Skip to content

ci: add container builds and publish workflow #605

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Oct 2, 2025
Merged

ci: add container builds and publish workflow #605

merged 5 commits into from
Oct 2, 2025

Conversation

andyatmiami
Copy link
Contributor

@andyatmiami andyatmiami commented Sep 19, 2025
edited by thesuperzapper
Loading

closes: #606
closes: #607
closes: #608

This commit adds a GHA workflow to support publishing a container image for the workspaces/ components as well as some updates to the Makefiles to establish reasonable (but overridable) defaults.

Key behavior:

  • Publishes controller + backend + frontend images on any workspaces/ directory change
  • Builds images with commit SHA tags by default
    • "release" images with use the tag as defined by the VERSION file
    • a -dirty suffix is added to the tag if the codebase is not porcelain
    • no latest tag is ever produced on images
  • Uses ghcr.io/kubeflow/notebooks registry with configurable naming

example image name from "random" commit:

  • ghcr.io/kubeflow/notebooks/workspaces-controller:sha-3fa851ab3173942dbaa1a609468e7f9eadf5f4e4
  • ghcr.io/kubeflow/notebooks/workspaces-backend:sha-3fa851ab3173942dbaa1a609468e7f9eadf5f4e4
  • ghcr.io/kubeflow/notebooks/workspaces-frontend:sha-3fa851ab3173942dbaa1a609468e7f9eadf5f4e4

example image name from release:

  • ghcr.io/kubeflow/notebooks/workspaces-controller:2.0.0
  • ghcr.io/kubeflow/notebooks/workspaces-backend:2.0.0
  • ghcr.io/kubeflow/notebooks/workspaces-frontend:2.0.0

@github-project-automation github-project-automation bot moved this to Needs Triage in Kubeflow Notebooks Sep 19, 2025
@google-oss-prow google-oss-prow bot added area/controller area - related to controller components area/v2 area - version - kubeflow notebooks v2 size/L labels Sep 19, 2025
@andyatmiami andyatmiami force-pushed the chore/publish_controller_workflow branch from 6b7edf5 to e1b1b05 Compare September 19, 2025 21:03
@andyatmiami
Copy link
Contributor Author

/hold

We want the following PR merged first (which will require a rebase on this PR)

@andyatmiami
Copy link
Contributor Author

Verification on my fork for "typical" code changes:

image

@andyatmiami
Copy link
Contributor Author

Verification on my fork for "release" code changes:

image

@andyatmiami
Copy link
Contributor Author

/ok-to-test

@andyatmiami andyatmiami force-pushed the chore/publish_controller_workflow branch from e1b1b05 to d25ab9b Compare September 25, 2025 20:25
@google-oss-prow google-oss-prow bot added size/M and removed size/L labels Sep 25, 2025
@andyatmiami andyatmiami marked this pull request as ready for review September 25, 2025 20:25
@andyatmiami
Copy link
Contributor Author

/unhold

@andyatmiami andyatmiami force-pushed the chore/publish_controller_workflow branch from d25ab9b to bfd6ee6 Compare September 25, 2025 20:35
@andyatmiami
ci: add publish workflow for controller
828230d 
This commit adds a GHA workflow to support publishing a container image for the `workspaces/controller` component as well as some updates to the `Makefile` to establish reasonable (but overridable) defaults.

Key behavior:
- Publishes controller images on any workspaces/ directory change
- Builds images with commit SHA tags by default
    - "release" images with use the tag as defined by the `VERSION` file
    - a `-dirty` suffix is added to the tag if the codebase is not `porcelain`
    - no `latest` tag is ever produced on images
- Uses  `ghcr.io/kubeflow/notebooks` registry with configurable naming

example image name from "random" commit:
- `ghcr.io/kubeflow/notebooks/workspaces-controller:sha-3fa851ab3173942dbaa1a609468e7f9eadf5f4e4`

example image name from release:
- `ghcr.io/kubeflow/notebooks/workspaces-controller:v2.0.0`

Signed-off-by: Andy Stoneberg <astonebe@redhat.com>
@andyatmiami andyatmiami force-pushed the chore/publish_controller_workflow branch from bfd6ee6 to 828230d Compare September 25, 2025 20:40
@thesuperzapper
mathew: example rewrite 1
288d0cf 
Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
@google-oss-prow google-oss-prow bot added area/backend area - related to backend components area/frontend area - related to frontend components and removed size/M labels Sep 26, 2025
@thesuperzapper
Copy link
Member

@andyatmiami I have pushed a significant change in 288d0cf, which it would be great if you can test in a fork.

It makes lots of improvements, but one of the biggest is also testing the image builds on any PRs to the various components.

It also replaces the need for #611 and #610 by combining them into this PR

This was referenced Sep 26, 2025
Closed
Closed
andyatmiami
andyatmiami commented Sep 29, 2025
View reviewed changes
Copy link
Contributor Author

@andyatmiami andyatmiami left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall I really like these changes.

  • The shared Build Image workflow does an excellent job encapsulating this logic to be reused across controller , backend, frontend
  • I am happy to see us pull the trigger (pun intended!) and abandon the CONTAINER_TOOL Makefile var and simplify/align the container-runtime related commands to be more consistent with how Kubeflow traditionally has implemented them

Review comments I have made are moreso clarifying questions/open statements for discussion - I do NOT feel so strongly on any of them such that they should hold up this PR.

I will now look into testing/validating these changes. Thanks!

andyatmiami
andyatmiami commented Sep 29, 2025
View reviewed changes
Copy link
Contributor Author

@andyatmiami andyatmiami left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whoops, forgot to include this comment on prior review 😞

andyatmiami
andyatmiami commented Sep 29, 2025
View reviewed changes
Copy link
Contributor Author

@andyatmiami andyatmiami left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hehe, ok, yet another comment/discussion point I want to raise around another possible optimization...

@andyatmiami
Copy link
Contributor Author

I have confirmed the image-build PR steps work as intended (on my fork)

image

thesuperzapper
thesuperzapper reviewed Sep 30, 2025
View reviewed changes
@andyatmiami
fix registry path to include owner and repo name
225b47d 
Signed-off-by: Andy Stoneberg <astonebe@redhat.com>
@andyatmiami
Copy link
Contributor Author

andyatmiami commented Oct 1, 2025
edited
Loading

Latest Verification

PR image-build checks successful:

Push sha tag build successful (mostly)

Push semver tag build successful (no {major}.{minor})

Push semver tag build successful

@andyatmiami
ci: fix ws-publish.yml
3e2c437 
with.semver_raw has an incorrect reference to version_raw output that results in an empty string always being passed - which prevented semver tags from ever being produced (even when they should be)

Signed-off-by: Andy Stoneberg <astonebe@redhat.com>
@andyatmiami
fix: semver with references
284cc8f 
needs.check_version stores all its 'interesting data' under the 'outputs' attribute.  This was not properly reflected in the 'with' block for images job.

Signed-off-by: Andy Stoneberg <astonebe@redhat.com>
@thesuperzapper thesuperzapper mentioned this pull request Oct 2, 2025
Merged
@thesuperzapper thesuperzapper changed the title ci: add publish workflow for controller ci: add container builds and publish workflow Oct 2, 2025
@thesuperzapper
Copy link
Member

@andyatmiami thanks for all the back and forward on this, will be great to have container images being published for Notebooks 2.0!

/lgtm
/approve

@google-oss-prow google-oss-prow bot added the lgtm label Oct 2, 2025
@google-oss-prow Google OSS Prow
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: thesuperzapper

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@google-oss-prow google-oss-prow bot merged commit 1e5c049 into kubeflow:notebooks-v2 Oct 2, 2025
20 of 21 checks passed
@github-project-automation github-project-automation bot moved this from Needs Triage to Done in Kubeflow Notebooks Oct 2, 2025
This was referenced Oct 3, 2025
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thesuperzapper thesuperzapper thesuperzapper left review comments

@kimwnasptd kimwnasptd Awaiting requested review from kimwnasptd

Assignees

@thesuperzapper thesuperzapper

Labels
approved area/backend area - related to backend components area/ci area - related to ci area/controller area - related to controller components area/frontend area - related to frontend components area/v2 area - version - kubeflow notebooks v2 lgtm ok-to-test size/L
Projects
Kubeflow Notebooks
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@andyatmiami @thesuperzapper