- name: Upload success_200_isvc predictor image
uses: actions/upload-artifact@v4
with:
name: ${{ env.GRAPH_ARTIFACT_PREFIX }}-${{ env.SUCCESS_200_ISVC_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.SUCCESS_200_ISVC_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload error_404_isvc predictor image
uses: actions/upload-artifact@v4
with:
name: ${{ env.GRAPH_ARTIFACT_PREFIX }}-${{ env.ERROR_404_ISVC_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.ERROR_404_ISVC_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
test-predictor:
runs-on: ubuntu-latest
needs: [detect-changes, kserve-image-build, predictor-runtime-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
- name: Download base images
uses: ./.github/actions/base-download
- name: Download predictor artifacts
uses: actions/download-artifact@v4
with:
path: ./tmp
pattern: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-*
merge-multiple: true
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
${{ matrix.install-method == 'helm' && format('export SET_KSERVE_VERSION={0}', env.TAG) || '' }}
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Run predictor E2E tests
timeout-minutes: 40
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "predictor" "6"
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-transformer-explainer-mms:
runs-on: ubuntu-latest
needs:
[detect-changes, kserve-image-build, predictor-runtime-build, explainer-runtime-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
- name: Download base images
uses: ./.github/actions/base-download
- name: Download transformer and explainer artifacts
uses: actions/download-artifact@v4
with:
path: ./tmp
pattern: +(${{ env.TRANSFORMER_ARTIFACT_PREFIX }}|${{ env.EXPLAINER_ARTIFACT_PREFIX }})-*
merge-multiple: true
- name: Download sklearn server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.SKLEARN_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download custom model grpc image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.CUSTOM_MODEL_GRPC_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download xgb server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.XGB_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download predictiveserver image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PREDICTIVE_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
${{ matrix.install-method == 'helm' && format('export SET_KSERVE_VERSION={0}', env.TAG) || '' }}
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Run E2E tests
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "transformer or mms or collocation" "6"
- name: Run E2E tests - explainer
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "explainer" "1"
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-graph:
runs-on: ubuntu-latest
needs:
[detect-changes, kserve-image-build, predictor-runtime-build, graph-tests-images-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: Download base images
uses: ./.github/actions/base-download
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
- name: Download graph artifacts
uses: actions/download-artifact@v4
with:
path: ./tmp
pattern: ${{ env.GRAPH_ARTIFACT_PREFIX }}-*
merge-multiple: true
- name: Download sklearn server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.SKLEARN_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download xgb server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.XGB_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download predictiveserver image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PREDICTIVE_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
${{ matrix.install-method == 'helm' && format('export SET_KSERVE_VERSION={0}', env.TAG) || '' }}
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Run E2E tests for graph
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "graph" "6"
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-path-based-routing:
runs-on: ubuntu-latest
needs:
[detect-changes, kserve-image-build, predictor-runtime-build, explainer-runtime-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: Download base images
uses: ./.github/actions/base-download
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
- name: Download sklearn server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.SKLEARN_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download xgb server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.XGB_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download lgb server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.LGB_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download predictiveserver image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PREDICTIVE_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download transformer image
uses: actions/download-artifact@v4
with:
name: ${{ env.TRANSFORMER_ARTIFACT_PREFIX }}-${{ env.IMAGE_TRANSFORMER_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download Art Explainer image
uses: actions/download-artifact@v4
with:
name: ${{ env.EXPLAINER_ARTIFACT_PREFIX }}-${{ env.ART_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
if [ "${{ matrix.install-method }}" == "helm" ]; then
export INSTALL_METHOD="helm"
export SET_KSERVE_VERSION=${{ env.TAG }}
export KSERVE_CUSTOM_ISVC_CONFIGS='kserve.controller.gateway.pathTemplate=/serving/{{ .Namespace }}/{{ .Name }}|kserve.controller.gateway.domain=mydomain.com'
else
export KSERVE_CUSTOM_ISVC_CONFIGS='ingress.pathTemplate=/serving/{{ .Namespace }}/{{ .Name }}|ingress.ingressDomain=mydomain.com'
fi
export NETWORK_LAYER='istio-ingress'
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Run E2E tests with path-based routing
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "path_based_routing" "6"
- name: Run E2E tests with path-based routing - Explainer
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "explainer" "1"
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-qpext:
runs-on: ubuntu-latest
needs: [detect-changes, kserve-image-build, predictor-runtime-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
- name: Download base images
uses: ./.github/actions/base-download
- name: Build queue proxy extension image
run: |
./test/scripts/gh-actions/build-qpext-image.sh
docker image ls
- name: Download sklearn server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.SKLEARN_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download predictiveserver image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PREDICTIVE_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
${{ matrix.install-method == 'helm' && format('export SET_KSERVE_VERSION={0}', env.TAG) || '' }}
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Patch qpext image
run: |
kubectl patch knativeserving knative-serving -n knative-serving --type=merge \
--patch '{"spec":{"config":{"deployment":{"queue-sidecar-image":"kserve/qpext:${{ env.TAG }}"},"observability":{"request-metrics-protocol":"prometheus"}}}}'
kubectl wait --for=condition=Ready -n knative-serving knativeserving knative-serving --timeout=120s
kubectl get configmap config-deployment -n knative-serving -o jsonpath='{.data.queue-sidecar-image}'
echo
- name: Run queue proxy extension E2E tests
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-qpext-test.sh
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-with-helm:
runs-on: ubuntu-latest
needs: [kserve-image-build]
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
- name: Download base images
uses: ./.github/actions/base-download
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install Kserve from helm
run: |
export INSTALL_METHOD="helm"
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Run E2E tests
timeout-minutes: 20
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "helm"
kubectl get pods -n kserve
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-raw:
runs-on: ubuntu-latest
strategy:
fail-fast: false
max-parallel: 3
matrix:
# Test with Ingress and Gateway API
network-layer: ["istio-ingress", "envoy-gatewayapi", "istio-gatewayapi"]
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
needs:
[detect-changes, kserve-image-build, predictor-runtime-build, explainer-runtime-build]
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: Enable metrics server
run: |
minikube addons enable metrics-server
kubectl rollout status deployment/metrics-server -n kube-system --timeout=180s
kubectl get pods -n kube-system | grep metrics-server
- name: Check Metrics Server Logs
run: |
kubectl logs -n kube-system deploy/metrics-server
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
with:
deployment-mode: "raw"
enable-keda: "true"
network-layer: ${{ matrix.network-layer }}
- name: Download base images
uses: ./.github/actions/base-download
- name: Download sklearn server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.SKLEARN_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download xgb server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.XGB_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download predictiveserver image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PREDICTIVE_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download custom model grpc image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.CUSTOM_MODEL_GRPC_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download transformer and explainer artifacts
uses: actions/download-artifact@v4
with:
path: ./tmp
pattern: +(${{ env.TRANSFORMER_ARTIFACT_PREFIX }}|${{ env.EXPLAINER_ARTIFACT_PREFIX }})-*
merge-multiple: true
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
${{ matrix.install-method == 'helm' && format('export SET_KSERVE_VERSION={0}', env.TAG) || '' }}
./test/scripts/gh-actions/setup-kserve.sh "Standard" ${{ matrix.network-layer }}
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Log the config map
run: |
kubectl describe configmaps -n kserve inferenceservice-config
- name: Run E2E tests
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "raw" "6" ${{ matrix.network-layer }}
- name: Patch inferenceservice config for path based routing
if: matrix.network-layer == 'envoy-gatewayapi' || matrix.network-layer == 'istio-gatewayapi'
run: |
kubectl patch configmaps -n kserve inferenceservice-config --patch-file config/overlays/test/configmap/inferenceservice-path-template.yaml
kubectl describe configmaps -n kserve inferenceservice-config
- name: Run E2E tests with path based routing
if: matrix.network-layer == 'envoy-gatewayapi' || matrix.network-layer == 'istio-gatewayapi'
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "raw" "6" ${{ matrix.network-layer }}
- name: Patch inferenceservice config for cluster ip none
run: |
kubectl patch configmaps -n kserve inferenceservice-config --patch-file config/overlays/test/configmap/inferenceservice-enable-cluster-ip.yaml
kubectl describe configmaps -n kserve inferenceservice-config
- name: Run E2E tests - cluster ip none
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "rawcipn" "1" ${{ matrix.network-layer }}
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-autoscaling:
runs-on: ubuntu-latest
needs:
[detect-changes, kserve-image-build, predictor-runtime-build, explainer-runtime-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: Enable metrics server
run: |
minikube addons enable metrics-server
kubectl rollout status deployment/metrics-server -n kube-system --timeout=180s
kubectl get pods -n kube-system | grep metrics-server
- name: Check Metrics Server Logs
run: |
kubectl logs -n kube-system deploy/metrics-server
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
with:
deployment-mode: "raw"
enable-keda: "true"
network-layer: "istio-ingress"
- name: Download base images
uses: ./.github/actions/base-download
- name: Download sklearn server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.SKLEARN_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download predictiveserver image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PREDICTIVE_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
${{ matrix.install-method == 'helm' && format('export SET_KSERVE_VERSION={0}', env.TAG) || '' }}
./test/scripts/gh-actions/setup-kserve.sh "Standard" "istio-ingress"
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Log the config map
run: |
kubectl describe configmaps -n kserve inferenceservice-config
- name: Run E2E tests
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "autoscaling" "6" "istio-ingress"
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-kourier:
runs-on: ubuntu-latest
needs:
[detect-changes, kserve-image-build, predictor-runtime-build, graph-tests-images-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
with:
network-layer: "kourier"
- name: Download base images
uses: ./.github/actions/base-download
- name: Download graph artifacts
uses: actions/download-artifact@v4
with:
path: ./tmp
pattern: ${{ env.GRAPH_ARTIFACT_PREFIX }}-*
merge-multiple: true
- name: Download sklearn server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.SKLEARN_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download xgb server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.XGB_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download predictiveserver image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.PREDICTIVE_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
if [ "${{ matrix.install-method }}" == "helm" ]; then
export INSTALL_METHOD="helm"
export SET_KSERVE_VERSION=${{ env.TAG }}
export KSERVE_CUSTOM_ISVC_CONFIGS='kserve.controller.gateway.disableIstioVirtualHost=true'
else
export KSERVE_CUSTOM_ISVC_CONFIGS='ingress.disableIstioVirtualHost=true'
fi
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Run E2E tests
timeout-minutes: 30
run: |
export KSERVE_INGRESS_HOST_PORT=$(kubectl get pod -n knative-serving -l "app=3scale-kourier-gateway" \
--output=jsonpath="{.items[0].status.podIP}"):$(kubectl get pod -n knative-serving -l "app=3scale-kourier-gateway" \
--output=jsonpath="{.items[0].spec.containers[0].ports[0].containerPort}")
./test/scripts/gh-actions/run-e2e-tests.sh "kourier" "6"
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh "kourier"
test-llm:
runs-on: ubuntu-latest
needs: [detect-changes, kserve-image-build, predictor-runtime-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
- name: Download base images
uses: ./.github/actions/base-download
- name: Download huggingface server image
uses: actions/download-artifact@v4
with:
name: ${{ env.HUGGINGFACE_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
${{ matrix.install-method == 'helm' && format('export SET_KSERVE_VERSION={0}', env.TAG) || '' }}
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Run E2E tests
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "llm" "2"
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-huggingface-server-vllm:
runs-on: ubuntu-latest
needs: [detect-changes, kserve-image-build, predictor-runtime-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
- name: Download base images
uses: ./.github/actions/base-download
- name: Download huggingface server image
uses: actions/download-artifact@v4
with:
name: ${{ env.HUGGINGFACE_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Load docker images
uses: ./.github/actions/load-docker-images
with:
directory: ./tmp
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
${{ matrix.install-method == 'helm' && format('export SET_KSERVE_VERSION={0}', env.TAG) || '' }}
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
- name: Run E2E tests
timeout-minutes: 30
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "vllm" "1"
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh
test-modelcache:
runs-on: ubuntu-latest
needs: [detect-changes, kserve-image-build, predictor-runtime-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Create tmp-images directory
run: |
sudo mkdir -p /tmp-images
sudo chown -R $USER /tmp-images
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
with:
nodes: 3
driver: "docker"
start-args: "--mount --mount-string=/tmp-images:/tmp-images"
- name: Create minikube tunnel
run: |
nohup minikube tunnel > minikube-tunnel.log 2>&1 &
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
- name: Download base images
uses: actions/download-artifact@v4
with:
path: /tmp-images
pattern: ${{ env.BASE_ARTIFACT_PREFIX }}-*
merge-multiple: true
- name: Load base docker images
run: |
ls -l /tmp-images
minikube ssh -n minikube -- ls -l /tmp-images
files=$(find /tmp-images -maxdepth 1 -type f)
for file in ${files[@]};do
echo "Loading image $(basename ${file})"
minikube ssh -n minikube -- docker image load -i ${file}
minikube ssh -n minikube-m02 -- docker image load -i ${file}
minikube ssh -n minikube-m03 -- docker image load -i ${file}
done
sudo rm -rf /tmp-images/*
minikube ssh -n minikube -- docker image ls
minikube ssh -n minikube-m02 -- docker image ls
minikube ssh -n minikube-m03 -- docker image ls
- name: Download huggingface server image
uses: actions/download-artifact@v4
with:
name: ${{ env.HUGGINGFACE_IMG }}-${{ env.TAG }}
path: /tmp-images
- name: Download sklearn server image
uses: actions/download-artifact@v4
with:
name: ${{ env.PREDICTOR_ARTIFACT_PREFIX }}-${{ env.SKLEARN_IMG }}-${{ env.TAG }}
path: /tmp-images
- name: Load runtime docker images
run: |
files=$(find /tmp-images -maxdepth 1 -type f)
for file in ${files[@]};do
echo "Loading image $(basename ${file})"
minikube ssh -n minikube-m02 -- docker image load -i ${file}
done
sudo rm -rf tmp-images/*
minikube ssh -n minikube-m02 -- docker image ls
- name: Create model root directory
run: |
minikube ssh -n minikube-m02 -- sudo mkdir -p -m=777 /models
minikube ssh -n minikube-m03 -- sudo mkdir -p -m=777 /models
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
export SET_KSERVE_VERSION=${{ env.TAG }}
./test/scripts/gh-actions/setup-kserve.sh
kubectl get pods -n kserve
kubectl describe pods -n kserve
kubectl describe configmaps -n kserve inferenceservice-config
- name: Create localmodel job namespace
run: |
kubectl create ns kserve-localmodel-jobs
- name: Label worker nodes for modelcache
run: |
kubectl label nodes -l '!node-role.kubernetes.io/control-plane' kserve/localmodel=worker
- name: Enable nodeselector in knative
run: |
kubectl patch configmaps -n knative-serving config-features --patch '{"data": {"kubernetes.podspec-nodeselector": "enabled"}}'
- name: Run E2E tests
timeout-minutes: 15
run: |
./test/scripts/gh-actions/run-e2e-tests.sh "modelcache" "1"
- name: Check system status
if: always()
run: |
echo "::group::Minikube tunnel logs"
cat minikube-tunnel.log
echo "::endgroup::"
./test/scripts/gh-actions/status-check.sh
e2e-test-llmisvc matrix .github/workflows/e2e-test-llmisvc.yaml
View raw YAML
name: LLMInferenceService E2E Tests
on:
pull_request:
paths:
- "pkg/apis/serving/v1alpha1/llm*"
- "pkg/apis/serving/v1alpha2/llm*"
- "pkg/controller/v1alpha1/llmisvc/**"
- "pkg/controller/v1alpha2/llmisvc/**"
- "charts/kserve-llmisvc-resources/**"
- "config/llmisvc/**"
- "config/rbac/llmisvc/**"
- "cmd/llmisvc/**"
- "test/e2e/llmisvc/**"
- ".github/workflows/e2e-test-llmisvc.yaml"
- ".github/actions/**"
- "hack/setup/quick-install/llmisvc-dependency-install.sh"
merge_group:
types: [ checks_requested ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
TAG: ${{ github.sha }}
DOCKER_IMAGES_PATH: "/mnt/docker-images"
KO_DOCKER_REPO: "kserve"
ENABLE_LLMISVC: "true"
jobs:
detect-changes:
runs-on: ubuntu-latest
outputs:
install_methods: ${{ steps.set-matrix.outputs.install_methods }}
steps:
- uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
charts:
- 'charts/**'
non_charts:
- '**'
- '!charts/**'
- id: set-matrix
run: |
if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
echo 'install_methods=["kustomize","helm"]' >> $GITHUB_OUTPUT
elif [[ "${{ steps.filter.outputs.charts }}" == "true" && \
"${{ steps.filter.outputs.non_charts }}" == "true" ]]; then
echo 'install_methods=["kustomize","helm"]' >> $GITHUB_OUTPUT
elif [[ "${{ steps.filter.outputs.charts }}" == "true" ]]; then
echo 'install_methods=["helm"]' >> $GITHUB_OUTPUT
else
echo 'install_methods=["kustomize"]' >> $GITHUB_OUTPUT
fi
llmisvc-image-build:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Build LLMISvc image
run: |
sudo mkdir -p ${DOCKER_IMAGES_PATH}
sudo chown -R $USER ${DOCKER_IMAGES_PATH}
./test/scripts/gh-actions/build-images.sh llmisvc
docker image ls
sudo ls -lh ${DOCKER_IMAGES_PATH}
- name: Upload LLMISvc controller image
uses: actions/upload-artifact@v4
with:
name: ${{ env.LLMISVC_CONTROLLER_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.LLMISVC_CONTROLLER_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
- name: Upload storage-initializer image
uses: actions/upload-artifact@v4
with:
name: ${{ env.STORAGE_INIT_IMG }}-${{ env.TAG }}
path: ${{ env.DOCKER_IMAGES_PATH }}/${{ env.STORAGE_INIT_IMG }}-${{ env.TAG }}
compression-level: 0
if-no-files-found: error
test-llmisvc:
runs-on: ubuntu-latest
needs: [detect-changes, llmisvc-image-build]
strategy:
fail-fast: false
matrix:
install-method: ${{ fromJSON(needs.detect-changes.outputs.install_methods) }}
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Load KServe environment variables
run: ./kserve-images.sh --ci
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.9"
- name: Setup Minikube
uses: ./.github/actions/minikube-setup
- name: Download LLMISvc controller image
uses: actions/download-artifact@v4
with:
name: ${{ env.LLMISVC_CONTROLLER_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Download storage-initializer image
uses: actions/download-artifact@v4
with:
name: ${{ env.STORAGE_INIT_IMG }}-${{ env.TAG }}
path: ./tmp
- name: Load LLMISvc controller image into minikube
run: |
# Load the tagged image into minikube
minikube image load ./tmp/${{ env.LLMISVC_CONTROLLER_IMG }}-${{ env.TAG }}
# Verify image is loaded
echo "Images in minikube:"
minikube image ls | grep ${{ env.LLMISVC_CONTROLLER_IMG }} || echo "No llmisvc-controller images found"
- name: Load storage-initializer image into minikube
run: |
# Load the tagged image into minikube
minikube image load ./tmp/${{ env.STORAGE_INIT_IMG }}-${{ env.TAG }}
# Verify image is loaded
echo "Images in minikube:"
minikube image ls | grep ${{ env.STORAGE_INIT_IMG }} || echo "No storage-initializer images found"
- name: KServe dependency setup
uses: ./.github/actions/kserve-dep-setup
with:
deploy-llmisvc: "true"
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: Install KServe
run: |
${{ matrix.install-method == 'helm' && 'export INSTALL_METHOD="helm"' || '' }}
./test/scripts/gh-actions/setup-kserve.sh
- name: Verify LLMISvc setup
run: |
echo "🔍 Verifying LLMISvc controller setup..."
echo "📋 LLMISvc Controller:"
kubectl get pods -n kserve -l app.kubernetes.io/component=controller || true
echo "📋 LLM Resources:"
kubectl get llminferenceserviceconfigs -A || true
echo "📋 Gateway API Resources:"
kubectl get crd | grep inference || true
echo "📋 Envoy Gateway:"
kubectl get pods -n envoy-gateway-system || true
echo "📋 AI Gateway:"
kubectl get pods -n envoy-ai-gateway-system || true
echo "✅ LLMISvc setup verification complete!"
- name: Run predictor E2E tests
id: predictor-tests
timeout-minutes: 40
run: |
# Run only CPU tests for now using pytest markers (cluster_)
# Available GPU vendors: amd, nvidia, intel
./test/scripts/gh-actions/run-e2e-tests.sh "llminferenceservice and cluster_cpu" 0 "envoy-gateway"
- name: Check system status
if: always()
run: |
./test/scripts/gh-actions/status-check.sh "llmisvc"
go perms .github/workflows/go.yml
View raw YAML
name: Go Test
on:
push:
branches: [master, release*]
paths-ignore:
- "**.md"
pull_request:
paths:
- "**"
- "!python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/go.yml"
merge_group:
types: [ checks_requested ]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: write
pull-requests: write
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Set up Go 1.x
uses: actions/setup-go@v5
with:
go-version-file: go.mod
id: go
- name: Test
id: test
run: |
export GOPATH=/home/runner/go
export PATH=$PATH:/usr/local/kubebuilder/bin:/home/runner/go/bin
wget -O $GOPATH/bin/yq https://github.com/mikefarah/yq/releases/download/v4.28.1/yq_linux_amd64
chmod +x $GOPATH/bin/yq
make test
./coverage.sh
echo ::set-output name=coverage::$(./coverage.sh | tr -s '\t' | cut -d$'\t' -f 3)
- name: Print coverage
run: |
echo "Coverage output is ${{ steps.test.outputs.coverage }}"
- name: upload cover profile artifact
uses: actions/upload-artifact@v4
with:
name: coverage.out
path: coverage.out
if-no-files-found: error
check-coverage:
needs: test
runs-on: ubuntu-latest
name: Check Coverage
steps:
- name: checkout
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Download cover profile artifact
id: download-coverage
uses: actions/download-artifact@v4
with:
name: coverage.out
- name: Extract coverage percentage
id: current-coverage
run: |
if [ -f coverage.out ]; then
COVERAGE=$(go tool cover -func=coverage.out | grep total: | awk '{print $3}' | sed 's/%//')
echo "coverage=$COVERAGE" >> $GITHUB_OUTPUT
else
echo "coverage=0" >> $GITHUB_OUTPUT
fi
- name: download artifact (master.breakdown)
id: download-master-breakdown
uses: dawidd6/action-download-artifact@v9
with:
branch: master
workflow_conclusion: success
name: master.breakdown
if_no_artifact_found: warn
- name: download artifact (master-coverage.out)
id: download-master-coverage
uses: dawidd6/action-download-artifact@v9
with:
branch: master
workflow_conclusion: success
name: master-coverage.out
if_no_artifact_found: warn
- name: Extract master coverage percentage
id: master-coverage
run: |
if [ -f master-coverage.out ]; then
MASTER_COVERAGE=$(go tool cover -func=master-coverage.out | grep total: | awk '{print $3}' | sed 's/%//')
echo "coverage=$MASTER_COVERAGE" >> $GITHUB_OUTPUT
else
echo "coverage=0" >> $GITHUB_OUTPUT
fi
- name: Generate full coverage breakdown
id: full_coverage_report
run: |
if [ -f coverage.out ]; then
REPORT_CONTENT=$(go tool cover -func=coverage.out) # This command outputs function-level coverage [5]
echo "report<<EOF" >> $GITHUB_OUTPUT # Start HERE-doc for multi-line output [3]
echo "$REPORT_CONTENT" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT # End HERE-doc
else
echo "report=No coverage report found." >> $GITHUB_OUTPUT
fi
- name: check test coverage
id: coverage
uses: vladopajic/go-test-coverage@v2
continue-on-error: true
with:
config: ./.github/.testcoverage.yml
breakdown-file-name: ${{ github.ref_name == 'master' && 'master.breakdown' || '' }}
diff-base-breakdown-file-name: ${{ steps.download-master-breakdown.outputs.found_artifact == 'true' && 'master.breakdown' || '' }}
- name: upload artifact (master.breakdown)
uses: actions/upload-artifact@v4
if: github.ref_name == 'master'
with:
name: master.breakdown
path: master.breakdown
if-no-files-found: error
- name: Previous coverage
run: |
echo "Previous Coverage ${{ steps.master-coverage.outputs.coverage }}"
- name: Current coverage
run: |
echo "Current Coverage ${{ steps.current-coverage.outputs.coverage }}"
- name: post coverage report
# this has evalated permission to post back the coverage, only restricted to this step.
if: github.event_name == 'pull_request_target'
uses: thollander/actions-comment-pull-request@v3
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
comment-tag: coverage-report
pr-number: ${{ github.event.pull_request.number }}
message: |
## 📊 Go Test Coverage Report
${{
steps.current-coverage.outputs.coverage > steps.master-coverage.outputs.coverage
&& '✅ **Overall code coverage increased.**'
|| steps.current-coverage.outputs.coverage < steps.master-coverage.outputs.coverage
&& '❌ **Overall code coverage decreased.**'
|| 'ℹ️ **Overall code coverage unchanged.**'
}}
**🔍 Coverage Summary**
- **Pull Request Coverage:** `${{ steps.current-coverage.outputs.coverage }}%`
- **Main Branch Coverage:** `${{ steps.master-coverage.outputs.coverage }}%`
<details>
<summary>📄 Click to expand full coverage breakdown</summary>
```
${{ steps.full_coverage_report.outputs.report }}
```
</details>
- name: Rename and upload master coverage
if: github.ref_name == 'master'
run: mv coverage.out master-coverage.out
- name: Upload master coverage artifact
if: github.ref_name == 'master'
uses: actions/upload-artifact@v4
with:
name: master-coverage.out
path: master-coverage.out
if-no-files-found: error
helm-publish perms .github/workflows/helm-publish.yml
View raw YAML
name: helm-publish
on:
release:
types: [published]
workflow_dispatch:
env:
HELM_CHARTS_PATH: charts
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: write
packages: write
jobs:
upload-helm-charts:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Setup Helm
uses: azure/setup-helm@v4
- name: Login to GHCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Package helm charts
run: |
for dir in ./*/; do
# Skip directories starting with underscore (e.g., _common)
[[ $(basename "$dir") == _* ]] && continue
helm package "$dir"
done
working-directory: ${{ env.HELM_CHARTS_PATH }}
- name: Push Charts to GHCR
working-directory: ${{ env.HELM_CHARTS_PATH }}
run: |
for pkg in *.tgz; do
if [ -z "${pkg:-}" ]; then
break
fi
helm push "${pkg}" oci://ghcr.io/${GITHUB_REPOSITORY_OWNER}/charts
done
- name: Rename helm chart archives
run: for filename in *.tgz; do mv "$filename" "helm-chart-$filename"; done
working-directory: ${{ env.HELM_CHARTS_PATH }}
- uses: softprops/action-gh-release@v1
with:
files: ${{ env.HELM_CHARTS_PATH }}/*.tgz
huggingface-cpu-docker-publish .github/workflows/huggingface-cpu-docker-publish.yml
View raw YAML
name: Huggingface CPU Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/huggingface-cpu-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: huggingfaceserver
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/huggingface_server_cpu.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/huggingface_server_cpu.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
huggingface-docker-publish .github/workflows/huggingface-docker-publish.yml
View raw YAML
name: Huggingface Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/huggingface-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: huggingfaceserver
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/huggingface_server.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
# Add "-gpu" suffix to the version
VERSION="${VERSION}-gpu"
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/huggingface_server.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
huggingface-vllm-docker-publish-manual matrix .github/workflows/huggingface-vllm-docker-publish-manual.yml
View raw YAML
name: Huggingface vLLM Docker Publisher
on:
workflow_dispatch:
inputs:
version:
description: 'Huggingface vLLM image version to publish'
required: true
env:
IMAGE_NAME: huggingfaceserver
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
push:
strategy:
fail-fast: false
matrix:
image:
- version: ${{ inputs.version }}
path: 'python/huggingface_server_cpu.Dockerfile'
- version: ${{ inputs.version }}-gpu
path: 'python/huggingface_server.Dockerfile'
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export image id and version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Add prefix v to version if it doesn't start with v
if [[ ${{ matrix.image.version }} != v* ]]; then
VERSION="v${{ matrix.image.version }}"
else
VERSION="${{ matrix.image.version }}"
fi
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
echo VERSION=$VERSION >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: ${{ matrix.image.path }}
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
kserve-controller-docker-publish .github/workflows/kserve-controller-docker-publish.yml
View raw YAML
name: Kserve controller Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "**"
- "!python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/kserve-controller-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: kserve-controller
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Run tests
run: |
if [ -f docker-compose.test.yml ]; then
docker-compose --file docker-compose.test.yml build
docker-compose --file docker-compose.test.yml run sut
else
docker buildx build . --file Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x
context: .
file: Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
kserve-llmisvc-controller-docker-publish .github/workflows/kserve-llmisvc-controller-docker-publish.yml
View raw YAML
name: KServe llmisvc controller Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "**"
- "!python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/kserve-llmisvc-controller-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: llmisvc-controller
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Run tests
run: |
if [ -f docker-compose.test.yml ]; then
docker-compose --file docker-compose.test.yml build
docker-compose --file docker-compose.test.yml run sut
else
docker buildx build . --file llmisvc-controller.Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x
context: .
file: llmisvc-controller.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
kserve-localmodel-agent-docker-publish .github/workflows/kserve-localmodel-agent-docker-publish.yml
View raw YAML
name: Kserve localmodel agent Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "**"
- "!python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/kserve-localmodel-agent-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: kserve-localmodelnode-agent
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Run tests
run: |
if [ -f docker-compose.test.yml ]; then
docker-compose --file docker-compose.test.yml build
docker-compose --file docker-compose.test.yml run sut
else
docker buildx build . --file localmodel-agent.Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x
context: .
file: localmodel-agent.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
kserve-localmodel-controller-docker-publish .github/workflows/kserve-localmodel-controller-docker-publish.yml
View raw YAML
name: Kserve localmodel controller Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "**"
- "!python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/kserve-localmodel-controller-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: kserve-localmodel-controller
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Run tests
run: |
if [ -f docker-compose.test.yml ]; then
docker-compose --file docker-compose.test.yml build
docker-compose --file docker-compose.test.yml run sut
else
docker buildx build . --file localmodel.Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x
context: .
file: localmodel.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
lightgbm-docker-publish .github/workflows/lightgbm-docker-publish.yml
View raw YAML
name: LightGBMServer Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/lightgbm-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: lgbserver
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/lgb.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/lgb.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
paddle-docker-publish .github/workflows/paddle-docker-publish.yml
View raw YAML
name: PaddleServer Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/paddle-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: paddleserver
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/paddle.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/paddle.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
pmml-docker-publish .github/workflows/pmml-docker-publish.yml
View raw YAML
name: PMMLServer Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/pmml-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: pmmlserver
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/pmml.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/pmml.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
pr-style-check perms .github/workflows/pr-style-check.yml
View raw YAML
name: PR Style Check
on:
pull_request_target:
types:
- opened
- edited
- synchronize
# This check is not applicable to merge queue
# merge_group:
# types: [ checks_requested ]
permissions:
contents: read
jobs:
description:
name: Description
runs-on: ubuntu-latest
env:
# Do not use ${{ github.event.pull_request.body }} directly in run command.
BODY: ${{ github.event.pull_request.body }}
if: ${{ github.actor != 'dependabot[bot]' }}
steps:
- name: Check comment out lines
run: |
if [[ $BODY =~ "<!--" ]]; then
echo "PR description contains '<!--'. Please remove all the comment out lines in the template after carefully reading them."
exit 1
fi
if [[ $BODY =~ "-->" ]]; then
echo "PR description contains '-->'. Please remove all the comment out lines in the template after carefully reading them."
exit 1
fi
title:
name: Title
runs-on: ubuntu-latest
if: ${{ github.actor != 'dependabot[bot]' }}
steps:
- uses: amannn/action-semantic-pull-request@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
types: |
docs
style
feat
test
build
ci
chore
revert
release
api
deps
e2e
infgraph
isvc
modelcache
modelserver
examples
backport
refactor
fix
subjectPattern: ^(?![A-Z]).+$
subjectPatternError: |
The subject "{subject}" found in the pull request title "{title}"
didn't match the configured pattern. Please ensure that the subject
doesn't start with an uppercase character.
- name: Check length of PR title
env:
# Do not use ${{ github.event.pull_request.title }} directly in run command.
TITLE: ${{ github.event.pull_request.title }}
# We want to make sure that each commit "subject" is <=75 characters not to
# be truncated in the git log as well as in the GitHub UI.
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?id=bc7938deaca7f474918c41a0372a410049bd4e13#n664
run: |
if (( ${#TITLE} > 75 )); then
echo "The PR title is too long. Please keep it <=75 characters."
exit 1
fi
precommit-check .github/workflows/precommit-check.yml
View raw YAML
name: "Precommit Check"
on:
pull_request:
paths-ignore:
- "**.md"
merge_group:
types: [ checks_requested ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
precommit-check:
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Install dependencies
run: |
go mod download
cd qpext && go mod download
- name: Check
shell: bash
run: |
make check
predictiveserver-docker-publish .github/workflows/predictiveserver-docker-publish.yml
View raw YAML
name: Predictive Server Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/predictiveserver-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: predictiveserver
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/predictiveserver.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/predictiveserver.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
prepare-release .github/workflows/prepare-release.yml
View raw YAML
name: Prepare Release (Branch & Tag)
on:
workflow_dispatch:
inputs:
version:
description: 'Release version (e.g., v0.17.0-rc0, v0.17.0-rc1, v0.17.0)'
required: true
type: string
dry_run:
description: 'Dry-run mode (validate only, no changes)'
required: false
type: boolean
default: true
# Prevent concurrent releases
concurrency:
group: release-workflow
cancel-in-progress: false
jobs:
prepare-release:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install dependencies
run: |
# Install yq for OWNERS file parsing
sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
sudo chmod +x /usr/local/bin/yq
- name: Check OWNERS permissions
run: |
echo "Checking permissions for user: ${{ github.actor }}"
# Extract allowed users from OWNERS file
ALLOWED_USERS=$(yq eval '.project-leads[], .approvers[], .reviewers[]' OWNERS)
# Check if current user is in the allowed list
if ! echo "$ALLOWED_USERS" | grep -q "^${{ github.actor }}$"; then
echo ""
echo "❌ Permission denied!"
echo " Only users listed in OWNERS (reviewer+) can run this workflow."
echo " Current user: ${{ github.actor }}"
echo ""
echo "Allowed users:"
echo "$ALLOWED_USERS"
exit 1
fi
echo "✅ Permission granted for ${{ github.actor }}"
- name: Check if release already exists
if: ${{ inputs.dry_run == false }}
env:
GH_TOKEN: ${{ github.token }}
run: |
VERSION="${{ inputs.version }}"
if gh release view "$VERSION" >/dev/null 2>&1; then
echo ""
echo "❌ Release $VERSION already exists!"
echo ""
gh release view "$VERSION" --json url,createdAt -q '"URL: " + .url + "\nCreated: " + .createdAt'
exit 1
fi
echo "✅ Release $VERSION does not exist yet"
- name: Create Branch and Tag
env:
GH_TOKEN: ${{ github.token }}
run: |
if [[ "${{ inputs.dry_run }}" == "true" ]]; then
./hack/release/create-release.sh "${{ inputs.version }}" --dry-run --github-actions
else
./hack/release/create-release.sh "${{ inputs.version }}" --github-actions
fi
- name: Create Draft GitHub Release
if: ${{ inputs.dry_run == false }}
env:
GH_TOKEN: ${{ github.token }}
run: |
VERSION="${{ inputs.version }}"
# Check if version contains rc (pre-release)
if [[ "$VERSION" == *"-rc"* ]]; then
PRERELEASE="--prerelease"
echo "Creating draft pre-release for $VERSION"
else
PRERELEASE=""
echo "Creating draft final release for $VERSION"
fi
# Get previous tag for changelog
PREV_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "")
# Generate auto-generated notes from GitHub
echo "Generating release notes..."
AUTO_NOTES=$(gh api repos/:owner/:repo/releases/generate-notes \
-F tag_name="$VERSION" \
-F target_commitish="$(git rev-parse HEAD)" \
${PREV_TAG:+-F previous_tag_name="$PREV_TAG"} \
--jq .body)
# Create release notes
RELEASE_NOTES=$(cat <<EOF
## Installation
- [Installation Guide](https://kserve.github.io/website/docs/next/getting-started/quickstart-guide)
${AUTO_NOTES}
EOF
)
# Create GitHub Release with install files
gh release create "$VERSION" \
--title "KServe $VERSION" \
--notes "$RELEASE_NOTES" \
--draft \
$PRERELEASE \
install/${VERSION}/*
echo ""
echo "✅ GitHub Draft Release created successfully!"
echo ""
echo "Release details:"
echo " Version: $VERSION"
echo " Type: ${PRERELEASE:+Pre-release}${PRERELEASE:-Final release}"
echo " Status: Draft (requires manual publish)"
echo ""
echo "Next steps:"
echo " 1. Review the draft release at:"
gh release view "$VERSION" --json url -q .url
echo ""
echo " 2. When ready, publish the release to trigger:"
echo " - Helm charts publication (helm-publish workflow)"
echo " - Python packages publication (python-publish workflow)"
prow-github .github/workflows/prow-github.yml
View raw YAML
# Run specified actions or jobs for issue and PR comments
name: "Prow github actions"
on:
issue_comment:
types: [created]
jobs:
prow-execute:
runs-on: ubuntu-latest
steps:
- uses: jpmcb/prow-github-actions@v2.0.0
with:
prow-commands: '/assign
/unassign
/approve
/retitle
/area
/kind
/priority
/remove
/lgtm
/close
/reopen
/lock
/milestone
/hold
/cc
/uncc'
github-token: "${{ secrets.GITHUB_TOKEN }}"
prow-pr-automerge .github/workflows/prow-pr-automerge.yml
View raw YAML
# This Github workflow will check every hour for PRs with the lgtm label and will attempt to automatically merge them.
# If the hold label is present, it will block automatic merging.
name: "Prow merge on lgtm label"
on:
schedule:
- cron: "0 * * * *" # every hour
jobs:
auto-merge:
runs-on: ubuntu-latest
steps:
- uses: jpmcb/prow-github-actions@v2.0.0
with:
jobs: 'lgtm'
github-token: "${{ secrets.GITHUB_TOKEN }}"
merge-method: 'squash'
prow-pr-remove-lgtm .github/workflows/prow-pr-remove-lgtm.yml
View raw YAML
# This workflow will remove the lgtm label from a PR that gets updated.
# This prevents any un-reviewed code from being automatically merged by the lgtm-merger mechanism.
name: "Prow remove lgtm label"
on: pull_request
# This workflow is not applicable to merge queue
# merge_group:
# types: [ checks_requested ]
jobs:
remove-lgtm:
runs-on: ubuntu-latest
steps:
- uses: jpmcb/prow-github-actions@v2.0.0
with:
jobs: 'lgtm'
github-token: "${{ secrets.GITHUB_TOKEN }}"
python-publish .github/workflows/python-publish.yml
View raw YAML
name: Upload Python Package
on:
release:
types: [published]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
publish-kserve:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: KServe - Build and publish
env:
UV_PUBLISH_TOKEN: ${{ secrets.PYPI_TOKEN }}
run: |
cd python/kserve
uv build
uv publish
publish-storage:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install UV
run: ./test/scripts/gh-actions/setup-uv.sh
- name: KServe Storage - Build and publish
env:
UV_PUBLISH_TOKEN: ${{ secrets.KSERVE_STORAGE_PYPI_TOKEN }}
run: |
cd python/storage
uv build
uv publish
python-test matrix .github/workflows/python-test.yml
View raw YAML
name: Python package
on:
push:
branches: [master, release*]
paths-ignore:
- "**.md"
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/python-test.yml"
- ".github/actions/free-up-disk-space/**"
merge_group:
types: [ checks_requested ]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python-version: ["3.10", "3.11", "3.12"]
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Set up Python ${{ matrix.python-version }}
id: setup-python
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- name: Install uv
run: pip install uv
- name: Set up virtualenv
run: |
uv venv .venv
# source .venv/bin/activate
# pip install --upgrade pip
- name: Load uv cache
uses: actions/cache@v4
id: cached-uv
with:
path: .venv
key: uv-${{ runner.os }}-${{ hashFiles('**/uv.lock') }}
- name: Verify and fix root venv if needed
run: |
if [ ! -e .venv/bin/python3 ]; then
echo "Cached venv is broken, recreating..."
rm -rf .venv
uv venv .venv
fi
# ----------------------------------------Kserve Unit Tests--------------------------------------------------------
# load cached kserve venv if cache exists
- name: Load cached kserve venv
id: cached-kserve-dependencies
uses: actions/cache@v4
with:
path: python/kserve/.venv
key: kserve-venv-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/kserve/uv.lock') }}
# install kserve dependencies if cache does not exist
- name: Install kserve dependencies
if: steps.cached-kserve-dependencies.outputs.cache-hit != 'true'
run: |
cd python/kserve
make install_dependencies
- name: Install kserve
run: |
cd python/kserve
make dev_install
- name: Test kserve
run: |
cd python
source kserve/.venv/bin/activate
pytest --cov=kserve ./kserve
- name: Test kserve Storage
run: |
cd python
source kserve/.venv/bin/activate
pytest --cov=storage ./storage
# ----------------------------------------Kserve Numpy 1.x Unit Tests--------------------------------------------
- name: Setup kserve numpy 1-x directory
run: |
mkdir -p python/kserve-numpy-1-x
cp -r python/kserve/* python/kserve-numpy-1-x
cd python/kserve-numpy-1-x
# update the lock file without installing dependencies
uv pip install "numpy<2.0"
- name: Load cached kserve numpy 1-x venv
id: cached-kserve-numpy-1-x-dependencies
uses: actions/cache@v4
with:
path: python/kserve-numpy-1-x/.venv
key: kserve-numpy-1-x-venv-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/kserve-numpy-1-x/uv.lock') }}
# install kserve numpy 1-x dependencies if cache does not exist
- name: Install kserve numpy 1-x dependencies
if: ${{ steps.cached-kserve-numpy-1-x-dependencies.outputs.cache-hit != 'true' }}
run: |
cd python/kserve-numpy-1-x
make install_dependencies
- name: Install kserve numpy 1-x
run: |
cd python/kserve-numpy-1-x
make dev_install
- name: View numpy version
run: |
cd python/kserve-numpy-1-x
uv pip show numpy
- name: Test kserve numpy 1-x
run: |
cd python
source kserve-numpy-1-x/.venv/bin/activate
pytest --cov=kserve ./kserve-numpy-1-x
# ----------------------------------------Sklearn Server Unit Tests------------------------------------------------
# load cached sklearn venv if cache exists
- name: Load cached sklearn venv
id: cached-sklearn-dependencies
uses: actions/cache@v4
with:
path: python/sklearnserver/.venv
key: sklearn-venv-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/kserve/uv.lock', '**/sklearnserver/uv.lock') }}
# install sklearn server dependencies if cache does not exist
- name: Install sklearn dependencies
if: steps.cached-sklearn-dependencies.outputs.cache-hit != 'true'
run: |
cd python/sklearnserver
make install_dependencies
- name: Install sklearnserver
run: |
cd python/sklearnserver
make dev_install
- name: Test sklearnserver
run: |
cd python
source sklearnserver/.venv/bin/activate
pytest --cov=sklearnserver ./sklearnserver
# ----------------------------------------Xgb Server Unit Tests------------------------------------------------
# load cached xgb venv if cache exists
- name: Load cached xgb venv
id: cached-xgb-dependencies
uses: actions/cache@v4
with:
path: python/xgbserver/.venv
key: xgb-venv-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/kserve/uv.lock', '**/xgbserver/uv.lock') }}
# install xgb server dependencies if cache does not exist
- name: Install xgb dependencies
if: steps.cached-xgb-dependencies.outputs.cache-hit != 'true'
run: |
cd python/xgbserver
make install_dependencies
- name: Install xgbserver
run: |
cd python/xgbserver
make dev_install
- name: Test xgbserver
run: |
cd python
source xgbserver/.venv/bin/activate
pytest --cov=xgbserver ./xgbserver
# ----------------------------------------Pmml Server Unit Tests------------------------------------------------
# load cached pmml venv if cache exists
- name: Load cached pmml venv
id: cached-pmml-dependencies
uses: actions/cache@v4
with:
path: python/pmmlserver/.venv
key: pmml-venv-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/kserve/uv.lock', '**/pmmlserver/uv.lock') }}
# install pmml server dependencies if cache does not exist
- name: Install pmml dependencies
if: steps.cached-pmml-dependencies.outputs.cache-hit != 'true'
run: |
cd python/pmmlserver
make install_dependencies
- name: Install pmmlserver
run: |
cd python/pmmlserver
make dev_install
- name: Test pmmlserver
run: |
cd python
source pmmlserver/.venv/bin/activate
pytest --cov=pmmlserver ./pmmlserver
# ----------------------------------------Lgb Server Unit Tests------------------------------------------------
# load cached lgb venv if cache exists
- name: Load cached lgb venv
id: cached-lgb-dependencies
uses: actions/cache@v4
with:
path: python/lgbserver/.venv
key: lgb-venv-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/kserve/uv.lock', '**/lgbserver/uv.lock') }}
# install lgb server dependencies if cache does not exist
- name: Install lgb dependencies
if: steps.cached-lgb-dependencies.outputs.cache-hit != 'true'
run: |
cd python/lgbserver
make install_dependencies
- name: Install lgbserver
run: |
cd python/lgbserver
make dev_install
- name: Test lgbserver
run: |
cd python
source lgbserver/.venv/bin/activate
pytest --cov=lgbserver ./lgbserver
# ----------------------------------------Paddle Server Unit Tests------------------------------------------------
# load cached paddle venv if cache exists
- name: Load cached paddle venv
id: cached-paddle-dependencies
uses: actions/cache@v4
with:
path: python/paddleserver/.venv
key: paddle-venv-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/kserve/uv.lock', '**/paddleserver/uv.lock') }}
- name: Install paddle dependencies
if: steps.cached-paddle-dependencies.outputs.cache-hit != 'true'
run: |
echo "python version ${{ steps.setup-python.outputs.python-version }}"
cd python/paddleserver
make install_dependencies
- name: Install paddleserver
run: |
cd python/paddleserver
make dev_install
- name: Test paddleserver
run: |
cd python
source paddleserver/.venv/bin/activate
pytest --cov=paddleserver ./paddleserver
# ----------------------------------------Huggingface CPU Server Unit Tests------------------------------------------------
# load cached huggingface cpu venv if cache exists
- name: Load cached huggingface cpu venv
id: huggingface-cpu-dependencies
uses: actions/cache@v4
with:
path: /mnt/python/huggingfaceserver-cpu-venv
key: huggingface-cpu-venv-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/kserve/uv.lock', '**/huggingfaceserver/uv.lock') }}
- name: Setup Python environment
run: |
sudo mkdir -p /mnt/python/huggingfaceserver-cpu-venv
sudo chown -R $USER /mnt/python/huggingfaceserver-cpu-venv
uv venv /mnt/python/huggingfaceserver-cpu-venv
echo "/mnt/python/huggingfaceserver-cpu-venv/bin" >> $GITHUB_PATH
- name: Install build dependencies for vLLM
run: |
sudo apt-get update -y
sudo apt-get install -y gcc-12 g++-12 libnuma-dev python3-dev
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-12 10 --slave /usr/bin/g++ g++ /usr/bin/g++-12
- name: Install huggingface cpu server
run: |
export VIRTUAL_ENV=/mnt/python/huggingfaceserver-cpu-venv
cd python/huggingfaceserver
make install_cpu_dependencies
- name: Run tests
run: |
cd python/huggingfaceserver
/mnt/python/huggingfaceserver-cpu-venv/bin/python -m ensurepip --upgrade
/mnt/python/huggingfaceserver-cpu-venv/bin/python -m pip install --upgrade pip
/mnt/python/huggingfaceserver-cpu-venv/bin/python -m pip install pytest pytest-cov
bash tests/setup_vllm.sh
source /mnt/python/huggingfaceserver-cpu-venv/bin/activate
/mnt/python/huggingfaceserver-cpu-venv/bin/python -m pytest --cov=huggingfaceserver -vv -k 'not test_vllm'
# TODO: The following tests need to be reworked since IPEX support is relatively new for both vLLM and KServe
# poetry run -- pytest --cov=huggingfaceserver -vv tests/test_vllm_chat_with_reasoning.py
# poetry run -- pytest --cov=huggingfaceserver -vv tests/test_vllm_chat_with_tools.py
# poetry run -- pytest --cov=huggingfaceserver -vv tests/test_vllm_generative.py
env:
VLLM_ENGINE_ITERATION_TIMEOUT_S: 3600
- name: Free space after cpu tests
run: |
df -hT
qpext-docker-publish .github/workflows/qpext-docker-publish.yml
View raw YAML
name: Queue Proxy Extension Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "qpext/**"
- "!python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/qpext-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: qpext
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Run tests
run: |
if [ -f docker-compose.test.yml ]; then
docker-compose --file docker-compose.test.yml build
docker-compose --file docker-compose.test.yml run sut
else
docker buildx build . --file qpext/qpext.Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x
context: "."
file: qpext/qpext.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
re-run-actions .github/workflows/re-run-actions.yml
View raw YAML
name: Re-Run PR tests
on:
issue_comment:
types: [created]
jobs:
rerun_pr_tests:
name: rerun_pr_tests
if: github.event.issue.pull_request != '' && (github.event.comment.author_association == 'OWNER' || github.event.comment.author_association == 'COLLABORATOR' || github.event.comment.author_association == 'CONTRIBUTOR' || github.event.comment.author_association == 'MEMBER')
runs-on: ubuntu-latest
steps:
- uses: estroz/rerun-actions@main
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
comment_id: ${{ github.event.comment.id }}
required-checks .github/workflows/required-checks.yml
View raw YAML
name: enforce-required-checks
on:
pull_request:
merge_group:
types: [ checks_requested ]
jobs:
enforce-all-checks:
runs-on: ubuntu-latest
permissions:
checks: read
steps:
- name: job status check
uses: poseidon/wait-for-status-checks@v0.6.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
interval: 10s
# seconds to wait before first poll.
delay: 120s
timeout: 10800s # 3 hour (based on the highest avg runtime of a job https://github.com/kserve/kserve/actions/metrics/performance?tab=jobs)
router-docker-publish .github/workflows/router-docker-publish.yml
View raw YAML
name: Router Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "**"
- "!python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/router-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: router
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Run tests
run: |
if [ -f docker-compose.test.yml ]; then
docker-compose --file docker-compose.test.yml build
docker-compose --file docker-compose.test.yml run sut
else
docker buildx build . --file router.Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x
context: .
file: router.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
sbom: true
scheduled-go-security-scan security .github/workflows/scheduled-go-security-scan.yml
View raw YAML
name: "Go Security Scan"
on:
pull_request:
# Don't do security scan on merge queue. For now, we assume scheduled and PR checks are enough.
# merge_group:
# types: [ checks_requested ]
schedule:
# The scheduled workflow runs every Sunday at 00:00 UTC time.
- cron: '0 0 * * 0'
workflow_dispatch: { }
jobs:
go-security-scan:
runs-on: ubuntu-latest
env:
GO111MODULE: on
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Run Gosec Security Scanner
uses: securego/gosec@v2.20.0
with:
args: '-no-fail -fmt=sarif -out=go-security-scan-results.sarif -exclude-dir=pkg/client -exclude-dir=pkg/clientv1alpha1 ./...'
- name: Upload SARIF file to Github Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: go-security-scan-results.sarif
category: gosec-tool
scheduled-image-scan matrix security .github/workflows/scheduled-image-scan.yml
View raw YAML
name: Twice a week image scan
# Temporarily adding on push for testing
on:
schedule:
- cron: "0 0 * * 0,3"
workflow_dispatch: {}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
base-image-scan:
name: scan images
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
image:
[
{ name: kserve-controller, file: Dockerfile },
{ name: agent, file: agent.Dockerfile },
{ name: storage-initializer, file: python/storage-initializer.Dockerfile },
{ name: router, file: router.Dockerfile },
{ name: kserve-localmodel-controller, file: localmodel.Dockerfile },
{ name: kserve-localmodelnode-agent, file: localmodel-agent.Dockerfile },
]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Security scan on docker image
uses: snyk/actions/docker@master
id: docker-image-scan
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: kserve/${{ matrix.image.name }}
args: --severity-threshold=low
--file=${{ matrix.image.file }}
--sarif-file-output=./application/${{ matrix.image.name }}/docker.snyk.sarif
sarif: false
# Replace any "undefined" or "null" security severity values with 0. The undefined value is used in the case
# of license-related findings, which do not indicate a security vulnerability.
# See https://github.com/github/codeql-action/issues/2187 for more context.
# This can be removed once https://github.com/snyk/cli/pull/5409 is merged.
- name: Replace security-severity undefined for license-related findings
run: |
sudo sed -i 's/"security-severity": "undefined"/"security-severity": "0"/g' ./application/${{ matrix.image.name }}/docker.snyk.sarif
sudo sed -i 's/"security-severity": "null"/"security-severity": "0"/g' ./application/${{ matrix.image.name }}/docker.snyk.sarif
- name: Upload sarif file to Github Code Scanning
if: always()
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: application/${{ matrix.image.name }}/docker.snyk.sarif
category: ${{ matrix.image.name }}
predictor-image-scan:
name: scan predictor images
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
image:
[
{ name: sklearnserver, file: python/sklearn.Dockerfile },
{ name: xgbserver, file: python/xgb.Dockerfile },
{ name: pmmlserver, file: python/pmml.Dockerfile },
{ name: paddleserver, file: python/paddle.Dockerfile },
{ name: lgbserver, file: python/lgb.Dockerfile },
{ name: huggingfaceserver, file: python/huggingface_server.Dockerfile },
]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Security scan on docker image
uses: snyk/actions/docker@master
id: docker-image-scan
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: kserve/${{ matrix.image.name }}
args: --severity-threshold=low
--file=${{ matrix.image.file }}
--sarif-file-output=./application/${{ matrix.image.name }}/docker.snyk.sarif
sarif: false
# Replace any "undefined" or "null" security severity values with 0. The undefined value is used in the case
# of license-related findings, which do not indicate a security vulnerability.
# See https://github.com/github/codeql-action/issues/2187 for more context.
# This can be removed once https://github.com/snyk/cli/pull/5409 is merged.
- name: Replace security-severity undefined for license-related findings
run: |
sudo sed -i 's/"security-severity": "undefined"/"security-severity": "0"/g' ./application/${{ matrix.image.name }}/docker.snyk.sarif
sudo sed -i 's/"security-severity": "null"/"security-severity": "0"/g' ./application/${{ matrix.image.name }}/docker.snyk.sarif
- name: Upload sarif file to Github Code Scanning
if: always()
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: application/${{ matrix.image.name }}/docker.snyk.sarif
category: ${{ matrix.image.name }}
explainer-image-scan:
name: scan explainer images
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
image: [{ name: art-explainer, file: python/artexplainer.Dockerfile }]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Security scan on docker image
uses: snyk/actions/docker@master
id: docker-image-scan
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: kserve/${{ matrix.image.name }}
args: --severity-threshold=low
--file=${{ matrix.image.file }}
--sarif-file-output=./application/${{ matrix.image.name }}/docker.snyk.sarif
sarif: false
# Replace any "undefined" or "null" security severity values with 0. The undefined value is used in the case
# of license-related findings, which do not indicate a security vulnerability.
# See https://github.com/github/codeql-action/issues/2187 for more context.
# This can be removed once https://github.com/snyk/cli/pull/5409 is merged.
- name: Replace security-severity undefined for license-related findings
run: |
sudo sed -i 's/"security-severity": "undefined"/"security-severity": "0"/g' ./application/${{ matrix.image.name }}/docker.snyk.sarif
sudo sed -i 's/"security-severity": "null"/"security-severity": "0"/g' ./application/${{ matrix.image.name }}/docker.snyk.sarif
- name: Upload sarif file to Github Code Scanning
if: always()
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: application/${{ matrix.image.name }}/docker.snyk.sarif
category: ${{ matrix.image.name }}
sklearnserver-docker-publish .github/workflows/sklearnserver-docker-publish.yml
View raw YAML
name: Sklearn Server Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/sklearnserver-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: sklearnserver
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/sklearn.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/sklearn.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
storage-initializer-docker-publisher .github/workflows/storage-initializer-docker-publisher.yml
View raw YAML
name: Storage Intializer Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/storage-initializer-docker-publisher.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: storage-initializer
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/storage-initializer.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/storage-initializer.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
tf2openapi-docker-publisher .github/workflows/tf2openapi-docker-publisher.yml
View raw YAML
name: Tf2Openapi Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "tools/**"
- "!python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/tf2openapi-docker-publisher.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: tf2openapi
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Run tests
run: |
if [ -f docker-compose.test.yml ]; then
docker-compose --file docker-compose.test.yml build
docker-compose --file docker-compose.test.yml run sut
else
docker buildx build . --file tools/tf2openapi/Dockerfile
fi
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: .
file: tools/tf2openapi/Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
transformer-docker-publish .github/workflows/transformer-docker-publish.yml
View raw YAML
name: Transformer Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/transformer-docker-publish.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: image-transformer
GRPC_IMAGE_NAME: custom-image-transformer-grpc
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/custom_transformer.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/custom_transformer.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test-transformer-grpc:
runs-on: ubuntu-latest
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/custom_transformer_grpc.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push-transformer-grpc:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$GRPC_IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: python
file: python/custom_transformer_grpc.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true
xgbserver-docker-publisher .github/workflows/xgbserver-docker-publisher.yml
View raw YAML
name: Xgbserver Server Docker Publisher
on:
push:
# Publish `master` as Docker `latest` image.
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
paths:
- "python/**"
- "!.github/**"
- "!docs/**"
- "!**.md"
- ".github/workflows/xgbserver-docker-publisher.yml"
- ".github/actions/free-up-disk-space/**"
# To save some compute time, rely on PR check and don't run for merge queues
# merge_group:
# types: [ checks_requested ]
env:
IMAGE_NAME: xgbserver
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Run tests.
# See also https://docs.docker.com/docker-hub/builds/automated-testing/
test:
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Merge target branch
if: github.event_name == 'pull_request'
run: |
git fetch --unshallow origin
git fetch origin ${{ github.event.pull_request.base.ref }}
git config user.email "ci@kserve.io"
git config user.name "CI Bot"
git merge --no-edit origin/${{ github.event.pull_request.base.ref }}
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Run tests
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/xgb.Dockerfile
push: false
# https://github.com/docker/buildx/issues/1533
provenance: false
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
# Ensure test job passes before pushing image.
needs: test
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Free-up disk space
uses: ./.github/actions/free-up-disk-space
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
cache-image: true
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
with:
cache-binary: true
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Export version variable
run: |
IMAGE_ID=kserve/$IMAGE_NAME
# Change all uppercase to lowercase
IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
# [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
echo VERSION=$VERSION >> $GITHUB_ENV
echo IMAGE_ID=$IMAGE_ID >> $GITHUB_ENV
- name: Build and push
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64/v8
context: python
file: python/xgb.Dockerfile
push: true
tags: ${{ env.IMAGE_ID }}:${{ env.VERSION }}
# https://github.com/docker/buildx/issues/1533
provenance: false
sbom: true