From ded96d761dcf30a662dbf8f287507658b97cc12c Mon Sep 17 00:00:00 2001 From: "Hui, Chunyang" Date: Tue, 23 Jan 2024 10:56:34 +0000 Subject: [PATCH] Refine CI actions to reuse old image --- .github/workflows/build_and_push_ci_image.yml | 69 ++++++++++++++++--- .../workflows/build_and_push_docker_image.yml | 69 +++++++++++++------ .github/workflows/demo_test.yml | 28 ++++++-- .github/workflows/hw_mode_test.yml | 55 +++++++++------ 4 files changed, 164 insertions(+), 57 deletions(-) diff --git a/.github/workflows/build_and_push_ci_image.yml b/.github/workflows/build_and_push_ci_image.yml index f152518d..46a0ab90 100644 --- a/.github/workflows/build_and_push_ci_image.yml +++ b/.github/workflows/build_and_push_ci_image.yml @@ -5,7 +5,6 @@ name: Build Image for CI (Manual Trigger) # GVisor syscall test also compiles slow. It needs its own image. The images # are stored in "occlumbackup/occlum" dockerhub repo. - # This is a manual trigger. on: workflow_dispatch: @@ -14,11 +13,9 @@ on: description: 'image name (must choose from )' required: true default: 'grpc' - tag: - description: 'image tag' - required: true - default: 'latest' - + reuse_image: + description: 'admin can choose to reuse an old image as the new CI image. set reuse image name, e.g.:0.30.0, 0.30.1-rc' + required: false jobs: Build_grpc_image: @@ -57,7 +54,9 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + # Rebuild the image - name: Build and push + if: "${{ github.event.inputs.reuse_image == '' }}" uses: docker/build-push-action@v2 with: context: . @@ -67,7 +66,15 @@ jobs: "OCCLUM_VERSION=${{ env.OCCLUM_VERSION }}" "OCCLUM_BRANCH=${{ env.OCCLUM_BRANCH }}" push: true - tags: occlumbackup/occlum:${{ github.event.inputs.tag }}-ubuntu20.04-grpc + tags: occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-grpc + + # Reuse the old image + - name: Reuse the old image + if: "${{ github.event.inputs.reuse_image != '' }}" + run: | + docker pull occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-grpc + docker tag occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-grpc occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-grpc + docker push occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-grpc Build_gvisor_test_image: @@ -100,7 +107,9 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + # Rebuild the image - name: Build and push + if: "${{ github.event.inputs.reuse_image == '' }}" uses: docker/build-push-action@v2 with: context: . @@ -110,7 +119,15 @@ jobs: "OCCLUM_VERSION=${{ env.OCCLUM_VERSION }}" "OCCLUM_BRANCH=${{ env.OCCLUM_BRANCH }}" push: true - tags: occlumbackup/occlum:${{ github.event.inputs.tag }}-ubuntu20.04-gvisor_test + tags: occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-gvisor_test + + # Reuse the old image + - name: Reuse the old image + if: "${{ github.event.inputs.reuse_image != '' }}" + run: | + docker pull occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-gvisor_test + docker tag occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-gvisor_test occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-gvisor_test + docker push occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-gvisor_test Build_openvino_image: @@ -148,7 +165,9 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + # Rebuild the image - name: Build and push + if: "${{ github.event.inputs.reuse_image == '' }}" uses: docker/build-push-action@v2 with: context: . @@ -158,7 +177,15 @@ jobs: "OCCLUM_VERSION=${{ env.OCCLUM_VERSION }}" "OCCLUM_BRANCH=${{ env.OCCLUM_BRANCH }}" push: true - tags: occlumbackup/occlum:${{ github.event.inputs.tag }}-ubuntu20.04-openvino + tags: occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-openvino + + # Reuse the old image + - name: Reuse the old image + if: "${{ github.event.inputs.reuse_image != '' }}" + run: | + docker pull occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-openvino + docker tag occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-openvino occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-openvino + docker push occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-openvino Build_python_image: @@ -196,7 +223,9 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + # Rebuild the image - name: Build and push + if: "${{ github.event.inputs.reuse_image == '' }}" uses: docker/build-push-action@v2 with: context: . @@ -206,7 +235,15 @@ jobs: "OCCLUM_VERSION=${{ env.OCCLUM_VERSION }}" "OCCLUM_BRANCH=${{ env.OCCLUM_BRANCH }}" push: true - tags: occlumbackup/occlum:${{ github.event.inputs.tag }}-ubuntu20.04-python + tags: occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-python + + # Reuse the old image + - name: Reuse the old image + if: "${{ github.event.inputs.reuse_image != '' }}" + run: | + docker pull occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-python + docker tag occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-python occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-python + docker push occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-python # TODO: Add actions to build tf_serving_base image. @@ -255,7 +292,9 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + # Rebuild the image - name: Build and push + if: "${{ github.event.inputs.reuse_image == '' }}" uses: docker/build-push-action@v2 with: context: . @@ -265,4 +304,12 @@ jobs: "OCCLUM_VERSION=${{ env.OCCLUM_VERSION }}" "OCCLUM_BRANCH=${{ env.OCCLUM_BRANCH }}" push: true - tags: occlumbackup/occlum:${{ github.event.inputs.tag }}-ubuntu20.04-tf_serving + tags: occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-tf_serving + + # Reuse the old image + - name: Reuse the old image + if: "${{ github.event.inputs.reuse_image != '' }}" + run: | + docker pull occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-tf_serving + docker tag occlumbackup/occlum:${{ github.event.inputs.reuse_image }}-ubuntu20.04-tf_serving occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-tf_serving + docker push occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-tf_serving diff --git a/.github/workflows/build_and_push_docker_image.yml b/.github/workflows/build_and_push_docker_image.yml index 900e79c5..18f4a812 100644 --- a/.github/workflows/build_and_push_docker_image.yml +++ b/.github/workflows/build_and_push_docker_image.yml @@ -12,6 +12,12 @@ on: description: 'Whether it is a release image or test image (must choose from )' required: true default: 'N' + # If rc image works well, directly tag with the release version + # source image: "reuse_image" specified here + # target iamge: Get from the current source code + reuse_image: + description: 'Set reuse image name, e.g.: 0.30.0-rc (When release is set to , admin can choose to reuse an old rc image as the new release image)' + required: false jobs: generate-anolis-image: @@ -38,16 +44,6 @@ jobs: # ${GITHUB_REF##*/} == branch-name run: echo "OCCLUM_BRANCH=$(echo ${GITHUB_REF##*/})" >> $GITHUB_ENV; - - name: Get image tag name for release image - if: github.event.inputs.release == 'Y' - run: echo "IMAGE_TAG=${{ env.RELEASE_VERSION }}" >> $GITHUB_ENV - - name: Get image tage name for dev image - if: github.event.inputs.release == 'N' - run: echo "IMAGE_TAG=latest-dev-${GITHUB_SHA:0:7}" >> $GITHUB_ENV - - name: Get image tage name for test image - if: github.event.inputs.release == 'T' - run: echo "IMAGE_TAG=${{ env.RELEASE_VERSION }}-test" >> $GITHUB_ENV - - name: Set up QEMU uses: docker/setup-qemu-action@v1 @@ -62,7 +58,19 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + - name: Get image tag name for release image + if: github.event.inputs.release == 'Y' + run: echo "IMAGE_TAG=${{ env.RELEASE_VERSION }}" >> $GITHUB_ENV + - name: Get image tage name for dev image + if: github.event.inputs.release == 'N' + run: echo "IMAGE_TAG=latest-dev-${GITHUB_SHA:0:7}" >> $GITHUB_ENV + - name: Get image tage name for test image + if: github.event.inputs.release == 'T' + run: echo "IMAGE_TAG=${{ env.RELEASE_VERSION }}-test" >> $GITHUB_ENV + + # Rebuild new image - name: Build and push + if: "${{ github.event.inputs.reuse_image == '' }}" uses: docker/build-push-action@v2 with: context: . @@ -72,6 +80,16 @@ jobs: push: true tags: occlum/occlum:${{ env.IMAGE_TAG }}-anolis8.8 + # Reuse old image + - name: Reuse old image + if: "${{ github.event.inputs.reuse_image != '' }}" + run: | + echo "REUSE_VERSION=${{ github.event.inputs.reuse_image }}" >> $GITHUB_ENV; + docker pull occlum/occlum:${{ env.REUSE_VERSION }}-anolis8.8 + docker tag occlum/occlum:${{ env.REUSE_VERSION }}-anolis8.8 occlum/occlum:${{ env.IMAGE_TAG }}-anolis8.8 + docker push occlum/occlum:${{ env.IMAGE_TAG }}-anolis8.8 + + generate-ubuntu20-image: runs-on: ubuntu-20.04 if: github.event.inputs.OS == 'ubuntu20' @@ -95,16 +113,6 @@ jobs: # ${GITHUB_REF##*/} == branch-name run: echo "OCCLUM_BRANCH=$(echo ${GITHUB_REF##*/})" >> $GITHUB_ENV; - - name: Get image tag name for release image - if: github.event.inputs.release == 'Y' - run: echo "IMAGE_TAG=${{ env.RELEASE_VERSION }}" >> $GITHUB_ENV - - name: Get image tage name for dev image - if: github.event.inputs.release == 'N' - run: echo "IMAGE_TAG=latest-dev-${GITHUB_SHA:0:7}" >> $GITHUB_ENV - - name: Get image tage name for test image - if: github.event.inputs.release == 'T' - run: echo "IMAGE_TAG=${{ env.RELEASE_VERSION }}-test" >> $GITHUB_ENV - - name: Set up QEMU uses: docker/setup-qemu-action@v1 @@ -119,7 +127,19 @@ jobs: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + - name: Get image tag name for release image + if: github.event.inputs.release == 'Y' + run: echo "IMAGE_TAG=${{ env.RELEASE_VERSION }}" >> $GITHUB_ENV + - name: Get image tage name for dev image + if: github.event.inputs.release == 'N' + run: echo "IMAGE_TAG=latest-dev-${GITHUB_SHA:0:7}" >> $GITHUB_ENV + - name: Get image tage name for test image + if: github.event.inputs.release == 'T' + run: echo "IMAGE_TAG=${{ env.RELEASE_VERSION }}-test" >> $GITHUB_ENV + + # Rebuild new image - name: Build and push + if: "${{ github.event.inputs.reuse_image == '' }}" uses: docker/build-push-action@v2 with: context: . @@ -128,3 +148,12 @@ jobs: build-args: OCCLUM_BRANCH=${{ env.OCCLUM_BRANCH }} push: true tags: occlum/occlum:${{ env.IMAGE_TAG }}-ubuntu20.04 + + # Reuse old image + - name: Reuse old image + if: "${{ github.event.inputs.reuse_image != '' }}" + run: | + echo "REUSE_VERSION=${{ github.event.inputs.reuse_image }}" >> $GITHUB_ENV; + docker pull occlum/occlum:${{ env.REUSE_VERSION }}-ubuntu20.04 + docker tag occlum/occlum:${{ env.REUSE_VERSION }}-ubuntu20.04 occlum/occlum:${{ env.IMAGE_TAG }}-ubuntu20.04 + docker push occlum/occlum:${{ env.IMAGE_TAG }}-ubuntu20.04 diff --git a/.github/workflows/demo_test.yml b/.github/workflows/demo_test.yml index fcae7100..f46fad18 100644 --- a/.github/workflows/demo_test.yml +++ b/.github/workflows/demo_test.yml @@ -473,8 +473,11 @@ jobs: with: submodules: true + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container - run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc + run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-grpc - uses: ./.github/workflows/composite_action/prebuild with: @@ -514,8 +517,11 @@ jobs: with: submodules: true + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container - run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc + run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-grpc - uses: ./.github/workflows/composite_action/prebuild with: @@ -600,8 +606,11 @@ jobs: with: submodules: true + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container - run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-openvino + run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-openvino - uses: ./.github/workflows/composite_action/prebuild with: @@ -633,8 +642,12 @@ jobs: - uses: actions/checkout@v1 with: submodules: true + + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container - run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-python + run: docker run -itd --name=${{ github.job }} -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-python - uses: ./.github/workflows/composite_action/prebuild with: @@ -1019,10 +1032,13 @@ jobs: with: submodules: true + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container run: | - docker pull occlumbackup/occlum:latest-ubuntu20.04-gvisor_test - gvisor_test=$(docker run -itd -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-gvisor_test); + docker pull occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-gvisor_test + gvisor_test=$(docker run -itd -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-gvisor_test); echo "gvisor_test=$gvisor_test" >> $GITHUB_ENV - uses: ./.github/workflows/composite_action/prebuild diff --git a/.github/workflows/hw_mode_test.yml b/.github/workflows/hw_mode_test.yml index 781a4de4..3cd50634 100644 --- a/.github/workflows/hw_mode_test.yml +++ b/.github/workflows/hw_mode_test.yml @@ -441,16 +441,19 @@ jobs: ref: refs/pull/${{ github.event.pull_request.number }}/merge submodules: true + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container run: | - docker pull occlumbackup/occlum:latest-ubuntu20.04-python + docker pull occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-python if [[ "${{ matrix.self_runner[1] }}" == "SGX1-HW" ]]; then - python_musl_support_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-python); + python_musl_support_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-python); elif [[ "${{ matrix.self_runner[1] }}" == "SGX2-HW" ]]; then if [[ "${{ matrix.self_runner[2] }}" == "EDMM" ]]; then - python_musl_support_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-python); + python_musl_support_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-python); else - python_musl_support_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-python); + python_musl_support_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-python); fi else echo "Unsupported Hardware" @@ -516,16 +519,19 @@ jobs: ref: refs/pull/${{ github.event.pull_request.number }}/merge submodules: true + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container run: | - docker pull occlumbackup/occlum:latest-ubuntu20.04-openvino + docker pull occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-openvino if [[ "${{ matrix.self_runner[1] }}" == "SGX1-HW" ]]; then - openvino_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-openvino); + openvino_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-openvino); elif [[ "${{ matrix.self_runner[1] }}" == "SGX2-HW" ]]; then if [[ "${{ matrix.self_runner[2] }}" == "EDMM" ]]; then - openvino_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-openvino); + openvino_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-openvino); else - openvino_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-openvino); + openvino_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-openvino); fi else echo "Unsupported Hardware" @@ -588,16 +594,19 @@ jobs: ref: refs/pull/${{ github.event.pull_request.number }}/merge submodules: true + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container run: | - docker pull occlumbackup/occlum:latest-ubuntu20.04-grpc + docker pull occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-grpc if [[ "${{ matrix.self_runner[1] }}" == "SGX1-HW" ]]; then - grpc_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc); + grpc_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-grpc); elif [[ "${{ matrix.self_runner[1] }}" == "SGX2-HW" ]]; then if [[ "${{ matrix.self_runner[2] }}" == "EDMM" ]]; then - grpc_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc); + grpc_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-grpc); else - grpc_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-grpc); + grpc_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-grpc); fi else echo "Unsupported Hardware" @@ -682,16 +691,19 @@ jobs: ref: refs/pull/${{ github.event.pull_request.number }}/merge submodules: true + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container run: | - docker pull occlumbackup/occlum:latest-ubuntu20.04-gvisor_test + docker pull occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-gvisor_test if [[ "${{ matrix.self_runner[1] }}" == "SGX1-HW" ]]; then - gvisor_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-gvisor_test); + gvisor_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-gvisor_test); elif [[ "${{ matrix.self_runner[1] }}" == "SGX2-HW" ]]; then if [[ "${{ matrix.self_runner[2] }}" == "EDMM" ]]; then - gvisor_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-gvisor_test); + gvisor_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-gvisor_test); else - gvisor_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-gvisor_test); + gvisor_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-gvisor_test); fi else echo "Unsupported Hardware" @@ -836,16 +848,19 @@ jobs: ref: refs/pull/${{ github.event.pull_request.number }}/merge submodules: true + - name: Get occlum version + run: echo "OCCLUM_VERSION=$(grep 'Version =' src/pal/include/occlum_version.h | awk '{print $4}')" >> $GITHUB_ENV; + - name: Create container run: | - docker pull occlumbackup/occlum:latest-ubuntu20.04-tf_serving + docker pull occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-tf_serving if [[ "${{ matrix.self_runner[1] }}" == "SGX1-HW" ]]; then - tf_serving_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-tf_serving); + tf_serving_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host --device /dev/isgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-tf_serving); elif [[ "${{ matrix.self_runner[1] }}" == "SGX2-HW" ]]; then if [[ "${{ matrix.self_runner[2] }}" == "EDMM" ]]; then - tf_serving_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-tf_serving); + tf_serving_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --env ENABLE_EDMM=Y --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-tf_serving); else - tf_serving_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:latest-ubuntu20.04-tf_serving); + tf_serving_test=$(docker run -itd --privileged --rm --env CARGO_HTTP_MULTIPLEXING=false --net host -v /dev/sgx:/dev/sgx -v $GITHUB_WORKSPACE:/root/occlum occlumbackup/occlum:${{ env.OCCLUM_VERSION }}-ubuntu20.04-tf_serving); fi else echo "Unsupported Hardware"