Skip to content

Stacklok main #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 17 commits into from
Jul 30, 2025
+142 −24
Merged

Stacklok main #2

Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
df7f917
change to role
therealnb Jul 28, 2025
a327cfe
Add helm chart
therealnb Jul 28, 2025
1531891
change role
therealnb Jul 28, 2025
6f6c8a2
add audience
therealnb Jul 28, 2025
05f53e2
version format fix
therealnb Jul 28, 2025
33b9dfa
more robust version handling
therealnb Jul 28, 2025
d192b1f
Try again
therealnb Jul 29, 2025
7ac2a6e
add oci to path
therealnb Jul 29, 2025
8c9054f
more path changes
therealnb Jul 29, 2025
365148d
use the same path as docker
therealnb Jul 29, 2025
d2a12ed
move the characters around a bit
therealnb Jul 29, 2025
3116880
add debug
therealnb Jul 29, 2025
ee6604f
correct paht
therealnb Jul 29, 2025
2bdca13
quotes
therealnb Jul 29, 2025
32f6314
run all
therealnb Jul 29, 2025
d7963ed
multi platform
therealnb Jul 30, 2025
337502c
arm64 default
therealnb Jul 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
166 changes: 142 additions & 24 deletions .github/workflows/build-push-ecr.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,13 @@ name: Build and Push to ECR

'on':
push:
branches: [stacklok-main]
branches: [stacklok-main, main]
paths:
- 'Dockerfile'
- 'helm/librechat/values.yaml'
- 'helm/librechat/**'
- 'helm/librechat-rag-api/**'
- '.github/workflows/**'
workflow_dispatch:

env:
Expand All @@ -15,6 +18,7 @@ env:

permissions:
contents: read
id-token: write

jobs:
build-and-push:
Expand All @@ -23,45 +27,159 @@ jobs:
- name: Checkout code
uses: actions/checkout@v4

- name: Install yq
run: |
sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
sudo chmod a+x /usr/local/bin/yq

- name: Set version
id: version
run: |
echo "Searching for version in values.yaml..."
cat helm/librechat/values.yaml
echo "Extracting version..."
VERSION=$(yq -r '.image.tag // ""' helm/librechat/values.yaml)
echo "Extracted version: '$VERSION'"
if [ -z "$VERSION" ]; then
echo "No version found, using default"
VERSION="1.7.3"
else
# Remove 'v' prefix if present
VERSION=${VERSION#v}
echo "Version after removing potential 'v' prefix: $VERSION"
fi
# Validate version format
if [[ ! $VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "Error: Invalid version format: $VERSION"
echo "Using default version"
VERSION="1.7.3"
fi
echo "Final version: $VERSION"
echo "version=$VERSION" >> "$GITHUB_OUTPUT"

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: >-
${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: arn:aws:iam::781189302813:role/github-actions-research
aws-region: ${{ env.AWS_REGION }}
audience: sts.amazonaws.com

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2

- name: Extract metadata for images
id: meta
run: |
VERSION=$(grep 'tag:' helm/librechat/values.yaml | \
awk -F'"' '{print $2}')
echo "version=${VERSION}" >> $GITHUB_OUTPUT
- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Build and push LibreChat image
uses: docker/build-push-action@v5
with:
context: .
push: true
platforms: linux/arm64,linux/amd64
tags: >-
${{ env.ECR_REGISTRY }}/librechat:${{ steps.meta.outputs.version }}
${{ env.ECR_REGISTRY }}/librechat:${{ steps.version.outputs.version }}

- name: Build and push MongoDB image
uses: docker/build-push-action@v5
with:
context: .
file: docker/mongodb/Dockerfile
push: true
tags: ${{ env.ECR_REGISTRY }}/mongodb:8.0.3
# Use official MongoDB image instead of building custom one
- name: Pull and push MongoDB image
run: |
docker pull --platform linux/amd64 mongo:8.0.3
docker pull --platform linux/arm64 mongo:8.0.3
docker tag mongo:8.0.3 ${{ env.ECR_REGISTRY }}/mongodb:8.0.3-amd64
docker tag mongo:8.0.3 ${{ env.ECR_REGISTRY }}/mongodb:8.0.3-arm64
docker push ${{ env.ECR_REGISTRY }}/mongodb:8.0.3-amd64
docker push ${{ env.ECR_REGISTRY }}/mongodb:8.0.3-arm64
docker manifest create ${{ env.ECR_REGISTRY }}/mongodb:8.0.3 \
${{ env.ECR_REGISTRY }}/mongodb:8.0.3-arm64 \
${{ env.ECR_REGISTRY }}/mongodb:8.0.3-amd64
docker manifest push ${{ env.ECR_REGISTRY }}/mongodb:8.0.3

- name: Build and push Meilisearch image
uses: docker/build-push-action@v5
# Use official Meilisearch image instead of building custom one
- name: Pull and push Meilisearch image
run: |
docker pull --platform linux/amd64 getmeili/meilisearch:v1.7.3
docker pull --platform linux/arm64 getmeili/meilisearch:v1.7.3
docker tag getmeili/meilisearch:v1.7.3 ${{ env.ECR_REGISTRY }}/meilisearch:v1.7.3-amd64
docker tag getmeili/meilisearch:v1.7.3 ${{ env.ECR_REGISTRY }}/meilisearch:v1.7.3-arm64
docker push ${{ env.ECR_REGISTRY }}/meilisearch:v1.7.3-amd64
docker push ${{ env.ECR_REGISTRY }}/meilisearch:v1.7.3-arm64
docker manifest create ${{ env.ECR_REGISTRY }}/meilisearch:v1.7.3 \
${{ env.ECR_REGISTRY }}/meilisearch:v1.7.3-arm64 \
${{ env.ECR_REGISTRY }}/meilisearch:v1.7.3-amd64
docker manifest push ${{ env.ECR_REGISTRY }}/meilisearch:v1.7.3

- name: Set up Helm
uses: azure/setup-helm@v3
with:
context: .
file: docker/meilisearch/Dockerfile
push: true
tags: ${{ env.ECR_REGISTRY }}/meilisearch:v1.7.3
version: 'v3.12.3'

- name: Package Helm Charts
run: |
# Debug: Show current directory
pwd
echo "Directory contents before packaging:"
ls -la

# Package LibreChat chart
echo "Packaging LibreChat chart..."
helm dependency update helm/librechat
helm package helm/librechat

# Verify LibreChat chart was created
if [ ! -f librechat-*.tgz ]; then
echo "Error: LibreChat chart package was not created"
exit 1
fi

# Package LibreChat RAG API chart
echo "Packaging LibreChat RAG API chart..."
helm dependency update helm/librechat-rag-api
helm package helm/librechat-rag-api

# Verify RAG API chart was created
if [ ! -f librechat-rag-api-*.tgz ]; then
echo "Error: LibreChat RAG API chart package was not created"
exit 1
fi

echo "Directory contents after packaging:"
ls -la *.tgz

- name: Push Helm Charts to ECR
run: |
# Create ECR repository for LibreChat chart if it doesn't exist
aws ecr describe-repositories --repository-names librechat || \
aws ecr create-repository --repository-name librechat
aws ecr describe-repositories --repository-names librechat-rag-api || \
aws ecr create-repository --repository-name librechat-rag-api

# Login to ECR
aws ecr get-login-password --region ${{ env.AWS_REGION }} | \
helm registry login --username AWS --password-stdin ${{ env.ECR_REGISTRY }}

# Push LibreChat chart
echo "Pushing LibreChat chart..."
LIBRECHAT_CHART=$(ls librechat-[0-9]*.tgz 2>/dev/null || true)
if [ -z "$LIBRECHAT_CHART" ]; then
echo "Error: LibreChat chart package not found in root directory"
echo "Current directory contents:"
ls -la
exit 1
fi
echo "Found chart: $LIBRECHAT_CHART"
helm push "$LIBRECHAT_CHART" "oci://${{ env.ECR_REGISTRY }}"

# Push LibreChat RAG API chart
echo "Pushing LibreChat RAG API chart..."
RAG_CHART=$(ls librechat-rag-api-[0-9]*.tgz 2>/dev/null || true)
if [ -z "$RAG_CHART" ]; then
echo "Error: LibreChat RAG API chart package not found in root directory"
echo "Current directory contents:"
ls -la
exit 1
fi
echo "Found chart: $RAG_CHART"
helm push "$RAG_CHART" "oci://${{ env.ECR_REGISTRY }}"