Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(ci): github actions build workflow #15

Merged
merged 25 commits into from
May 16, 2024
Merged

feat(ci): github actions build workflow #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
0d2c275
feat(ci): github actions build workflow
wdconinc May 13, 2024
e8886af
fix: typo in eic-spack.sh
wdconinc May 13, 2024
efc6e7a
fix: versions++
wdconinc May 13, 2024
f626632
fix: define build-context spack-environment
wdconinc May 13, 2024
fb11a1a
fix: rm build-context spack
wdconinc May 13, 2024
353d6dd
fix: use gha-${{ github.run_id }} as INTERNAL_TAG
wdconinc May 13, 2024
22aed2f
fix: use GHCR_REGISTRY_{USER,TOKEN}
wdconinc May 13, 2024
758134d
fix: dev use BASE_IMAGE: debian_stable_base
wdconinc May 13, 2024
6f10c09
fix: dev use GHCR_REGISTRY_{USER,TOKEN}
wdconinc May 13, 2024
4ab1b22
fix: allow SPACK_CHERRYPICKS to work with space separate cherrypicks
wdconinc May 13, 2024
ee45997
fix: use secrets in mirrors.yaml
wdconinc May 13, 2024
2a9a644
fix: add S3_{ACCESS,SECRET}_KEY for eics3 mirror
wdconinc May 13, 2024
7d86004
fix: use env.INTERNAL_TAG and env.JOBS
wdconinc May 13, 2024
64ccc4c
fix: ensure S3RW_{ACCESS,SECRET}_KEY are used
wdconinc May 13, 2024
9f71558
fix: define CI_REGISTRY/CI_PROJECT_PATH
wdconinc May 14, 2024
1994d1e
fix: free-disk-space
wdconinc May 14, 2024
480cfe6
fix: workflow_dispatch with versions
wdconinc May 14, 2024
ce15158
feat: also build xl
wdconinc May 14, 2024
95bd5f3
feat: build on schedule, every 6 hours
wdconinc May 14, 2024
4ae29a2
fix: use docker/metadata-action for images, tags, labels
wdconinc May 14, 2024
99fe8be
fix: export as unstable-pr-<pr> for pull_request events
wdconinc May 14, 2024
1e94378
fix: when tag pattern v(\d+\.\d+\.\d+-.*) use tag \1
wdconinc May 14, 2024
5cd8716
fix: support Docker Hub push again
wdconinc May 15, 2024
b353198
fix: disable DH_PUSH again (no token)
wdconinc May 15, 2024
5a20a54
fix: on: push: master; on: pull_request: master
wdconinc May 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
289 changes: 289 additions & 0 deletions .github/workflows/build-push.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,289 @@
name: build-push

on:
schedule:
- cron: "30 */6 * * *"
push:
branches:
- master
pull_request:
branches:
- master
workflow_dispatch:
inputs:
EDM4EIC_VERSION:
required: false
default: ''
type: string
EICRECON_VERSION:
required: false
default: ''
type: string
JUGGLER_VERSION:
required: false
default: ''
type: string

concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: false

env:
## Default versions are specified in packages.yaml but can be overridden
## note: nightly builds will always use the master/main branch
EDM4EIC_VERSION: ${{ inputs.EDM4EIC_VERSION }}
EICRECON_VERSION: ${{ inputs.EICRECON_VERSION }}
JUGGLER_VERSION: ${{ inputs.JUGGLER_VERSION }}

## Dockerhub registry
DH_REGISTRY: docker.io
DH_REGISTRY_USER: eicweb
DH_PUSH: 0
## GitHub registry
GH_REGISTRY: ghcr.io
GH_REGISTRY_USER: eic
GH_PUSH: 1

## Number of jobs to start during container builds
JOBS: 4

## Internal tag used for the CI
INTERNAL_TAG: pipeline-${{ github.run_id }}

jobs:
base:
runs-on: ubuntu-latest
strategy:
matrix:
include:
- BASE_IMAGE: debian:stable-slim
BUILD_IMAGE: debian_stable_base
PLATFORM: linux/amd64
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64,linux/arm64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
name=${{ env.DH_REGISTRY }}/${{ env.DH_REGISTRY_USER }}/${{ matrix.BUILD_IMAGE }},enable=${{ env.DH_PUSH != 0 }}
name=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/${{ matrix.BUILD_IMAGE }},enable=${{ env.GH_PUSH != 0 }}
tags: |
${{ env.INTERNAL_TAG }}
type=schedule
type=ref,prefix=unstable-pr-,event=pr
- name: Login to Docker Hub
uses: docker/login-action@v3
if: ${{ env.DH_PUSH == '1' }}
with:
registry: ${{ env.DH_REGISTRY }}
username: ${{ env.DH_REGISTRY_USER }}
password: ${{ secrets.DH_EICWEB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
if: ${{ env.GH_PUSH == '1' }}
with:
registry: ${{ env.GH_REGISTRY }}
username: ${{ secrets.GHCR_REGISTRY_USER }}
password: ${{ secrets.GHCR_REGISTRY_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
file: containers/debian/base.Dockerfile
context: containers/debian
platforms: ${{ matrix.PLATFORM }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=${{ matrix.BASE_IMAGE }}
BUILD_IMAGE=${{ matrix.BUILD_IMAGE }}
cache-from: type=gha,scope=${{ github.workflow }}
cache-to: type=gha,mode=max,scope=${{ github.workflow }}

dev:
runs-on: ubuntu-latest
needs: base
strategy:
matrix:
include:
- BASE_IMAGE: debian_stable_base
BUILD_IMAGE: dev
PLATFORM: linux/amd64
ENV: dev
steps:
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/[email protected]
with:
android: true
dotnet: true
- name: Checkout
uses: actions/checkout@v4
- name: Load spack version and cherry-picks
id: spack
shell: bash
run: |
source spack.sh
echo "orgrepo=${SPACK_ORGREPO}" | tee -a $GITHUB_OUTPUT
echo "version=${SPACK_VERSION}" | tee -a $GITHUB_OUTPUT
echo "cherrypicks=${SPACK_CHERRYPICKS//$'\n'/ }" | tee -a $GITHUB_OUTPUT
echo "cherrypicks_files=${SPACK_CHERRYPICKS_FILES//$'\n'/ }" | tee -a $GITHUB_OUTPUT
- name: Load eic-spack version and cherry-picks
id: eic-spack
run: |
source eic-spack.sh
echo "orgrepo=${EICSPACK_ORGREPO}" | tee -a $GITHUB_OUTPUT
echo "version=${EICSPACK_VERSION}" | tee -a $GITHUB_OUTPUT
echo "cherrypicks=${EICSPACK_CHERRYPICKS//$'\n'/ }" | tee -a $GITHUB_OUTPUT
- name: Load secrets into mirrors.yaml
id: mirrors
run: |
source spack.sh
export SPACK_VERSION
export CI_REGISTRY=ghcr.io
export CI_PROJECT_PATH=eic
export CI_REGISTRY_USER=${{ secrets.GHCR_REGISTRY_USER }}
export CI_REGISTRY_PASSWORD=${{ secrets.GHCR_REGISTRY_TOKEN }}
export GITHUB_REGISTRY_USER=${{ secrets.GHCR_REGISTRY_USER }}
export GITHUB_REGISTRY_TOKEN=${{ secrets.GHCR_REGISTRY_TOKEN }}
export S3RW_ACCESS_KEY=${{ secrets.S3RW_ACCESS_KEY }}
export S3RW_SECRET_KEY=${{ secrets.S3RW_SECRET_KEY }}
cat mirrors.yaml.in | envsubst > mirrors.yaml
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
name=${{ env.DH_REGISTRY }}/${{ env.DH_REGISTRY_USER }}/eic_${{ matrix.BUILD_IMAGE }},enable=${{ env.DH_PUSH != 0 }}
name=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/eic_${{ matrix.BUILD_IMAGE }},enable=${{ env.GH_PUSH != 0 }}
tags: |
${{ env.INTERNAL_TAG }}
type=schedule,pattern={{date 'YYYY-MM-DD'}}
type=ref,prefix=unstable-pr-,event=pr
type=match,pattern=^v(\d+\.\d+\.\d+-.*)$,group=1
- name: Login to Docker Hub
uses: docker/login-action@v3
if: ${{ env.DH_PUSH == '1' }}
with:
registry: ${{ env.DH_REGISTRY }}
username: ${{ env.DH_REGISTRY_USER }}
password: ${{ secrets.DH_EICWEB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
if: ${{ env.GH_PUSH == '1' }}
with:
registry: ${{ env.GH_REGISTRY }}
username: ${{ secrets.GHCR_REGISTRY_USER }}
password: ${{ secrets.GHCR_REGISTRY_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
file: containers/jug/dev.Dockerfile
context: containers/jug
build-contexts: |
spack-environment=spack-environment
secret-files: |
mirrors=mirrors.yaml
platforms: ${{ matrix.PLATFORM }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
DOCKER_REGISTRY=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/
BASE_IMAGE=${{ matrix.BASE_IMAGE }}
BUILD_IMAGE=eic_${{ matrix.BUILD_IMAGE }}
INTERNAL_TAG=${{ env.INTERNAL_TAG }}
SPACK_ORGREPO=${{ steps.spack.outputs.orgrepo }}
SPACK_VERSION=${{ steps.spack.outputs.version }}
SPACK_CHERRYPICKS=${{ steps.spack.outputs.cherrypicks }}
SPACK_CHERRYPICKS_FILES=${{ steps.spack.outputs.cherrypicks_files }}
EICSPACK_ORGREPO=${{ steps.eic-spack.outputs.orgrepo }}
EICSPACK_VERSION=${{ steps.eic-spack.outputs.version }}
EICSPACK_CHERRYPICKS=${{ steps.eic-spack.outputs.cherrypicks }}
S3_ACCESS_KEY=${{ secrets.S3_ACCESS_KEY }}
S3_SECRET_KEY=${{ secrets.S3_SECRET_KEY }}
jobs=${{ env.JOBS }}
cache-from: type=gha,scope=${{ github.workflow }}
cache-to: type=gha,mode=max,scope=${{ github.workflow }}

xl:
runs-on: ubuntu-latest
needs: dev
strategy:
matrix:
include:
- BASE_IMAGE: dev
BUILD_IMAGE: xl
PLATFORM: linux/amd64
steps:
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/[email protected]
with:
android: true
dotnet: true
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
name=${{ env.DH_REGISTRY }}/${{ env.DH_REGISTRY_USER }}/eic_${{ matrix.BUILD_IMAGE }},enable=${{ env.DH_PUSH != 0 }}
name=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/eic_${{ matrix.BUILD_IMAGE }},enable=${{ env.GH_PUSH != 0 }}
tags: |
${{ env.INTERNAL_TAG }}
type=schedule,pattern={{date 'YYYY-MM-DD'}}
type=ref,prefix=unstable-pr-,event=pr
type=match,pattern=^v(\d+\.\d+\.\d+-.*)$,group=1
- name: Login to Docker Hub
uses: docker/login-action@v3
if: ${{ env.DH_PUSH == '1' }}
with:
registry: ${{ env.DH_REGISTRY }}
username: ${{ env.DH_REGISTRY_USER }}
password: ${{ secrets.DH_EICWEB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
if: ${{ env.GH_PUSH == '1' }}
with:
registry: ${{ env.GH_REGISTRY }}
username: ${{ secrets.GHCR_REGISTRY_USER }}
password: ${{ secrets.GHCR_REGISTRY_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
file: containers/jug/xl.Dockerfile
context: containers/jug
build-contexts: |
detectors=.
platforms: ${{ matrix.PLATFORM }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
DOCKER_REGISTRY=${{ env.GH_REGISTRY }}/${{ env.GH_REGISTRY_USER }}/
BASE_IMAGE=eic_${{ matrix.BASE_IMAGE }}
BUILD_IMAGE=eic_${{ matrix.BUILD_IMAGE }}
INTERNAL_TAG=${{ env.INTERNAL_TAG }}
jobs=${{ env.JOBS }}
cache-from: type=gha,scope=${{ github.workflow }}
cache-to: type=gha,mode=max,scope=${{ github.workflow }}
2 changes: 1 addition & 1 deletion containers/jug/dev.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ git config --global advice.detachedHead false
git clone --filter=tree:0 https://github.com/${SPACK_ORGREPO}.git ${SPACK_ROOT}
git -C ${SPACK_ROOT} checkout ${SPACK_VERSION}
if [ -n "${SPACK_CHERRYPICKS}" ] ; then
SPACK_CHERRYPICKS=$(git -C ${SPACK_ROOT} rev-list --topo-order ${SPACK_CHERRYPICKS} | grep -m $(echo ${SPACK_CHERRYPICKS} | wc -w) "${SPACK_CHERRYPICKS}" | tac)
SPACK_CHERRYPICKS=$(git -C ${SPACK_ROOT} rev-list --topo-order ${SPACK_CHERRYPICKS} | grep -m $(echo ${SPACK_CHERRYPICKS} | wc -w) -e ${SPACK_CHERRYPICKS// / -e } | tac)
eval "declare -A SPACK_CHERRYPICKS_FILES_ARRAY=(${SPACK_CHERRYPICKS_FILES})"
for hash in ${SPACK_CHERRYPICKS} ; do
if [ -n "${SPACK_CHERRYPICKS_FILES_ARRAY[${hash}]+found}" ] ; then
Expand Down