Bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 #1708
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Linux (Ubuntu 22.04, Python 3.11) | |
on: | |
workflow_dispatch: | |
pull_request: | |
merge_group: | |
push: | |
branches: | |
- master | |
- 'releases/**' | |
concurrency: | |
# github.ref is not unique in post-commit | |
group: ${{ github.event_name == 'push' && github.run_id || github.ref }}-linux | |
cancel-in-progress: true | |
env: | |
PYTHON_VERSION: '3.11' | |
OV_BRANCH: ${{ github.base_ref || github.event.merge_group.base_ref || github.ref }} | |
permissions: read-all | |
jobs: | |
openvino_download: | |
name: Download prebuilt OpenVINO | |
outputs: | |
status: ${{ steps.openvino_download.outcome }} | |
ov_wheel_source: ${{ steps.openvino_download.outputs.ov_wheel_source }} | |
ov_version: ${{ steps.openvino_download.outputs.ov_version }} | |
docker_tag: ${{ steps.get_docker_tag.outputs.docker_tag }} | |
timeout-minutes: 10 | |
defaults: | |
run: | |
shell: bash | |
runs-on: aks-linux-2-cores-8gb | |
container: | |
image: 'openvinogithubactions.azurecr.io/openvino_provider:0.1.0' | |
volumes: [ "/mount:/mount" ] | |
steps: | |
- uses: openvinotoolkit/openvino/.github/actions/openvino_provider@master | |
id: openvino_download | |
with: | |
platform: 'ubuntu22' | |
commit_packages_to_provide: 'wheels' | |
revision: 'latest_available_commit' | |
- name: Clone docker tag from OpenVINO repo | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
repository: 'openvinotoolkit/openvino' | |
path: 'openvino' | |
ref: ${{ env.OV_BRANCH }} | |
sparse-checkout: | | |
.github/dockerfiles/docker_tag | |
- name: Save docker tag to output | |
id: get_docker_tag | |
run: | | |
docker_tag=$(cat openvino/.github/dockerfiles/docker_tag) | |
echo "docker_tag=$docker_tag" >> $GITHUB_OUTPUT | |
openvino_tokenizers_cpack: | |
name: OpenVINO tokenizers cpack (BUILD_FAST_TOKENIZERS=${{ matrix.build_fast_tokenizers }}, BUILD_TYPE=${{ matrix.build_type }}) | |
strategy: | |
matrix: | |
build_fast_tokenizers: [ON] | |
build_type: [Release] # TODO: Add Debug build when OV provider is ready or use OV package | |
needs: [ openvino_download ] | |
if: | | |
always() && | |
(needs.openvino_download.outputs.status == 'success') | |
timeout-minutes: 45 | |
defaults: | |
run: | |
shell: bash | |
runs-on: aks-linux-8-cores-16gb | |
container: | |
image: openvinogithubactions.azurecr.io/ov_build/ubuntu_22_04_x64:${{ needs.openvino_download.outputs.docker_tag }} | |
volumes: | |
- /mount:/mount | |
env: | |
CMAKE_GENERATOR: 'Ninja' | |
GITHUB_WORKSPACE: /__w/openvino_tokenizers/openvino_tokenizers | |
OPENVINO_REPO: /__w/openvino_tokenizers/openvino_tokenizers/openvino | |
INSTALL_DIR: /__w/openvino_tokenizers/openvino_tokenizers/openvino/install | |
OV_TOKENIZERS_INSTALL_DIR: /__w/openvino_tokenizers/openvino_tokenizers/openvino_tokenizers/install | |
OPENVINO_TOKENIZERS_REPO: /__w/openvino_tokenizers/openvino_tokenizers/openvino_tokenizers | |
BUILD_DIR: /__w/openvino_tokenizers/openvino_tokenizers/openvino_tokenizers/build | |
steps: | |
- name: Clone Openvino tokenizers | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
path: ${{ env.OPENVINO_TOKENIZERS_REPO }} | |
- name: Download OpenVINO package | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: ${{ needs.openvino_download.outputs.ov_artifact_name }} | |
path: ${{ env.INSTALL_DIR }} | |
merge-multiple: true | |
# | |
# Build | |
# | |
- name: CMake configure - tokenizers | |
run: | | |
source ${INSTALL_DIR}/setupvars.sh | |
cmake -DBUILD_FAST_TOKENIZERS="${{ matrix.build_fast_tokenizers }}" \ | |
-DCMAKE_BUILD_TYPE=${{ matrix.build_type }} \ | |
-S ${{ env.OPENVINO_TOKENIZERS_REPO }} \ | |
-B ${{ env.BUILD_DIR }} | |
- name: Cmake build - tokenizers | |
run: cmake --build ${{ env.BUILD_DIR }} --parallel --config ${{ matrix.build_type }} --verbose | |
env: | |
CMAKE_BUILD_PARALLEL_LEVEL: '4' | |
- name: Cmake install - tokenizers | |
run: | | |
cmake --install ${{ env.BUILD_DIR }} --config=${{ matrix.build_type }} --prefix=${{ env.OV_TOKENIZERS_INSTALL_DIR }}/ov_tokenizers | |
- name: Pack Artifacts | |
run: | | |
pushd ${OV_TOKENIZERS_INSTALL_DIR} | |
tar -czvf ${BUILD_DIR}/ov_tokenizers.tar.gz * | |
popd | |
# | |
# Upload build artifacts | |
# | |
- name: Upload openvino tokenizers package | |
if: ${{ always() }} | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
with: | |
name: openvino_tokenizers_cpack_${{ matrix.build_fast_tokenizers }}_${{ matrix.build_type }} | |
path: ${{ env.BUILD_DIR }}/*.tar.gz | |
if-no-files-found: 'error' | |
openvino_tokenizers_wheel: | |
name: OpenVINO tokenizers extension (BUILD_FAST_TOKENIZERS=${{ matrix.build_fast_tokenizers }}) | |
strategy: | |
matrix: | |
build_fast_tokenizers: [ON, OFF] | |
needs: [ openvino_download ] | |
if: | | |
always() && | |
(needs.openvino_download.outputs.status == 'success') | |
timeout-minutes: 25 | |
defaults: | |
run: | |
shell: bash | |
runs-on: aks-linux-4-cores-16gb | |
container: | |
image: openvinogithubactions.azurecr.io/ov_build/ubuntu_22_04_x64:${{ needs.openvino_download.outputs.docker_tag }} | |
volumes: | |
- /mount:/mount | |
env: | |
GITHUB_WORKSPACE: /__w/openvino_tokenizers/openvino_tokenizers | |
OPENVINO_REPO: /__w/openvino_tokenizers/openvino_tokenizers/openvino | |
INSTALL_DIR: /__w/openvino_tokenizers/openvino_tokenizers/openvino/install | |
OPENVINO_TOKENIZERS_REPO: /__w/openvino_tokenizers/openvino_tokenizers/openvino_tokenizers | |
BUILD_DIR: /__w/openvino_tokenizers/openvino_tokenizers/openvino_tokenizers/build | |
steps: | |
- name: Clone Openvino tokenizers | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
path: ${{ env.OPENVINO_TOKENIZERS_REPO }} | |
- name: Download OpenVINO package | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: ${{ needs.openvino_download.outputs.ov_artifact_name }} | |
path: ${{ env.INSTALL_DIR }} | |
merge-multiple: true | |
# | |
# Build | |
# | |
- name: Build tokenizers wheel | |
run: | | |
python -m pip wheel -v --no-deps --wheel-dir ${BUILD_DIR} \ | |
--config-settings=override=cross.arch="manylinux_2_31_x86_64" \ | |
--config-settings=override=cmake.options.BUILD_FAST_TOKENIZERS="${{ matrix.build_fast_tokenizers }}" \ | |
${{ needs.openvino_download.outputs.ov_wheel_source }} \ | |
${OPENVINO_TOKENIZERS_REPO} | |
env: | |
CMAKE_BUILD_PARALLEL_LEVEL: '4' | |
CMAKE_GENERATOR: 'Unix Makefiles' | |
working-directory: ${{ env.INSTALL_DIR }} | |
# | |
# Upload build artifacts | |
# | |
- name: Upload openvino tokenizers wheel | |
if: ${{ always() }} | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
with: | |
name: openvino_tokenizers_wheel_${{ matrix.build_fast_tokenizers }} | |
path: ${{ env.BUILD_DIR }}/*.whl | |
if-no-files-found: 'error' | |
openvino_tokenizers_tests: | |
name: OpenVINO tokenizers tests (BUILD_FAST_TOKENIZERS=${{ matrix.build_fast_tokenizers }}) | |
strategy: | |
matrix: | |
build_fast_tokenizers: [ON, OFF] | |
needs: [ openvino_download, openvino_tokenizers_wheel] | |
if: always() && needs.openvino_tokenizers_wheel.result == 'success' | |
timeout-minutes: 45 | |
defaults: | |
run: | |
shell: bash | |
runs-on: ubuntu-22.04 | |
env: | |
OPENVINO_REPO: ${{ github.workspace }}/openvino | |
INSTALL_DIR: ${{ github.workspace }}/openvino/install | |
OPENVINO_TOKENIZERS_REPO: ${{ github.workspace }}/openvino_tokenizers | |
BUILD_DIR: ${{ github.workspace }}/openvino_tokenizers/build | |
steps: | |
- name: Clone Openvino tokenizers sources and tests | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
path: ${{ env.OPENVINO_TOKENIZERS_REPO }} | |
- name: Setup Python ${{ env.PYTHON_VERSION }} | |
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
cache: 'pip' | |
- name: Download tokenizers package | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: openvino_tokenizers_wheel_${{ matrix.build_fast_tokenizers }} | |
path: ${{ env.INSTALL_DIR }}/ov_tokenizers | |
- name: Download OpenVINO package | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: ${{ needs.openvino_download.outputs.ov_artifact_name }} | |
path: ${{ env.INSTALL_DIR }} | |
merge-multiple: true | |
- name: Install OpenVINO Python wheel from pre-built artifacts | |
run: | | |
python3 -m pip install openvino==${{ needs.openvino_download.outputs.ov_version }} ${{ needs.openvino_download.outputs.ov_wheel_source }} | |
working-directory: ${{ env.INSTALL_DIR }} | |
- name: Install OpenVINO tokenizers wheel | |
run: | | |
# Find and install wheel | |
pushd ${INSTALL_DIR}/ov_tokenizers | |
wheel_name=$(find . -name 'openvino_tokenizers*.whl') | |
python3 -m pip install $wheel_name[dev] | |
popd | |
env: | |
PIP_EXTRA_INDEX_URL: "https://download.pytorch.org/whl/cpu" | |
- name: Tokenizers regression tests (using openvino python modules) | |
run: | | |
source ${INSTALL_DIR}/setupvars.sh | |
python3 -m pytest layer_tests.py | |
python3 -m pytest tokenizers_test.py | |
working-directory: ${{ env.OPENVINO_TOKENIZERS_REPO }}/tests | |