| name: Build Heavy Dependencies Base Image |
|
|
| on: |
| push: |
| branches: |
| - main |
| paths: |
| - "Dockerfile.base" |
| - "requirements*.txt" |
| - "pyproject.toml" |
| workflow_dispatch: |
| schedule: |
| |
| - cron: "0 0 * * 0" |
|
|
| env: |
| AWS_REGION: us-east-1 |
| ECR_REPOSITORY: ylff-base |
|
|
| concurrency: |
| group: ${{ github.workflow }} |
| cancel-in-progress: true |
|
|
| jobs: |
| build-base: |
| runs-on: ubuntu-latest-m |
| timeout-minutes: 90 |
| permissions: |
| contents: read |
| id-token: write |
|
|
| steps: |
| - name: Checkout repository |
| uses: actions/checkout@v4 |
| with: |
| lfs: true |
|
|
| - name: Set up Docker Buildx |
| uses: docker/setup-buildx-action@v3 |
| with: |
| driver-opts: | |
| network=host |
| env.BUILDKIT_STEP_LOG_MAX_SIZE=10485760 |
| env.BUILDKIT_STEP_LOG_MAX_SPEED=10485760 |
| buildkitd-flags: --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host |
| buildkitd-config-inline: | |
| [worker.oci] |
| max-parallelism = 4 |
| |
| - name: Configure AWS credentials |
| uses: aws-actions/configure-aws-credentials@v4 |
| with: |
| role-to-assume: arn:aws:iam::211125621822:role/github-actions-role |
| aws-region: ${{ env.AWS_REGION }} |
| role-session-name: GitHubActionsSession |
| output-credentials: true |
|
|
| - name: Ensure ECR repository exists |
| run: | |
| echo "π Checking if ECR repository exists..." |
| if aws ecr describe-repositories --repository-names ${{ env.ECR_REPOSITORY }} --region ${{ env.AWS_REGION }} 2>/dev/null; then |
| echo "β
ECR repository already exists: ${{ env.ECR_REPOSITORY }}" |
| else |
| echo "π§ Creating ECR repository: ${{ env.ECR_REPOSITORY }}" |
| aws ecr create-repository \ |
| --repository-name ${{ env.ECR_REPOSITORY }} \ |
| --region ${{ env.AWS_REGION }} \ |
| --image-scanning-configuration scanOnPush=true \ |
| --encryption-configuration encryptionType=AES256 |
| echo "β
ECR repository created successfully" |
| fi |
| |
| - name: Login to Amazon ECR |
| id: login-ecr |
| uses: aws-actions/amazon-ecr-login@v2 |
|
|
| - name: Extract metadata |
| id: meta |
| uses: docker/metadata-action@v5 |
| with: |
| images: ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }} |
| tags: | |
| type=raw,value=latest |
| |
| - name: Build and push base image |
| uses: docker/build-push-action@v6 |
| with: |
| context: . |
| file: ./Dockerfile.base |
| push: true |
| tags: ${{ steps.meta.outputs.tags }} |
| labels: ${{ steps.meta.outputs.labels }} |
| cache-from: | |
| type=registry,ref=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:latest |
| type=registry,ref=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:cache |
| cache-to: | |
| type=registry,ref=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:cache,mode=max |
| type=inline |
| platforms: linux/amd64 |
| provenance: false |
| env: |
| DOCKER_BUILDKIT: 1 |
| BUILDKIT_PROGRESS: plain |
| BUILDKIT_MAX_PARALLELISM: 4 |
|
|
| - name: Log build results |
| run: | |
| echo "β
Base image built successfully" |
| echo " Image: ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:latest" |
| echo " Contains: COLMAP, hloc, LightGlue, and core Python dependencies" |
| echo " This saves 20-25 minutes per main build!" |
| |
