Skip to content

feat(models): add quantization to novita alibaba mappings (#2956) #4415

feat(models): add quantization to novita alibaba mappings (#2956)

feat(models): add quantization to novita alibaba mappings (#2956) #4415

Workflow file for this run

name: images
on:
release:
types: [published]
push:
branches:
- main
- hotfix
pull_request:
paths:
- "**/package.json"
- "**/tsconfig.json"
- "pnpm-lock.yaml"
- "infra/**"
- ".github/workflows/images.yml"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
setup:
runs-on: ubuntu-latest
outputs:
image_tag: ${{ steps.set-tag.outputs.IMAGE_TAG }}
short_sha: ${{ steps.set-tag.outputs.SHORT_SHA }}
steps:
- name: Checkout
uses: actions/checkout@v7.0.0
- name: Set image tag
id: set-tag
run: |
SHORT_SHA=$(git rev-parse --short HEAD)
echo "SHORT_SHA=${SHORT_SHA}" >> $GITHUB_OUTPUT
if [[ "${{ github.event_name }}" == "push" ]]; then
echo "IMAGE_TAG=v0.0.0-${SHORT_SHA}" >> $GITHUB_OUTPUT
elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
# For PRs, use a local tag that won't be pushed
echo "IMAGE_TAG=pr-${SHORT_SHA}" >> $GITHUB_OUTPUT
else
# Validate that the tag only contains allowed characters
if [[ ! "${{ github.event.release.tag_name }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9_-]+)*$ ]]; then
echo "Invalid tag name for Docker: ${{ github.event.release.tag_name }}"
exit 1
fi
echo "IMAGE_TAG=${{ github.event.release.tag_name }}" >> $GITHUB_OUTPUT
fi
build-split:
needs: setup
if: |
(github.event_name != 'pull_request' && needs.setup.result == 'success') ||
(github.event_name == 'pull_request')
runs-on: ${{ matrix.platform == 'linux/arm64' && 'ubuntu-24.04-arm' || 'ubuntu-latest' }}
strategy:
fail-fast: false
matrix:
app: [api, gateway, playground, ui, docs, worker, admin, code]
platform: ${{ github.event_name == 'pull_request' && fromJSON('["linux/amd64"]') || fromJSON('["linux/amd64", "linux/arm64"]') }}
permissions:
contents: read
packages: write
steps:
- name: Prepare
run: |
platform=${{ matrix.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v7.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4.1.0
- name: Login to GitHub Container Registry (main branch only)
if: github.event_name != 'pull_request'
uses: docker/login-action@v4.2.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v6.1.0
with:
images: ghcr.io/${{ github.repository }}-${{ matrix.app }}
- name: Build and conditionally push by digest
id: build
uses: docker/build-push-action@v7.3.0
with:
context: .
file: infra/split.dockerfile
platforms: ${{ matrix.platform }}
labels: ${{ steps.meta.outputs.labels }}
tags: ghcr.io/${{ github.repository }}-${{ matrix.app }}
target: ${{ matrix.app }}
outputs: ${{ github.event_name == 'pull_request' && 'type=image,push=false,load=true' || 'type=image,push-by-digest=true,name-canonical=true,push=true' }}
cache-from: type=gha,scope=${{ matrix.app }}-${{ env.PLATFORM_PAIR }}
cache-to: type=gha,mode=max,scope=${{ matrix.app }}-${{ env.PLATFORM_PAIR }}
build-args: |
APP_VERSION=${{ github.event_name == 'pull_request' && 'pr-test' || needs.setup.outputs.image_tag }}
- name: Export digest (main branch only)
if: github.event_name != 'pull_request'
run: |
mkdir -p ${{ runner.temp }}/digests
digest="${{ steps.build.outputs.digest }}"
touch "${{ runner.temp }}/digests/${digest#sha256:}"
- name: Upload digest (main branch only)
if: github.event_name != 'pull_request'
uses: actions/upload-artifact@v7
with:
name: digests-${{ matrix.app }}-${{ env.PLATFORM_PAIR }}
path: ${{ runner.temp }}/digests/*
if-no-files-found: error
retention-days: 1
merge-split:
runs-on: ubuntu-latest
needs:
- setup
- build-split
if: needs.setup.result == 'success' && github.event_name != 'pull_request'
strategy:
matrix:
app: [api, gateway, playground, ui, docs, worker, admin, code]
permissions:
contents: read
packages: write
steps:
- name: Download digests
uses: actions/download-artifact@v8
with:
path: ${{ runner.temp }}/digests
pattern: digests-${{ matrix.app }}-*
merge-multiple: true
- name: Login to GitHub Container Registry
uses: docker/login-action@v4.2.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4.1.0
- name: Docker meta
id: meta
uses: docker/metadata-action@v6.1.0
with:
images: ghcr.io/${{ github.repository }}-${{ matrix.app }}
tags: |
type=raw,value=${{ needs.setup.outputs.image_tag }}
type=raw,value=latest
- name: Create manifest list and push
working-directory: ${{ runner.temp }}/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf 'ghcr.io/${{ github.repository }}-${{ matrix.app }}@sha256:%s ' *)
- name: Inspect image
run: |
docker buildx imagetools inspect ghcr.io/${{ github.repository }}-${{ matrix.app }}:${{ needs.setup.outputs.image_tag }}
test-split:
runs-on: ubuntu-latest
needs:
- setup
- merge-split
- build-split
if: |
always() &&
(
(github.event_name != 'pull_request' && needs.setup.result == 'success' && needs.merge-split.result == 'success') ||
(github.event_name == 'pull_request' && needs.setup.result == 'success' && needs.build-split.result == 'success')
)
permissions:
contents: read
packages: read
steps:
- name: Checkout
uses: actions/checkout@v7.0.0
- name: Free up disk space
run: |
echo "Disk space before cleanup:"
df -h
# Remove unnecessary tools and files
sudo rm -rf /usr/share/dotnet
sudo rm -rf /usr/local/lib/android
sudo rm -rf /opt/ghc
sudo rm -rf /opt/hostedtoolcache/CodeQL
# Clean up docker
docker system prune -af --volumes
echo "Disk space after cleanup:"
df -h
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4.1.0
- name: Login to GitHub Container Registry (for non-PR builds)
if: github.event_name != 'pull_request'
uses: docker/login-action@v4.2.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build all split Docker images for testing
run: |
# Build all split images sequentially
for app in api gateway playground ui docs worker admin code; do
echo "Building $app image..."
docker build \
-f infra/split.dockerfile \
--target $app \
--build-arg APP_VERSION=${{ github.event_name == 'pull_request' && 'pr-test' || needs.setup.outputs.image_tag }} \
-t ghcr.io/${{ github.repository }}-$app:${{ github.event_name == 'pull_request' && 'pr-test' || needs.setup.outputs.image_tag }} \
.
# Clean up intermediate build layers to free space
docker image prune -f
echo "Disk space after building $app:"
df -h / | tail -1
done
- name: Test split Docker images
run: |
chmod +x .github/test-split-docker.sh
.github/test-split-docker.sh ghcr.io/${{ github.repository }} ${{ github.event_name == 'pull_request' && 'pr-test' || needs.setup.outputs.image_tag }}
build-unified:
needs: setup
if: |
(github.event_name != 'pull_request' && needs.setup.result == 'success') ||
(github.event_name == 'pull_request')
runs-on: ${{ matrix.platform == 'linux/arm64' && 'ubuntu-24.04-arm' || 'ubuntu-latest' }}
strategy:
fail-fast: false
matrix:
platform: ${{ github.event_name == 'pull_request' && fromJSON('["linux/amd64"]') || fromJSON('["linux/amd64", "linux/arm64"]') }}
permissions:
contents: read
packages: write
steps:
- name: Prepare
run: |
platform=${{ matrix.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v7.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4.1.0
- name: Login to GitHub Container Registry (main branch only)
if: github.event_name != 'pull_request'
uses: docker/login-action@v4.2.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v6.1.0
with:
images: ghcr.io/${{ github.repository }}-unified
- name: Build and conditionally push by digest
id: build
uses: docker/build-push-action@v7.3.0
with:
context: .
file: infra/unified.dockerfile
platforms: ${{ matrix.platform }}
labels: ${{ steps.meta.outputs.labels }}
tags: ghcr.io/${{ github.repository }}-unified
outputs: ${{ github.event_name == 'pull_request' && 'type=image,push=false,load=true' || 'type=image,push-by-digest=true,name-canonical=true,push=true' }}
cache-from: type=gha,scope=unified-${{ env.PLATFORM_PAIR }}
cache-to: type=gha,mode=max,scope=unified-${{ env.PLATFORM_PAIR }}
build-args: |
APP_VERSION=${{ github.event_name == 'pull_request' && 'pr-test' || needs.setup.outputs.image_tag }}
- name: Export digest (main branch only)
if: github.event_name != 'pull_request'
run: |
mkdir -p ${{ runner.temp }}/digests
digest="${{ steps.build.outputs.digest }}"
touch "${{ runner.temp }}/digests/${digest#sha256:}"
- name: Upload digest (main branch only)
if: github.event_name != 'pull_request'
uses: actions/upload-artifact@v7
with:
name: digests-unified-${{ env.PLATFORM_PAIR }}
path: ${{ runner.temp }}/digests/*
if-no-files-found: error
retention-days: 1
merge-unified:
runs-on: ubuntu-latest
needs:
- setup
- build-unified
if: needs.setup.result == 'success' && github.event_name != 'pull_request'
permissions:
contents: read
packages: write
steps:
- name: Download digests
uses: actions/download-artifact@v8
with:
path: ${{ runner.temp }}/digests
pattern: digests-unified-*
merge-multiple: true
- name: Login to GitHub Container Registry
uses: docker/login-action@v4.2.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4.1.0
- name: Docker meta
id: meta
uses: docker/metadata-action@v6.1.0
with:
images: ghcr.io/${{ github.repository }}-unified
tags: |
type=raw,value=${{ needs.setup.outputs.image_tag }}
type=raw,value=latest
- name: Create manifest list and push
working-directory: ${{ runner.temp }}/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf 'ghcr.io/${{ github.repository }}-unified@sha256:%s ' *)
- name: Inspect image
run: |
docker buildx imagetools inspect ghcr.io/${{ github.repository }}-unified:${{ needs.setup.outputs.image_tag }}
test-unified:
runs-on: ubuntu-latest
needs:
- setup
- merge-unified
- build-unified
if: |
always() &&
(
(github.event_name != 'pull_request' && needs.setup.result == 'success' && needs.merge-unified.result == 'success') ||
(github.event_name == 'pull_request' && needs.setup.result == 'success' && needs.build-unified.result == 'success')
)
permissions:
contents: read
packages: read
steps:
- name: Checkout
uses: actions/checkout@v7.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4.1.0
- name: Login to GitHub Container Registry (for non-PR builds)
if: github.event_name != 'pull_request'
uses: docker/login-action@v4.2.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build unified Docker image for testing
uses: docker/build-push-action@v7.3.0
with:
context: .
file: infra/unified.dockerfile
platforms: linux/amd64
tags: test-unified-image:latest
push: false
load: true
cache-from: type=gha,scope=unified-linux-amd64
build-args: |
APP_VERSION=${{ github.event_name == 'pull_request' && 'pr-test' || needs.setup.outputs.image_tag }}
- name: Test unified Docker image
run: |
chmod +x .github/test-unified-docker.sh
.github/test-unified-docker.sh test-unified-image:latest
publish-helm:
runs-on: ubuntu-latest
needs:
- setup
- merge-split
if: github.event_name == 'release' && needs.merge-split.result == 'success'
permissions:
contents: read
packages: write
steps:
- name: Checkout
uses: actions/checkout@v7.0.0
- name: Set up Helm
uses: azure/setup-helm@v5
with:
version: v3.16.3
- name: Login to GitHub Container Registry
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login ghcr.io \
--username ${{ github.actor }} \
--password-stdin
- name: Set chart version
working-directory: infra/helm/llmgateway
run: |
IMAGE_TAG="${{ needs.setup.outputs.image_tag }}"
CHART_VERSION="${IMAGE_TAG#v}"
sed -i "s/^version:.*/version: ${CHART_VERSION}/" Chart.yaml
sed -i "s/^appVersion:.*/appVersion: \"${IMAGE_TAG}\"/" Chart.yaml
cat Chart.yaml
- name: Package chart
working-directory: infra/helm
run: helm package llmgateway
- name: Push chart to GHCR
working-directory: infra/helm
run: |
OWNER="${GITHUB_REPOSITORY_OWNER,,}"
helm push llmgateway-*.tgz "oci://ghcr.io/${OWNER}/charts"
trigger-infra-update:
runs-on: ubuntu-latest
needs:
- setup
- merge-split
if: github.event_name == 'push' && needs.merge-split.result == 'success'
steps:
- name: Trigger infra image update
env:
GH_TOKEN: ${{ secrets.GH_INFRA_TOKEN }}
COMMIT_MSG: ${{ github.event.head_commit.message }}
run: |
FIRST_LINE=$(echo "$COMMIT_MSG" | head -n1)
gh workflow run update-image.yml \
--repo theopenco/llmgateway-infra \
-f repository="${{ github.repository }}" \
-f git_sha="${{ needs.setup.outputs.short_sha }}" \
-f commit_message="$FIRST_LINE"