containers
/
ramalama
mirror of https://github.com/containers/ramalama.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: containers:v0.9.3
Branches Tags
containers:main
containers:konflux/references/main
containers:konflux-ramalama-vllm
containers:fix-cuda-gpu
containers:konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x
containers:konflux-more-images
containers:pip-install
containers:konflux-integration
containers:test-in-vms
containers:s
containers:konflux-rocm-whisper-server
containers:konflux-rocm-ubi-whisper-server
containers:konflux-rocm-ubi-rag
containers:konflux-rocm-ubi-llama-server
containers:konflux-rocm-rag
containers:konflux-rocm-llama-server
containers:konflux-ramalama-whisper-server
containers:konflux-ramalama-rag
containers:konflux-ramalama-llama-server
containers:konflux-cuda-rag
containers:konflux-cuda-whisper-server
containers:konflux-cuda-llama-server
containers:konflux-tests
containers:gemma3n-alias
containers:fix-text-input
containers:add-vllm
containers:spaces2tabs
containers:dont-always-set-up-this-symlink
containers:add-colors
containers:change-from
containers:sycl
containers:change-install-script
containers:increase-retry-attempt
containers:rm-libexec
containers:update-shortnames
containers:no-warmup
containers:multimodal
containers:ggml-vulkan-by-default
containers:python3-ramalama2ramalama
containers:demo-secure
containers:vulkan
containers:pypi-fixes
containers:reword-description
containers:change-install-url
containers:punctuation-consistency-2
containers:konflux-sa-migration-ramalama
containers:ramalama-proxy
containers:change-to-cli-serve
containers:pass-args-to-ramalama-run-core
containers:add-exit
containers:cli-advancements
containers:client-server-fix-containers
containers:revert-1214-rocm-ubi
containers:install-script-fix
containers:fix-ramalama-rag
containers:certificates
containers:rm-openvino
containers:minor-fix
containers:explain-option-better
containers:open-webui
containers:update-llama
containers:macos-detect
containers:add-copilot
containers:more-scaffoling
containers:iso8601-conversion
containers:ci-fixes
containers:mac-hyper-fix
containers:ngl-999
containers:optimize-rename-variables
containers:progress-bar-2
containers:progress-bar
containers:ngl-default
containers:privi
containers:update-llama-cpp
containers:mac-cpu-fix
containers:remove-unnecessary
containers:shortnames
containers:check-packaging
containers:run_cmd-to-exec_cmd
containers:build
containers:llama-cpp-python-server
containers:v0.11.0
containers:v0.10.1
containers:v0.10.0
containers:v0.9.3
containers:v0.9.2
containers:v0.9.1
containers:v0.9.0
containers:v0.8.5
containers:v0.8.3
containers:v0.8.2
containers:v0.8.1
containers:v0.8.0
containers:v0.7.5
containers:v0.7.4
containers:v0.7.3
containers:v0.7.2
containers:v0.7.1
containers:v0.7.0
containers:v0.6.4
containers:v0.6.3
containers:v0.6.2
containers:v0.6.1
containers:v0.6.0
containers:v0.5.5
containers:v0.5.4
containers:v0.5.3
containers:v0.5.2
containers:v0.5.1
containers:v0.5.0
containers:v0.4.0
containers:v0.3.0
containers:v0.2.0
containers:v0.1.3
containers:v0.1.2
containers:v0.1.1
containers:v0.1.0
containers:v0.0.23
containers:v0.0.22
containers:v0.0.21
containers:v0.0.20
containers:v0.0.19
containers:v0.0.18
containers:v0.0.17
containers:v0.0.16
containers:v0.0.14
..
compare: containers:main
Branches Tags
containers:main
containers:konflux/references/main
containers:konflux-ramalama-vllm
containers:fix-cuda-gpu
containers:konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x
containers:konflux-more-images
containers:pip-install
containers:konflux-integration
containers:test-in-vms
containers:s
containers:konflux-rocm-whisper-server
containers:konflux-rocm-ubi-whisper-server
containers:konflux-rocm-ubi-rag
containers:konflux-rocm-ubi-llama-server
containers:konflux-rocm-rag
containers:konflux-rocm-llama-server
containers:konflux-ramalama-whisper-server
containers:konflux-ramalama-rag
containers:konflux-ramalama-llama-server
containers:konflux-cuda-rag
containers:konflux-cuda-whisper-server
containers:konflux-cuda-llama-server
containers:konflux-tests
containers:gemma3n-alias
containers:fix-text-input
containers:add-vllm
containers:spaces2tabs
containers:dont-always-set-up-this-symlink
containers:add-colors
containers:change-from
containers:sycl
containers:change-install-script
containers:increase-retry-attempt
containers:rm-libexec
containers:update-shortnames
containers:no-warmup
containers:multimodal
containers:ggml-vulkan-by-default
containers:python3-ramalama2ramalama
containers:demo-secure
containers:vulkan
containers:pypi-fixes
containers:reword-description
containers:change-install-url
containers:punctuation-consistency-2
containers:konflux-sa-migration-ramalama
containers:ramalama-proxy
containers:change-to-cli-serve
containers:pass-args-to-ramalama-run-core
containers:add-exit
containers:cli-advancements
containers:client-server-fix-containers
containers:revert-1214-rocm-ubi
containers:install-script-fix
containers:fix-ramalama-rag
containers:certificates
containers:rm-openvino
containers:minor-fix
containers:explain-option-better
containers:open-webui
containers:update-llama
containers:macos-detect
containers:add-copilot
containers:more-scaffoling
containers:iso8601-conversion
containers:ci-fixes
containers:mac-hyper-fix
containers:ngl-999
containers:optimize-rename-variables
containers:progress-bar-2
containers:progress-bar
containers:ngl-default
containers:privi
containers:update-llama-cpp
containers:mac-cpu-fix
containers:remove-unnecessary
containers:shortnames
containers:check-packaging
containers:run_cmd-to-exec_cmd
containers:build
containers:llama-cpp-python-server
containers:v0.11.0
containers:v0.10.1
containers:v0.10.0
containers:v0.9.3
containers:v0.9.2
containers:v0.9.1
containers:v0.9.0
containers:v0.8.5
containers:v0.8.3
containers:v0.8.2
containers:v0.8.1
containers:v0.8.0
containers:v0.7.5
containers:v0.7.4
containers:v0.7.3
containers:v0.7.2
containers:v0.7.1
containers:v0.7.0
containers:v0.6.4
containers:v0.6.3
containers:v0.6.2
containers:v0.6.1
containers:v0.6.0
containers:v0.5.5
containers:v0.5.4
containers:v0.5.3
containers:v0.5.2
containers:v0.5.1
containers:v0.5.0
containers:v0.4.0
containers:v0.3.0
containers:v0.2.0
containers:v0.1.3
containers:v0.1.2
containers:v0.1.1
containers:v0.1.0
containers:v0.0.23
containers:v0.0.22
containers:v0.0.21
containers:v0.0.20
containers:v0.0.19
containers:v0.0.18
containers:v0.0.17
containers:v0.0.16
containers:v0.0.14

225 Commits
v0.9.3 ... main

Author SHA1 Message Date
Daniel J Walsh 3f8e31a073
Merge pull request #1714 from slp/install-virglrenderer 
container-images: add virglrenderer to vulkan
 2025-07-19 06:35:54 -04:00
Daniel J Walsh 08722738cf
Merge pull request #1718 from containers/konflux/references/main 
Update Konflux references
 2025-07-19 06:34:54 -04:00
red-hat-konflux-kflux-prd-rh03[bot] ab7adbb430
Update Konflux references 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-07-19 08:03:10 +00:00
Mike Bonnet 72504179fc
Merge pull request #1716 from containers/fix-sentencepiece-build 
build_rag.sh: install cmake
 2025-07-18 10:54:06 -07:00
Mike Bonnet dcfeee8538 build_rag.sh: install cmake 
cmake is required to build sentencepiece.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-18 09:17:33 -07:00
Daniel J Walsh 1d903e746c
Merge pull request #1677 from containers/vllm-cpu 
Add vllm to cpu inferencing Containerfile
 2025-07-18 06:05:26 -04:00
Daniel J Walsh 13a22f6671
Merge pull request #1708 from containers/konflux-more-images 
konflux: add pipelines for asahi, cann, intel-gpu, llama-stack, musa, openvino, and ramalama-cli
 2025-07-18 06:04:12 -04:00
Daniel J Walsh 1d6aa51cd7
Merge pull request #1712 from tonyjames/main 
Add support for Intel Iris Xe Graphics (46AA, 46A6, 46A8)
 2025-07-18 06:03:34 -04:00
Tony James 50d01f177b Add support for Intel Iris Xe Graphics (46AA, 46A6, 46A8) 
Signed-off-by: Tony James <3128081+tonyjames@users.noreply.github.com>
 2025-07-17 18:58:07 -04:00
Eric Curtin 234134b5cc Add vllm to cpu inferencing Containerfile 
To be built upon "ramalama" image

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-07-17 21:09:20 +01:00
Daniel J Walsh 64ca9cfb4a
Merge pull request #1709 from containers/fix-cuda-gpu 
fix GPU selection and pytorch URL when building rag images
 2025-07-17 11:31:41 -04:00
Eric Curtin e3dda75ec6
Merge pull request #1707 from rhatdan/install 
README: remove duplicate statements
 2025-07-17 15:57:12 +01:00
Daniel J Walsh 075df4bb87
Merge pull request #1617 from jwieleRH/check_nvidia 
Improve NVIDIA GPU detection.
 2025-07-17 06:29:40 -04:00
Daniel J Walsh 5b46b23f2e
README: remove duplicate statements 
Simplify ramalama's top-level description. Remove the duplicate
statements.

Also make sure all references to PyPI are spelled this way.

Signed-off-by: Ken Dreyer <kdreyer@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2025-07-17 06:26:55 -04:00
Daniel J Walsh 1fe1b20c8c
Merge pull request #1711 from carlwgeorge/include-config-in-wheel 
Included ramalama.conf in wheel
 2025-07-17 06:21:47 -04:00
Mike Bonnet f5512c8f65 build_rag.sh: install sentencepiece via pip 
python3-sentencepiece was pulling in an older version of protobuf.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-16 23:27:54 -07:00
Mike Bonnet 7132d5a7f8 build_rag.sh: disable pip cache 
pip's caching behavior was causing errors when downloading huge (4.5G) torch wheels during
the rocm-ubi-rag build.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-16 23:27:54 -07:00
Mike Bonnet 2d3f8dfe28 fix GPU selection and pytorch URL when building rag images 
A previous commit changed the second argument to add_rag() from the image name to the
full repo path. Update the case statement accordingly, so the "GPU" variable is set correctly.

The "cuda" directory is no longer available on download.pytorch.org. When building for cuda,
pull wheels from the "cu128" directory, which contains binaries built for CUDA 12.8.

When building rocm* images, download binaries from the "rocm6.3" directory, which are built
for ROCm 6.3.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-16 23:27:54 -07:00
Carl George 1d8a2e5b6c Included ramalama.conf in wheel 
Currently other data files such as shortnames.conf, man pages, and shell
completions are included in the Python wheel.  Including ramalama.conf
as well means we can avoid several calls to make in the RPM spec file,
instead relying on the wheel mechanisms to put these files in place.  As
long as `make docs` is run before the wheel generation, all the
necessary files are included.

Signed-off-by: Carl George <carlwgeorge@gmail.com>
 2025-07-17 01:20:28 -05:00
Eric Curtin 42ac787686
Merge pull request #1710 from containers/konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x 
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1752625787
 2025-07-17 01:15:43 +01:00
red-hat-konflux-kflux-prd-rh03[bot] 18c560fff6
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1752625787 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-07-17 00:03:57 +00:00
John Wiele ce35ccb4c3 Remove pyYAML as a dependency. 
Extract information directly from the CDI YAML file by making some
simplifying assumptions instead of doing a complete YAML parse.

Default to all devices known to nvidia-smi.

Fix the signature of check_nvidia().

Remove some debug logging.

Signed-off-by: John Wiele <jwiele@redhat.com>
 2025-07-16 16:11:39 -04:00
John Wiele b97177b408 Apply suggestions from code review 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
Signed-off-by: John Wiele <jwiele@redhat.com>
 2025-07-16 16:08:32 -04:00
John Wiele 14c4aaca39 Improve NVIDIA GPU detection. 
Allow GPUs to be specified by UUID as well as index since the index is
not guaranteed to persist across reboots.

Crosscheck requested GPUs with nvidia-smi and CDI configuration. If
any requested GPUs lack corresponding CDI configuration, print a
message with a pointer to documentation.

If the only GPU specified in the CDI configuration is "all", as
appears to be the case on WSL2, use "all" as the default.

Add an optional encoding argument to run_cmd() to facilitate checking
the output of the command.

Add pyYAML as a dependency for parsing the CDI configuration.

Signed-off-by: John Wiele <jwiele@redhat.com>
 2025-07-16 16:08:32 -04:00
Mike Bonnet bf4fd56106 konflux: add pipelines for asahi, cann, intel-gpu, llama-stack, musa, openvino, and ramalama-cli 
Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-16 12:23:12 -07:00
Mike Bonnet 1373a8e7ba konflux: don't trigger pipelines on PR transition to "Ready for Review" 
By default, Konflux triggers new pipelines when a PR moves from Draft to
"Ready for Review". Because the commit SHA hasn't changed, no new builds
are performed. However, a new integration test is also triggered, and because
no builds were performed it is unable to find the URL and digest of the images,
causing the integration test to fail. Updating the "on-cel-expression" to exclude
the transition to "Ready to Review" avoids the unnecessary pipelines and the
false integration test failures.

Update the whitespace of the "on-cel-expression" in the push pipelines for consistency.
No functional change.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-16 12:11:54 -07:00
Sergio Lopez 74584d0b5e container-images: add virglrenderer to vulkan 
When running in a krun-isolated container, we need
"/usr/libexec/virgl_render_server" to be present in the container
image to launch it before entering the microVM.

Install the virglrenderer package in addition to mesa-vulkan-drivers.

Signed-off-by: Sergio Lopez <slp@redhat.com>
 2025-07-16 18:53:11 +02:00
Daniel J Walsh 4dea2ee02f
Merge pull request #1687 from containers/konflux-cuda-arm64 
konflux: build cuda on arm64, and simplify testing
 2025-07-16 12:01:45 -04:00
Mike Bonnet 069e98c095 fix unit tests to be independent of environment 
Setting RAMALAMA_IMAGE would cause some unit tests to fail. Make those
tests independent of the calling environment.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-16 06:44:00 -07:00
Mike Bonnet f57b8eb284 konflux: copy source into the bats image 
Including the source in the bats image ensures that we're always testing with the same
version of the code that was used to build the images. It also eliminates the need for
repeated checkouts of the repo and simplifies testing, avoiding additional volumes and
artifact references.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-16 06:44:00 -07:00
Mike Bonnet 299d3b9b75 konflux: build cuda and layered images on arm64 
Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-16 06:44:00 -07:00
Stephen Smoogen 683b8fb8a0
Minor fixes to rpm builds by packit and spec file. (#1704) 
* This removes epel9 from packit rules as epel9 does not currently
  build without many additional packages added to the distro.
* This fixes a breakage in epel10 by adding mailcap as a buildrequires.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
Co-authored-by: Stephen Smoogen <ssmoogen@redhat.com>
 2025-07-16 09:37:00 -04:00
Mike Bonnet 64e22ee0aa
Merge pull request #1700 from containers/test-optimization-and-fixup 
reduce unnecessary image pulls during testing, and re-enable a couple tests
 2025-07-15 11:34:59 -07:00
Mike Bonnet 651fc503bd implement "ps --noheading" for docker using --format 
"docker ps" does not support the "--noheading" option. Use the --format
option to emulate the behavior.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-15 10:32:53 -07:00
Daniel J Walsh 384cad7161
Merge pull request #1696 from containers/renovate/quay.io-konflux-ci-build-trusted-artifacts-latest 
chore(deps): update quay.io/konflux-ci/build-trusted-artifacts:latest docker digest to f7d0c51
 2025-07-15 13:17:33 -04:00
Daniel J Walsh 3dec0d7487
Merge pull request #1699 from containers/renovate/registry.access.redhat.com-ubi9-ubi-9.x 
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1752587049
 2025-07-15 13:16:27 -04:00
Daniel J Walsh d7763ad1c5
Merge pull request #1698 from containers/mistral 
Mistral should point to lmstudio gguf
 2025-07-15 13:15:11 -04:00
Mike Bonnet b550cc97d2 bats: re-enable a couple tests, and minor cleanup 
Fix the "serve and stop" test by passing the correct (possibly random) port to "ramalama chat".

Fix the definition of "ramalama_runtime".

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-15 09:03:49 -07:00
Mike Bonnet 927d2f992a bats: allow the container to use the overlay driver when possible 
Remove the STORAGE_DRIVER env var from the container so it doesn't force use
of the vfs driver in all cases.

Mount /dev/fuse into the container when running locally.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-15 09:03:49 -07:00
Mike Bonnet f176bb3926 add a dryrun field to Config, and set it early 
accel_image() is called to set option defaults, before options are even parsed.
This can cause images to be pulled even if they will not actually be used, slowing
down testing and making the cli less responsive. Set the "dryrun" option before
the first call to accel_image() to avoid unnecessary image pulls.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-15 09:03:49 -07:00
renovate[bot] f38c736d23
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1752587049 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-07-15 15:47:38 +00:00
Eric Curtin fa2f485175 Mistral should point to lmstudio gguf 
I don't know who MaziyarPanahi is, but I know who lmstudio are

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-07-15 15:04:54 +01:00
Mike Bonnet f8c41b38c1 avoid unnecessary image pulls 
Don't pull images in _get_rag() and _get_source_model() if pull == "never"
or if running with "--dryrun".

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-14 14:42:21 -07:00
renovate[bot] b7323f7972
chore(deps): update quay.io/konflux-ci/build-trusted-artifacts:latest docker digest to f7d0c51 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-07-14 20:13:34 +00:00
Daniel J Walsh 53e38dea8f
Merge pull request #1694 from rhatdan/VERSION 
Bump to 0.11.0
 2025-07-14 10:59:06 -04:00
Daniel J Walsh bf68cfddd3
Bump to 0.11.0 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-07-14 10:32:32 -04:00
Stephen Smoogen 8ab242f820
Move rpms (#1693) 
* Start adding rpm/ramalama.spec for Fedora

Add a ramalama.spec to sit next to python-ramalama.spec while we get
this reviewed. Change various configs so they are aware of
ramalama.spec

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>

* Add needed obsoletes/provides in base rpm to start process.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>

* Try to fix CI problems with initial mr

The initial MR puts two spec files in the same directory which was
causing problems with the CI. This splits them off into different
directories which should allow for the tooling to work.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>

* Finish move of Fedora rpm package to new name.

Put changes into various files needed to allow for new RPM package
`ramalama` to build in Fedora infrastructure versus python3-ramalama.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>

* Fix problem with path names lsm5 caught

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>

---------

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
Co-authored-by: Stephen Smoogen <ssmoogen@redhat.com>
 2025-07-14 10:13:49 -04:00
Daniel J Walsh eba46c8df6
Merge pull request #1691 from mbortoli/readme-improvements 
Readme improvements: Update model's name and improve CUDA_VISIBLE_DEVICES section
 2025-07-14 10:03:20 -04:00
Mario Antonio Bortoli Filho b5826c96e9 README: fix model name and improve CUDA section 
- Corrected the model name under the Benchmark section; previous name was not available in Ollama's registry.

- Added instructions to switch between CPU-only mode and using all available GPUs via CUDA_VISIBLE_DEVICES.

Signed-off-by: Mario Antonio Bortoli Filho <mario@bortoli.dev>
 2025-07-14 09:43:16 -03:00
Daniel J Walsh 066b659f3a
Merge pull request #1689 from containers/pip-install 
Only install if pyproject.toml exists
 2025-07-14 06:07:24 -04:00
Eric Curtin 6d7effadc2 Only install if pyproject.toml exists 
Otherwise skip

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-07-13 22:13:11 +01:00
Daniel J Walsh 1d2e1a1e01
Merge pull request #1688 from containers/konflux/references/main 
chore(deps): update konflux references
 2025-07-12 06:06:35 -04:00
Daniel J Walsh a54e2b78c4
Merge pull request #1681 from ramalama-labs/bug/chat-fix 
Bug/chat fix
 2025-07-12 06:05:31 -04:00
red-hat-konflux-kflux-prd-rh03[bot] f4cec203ac
chore(deps): update konflux references 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-07-12 08:02:23 +00:00
Ian Eaves a616005695
resolve merge conflicts 
Signed-off-by: Ian Eaves <ian.k.eaves@gmail.com>
 2025-07-11 16:47:56 -05:00
Daniel J Walsh c7c0f7d2e5
Merge pull request #1685 from rhatdan/convert 
Allow `ramalama rag` to output different formats
 2025-07-11 16:18:19 -04:00
Daniel J Walsh b630fcdea2
Allow ramalama rag to output different formats 
Add ramalama rag --format option to allow outputing
of markdown, json as well as qdrant databases.

This content can then be used as input to the client tool.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Co-authored-by: Ian Eaves <ian.k.eaves@gmail.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-07-11 11:04:32 -04:00
Daniel J Walsh 027f88cf31
Merge pull request #1683 from containers/konflux-integration 
konflux: add integration tests that run in multi-arch VMs
 2025-07-10 15:05:03 -04:00
Mike Bonnet d7ed2216dd konflux: build entrypoint images on smaller instances 
The entrypoint image builds are very lightweight, use smaller instances
to reduce resource consumption.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-10 09:19:16 -07:00
Mike Bonnet 6d9a7eea9e konflux: build rag images on instance types with more disk space 
-rag builds were failing due to the 40G disk filling up. Run builds on
newly-available "d160" instance types which have 160G of disk space
available.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-10 09:19:16 -07:00
Mike Bonnet 5ebc48f453 konflux: add integration tests that run in multi-arch VMs 
The integration tests will be triggered after all image builds associated with a single
commit are complete. Tests are currently being run on amd64 and arm64 platforms.

Remove "bats-nocontainer" from the build-time tests, since those are covered by "bats" run
in the integration tests.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-10 09:19:16 -07:00
Mike Bonnet b6cb2fdbe2 konflux: build all ramalama layered images on arm64 
Some bats tests need the ramalama-rag image avilable for the current arch. Build
all the ramalama layered images on arm64 as well as amd64.

Switch to building on larger VM instance types to reduce build times and improve
developer feedback and experience.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-10 06:44:58 -07:00
Mike Bonnet f75599097e bats: ignore RAMALAMA_IMAGE from the calling environment 
Some tests parse the output of the ramalama cli and hard-code the location of the expected
default image. However, this output changes based on the value of the RAMALAMA_IMAGE
environment variable, and setting this variable in the calling environment can cause those
tests to fail. Unset the RAMALAMA_IMAGE environment variable in these tests to avoid false failures.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-10 06:44:58 -07:00
Daniel J Walsh 80317bffbc
Merge pull request #1684 from containers/konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x 
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1752069608
 2025-07-10 07:45:47 -04:00
red-hat-konflux-kflux-prd-rh03[bot] 124afc14bb
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1752069608 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-07-10 00:02:12 +00:00
Daniel J Walsh 79b23e1237
Merge pull request #1668 from containers/renovate/registry.access.redhat.com-ubi9-ubi-9.x 
Update registry.access.redhat.com/ubi9/ubi Docker tag to v9.6-1752069608
 2025-07-09 16:04:00 -04:00
Daniel J Walsh 5fd301532c
Merge pull request #1679 from containers/bugfix-for-chat 
Bugfix for chat
 2025-07-09 16:03:14 -04:00
Daniel J Walsh 64d53180fd
Merge pull request #1680 from nathan-weinberg/bump-er 
chore: bump ramalama-stack to 0.2.5
 2025-07-09 16:01:09 -04:00
Daniel J Walsh c0278c1b8c
Merge pull request #1676 from rhatdan/selinux 
Enable SELinux separation
 2025-07-09 16:00:35 -04:00
Nathan Weinberg e402a456cf chore: bump ramalama-stack to 0.2.5 
Signed-off-by: Nathan Weinberg <nweinber@redhat.com>
 2025-07-09 15:42:33 -04:00
Eric Curtin 3da38bc7b8 Bugfix for chat 
This was recently removed:

+            if getattr(self.args, "model", False):
+                data["model"] = self.args.model

it is required

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-07-09 20:13:09 +01:00
Daniel J Walsh 980179d5ca
Enable SELinux separation 
Remove some unused functions from model.py

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-07-09 13:11:58 -04:00
Daniel J Walsh 657bacb52e
Merge pull request #1675 from rhatdan/image 
Hide --container option, having --container/--nocontainer is confusing
 2025-07-09 09:55:44 -04:00
Daniel J Walsh 09c6ccb2f0
Hide --container option, having --container/--nocontainer is confusing 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-07-09 06:58:04 -04:00
Daniel J Walsh 7f09d4bf5b
Merge pull request #1643 from engelmi/enhance-ref-file 
Enhance ref file and mount all snapshot files to container
 2025-07-08 13:37:45 -04:00
Michael Engel 7a6c9977f7 Disable generate and serve OCI image test 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:36:39 +02:00
Michael Engel def6116f15 Add deduplication check by file hash to update_snapshot 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Michael Engel 5e39e11678 Remove limitation of only one model file per snapshot 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Michael Engel 21e42fc837 Move split model logic to url model class 
The split model feature was exclusive to URL models. Because of this - and the
improvements in mounting all model snapshot files - the logic has been removed
from the ModelFactory and put to the URL model class.

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Michael Engel eefafe24fd Refactor model classes to mount all snapshot files instead of explicit ones 
Previously, the model, mmproj and chat template files were mounted explicity if
present using many if-exists checks. Relying on the new ref file all files of that
model snapshot are either mounted or used directly with its blob path. When mounted
into a container, the files are put into MNT_DIR with the respective file names.
The split_model part has been dropped for now, but will be refactored in the next
commit.

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Michael Engel 6cbaf692aa Remove obsolete glob check if model exists 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Michael Engel 129ee175d6 Fixed using model_store instead of store 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Michael Engel 8e98c77f54 Removed unused functio 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Michael Engel e398941913 Remove unused garbage collection function 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Michael Engel d95bd13ca0 Replace RefFile by RefJSONFile in model store 
Replacing the use of RefFile with the new RefJSONFile in model store. It also adds
support for adhoc migration of old to new ref file format.
This will break ramalama as is since no specific functionality for getting the explicit
(gguf) model file path has been implemented. Will be adjusted in the next commit to
fix this.

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Michael Engel 496439ea02 Added new ref file format 
Added a new, simpler ref file format serialized as JSON. It also gets additional
fields such as the hash of the file that is used as the name of the blob file.
This essentially makes the snapshot directory and all symlinks obsolete, further
simplifying the storage and improving stability. It also leads to the ref file as
being the single source for all files of a model.
Further refactoring, incl. swapping and migrating from the old to new format, will
follow in subsequent commits.

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 18:33:42 +02:00
Daniel J Walsh bf0af8034a
Merge pull request #1673 from containers/mlx-fixes 
mlx fixes
 2025-07-08 11:51:26 -04:00
Daniel J Walsh 99f56a7684
Merge pull request #1669 from rhatdan/image 
move --image & --keep-groups to run, serve, perplexity, bench commands
 2025-07-08 11:49:07 -04:00
Eric Curtin 5b20aa4e2c mlx fixes 
mlx_lm.server is the only one in my path at least on my system.

Also, printing output like this which doesn't make sense:

Downloading huggingface://RedHatAI/Llama-3.2-1B-Instruct-FP8-dynamic/model.safetensors:latest ...
Trying to pull huggingface://RedHatAI/Llama-3.2-1B-Instruct-FP8-dynamic/model.safetensors:latest ...

Also remove recommendation to install via `brew install ramalama`, skips installing Apple specific
dependancies.

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-07-08 15:57:25 +01:00
Eric Curtin 957dfd52e7
Merge pull request #1672 from containers/revert-1671-set-ramalama-stack-version 
Revert "feat: allow for dynamic version installing of ramalama-stack"
 2025-07-08 14:54:23 +01:00
Eric Curtin ebb8ea93fd
Revert "feat: allow for dynamic version installing of ramalama-stack" 2025-07-08 14:53:25 +01:00
Daniel J Walsh 7dc3d9da8e
move --image & --keep-groups to run, serve, perplexity, bench commands 
This eliminates the need for pulling images by accident when not
using containers.  Since these commands are only used for container
commands, no need for them in other places.

Fixes: https://github.com/containers/ramalama/issues/1662

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-07-08 09:09:41 -04:00
Daniel J Walsh 72aa795b17
Merge pull request #1666 from engelmi/inspect-add-safetensor-support 
Inspect add safetensor support
 2025-07-08 08:54:15 -04:00
Eric Curtin 2fea5f86f6
Merge pull request #1671 from nathan-weinberg/set-ramalama-stack-version 
feat: allow for dynamic version installing of ramalama-stack
 2025-07-08 13:39:00 +01:00
Michael Engel 412d5616d3
Catch error on creating snapshot and log error 
Relates to: https://github.com/containers/ramalama/issues/1663

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 12:57:12 +02:00
Michael Engel 3b880923c0
Added support for safetensors to inspect command 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-08 12:57:12 +02:00
Daniel J Walsh b7c15ce86a
Merge pull request #1664 from containers/konflux/references/main 
chore(deps): update konflux references
 2025-07-08 06:48:46 -04:00
Daniel J Walsh 87287ae574
Merge pull request #1670 from containers/konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x 
Update registry.access.redhat.com/ubi9/ubi Docker tag to v9.6-1751897624
 2025-07-08 06:43:49 -04:00
Nathan Weinberg eeaab7276c feat: allow for dynamic version installing of ramalama-stack 
previously we were setting an explicit version of `ramalama-stack`
in the Containerfile restricting what we used at runtime

moved the install to the entrypoint script and allowed the use of
the RAMALAMA_STACK_VERSION env var to install a specific version
(default with no env var installs the latest package and pulls the
YAML files from the main branch)

Signed-off-by: Nathan Weinberg <nweinber@redhat.com>
 2025-07-07 21:38:30 -04:00
red-hat-konflux-kflux-prd-rh03[bot] 8104b697dd
Update registry.access.redhat.com/ubi9/ubi Docker tag to v9.6-1751897624 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-07-08 00:05:41 +00:00
renovate[bot] eacaffe03d
Update registry.access.redhat.com/ubi9/ubi Docker tag to v9.6-1751897624 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-07-07 19:49:58 +00:00
Daniel J Walsh 21957b22c2
Merge pull request #1661 from ramalama-labs/feat/vision 
Adds the ability to include vision based context to chat via --rag
 2025-07-07 09:36:52 -04:00
Daniel J Walsh cd7220a3ea
Merge pull request #1667 from rhatdan/VERSION 
Bump to v0.10.1
 2025-07-07 08:19:41 -04:00
Daniel J Walsh fe3731dffc
Bump to v0.10.1 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-07-07 06:52:23 -04:00
Eric Curtin 0947e11f13
Merge pull request #1665 from rhatdan/pull 
Make sure errors and progress messages go to STDERR
 2025-07-06 14:58:38 +01:00
Daniel J Walsh ab4d0f2202
Make sure errors and progress messages go to STDERR 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-07-06 07:12:14 -04:00
Daniel J Walsh c62a2a4e5b
Move download_file to http_client rather then common 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-07-06 06:52:51 -04:00
red-hat-konflux-kflux-prd-rh03[bot] ee8d7a3a04
chore(deps): update konflux references 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-07-05 08:02:20 +00:00
Daniel J Walsh c9f9f691aa
Merge pull request #1642 from kush-gupt/feat/mlx 
MLX runtime support
 2025-07-04 05:53:41 -04:00
Ian Eaves fe2d22c848
renamed tests + lint 
Signed-off-by: Ian Eaves <ian.k.eaves@gmail.com>
 2025-07-03 17:47:02 -05:00
Ian Eaves cba091b265
adds vision to chat 
Signed-off-by: Ian Eaves <ian.k.eaves@gmail.com>
 2025-07-03 17:37:11 -05:00
Kush Gupta bc92481a66 Fix API request 
Signed-off-by: Kush Gupta <kushalgupta@gmail.com>
 2025-07-03 10:18:26 -04:00
Eric Curtin 149c9f101c
Merge pull request #1660 from telemaco/pre-commit-conf 
Add .pre-commit-config.yaml
 2025-07-03 14:54:26 +01:00
Eric Curtin 06488b45f1
Merge pull request #1637 from rhatdan/store 
Always use absolute path for --store option
 2025-07-03 14:33:44 +01:00
Eric Curtin 4482803eb2
Merge pull request #1657 from containers/konflux-layered-images 
konflux: add pipelines for the layered images of ramalama, cuda, rocm, and rocm-ubi
 2025-07-03 14:32:37 +01:00
Kush Gupta 277cb4f504 make sure host is not in container, dont care about llama.cpp args 
Signed-off-by: Kush Gupta <kushalgupta@gmail.com>
 2025-07-03 09:27:15 -04:00
Kush Gupta d77b7ce231 mlx runtime with client/server 
Signed-off-by: Kush Gupta <kushalgupta@gmail.com>
 2025-07-03 09:27:00 -04:00
Roberto Majadas 5a51552d1f Add pre-commit configuration 
Signed-off-by: Roberto Majadas <rmajadas@redhat.com>
 2025-07-03 14:40:49 +02:00
Daniel J Walsh 8501240d43
Merge pull request #1659 from telemaco/lint-and-format-conf-updates 
Update lint and format tools configuration
 2025-07-03 07:12:52 -04:00
Eric Curtin c791ac1602
Merge pull request #1658 from containers/konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x 
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1751445649
 2025-07-03 11:45:32 +01:00
Daniel J Walsh 689955480c
Always use absolute path for --store option 
Fixes: https://github.com/containers/ramalama/issues/1634

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-07-03 06:38:57 -04:00
Roberto Majadas e5e6195c49 Update lint and format tools configuration 
Signed-off-by: Roberto Majadas <rmajadas@redhat.com>
 2025-07-03 12:32:26 +02:00
Daniel J Walsh ae38e3f09c
Merge pull request #1632 from ramalama-labs/feat/user-prompt-configs 
Adds a user configuration setting to disable gpu prompting
 2025-07-03 06:30:52 -04:00
Daniel J Walsh c32d67fd4e
Merge pull request #1635 from containers/list-models 
Add command to list available models
 2025-07-03 06:23:35 -04:00
red-hat-konflux-kflux-prd-rh03[bot] 9c43c0ba71
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1751445649 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-07-03 00:03:59 +00:00
Ian Eaves 27fa3909a3
adds user prompt controls 
Signed-off-by: Ian Eaves <ian.k.eaves@gmail.com>
 2025-07-02 16:58:37 -05:00
Mike Bonnet 0808cf76b9 konflux: add pipelines for the layered images of ramalama, cuda, rocm, and rocm-ubi 
Build the -llama-server, -whisper-server, and -rag layered images, which inherit from
the existing ramalama, cuda, rocm, and rocm-ubi images.

Layered images use shared Containerfiles, and customize their builds using --build-arg.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-02 12:19:25 -07:00
Eric Curtin 3a61309e10 Add command to list available models 
With commands such as:

  ramalama chat --url https://generativelanguage.googleapis.com/v1beta/openai --ls

we can now list the various models available.

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-07-02 16:52:28 +01:00
Eric Curtin 8dc1144cbd
Merge pull request #1641 from containers/layered-containerfiles 
build layered images from Containerfiles
 2025-07-02 10:19:32 +01:00
Mike Bonnet 46c0154d2a build layered images from Containerfiles 
Move the Containerfiles for the entrypoint and rag images out of container_build.sh and into their
own files. This is necessary so they can be built with Konflux.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-07-01 15:14:26 -07:00
Eric Curtin e624a41063
Merge pull request #1631 from jbtrystram/fix_quadlet 
quadlet: add missing privileged options
 2025-07-01 22:38:16 +01:00
jbtrystram 412372de9c
quadlet: use shlex to join shell arguments 
this is to avoid incorrect parsing if arguments contain spaces.

See https://github.com/containers/ramalama/pull/1631#discussion_r2175358681

Signed-off-by: jbtrystram <jbtrystram@redhat.com>
 2025-07-01 22:34:06 +02:00
jbtrystram a3a199664c
quadlet: add missing privileged options 
The default privileged options were ommited from the generated quadlet
file. Add them using the same argument parsing as in engine.py. [1]

Also add a few base options found in model.py[2] that were missing.

Fixes https://github.com/containers/ramalama/issues/1593

[1] 8341ddcf7b/ramalama/engine.py (L71-L82)
[2] 8341ddcf7b/ramalama/model.py (L205-L223)

Signed-off-by: jbtrystram <jbtrystram@redhat.com>
 2025-07-01 22:33:21 +02:00
Daniel J Walsh 58922cd285
Merge pull request #1638 from engelmi/use-config-for-pull-flag-in-accel-image 
Use config instance for defining pull behavior in accel_image
 2025-07-01 14:39:49 -04:00
Daniel J Walsh 5468b1b4c7
Merge pull request #1639 from nathan-weinberg/rlls-0.2.4 
chore: bump ramalama-stack to 0.2.4
 2025-07-01 14:33:15 -04:00
Nathan Weinberg 1dad8284b7 chore: bump ramalama-stack to 0.2.4 
Signed-off-by: Nathan Weinberg <nweinber@redhat.com>
 2025-07-01 14:28:10 -04:00
Daniel J Walsh fe756ccf70
Merge pull request #1640 from engelmi/split-model-store-into-files 
Split the model store into multiple files
 2025-07-01 14:24:22 -04:00
Michael Engel d7ecda282b
Added staticmethod annotation 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-01 17:45:51 +02:00
Michael Engel 3327df7852
Split the model store into multiple files 
The source code for the model store is getting bigger, so splitting it
into multiple source files under a directory helps keeping it easier
to read.

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-01 17:41:34 +02:00
Michael Engel 4a5724e673
Use config instance for defining pull behavior in accel_image 
By using the pull field in the config instance for the flag to
indicate pulling of the container image should be attempted in
the accel_image function, the behavior is tied to the cli options.
This also prevents a ramalama ls to seemingly block since the
image is downloaded (with no output).

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-07-01 15:24:54 +02:00
Daniel J Walsh 162e2e5991
Merge pull request #1614 from containers/konflux-tests 
run tests during build pipelines
 2025-07-01 06:55:33 -04:00
Daniel J Walsh 3b11fcf343
Merge pull request #1633 from containers/konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x 
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1751287003
 2025-07-01 06:37:26 -04:00
Eric Curtin 34eae809b6
Merge pull request #1620 from olliewalsh/store_delete_refcount 
Fix modelstore deleting logic when multiple reference refer to the same blob/snapshot
 2025-07-01 09:42:46 +01:00
red-hat-konflux-kflux-prd-rh03[bot] 1e346cc083
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1751287003 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-07-01 00:03:13 +00:00
Oliver Walsh 7b211d0aef Only remove .parial blob file when the snapshot refcount is 0 
Previously would always remove this partial blob file.

Note: this assumes the blob hash equals the snapshot hash, which
is only true for repos with a single model

Signed-off-by: Oliver Walsh <owalsh@redhat.com>
 2025-06-30 23:30:35 +01:00
Oliver Walsh 80fd6d95fe Handle existing but broken symlink to snapshot file 
Signed-off-by: Oliver Walsh <owalsh@redhat.com>
 2025-06-30 23:11:41 +01:00
Oliver Walsh 69e0929ca0 Add bats tests for pullling llama.cpp multimodal images 
Signed-off-by: Oliver Walsh <owalsh@redhat.com>
 2025-06-30 23:11:41 +01:00
Oliver Walsh 990a7412e8 Fix modelstore deleting logic 
When deleting a reference, count the remaining references to the
snapshot/blobs to determine if they should be deleted.

Signed-off-by: Oliver Walsh <owalsh@redhat.com>
 2025-06-30 23:11:41 +01:00
Mike Bonnet 8b1d2c03cd konflux: skip checks on PR builds 
Most of the checks don't (yet) apply to these images, and they add significant time to the builds.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-30 12:11:13 -07:00
Mike Bonnet 36e55002fe konflux: set PipelineRun timeouts to 6 hours 
Container builds and tests can take a long time. We'd rather them eventually complete successfully
than fail with a timeout.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-30 12:11:13 -07:00
Mike Bonnet ee05ed0586 run tests during build pipelines 
Use the bats container to run a set of Makefile targets to test the code
and images in parallel.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-30 12:11:13 -07:00
Stephen Smoogen 8341ddcf7b
Start process of moving python-ramalama to ramalama (#1498) 
* Start adding rpm/ramalama.spec for Fedora

Add a ramalama.spec to sit next to python-ramalama.spec while we get
this reviewed. Change various configs so they are aware of
ramalama.spec

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>

* Add needed obsoletes/provides in base rpm to start process.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>

* Try to fix CI problems with initial mr

The initial MR puts two spec files in the same directory which was
causing problems with the CI. This splits them off into different
directories which should allow for the tooling to work.

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>

---------

Signed-off-by: Stephen Smoogen <ssmoogen@redhat.com>
Co-authored-by: Stephen Smoogen <ssmoogen@redhat.com>
 2025-06-30 14:51:29 +01:00
Eric Curtin afbb01760f
Merge pull request #1628 from rhatdan/host 
Fix handling of --host option when running in a container
 2025-06-30 13:58:46 +01:00
Daniel J Walsh 1270b7fba6
Merge pull request #1629 from rhatdan/VERSION 
Bump to v0.10.0
 2025-06-30 08:31:07 -04:00
Daniel J Walsh 8d054ff751
Bump to v0.10.0 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-30 08:29:27 -04:00
Daniel J Walsh 67b3d6ebba
Merge pull request #1627 from containers/konflux/references/main 
chore(deps): update konflux references
 2025-06-30 05:14:15 -04:00
Daniel J Walsh bc561d2597
Merge pull request #1570 from ieaves/feat/file-upload 
Adds the ability to pass files to `ramalama run`
 2025-06-29 05:36:00 -04:00
Ian Eaves 1f03de03f8
Add file upload feature 
Signed-off-by: Ian Eaves <ian.k.eaves@gmail.com>
 2025-06-28 21:18:16 -05:00
Daniel J Walsh 6b13f497fa
Fix handling of --host option when running in a container 
When you run a Model server within a container and only wanted it bound
to a certain port, the port binding should happen to the container not
inside of the container.

Fixes: https://github.com/containers/ramalama/issues/1572

Also fix handling of -t option, should not be used with anything other
then run command, and now I am not sure of that.

The LLAMA_PROMPT_PREFIX= environment variable should not be set within
containers as an environment variable, since we are doing chat on the
outside.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-28 11:48:24 -04:00
red-hat-konflux-kflux-prd-rh03[bot] f5298105e3
chore(deps): update konflux references 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-06-28 08:03:12 +00:00
Daniel J Walsh 7e1d159a3b
Merge pull request #1624 from containers/gemma3n-alias 
Add gemma aliases
 2025-06-27 10:36:26 -04:00
Daniel J Walsh ca9885ac99
Merge pull request #1623 from containers/bump-llamacpp2 
Want to pick up support for gemma3n
 2025-06-27 10:35:53 -04:00
Eric Curtin b42eb5762d
Merge pull request #1621 from sarroutbi/202506271328-fix-unit-tests-for-machines-running-gpus 
Fix unit tests for machines with GPUs
 2025-06-27 15:32:46 +01:00
Eric Curtin 089589cdfe Add gemma aliases 
The ollama variants are incompatible

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-06-27 15:28:00 +01:00
Eric Curtin 289e682f2a Want to pick up support for gemma3n 
And the other latest and greatest llama.cpp features

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-06-27 15:06:32 +01:00
Sergio Arroutbi 8ab3ce3f56
Fix test_common to use expected image 
Signed-off-by: Sergio Arroutbi <sarroutb@redhat.com>
 2025-06-27 16:03:36 +02:00
Sergio Arroutbi 146a5d011a
Fix quadlet tests to pass on a machine with GPU 
Signed-off-by: Sergio Arroutbi <sarroutb@redhat.com>
 2025-06-27 13:44:21 +02:00
Daniel J Walsh 895fb0d1dd
Merge pull request #1588 from rhatdan/llama-stack 
Fixup to work with llama-stack
 2025-06-27 07:22:24 -04:00
Daniel J Walsh e0108b9d34
Merge pull request #1616 from nathan-weinberg/rlls-0.2.3 
chore: bump ramalama-stack to 0.2.3
 2025-06-27 06:41:28 -04:00
Daniel J Walsh 1c87479aee
Fixes to work with llama-stack 
Adapt ramalama stack and chat modules for compatibility with llama-stack by updating host binding, argument formatting, and command invocation patterns, and add robust attribute checks in the chat utility.

Bug Fixes:

    Add hasattr checks around optional args (pid2kill, name) in chat kills() to prevent attribute errors

Enhancements:

    Bind model server to 0.0.0.0 instead of localhost for external accessibility
    Convert port, context size, and thread count arguments to strings for consistent CLI usage
    Reformat container YAML to use JSON array and multiline args for llama-server and llama-stack commands
    Update Containerfile CMD to JSON exec form for llama-stack entrypoint

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-27 05:57:45 -04:00
Eric Curtin b2cd9dc36e
Merge pull request #1610 from rhatdan/url 
Fix removing of file based URL models
 2025-06-27 08:46:40 +01:00
Eric Curtin faacef5ea5
Merge pull request #1615 from rhatdan/build 
Free up disk space for building all images
 2025-06-27 08:45:55 +01:00
Eric Curtin a019b91b8a
Merge pull request #1619 from carlwgeorge/zsh-completions 
Use standard zsh completion directory
 2025-06-27 08:43:47 +01:00
Carl George 10cdbfb28d Use standard zsh completion directory 
We're currently using /usr/share/zsh/vendor-completions for zsh
completions.  However, the RPM macro %{zsh_completions_dir} (which is
required by the Fedora packaging guidelines) is defined as
/usr/share/zsh/site-functions, so let's switch to that.

https://docs.fedoraproject.org/en-US/packaging-guidelines/ShellCompletions/

Signed-off-by: Carl George <carlwgeorge@gmail.com>
 2025-06-27 02:07:37 -05:00
Nathan Weinberg 00a5f084b4 chore: bump ramalama-stack to 0.2.3 
Signed-off-by: Nathan Weinberg <nweinber@redhat.com>
 2025-06-26 16:13:21 -04:00
Daniel J Walsh 93d23c93e6
Free up disk space for building all images 
Were using Podman to build images, so don't futz with Docker.

only build base images, not as necessary to build RAG Images.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-26 16:06:54 -04:00
Daniel J Walsh 8c2bc88284
Fix removing of file based URL models 
Currently we are incorrectly reporting file models as
file://PATH as opposed to the correct file:///PATH.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-26 15:44:29 -04:00
Daniel J Walsh 370f1ccc1c
Merge pull request #1611 from ktdreyer/nopull 
rename "nopull" boolean to "pull"
 2025-06-26 14:57:23 -04:00
Daniel J Walsh c98c3a0cb4
Merge pull request #1612 from containers/konflux-bats 
konflux: build bats image
 2025-06-26 13:27:42 -04:00
Ken Dreyer f9e6fed54a rename "nopull" boolean to "pull" 
Rename "nopull" to "pull" for improved clarity and readability. This
avoids the double-negative, making the logic more straightforward to
reason about. "pull = True" now means "pull the image", "pull = False"
means "don't pull the image."

Signed-off-by: Ken Dreyer <kdreyer@redhat.com>
 2025-06-26 13:06:34 -04:00
Mike Bonnet 7f05324a7a bats: only install ollama on x86_64 
Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-26 08:10:45 -07:00
Mike Bonnet 0f4c0fee43 konflux: bats: use shared pipelines 
Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-26 07:43:59 -07:00
red-hat-konflux-kflux-prd-rh03 27460c5c97 Red Hat Konflux kflux-prd-rh03 update bats 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <konflux@no-reply.konflux-ci.dev>
 2025-06-26 14:06:56 +00:00
Daniel J Walsh aa1e4f1f30
Merge pull request #1603 from slp/pin-copr-mesa 
container-images: pin mesa version to COPR
 2025-06-26 09:38:31 -04:00
Daniel J Walsh 0f90023a52
Merge pull request #1609 from rhatdan/build 
Separate build image into its own VM
 2025-06-26 09:36:59 -04:00
Daniel J Walsh d4e76d3638
Merge pull request #1598 from containers/bats-container 
add support for running bats in a container
 2025-06-26 09:36:35 -04:00
Eric Curtin 61efb04416
Merge pull request #1605 from rhatdan/chat 
Switchout hasattr for getattr wherever possible
 2025-06-26 14:27:22 +01:00
Eric Curtin 932a1d8c08
Merge pull request #1607 from engelmi/prune-model-store-code 
Prune model store code

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-26 09:21:03 -04:00
Daniel J Walsh de46cd16c7
Separate build image into its own VM 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-26 09:12:27 -04:00
Eric Curtin 9140476c7d
Merge pull request #1607 from engelmi/prune-model-store-code 
Prune model store code
 2025-06-26 13:24:09 +01:00
Sergio Lopez 385a992e2b container-images: pin mesa version to COPR 
When building on Fedora systems make sure we install the
mesa version from the COPR, which has the patches to force
alignment to 16K (needed for GPU acceleration on macOS, but
harmless to other systems).

We also need to add "--nobest" to "dnf update" to ensure it
doesn't get frustrated by being unable to install the mesa package
from appstream.

Signed-off-by: Sergio Lopez <slp@redhat.com>
 2025-06-26 12:09:05 +02:00
Michael Engel 2f3af6afff Use property for model store 
By accessing the model store via property a None-check can be performed
and creating an instance on-the-fly. In addition, this removes the need
for setting the store from the factory and removes its optional trait.
The unit tests for ollama have been rewritten as well since functions
such as repo_pull or exists have been removed. It only tests the pull
function which mocks away http calls to external services.

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-06-26 09:29:03 +02:00
Michael Engel ef3863904f Refactoring model base class for new model store 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-06-26 09:29:03 +02:00
Michael Engel 8482cf3957 Remove model flag for safetensors via mscli 
Relates to: github.com/containers/ramalama/pull/1559

Remove Model flag for safetensor files for now in order to
allow multiple safetensor files be downloaded for the
convert command.

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-06-26 09:29:03 +02:00
Michael Engel 8f578ebf30 Prune old model store code in hf-style models 
In addition to pruning old model store code, the usage of downloading
files using the hfcli or modelscope cli has been removed.
In the future, the download of multiple files - incl. safetensors - will
be done explicitly based on the metadata only by http requests.

Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-06-26 09:29:03 +02:00
Michael Engel 512ccbaba5 Prune old model store code in Ollama model 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-06-26 09:29:03 +02:00
Michael Engel 38f16c42c4 Prune old model store code in URL model 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-06-26 09:29:03 +02:00
Michael Engel 5f688686d8 Remove script for old to new model store migration 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-06-26 09:29:03 +02:00
Michael Engel 51f766d898 Remove --use-model-store feature flag 
Signed-off-by: Michael Engel <mengel@redhat.com>
 2025-06-26 09:29:03 +02:00
Mike Bonnet 4f479484de support running all Makefile targets in the bats container 
Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-25 21:45:37 -07:00
Mike Bonnet a651be7832 add support for running bats in a container 
Add a new "bats" container which is configured to run the bats tests.
The container supports running the standard bats test suite
(container-in-container) as well as the "--nocontainer" tests.

Add two new Makefile targets for running the bats container via podman.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-25 21:45:12 -07:00
Mike Bonnet 77d30733be make use of /dev/dri optional when serving llama-stack 
Add the --dri option to disable mounting /dev/dri into the container when running "ramalama serve --api llama-stack".
Update bats test to pass "--dri off".

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-25 12:06:30 -07:00
Mike Bonnet 681c488e28
Merge pull request #1608 from containers/konflux-rocm-cuda 
konflux: use shared pipelines for rocm, rocm-ubi, and cuda
 2025-06-25 09:51:21 -07:00
Eric Curtin f4e929896a
Merge pull request #1606 from containers/fix-text-input 
Allow std input
 2025-06-25 17:07:49 +01:00
Mike Bonnet 7be12487c6 konflux: use shared pipelines for rocm, rocm-ubi, and cuda 
Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-25 08:46:11 -07:00
Daniel J Walsh 4b71dafa29
Merge pull request #1599 from containers/konflux-centralize-pipelines 
konflux: centralize pipeline definitions
 2025-06-25 10:37:26 -04:00
Mike Bonnet ed4879d301 konflux: move Pipeline and PipelineRun definitions into subdirs of .tekton 
This will simplify management as more components are on-boarded.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-25 07:14:03 -07:00
Eric Curtin aab36b04d4 Allow std input 
We used to have this feature, got dropped recently accidentally,
can do things like:

`cat text_file_with_prompt.txt | ramalama run smollm:135m`

or

`cat some_doc | ramalama run smollm:135m Explain this document:`

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-06-25 15:01:48 +01:00
Daniel J Walsh 2526ab6223
Merge pull request #1600 from containers/konflux/mintmaker/main/registry.access.redhat.com-ubi9-ubi-9.x 
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1750786174
 2025-06-25 09:04:29 -04:00
Eric Curtin f70b13c8db
Merge pull request #1602 from rhatdan/timeout 
Some of our tests are running for hours, need to be timed out
 2025-06-25 13:35:50 +01:00
Eric Curtin 82d04a7469
Merge pull request #1601 from rhatdan/chat 
Missing options of api_key and pid2kill are causing crashes
 2025-06-25 13:34:03 +01:00
Daniel J Walsh 951246f228
Missing options of api_key and pid2kill are causing crashes 
Also add debug information to chat.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-25 06:46:31 -04:00
Daniel J Walsh 2ba6f6f167
Some of our tests are running for hours, need to be timed out 
None of our tests should take more then 1 hour, so time them
out and then need to figure out what is causing the issue.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-25 06:34:47 -04:00
red-hat-konflux-kflux-prd-rh03[bot] 18527f87a6
chore(deps): update registry.access.redhat.com/ubi9/ubi docker tag to v9.6-1750786174 
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
 2025-06-25 00:02:06 +00:00
Mike Bonnet e661d87580 konflux: centralize pipeline definitions 
Move the pipeline definitions into their own files and references them from the PipelineRuns
that are created on pull request and push. This allows the pipelines to be used for multiple
components and dramatically reduces code duplication and maintenance burden.

Signed-off-by: Mike Bonnet <mikeb@redhat.com>
 2025-06-24 17:00:10 -07:00
Daniel J Walsh dc43419f21
Merge pull request #1595 from rhatdan/fedora 
Move RamaLama container image to default to fedora:42
 2025-06-24 15:56:50 -04:00
Daniel J Walsh 189d722eb7
Move RamaLama container image to default to fedora:42 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-24 14:34:59 -04:00
Eric Curtin 788d5564d5
Merge pull request #1578 from containers/gemini 
API key support
 2025-06-24 13:07:35 +01:00
Eric Curtin fd71bac96a
Merge pull request #1589 from rhatdan/accel 
Don't pull image when doing ramalama --help call
 2025-06-24 12:38:54 +01:00
Daniel J Walsh 1b6b415d0c
Don't pull image when doing ramalama --help call 
Fixes: https://github.com/containers/ramalama/issues/1587

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-23 19:44:14 -04:00
Daniel J Walsh 1ee66c0964
Merge pull request #1576 from rhatdan/chat 
Remove last libexec program
 2025-06-23 13:48:45 -04:00
Daniel J Walsh 6d7bd22ee1
Remove last libexec program 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-23 11:47:01 -04:00
Daniel J Walsh eaa0da253d
Hide --max-model-len from option list 
This fixes make validate to not complain about --ctx-size option.

No reason to have this available in display, since this is only for
users assuming vllm options.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2025-06-23 11:44:17 -04:00
Daniel J Walsh a00188027c
Merge pull request #1586 from rhatdan/VERSION 
Bump to v0.9.3
 2025-06-23 11:23:09 -04:00
Eric Curtin 1465086ded API key support 
If we pass --api-key, we can talk to OpenAI providers.

Signed-off-by: Eric Curtin <ecurtin@redhat.com>
 2025-06-23 14:21:20 +01:00
208 changed files with 11693 additions and 3852 deletions
Show Stats Expand all files Collapse all files

15
.codespellrc
View File

@ -1,15 +0,0 @@
# https://github.com/codespell-project/codespell#using-a-config-file
[codespell]
# Comma-separated list of files to skip.
skip = build,ramalama.egg-info,logos,.git #,bin,vendor,.git,go.sum,changelog.txt,.cirrus.yml,"RELEASE_NOTES.md,*.xz,*.gz,*.tar,*.tgz,bin2img,*ico,*.png,*.1,*.5,*.7,copyimg,*.orig,apidoc.go"
# Comma separated list of words to be ignored. Words must be lowercased.
ignore-words-list = clos,creat,ro,hastable,shouldnot,mountns,passt,assertin
# Custom dictionary file that contains spelling corrections.
# Run with option '--dictionary=-' to include also default dictionary.
dictionary = .codespelldict
# Check file names as well.
check-filenames = true

1
.flake8
View File

@ -2,3 +2,4 @@
max-line-length = 120 max-line-length = 120
# E203,E221,E231 conflict with black formatting # E203,E221,E231 conflict with black formatting
extend-ignore = E203,E221,E231,E702,F824 extend-ignore = E203,E221,E231,E702,F824
extend-exclude = .venv,venv

18
.github/workflows/ci-images.yml vendored
View File

@ -18,6 +18,7 @@ on:
jobs: jobs:
build: build:
runs-on: ubuntu-24.04 runs-on: ubuntu-24.04
timeout-minutes: 120
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v4
@ -48,7 +49,10 @@ jobs:
- name: Free Disk Space Linux - name: Free Disk Space Linux
shell: bash shell: bash
run: | run: |
sudo docker rmi "$(docker image ls -aq)" >/dev/null 2>&1 || true sudo mkdir -m a=rwx -p /mnt/tmp /mnt/runner
sudo mkdir -m o=rwx -p /home/runner/.local
sudo chown runner:runner /mnt/runner /home/runner/.local
sudo mount --bind /mnt/runner /home/runner/.local
sudo rm -rf \ sudo rm -rf \
/usr/share/dotnet /usr/local/lib/android /opt/ghc \ /usr/share/dotnet /usr/local/lib/android /opt/ghc \
/usr/local/share/powershell /usr/share/swift /usr/local/.ghcup \ /usr/local/share/powershell /usr/share/swift /usr/local/.ghcup \
@ -57,16 +61,6 @@ jobs:
sudo swapoff -a sudo swapoff -a
sudo rm -f /mnt/Swapfile sudo rm -f /mnt/Swapfile
# /mnt has ~ 65 GB free disk space. / is too small.
- name: Reconfigure Docker data-root
run: |
sudo mkdir -p /mnt/docker /etc/docker
echo '{"data-root": "/mnt/docker"}' > /tmp/daemon.json
sudo mv /tmp/daemon.json /etc/docker/daemon.json
cat /etc/docker/daemon.json
sudo systemctl restart docker.service
df -h
- name: Print disk space after cleanup - name: Print disk space after cleanup
shell: bash shell: bash
run: | run: |
@ -74,4 +68,4 @@ jobs:
- name: Build Images - name: Build Images
run: | run: |
./container_build.sh -r -c build ./container_build.sh -r -c -s build

64
.github/workflows/ci.yml vendored
View File

@ -10,6 +10,7 @@ jobs:
lint: lint:
name: Lint Code name: Lint Code
runs-on: ubuntu-24.04 runs-on: ubuntu-24.04
timeout-minutes: 20
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
@ -33,12 +34,52 @@ jobs:
run: | run: |
make lint make lint
unit-test: build-image:
name: Unit Tests
runs-on: ubuntu-24.04 runs-on: ubuntu-24.04
timeout-minutes: 60
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Install the latest version of uv and activate the environment
uses: astral-sh/setup-uv@v6
with:
activate-environment: true
- name: Install dependencies
shell: bash
run: |
df -h
sudo apt-get update
sudo apt-get install -y bash codespell python3-argcomplete pipx podman
make install-requirements
- name: Upgrade to podman 5
run: |
set -e
# /mnt has ~ 65 GB free disk space. / is too small.
sudo mkdir -m a=rwx -p /mnt/tmp /mnt/runner
sudo mkdir -m o=rwx -p /home/runner/.local
sudo chown runner:runner /mnt/runner /home/runner/.local
sudo mount --bind /mnt/runner /home/runner/.local
# Enable universe repository which contains podman
sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu oracular universe"
# Update package lists
sudo apt-get update
sudo apt-get purge firefox
# Install specific podman version
sudo apt-get upgrade
- name: Build a container for CPU inferencing
shell: bash
run: |
./container_build.sh build -s ramalama
unit-test:
name: Unit Tests
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- uses: actions/checkout@v4
- name: Install the latest version of uv and activate the environment - name: Install the latest version of uv and activate the environment
uses: astral-sh/setup-uv@v6 uses: astral-sh/setup-uv@v6
with: with:
@ -69,6 +110,7 @@ jobs:
bats: bats:
runs-on: ubuntu-24.04 runs-on: ubuntu-24.04
timeout-minutes: 60
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
@ -105,9 +147,6 @@ jobs:
# Install specific podman version # Install specific podman version
sudo apt-get upgrade sudo apt-get upgrade
- name: Build a container for CPU inferencing
run: ./container_build.sh build ramalama
- name: run bats - name: run bats
run: | run: |
TEMPDIR=/mnt/tmp TEMPDIR=/mnt/tmp
@ -116,6 +155,7 @@ jobs:
bats-nocontainer: bats-nocontainer:
runs-on: ubuntu-24.04 runs-on: ubuntu-24.04
timeout-minutes: 60
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
@ -155,6 +195,7 @@ jobs:
docker: docker:
runs-on: ubuntu-24.04 runs-on: ubuntu-24.04
timeout-minutes: 60
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
@ -202,11 +243,12 @@ jobs:
sudo mv /tmp/daemon.json /etc/docker/daemon.json sudo mv /tmp/daemon.json /etc/docker/daemon.json
cat /etc/docker/daemon.json cat /etc/docker/daemon.json
sudo systemctl restart docker.service sudo systemctl restart docker.service
sudo mkdir -m a=rwx -p /mnt/tmp /mnt/runner
sudo mkdir -m o=rwx -p /home/runner/.local
sudo chown runner:runner /mnt/runner /home/runner/.local
sudo mount --bind /mnt/runner /home/runner/.local
df -h df -h
- name: Build a container for CPU inferencing
run: ./container_build.sh build ramalama
- name: bats-docker - name: bats-docker
run: | run: |
docker info docker info
@ -214,6 +256,7 @@ jobs:
macos: macos:
runs-on: macos-14 runs-on: macos-14
timeout-minutes: 60
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
@ -222,6 +265,11 @@ jobs:
with: with:
activate-environment: true activate-environment: true
- name: install mlx-lm
shell: bash
run: |
uv pip install mlx-lm
- name: install golang - name: install golang
shell: bash shell: bash
run: | run: |

2
.github/workflows/install_ramalama.yml vendored
View File

@ -21,7 +21,7 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Set Up Dependencies (Ubuntu) - name: Set Up Dependencies (Ubuntu)
timeout-minutes: 10 timeout-minutes: 20
if: matrix.os == 'ubuntu-latest' if: matrix.os == 'ubuntu-latest'
run: | run: |
sudo apt-get install -y lshw curl sudo apt-get install -y lshw curl

2
.gitignore vendored
View File

@ -19,3 +19,5 @@ __pycache__/
coverage.* coverage.*
htmlcov/ htmlcov/
.idea/ .idea/
.hypothesis/
uv.lock

2
.packit-copr-rpm.sh
View File

@ -9,7 +9,7 @@ set -exo pipefail
# Extract version from pyproject.toml instead of setup.py # Extract version from pyproject.toml instead of setup.py
VERSION=$(awk -F'[""]' ' /^\s*version\s*/ {print $(NF-1)}' pyproject.toml ) VERSION=$(awk -F'[""]' ' /^\s*version\s*/ {print $(NF-1)}' pyproject.toml )
SPEC_FILE=rpm/python-ramalama.spec SPEC_FILE=rpm/ramalama.spec
# RPM Spec modifications # RPM Spec modifications

12
.packit.yaml
View File

@ -7,11 +7,11 @@ upstream_tag_template: v{version}
packages: packages:
ramalama-fedora: ramalama-fedora:
pkg_tool: fedpkg pkg_tool: fedpkg
downstream_package_name: python-ramalama downstream_package_name: ramalama
specfile_path: rpm/python-ramalama.spec specfile_path: rpm/ramalama.spec
ramalama-centos: ramalama-centos:
downstream_package_name: python-ramalama downstream_package_name: ramalama
specfile_path: rpm/python-ramalama.spec specfile_path: rpm/ramalama.spec
srpm_build_deps: srpm_build_deps:
- make - make
@ -79,7 +79,7 @@ jobs:
dist_git_branches: &fedora_targets dist_git_branches: &fedora_targets
- fedora-all - fedora-all
- epel10 - epel10
- epel9 - epel10.0
- job: koji_build - job: koji_build
trigger: commit trigger: commit
@ -92,4 +92,4 @@ jobs:
dist_git_branches: dist_git_branches:
- fedora-branched # rawhide updates are created automatically - fedora-branched # rawhide updates are created automatically
- epel10 - epel10
- epel9 - epel10.0

37
.pre-commit-config.yaml Normal file
View File

@ -0,0 +1,37 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v5.0.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-yaml
- id: check-json
- id: check-toml
- id: check-added-large-files
- id: check-merge-conflict
- id: check-executables-have-shebangs
- id: check-shebang-scripts-are-executable
- repo: https://github.com/pycqa/flake8
rev: 7.3.0
hooks:
- id: flake8
- repo: https://github.com/codespell-project/codespell
rev: v2.4.1
hooks:
- id: codespell
args: ["-w"]
- repo: https://github.com/psf/black
rev: 25.1.0
hooks:
- id: black
- repo: https://github.com/pycqa/isort
rev: 6.0.1
hooks:
- id: isort
- repo: local
hooks:
- id: run-unit-tests
name: run unit tests
entry: make unit-tests
language: system
pass_filenames: false

48
.tekton/asahi-llama-server/asahi-llama-server-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-llama-server
pipelines.appstudio.openshift.io/type: build
name: asahi-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/asahi-llama-server/asahi-llama-server-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-llama-server
pipelines.appstudio.openshift.io/type: build
name: asahi-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/asahi-rag/asahi-rag-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-rag
pipelines.appstudio.openshift.io/type: build
name: asahi-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- GPU=cpu
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/asahi-rag/asahi-rag-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-rag
pipelines.appstudio.openshift.io/type: build
name: asahi-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- GPU=cpu
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/asahi-whisper-server/asahi-whisper-server-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-whisper-server
pipelines.appstudio.openshift.io/type: build
name: asahi-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/asahi-whisper-server/asahi-whisper-server-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi-whisper-server
pipelines.appstudio.openshift.io/type: build
name: asahi-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/asahi/asahi-pull-request.yaml Normal file
View File

@ -0,0 +1,42 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi
pipelines.appstudio.openshift.io/type: build
name: asahi-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/asahi/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/asahi/asahi-push.yaml Normal file
View File

@ -0,0 +1,39 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: asahi
pipelines.appstudio.openshift.io/type: build
name: asahi-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/asahi:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/asahi/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/bats/bats-pull-request.yaml Normal file
View File

@ -0,0 +1,42 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: bats
pipelines.appstudio.openshift.io/type: build
name: bats-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/bats:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/bats/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/bats/bats-push.yaml Normal file
View File

@ -0,0 +1,39 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: bats
pipelines.appstudio.openshift.io/type: build
name: bats-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/bats:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/bats/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cann-llama-server/cann-llama-server-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-llama-server
pipelines.appstudio.openshift.io/type: build
name: cann-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cann-llama-server/cann-llama-server-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-llama-server
pipelines.appstudio.openshift.io/type: build
name: cann-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cann-rag/cann-rag-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-rag
pipelines.appstudio.openshift.io/type: build
name: cann-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- GPU=cpu
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cann-rag/cann-rag-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-rag
pipelines.appstudio.openshift.io/type: build
name: cann-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- GPU=cpu
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cann-whisper-server/cann-whisper-server-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-whisper-server
pipelines.appstudio.openshift.io/type: build
name: cann-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cann-whisper-server/cann-whisper-server-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann-whisper-server
pipelines.appstudio.openshift.io/type: build
name: cann-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/cann/cann-pull-request.yaml Normal file
View File

@ -0,0 +1,42 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann
pipelines.appstudio.openshift.io/type: build
name: cann-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/cann/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/cann/cann-push.yaml Normal file
View File

@ -0,0 +1,39 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cann
pipelines.appstudio.openshift.io/type: build
name: cann-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cann:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/cann/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cuda-llama-server/cuda-llama-server-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-llama-server
pipelines.appstudio.openshift.io/type: build
name: cuda-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cuda-llama-server/cuda-llama-server-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-llama-server
pipelines.appstudio.openshift.io/type: build
name: cuda-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cuda-rag/cuda-rag-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-rag
pipelines.appstudio.openshift.io/type: build
name: cuda-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- GPU=cuda
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cuda-rag/cuda-rag-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-rag
pipelines.appstudio.openshift.io/type: build
name: cuda-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- GPU=cuda
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/cuda-whisper-server/cuda-whisper-server-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-whisper-server
pipelines.appstudio.openshift.io/type: build
name: cuda-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/cuda-whisper-server/cuda-whisper-server-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda-whisper-server
pipelines.appstudio.openshift.io/type: build
name: cuda-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/cuda/cuda-pull-request.yaml Normal file
View File

@ -0,0 +1,42 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda
pipelines.appstudio.openshift.io/type: build
name: cuda-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/cuda/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/cuda/cuda-push.yaml Normal file
View File

@ -0,0 +1,39 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: cuda
pipelines.appstudio.openshift.io/type: build
name: cuda-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/cuda:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/cuda/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

66
.tekton/integration/pipelines/bats-integration.yaml Normal file
View File

@ -0,0 +1,66 @@
kind: Pipeline
apiVersion: tekton.dev/v1
metadata:
name: bats-integration
spec:
description: |
Test the newly-built ramalama image and layered images on all supported architectures.
params:
- name: SNAPSHOT
description: >-
Information about the components included in the current snapshot under test.
- name: platforms
description: VM platforms on which to run test commands
type: array
default:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: commands
description: Test commands to run
type: array
default:
- make bats
- name: git-url
description: URL of the Git repository containing pipeline and task definitions
default: https://github.com/containers/ramalama.git
- name: git-revision
description: Revision of the Git repository containing pipeline and task definitions
default: main
tasks:
- name: init
params:
- name: SNAPSHOT
value: $(params.SNAPSHOT)
taskRef:
resolver: git
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.git-revision)
- name: pathInRepo
value: .tekton/integration/tasks/init-snapshot.yaml
- name: test
matrix:
params:
- name: PLATFORM
value:
- $(params.platforms)
- name: cmd
value:
- $(params.commands)
params:
- name: image
value: $(tasks.init.results.bats-image)
- name: envs
value:
- RAMALAMA_IMAGE=$(tasks.init.results.ramalama-image)
taskRef:
resolver: git
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.git-revision)
- name: pathInRepo
value: .tekton/integration/tasks/test-vm-cmd.yaml

55
.tekton/integration/tasks/init-snapshot.yaml Normal file
View File

@ -0,0 +1,55 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: init-snapshot
spec:
description: Extract information from the SNAPSHOT and make it available as Tekton results
params:
- name: SNAPSHOT
description: >-
Information about the components included in the current snapshot under test.
results:
- name: event-type
description: The type of event that triggered the pipeline
- name: bats-image
description: URI of the bats image included in the snapshot
- name: ramalama-image
description: URI of the ramalama image included in the snapshot
- name: TEST_OUTPUT
description: Test result in json format
steps:
- name: process
image: registry.access.redhat.com/ubi10/ubi:latest
env:
- name: SNAPSHOT
value: $(params.SNAPSHOT)
- name: EVENT_TYPE
valueFrom:
fieldRef:
fieldPath: metadata.labels['pac.test.appstudio.openshift.io/event-type']
- name: RESULTS_EVENT_TYPE_PATH
value: $(results.event-type.path)
- name: RESULTS_BATS_IMAGE_PATH
value: $(results.bats-image.path)
- name: RESULTS_RAMALAMA_IMAGE_PATH
value: $(results.ramalama-image.path)
- name: RESULTS_TEST_OUTPUT_PATH
value: $(results.TEST_OUTPUT.path)
script: |
#!/bin/bash -ex
dnf -y install jq
echo -n "$EVENT_TYPE" | tee "$RESULTS_EVENT_TYPE_PATH"
echo
component_image() {
TAGSEP=":"
if [ "$EVENT_TYPE" == "pull_request" ]; then
TAGSEP+="on-pr-"
fi
jq -j --arg name "$1" --arg tagsep "$TAGSEP" '.components[] | select(.name == $name) | [(.containerImage | split("@")[0]), .source.git.revision] | join($tagsep)' <<< "$SNAPSHOT"
}
component_image bats | tee "$RESULTS_BATS_IMAGE_PATH"
echo
component_image ramalama | tee "$RESULTS_RAMALAMA_IMAGE_PATH"
echo
jq -jnc '{result: "SUCCESS", timestamp: now | todateiso8601, failures: 0, successes: 1, warnings: 0}' | tee "$RESULTS_TEST_OUTPUT_PATH"
echo

118
.tekton/integration/tasks/test-vm-cmd.yaml Normal file
View File

@ -0,0 +1,118 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: test-vm-cmd
spec:
description: Run a command in a test VM
params:
- name: PLATFORM
description: The platform of the VM to provision
- name: image
description: The image to use when setting up the test environment
- name: cmd
description: The command to run
- name: envs
description: List of environment variables (NAME=VALUE) to be set in the test environment
type: array
default: []
results:
- name: TEST_OUTPUT
description: Test result in json format
volumes:
- name: workdir
emptyDir: {}
- name: ssh
secret:
secretName: multi-platform-ssh-$(context.taskRun.name)
steps:
- name: run-in-vm
image: registry.access.redhat.com/ubi10/ubi:latest
volumeMounts:
- mountPath: /var/workdir
name: workdir
- mountPath: /ssh
name: ssh
workingDir: /var/workdir
env:
- name: TEST_IMAGE
value: $(params.image)
- name: TEST_CMD
value: $(params.cmd)
- name: RESULTS_TEST_OUTPUT_PATH
value: $(results.TEST_OUTPUT.path)
args:
- $(params.envs[*])
script: |
#!/bin/bash -ex
log() {
echo "[$(date -uIns)]" $*
}
log Install packages
dnf -y install openssh-clients rsync jq
log Prepare connection
if [ -e "/ssh/error" ]; then
log Error provisioning VM
cat /ssh/error
exit 1
fi
export SSH_HOST=$(cat /ssh/host)
mkdir -p ~/.ssh
if [ "$SSH_HOST" == "localhost" ] ; then
IS_LOCALHOST=true
log Localhost detected, running build in cluster
elif [ -s "/ssh/otp" ]; then
log Fetching OTP token
curl --cacert /ssh/otp-ca -d @/ssh/otp $(cat /ssh/otp-server) > ~/.ssh/id_rsa
echo >> ~/.ssh/id_rsa
chmod 0400 ~/.ssh/id_rsa
elif [ -s "/ssh/id_rsa" ]; then
log Copying ssh key
cp /ssh/id_rsa ~/.ssh
chmod 0400 ~/.ssh/id_rsa
else
log No authentication mechanism found
exit 1
fi
mkdir -p scripts
PODMAN_ENV=()
while [ $# -ne 0 ]; do
PODMAN_ENV+=("-e" "$1")
shift
done
cat > scripts/test.sh <<SCRIPTEOF
#!/bin/bash -ex
podman run \
--userns=keep-id \
--security-opt label=disable \
--security-opt unmask=/proc/* \
--device /dev/net/tun \
--device /dev/fuse \
${PODMAN_ENV[*]} \
$TEST_IMAGE $TEST_CMD
SCRIPTEOF
chmod +x scripts/test.sh
if ! [[ $IS_LOCALHOST ]]; then
log VM exec
export BUILD_DIR=$(cat /ssh/user-dir)
export SSH_ARGS="-o StrictHostKeyChecking=no -o ServerAliveInterval=60 -o ServerAliveCountMax=10"
# ssh once before rsync to retrieve the host key
ssh $SSH_ARGS "$SSH_HOST" "uname -a"
rsync -ra scripts "$SSH_HOST:$BUILD_DIR"
ssh $SSH_ARGS "$SSH_HOST" "$BUILD_DIR/scripts/test.sh"
log End VM exec
else
log Local exec
scripts/test.sh
log End local exec
fi
jq -jnc '{result: "SUCCESS", timestamp: now | todateiso8601, failures: 0, successes: 1, warnings: 0}' | tee "$RESULTS_TEST_OUTPUT_PATH"
echo

47
.tekton/intel-gpu-llama-server/intel-gpu-llama-server-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-llama-server
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/intel-gpu-llama-server/intel-gpu-llama-server-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-llama-server
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/intel-gpu-rag/intel-gpu-rag-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-rag
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- GPU=cpu
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/intel-gpu-rag/intel-gpu-rag-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-rag
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- GPU=cpu
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/intel-gpu-whisper-server/intel-gpu-whisper-server-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-whisper-server
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/intel-gpu-whisper-server/intel-gpu-whisper-server-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu-whisper-server
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/intel-gpu/intel-gpu-pull-request.yaml Normal file
View File

@ -0,0 +1,41 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/intel-gpu/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/intel-gpu/intel-gpu-push.yaml Normal file
View File

@ -0,0 +1,38 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: intel-gpu
pipelines.appstudio.openshift.io/type: build
name: intel-gpu-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/intel-gpu:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/intel-gpu/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

42
.tekton/llama-stack/llama-stack-pull-request.yaml Normal file
View File

@ -0,0 +1,42 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: llama-stack
pipelines.appstudio.openshift.io/type: build
name: llama-stack-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/llama-stack:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/llama-stack/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/llama-stack/llama-stack-push.yaml Normal file
View File

@ -0,0 +1,39 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: llama-stack
pipelines.appstudio.openshift.io/type: build
name: llama-stack-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/llama-stack:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/llama-stack/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/musa-llama-server/musa-llama-server-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-llama-server
pipelines.appstudio.openshift.io/type: build
name: musa-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/musa-llama-server/musa-llama-server-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-llama-server
pipelines.appstudio.openshift.io/type: build
name: musa-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/musa-rag/musa-rag-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-rag
pipelines.appstudio.openshift.io/type: build
name: musa-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- GPU=musa
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/musa-rag/musa-rag-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-rag
pipelines.appstudio.openshift.io/type: build
name: musa-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- GPU=musa
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/musa-whisper-server/musa-whisper-server-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-whisper-server
pipelines.appstudio.openshift.io/type: build
name: musa-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/musa-whisper-server/musa-whisper-server-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa-whisper-server
pipelines.appstudio.openshift.io/type: build
name: musa-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/musa/musa-pull-request.yaml Normal file
View File

@ -0,0 +1,41 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa
pipelines.appstudio.openshift.io/type: build
name: musa-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/musa/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/musa/musa-push.yaml Normal file
View File

@ -0,0 +1,38 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: musa
pipelines.appstudio.openshift.io/type: build
name: musa-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/musa:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/musa/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/openvino/openvino-pull-request.yaml Normal file
View File

@ -0,0 +1,41 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: openvino
pipelines.appstudio.openshift.io/type: build
name: openvino-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/openvino:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/openvino/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/openvino/openvino-push.yaml Normal file
View File

@ -0,0 +1,38 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: openvino
pipelines.appstudio.openshift.io/type: build
name: openvino-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/openvino:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- name: dockerfile
value: container-images/openvino/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

640
.tekton/pipelines/pull-request-pipeline.yaml Normal file
View File

@ -0,0 +1,640 @@
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: pull-request-pipeline
labels:
appstudio.openshift.io/application: ramalama
spec:
description: |
Pipeline for building RamaLama images when PRs are submitted.
Based on the [docker-build-multi-platform-oci-ta](https://github.com/konflux-ci/build-definitions/tree/main/pipelines/docker-build-multi-platform-oci-ta) pipeline from [Konflux](https://konflux-ci.dev/).
params:
- description: Source Repository URL
name: git-url
type: string
- default: ""
description: Revision of the Source Repository
name: revision
type: string
- description: Fully Qualified Output Image
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter path-context
name: dockerfile
type: string
- default: "false"
description: Force rebuild image
name: rebuild
type: string
- default: "true"
description: Skip checks against built image
name: skip-checks
type: string
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
name: build-source-image
type: string
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
- default: []
description: Array of --build-arg values ("arg=value" strings) for buildah
name: build-args
type: array
- default: ""
description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file
name: build-args-file
type: string
- default: "false"
description: Whether to enable privileged mode, should be used only with remote VMs
name: privileged-nested
type: string
- default:
- linux-c4xlarge/amd64
description: List of platforms to build the container images on. The available set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
- default: ""
description: The parent image of the image being built.
name: parent-image
- default: ""
description: The image to use for running tests.
name: test-image
- default: []
description: List of environment variables (NAME=VALUE) to be set in the test environment.
name: test-envs
type: array
- default:
- echo "No tests defined"
description: List of test commands to run after the image is built.
name: test-commands
type: array
results:
- description: ""
name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- description: ""
name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- description: ""
name: CHAINS-GIT_URL
value: $(tasks.clone-repository.results.url)
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
tasks:
- name: init
params:
- name: image-url
value: $(params.output-image)
- name: rebuild
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
taskRef:
params:
- name: name
value: init
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:1d8221c84f91b923d89de50bf16481ea729e3b68ea04a9a7cbe8485ddbb27ee6
- name: kind
value: task
resolver: bundles
- name: clone-repository
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:d35e5d501cb5f5f88369511f76249857cb5ac30250e1dcf086939321964ff6b9
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
- name: prefetch-dependencies
params:
- name: input
value: $(params.prefetch-input)
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: ociStorage
value: $(params.output-image).prefetch
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: prefetch-dependencies-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:092491ac0f6e1009d10c58a1319d1029371bf637cc1293cceba53c6da5314ed1
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-basic-auth
workspace: git-auth
- name: netrc
workspace: netrc
- name: wait-for-parent-image
params:
- name: ref
value: $(params.parent-image)
taskRef:
name: wait-for-image
when:
- input: $(params.parent-image)
operator: notin
values:
- ""
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: PRIVILEGED_NESTED
value: $(params.privileged-nested)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- wait-for-parent-image
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:9e866d4d0489a6ab84ae263db416c9f86d2d6117ef4444f495a0e97388ae3ac0
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-image-index
params:
- name: IMAGE
value: $(params.output-image)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: ALWAYS_BUILD_INDEX
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-images
taskRef:
params:
- name: name
value: build-image-index
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:3499772af90aad0d3935629be6d37dd9292195fb629e6f43ec839c7f545a0faa
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: wait-for-test-image
params:
- name: ref
value: $(params.test-image)
runAfter:
- build-image-index
taskRef:
name: wait-for-image
when:
- input: $(params.test-image)
operator: notin
values:
- ""
- name: run-tests
matrix:
params:
- name: cmd
value:
- $(params.test-commands)
params:
- name: image
value: $(params.test-image)@$(tasks.wait-for-test-image.results.digest)
- name: envs
value:
- $(params.test-envs[*])
runAfter:
- wait-for-test-image
taskRef:
name: test-cmd
when:
- input: $(params.test-image)
operator: notin
values:
- ""
- name: build-source-image
params:
- name: BINARY_IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: BINARY_IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:b1eb49583b41872b27356fee20d5f0eb6ff7f5cdeacde7ffb39655f031104728
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- input: $(params.build-source-image)
operator: in
values:
- "true"
- name: deprecated-base-image-check
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:3c8b81fa868e27c6266e7660a4bfb4c822846dcf4304606e71e20893b0d3e515
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clair-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clair-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:417f44117f8d87a4a62fea6589b5746612ac61640b454dbd88f74892380411f2
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: ecosystem-cert-preflight-checks
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:f99d2bdb02f13223d494077a2cde31418d09369f33c02134a8e7e5fad2f61eda
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-snyk-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-snyk-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:fe5e5ba3a72632cd505910de2eacd62c9d11ed570c325173188f8d568ac60771
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clamav-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:7749146f7e4fe530846f1b15c9366178ec9f44776ef1922a60d3e7e2b8c6426b
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-coverity-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- coverity-availability-check
taskRef:
params:
- name: name
value: sast-coverity-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:f9ca942208dc2e63b479384ccc56a611cc793397ecc837637b5b9f89c2ecbefe
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- input: $(tasks.coverity-availability-check.results.STATUS)
operator: in
values:
- success
- name: coverity-availability-check
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: coverity-availability-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:db2b267dc15e4ed17f704ee91b8e9b38068e1a35b1018a328fdca621819d74c6
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-shell-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-shell-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:bf7bdde00b7212f730c1356672290af6f38d070da2c8a316987b5c32fd49e0b9
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-unicode-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.3@sha256:a2bde66f6b4164620298c7d709b8f08515409404000fa1dc2260d2508b135651
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: apply-tags
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:517a51e260c0b59654a9d7b842e1ab07d76bce15ca7ce9c8fd2489a19be6463d
- name: kind
value: task
resolver: bundles
- name: push-dockerfile
params:
- name: IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: push-dockerfile-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:8c75c4a747e635e5f3e12266a3bb6e5d3132bf54e37eaa53d505f89897dd8eca
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:1b6c20ab3dbfb0972803d3ebcb2fa72642e59400c77bd66dfd82028bdd09e120
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
finally:
- name: show-sbom
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
taskRef:
params:
- name: name
value: show-sbom
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:86c069cac0a669797e8049faa8aa4088e70ff7fcd579d5bdc37626a9e0488a05
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-auth
optional: true
- name: netrc
optional: true

640
.tekton/pipelines/push-pipeline.yaml Normal file
View File

@ -0,0 +1,640 @@
apiVersion: tekton.dev/v1
kind: Pipeline
metadata:
name: push-pipeline
labels:
appstudio.openshift.io/application: ramalama
spec:
description: |
Pipeline for building RamaLama images on push.
Based on the [docker-build-multi-platform-oci-ta](https://github.com/konflux-ci/build-definitions/tree/main/pipelines/docker-build-multi-platform-oci-ta) pipeline from [Konflux](https://konflux-ci.dev/).
params:
- description: Source Repository URL
name: git-url
type: string
- default: ""
description: Revision of the Source Repository
name: revision
type: string
- description: Fully Qualified Output Image
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter path-context
name: dockerfile
type: string
- default: "false"
description: Force rebuild image
name: rebuild
type: string
- default: "false"
description: Skip checks against built image
name: skip-checks
type: string
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
name: build-source-image
type: string
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
- default: []
description: Array of --build-arg values ("arg=value" strings) for buildah
name: build-args
type: array
- default: ""
description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file
name: build-args-file
type: string
- default: "false"
description: Whether to enable privileged mode, should be used only with remote VMs
name: privileged-nested
type: string
- default:
- linux-c4xlarge/amd64
description: List of platforms to build the container images on. The available set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
- default: ""
description: The parent image of the image being built.
name: parent-image
- default: ""
description: The image to use for running tests.
name: test-image
- default: []
description: List of environment variables (NAME=VALUE) to be set in the test environment.
name: test-envs
type: array
- default:
- echo "No tests defined"
description: List of test commands to run after the image is built.
name: test-commands
type: array
results:
- description: ""
name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- description: ""
name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- description: ""
name: CHAINS-GIT_URL
value: $(tasks.clone-repository.results.url)
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
tasks:
- name: init
params:
- name: image-url
value: $(params.output-image)
- name: rebuild
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
taskRef:
params:
- name: name
value: init
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:1d8221c84f91b923d89de50bf16481ea729e3b68ea04a9a7cbe8485ddbb27ee6
- name: kind
value: task
resolver: bundles
- name: clone-repository
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:d35e5d501cb5f5f88369511f76249857cb5ac30250e1dcf086939321964ff6b9
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
- name: prefetch-dependencies
params:
- name: input
value: $(params.prefetch-input)
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: ociStorage
value: $(params.output-image).prefetch
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: prefetch-dependencies-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:092491ac0f6e1009d10c58a1319d1029371bf637cc1293cceba53c6da5314ed1
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-basic-auth
workspace: git-auth
- name: netrc
workspace: netrc
- name: wait-for-parent-image
params:
- name: ref
value: $(params.parent-image)
taskRef:
name: wait-for-image
when:
- input: $(params.parent-image)
operator: notin
values:
- ""
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: PRIVILEGED_NESTED
value: $(params.privileged-nested)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- wait-for-parent-image
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:9e866d4d0489a6ab84ae263db416c9f86d2d6117ef4444f495a0e97388ae3ac0
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-image-index
params:
- name: IMAGE
value: $(params.output-image)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: ALWAYS_BUILD_INDEX
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-images
taskRef:
params:
- name: name
value: build-image-index
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:3499772af90aad0d3935629be6d37dd9292195fb629e6f43ec839c7f545a0faa
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: wait-for-test-image
params:
- name: ref
value: $(params.test-image)
runAfter:
- build-image-index
taskRef:
name: wait-for-image
when:
- input: $(params.test-image)
operator: notin
values:
- ""
- name: run-tests
matrix:
params:
- name: cmd
value:
- $(params.test-commands)
params:
- name: image
value: $(params.test-image)@$(tasks.wait-for-test-image.results.digest)
- name: envs
value:
- $(params.test-envs[*])
runAfter:
- wait-for-test-image
taskRef:
name: test-cmd
when:
- input: $(params.test-image)
operator: notin
values:
- ""
- name: build-source-image
params:
- name: BINARY_IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: BINARY_IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:b1eb49583b41872b27356fee20d5f0eb6ff7f5cdeacde7ffb39655f031104728
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- input: $(params.build-source-image)
operator: in
values:
- "true"
- name: deprecated-base-image-check
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:3c8b81fa868e27c6266e7660a4bfb4c822846dcf4304606e71e20893b0d3e515
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clair-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clair-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:417f44117f8d87a4a62fea6589b5746612ac61640b454dbd88f74892380411f2
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: ecosystem-cert-preflight-checks
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:f99d2bdb02f13223d494077a2cde31418d09369f33c02134a8e7e5fad2f61eda
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-snyk-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-snyk-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:fe5e5ba3a72632cd505910de2eacd62c9d11ed570c325173188f8d568ac60771
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clamav-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:7749146f7e4fe530846f1b15c9366178ec9f44776ef1922a60d3e7e2b8c6426b
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-coverity-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- coverity-availability-check
taskRef:
params:
- name: name
value: sast-coverity-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:f9ca942208dc2e63b479384ccc56a611cc793397ecc837637b5b9f89c2ecbefe
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- input: $(tasks.coverity-availability-check.results.STATUS)
operator: in
values:
- success
- name: coverity-availability-check
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: coverity-availability-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:db2b267dc15e4ed17f704ee91b8e9b38068e1a35b1018a328fdca621819d74c6
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-shell-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-shell-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:bf7bdde00b7212f730c1356672290af6f38d070da2c8a316987b5c32fd49e0b9
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-unicode-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.3@sha256:a2bde66f6b4164620298c7d709b8f08515409404000fa1dc2260d2508b135651
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: apply-tags
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:517a51e260c0b59654a9d7b842e1ab07d76bce15ca7ce9c8fd2489a19be6463d
- name: kind
value: task
resolver: bundles
- name: push-dockerfile
params:
- name: IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: push-dockerfile-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:8c75c4a747e635e5f3e12266a3bb6e5d3132bf54e37eaa53d505f89897dd8eca
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:1b6c20ab3dbfb0972803d3ebcb2fa72642e59400c77bd66dfd82028bdd09e120
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
finally:
- name: show-sbom
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
taskRef:
params:
- name: name
value: show-sbom
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:86c069cac0a669797e8049faa8aa4088e70ff7fcd579d5bdc37626a9e0488a05
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-auth
optional: true
- name: netrc
optional: true

42
.tekton/ramalama-cli/ramalama-cli-pull-request.yaml Normal file
View File

@ -0,0 +1,42 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-cli
pipelines.appstudio.openshift.io/type: build
name: ramalama-cli-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-cli:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/ramalama-cli/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

39
.tekton/ramalama-cli/ramalama-cli-push.yaml Normal file
View File

@ -0,0 +1,39 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-cli
pipelines.appstudio.openshift.io/type: build
name: ramalama-cli-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-cli:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/ramalama-cli/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/ramalama-llama-server/ramalama-llama-server-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-llama-server
pipelines.appstudio.openshift.io/type: build
name: ramalama-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/ramalama-llama-server/ramalama-llama-server-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-llama-server
pipelines.appstudio.openshift.io/type: build
name: ramalama-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

619
.tekton/ramalama-pull-request.yaml
View File

@ -1,619 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: event == "pull_request" && target_branch
== "main"
creationTimestamp: null
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama
pipelines.appstudio.openshift.io/type: build
name: ramalama-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux/x86_64
- linux/arm64
- name: dockerfile
value: container-images/ramalama/Containerfile
pipelineSpec:
description: |
This pipeline is ideal for building multi-arch container images from a Containerfile while maintaining trust after pipeline customization.
_Uses `buildah` to create a multi-platform container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. This pipeline requires that the [multi platform controller](https://github.com/konflux-ci/multi-platform-controller) is deployed and configured on your Konflux instance. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://enterprisecontract.dev/docs/ec-policies/release_policy.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-multi-platform-oci-ta?tab=tags)_
finally:
- name: show-sbom
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
taskRef:
params:
- name: name
value: show-sbom
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:002f7c8c1d2f9e09904035da414aba1188ae091df0ea9532cd997be05e73d594
- name: kind
value: task
resolver: bundles
params:
- description: Source Repository URL
name: git-url
type: string
- default: ""
description: Revision of the Source Repository
name: revision
type: string
- description: Fully Qualified Output Image
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where
to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter
path-context
name: dockerfile
type: string
- default: "false"
description: Force rebuild image
name: rebuild
type: string
- default: "false"
description: Skip checks against built image
name: skip-checks
type: string
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
name: build-source-image
type: string
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
- default: []
description: Array of --build-arg values ("arg=value" strings) for buildah
name: build-args
type: array
- default: ""
description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file
name: build-args-file
type: string
- default: "false"
description: Whether to enable privileged mode, should be used only with remote
VMs
name: privileged-nested
type: string
- default:
- linux/x86_64
description: List of platforms to build the container images on. The available
set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
results:
- description: ""
name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- description: ""
name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- description: ""
name: CHAINS-GIT_URL
value: $(tasks.clone-repository.results.url)
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
tasks:
- name: init
params:
- name: image-url
value: $(params.output-image)
- name: rebuild
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
taskRef:
params:
- name: name
value: init
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:66e90d31e1386bf516fb548cd3e3f0082b5d0234b8b90dbf9e0d4684b70dbe1a
- name: kind
value: task
resolver: bundles
- name: clone-repository
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:0fea1e4bd2fdde46c5b7786629f423a51e357f681c32ceddd744a6e3d48b8327
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
- name: prefetch-dependencies
params:
- name: input
value: $(params.prefetch-input)
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: ociStorage
value: $(params.output-image).prefetch
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: prefetch-dependencies-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:adbd819c6b727ac0c5519475d174dcad64cfa8df6ee50acd58f7fb562c59d4f7
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-basic-auth
workspace: git-auth
- name: netrc
workspace: netrc
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: PRIVILEGED_NESTED
value: $(params.privileged-nested)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:cfeeef2f4ab25b121afdf44eecc394ed67f3534a1bd14bef9e7beef2ee654b8e
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-image-index
params:
- name: IMAGE
value: $(params.output-image)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: ALWAYS_BUILD_INDEX
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-images
taskRef:
params:
- name: name
value: build-image-index
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:fc55208a5967b42e1bec89f0ffed26fc4f18db92df2a4885a7d2b4d5cfd603e0
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-source-image
params:
- name: BINARY_IMAGE
value: $(params.output-image)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.2@sha256:c5e56643c0f5e19409e86c8fd4de4348413b6f10456aa0875498d5c63bf6ef0e
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- input: $(params.build-source-image)
operator: in
values:
- "true"
- name: deprecated-base-image-check
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:ecd33669676b3a193ff4c2c6223cb912cc1b0cf5cc36e080eaec7718500272cf
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clair-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clair-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:68a8fe28527c4469243119a449e2b3a6655f2acac589c069ea6433242da8ed4d
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: ecosystem-cert-preflight-checks
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:8a2d3ce9205df1f59f410529cb38134336e0a4b06ee1187b3229f26c80ecc5ba
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-snyk-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-snyk-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:9a6ec5575f80668552d861e64414e736c85af772c272ca653a6fd1ec841d2627
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clamav-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:386c8c3395b44f6eb927dbad72382808b0ae42008f183064ca77cb4cad998442
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-coverity-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- coverity-availability-check
taskRef:
params:
- name: name
value: sast-coverity-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:7c845b10d257b874f645ea30deeff3c1ce2b38e7b6e331564f32c8684f41b520
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- input: $(tasks.coverity-availability-check.results.STATUS)
operator: in
values:
- success
- name: coverity-availability-check
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: coverity-availability-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:8b58c4fae00c0dfe3937abfb8a9a61aa3c408cca4278b817db53d518428d944e
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-shell-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-shell-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:60a7ee6ec5d00920389f03befd328cdaa159b7122a94ff3c87da287e0f32420f
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-unicode-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.2@sha256:9613b9037e4199495800c2054c13d0479e3335ec94e0f15f031a5bce844003a9
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: apply-tags
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:0c411c27483849a936c0c420a57e477113e9fafc63077647200d6614d9ebb872
- name: kind
value: task
resolver: bundles
- name: push-dockerfile
params:
- name: IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: push-dockerfile-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:d0ee13ab3d9564f7ee806a8ceaced934db493a3a40e11ff6db3a912b8bbace95
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:2a5e357cd7f4b5634474de14dfc09aec48acca3995cbb3bb5d532025923322c2
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
workspaces:
- name: git-auth
optional: true
- name: netrc
optional: true
taskRunTemplate: {}
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'
status: {}

616
.tekton/ramalama-push.yaml
View File

@ -1,616 +0,0 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: event == "push" && target_branch
== "main"
creationTimestamp: null
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama
pipelines.appstudio.openshift.io/type: build
name: ramalama-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-platforms
value:
- linux/x86_64
- linux/arm64
- name: dockerfile
value: container-images/ramalama/Containerfile
pipelineSpec:
description: |
This pipeline is ideal for building multi-arch container images from a Containerfile while maintaining trust after pipeline customization.
_Uses `buildah` to create a multi-platform container image leveraging [trusted artifacts](https://konflux-ci.dev/architecture/ADR/0036-trusted-artifacts.html). It also optionally creates a source image and runs some build-time tests. This pipeline requires that the [multi platform controller](https://github.com/konflux-ci/multi-platform-controller) is deployed and configured on your Konflux instance. Information is shared between tasks using OCI artifacts instead of PVCs. EC will pass the [`trusted_task.trusted`](https://enterprisecontract.dev/docs/ec-policies/release_policy.html#trusted_task__trusted) policy as long as all data used to build the artifact is generated from trusted tasks.
This pipeline is pushed as a Tekton bundle to [quay.io](https://quay.io/repository/konflux-ci/tekton-catalog/pipeline-docker-build-multi-platform-oci-ta?tab=tags)_
finally:
- name: show-sbom
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
taskRef:
params:
- name: name
value: show-sbom
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-show-sbom:0.1@sha256:002f7c8c1d2f9e09904035da414aba1188ae091df0ea9532cd997be05e73d594
- name: kind
value: task
resolver: bundles
params:
- description: Source Repository URL
name: git-url
type: string
- default: ""
description: Revision of the Source Repository
name: revision
type: string
- description: Fully Qualified Output Image
name: output-image
type: string
- default: .
description: Path to the source code of an application's component from where
to build image.
name: path-context
type: string
- default: Dockerfile
description: Path to the Dockerfile inside the context specified by parameter
path-context
name: dockerfile
type: string
- default: "false"
description: Force rebuild image
name: rebuild
type: string
- default: "false"
description: Skip checks against built image
name: skip-checks
type: string
- default: "false"
description: Execute the build with network isolation
name: hermetic
type: string
- default: ""
description: Build dependencies to be prefetched by Cachi2
name: prefetch-input
type: string
- default: ""
description: Image tag expiration time, time values could be something like
1h, 2d, 3w for hours, days, and weeks, respectively.
name: image-expires-after
- default: "false"
description: Build a source image.
name: build-source-image
type: string
- default: "true"
description: Add built image into an OCI image index
name: build-image-index
type: string
- default: []
description: Array of --build-arg values ("arg=value" strings) for buildah
name: build-args
type: array
- default: ""
description: Path to a file with build arguments for buildah, see https://www.mankier.com/1/buildah-build#--build-arg-file
name: build-args-file
type: string
- default: "false"
description: Whether to enable privileged mode, should be used only with remote
VMs
name: privileged-nested
type: string
- default:
- linux/x86_64
description: List of platforms to build the container images on. The available
set of values is determined by the configuration of the multi-platform-controller.
name: build-platforms
type: array
results:
- description: ""
name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- description: ""
name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- description: ""
name: CHAINS-GIT_URL
value: $(tasks.clone-repository.results.url)
- description: ""
name: CHAINS-GIT_COMMIT
value: $(tasks.clone-repository.results.commit)
tasks:
- name: init
params:
- name: image-url
value: $(params.output-image)
- name: rebuild
value: $(params.rebuild)
- name: skip-checks
value: $(params.skip-checks)
taskRef:
params:
- name: name
value: init
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-init:0.2@sha256:66e90d31e1386bf516fb548cd3e3f0082b5d0234b8b90dbf9e0d4684b70dbe1a
- name: kind
value: task
resolver: bundles
- name: clone-repository
params:
- name: url
value: $(params.git-url)
- name: revision
value: $(params.revision)
- name: ociStorage
value: $(params.output-image).git
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- init
taskRef:
params:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.1@sha256:0fea1e4bd2fdde46c5b7786629f423a51e357f681c32ceddd744a6e3d48b8327
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
workspaces:
- name: basic-auth
workspace: git-auth
- name: prefetch-dependencies
params:
- name: input
value: $(params.prefetch-input)
- name: SOURCE_ARTIFACT
value: $(tasks.clone-repository.results.SOURCE_ARTIFACT)
- name: ociStorage
value: $(params.output-image).prefetch
- name: ociArtifactExpiresAfter
value: $(params.image-expires-after)
runAfter:
- clone-repository
taskRef:
params:
- name: name
value: prefetch-dependencies-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-prefetch-dependencies-oci-ta:0.2@sha256:adbd819c6b727ac0c5519475d174dcad64cfa8df6ee50acd58f7fb562c59d4f7
- name: kind
value: task
resolver: bundles
workspaces:
- name: git-basic-auth
workspace: git-auth
- name: netrc
workspace: netrc
- matrix:
params:
- name: PLATFORM
value:
- $(params.build-platforms)
name: build-images
params:
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: PRIVILEGED_NESTED
value: $(params.privileged-nested)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
- name: IMAGE_APPEND_PLATFORM
value: "true"
runAfter:
- prefetch-dependencies
taskRef:
params:
- name: name
value: buildah-remote-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta:0.4@sha256:cfeeef2f4ab25b121afdf44eecc394ed67f3534a1bd14bef9e7beef2ee654b8e
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-image-index
params:
- name: IMAGE
value: $(params.output-image)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: ALWAYS_BUILD_INDEX
value: $(params.build-image-index)
- name: IMAGES
value:
- $(tasks.build-images.results.IMAGE_REF[*])
runAfter:
- build-images
taskRef:
params:
- name: name
value: build-image-index
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-build-image-index:0.1@sha256:fc55208a5967b42e1bec89f0ffed26fc4f18db92df2a4885a7d2b4d5cfd603e0
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- name: build-source-image
params:
- name: BINARY_IMAGE
value: $(params.output-image)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.2@sha256:c5e56643c0f5e19409e86c8fd4de4348413b6f10456aa0875498d5c63bf6ef0e
- name: kind
value: task
resolver: bundles
when:
- input: $(tasks.init.results.build)
operator: in
values:
- "true"
- input: $(params.build-source-image)
operator: in
values:
- "true"
- name: deprecated-base-image-check
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: deprecated-image-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-deprecated-image-check:0.5@sha256:ecd33669676b3a193ff4c2c6223cb912cc1b0cf5cc36e080eaec7718500272cf
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clair-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clair-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clair-scan:0.2@sha256:68a8fe28527c4469243119a449e2b3a6655f2acac589c069ea6433242da8ed4d
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: ecosystem-cert-preflight-checks
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: ecosystem-cert-preflight-checks
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-ecosystem-cert-preflight-checks:0.2@sha256:8a2d3ce9205df1f59f410529cb38134336e0a4b06ee1187b3229f26c80ecc5ba
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-snyk-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-snyk-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-snyk-check-oci-ta:0.4@sha256:9a6ec5575f80668552d861e64414e736c85af772c272ca653a6fd1ec841d2627
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: clamav-scan
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: clamav-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-clamav-scan:0.2@sha256:386c8c3395b44f6eb927dbad72382808b0ae42008f183064ca77cb4cad998442
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-coverity-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE
value: $(params.output-image)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: HERMETIC
value: $(params.hermetic)
- name: PREFETCH_INPUT
value: $(params.prefetch-input)
- name: IMAGE_EXPIRES_AFTER
value: $(params.image-expires-after)
- name: COMMIT_SHA
value: $(tasks.clone-repository.results.commit)
- name: BUILD_ARGS
value:
- $(params.build-args[*])
- name: BUILD_ARGS_FILE
value: $(params.build-args-file)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- coverity-availability-check
taskRef:
params:
- name: name
value: sast-coverity-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-coverity-check-oci-ta:0.3@sha256:7c845b10d257b874f645ea30deeff3c1ce2b38e7b6e331564f32c8684f41b520
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- input: $(tasks.coverity-availability-check.results.STATUS)
operator: in
values:
- success
- name: coverity-availability-check
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: coverity-availability-check
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-coverity-availability-check:0.2@sha256:8b58c4fae00c0dfe3937abfb8a9a61aa3c408cca4278b817db53d518428d944e
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-shell-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-shell-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-shell-check-oci-ta:0.1@sha256:60a7ee6ec5d00920389f03befd328cdaa159b7122a94ff3c87da287e0f32420f
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: sast-unicode-check
params:
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
- name: CACHI2_ARTIFACT
value: $(tasks.prefetch-dependencies.results.CACHI2_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: sast-unicode-check-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-sast-unicode-check-oci-ta:0.2@sha256:9613b9037e4199495800c2054c13d0479e3335ec94e0f15f031a5bce844003a9
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
- name: apply-tags
params:
- name: IMAGE_URL
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.2@sha256:0c411c27483849a936c0c420a57e477113e9fafc63077647200d6614d9ebb872
- name: kind
value: task
resolver: bundles
- name: push-dockerfile
params:
- name: IMAGE
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: IMAGE_DIGEST
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
- name: DOCKERFILE
value: $(params.dockerfile)
- name: CONTEXT
value: $(params.path-context)
- name: SOURCE_ARTIFACT
value: $(tasks.prefetch-dependencies.results.SOURCE_ARTIFACT)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: push-dockerfile-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-push-dockerfile-oci-ta:0.1@sha256:d0ee13ab3d9564f7ee806a8ceaced934db493a3a40e11ff6db3a912b8bbace95
- name: kind
value: task
resolver: bundles
- name: rpms-signature-scan
params:
- name: image-url
value: $(tasks.build-image-index.results.IMAGE_URL)
- name: image-digest
value: $(tasks.build-image-index.results.IMAGE_DIGEST)
runAfter:
- build-image-index
taskRef:
params:
- name: name
value: rpms-signature-scan
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-rpms-signature-scan:0.2@sha256:2a5e357cd7f4b5634474de14dfc09aec48acca3995cbb3bb5d532025923322c2
- name: kind
value: task
resolver: bundles
when:
- input: $(params.skip-checks)
operator: in
values:
- "false"
workspaces:
- name: git-auth
optional: true
- name: netrc
optional: true
taskRunTemplate: {}
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'
status: {}

48
.tekton/ramalama-rag/ramalama-rag-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-rag
pipelines.appstudio.openshift.io/type: build
name: ramalama-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- GPU=cpu
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/ramalama-rag/ramalama-rag-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-rag
pipelines.appstudio.openshift.io/type: build
name: ramalama-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- linux-d160-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- GPU=cpu
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

48
.tekton/ramalama-whisper-server/ramalama-whisper-server-pull-request.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-whisper-server
pipelines.appstudio.openshift.io/type: build
name: ramalama-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

45
.tekton/ramalama-whisper-server/ramalama-whisper-server-push.yaml Normal file
View File

@ -0,0 +1,45 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama-whisper-server
pipelines.appstudio.openshift.io/type: build
name: ramalama-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- linux-m2xlarge/arm64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

52
.tekton/ramalama/ramalama-pull-request.yaml Normal file
View File

@ -0,0 +1,52 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama
pipelines.appstudio.openshift.io/type: build
name: ramalama-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/ramalama/Containerfile
- name: test-image
value: quay.io/redhat-user-workloads/ramalama-tenant/bats:on-pr-{{revision}}
- name: test-envs
value:
- RAMALAMA_IMAGE=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:on-pr-{{revision}}
- name: test-commands
value:
- make validate
- make unit-tests
- make cov-tests
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

49
.tekton/ramalama/ramalama-push.yaml Normal file
View File

@ -0,0 +1,49 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: ramalama
pipelines.appstudio.openshift.io/type: build
name: ramalama-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: build-platforms
value:
- linux-c4xlarge/amd64
- linux-c4xlarge/arm64
- name: dockerfile
value: container-images/ramalama/Containerfile
- name: test-image
value: quay.io/redhat-user-workloads/ramalama-tenant/bats:{{revision}}
- name: test-envs
value:
- RAMALAMA_IMAGE=quay.io/redhat-user-workloads/ramalama-tenant/ramalama:{{revision}}
- name: test-commands
value:
- make validate
- make unit-tests
- make cov-tests
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-llama-server/rocm-llama-server-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-llama-server
pipelines.appstudio.openshift.io/type: build
name: rocm-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-llama-server/rocm-llama-server-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-llama-server
pipelines.appstudio.openshift.io/type: build
name: rocm-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-rag/rocm-rag-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-rag
pipelines.appstudio.openshift.io/type: build
name: rocm-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- GPU=rocm
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-rag/rocm-rag-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-rag
pipelines.appstudio.openshift.io/type: build
name: rocm-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- GPU=rocm
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-ubi-llama-server/rocm-ubi-llama-server-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-llama-server
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-llama-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-llama-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-ubi-llama-server/rocm-ubi-llama-server-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-llama-server
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-llama-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-llama-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- ENTRYPOINT=/usr/bin/llama-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-ubi-rag/rocm-ubi-rag-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-rag
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-rag-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-rag:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- GPU=rocm
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-ubi-rag/rocm-ubi-rag-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-rag
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-rag-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-rag:{{revision}}
- name: build-platforms
value:
- linux-d160-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.rag
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- GPU=rocm
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-ubi-whisper-server/rocm-ubi-whisper-server-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-whisper-server
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-ubi-whisper-server/rocm-ubi-whisper-server-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi-whisper-server
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/rocm-ubi/rocm-ubi-pull-request.yaml Normal file
View File

@ -0,0 +1,41 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-fast/amd64
- name: dockerfile
value: container-images/rocm-ubi/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/rocm-ubi/rocm-ubi-push.yaml Normal file
View File

@ -0,0 +1,38 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-ubi
pipelines.appstudio.openshift.io/type: build
name: rocm-ubi-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-ubi:{{revision}}
- name: build-platforms
value:
- linux-fast/amd64
- name: dockerfile
value: container-images/rocm-ubi/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

47
.tekton/rocm-whisper-server/rocm-whisper-server-pull-request.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-whisper-server
pipelines.appstudio.openshift.io/type: build
name: rocm-whisper-server-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-whisper-server:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

44
.tekton/rocm-whisper-server/rocm-whisper-server-push.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm-whisper-server
pipelines.appstudio.openshift.io/type: build
name: rocm-whisper-server-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm-whisper-server:{{revision}}
- name: build-platforms
value:
- linux-m2xlarge/amd64
- name: dockerfile
value: container-images/common/Containerfile.entrypoint
- name: parent-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- name: build-args
value:
- PARENT=quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- ENTRYPOINT=/usr/bin/whisper-server.sh
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

41
.tekton/rocm/rocm-pull-request.yaml Normal file
View File

@ -0,0 +1,41 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/pull_request_number: '{{pull_request_number}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "true"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "pull_request" && target_branch == "main" && body.action != "ready_for_review"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm
pipelines.appstudio.openshift.io/type: build
name: rocm-on-pull-request
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:on-pr-{{revision}}
- name: image-expires-after
value: 5d
- name: build-platforms
value:
- linux-fast/amd64
- name: dockerfile
value: container-images/rocm/Containerfile
pipelineRef:
name: pull-request-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

38
.tekton/rocm/rocm-push.yaml Normal file
View File

@ -0,0 +1,38 @@
apiVersion: tekton.dev/v1
kind: PipelineRun
metadata:
annotations:
build.appstudio.openshift.io/repo: https://github.com/containers/ramalama?rev={{revision}}
build.appstudio.redhat.com/commit_sha: '{{revision}}'
build.appstudio.redhat.com/target_branch: '{{target_branch}}'
pipelinesascode.tekton.dev/cancel-in-progress: "false"
pipelinesascode.tekton.dev/max-keep-runs: "3"
pipelinesascode.tekton.dev/on-cel-expression: >-
event == "push" && target_branch == "main"
labels:
appstudio.openshift.io/application: ramalama
appstudio.openshift.io/component: rocm
pipelines.appstudio.openshift.io/type: build
name: rocm-on-push
namespace: ramalama-tenant
spec:
params:
- name: git-url
value: '{{source_url}}'
- name: revision
value: '{{revision}}'
- name: output-image
value: quay.io/redhat-user-workloads/ramalama-tenant/rocm:{{revision}}
- name: build-platforms
value:
- linux-fast/amd64
- name: dockerfile
value: container-images/rocm/Containerfile
pipelineRef:
name: push-pipeline
timeouts:
pipeline: 6h
workspaces:
- name: git-auth
secret:
secretName: '{{ git_auth_secret }}'

36
.tekton/tasks/test-cmd.yaml Normal file
View File

@ -0,0 +1,36 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: test-cmd
spec:
description: Run a command in a test environment.
params:
- name: image
description: The image to use when setting up the test environment.
- name: cmd
description: The command to run.
- name: envs
description: List of environment variables (NAME=VALUE) to be set in the test environment.
type: array
default: []
steps:
- name: run
image: $(params.image)
computeResources:
limits:
memory: 4Gi
requests:
cpu: "1"
memory: 1Gi
securityContext:
capabilities:
add:
- SETFCAP
command:
- /usr/bin/entrypoint.sh
args:
- $(params.envs[*])
- /bin/bash
- -ex
- -c
- $(params.cmd)

32
.tekton/tasks/wait-for-image.yaml Normal file
View File

@ -0,0 +1,32 @@
apiVersion: tekton.dev/v1
kind: Task
metadata:
name: wait-for-image
spec:
description: Wait for an image to become available.
params:
- name: ref
description: Location of image to wait for.
results:
- name: digest
description: The digest that the image ref resolves to.
steps:
- name: check-and-wait
image: registry.redhat.io/rhel10/skopeo:latest
env:
- name: REF
value: $(params.ref)
- name: RESULTS_DIGEST_PATH
value: $(results.digest.path)
script: |
#!/bin/bash -e
echo "Fetching digest of $REF"
while true; do
DIGEST="$(skopeo inspect -n -f {{.Digest}} "docker://$REF" || :)"
if [ "${#DIGEST}" -gt 0 ]; then
echo -n "$DIGEST" | tee "$RESULTS_DIGEST_PATH"
exit
fi
echo "$(date -uIseconds): digest unavailable, waiting..."
sleep 60
done

42
Makefile
View File

@ -8,8 +8,10 @@ PYTHON ?= $(shell command -v python3 python|head -n1)
DESTDIR ?= / DESTDIR ?= /
PATH := $(PATH):$(HOME)/.local/bin PATH := $(PATH):$(HOME)/.local/bin
IMAGE ?= ramalama IMAGE ?= ramalama
PYTHON_FILES := $(shell find . -path "./.venv" -prune -o -name "*.py" -print) $(shell find . -name ".venv" -prune -o -type f -perm +111 -exec grep -l "^\#!/usr/bin/env python3" {} \; 2>/dev/null || true) PROJECT_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
PYTHON_SCRIPTS := $(shell grep -lEr "^\#\!\s*/usr/bin/(env +)?python(3)?(\s|$$)" --exclude-dir={.venv,venv} $(PROJECT_DIR) || true)
PYTEST_COMMON_CMD ?= PYTHONPATH=. pytest test/unit/ -vv PYTEST_COMMON_CMD ?= PYTHONPATH=. pytest test/unit/ -vv
BATS_IMAGE ?= localhost/bats:latest
default: help default: help
@ -60,9 +62,9 @@ install-completions: completions
install ${SELINUXOPT} -d -m 755 $(DESTDIR)${SHAREDIR}/fish/vendor_completions.d install ${SELINUXOPT} -d -m 755 $(DESTDIR)${SHAREDIR}/fish/vendor_completions.d
install ${SELINUXOPT} -m 644 completions/fish/vendor_completions.d/ramalama.fish \ install ${SELINUXOPT} -m 644 completions/fish/vendor_completions.d/ramalama.fish \
$(DESTDIR)${SHAREDIR}/fish/vendor_completions.d/ramalama.fish $(DESTDIR)${SHAREDIR}/fish/vendor_completions.d/ramalama.fish
install ${SELINUXOPT} -d -m 755 $(DESTDIR)${SHAREDIR}/zsh/site install ${SELINUXOPT} -d -m 755 $(DESTDIR)${SHAREDIR}/zsh/site-functions
install ${SELINUXOPT} -m 644 completions/zsh/vendor-completions/_ramalama \ install ${SELINUXOPT} -m 644 completions/zsh/site-functions/_ramalama \
$(DESTDIR)${SHAREDIR}/zsh/vendor-completions/_ramalama $(DESTDIR)${SHAREDIR}/zsh/site-functions/_ramalama
.PHONY: install-shortnames .PHONY: install-shortnames
install-shortnames: install-shortnames:
@ -78,8 +80,8 @@ completions:
mkdir -p completions/fish/vendor_completions.d mkdir -p completions/fish/vendor_completions.d
register-python-argcomplete --shell fish ramalama > completions/fish/vendor_completions.d/ramalama.fish register-python-argcomplete --shell fish ramalama > completions/fish/vendor_completions.d/ramalama.fish
mkdir -p completions/zsh/vendor-completions mkdir -p completions/zsh/site-functions
-register-python-argcomplete --shell zsh ramalama > completions/zsh/vendor-completions/_ramalama -register-python-argcomplete --shell zsh ramalama > completions/zsh/site-functions/_ramalama
.PHONY: install .PHONY: install
install: docs completions install: docs completions
@ -113,22 +115,22 @@ ifneq (,$(wildcard /usr/bin/python3))
endif endif
! grep -ri --exclude-dir ".venv" --exclude-dir "*/.venv" "#\!/usr/bin/python3" . ! grep -ri --exclude-dir ".venv" --exclude-dir "*/.venv" "#\!/usr/bin/python3" .
flake8 $(PYTHON_FILES) flake8 $(PROJECT_DIR) $(PYTHON_SCRIPTS)
shellcheck *.sh */*.sh */*/*.sh shellcheck *.sh */*.sh */*/*.sh
.PHONY: check-format .PHONY: check-format
check-format: check-format:
black --check --diff $(PYTHON_FILES) black --check --diff $(PROJECT_DIR) $(PYTHON_SCRIPTS)
isort --check --diff $(PYTHON_FILES) isort --check --diff $(PROJECT_DIR) $(PYTHON_SCRIPTS)
.PHONY: format .PHONY: format
format: format:
black $(PYTHON_FILES) black $(PROJECT_DIR) $(PYTHON_SCRIPTS)
isort $(PYTHON_FILES) isort $(PROJECT_DIR) $(PYTHON_SCRIPTS)
.PHONY: codespell .PHONY: codespell
codespell: codespell:
codespell --dictionary=- --ignore-words-list "cann" -w --skip="*/venv*" codespell -w $(PROJECT_DIR) $(PYTHON_SCRIPTS)
.PHONY: test-run .PHONY: test-run
test-run: test-run:
@ -161,6 +163,22 @@ bats-nocontainer:
bats-docker: bats-docker:
_RAMALAMA_TEST_OPTS=--engine=docker RAMALAMA=$(CURDIR)/bin/ramalama bats -T test/system/ _RAMALAMA_TEST_OPTS=--engine=docker RAMALAMA=$(CURDIR)/bin/ramalama bats -T test/system/
.PHONY: bats-image
bats-image:
podman inspect $(BATS_IMAGE) &> /dev/null || \
podman build -t $(BATS_IMAGE) -f container-images/bats/Containerfile .
bats-in-container: extra-opts = --security-opt unmask=/proc/* --device /dev/net/tun --device /dev/fuse
%-in-container: bats-image
podman run -it --rm \
--userns=keep-id:size=200000 \
--security-opt label=disable \
--security-opt=mask=/sys/bus/pci/drivers/i915 \
$(extra-opts) \
-v $(CURDIR):/src \
$(BATS_IMAGE) make $*
.PHONY: ci .PHONY: ci
ci: ci:
test/ci.sh test/ci.sh

64
README.md
View File

@ -2,14 +2,12 @@
<img src="https://github.com/user-attachments/assets/1a338ecf-dc84-4495-8c70-16882955da47" width=50%> <img src="https://github.com/user-attachments/assets/1a338ecf-dc84-4495-8c70-16882955da47" width=50%>
</p> </p>
[RamaLama](https://ramalama.ai) is an open-source tool that simplifies the local use and serving of AI models for inference from any source through the familiar approach of containers. [RamaLama](https://ramalama.ai) strives to make working with AI simple, straightforward, and familiar by using OCI containers.
<br> <br>
<br> <br>
## Description ## Description
RamaLama strives to make working with AI simple, straightforward, and familiar by using OCI containers. RamaLama is an open-source tool that simplifies the local use and serving of AI models for inference from any source through the familiar approach of containers. It allows engineers to use container-centric development patterns and benefits to extend to AI use cases.
RamaLama is an open-source tool that simplifies the local use and serving of AI models for inference from any source through the familiar approach of containers. Using a container engine like Podman, engineers can use container-centric development patterns and benefits to extend to AI use cases.
RamaLama eliminates the need to configure the host system by instead pulling a container image specific to the GPUs discovered on the host system, and allowing you to work with various models and platforms. RamaLama eliminates the need to configure the host system by instead pulling a container image specific to the GPUs discovered on the host system, and allowing you to work with various models and platforms.
@ -23,6 +21,25 @@ RamaLama eliminates the need to configure the host system by instead pulling a c
- Interact with models via REST API or as a chatbot. - Interact with models via REST API or as a chatbot.
<br> <br>
## Install
### Install on Fedora
RamaLama is available in [Fedora](https://fedoraproject.org/) and later. To install it, run:
```
sudo dnf install python3-ramalama
```
### Install via PyPI
RamaLama is available via PyPI at [https://pypi.org/project/ramalama](https://pypi.org/project/ramalama)
```
pip install ramalama
```
### Install script (Linux and macOS)
Install RamaLama by running:
```
curl -fsSL https://ramalama.ai/install.sh | bash
```
## Accelerated images ## Accelerated images
| Accelerator | Image | | Accelerator | Image |
@ -57,7 +74,7 @@ RamaLama then pulls AI Models from model registries, starting a chatbot or REST
| :--------------------------------- | :-------------------------: | | :--------------------------------- | :-------------------------: |
| CPU | &check; | | CPU | &check; |
| Apple Silicon GPU (Linux / Asahi) | &check; | | Apple Silicon GPU (Linux / Asahi) | &check; |
| Apple Silicon GPU (macOS) | &check; | | Apple Silicon GPU (macOS) | &check; llama.cpp or MLX |
| Apple Silicon GPU (podman-machine) | &check; | | Apple Silicon GPU (podman-machine) | &check; |
| Nvidia GPU (cuda) | &check; See note below | | Nvidia GPU (cuda) | &check; See note below |
| AMD GPU (rocm, vulkan) | &check; | | AMD GPU (rocm, vulkan) | &check; |
@ -87,28 +104,20 @@ See the [Intel hardware table](https://dgpu-docs.intel.com/devices/hardware-tabl
### Moore Threads GPUs ### Moore Threads GPUs
On systems with Moore Threads GPUs, see [ramalama-musa](docs/ramalama-musa.7.md) documentation for the correct host system configuration. On systems with Moore Threads GPUs, see [ramalama-musa](docs/ramalama-musa.7.md) documentation for the correct host system configuration.
## Install ### MLX Runtime (macOS only)
### Install on Fedora The MLX runtime provides optimized inference for Apple Silicon Macs. MLX requires:
RamaLama is available in [Fedora 40](https://fedoraproject.org/) and later. To install it, run: - macOS operating system
``` - Apple Silicon hardware (M1, M2, M3, or later)
sudo dnf install python3-ramalama - Usage with `--nocontainer` option (containers are not supported)
``` - The `mlx-lm` Python package installed on the host system
### Install via PyPi To install and run Phi-4 on MLX, use either `uv` or `pip`:
RamaLama is available via PyPi at [https://pypi.org/project/ramalama](https://pypi.org/project/ramalama) ```bash
``` uv pip install mlx-lm
pip install ramalama # or pip:
``` pip install mlx-lm
### Install via Homebrew ramalama --runtime=mlx serve hf://mlx-community/Unsloth-Phi-4-4bit
```
brew install ramalama
```
### Install script (Linux and macOS)
Install RamaLama by running:
```
curl -fsSL https://ramalama.ai/install.sh | bash
``` ```
#### Default Container Engine #### Default Container Engine
@ -213,7 +222,7 @@ $ cat /usr/share/ramalama/shortnames.conf
<br> <br>
``` ```
$ ramalama bench granite-moe3 $ ramalama bench granite3-moe
``` ```
</details> </details>
@ -820,7 +829,7 @@ $ cat /usr/share/ramalama/shortnames.conf
Perplexity measures how well the model can predict the next token with lower values being better Perplexity measures how well the model can predict the next token with lower values being better
``` ```
$ ramalama perplexity granite-moe3 $ ramalama perplexity granite3-moe
``` ```
</details> </details>
@ -1125,6 +1134,7 @@ This project wouldn't be possible without the help of other projects like:
- [llama.cpp](https://github.com/ggml-org/llama.cpp) - [llama.cpp](https://github.com/ggml-org/llama.cpp)
- [whisper.cpp](https://github.com/ggml-org/whisper.cpp) - [whisper.cpp](https://github.com/ggml-org/whisper.cpp)
- [vllm](https://github.com/vllm-project/vllm) - [vllm](https://github.com/vllm-project/vllm)
- [mlx-lm](https://github.com/ml-explore/mlx-examples)
- [podman](https://github.com/containers/podman) - [podman](https://github.com/containers/podman)
- [huggingface](https://github.com/huggingface) - [huggingface](https://github.com/huggingface)

0
completions/zsh/vendor-completions/_ramalama → completions/zsh/site-functions/_ramalama
View File

30
container-images/bats/Containerfile Normal file
View File

@ -0,0 +1,30 @@
FROM quay.io/fedora/fedora:42
ENV HOME=/tmp \
XDG_RUNTIME_DIR=/tmp
WORKDIR /src
ENTRYPOINT ["/usr/bin/entrypoint.sh"]
RUN dnf -y install make bats jq iproute podman openssl httpd-tools diffutils \
python3-huggingface-hub \
$([ $(uname -m) == "x86_64" ] && echo ollama) \
# for validate and unit-tests
black codespell shellcheck \
python3-flake8 python3-isort python3-pip python3-pytest \
perl-Clone perl-FindBin \
# for building llama-bench
git-core cmake gcc-c++ curl-devel && \
dnf -y clean all
RUN rpm --restore shadow-utils
RUN git clone --depth=1 https://github.com/ggml-org/llama.cpp && \
pushd llama.cpp && \
cmake -B build -DGGML_NATIVE=OFF -DGGML_RPC=ON -DGGML_CCACHE=OFF -DGGML_CMAKE_BUILD_TYPE=Release -DLLAMA_CURL=ON -DCMAKE_INSTALL_PREFIX=/usr && \
cmake --build build --config Release --parallel $(nproc) && \
cmake --install build && \
popd && rm -rf llama.cpp
COPY container-images/bats/entrypoint.sh /usr/bin
COPY container-images/bats/containers.conf /etc/containers
COPY . /src
RUN chmod -R a+rw /src
RUN chmod a+rw /etc/subuid /etc/subgid

8
container-images/bats/containers.conf Normal file
View File

@ -0,0 +1,8 @@
[containers]
utsns="host"
cgroups="disabled"
log_driver="k8s-file"
[engine]
events_logger="file"
infra_image="quay.io/libpod/k8s-pause:3.5"

20
container-images/bats/entrypoint.sh Executable file
View File

@ -0,0 +1,20 @@
#!/bin/bash
echo "$(id -un):10000:2000" > /etc/subuid
echo "$(id -un):10000:2000" > /etc/subgid
while [ $# -gt 0 ]; do
if [[ "$1" =~ = ]]; then
# shellcheck disable=SC2163
export "$1"
shift
else
break
fi
done
if [ $# -gt 0 ]; then
exec "$@"
else
exec /bin/bash
fi

7
container-images/common/Containerfile.entrypoint Normal file
View File

@ -0,0 +1,7 @@
ARG PARENT
FROM $PARENT
ARG ENTRYPOINT
ENV ENTRYPOINT="$ENTRYPOINT"
ENTRYPOINT exec $ENTRYPOINT

8
container-images/common/Containerfile.rag Normal file
View File

@ -0,0 +1,8 @@
ARG PARENT
FROM $PARENT
ARG GPU
USER root
RUN /usr/bin/build_rag.sh "$GPU"
ENTRYPOINT []

10
container-images/llama-stack/Containerfile
View File

@ -1,19 +1,21 @@
FROM quay.io/fedora/fedora:42 FROM quay.io/fedora/fedora:42
ARG RAMALAMA_STACK_VERSION=0.2.5
# hack that should be removed when the following bug is addressed # hack that should be removed when the following bug is addressed
# https://github.com/containers/ramalama-stack/issues/53 # https://github.com/containers/ramalama-stack/issues/53
RUN curl --create-dirs --output ~/.llama/providers.d/remote/inference/ramalama.yaml https://raw.githubusercontent.com/containers/ramalama-stack/refs/tags/v0.2.2/src/ramalama_stack/providers.d/remote/inference/ramalama.yaml && \ RUN curl --create-dirs --output ~/.llama/providers.d/remote/inference/ramalama.yaml https://raw.githubusercontent.com/containers/ramalama-stack/refs/tags/v${RAMALAMA_STACK_VERSION}/src/ramalama_stack/providers.d/remote/inference/ramalama.yaml && \
curl --create-dirs --output /etc/ramalama/ramalama-run.yaml https://raw.githubusercontent.com/containers/ramalama-stack/refs/tags/v0.2.2/src/ramalama_stack/ramalama-run.yaml curl --create-dirs --output /etc/ramalama/ramalama-run.yaml https://raw.githubusercontent.com/containers/ramalama-stack/refs/tags/v${RAMALAMA_STACK_VERSION}/src/ramalama_stack/ramalama-run.yaml
RUN dnf -y update && \ RUN dnf -y update && \
dnf -y install uv cmake gcc gcc-c++ python3-devel pkg-config sentencepiece-devel && \ dnf -y install uv cmake gcc gcc-c++ python3-devel pkg-config sentencepiece-devel && \
dnf -y clean all dnf -y clean all
RUN uv venv && \ RUN uv venv && \
uv pip install ramalama-stack==0.2.2 uv pip install ramalama-stack==${RAMALAMA_STACK_VERSION}
COPY --chmod=755 container-images/llama-stack/entrypoint.sh /usr/bin/entrypoint.sh COPY --chmod=755 container-images/llama-stack/entrypoint.sh /usr/bin/entrypoint.sh
ENTRYPOINT [ "/usr/bin/entrypoint.sh" ] ENTRYPOINT [ "/usr/bin/entrypoint.sh" ]
CMD llama stack run --image-type venv /etc/ramalama/ramalama-run.yaml CMD [ "llama", "stack", "run", "--image-type", "venv", "/etc/ramalama/ramalama-run.yaml" ]

1
container-images/musa/Containerfile
View File

@ -13,7 +13,6 @@ FROM docker.io/mthreads/musa:${VERSION}-mudnn-runtime-ubuntu${UBUNTU_VERSION}
# Copy the entire installation directory from the builder # Copy the entire installation directory from the builder
COPY --from=builder /tmp/install /usr COPY --from=builder /tmp/install /usr
# pip install . --prefix=/tmp/install will install the wheel in /tmp/install/local/... # pip install . --prefix=/tmp/install will install the wheel in /tmp/install/local/...
RUN mv /usr/local/libexec/ramalama /usr/libexec/ramalama/
RUN apt-get update && apt-get install -y python-is-python3 && apt-get clean && \ RUN apt-get update && apt-get install -y python-is-python3 && apt-get clean && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*

Some files were not shown because too many files have changed in this diff Show More