generated from opensafely-core/repo-template
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from opensafely-core/initial-setup
Initial setup
- Loading branch information
Showing
12 changed files
with
131 additions
and
566 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,40 +1,74 @@ | ||
| --- | ||
| name: CI | ||
|
|
||
| env: | ||
| IMAGE_NAME: research-template | ||
| PUBLIC_IMAGE_NAME: ghcr.io/opensafely/research-template | ||
| REGISTRY: ghcr.io | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| pull_request: | ||
| push: | ||
| branches: [main] | ||
|
|
||
| jobs: | ||
| check: | ||
| build-and-test: | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 | ||
| # Lint the dockerfile before building | ||
| with: | ||
| failure-threshold: error | ||
| - uses: "opensafely-core/setup-action@v1" | ||
| with: | ||
| python-version: "3.11" | ||
| install-just: true | ||
| - name: Check formatting, linting and import sorting | ||
| run: just check | ||
|
|
||
| test: | ||
| runs-on: ubuntu-latest | ||
| - name: Build docker image | ||
| run: just build | ||
|
|
||
| - name: Test docker image | ||
| run: just smoke-test | ||
|
|
||
| - name: Save docker image | ||
| run: | | ||
| docker save research-template | gzip > /tmp/research-template.tar.gz | ||
| - name: Upload docker image | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: research-template-image | ||
| path: /tmp/research-template.tar.gz | ||
|
|
||
| publish: | ||
| needs: [build] | ||
|
|
||
| runs-on: ubuntu-22.04 | ||
|
|
||
| permissions: | ||
| contents: read | ||
| packages: write | ||
|
|
||
| if: github.ref == 'refs/heads/main' | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: "opensafely-core/setup-action@v1" | ||
| with: | ||
| python-version: "3.11" | ||
| install-just: true | ||
| - name: Run tests | ||
| # env: # Add environment variables required for tests | ||
| run: | | ||
| just test | ||
|
|
||
| lint-dockerfile: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 | ||
| - name: Download docker image | ||
| uses: actions/download-artifact@v4 | ||
| with: | ||
| failure-threshold: error | ||
| name: research-template-image | ||
| path: /tmp/image | ||
|
|
||
| - name: Import docker image | ||
| run: gunzip -c /tmp/image/research-template.tar.gz | docker load | ||
|
|
||
| - name: Publish image | ||
| run: | | ||
| echo ${{ secrets.GITHUB_TOKEN }} | docker login $REGISTRY -u ${{ github.actor }} --password-stdin | ||
| docker tag $IMAGE_NAME $PUBLIC_IMAGE_NAME:latest | ||
| docker push $PUBLIC_IMAGE_NAME:latest |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,51 @@ | ||
| # All Dockerfiles should start from this base image | ||
| # Provide the TAG environment variable, or replace with the image version required | ||
| FROM ghcr.io/opensafely-core/base-docker:$TAG | ||
| FROM rocker/rstudio:4.0.5 | ||
|
|
||
| LABEL org.opencontainers.image.source https://github.com/opensafely/research-template | ||
|
|
||
| # we are going to use an apt cache on the host, so disable the default debian | ||
| # docker clean up that deletes that cache on every apt install | ||
| RUN rm -f /etc/apt/apt.conf.d/docker-clean | ||
|
|
||
| # Install python 3.10. This is the version used by the python-docker | ||
| # image, used for analyses using the OpenSAFELY pipeline. | ||
| # | ||
| # DL3042: we always want latest package versions when we rebuild | ||
| # DL3013: using an apt cache on the host instead | ||
| # hadolint ignore=DL3042,DL3013 | ||
| SHELL ["/bin/bash", "-o", "pipefail", "-c"] | ||
| RUN --mount=type=cache,target=/var/cache/apt \ | ||
| echo "deb http://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu focal main" > /etc/apt/sources.list.d/deadsnakes-ppa.list &&\ | ||
| /usr/lib/apt/apt-helper download-file 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xf23c5a6cf475977595c89f51ba6932366a755776' /etc/apt/trusted.gpg.d/deadsnakes.asc &&\ | ||
| apt-get update &&\ | ||
| apt-get install -y --no-install-recommends curl python3.10 python3.10-distutils python3.10-venv &&\ | ||
| # Pip for Python 3.10 isn't included in deadsnakes, so install separately | ||
| curl https://bootstrap.pypa.io/get-pip.py | python3.10 &&\ | ||
| # Set default python, so that the Python virtualenv works as expected | ||
| rm /usr/bin/python3 &&\ | ||
| ln -s /usr/bin/python3.10 /usr/bin/python3 | ||
|
|
||
| # install renv | ||
| RUN --mount=type=cache,target=/cache,id=/cache-2004 R -e 'install.packages("renv", destdir="/cache"); renv::init(bare = TRUE)' | ||
|
|
||
| # copy the renv directory from the OpenSAFELY R action image | ||
| # | ||
| # DL3022: hadolint can't access a network and doesn't behave | ||
| # as expected when a reference is made to an external image. | ||
| # hadolint ignore=DL3022 | ||
| COPY --from=ghcr.io/opensafely-core/r /renv/ /renv/ | ||
|
|
||
| # Copy the Python virtualenv from OpenSAFELY Python action image | ||
| # | ||
| # DL3022: hadolint can't access a network and doesn't behave | ||
| # as expected when a reference is made to an external image. | ||
| # hadolint ignore=DL3022 | ||
| COPY --from=ghcr.io/opensafely-core/python:v2 /opt/venv /opt/venv | ||
|
|
||
| # Create a local user and give it sudo (aka root) permissions | ||
| RUN usermod -aG sudo rstudio &&\ | ||
| echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers | ||
|
|
||
| # Required for installing opensafely cli | ||
| ENV PATH="/home/rstudio/.local/bin:${PATH}" | ||
|
|
||
| USER rstudio |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| # 0. Record architecture decisions | ||
|
|
||
| Date: 2024-04-29 | ||
|
|
||
| ## Status | ||
|
|
||
| Accepted | ||
|
|
||
| ## Context | ||
|
|
||
| We need to record the architectural decisions made on this project. | ||
|
|
||
| ## Decision | ||
|
|
||
| We will use Architecture Decision Records, as [described by Michael Nygard](http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions). | ||
|
|
||
| ## Consequences | ||
|
|
||
| See Michael Nygard's article, linked above. For a lightweight ADR toolset, see Nat Pryce's [adr-tools](https://github.com/npryce/adr-tools). |
Oops, something went wrong.