Skip to content

Build base

Build base #356

Workflow file for this run

---
name: "Build base"
on:
push:
paths:
- '.github/workflows/build-base.yml'
- 'base/Dockerfile'
branches:
- main
pull_request:
paths:
- '.github/workflows/build-base.yml'
- 'base/Dockerfile'
workflow_dispatch:
inputs:
pipeContainer:
description: 'Science Pipelines container'
required: true
default: 'lsstsqre/centos'
type: string
stackTag:
description: 'Science Pipelines tag'
required: true
default: 'd_latest'
type: string
makeLatest:
description: 'Push container with "latest" tag'
required: false
type: boolean
permissions:
packages: write
env:
IMAGE_NAME: prompt-base
# All inputs are null for PR/push builds
PIPE_CONTAINER: ${{ inputs.pipeContainer || 'lsstsqre/centos' }}
STACK_TAG: ${{ inputs.stackTag || 'd_latest' }}
MAKE_LATEST: ${{ inputs.makeLatest && 'true' || 'false' }}
jobs:
update-base-image:
name: Update base image
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Determine base image eups tag
working-directory: base
run: |
if [[ -n "$STACK_TAG" ]]; then
if [[ "$STACK_TAG" == *_latest ]]; then
# d_latest and w_latest are literal Docker tags
echo "$STACK_TAG" > lsst.docker.tag
elif [[ "$PIPE_CONTAINER" == "lsstsqre/centos" ]]; then
# Official dailies and weeklies use a more complex tag
echo "7-stack-lsst_distrib-$STACK_TAG" > lsst.docker.tag
else
# For special containers, anything goes
echo "$STACK_TAG" > lsst.docker.tag
fi
echo "$STACK_TAG" > stack.tag
else
echo "d_latest" > lsst.docker.tag
echo "d_latest" > stack.tag
fi
echo "Docker tag = $(< lsst.docker.tag)"
echo "Stack tag = $(< stack.tag)"
docker run "$PIPE_CONTAINER":"$(< lsst.docker.tag)" bash -c "cat conda/envs/lsst-scipipe-*/share/eups/ups_db/global.tags" > eups.tag || docker run "$PIPE_CONTAINER":"$(< lsst.docker.tag)" bash -c "cat stack/miniconda*/ups_db/global.tags" > eups.tag || echo "Unknown" > eups.tag
echo "Eups tag = $(< eups.tag)"
- name: Build image
# Context-free build
working-directory: base
run: |
docker build - \
--build-arg "PIPE_CONTAINER=${PIPE_CONTAINER}" \
--build-arg "STACK_TAG=$(< lsst.docker.tag)" \
--tag $IMAGE_NAME \
--label "runnumber=${GITHUB_RUN_ID}" \
--label "stacktag=$(< stack.tag)" \
--label "eupstag=$(< eups.tag)" \
< Dockerfile
- name: Push image to registries
working-directory: base
run: |
BRANCH=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
[ "$BRANCH" == "merge" ] && BRANCH=$(echo "${{ github.head_ref }}" | sed -e 's,.*/\(.*\),\1,')
for IMAGE_ID in "ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME"; do
STACK_TAG="$(< stack.tag)"
if [ "$BRANCH" == "main" ]; then
VERSION="$STACK_TAG"
else
VERSION="${BRANCH}-$STACK_TAG"
fi
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
EUPS_TAG=$(< eups.tag)
if [ "$EUPS_TAG" != "Unknown" ] && [ "$STACK_TAG" != "$EUPS_TAG" ]; then
# Also push actual eups tag if not the same (e.g. d_latest)
if [ "$BRANCH" == "main" ]; then
VERSION="$EUPS_TAG"
else
VERSION="${BRANCH}-$EUPS_TAG"
fi
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
fi
if [ "$MAKE_LATEST" == "true" ]; then
# Push latest if requested
if [ "$BRANCH" == "main" ]; then
VERSION="latest"
else
VERSION="${BRANCH}-latest"
fi
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
fi
done