forked from wolfi-dev/os
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkserve-modelmesh-serving.yaml
103 lines (97 loc) · 4.01 KB
/
kserve-modelmesh-serving.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package:
name: kserve-modelmesh-serving
version: 0.12.0
epoch: 2
description: ModelMesh Serving is the Controller for managing ModelMesh, a general-purpose model serving management/routing layer.
copyright:
- license: Apache-2.0
pipeline:
- uses: git-checkout
with:
repository: https://github.com/kserve/modelmesh-serving.git
tag: v${{package.version}}
expected-commit: d0e56fa4ac7547e644c87d63dc97a14f612c0391
- uses: go/build
with:
packages: .
output: manager
- name: Copy configs
# Binary assumes path is populated relative to the workdir. In the upstream image this is /.
# See https://github.com/kserve/modelmesh-serving/blob/f8cc7aa73f6a9360d7635ca5e5c3461d0c60b392/controllers/modelmesh/modelmesh.go#L95
# https://github.com/kserve/modelmesh-serving/blob/f8cc7aa73f6a9360d7635ca5e5c3461d0c60b392/Dockerfile#L71
runs: |
mkdir -p ${{targets.destdir}}/config
cp -a ./config/internal ${{targets.destdir}}/config/internal
subpackages:
- name: kserve-modelmesh-serving-compat
description: compatibility symlinks package for modelmesh-controller Deployment
pipeline:
- runs: |
# Symlink the binary from /usr/bin to /
# See https://github.com/kserve/modelmesh-serving/blob/f8cc7aa73f6a9360d7635ca5e5c3461d0c60b392/config/manager/manager.yaml#L44
mkdir -p ${{targets.subpkgdir}}
ln -sf /usr/bin/manager ${{targets.subpkgdir}}/manager
test:
environment:
contents:
packages:
- kustomize
- make
- go
- curl
- openssl
- jq
pipeline:
- uses: test/kwok/cluster
- name: Wait for nodes
runs: kubectl wait --for=condition=Ready nodes --all
- uses: git-checkout
with:
repository: https://github.com/kserve/modelmesh-serving.git
tag: v${{package.version}}
expected-commit: d0e56fa4ac7547e644c87d63dc97a14f612c0391
- name: Create openssl mount parent
# This seems somewhat silly do to, but the pod uses this dir to mount CA roots and
# because of that the binary assumes it always exists.
runs: mkdir /etc/ssl/openssl.cnf
- name: Install CRDs
runs: |
kubectl create ns modelmesh-serving
# We exit 0 here, because this fails trying to wait for the Pods to come up (I don't think they ever will because kwok is not a full k8s cluster).
# However, this does a bunch of very useful things for us like installing the CRDs and generating mTLS certs that the manager expects to exist.
./scripts/install.sh --namespace modelmesh-serving --fvt || exit 0
# Binary assumes that a configmap named `model-serving-config` exists.
- name: Set default configmap
runs: |
kubectl apply -f - <<EOF
---
apiVersion: v1
kind: ConfigMap
metadata:
name: model-serving-config
namespace: modelmesh-serving
EOF
# Binary assumes default config is mounted locally at runtime.
# See https://github.com/kserve/modelmesh-serving/blob/f8cc7aa73f6a9360d7635ca5e5c3461d0c60b392/config/manager/manager.yaml#L76
- name: Populate default config
runs: |
mkdir -p /etc/model-serving/config/default
cp ./config/default/config-defaults.yaml /etc/model-serving/config/default/config-defaults.yaml
# Binary assumes mTLS certs are mounted locally.
- name: Download mTLS certs
runs: |
certdir="/tmp/k8s-webhook-server/serving-certs"
mkdir -p "${certdir}"
kubectl get secrets modelmesh-webhook-server-cert -o jsonpath='{.data.tls\.crt}' | base64 -d > ${certdir}/tls.crt
kubectl get secrets modelmesh-webhook-server-cert -o jsonpath='{.data.tls\.key}' | base64 -d > ${certdir}/tls.key
- name: Verify installation
runs: |
manager &
sleep 5
# We're using this as a proxy for "is the controller up and serving"
curl -s localhost:8080/metrics
update:
enabled: true
github:
identifier: kserve/modelmesh-serving
strip-prefix: v