diff --git a/.github/workflows/continuous-integration.yaml b/.github/workflows/continuous-integration.yaml index 029effeba..6b8d889db 100644 --- a/.github/workflows/continuous-integration.yaml +++ b/.github/workflows/continuous-integration.yaml @@ -460,8 +460,27 @@ jobs: - name: Set tag in env run: | GIT_TAG=$(echo "${{ github.ref }}" | sed 's/refs\/tags\///g') - RELEASE_IMG_TAG="${RELEASE_IMAGE_BASE}:${GIT_TAG}" - echo "RELEASE_IMG_TAG=${RELEASE_IMG_TAG}" >> "$GITHUB_ENV" + RELEASE_IMG_GIT_TAG="${RELEASE_IMAGE_BASE}:${GIT_TAG}" + echo "RELEASE_IMG_GIT_TAG=${RELEASE_IMG_GIT_TAG}" >> "$GITHUB_ENV" + RELEASE_IMG_TAGS_TO_PUSH="${RELEASE_IMG_GIT_TAG}" + + EXISTING_TAGS=$(curl \ + -X GET \ + -H "Authorization: Bearer $(echo ${{ secrets.BOT_TOKEN }} | base64)" \ + https://ghcr.io/v2/zama-ai/concretefhe/tags/list | jq -rc '.tags | join(" ")') + + # We want the space separated list of versions to be expanded + # shellcheck disable=SC2086 + REQUIRES_LATEST_TAG=$(python script/actions_utils/version_comparison.py \ + --new-version "${GIT_TAG}" \ + --existing-versions $EXISTING_TAGS) + + if [[ "${REQUIRES_LATEST_TAG}" == "true" ]]; then + RELEASE_IMG_LATEST_TAG="${RELEASE_IMAGE_BASE}:latest" + RELEASE_IMG_TAGS_TO_PUSH="${RELEASE_IMG_TAGS_TO_PUSH},${RELEASE_IMG_LATEST_TAG}" + fi + + echo "RELEASE_IMG_TAGS_TO_PUSH=${RELEASE_IMG_TAGS_TO_PUSH}" >> "$GITHUB_ENV" - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 @@ -480,21 +499,21 @@ jobs: file: docker/Dockerfile.release load: true push: false - tags: "${{ env.RELEASE_IMG_TAG }}" + tags: "${{ env.RELEASE_IMG_TAGS_TO_PUSH }}" no-cache: true - name: Release image sanity check and push if: ${{ success() && !cancelled() }} run: | - echo "Running sanity check for ${RELEASE_IMG_TAG}" + echo "Running sanity check for ${RELEASE_IMG_GIT_TAG}" docker run --rm --env LD_PRELOAD=/compiler/build/lib/Runtime/libZamalangRuntime.so \ -v "$(pwd)"/docker/release_resources:/data \ - "${RELEASE_IMG_TAG}" /bin/bash -c "python ./sanity_check.py" - docker push "${RELEASE_IMG_TAG}" + "${RELEASE_IMG_GIT_TAG}" /bin/bash -c "python ./sanity_check.py" + docker image push --all-tags "${RELEASE_IMAGE_BASE}" - name: Set notification report id: report if: ${{ always() }} run: | - REPORT="Pushing docker image ${{ env.RELEASE_IMG_TAG }} finished with status \ + REPORT="Pushing docker image ${{ env.RELEASE_IMG_TAGS_TO_PUSH }} finished with status \ ${{ job.status }}." echo "${REPORT}" echo "::set-output name=report::${REPORT}" diff --git a/script/actions_utils/version_comparison.py b/script/actions_utils/version_comparison.py new file mode 100644 index 000000000..f78fd9b35 --- /dev/null +++ b/script/actions_utils/version_comparison.py @@ -0,0 +1,51 @@ +# -*- coding: utf-8 -*- + +"""Helper script for github actions to compare versions""" +import argparse +import re +import sys + + +def main(args): + """Entry point""" + print(args, file=sys.stderr) + semver_matcher = re.compile(r"^(v)?([\d.]+)(rc\d+)?$") + # Keep versions that are not release candidate + all_versions = [ + tuple(map(int, match.group(2).split("."))) + for version in args.existing_versions + if (match := semver_matcher.match(version)) is not None and match.group(3) is None + ] + + nv_match = semver_matcher.match(args.new_version) + new_version = ( + tuple(map(int, nv_match.group(2).split("."))) + if nv_match is not None and nv_match.group(3) is None + else None + ) + + all_versions.append(new_version) + + nv_is_rc = new_version is None + nv_is_latest = not nv_is_rc and max(all_versions) == new_version + print(str(nv_is_latest).lower()) + + +if __name__ == "__main__": + parser = argparse.ArgumentParser( + "Compare new version to previous versions and determine if it's the latest", + allow_abbrev=False, + ) + + parser.add_argument("--new-version", type=str, required=True, help="The new version to compare") + parser.add_argument( + "--existing-versions", + type=str, + nargs="+", + required=True, + help="The list of existing versions", + ) + + cli_args = parser.parse_args() + + main(cli_args)