From 4bf52995d8f6fb6e3577f27e815bf066f402e40c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Stru=C3=9F?= Date: Thu, 3 Oct 2024 18:40:38 +0200 Subject: [PATCH] Add docker multi-arch build with github package push and cleaned up Dockerfile for smaller builds --- .github/workflows/docker-build.yml | 128 +++++++++++++++++++++++++++++ Dockerfile | 21 ++--- requirements.txt | 1 + 3 files changed, 138 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/docker-build.yml diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 0000000..fac6f43 --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,128 @@ +name: docker-build + +on: + release: + types: [published] + +env: + REGISTRY: ghcr.io + +jobs: + variables: + outputs: + repository: ${{ steps.var.outputs.repository}} + runs-on: "ubuntu-latest" + steps: + - name: Setting global variables + uses: actions/github-script@v6 + id: var + with: + script: | + core.setOutput('repository', '${{ github.repository }}'.toLowerCase()); + build: + needs: + - variables + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + attestations: write + id-token: write + strategy: + fail-fast: false + matrix: + platform: + - linux/amd64 + - linux/arm64 + steps: + - name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: "${{ env.REGISTRY }}/${{ needs.variables.outputs.repository }}" + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GitHub + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push by digest + id: build + uses: docker/build-push-action@v6 + with: + platforms: ${{ matrix.platform }} + labels: ${{ steps.meta.outputs.labels }} + outputs: type=image,name=${{ env.REGISTRY }}/${{ needs.variables.outputs.repository }},push-by-digest=true,name-canonical=true,push=true + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: "${{ env.REGISTRY }}/${{ needs.variables.outputs.repository }}" + subject-digest: ${{ steps.build.outputs.digest }} + push-to-registry: true + + - name: Export digest + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + + - name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + merge: + runs-on: ubuntu-latest + needs: + - build + - variables + steps: + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-* + merge-multiple: true + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: "${{ env.REGISTRY }}/${{ needs.variables.outputs.repository }}" + + - name: Login to GitHub + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.REGISTRY }}/${{ needs.variables.outputs.repository }}@sha256:%s ' *) + + - name: Inspect image + run: | + docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ needs.variables.outputs.repository }}:${{ steps.meta.outputs.version }} diff --git a/Dockerfile b/Dockerfile index c37b83e..e3a83f0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,25 +1,22 @@ -ARG PYTHON_VERSION=3.12.6 +ARG PYTHON_VERSION=3.12.7 FROM python:${PYTHON_VERSION}-slim LABEL source="https://github.com/Akkudoktor-EOS/EOS" EXPOSE 5000 -ARG APT_OPTS="--yes --auto-remove --no-install-recommends --no-install-suggests" -RUN DEBIAN_FRONTEND=noninteractive \ - apt-get update \ - && apt-get install ${APT_OPTS} gcc libhdf5-dev libmariadb-dev pkg-config \ - && rm -rf /var/lib/apt/lists/* - -WORKDIR /var/lib/eos WORKDIR /opt/eos -COPY requirements.txt requirements.txt +COPY . . -RUN pip install --no-cache-dir -r requirements.txt +ARG APT_OPTS="--yes --auto-remove --no-install-recommends --no-install-suggests" -COPY . . -COPY config.py config.py +RUN DEBIAN_FRONTEND=noninteractive \ + apt-get update \ + && apt-get install ${APT_OPTS} gcc libhdf5-dev libmariadb-dev pkg-config mariadb-common libmariadb3 \ + && rm -rf /var/lib/apt/lists/* \ + && pip install --no-cache-dir -r requirements.txt \ + && apt remove ${APT_OPTS} gcc libhdf5-dev libmariadb-dev pkg-config ENTRYPOINT [] diff --git a/requirements.txt b/requirements.txt index 025d4a0..b45db78 100644 --- a/requirements.txt +++ b/requirements.txt @@ -8,3 +8,4 @@ joblib==1.4.2 requests==2.32.3 pytest==8.3.3 pytest-cov==5.0.0 +pandas==2.2.3