refactor!: Split into davincibox and davincibox-opencl (#121)

Based on findings in #114 (comment) it seems that having the akmod-nvidia and CUDA packages installed into the container actually *cause* problems, and through `nvidia-container-toolkit` the container actually uses the host NVIDIA drivers just fine. This PR splits davincibox into two builds: `davincibox` that contains only DaVinci Resolve dependencies and no drivers, for use on NVIDIA GPUs with `nvidia-container-toolkit`, and `davincibox-opencl` for AMD & Intel with their respective compute packages (`intel-compute-runtime` and `rocm-opencl`). In theory, this will likely resolve #96 #114 and #117 and may help with #40
zelikos · Sep 16, 2024 · 8bd8117 · 8bd8117
1 parent d19681d
commit 8bd8117
Show file tree

Hide file tree

Showing 6 changed files with 194 additions and 116 deletions.
diff --git a/.github/workflows/build-davincibox.yml b/.github/workflows/build-davincibox.yml
@@ -1,104 +1,27 @@
-name: build-davincibox
+name: Davincibox
 on:
+  schedule:
+    - cron: "0 0 * * *"
   pull_request:
     branches:
       - main
-  schedule:
-    - cron: '0 0 * * *'
   push:
     branches:
       - main
     paths-ignore:
-      - '**/README.md'
-env:
-    IMAGE_NAME: davincibox
-    IMAGE_TAGS: latest
-    IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
+      - "**/README.md"
+  workflow_dispatch:
 
 jobs:
-  push-ghcr:
-    name: Build and push image
-    runs-on: ubuntu-22.04
-    permissions:
-      contents: read
-      packages: write
-      id-token: write
-    strategy:
-      fail-fast: false
-    steps:
-      # Checkout push-to-registry action GitHub repository
-      - name: Checkout Push to Registry action
-        uses: actions/checkout@v4
-
-      # Build metadata
-      - name: Image Metadata
-        uses: docker/metadata-action@v5
-        id: meta
-        with:
-          images: |
-            ${{ env.IMAGE_NAME }}
-          labels: |
-            io.artifacthub.package.readme-url=https://raw.githubusercontent.com/zelikos/davincibox/main/README.md
-
-      # Build image using Buildah action
-      - name: Build Image
-        id: build_image
-        uses: redhat-actions/buildah-build@v2
-        with:
-          containerfiles: |
-            ./Containerfile
-          image: ${{ env.IMAGE_NAME }}
-          tags: ${{ env.IMAGE_TAGS }}
-          labels: ${{ steps.meta.outputs.labels }}
-          oci: false
-
-      # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR.
-      # https://github.com/macbre/push-to-ghcr/issues/12
-      - name: Lowercase Registry
-        id: registry_case
-        uses: ASzc/change-string-case-action@v6
-        with:
-          string: ${{ env.IMAGE_REGISTRY }}
-
-      # Push the image to GHCR (Image Registry)
-      - name: Push To GHCR
-        uses: redhat-actions/push-to-registry@v2
-        id: push
-        if: github.event_name != 'pull_request'
-        env:
-          REGISTRY_USER: ${{ github.actor }}
-          REGISTRY_PASSWORD: ${{ github.token }}
-        with:
-          image: ${{ steps.build_image.outputs.image }}
-          tags: ${{ steps.build_image.outputs.tags }}
-          registry: ${{ steps.registry_case.outputs.lowercase }}
-          username: ${{ env.REGISTRY_USER }}
-          password: ${{ env.REGISTRY_PASSWORD }}
-          extra-args: |
-            --disable-content-trust
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        if: github.event_name != 'pull_request'
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      # Sign container
-      - uses: sigstore/[email protected]
-        if: github.event_name != 'pull_request'
-
-      - name: Sign container image
-        if: github.event_name != 'pull_request'
-        run: |
-            cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS}
-        env:
-          TAGS: ${{ steps.push.outputs.digest }}
-          COSIGN_EXPERIMENTAL: false
-          COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}
-
-      - name: Echo outputs
-        if: github.event_name != 'pull_request'
-        run: |
-          echo "${{ toJSON(steps.push.outputs) }}"
+  build_base:
+    name: Build davincibox
+    uses: ./.github/workflows/reusable-build.yml
+    secrets: inherit
+    with:
+      davincibox_flavor: davincibox
+  build_opencl:
+    name: Build davincibox-opencl
+    uses: ./.github/workflows/reusable-build.yml
+    secrets: inherit
+    with:
+      davincibox_flavor: davincibox-opencl
diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml
@@ -0,0 +1,128 @@
+name: Reusable Build and Push
+on:
+  workflow_call:
+    inputs:
+      davincibox_flavor:
+        description: "davincibox or davincibox-opencl"
+        required: true
+        type: string
+env:
+  IMAGE_NAME: ${{ inputs.davincibox_flavor }}
+  IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
+
+jobs:
+  push-ghcr:
+    name: Build and push image
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+    steps:
+      # Checkout push-to-registry action GitHub repository
+      - name: Checkout Push to Registry action
+        uses: actions/checkout@v4
+
+      - name: Generate tags
+        id: generate-tags
+        shell: bash
+        run: |
+          # Generate a timestamp for creating an image version history
+          TIMESTAMP="$(date +%Y%m%d)"
+
+          COMMIT_TAGS=()
+          BUILD_TAGS=()
+
+          # Have tags for tracking builds during pull request
+          SHA_SHORT="${GITHUB_SHA::7}"
+          COMMIT_TAGS+=("pr-${{ github.event.number }}")
+          COMMIT_TAGS+=("${SHA_SHORT}")
+
+          BUILD_TAGS=("${TIMESTAMP}")
+          BUILD_TAGS+=("latest")
+
+          if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+              echo "Generated the following commit tags: "
+              for TAG in "${COMMIT_TAGS[@]}"; do
+                  echo "${TAG}"
+              done
+              alias_tags=("${COMMIT_TAGS[@]}")
+              echo "DEFAULT_TAG=${SHA_SHORT}" >> $GITHUB_ENV
+          else
+              alias_tags=("${BUILD_TAGS[@]}")
+          fi
+          echo "Generated the following build tags: "
+          for TAG in "${BUILD_TAGS[@]}"; do
+              echo "${TAG}"
+          done
+          echo "alias_tags=${alias_tags[*]}" >> $GITHUB_OUTPUT
+
+      # Build metadata
+      - name: Image Metadata
+        uses: docker/metadata-action@v5
+        id: meta
+        with:
+          images: |
+            ${{ env.IMAGE_NAME }}
+          labels: |
+            io.artifacthub.package.readme-url=https://raw.githubusercontent.com/zelikos/davincibox/main/README.md
+
+      # Build image using Buildah action
+      - name: Build Image
+        id: build_image
+        uses: redhat-actions/buildah-build@v2
+        with:
+          containerfiles: |
+            ./Containerfile
+          image: ${{ env.IMAGE_NAME }}
+          tags: ${{ steps.generate-tags.outputs.alias_tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          oci: false
+          extra-args: --target=${{ env.IMAGE_NAME }}
+
+      # Workaround bug where capital letters in your GitHub username make it impossible to push to GHCR.
+      # https://github.com/macbre/push-to-ghcr/issues/12
+      - name: Lowercase Registry
+        id: registry_case
+        uses: ASzc/change-string-case-action@v6
+        with:
+          string: ${{ env.IMAGE_REGISTRY }}
+
+      # Push the image to GHCR (Image Registry)
+      - name: Push To GHCR
+        uses: redhat-actions/push-to-registry@v2
+        id: push
+        env:
+          REGISTRY_USER: ${{ github.actor }}
+          REGISTRY_PASSWORD: ${{ github.token }}
+        with:
+          image: ${{ steps.build_image.outputs.image }}
+          tags: ${{ steps.build_image.outputs.tags }}
+          registry: ${{ steps.registry_case.outputs.lowercase }}
+          username: ${{ env.REGISTRY_USER }}
+          password: ${{ env.REGISTRY_PASSWORD }}
+          extra-args: |
+            --disable-content-trust
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Sign container
+      - uses: sigstore/[email protected]
+        if: github.event_name != 'pull_request'
+
+      - name: Sign container image
+        if: github.event_name != 'pull_request'
+        run: |
+          cosign sign -y --key env://COSIGN_PRIVATE_KEY ${{ steps.registry_case.outputs.lowercase }}/${{ env.IMAGE_NAME }}@${TAGS}
+        env:
+          TAGS: ${{ steps.push.outputs.digest }}
+          COSIGN_EXPERIMENTAL: false
+          COSIGN_PRIVATE_KEY: ${{ secrets.SIGNING_SECRET }}
+
+      - name: Echo outputs
+        if: github.event_name != 'pull_request'
+        run: |
+          echo "${{ toJSON(steps.push.outputs) }}"
diff --git a/Containerfile b/Containerfile
@@ -5,16 +5,17 @@ ENV NVIDIA_VISIBLE_DEVICES all
 ENV NVIDIA_DRIVER_CAPABILITIES all
 
 LABEL com.github.containers.toolbox="true" \
-      usage="This image is meant to be used with the toolbox or distrobox commands" \
-      summary="Dependencies for running DaVinci Resolve on image-based Linux operating systems" \
-      maintainer="[email protected]"
-
-RUN dnf -y install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
-RUN dnf -y install https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
+    usage="This image is meant to be used with the toolbox or distrobox commands" \
+    summary="Dependencies for running DaVinci Resolve on image-based Linux operating systems" \
+    maintainer="[email protected]"
 
 COPY system_files /
 
-COPY extra-packages /
+COPY davinci-dependencies /
 RUN dnf -y update && \
-    grep -v '^#' /extra-packages | xargs dnf -y install
-RUN rm /extra-packages
+    grep -v '^#' /davinci-dependencies | xargs dnf -y install
+RUN rm /davinci-dependencies
+
+FROM davincibox AS davincibox-opencl
+
+RUN dnf -y install intel-compute-runtime rocm-opencl
diff --git a/README.md b/README.md
@@ -95,14 +95,16 @@ Then, follow any further prompts in the installation script.
 
 ### Manual
 
-First, get davincibox set up.
+#### Setup Davincibox
 
-Distrobox:
+First, get davincibox set up. There are two different builds of davincibox, depending on whether you use an NVIDIA GPU or not:
+
+**NVIDIA Users**
 
-**Nvidia users only**, append the `--nvidia` argument to the below command.
+Distrobox:
 
 ```
-distrobox create -i ghcr.io/zelikos/davincibox:latest -n davincibox
+distrobox create -i ghcr.io/zelikos/davincibox:latest --nvidia -n davincibox
 ```
 
 Toolbox:
@@ -111,6 +113,22 @@ Toolbox:
 toolbox create -i ghcr.io/zelikos/davincibox:latest -c davincibox
 ```
 
+**Intel & AMD Users**
+
+Distrobox:
+
+```
+distrobox create -i ghcr.io/zelikos/davincibox-opencl:latest -n davincibox
+```
+
+Toolbox:
+
+```
+toolbox create -i ghcr.io/zelikos/davincibox-opencl:latest -c davincibox
+```
+
+#### Install DaVinci Resolve
+
 On the host, run `--appimage-extract` on your DaVinci Resolve installer
 
 ```
@@ -141,11 +159,16 @@ After installation completes, you can remove the `squashfs-root` directory.
 
 After setup, run `sudo dnf update` in the container to ensure drivers are up to date:
 
+
+Distrobox:
+
 ```
-# Distrobox
 distrobox enter davincibox -- sudo dnf update
+```
 
-# Toolbox
+Toolbox:
+
+```
 toolbox run -c davincibox sudo dnf update
 ```
 

diff --git a/extra-packages → davinci-dependencies b/extra-packages → davinci-dependencies
@@ -1,10 +1,8 @@
-akmod-nvidia
 alsa-lib
 apr
 apr-util
 dbus-libs
 glx-utils
-intel-compute-runtime
 libglvnd-egl
 libglvnd-glx
 libICE
@@ -25,12 +23,10 @@ mesa-libOpenCL
 mtdev
 pipewire-alsa
 pulseaudio-libs
-rocm-opencl
 xcb-util
 xcb-util-cursor
 xcb-util-image
 xcb-util-keysyms
 xcb-util-renderutil
 xcb-util-wm
-xorg-x11-drv-nvidia-cuda
 patchelf