Skip to content

Deploy Docker Image #37

Deploy Docker Image

Deploy Docker Image #37

---
name: Deploy Docker Image
on:
push:
branches:
- main
paths:
- 'renv/profiles/**/renv.lock'
workflow_dispatch: # give possibility to run it manually
permissions: write-all
env:
REGISTRY: ghcr.io
concurrency:
group: deploy-docker-image-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
get_renv_list:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.matrix.outputs.renv }}
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 2 # "2" -> To retrieve the preceding commit.
- name: Get changed files in renv/profiles
id: changed-files
uses: tj-actions/changed-files@v35
with:
files: renv/profiles/**/renv.lock
# TODO: what to do with renv_legacy ?
- name: Get Updated renv # note: for case schedules job, we update every docker images, and for renv.lock files updates we only update modified renv.lock versions
id: matrix
run: |
if [[ "${{github.event_name}}" == "schedule" || "${{github.event_name}}" == "workflow_dispatch" ]]
then
renv_list=$(find renv/profiles | grep renv.lock )
else
renv_list="${{ steps.changed-files.outputs.all_changed_files }}"
fi
renv_list=$(echo $renv_list | sed 's/ /", "/g')
echo "renv=[\"$renv_list\"]" >> $GITHUB_OUTPUT
deploy-image:
needs: [ get_renv_list ]
runs-on: ubuntu-latest
strategy:
fail-fast: false # if one of the job "deploy-image" fails, the other parallel jobs will just continue
matrix:
value: ${{ fromJson(needs.get_renv_list.outputs.matrix) }}
# Token permissions
permissions:
contents: read
packages: write
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Print message
run: |
echo "updating docker image for renv ${{ matrix.value }}"
- name: Set image specs
id: image_specs
run: |
package_name=$(grep "Package:" DESCRIPTION | awk '{print $NF}')
r_version=$(basename $(dirname ${{ matrix.value }})) # TODO: check here if legacy renv (if yes, delete _legacy suffix and add _legacy suffix to docker im?)
renv=$(echo "${{ matrix.value }}" | tr -d '"')
echo "renv_lock_path=$renv" >> $GITHUB_OUTPUT
echo "r_version=$r_version" >> $GITHUB_OUTPUT
echo "image_name=$package_name-$r_version" >> $GITHUB_OUTPUT
- name: Call deploy docker image action for every renv
uses: insightsengineering/r-image-creator@feature/create_image_from_description
with:
image-name: "${{ steps.image_specs.outputs.image_name }}"
tag-latest: true
base-image: "rocker/rstudio:${{ steps.image_specs.outputs.r_version }}"
sysdeps: qpdf,libxt-dev,curl,npm,libicu-dev,libcurl4-openssl-dev,libssl-dev,make,zlib1g-dev,libfontconfig1-dev,libfreetype6-dev,libfribidi-dev,libharfbuzz-dev,libjpeg-dev,libpng-dev,libtiff-dev,pandoc,libxml2-dev,libgit2-dev,libgit2-dev,jq
renv-lock-file: "${{ steps.image_specs.outputs.renv_lock_path }}"
repository-owner: ${{ github.repository_owner }}
repo-user: ${{ github.actor }} # pharmaverse-bot
repo-token: "${{ secrets.GITHUB_TOKEN }}" # ${{ secrets.PHARMAVERSE_BOT }}
deploy-image-devel:
runs-on: ubuntu-latest
# Token permissions
permissions:
contents: read
packages: write
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set image specs
id: image_specs
run: |
package_name=$(grep "Package:" DESCRIPTION | awk '{print $NF}')
echo "image_name=$package_name-devel" >> $GITHUB_OUTPUT
- name: Call deploy docker image action devel
uses: insightsengineering/r-image-creator@feature/create_image_from_description
with:
image-name: "${{ steps.image_specs.outputs.image_name }}"
tag-latest: true
base-image: "rocker/rstudio:devel"
sysdeps: qpdf,libxt-dev,curl,npm,libicu-dev,libcurl4-openssl-dev,libssl-dev,make,zlib1g-dev,libfontconfig1-dev,libfreetype6-dev,libfribidi-dev,libharfbuzz-dev,libjpeg-dev,libpng-dev,libtiff-dev,pandoc,libxml2-dev,libgit2-dev,libgit2-dev,jq
description-file: "./DESCRIPTION"
repository-owner: ${{ github.repository_owner }}
repo-user: ${{ github.actor }} # pharmaverse-bot
repo-token: "${{ secrets.GITHUB_TOKEN }}" # ${{ secrets.PHARMAVERSE_BOT }}
# refacto todo: image-name, sysdeps on get-renv-list job
# note: in case of 403 error when pushing to ghcr : link current repo to the given package registry - https://github.com/docker/build-push-action/issues/687
# (got to https://github.com/<user name>?tab=packages to go to packages settings) and there https://github.com/users/<user name>/packages/container/admiralci-4.0/settings