chore: add workflow to build images #11232
Open
+164
−0
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolve: #11208
This commit adds a github workflow that will build v2 images and push them to GHCR. It uses the GITHUB_TOKEN to authenticate and uses docker provisioned github actions to streamline the flow.
The workflow also creates attestations for the packages which can be used to verify provenance and integrity.
The workflow can be triggered manually or via another workflow call. The latter is to supplement future automation flows.
Here's a sample org imitating Kubeflow org, this is how we would expect the Github packages to look like: [1]
This is what a workflow run looks like: [1]
Here's what the attestations look like: [1]
Here's a sample page for a given kfp component's packages: [1]
Here are the configurable options when triggering this workflow:
Here's an example of how you can verify attestation:
Here's an example of a failure:
Checklist: