Use my credentials to store and retrieve container (#113)

* Use my own credentials store and retrieve container
MetOffice · Aug 1, 2024 · 8bffcfc · 8bffcfc
1 parent 72dd763
commit 8bffcfc
Show file tree

Hide file tree

Showing 5 changed files with 48 additions and 23 deletions.
diff --git a/.github/workflows/build_ci_image.yml b/.github/workflows/build_ci_image.yml
@@ -12,7 +12,7 @@ on:
 # workflow builds.
 env:
   REGISTRY: ghcr.io
-  IMAGE_NAME: darth/orca-jedi/ci-almalinux9
+  IMAGE_NAME: twsearle/orca-jedi/ci-almalinux9
 
 jobs:
   build-and-push-image:
@@ -35,8 +35,10 @@ jobs:
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GH_PAT }}
+          username: twsearle
+          password: ${{ secrets.GHCR_PAT }}
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
       # This step uses
       # [docker/metadata-action](https://github.com/docker/metadata-action#about)
       # to extract tags and labels that will be applied to the specified image.
@@ -68,10 +70,13 @@ jobs:
         uses: docker/build-push-action@v6
         with:
           context: .
+          cache-from: type=gha
+          cache-to: type=gha,mode=max`
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
 
+
       # This step generates an artifact attestation for the image, which is an
       # unforgeable statement about where and how it was built. It increases
       # supply chain security for people who consume the image. For more

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -5,7 +5,9 @@ on:
     branches: [develop]
   pull_request:
     branches: [develop]
-
+env:
+    REGISTRY: ghcr.io
+    IMAGE_NAME: twsearle/orca-jedi/ci-almalinux9:feature-use-personal-ghcr-container
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -21,47 +23,51 @@ jobs:
           path: ci/jedicmake
           repository: JCSDA-internal/jedi-cmake
           submodules: true
-          token: ${{ secrets.GH_PAT }}
+          token: ${{ secrets.GHCR_PAT }}
 
       - name: checkout oops
         uses: actions/checkout@v3
         with:
           path: ci/oops
           repository: JCSDA-internal/oops
-          token: ${{ secrets.GH_PAT }}
+          token: ${{ secrets.GHCR_PAT }}
 
       - name: checkout ioda
         uses: actions/checkout@v3
         with:
           path: ci/ioda
           repository: JCSDA-internal/ioda
-          token: ${{ secrets.GH_PAT }}
+          token: ${{ secrets.GHCR_PAT }}
 
       - name: checkout ufo
         uses: actions/checkout@v3
         with:
           path: ci/ufo
           repository: JCSDA-internal/ufo
-          token: ${{ secrets.GH_PAT }}
-
-      - name: checkout atlas-orca
-        uses: actions/checkout@v3
-        with:
-          path: ci/atlas-orca
-          repository: ECMWF/atlas-orca
+          token: ${{ secrets.GHCR_PAT }}
 
       - name: checkout atlas-data
         uses: actions/checkout@v3
         with:
           path: ci/atlas-data
           repository: MetOffice/atlas-data
           lfs: true
-          token: ${{ secrets.GH_PAT }}
+          token: ${{ secrets.GHCR_PAT }}
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: twsearle
+          password: ${{ secrets.GHCR_PAT }}
+
+      - name: Pull Docker image
+        run: docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
       - name: build and test
         run: |
           docker run --rm \
             --entrypoint=/usr/local/src/orca-jedi/ci/build-and-test.sh \
             --workdir=/usr/local/src/orca-jedi/ci \
             --volume $PWD:/usr/local/src/orca-jedi \
-            'jcsda/docker-gnu-openmpi-dev:latest'
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
diff --git a/ci/CMakeLists.txt b/ci/CMakeLists.txt
@@ -17,7 +17,6 @@ if(NOT DEFINED jedicmake_DIR)
   set(jedicmake_DIR "${CMAKE_BINARY_DIR}/jedicmake")
 endif()
 
-add_subdirectory("${CMAKE_CURRENT_SOURCE_DIR}/atlas-orca" EXCLUDE_FROM_ALL)
 add_subdirectory("${CMAKE_CURRENT_SOURCE_DIR}/oops" EXCLUDE_FROM_ALL)
 add_subdirectory("${CMAKE_CURRENT_SOURCE_DIR}/ioda" EXCLUDE_FROM_ALL)
 add_subdirectory("${CMAKE_CURRENT_SOURCE_DIR}/ufo" EXCLUDE_FROM_ALL)

diff --git a/ci/build-and-test.sh b/ci/build-and-test.sh
@@ -20,7 +20,20 @@ trap finally EXIT
 
 cd "${WORKD}"
 
-source /opt/spack-environment/activate.sh
+if [[ -f /opt/spack-environment/activate.sh ]]; then
+    source /opt/spack-environment/activate.sh
+fi
+
+# -- Enable OpenMPI over subscription -----------------------------------------
+if command -v ompi_info &>/dev/null; then
+    echo "Check support for MPI_THREAD_MULTIPLE"
+    ompi_info | grep -i 'thread support'
+    ompi_vn=$(ompi_info | awk '/Ident string:/ {print $3}')
+    case $ompi_vn in
+        4.*) export OMPI_MCA_rmaps_base_oversubscribe=1 ;;
+        5.*) export PRTE_MCA_rmaps_default_mapping_policy=:oversubscribe ;;
+    esac
+fi
 
 echo "
 -------------------------------
@@ -41,11 +54,6 @@ ln -s '..' "${HERE}/orca-jedi"
 ecbuild -S "${HERE}"
 make -j "${NPROC}"
 
-if [[ ! -f share/plugins/atlas-orca.yml ]]; then
- echo "ERROR atlas-orca.yml not found!" | tee >(cat >&2)
- exit 1
-fi
-
 env OMPI_ALLOW_RUN_AS_ROOT=1 OMPI_ALLOW_RUN_AS_ROOT_CONFIRM=1 \
     ATLAS_TRACE=1 ATLAS_DEBUG=1 \
     LD_LIBRARY_PATH="${HERE}/lib:${LD_LIBRARY_PATH}" \

diff --git a/ci/hpccm_recipe_almalinux9.py b/ci/hpccm_recipe_almalinux9.py
@@ -45,6 +45,8 @@ def gitlab_url(repo, vn):
 netcdf_vn = USERARG.get('netcdf_vn', '4.9.2')
 netcdfcxx_vn = USERARG.get('netcdfcxx_vn', '4.3.1')
 netcdfftn_vn = USERARG.get('netcdfftn_vn', '4.6.1')
+netcdf4python_vn = USERARG.get('netcdf4python_vn', '1.6.5')
+numpy_vn = USERARG.get('numpy_vn', '1.26.4')
 odc_vn = USERARG.get('odc_vn', '1.5.2')
 openmpi_vn = USERARG.get('openmpi_vn', '4.1.5')
 pycodestyle_vn = USERARG.get('pycodestyle_vn', '2.10')
@@ -266,6 +268,11 @@ def gitlab_url(repo, vn):
     configure_opts=['--with-idxtype=long', '--without-regard-for-quality'],
 )
 
+Stage0 += pip(pip='pip3', packages=[
+    f"pycodestyle=={pycodestyle_vn}",
+    f"numpy=={numpy_vn}",
+    f"netcdf4=={netcdf4python_vn}",
+])
 Stage1 += baseimage(image='almalinux:9', _distro='rhel')
 Stage1 += comment('JEDI development image with GNU and OpenMPI')
 Stage1 += label(metadata={