-
Notifications
You must be signed in to change notification settings - Fork 0
144 lines (137 loc) · 4.79 KB
/
build-service.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
---
name: "Build and test service"
on:
push:
branches:
- main
- 'releases/**'
- 'tickets/DM-47975'
paths:
- '.github/workflows/build-service.yml'
- 'config/**'
- 'pipelines/**'
- 'python/activator/**'
- 'tests/**'
- 'Dockerfile'
pull_request:
paths:
- '.github/workflows/build-service.yml'
- 'config/**'
- 'pipelines/**'
- 'python/activator/**'
- 'tests/**'
- 'Dockerfile'
workflow_dispatch:
permissions:
packages: write
env:
IMAGE_NAME: prompt-service
BASE_IMAGE: ghcr.io/${{ github.repository_owner }}/prompt-base
# This is a bracketed, comma-separated list of double-quoted base container
# tags that will be used to build service containers on each branch
# (including "main"). Typically, any tags listed beyond "latest" would be
# relatively stable Pipelines containers that are needed to avoid issues with
# the "latest" version; they would remain in this list until "latest" becomes
# usable for all building and testing.
BASE_TAG_LIST: '["latest"]'
jobs:
matrix-gen:
# This job exists solely because fromJSON() cannot directly accept
# env.BASE_TAG_LIST for some reason.
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- id: set-matrix
run: echo "matrix=${BASE_TAG_LIST}" >> $GITHUB_OUTPUT
# Do testing and building in separate jobs to keep total disk usage down
test-service:
needs: matrix-gen
strategy:
matrix:
baseTag: ${{ fromJSON(needs.matrix-gen.outputs.matrix) }}
name: Test service
runs-on: ubuntu-latest
env:
BASE_TAG: ${{ matrix.baseTag }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Fix permissions
run: chmod -R a+rwX $GITHUB_WORKSPACE
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Run tests
run: |
docker run \
-v $GITHUB_WORKSPACE:/home/lsst/prompt_processing \
"$BASE_IMAGE":"$BASE_TAG" \
bash -c '
cd /home/lsst/prompt_processing
source /opt/lsst/software/stack/loadLSST.bash
setup -r .
# Fix permissions; arg must be absolute path.
git config --global --add safe.directory /home/lsst/prompt_processing
scons'
update-service-image:
name: Update service image
needs:
- matrix-gen
- test-service
runs-on: ubuntu-latest
strategy:
matrix:
baseTag: ${{ fromJSON(needs.matrix-gen.outputs.matrix) }}
env:
BASE_TAG: ${{ matrix.baseTag }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Determine eups tag
run: |
docker run "$BASE_IMAGE":"$BASE_TAG" bash -c "cat conda/envs/lsst-scipipe-*/share/eups/ups_db/global.tags" > eups.tag || docker run "$BASE_IMAGE":"$BASE_TAG" bash -c "cat stack/miniconda*/ups_db/global.tags" > eups.tag || echo "Unknown" > eups.tag
echo "Eups tag = $(< eups.tag)"
- name: Build image
run: |
docker build . -f Dockerfile \
--build-arg "BASE_TAG=$BASE_TAG" \
--tag $IMAGE_NAME \
--label "runnumber=${GITHUB_RUN_ID}" \
--label "basetag=${BASE_TAG}" \
--label "eupstag=$(< eups.tag)"
- name: Push image to container registries
run: |
BRANCH=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
[ "$BRANCH" == "merge" ] && BRANCH=$(echo "${{ github.head_ref }}" | sed -e 's,.*/\(.*\),\1,')
for IMAGE_ID in "ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME"; do
if [ "$BRANCH" == "main" ]; then
VERSION="$BASE_TAG"
else
VERSION="${BRANCH}-$BASE_TAG"
fi
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
EUPS_TAG=$(< eups.tag)
if [ "$EUPS_TAG" != "Unknown" ] && [ "$BASE_TAG" != "$EUPS_TAG" ]; then
if [ "$BRANCH" == "main" ]; then
VERSION="$EUPS_TAG"
else
VERSION="${BRANCH}-$EUPS_TAG"
fi
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
fi
done