From 0d2c2752c62f82d9b9361d236e538c51fbf640a0 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 14:38:44 -0500 Subject: [PATCH 01/25] feat(ci): github actions build workflow --- .github/workflows/build-push.yml | 147 +++++++++++++++++++++++++++++++ 1 file changed, 147 insertions(+) create mode 100644 .github/workflows/build-push.yml diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml new file mode 100644 index 00000000..a5fe5a6a --- /dev/null +++ b/.github/workflows/build-push.yml @@ -0,0 +1,147 @@ +name: build-push + +on: + push: + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: false + +env: + ## Default versions are specified in packages.yaml but can be overridden + ## note: nightly builds will always use the master/main branch + EDM4EIC_VERSION: "" + EICRECON_VERSION: "" + JUGGLER_VERSION: "" + + ## Dockerhub registry + DH_REGISTRY: docker.io + DH_REGISTRY_USER: eicweb + DH_PUSH: 0 + ## GitHub registry + GH_REGISTRY: ghcr.io + GH_REGISTRY_USER: eic + GH_PUSH: 0 + +jobs: + base: + runs-on: ubuntu-latest + strategy: + matrix: + include: + - BASE_IMAGE: debian:stable-slim + BUILD_IMAGE: debian_stable_base + PLATFORM: linux/amd64 + + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: linux/amd64,linux/arm64 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to Docker Hub + uses: docker/login-action@v2 + if: ${{ env.DH_PUSH == '1' }} + with: + registry: ${{ env.DH_REGISTRY }} + username: ${{ env.DH_REGISTRY_USER }} + password: ${{ secrets.DH_EICWEB_TOKEN }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + if: ${{ env.GH_PUSH == '1' }} + with: + registry: ${{ env.GH_REGISTRY }} + username: ${{ env.GH_REGISTRY_USER }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push + uses: docker/build-push-action@v4 + with: + file: containers/debian/base.Dockerfile + context: containers/debian + platforms: ${{ matrix.PLATFORM }} + push: false + tags: | + eicweb/${{ matrix.BUILD_IMAGE }}:gha + ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:gha + build-args: | + BASE_IMAGE=${{ matrix.BASE_IMAGE }} + BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} + cache-from: type=gha,scope=${{ github.workflow }} + cache-to: type=gha,mode=max,scope=${{ github.workflow }} + + dev: + runs-on: ubuntu-latest + needs: base + strategy: + matrix: + include: + - BASE_IMAGE: debian_testing_base + BUILD_IMAGE: jug_dev + PLATFORM: linux/amd64 + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Load spack version and cherry-picks + id: spack + shell: bash + run: | + source spack.sh + echo "orgrepo=${SPACK_ORGREPO}" | tee -a $GITHUB_OUTPUT + echo "version=${SPACK_VERSION}" | tee -a $GITHUB_OUTPUT + echo "cherrypicks=${SPACK_CHERRYPICKS//$'\n'/ }" | tee -a $GITHUB_OUTPUT + echo "cherrypicks_files=${SPACK_CHERRYPICKS_FILES//$'\n'/ }" | tee -a $GITHUB_OUTPUT + - name: Load eic-spack version and cherry-picks + id: eicspack + run: | + source eicspack.sh + echo "orgrepo=${EICSPACK_ORGREPO}" | tee -a $GITHUB_OUTPUT + echo "version=${EICSPACK_VERSION}" | tee -a $GITHUB_OUTPUT + echo "cherrypicks=${EICSPACK_CHERRYPICKS//$'\n'/ }" | tee -a $GITHUB_OUTPUT + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: linux/amd64 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Login to Docker Hub + uses: docker/login-action@v2 + if: ${{ env.DH_PUSH == '1' }} + with: + registry: ${{ env.DH_REGISTRY }} + username: ${{ env.DH_REGISTRY_USER }} + password: ${{ secrets.DH_EICWEB_TOKEN }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + if: ${{ env.GH_PUSH == '1' }} + with: + registry: ${{ env.GH_REGISTRY }} + username: ${{ env.GH_REGISTRY_USER }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push + uses: docker/build-push-action@v4 + with: + file: containers/jug/dev.Dockerfile + context: containers/jug + platforms: ${{ matrix.PLATFORM }} + push: false + tags: | + eicweb/${{ matrix.BUILD_IMAGE }}:gha + ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:gha + build-args: | + DOCKER_REGISTRY=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/ + BASE_IMAGE=${{ matrix.BASE_IMAGE }} + BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} + SPACK_ORGREPO=${{ steps.spack.outputs.orgrepo }} + SPACK_VERSION=${{ steps.spack.outputs.version }} + SPACK_CHERRYPICKS=${{ steps.spack.outputs.cherrypicks }} + SPACK_CHERRYPICKS_FILES=${{ steps.spack.outputs.cherrypicks_files }} + EICSPACK_ORGREPO=${{ steps.eicspack.outputs.orgrepo }} + EICSPACK_VERSION=${{ steps.eicspack.outputs.version }} + EICSPACK_CHERRYPICKS=${{ steps.eicspack.outputs.cherrypicks }} + build-contexts: | + spack=. + cache-from: type=gha,scope=${{ github.workflow }} + cache-to: type=gha,mode=max,scope=${{ github.workflow }} From e8886af4aaaf70eb6f7634dd78582184eae94a70 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 14:44:31 -0500 Subject: [PATCH 02/25] fix: typo in eic-spack.sh --- .github/workflows/build-push.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index a5fe5a6a..da679242 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -94,9 +94,9 @@ jobs: echo "cherrypicks=${SPACK_CHERRYPICKS//$'\n'/ }" | tee -a $GITHUB_OUTPUT echo "cherrypicks_files=${SPACK_CHERRYPICKS_FILES//$'\n'/ }" | tee -a $GITHUB_OUTPUT - name: Load eic-spack version and cherry-picks - id: eicspack + id: eic-spack run: | - source eicspack.sh + source eic-spack.sh echo "orgrepo=${EICSPACK_ORGREPO}" | tee -a $GITHUB_OUTPUT echo "version=${EICSPACK_VERSION}" | tee -a $GITHUB_OUTPUT echo "cherrypicks=${EICSPACK_CHERRYPICKS//$'\n'/ }" | tee -a $GITHUB_OUTPUT @@ -138,9 +138,9 @@ jobs: SPACK_VERSION=${{ steps.spack.outputs.version }} SPACK_CHERRYPICKS=${{ steps.spack.outputs.cherrypicks }} SPACK_CHERRYPICKS_FILES=${{ steps.spack.outputs.cherrypicks_files }} - EICSPACK_ORGREPO=${{ steps.eicspack.outputs.orgrepo }} - EICSPACK_VERSION=${{ steps.eicspack.outputs.version }} - EICSPACK_CHERRYPICKS=${{ steps.eicspack.outputs.cherrypicks }} + EICSPACK_ORGREPO=${{ steps.eic-spack.outputs.orgrepo }} + EICSPACK_VERSION=${{ steps.eic-spack.outputs.version }} + EICSPACK_CHERRYPICKS=${{ steps.eic-spack.outputs.cherrypicks }} build-contexts: | spack=. cache-from: type=gha,scope=${{ github.workflow }} From efc6e7a3886933802aa5035ca8a186cfd040526c Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 14:50:28 -0500 Subject: [PATCH 03/25] fix: versions++ --- .github/workflows/build-push.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index da679242..c5fcabe0 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -35,29 +35,29 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 with: platforms: linux/amd64,linux/arm64 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} with: registry: ${{ env.DH_REGISTRY }} username: ${{ env.DH_REGISTRY_USER }} password: ${{ secrets.DH_EICWEB_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 if: ${{ env.GH_PUSH == '1' }} with: registry: ${{ env.GH_REGISTRY }} username: ${{ env.GH_REGISTRY_USER }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: file: containers/debian/base.Dockerfile context: containers/debian @@ -83,7 +83,7 @@ jobs: PLATFORM: linux/amd64 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Load spack version and cherry-picks id: spack shell: bash @@ -101,27 +101,27 @@ jobs: echo "version=${EICSPACK_VERSION}" | tee -a $GITHUB_OUTPUT echo "cherrypicks=${EICSPACK_CHERRYPICKS//$'\n'/ }" | tee -a $GITHUB_OUTPUT - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 with: platforms: linux/amd64 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} with: registry: ${{ env.DH_REGISTRY }} username: ${{ env.DH_REGISTRY_USER }} password: ${{ secrets.DH_EICWEB_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 if: ${{ env.GH_PUSH == '1' }} with: registry: ${{ env.GH_REGISTRY }} username: ${{ env.GH_REGISTRY_USER }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: file: containers/jug/dev.Dockerfile context: containers/jug From f626632cd511158816a3a631b26d34445714fcea Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 14:53:13 -0500 Subject: [PATCH 04/25] fix: define build-context spack-environment --- .github/workflows/build-push.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index c5fcabe0..ca7a40e8 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -125,6 +125,8 @@ jobs: with: file: containers/jug/dev.Dockerfile context: containers/jug + build-contexts: | + spack-environment=spack-environment platforms: ${{ matrix.PLATFORM }} push: false tags: | From fb11a1a50928166930ecb70ee690e54d1d0a646f Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 14:54:36 -0500 Subject: [PATCH 05/25] fix: rm build-context spack --- .github/workflows/build-push.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index ca7a40e8..09084a46 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -143,7 +143,5 @@ jobs: EICSPACK_ORGREPO=${{ steps.eic-spack.outputs.orgrepo }} EICSPACK_VERSION=${{ steps.eic-spack.outputs.version }} EICSPACK_CHERRYPICKS=${{ steps.eic-spack.outputs.cherrypicks }} - build-contexts: | - spack=. cache-from: type=gha,scope=${{ github.workflow }} cache-to: type=gha,mode=max,scope=${{ github.workflow }} From 353d6ddf3b04e822a0396e1c965fd0515621a802 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 15:11:28 -0500 Subject: [PATCH 06/25] fix: use gha-${{ github.run_id }} as INTERNAL_TAG --- .github/workflows/build-push.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 09084a46..251b1972 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -21,7 +21,7 @@ env: ## GitHub registry GH_REGISTRY: ghcr.io GH_REGISTRY_USER: eic - GH_PUSH: 0 + GH_PUSH: 1 jobs: base: @@ -62,10 +62,9 @@ jobs: file: containers/debian/base.Dockerfile context: containers/debian platforms: ${{ matrix.PLATFORM }} - push: false + push: true tags: | - eicweb/${{ matrix.BUILD_IMAGE }}:gha - ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:gha + ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:gha-${{ github.run_id }} build-args: | BASE_IMAGE=${{ matrix.BASE_IMAGE }} BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} @@ -136,6 +135,7 @@ jobs: DOCKER_REGISTRY=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/ BASE_IMAGE=${{ matrix.BASE_IMAGE }} BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} + INTERNAL_TAG=gha-${{ github.run_id }} SPACK_ORGREPO=${{ steps.spack.outputs.orgrepo }} SPACK_VERSION=${{ steps.spack.outputs.version }} SPACK_CHERRYPICKS=${{ steps.spack.outputs.cherrypicks }} From 22aed2f4bc770842a8b4c22b072457a7dcc3d12c Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 15:15:44 -0500 Subject: [PATCH 07/25] fix: use GHCR_REGISTRY_{USER,TOKEN} --- .github/workflows/build-push.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 251b1972..4890087a 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -54,8 +54,8 @@ jobs: if: ${{ env.GH_PUSH == '1' }} with: registry: ${{ env.GH_REGISTRY }} - username: ${{ env.GH_REGISTRY_USER }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ secrets.GHCR_REGISTRY_USER }} + password: ${{ secrets.GHCR_REGISTRY_TOKEN }} - name: Build and push uses: docker/build-push-action@v5 with: From 758134d47dc7187851e7298c2b24e23e4a20a736 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 15:18:50 -0500 Subject: [PATCH 08/25] fix: dev use BASE_IMAGE: debian_stable_base --- .github/workflows/build-push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 4890087a..5173622f 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -77,7 +77,7 @@ jobs: strategy: matrix: include: - - BASE_IMAGE: debian_testing_base + - BASE_IMAGE: debian_stable_base BUILD_IMAGE: jug_dev PLATFORM: linux/amd64 steps: From 6f10c098a4f4d3979a52f932beef76cec045dfb3 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 15:21:17 -0500 Subject: [PATCH 09/25] fix: dev use GHCR_REGISTRY_{USER,TOKEN} --- .github/workflows/build-push.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 5173622f..b0f15271 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -117,8 +117,8 @@ jobs: if: ${{ env.GH_PUSH == '1' }} with: registry: ${{ env.GH_REGISTRY }} - username: ${{ env.GH_REGISTRY_USER }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ secrets.GHCR_REGISTRY_USER }} + password: ${{ secrets.GHCR_REGISTRY_TOKEN }} - name: Build and push uses: docker/build-push-action@v5 with: @@ -127,9 +127,8 @@ jobs: build-contexts: | spack-environment=spack-environment platforms: ${{ matrix.PLATFORM }} - push: false + push: true tags: | - eicweb/${{ matrix.BUILD_IMAGE }}:gha ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:gha build-args: | DOCKER_REGISTRY=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/ From 4ab1b22a4624657282af175fc3b58fabaf9b45e8 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 17:26:22 -0500 Subject: [PATCH 10/25] fix: allow SPACK_CHERRYPICKS to work with space separate cherrypicks --- containers/jug/dev.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/containers/jug/dev.Dockerfile b/containers/jug/dev.Dockerfile index b66e7b45..c2c53178 100644 --- a/containers/jug/dev.Dockerfile +++ b/containers/jug/dev.Dockerfile @@ -43,7 +43,7 @@ git config --global advice.detachedHead false git clone --filter=tree:0 https://github.com/${SPACK_ORGREPO}.git ${SPACK_ROOT} git -C ${SPACK_ROOT} checkout ${SPACK_VERSION} if [ -n "${SPACK_CHERRYPICKS}" ] ; then - SPACK_CHERRYPICKS=$(git -C ${SPACK_ROOT} rev-list --topo-order ${SPACK_CHERRYPICKS} | grep -m $(echo ${SPACK_CHERRYPICKS} | wc -w) "${SPACK_CHERRYPICKS}" | tac) + SPACK_CHERRYPICKS=$(git -C ${SPACK_ROOT} rev-list --topo-order ${SPACK_CHERRYPICKS} | grep -m $(echo ${SPACK_CHERRYPICKS} | wc -w) -e ${SPACK_CHERRYPICKS// / -e } | tac) eval "declare -A SPACK_CHERRYPICKS_FILES_ARRAY=(${SPACK_CHERRYPICKS_FILES})" for hash in ${SPACK_CHERRYPICKS} ; do if [ -n "${SPACK_CHERRYPICKS_FILES_ARRAY[${hash}]+found}" ] ; then From ee45997d170d144ab56be435ca0615e1aa9864da Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 17:43:35 -0500 Subject: [PATCH 11/25] fix: use secrets in mirrors.yaml --- .github/workflows/build-push.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index b0f15271..e6dd6935 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -99,6 +99,14 @@ jobs: echo "orgrepo=${EICSPACK_ORGREPO}" | tee -a $GITHUB_OUTPUT echo "version=${EICSPACK_VERSION}" | tee -a $GITHUB_OUTPUT echo "cherrypicks=${EICSPACK_CHERRYPICKS//$'\n'/ }" | tee -a $GITHUB_OUTPUT + - name: Load secrets into mirrors.yaml + id: mirrors + run: | + source spack.sh + export SPACK_VERSION + export GITHUB_REGISTRY_USER=${{ secrets.GHCR_REGISTRY_USER }} + export GITHUB_REGISTRY_TOKEN=${{ secrets.GHCR_REGISTRY_TOKEN }} + cat mirrors.yaml.in | envsubst > mirrors.yaml - name: Set up QEMU uses: docker/setup-qemu-action@v3 with: @@ -126,6 +134,8 @@ jobs: context: containers/jug build-contexts: | spack-environment=spack-environment + secret-files: | + mirrors=mirrors.yaml platforms: ${{ matrix.PLATFORM }} push: true tags: | From 2a9a644181f8e6d6ff88ed73d81cc36fbc9b747a Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 18:27:32 -0500 Subject: [PATCH 12/25] fix: add S3_{ACCESS,SECRET}_KEY for eics3 mirror --- .github/workflows/build-push.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index e6dd6935..335dd8da 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -152,5 +152,7 @@ jobs: EICSPACK_ORGREPO=${{ steps.eic-spack.outputs.orgrepo }} EICSPACK_VERSION=${{ steps.eic-spack.outputs.version }} EICSPACK_CHERRYPICKS=${{ steps.eic-spack.outputs.cherrypicks }} + S3_ACCESS_KEY=${{ secrets.S3_ACCESS_KEY }} + S3_SECRET_KEY=${{ secrets.S3_SECRET_KEY }} cache-from: type=gha,scope=${{ github.workflow }} cache-to: type=gha,mode=max,scope=${{ github.workflow }} From 7d860048e018c614f7edc7b9648a2cc01ca06f1f Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 18:32:17 -0500 Subject: [PATCH 13/25] fix: use env.INTERNAL_TAG and env.JOBS --- .github/workflows/build-push.yml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 335dd8da..075174e4 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -23,6 +23,12 @@ env: GH_REGISTRY_USER: eic GH_PUSH: 1 + ## Number of jobs to start during container builds + JOBS: 4 + + ## Internal tag used for the CI + INTERNAL_TAG: pipeline-${{ github.run_id }} + jobs: base: runs-on: ubuntu-latest @@ -64,7 +70,7 @@ jobs: platforms: ${{ matrix.PLATFORM }} push: true tags: | - ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:gha-${{ github.run_id }} + ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:${{ env.INTERNAL_TAG }} build-args: | BASE_IMAGE=${{ matrix.BASE_IMAGE }} BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} @@ -139,12 +145,12 @@ jobs: platforms: ${{ matrix.PLATFORM }} push: true tags: | - ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:gha + ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:${{ env.INTERNAL_TAG }} build-args: | DOCKER_REGISTRY=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/ BASE_IMAGE=${{ matrix.BASE_IMAGE }} BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} - INTERNAL_TAG=gha-${{ github.run_id }} + INTERNAL_TAG=${{ env.INTERNAL_TAG }} SPACK_ORGREPO=${{ steps.spack.outputs.orgrepo }} SPACK_VERSION=${{ steps.spack.outputs.version }} SPACK_CHERRYPICKS=${{ steps.spack.outputs.cherrypicks }} @@ -154,5 +160,6 @@ jobs: EICSPACK_CHERRYPICKS=${{ steps.eic-spack.outputs.cherrypicks }} S3_ACCESS_KEY=${{ secrets.S3_ACCESS_KEY }} S3_SECRET_KEY=${{ secrets.S3_SECRET_KEY }} + jobs=${{ env.JOBS }} cache-from: type=gha,scope=${{ github.workflow }} cache-to: type=gha,mode=max,scope=${{ github.workflow }} From 64ccc4c0643b08b5b125f6e26e6368a33106b8f4 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 18:43:23 -0500 Subject: [PATCH 14/25] fix: ensure S3RW_{ACCESS,SECRET}_KEY are used --- .github/workflows/build-push.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 075174e4..509c086d 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -112,6 +112,8 @@ jobs: export SPACK_VERSION export GITHUB_REGISTRY_USER=${{ secrets.GHCR_REGISTRY_USER }} export GITHUB_REGISTRY_TOKEN=${{ secrets.GHCR_REGISTRY_TOKEN }} + export S3RW_ACCESS_KEY=${{ secrets.S3RW_ACCESS_KEY }} + export S3RW_SECRET_KEY=${{ secrets.S3RW_SECRET_KEY }} cat mirrors.yaml.in | envsubst > mirrors.yaml - name: Set up QEMU uses: docker/setup-qemu-action@v3 From 9f715589c9d55930abf53d41784168d1641d576c Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 19:21:38 -0500 Subject: [PATCH 15/25] fix: define CI_REGISTRY/CI_PROJECT_PATH --- .github/workflows/build-push.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 509c086d..88d7eff0 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -110,6 +110,10 @@ jobs: run: | source spack.sh export SPACK_VERSION + export CI_REGISTRY=ghcr.io + export CI_PROJECT_PATH=eic + export CI_REGISTRY_USER=${{ secrets.GHCR_REGISTRY_USER }} + export CI_REGISTRY_PASSWORD=${{ secrets.GHCR_REGISTRY_TOKEN }} export GITHUB_REGISTRY_USER=${{ secrets.GHCR_REGISTRY_USER }} export GITHUB_REGISTRY_TOKEN=${{ secrets.GHCR_REGISTRY_TOKEN }} export S3RW_ACCESS_KEY=${{ secrets.S3RW_ACCESS_KEY }} From 1994d1e3fe2df74df84cdbbd92fa3269397f30e7 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Mon, 13 May 2024 21:19:32 -0500 Subject: [PATCH 16/25] fix: free-disk-space --- .github/workflows/build-push.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 88d7eff0..34242a38 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -87,6 +87,11 @@ jobs: BUILD_IMAGE: jug_dev PLATFORM: linux/amd64 steps: + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@v1.3.1 + with: + android: true + dotnet: true - name: Checkout uses: actions/checkout@v4 - name: Load spack version and cherry-picks From 480cfe69a01ddeb1c1a28aa80e8c6814869c1678 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Tue, 14 May 2024 07:47:57 -0500 Subject: [PATCH 17/25] fix: workflow_dispatch with versions --- .github/workflows/build-push.yml | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 34242a38..d3600cf5 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -2,6 +2,20 @@ name: build-push on: push: + workflow_dispatch: + inputs: + EDM4EIC_VERSION: + required: false + default: '' + type: string + EICRECON_VERSION: + required: false + default: '' + type: string + JUGGLER_VERSION: + required: false + default: '' + type: string concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} @@ -10,9 +24,9 @@ concurrency: env: ## Default versions are specified in packages.yaml but can be overridden ## note: nightly builds will always use the master/main branch - EDM4EIC_VERSION: "" - EICRECON_VERSION: "" - JUGGLER_VERSION: "" + EDM4EIC_VERSION: ${{ inputs.EDM4EIC_VERSION }} + EICRECON_VERSION: ${{ inputs.EICRECON_VERSION }} + JUGGLER_VERSION: ${{ inputs.JUGGLER_VERSION }} ## Dockerhub registry DH_REGISTRY: docker.io From ce15158f2a8ff203cd2f8423a41b379f1d7e7cce Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Tue, 14 May 2024 16:04:12 -0500 Subject: [PATCH 18/25] feat: also build xl --- .github/workflows/build-push.yml | 57 ++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index d3600cf5..a6409d05 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -188,3 +188,60 @@ jobs: jobs=${{ env.JOBS }} cache-from: type=gha,scope=${{ github.workflow }} cache-to: type=gha,mode=max,scope=${{ github.workflow }} + + xl: + runs-on: ubuntu-latest + needs: dev + strategy: + matrix: + include: + - BASE_IMAGE: jug_dev + BUILD_IMAGE: jug_xl + PLATFORM: linux/amd64 + steps: + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@v1.3.1 + with: + android: true + dotnet: true + - name: Checkout + uses: actions/checkout@v4 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: linux/amd64 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub + uses: docker/login-action@v3 + if: ${{ env.DH_PUSH == '1' }} + with: + registry: ${{ env.DH_REGISTRY }} + username: ${{ env.DH_REGISTRY_USER }} + password: ${{ secrets.DH_EICWEB_TOKEN }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + if: ${{ env.GH_PUSH == '1' }} + with: + registry: ${{ env.GH_REGISTRY }} + username: ${{ secrets.GHCR_REGISTRY_USER }} + password: ${{ secrets.GHCR_REGISTRY_TOKEN }} + - name: Build and push + uses: docker/build-push-action@v5 + with: + file: containers/jug/xl.Dockerfile + context: containers/jug + build-contexts: | + detectors=. + platforms: ${{ matrix.PLATFORM }} + push: true + tags: | + ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:${{ env.INTERNAL_TAG }} + build-args: | + DOCKER_REGISTRY=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/ + BASE_IMAGE=${{ matrix.BASE_IMAGE }} + BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} + INTERNAL_TAG=${{ env.INTERNAL_TAG }} + jobs=${{ env.JOBS }} + cache-from: type=gha,scope=${{ github.workflow }} + cache-to: type=gha,mode=max,scope=${{ github.workflow }} From 95bd5f3119e79548cf4ee5401e1f7ee911d6c60b Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Tue, 14 May 2024 16:14:01 -0500 Subject: [PATCH 19/25] feat: build on schedule, every 6 hours --- .github/workflows/build-push.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index a6409d05..40103d27 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -1,6 +1,8 @@ name: build-push on: + schedule: + - cron: "30 */6 * * *" push: workflow_dispatch: inputs: @@ -52,7 +54,6 @@ jobs: - BASE_IMAGE: debian:stable-slim BUILD_IMAGE: debian_stable_base PLATFORM: linux/amd64 - steps: - name: Checkout uses: actions/checkout@v4 From 4ae29a2b9165ba1696fd58d952cd309b82781882 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Tue, 14 May 2024 16:32:53 -0500 Subject: [PATCH 20/25] fix: use docker/metadata-action for images, tags, labels --- .github/workflows/build-push.yml | 52 ++++++++++++++++++++++++-------- 1 file changed, 40 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 40103d27..fefdee62 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -63,6 +63,15 @@ jobs: platforms: linux/amd64,linux/arm64 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ghcr.io/eic/${{ matrix.BUILD_IMAGE }} + tags: | + ${{ env.INTERNAL_TAG }} + type=schedule - name: Login to Docker Hub uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} @@ -84,8 +93,8 @@ jobs: context: containers/debian platforms: ${{ matrix.PLATFORM }} push: true - tags: | - ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:${{ env.INTERNAL_TAG }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} build-args: | BASE_IMAGE=${{ matrix.BASE_IMAGE }} BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} @@ -99,8 +108,9 @@ jobs: matrix: include: - BASE_IMAGE: debian_stable_base - BUILD_IMAGE: jug_dev + BUILD_IMAGE: dev PLATFORM: linux/amd64 + ENV: dev steps: - name: Free Disk Space (Ubuntu) uses: jlumbroso/free-disk-space@v1.3.1 @@ -145,6 +155,15 @@ jobs: platforms: linux/amd64 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ghcr.io/eic/eic_${{ matrix.BUILD_IMAGE }} + tags: | + ${{ env.INTERNAL_TAG }} + type=schedule,pattern={{date 'YYYY-MM-DD'}} - name: Login to Docker Hub uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} @@ -170,12 +189,12 @@ jobs: mirrors=mirrors.yaml platforms: ${{ matrix.PLATFORM }} push: true - tags: | - ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:${{ env.INTERNAL_TAG }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} build-args: | DOCKER_REGISTRY=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/ BASE_IMAGE=${{ matrix.BASE_IMAGE }} - BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} + BUILD_IMAGE=eic_${{ matrix.BUILD_IMAGE }} INTERNAL_TAG=${{ env.INTERNAL_TAG }} SPACK_ORGREPO=${{ steps.spack.outputs.orgrepo }} SPACK_VERSION=${{ steps.spack.outputs.version }} @@ -196,8 +215,8 @@ jobs: strategy: matrix: include: - - BASE_IMAGE: jug_dev - BUILD_IMAGE: jug_xl + - BASE_IMAGE: dev + BUILD_IMAGE: xl PLATFORM: linux/amd64 steps: - name: Free Disk Space (Ubuntu) @@ -213,6 +232,15 @@ jobs: platforms: linux/amd64 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ghcr.io/eic/eic_${{ matrix.BUILD_IMAGE }} + tags: | + ${{ env.INTERNAL_TAG }} + type=schedule,pattern={{date 'YYYY-MM-DD'}} - name: Login to Docker Hub uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} @@ -236,12 +264,12 @@ jobs: detectors=. platforms: ${{ matrix.PLATFORM }} push: true - tags: | - ghcr.io/eic/${{ matrix.BUILD_IMAGE }}:${{ env.INTERNAL_TAG }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} build-args: | DOCKER_REGISTRY=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/ - BASE_IMAGE=${{ matrix.BASE_IMAGE }} - BUILD_IMAGE=${{ matrix.BUILD_IMAGE }} + BASE_IMAGE=eic_${{ matrix.BASE_IMAGE }} + BUILD_IMAGE=eic_${{ matrix.BUILD_IMAGE }} INTERNAL_TAG=${{ env.INTERNAL_TAG }} jobs=${{ env.JOBS }} cache-from: type=gha,scope=${{ github.workflow }} From 99fe8be252a22738a1c4dd829b0c5a11e34ef3f1 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Tue, 14 May 2024 18:35:41 -0500 Subject: [PATCH 21/25] fix: export as unstable-pr- for pull_request events --- .github/workflows/build-push.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index fefdee62..fc51638c 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -72,6 +72,7 @@ jobs: tags: | ${{ env.INTERNAL_TAG }} type=schedule + type=ref,prefix=unstable-pr-,event=pr - name: Login to Docker Hub uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} @@ -164,6 +165,7 @@ jobs: tags: | ${{ env.INTERNAL_TAG }} type=schedule,pattern={{date 'YYYY-MM-DD'}} + type=ref,prefix=unstable-pr-,event=pr - name: Login to Docker Hub uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} @@ -241,6 +243,7 @@ jobs: tags: | ${{ env.INTERNAL_TAG }} type=schedule,pattern={{date 'YYYY-MM-DD'}} + type=ref,prefix=unstable-pr-,event=pr - name: Login to Docker Hub uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} From 1e94378a7e97f3b6df1fac39e6f5bf87e67b55e5 Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Tue, 14 May 2024 18:51:04 -0500 Subject: [PATCH 22/25] fix: when tag pattern v(\d+\.\d+\.\d+-.*) use tag \1 --- .github/workflows/build-push.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index fc51638c..f6a568d0 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -166,6 +166,7 @@ jobs: ${{ env.INTERNAL_TAG }} type=schedule,pattern={{date 'YYYY-MM-DD'}} type=ref,prefix=unstable-pr-,event=pr + type=match,pattern=^v(\d+\.\d+\.\d+-.*)$,group=1 - name: Login to Docker Hub uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} @@ -244,6 +245,7 @@ jobs: ${{ env.INTERNAL_TAG }} type=schedule,pattern={{date 'YYYY-MM-DD'}} type=ref,prefix=unstable-pr-,event=pr + type=match,pattern=^v(\d+\.\d+\.\d+-.*)$,group=1 - name: Login to Docker Hub uses: docker/login-action@v3 if: ${{ env.DH_PUSH == '1' }} From 5cd87166f3ea2594b30fe15d918830849484ddef Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Tue, 14 May 2024 19:01:01 -0500 Subject: [PATCH 23/25] fix: support Docker Hub push again --- .github/workflows/build-push.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index f6a568d0..f86797ef 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -33,7 +33,7 @@ env: ## Dockerhub registry DH_REGISTRY: docker.io DH_REGISTRY_USER: eicweb - DH_PUSH: 0 + DH_PUSH: 1 ## GitHub registry GH_REGISTRY: ghcr.io GH_REGISTRY_USER: eic @@ -68,7 +68,8 @@ jobs: uses: docker/metadata-action@v5 with: images: | - ghcr.io/eic/${{ matrix.BUILD_IMAGE }} + name=${{ env.DH_REGISTRY }}/${{ env.DH_REGISTRY_USER }}/${{ matrix.BUILD_IMAGE }},enable=${{ env.DH_PUSH != 0 }} + name=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/${{ matrix.BUILD_IMAGE }},enable=${{ env.GH_PUSH != 0 }} tags: | ${{ env.INTERNAL_TAG }} type=schedule @@ -161,7 +162,8 @@ jobs: uses: docker/metadata-action@v5 with: images: | - ghcr.io/eic/eic_${{ matrix.BUILD_IMAGE }} + name=${{ env.DH_REGISTRY }}/${{ env.DH_REGISTRY_USER }}/eic_${{ matrix.BUILD_IMAGE }},enable=${{ env.DH_PUSH != 0 }} + name=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/eic_${{ matrix.BUILD_IMAGE }},enable=${{ env.GH_PUSH != 0 }} tags: | ${{ env.INTERNAL_TAG }} type=schedule,pattern={{date 'YYYY-MM-DD'}} @@ -240,7 +242,8 @@ jobs: uses: docker/metadata-action@v5 with: images: | - ghcr.io/eic/eic_${{ matrix.BUILD_IMAGE }} + name=${{ env.DH_REGISTRY }}/${{ env.DH_REGISTRY_USER }}/eic_${{ matrix.BUILD_IMAGE }},enable=${{ env.DH_PUSH != 0 }} + name=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/eic_${{ matrix.BUILD_IMAGE }},enable=${{ env.GH_PUSH != 0 }} tags: | ${{ env.INTERNAL_TAG }} type=schedule,pattern={{date 'YYYY-MM-DD'}} From b35319847a5e20c666bfa66a58fd7b8f9713c5de Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Tue, 14 May 2024 20:06:12 -0500 Subject: [PATCH 24/25] fix: disable DH_PUSH again (no token) --- .github/workflows/build-push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index f86797ef..82ce5644 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -33,7 +33,7 @@ env: ## Dockerhub registry DH_REGISTRY: docker.io DH_REGISTRY_USER: eicweb - DH_PUSH: 1 + DH_PUSH: 0 ## GitHub registry GH_REGISTRY: ghcr.io GH_REGISTRY_USER: eic From 5a20a546f33dd46e6992c69629b16965ac7ac09c Mon Sep 17 00:00:00 2001 From: Wouter Deconinck Date: Wed, 15 May 2024 20:41:29 -0500 Subject: [PATCH 25/25] fix: on: push: master; on: pull_request: master --- .github/workflows/build-push.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 82ce5644..954ba5dd 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -4,6 +4,11 @@ on: schedule: - cron: "30 */6 * * *" push: + branches: + - master + pull_request: + branches: + - master workflow_dispatch: inputs: EDM4EIC_VERSION: