start new docker build #5655
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker GHA | |
| on: | |
| # push: | |
| # branches: | |
| # - main | |
| # tags: | |
| # - "v*.*.*" | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| depends: | |
| description: 'Create depends image' | |
| required: true | |
| type: boolean | |
| default: true | |
| r_version: | |
| description: 'R version to use' | |
| required: true | |
| type: choice | |
| default: "4.1" | |
| options: | |
| - 4.1 | |
| - 4.2 | |
| - 4.3 | |
| # there are 3 jobs to build different images | |
| jobs: | |
| depends: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # create metadata for image | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| # list of Docker images to use as base name for tags | |
| images: | | |
| #pecan/${{ matrix.IMAGE }} | |
| ghcr.io/${{ github.repository_owner }}/depends | |
| # generate Docker tags based on the following events/attributes | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| # setup docker build | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Inspect Builder | |
| run: | | |
| echo "Name: ${{ steps.buildx.outputs.name }}" | |
| echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" | |
| echo "Status: ${{ steps.buildx.outputs.status }}" | |
| echo "Flags: ${{ steps.buildx.outputs.flags }}" | |
| echo "Platforms: ${{ steps.buildx.outputs.platforms }}" | |
| # login to registries | |
| # - name: Login to DockerHub | |
| # uses: docker/login-action@v3 | |
| # with: | |
| # username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| # password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| # - name: Login to GitHub Container Registry | |
| # uses: docker/login-action@v3 | |
| # with: | |
| # registry: ghcr.io | |
| # username: ${{ github.actor }} | |
| # password: ${{ secrets.GITHUB_TOKEN }} | |
| # build the docker images | |
| - name: Build and push depends | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: docker/depends | |
| #push: ${{ github.event_name != 'pull_request' }} | |
| #push: true | |
| platforms: "linux/amd64,linux/arm64" | |
| # cache-from: type=registry,ref=classtranscribe/frontend-pipeline:buildcache | |
| # cache-to: type=registry,ref=classtranscribe/frontend:buildcache,mode=max | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| outputs: type=image,dest=/tmp/depends.tar | |
| build-args: | | |
| VERSION=${{ steps.meta.outputs.version }} | |
| R_VERSION=${{ github.event.inputs.r_version}} | |
| # so depends image can be used in other steps | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: myimage | |
| path: /tmp/depends.tar | |
| misc: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| name: | |
| - web | |
| - dbsync | |
| include: | |
| - name: web | |
| PLATFORM: "linux/amd64,linux/arm64" | |
| DOCKERFILE: docker/web/Dockerfile | |
| IMAGE: web | |
| - name: dbsync | |
| PLATFORM: "linux/amd64,linux/arm64" | |
| DOCKERFILE: docker/web/Dockerfile | |
| IMAGE: shiny-dbsync | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # create metadata for image | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| # list of Docker images to use as base name for tags | |
| images: | | |
| #pecan/${{ matrix.IMAGE }} | |
| ghcr.io/${{ github.repository_owner }}/${{ matrix.IMAGE }} | |
| # generate Docker tags based on the following events/attributes | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| # setup docker build | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Inspect Builder | |
| run: | | |
| echo "Name: ${{ steps.buildx.outputs.name }}" | |
| echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" | |
| echo "Status: ${{ steps.buildx.outputs.status }}" | |
| echo "Flags: ${{ steps.buildx.outputs.flags }}" | |
| echo "Platforms: ${{ steps.buildx.outputs.platforms }}" | |
| # login to registries | |
| # - name: Login to DockerHub | |
| # uses: docker/login-action@v3 | |
| # with: | |
| # username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| # password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| # - name: Login to GitHub Container Registry | |
| # uses: docker/login-action@v3 | |
| # with: | |
| # registry: ghcr.io | |
| # username: ${{ github.actor }} | |
| # password: ${{ secrets.GITHUB_TOKEN }} | |
| # build the docker images | |
| - name: Build and push depends | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ${{ matrix.DOCKERFILE }} | |
| #push: ${{ github.event_name != 'pull_request' }} | |
| #push: true | |
| platforms: ${{ matrix.PLATFORM }} | |
| # cache-from: type=registry,ref=classtranscribe/frontend-pipeline:buildcache | |
| # cache-to: type=registry,ref=classtranscribe/frontend:buildcache,mode=max | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| build-args: | | |
| VERSION=${{ steps.meta.outputs.version }} | |
| R_VERSION=${{ github.event.inputs.r_version}} | |
| # depends: | |
| # name: Docker | |
| # # initially we would us on: [release] as well, the problem is that | |
| # # the code in clowder would not know what branch the code is in, | |
| # # and would not set the right version flags. | |
| # # This will run when: | |
| # # - when new code is pushed to master/develop to push the tags | |
| # # latest and develop | |
| # # - when a pull request is created and updated to make sure the | |
| # # Dockerfile is still valid. | |
| # # To be able to push to dockerhub, this expects the following | |
| # # secrets to be set in the project: | |
| # # - DOCKERHUB_USERNAME : username that can push to the org | |
| # # - DOCKERHUB_PASSWORD : password asscoaited with the username | |
| # on: | |
| # push: | |
| # branches: | |
| # - master | |
| # - develop | |
| # pull_request: | |
| # merge_group: | |
| # issue_comment: | |
| # types: | |
| # - created | |
| # workflow_dispatch: | |
| # # Certain actions will only run when this is the master repo. | |
| # env: | |
| # MASTER_REPO: PecanProject/pecan | |
| # DOCKERHUB_ORG: pecan | |
| # GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} | |
| # jobs: | |
| # docker: | |
| # if: github.event_name != 'issue_comment' || startsWith(github.event.comment.body, '/build') | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Work around https://github.com/actions/checkout/issues/766 | |
| # run: git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
| # - uses: actions/checkout@v4 | |
| # with: | |
| # set-safe-directory: false | |
| # - name: Set up Docker Buildx | |
| # uses: docker/setup-buildx-action@v3 | |
| # with: | |
| # driver: docker | |
| # buildkitd-flags: --debug | |
| # install: true | |
| # # calculate some variables that are used later | |
| # - name: get version tag | |
| # run: | | |
| # BRANCH=${GITHUB_REF##*/} | |
| # echo "GITHUB_BRANCH=${BRANCH}" >> $GITHUB_ENV | |
| # if [ "$BRANCH" == "master" ]; then | |
| # version="$(awk '/Version:/ { print $2 }' base/all/DESCRIPTION)" | |
| # tags="latest" | |
| # oldversion="" | |
| # while [ "${oldversion}" != "${version}" ]; do | |
| # oldversion="${version}" | |
| # tags="${tags},${version}" | |
| # version=${version%.*} | |
| # done | |
| # echo "PECAN_VERSION=$(awk '/Version:/ { print $2 }' base/all/DESCRIPTION)" >> $GITHUB_ENV | |
| # echo "PECAN_TAGS=${tags}" >> $GITHUB_ENV | |
| # elif [ "$BRANCH" == "develop" ]; then | |
| # echo "PECAN_VERSION=develop" >> $GITHUB_ENV | |
| # echo "PECAN_TAGS=develop" >> $GITHUB_ENV | |
| # else | |
| # echo "PECAN_VERSION=develop" >> $GITHUB_ENV | |
| # echo "PECAN_TAGS=develop" >> $GITHUB_ENV | |
| # fi | |
| # # If any dependencies changed in this PR, try to update depends image | |
| # - name: check for changed dependencies | |
| # uses: dorny/paths-filter@v3 | |
| # id: findchanges | |
| # with: | |
| # filters: | | |
| # deps: | |
| # - docker/depends/** | |
| # - if: steps.findchanges.outputs.deps == 'true' | |
| # # NB: GITHUB_BASE_REF is only set on pull requests, | |
| # # so non-PR builds will find no existing tag and build fresh | |
| # run: | | |
| # if $(docker manifest inspect pecan/depends:${GITHUB_BASE_REF##*/} > /dev/null 2>&1); then | |
| # echo "UPDATE_DEPENDS_FROM_TAG=${GITHUB_BASE_REF##*/}" >> $GITHUB_ENV | |
| # else | |
| # echo "BUILD_DEPENDS_FRESH=true" >> GITHUB_ENV | |
| # fi | |
| # env: | |
| # GITHUB_BASE_REF: ${{ github.base_ref }} | |
| # # use shell script to build, there is some complexity in this | |
| # - name: create images | |
| # run: ./docker.sh -i github | |
| # env: | |
| # PECAN_GIT_CHECKSUM: ${{ github.sha }} | |
| # PECAN_GIT_BRANCH: ${GITHUB_BRANCH} | |
| # VERSION: ${{ env.PECAN_VERSION }} | |
| # UPDATE_DEPENDS_FROM_TAG: ${{ env.UPDATE_DEPENDS_FROM_TAG }} | |
| # BUILD: ${{ env.BUILD_DEPENDS_FRESH }} | |
| # # push all images to github | |
| # - name: Publish to GitHub | |
| # if: github.event_name == 'push' && github.repository == env.MASTER_REPO | |
| # run: | | |
| # echo "${INPUT_PASSWORD}" | docker login -u ${INPUT_USERNAME} --password-stdin ${INPUT_REGISTRY} | |
| # repo=$(echo ${{ github.repository_owner }} | tr 'A-Z' 'a-z') | |
| # for image in $(docker image ls pecan/*:github --format "{{ .Repository }}"); do | |
| # for v in ${PECAN_TAGS}; do | |
| # docker tag ${image}:github ${INPUT_REGISTRY}/${repo}/${image#pecan/}:${v} | |
| # docker push ${INPUT_REGISTRY}/${repo}/${image#pecan/}:${v} | |
| # done | |
| # done | |
| # docker logout | |
| # env: | |
| # INPUT_REGISTRY: ghcr.io | |
| # INPUT_USERNAME: ${{ secrets.GHCR_USERNAME }} | |
| # INPUT_PASSWORD: ${{ secrets.GHCR_PASSWORD }} | |
| # # push all images to dockerhub | |
| # - name: Publish to DockerHub | |
| # if: github.event_name == 'push' && github.repository == env.MASTER_REPO | |
| # run: | | |
| # echo "${INPUT_PASSWORD}" | docker login -u ${INPUT_USERNAME} --password-stdin | |
| # for image in $(docker image ls pecan/*:github --format "{{ .Repository }}"); do | |
| # for v in ${PECAN_TAGS}; do | |
| # docker tag ${image}:github ${{ env.DOCKERHUB_ORG }}/${image#pecan/}:${v} | |
| # docker push ${{ env.DOCKERHUB_ORG }}/${image#pecan/}:${v} | |
| # done | |
| # done | |
| # docker logout | |
| # env: | |
| # INPUT_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| # INPUT_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} |