github/concrete
1
1
Fork 0
mirror of https://github.com/zama-ai/concrete.git synced 2026-02-09 03:55:04 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
23d3dca3f2292709152d0da5906eb59bb42001ae
concrete/.github/workflows/continuous-integration.yml
Antoniu Pop e429180179 fix(ci): enable key caching for DF testing.
2021-12-22 18:22:22 +01:00

471 lines
18 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: Continuous Integration Pipeline
on:
push:
branches: [master, test-ci]
tags:
- 'v*'
pull_request:
types: [opened, synchronize, reopened]
# DOCKER_IMAGE variables aren't used in BuildAndPushDockerImages because of https://github.com/actions/runner/issues/480
env:
DOCKER_IMAGE_TEST: ghcr.io/zama-ai/zamalang-compiler
DOCKER_IMAGE_TEST_GCC6: ghcr.io/zama-ai/concretefhe-compiler
DOCKER_IMAGE_TEST_DF: ghcr.io/zama-ai/zamalang-df-compiler
jobs:
########################
# Tests and formatiing #
########################
Formatting:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- name: Format with clang-format
run: .github/workflows/scripts/format_cpp.sh
BuildAndTest:
runs-on: ubuntu-latest
strategy:
matrix:
compiler: [gcc6, latest]
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: "KeySetCache"
if: ${{ matrix.compiler == 'gcc6' }}
uses: actions/cache@v2
with:
path: ${{ github.workspace }}/KeySetCache
# actions/cache does not permit to update a cache entry
key: ${{ runner.os }}-KeySetCache-2021-12-02
restore-keys: |
${{ runner.os }}-KeySetCache-
- name: Build and test compiler
if: ${{ matrix.compiler == 'gcc6' }}
uses: addnab/docker-run-action@v3
with:
registry: ghcr.io
image: ${{ env.DOCKER_IMAGE_TEST_GCC6 }}
username: ${{ secrets.GHCR_LOGIN }}
password: ${{ secrets.GHCR_PASSWORD }}
options: -v ${{ github.workspace }}/compiler:/compiler -v ${{ github.workspace }}/KeySetCache:/tmp/KeySetCache
shell: bash
run: |
set -e
echo "Debug: ccache statistics (prior to the build):"
ccache -s
cd /compiler
/opt/python/cp38-cp38/bin/pip install pytest
rm -rf /build
sed "s/pytest/\/opt\/python\/cp38-cp38\/bin\/python -m pytest/g" -i Makefile
make CCACHE=ON Python3_EXECUTABLE=/opt/python/cp38-cp38/bin/python BUILD_DIR=/build test
echo "Debug: ccache statistics (after the build):"
ccache -s
chmod -R ugo+rwx /tmp/KeySetCache
- name: Build compiler
if: ${{ matrix.compiler == 'latest' }}
uses: addnab/docker-run-action@v3
with:
registry: ghcr.io
image: ${{ env.DOCKER_IMAGE_TEST }}
username: ${{ secrets.GHCR_LOGIN }}
password: ${{ secrets.GHCR_PASSWORD }}
options: -v ${{ github.workspace }}/compiler:/compiler
shell: bash
run: |
set -e
echo "Debug: ccache statistics (prior to the build):"
ccache -s
cd /compiler
rm -rf /build
export PYTHONPATH=""
make CCACHE=ON BUILD_DIR=/build zamacompiler python-bindings
echo "Debug: ccache statistics (after the build):"
ccache -s
BuildAndTestDF:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: "KeySetCache"
uses: actions/cache@v2
with:
path: ${{ github.workspace }}/KeySetCache
# actions/cache does not permit to update a cache entry
key: ${{ runner.os }}-KeySetCache-2021-12-02
restore-keys: |
${{ runner.os }}-KeySetCache-
- name: Build and test compiler (dataflow)
uses: addnab/docker-run-action@v3
with:
registry: ghcr.io
image: ${{ env.DOCKER_IMAGE_TEST_DF }}
username: ${{ secrets.GHCR_LOGIN }}
password: ${{ secrets.GHCR_PASSWORD }}
options: -v ${{ github.workspace }}/compiler:/compiler -v ${{ github.workspace }}/KeySetCache:/tmp/KeySetCache
shell: bash
run: |
set -e
echo "Debug: ccache statistics (prior to the build):"
ccache -s
cd /compiler
pip install pytest
rm -rf /build
export PYTHONPATH=""
make PARALLEL_EXECUTION_ENABLED=ON CCACHE=ON BUILD_DIR=/build test test-dataflow
echo "Debug: ccache statistics (after the build):"
ccache -s
chmod -R ugo+rwx /tmp/KeySetCache
BlockMerge:
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Check Commit to Squash
run: |
set -e
git log origin/${{ github.base_ref }}..origin/${{ github.head_ref }} --format=%s | ( ! grep -e "^f [0-9a-f]\+" -q )
##################################
# Releasing and Testing Packages #
##################################
CreateRelease:
runs-on: ubuntu-latest
needs: BuildAndTest
if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') }}
outputs:
upload_url: ${{ steps.release.outputs.upload_url }}
release_id: ${{ steps.release.outputs.id }}
steps:
- name: Release
id: release
uses: softprops/action-gh-release@v1
with:
token: ${{ secrets.GH_TOKEN_RELEASE }}
draft: true
prerelease: true
generate_release_notes: true
BuildAndPushPythonPackagesLinux:
runs-on: ubuntu-latest
strategy:
matrix:
python: [38, 39, 310]
outputs:
python-package-name-linux-py38: ${{ steps.build-wheel-linux.outputs.ASSET_NAME_PY38 }}
python-package-name-linux-py39: ${{ steps.build-wheel-linux.outputs.ASSET_NAME_PY39 }}
python-package-name-linux-py310: ${{ steps.build-wheel-linux.outputs.ASSET_NAME_PY310 }}
needs: CreateRelease
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Login to Github Container Registry
run: echo "${{ secrets.GHCR_PASSWORD }}" | docker login -u ${{ secrets.GHCR_LOGIN }} --password-stdin ghcr.io
- name: Build
id: build-wheel-linux
run: |
cd compiler
make package_py${{ matrix.python }}
echo "::set-output name=ASSET_NAME::`find ${{ github.workspace }}/wheels/ -name *manylinux*.whl | rev |cut -d "/" -f 1 |rev `"
# used later for python package test
echo "::set-output name=ASSET_NAME_PY${{ matrix.python }}::`find ${{ github.workspace }}/wheels/ -name *manylinux*.whl | rev |cut -d "/" -f 1 |rev `"
- name: Upload Python Package
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_RELEASE }}
with:
upload_url: ${{ needs.CreateRelease.outputs.upload_url }}
asset_path: ${{ github.workspace }}/wheels/${{ steps.build-wheel-linux.outputs.ASSET_NAME }}
asset_name: ${{ steps.build-wheel-linux.outputs.ASSET_NAME }}
asset_content_type: application/zip
BuildAndPushTarballLinux:
runs-on: ubuntu-latest
needs: CreateRelease
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Login to Github Container Registry
run: echo "${{ secrets.GHCR_PASSWORD }}" | docker login -u ${{ secrets.GHCR_LOGIN }} --password-stdin ghcr.io
- name: Build
id: build-tarball
run: |
cd compiler
make release_tarballs
sudo cp ${{ github.workspace }}/tarballs/zamacompiler.tar.gz ${{ github.workspace }}/tarballs/zamacompiler-`git describe --tags --abbrev=0`-x86_64-linux-gnu.tar.gz
echo "::set-output name=ASSET_NAME::zamacompiler-`git describe --tags --abbrev=0`-x86_64-linux-gnu.tar.gz"
- name: Upload Tarball
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_RELEASE }}
with:
upload_url: ${{ needs.CreateRelease.outputs.upload_url }}
asset_path: ${{ github.workspace }}/tarballs/${{ steps.build-tarball.outputs.ASSET_NAME }}
asset_name: ${{ steps.build-tarball.outputs.ASSET_NAME }}
asset_content_type: application/tar+gzip
BuildAndPushPackagesMacOS:
needs: CreateRelease
runs-on: macos-10.15
strategy:
matrix:
python: ['3.8', '3.9', '3.10']
outputs:
python-package-name-macos-py38: ${{ steps.build-wheel-macos.outputs.ASSET_NAME_PY38 }}
python-package-name-macos-py39: ${{ steps.build-wheel-macos.outputs.ASSET_NAME_PY39 }}
python-package-name-macos-py310: ${{ steps.build-wheel-macos.outputs.ASSET_NAME_PY310 }}
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- uses: actions/checkout@v2
with:
repository: zama-ai/concrete
ref: feature/core_c_api
path: concrete
token: ${{ secrets.GH_TOKEN }}
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python }}
- name: Install Deps
run: |
curl https://sh.rustup.rs -sSf | sh -s -- -y
brew install ninja
pip install numpy pybind11==2.6.2 wheel delocate
cd ${{ github.workspace }}/concrete/concrete-ffi
RUSTFLAGS="-C target-cpu=native" cargo build --release
- name: Update Python Version
run: cd compiler && make update_python_version
- name: Build
id: build-wheel-macos
run: |
cd compiler
export CONCRETE_PROJECT=${{ github.workspace }}/concrete
make Python3_EXECUTABLE=`which python` python-bindings
pip wheel --no-deps -w ${{ github.workspace }}/wheels .
delocate-wheel -v `find ${{ github.workspace }}/wheels/ -name *macosx*.whl`
echo "::set-output name=ASSET_NAME::`find ${{ github.workspace }}/wheels/ -name *macosx*.whl | rev |cut -d "/" -f 1 |rev `"
# used later for python package test
echo "::set-output name=ASSET_NAME_PY`echo ${{ matrix.python }} |tr -d '.'`::`find ${{ github.workspace }}/wheels/ -name *macosx*.whl | rev |cut -d "/" -f 1 |rev `"
- name: Upload Python Package
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_RELEASE }}
with:
upload_url: ${{ needs.CreateRelease.outputs.upload_url }}
asset_path: ${{ github.workspace }}/wheels/${{ steps.build-wheel-macos.outputs.ASSET_NAME }}
asset_name: ${{ steps.build-wheel-macos.outputs.ASSET_NAME }}
asset_content_type: application/zip
- name: Build tarball
if: matrix.python == '3.8'
id: build-mac-tarball
run: |
cd compiler
export CONCRETE_PROJECT=${{ github.workspace }}/concrete
make zamacompiler
mkdir -p tarballs/zamacompiler/lib tarballs/zamacompiler/bin
cp build/bin/zamacompiler tarballs/zamacompiler/bin
cp build/lib/libZamalangRuntime.dylib tarballs/zamacompiler/lib
cp ../.github/workflows/assets/Installation.md tarballs/zamacompiler/
cd tarballs && tar -czvf zamacompiler-`git describe --tags --abbrev=0`-x86_64-macos-catalina.tar.gz zamacompiler
echo "::set-output name=ASSET_NAME::zamacompiler-`git describe --tags --abbrev=0`-x86_64-macos-catalina.tar.gz"
- name: Upload Tarball
if: matrix.python == '3.8'
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_RELEASE }}
with:
upload_url: ${{ needs.CreateRelease.outputs.upload_url }}
asset_path: ${{ github.workspace }}/compiler/tarballs/${{ steps.build-mac-tarball.outputs.ASSET_NAME }}
asset_name: ${{ steps.build-mac-tarball.outputs.ASSET_NAME }}
asset_content_type: application/tar+gzip
TestPythonPackageLinux:
runs-on: ubuntu-latest
needs: [BuildAndPushPythonPackagesLinux, CreateRelease]
strategy:
matrix:
include:
- python: '3.8'
filename-index: 'python-package-name-linux-py38'
- python: '3.9'
filename-index: 'python-package-name-linux-py39'
- python: '3.10'
filename-index: 'python-package-name-linux-py310'
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python }}
- name: Extract Package Filename
id: extract-filename
run: echo "::set-output name=FILE_NAME::`echo '${{ toJson(needs.BuildAndPushPythonPackagesLinux.outputs) }}' | jq '.[\"${{ matrix.filename-index }}\"]' | tr -d '\"' `"
- name: Download and Install Package
run: |
wget --auth-no-challenge --header='Accept:application/octet-stream' \
"https://${{ secrets.GH_TOKEN_RELEASE }}:@api.github.com/repos/zama-ai/homomorphizer/releases/assets/`curl -s -u "zama-bot:${{ secrets.GH_TOKEN_RELEASE }}" \
https://api.github.com/repos/zama-ai/homomorphizer/releases | \
jq 'map(select(.tag_name == "${{ github.ref_name }}"))' | \
jq '.[0].assets' | \
jq 'map(select(.name == "${{ steps.extract-filename.outputs.FILE_NAME }}" ))' | \
jq '.[].id'`" -O ${{ steps.extract-filename.outputs.FILE_NAME }}
pip install ${{ steps.extract-filename.outputs.FILE_NAME }}
- name: Test
run: |
cd compiler
pip install pytest
pytest -vs --ignore=tests/python/test_compiler_file_output/ tests/python
TestPythonPackageMacOS:
runs-on: macos-10.15
needs: [BuildAndPushPackagesMacOS, CreateRelease]
strategy:
matrix:
include:
- python: '3.8'
filename-index: 'python-package-name-macos-py38'
- python: '3.9'
filename-index: 'python-package-name-macos-py39'
- python: '3.10'
filename-index: 'python-package-name-macos-py310'
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python }}
- name: Extract Package Filename
id: extract-filename
run: echo "::set-output name=FILE_NAME::`echo '${{ toJson(needs.BuildAndPushPackagesMacOS.outputs) }}' | jq '.[\"${{ matrix.filename-index }}\"]' | tr -d '\"' `"
- name: Download and Install Package
run: |
wget --auth-no-challenge --header='Accept:application/octet-stream' \
"https://${{ secrets.GH_TOKEN_RELEASE }}:@api.github.com/repos/zama-ai/homomorphizer/releases/assets/`curl -s -u "zama-bot:${{ secrets.GH_TOKEN_RELEASE }}" \
https://api.github.com/repos/zama-ai/homomorphizer/releases | \
jq 'map(select(.tag_name == "${{ github.ref_name }}"))' | \
jq '.[0].assets' | \
jq 'map(select(.name == "${{ steps.extract-filename.outputs.FILE_NAME }}" ))' | \
jq '.[].id'`" -O ${{ steps.extract-filename.outputs.FILE_NAME }}
pip install ${{ steps.extract-filename.outputs.FILE_NAME }}
- name: Test
run: |
cd compiler
pip install pytest
pytest -vs --ignore=tests/python/test_compiler_file_output/ tests/python
#################
# Docker Images #
#################
BuildAndPushDockerImages:
if: ${{ github.event_name == 'push' && (startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/master') }}
needs: [BuildAndTest]
name: Build & Publish Docker Images
runs-on: ubuntu-latest
strategy:
matrix:
include:
- name: test-env
image: ghcr.io/zama-ai/zamalang-compiler
dockerfile: builders/Dockerfile.zamalang-env
- name: test-env-gcc6
image: ghcr.io/zama-ai/concretefhe-compiler
dockerfile: builders/Dockerfile.zamalang-env-gcc6
- name: test-df
image: ghcr.io/zama-ai/zamalang-df-compiler
dockerfile: builders/Dockerfile.zamalang-df-env
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Login to Registry
run: echo "${{ secrets.GHCR_PASSWORD }}" | docker login -u ${{ secrets.GHCR_LOGIN }} --password-stdin ghcr.io
# label was initially a need from the frontend CI
- name: Build Image
run: docker image build --no-cache --label "commit-sha=${{ github.sha }}" -t ${{ matrix.image }} -f ${{ matrix.dockerfile }} .
- name: Tag and Publish Image
run: |
docker image tag ${{ matrix.image }} ${{ matrix.image }}:${{ github.sha }}
docker image push ${{ matrix.image }}:latest
docker image push ${{ matrix.image }}:${{ github.sha }}
- name: Tag and Publish Release Image
if: startsWith(github.ref, 'refs/tags/v')
run: |
docker image tag ${{ matrix.image }} ${{ matrix.image }}:${{ github.ref_name }}
docker image push ${{ matrix.image }}:${{ github.ref_name }}
BuildAndPublishHPXDockerImage:
needs: [BuildAndTest]
name: Build & Publish HPX Docker Image
runs-on: ubuntu-latest
env:
IMAGE: ghcr.io/zama-ai/hpx
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v2.0.0
- name: Login
if: contains(steps.changed-files.outputs.modified_files, 'builders/Dockerfile.hpx-env')
run: echo "${{ secrets.GHCR_PASSWORD }}" | docker login -u ${{ secrets.GHCR_LOGIN }} --password-stdin ghcr.io
- name: Build Tag and Publish
if: contains(steps.changed-files.outputs.modified_files, 'builders/Dockerfile.hpx-env')
run: |
docker build -t $IMAGE -f builders/Dockerfile.hpx-env .
docker push $IMAGE:latest
Reference in New Issue View Git Blame Copy Permalink