forked from Anush008/fastembed-js
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This step is to remove the need to publish to npm, the idea is that each module can be build as a docker file and then linked into where it is needed to compose new runtimes with only the needed modules. we can go further to separate the running of the code in a new container later and pipe the data between containers or even across servers.
- Loading branch information
mike dupont
committed
Jan 14, 2025
1 parent
b15a41f
commit 8bb119d
Showing
3 changed files
with
125 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| Dockerfile | ||
| .dockerignore |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,102 @@ | ||
|
|
||
| name: Create and publish a Docker image | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| push: | ||
| pull_request: | ||
|
|
||
| env: | ||
| REGISTRY: ghcr.io | ||
| IMAGE_NAME: ${{ github.repository }} | ||
| PROJECT: fastembed-js | ||
| ECR_REPOSITORY: $env.PROJECT | ||
| APP_NAME: $env.PROJECT | ||
|
|
||
| jobs: | ||
|
|
||
| build-and-push-image: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
| attestations: write | ||
| id-token: write | ||
|
|
||
| steps: | ||
| - name: Configure AWS credentials | ||
| uses: meta-introspector/configure-aws-credentials@v4 | ||
| with: | ||
| aws-region: ${{ secrets.AWS_REGION || 'us-east-2'}} | ||
| role-session-name: github-actions-${{ env.APP_NAME }} | ||
| # FIXME hard coded | ||
| role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID || '767503528736' }}:role/github | ||
|
|
||
| - name: Set up Docker Buildx | ||
| uses: meta-introspector/[email protected] | ||
| with: | ||
| install: true | ||
| platforms: linux/amd64,linux/arm/v7,linux/arm/v8 | ||
|
|
||
| - name: Login to Amazon ECR | ||
| id: login-ecr | ||
| uses: meta-introspector/amazon-ecr-login@v1 | ||
| - uses: meta-introspector/create-ecr-repository-action@v1 | ||
| with: | ||
| repository: $env.PROJECT | ||
|
|
||
| - name: Set short sha | ||
| id: sha_short | ||
| run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | ||
|
|
||
| - name: Login to Docker Hub | ||
| uses: meta-introspector/login-action@v3 | ||
| with: | ||
| username: ${{ vars.DOCKER_HUB_USERNAME }} | ||
| password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | ||
|
|
||
| - name: Checkout repository | ||
| uses: meta-introspector/checkout@v4 | ||
|
|
||
| - name: Log in to the Container registry | ||
| uses: meta-introspector/[email protected] | ||
| with: | ||
| registry: ${{ env.REGISTRY }} | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Extract metadata (tags, labels) for Docker | ||
| id: meta | ||
| uses: meta-introspector/[email protected] | ||
| with: | ||
| images: | | ||
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | ||
| h4ckermike/${{ env.ECR_REPOSITORY}} | ||
| ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY}} | ||
| - name: Build and push Docker image | ||
| id: push | ||
| uses: meta-introspector/[email protected] | ||
| with: | ||
| platforms: linux/arm64,linux/arm64/v8 | ||
| context: . | ||
| push: true | ||
| tags: | | ||
| ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
|
|
||
| - name: Generate artifact attestation | ||
| uses: meta-introspector/attest-build-provenance@local | ||
| with: | ||
| subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} | ||
| subject-digest: ${{ steps.push.outputs.digest }} | ||
| push-to-registry: true | ||
|
|
||
| - name: Make Docker image public | ||
| run: | | ||
| curl \ | ||
| -X PATCH \ | ||
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | ||
| -H "Accept: application/vnd.github.v3+json" \ | ||
| https://api.github.com/user/packages/container/${{ env.IMAGE_NAME }}/visibility \ | ||
| -d '{"visibility":"public"}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| FROM node:23-slim AS base | ||
| ENV PNPM_HOME="/pnpm" | ||
| ENV PATH="$PNPM_HOME:$PATH" | ||
| RUN corepack enable | ||
| COPY . /node_modules/fastembed | ||
| WORKDIR /node_modules/fastembed | ||
|
|
||
| FROM base AS prod-deps | ||
| RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --prod --frozen-lockfile | ||
|
|
||
| FROM base AS build | ||
| RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --frozen-lockfile | ||
| RUN pnpm run tsc | ||
| #RUN pnpm pack | ||
|
|
||
| FROM base | ||
| COPY --from=prod-deps /node_modules/fastembed/node_modules/@anush008 /app/node_modules/@anush008 | ||
| COPY --from=prod-deps /node_modules/fastembed/node_modules/onnxruntime-node /app/node_modules/onnxruntime-node | ||
| COPY --from=prod-deps /node_modules/fastembed/node_modules/progress /app/node_modules/progress | ||
| COPY --from=prod-deps /node_modules/fastembed/node_modules/tar /app/node_modules/tar | ||
| COPY --from=build /node_modules/fastembed /app/node_modules/fastembed |