Changed apptainer def file name #292
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: docker_images | |
on: | |
push: | |
pull_request: | |
schedule: [{cron: "14 14 * * TUE"}] # Every Tuesday at 14:14 | |
jobs: | |
setup: | |
if: github.event_name != 'pull_request' || !contains('OWNER,MEMBER,COLLABORATOR', github.event.pull_request.author_association) | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.pull_request.head.sha || github.ref }} # fix SHA | |
- name: List all images | |
id: metadata | |
run: | | |
echo "images=$( | |
find -name Dockerfile | sed -r 's#\./(.+)/Dockerfile#\1#g' | jq -Rsc 'split("\n")[:-1]' | |
)" >> $GITHUB_OUTPUT | |
echo "apptainer-images=$( | |
find -name apptainer.def | sed -r 's#\./(.+)(\/apptainer\.def)#\1#g' | jq -Rsc 'split("\n")[:-1]' | |
)" >> $GITHUB_OUTPUT | |
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
outputs: | |
images: ${{ steps.metadata.outputs.images }} | |
apptainer-images: ${{ steps.metadata.outputs.apptainer-images }} | |
sha: ${{ steps.metadata.outputs.sha_short }} | |
build: | |
needs: setup | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
image: ${{ fromJson(needs.setup.outputs.images) }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: docker/setup-buildx-action@v2 | |
- name: Login to DockerHub # increase pull rate limit | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to Harbor | |
uses: docker/login-action@v2 | |
with: | |
registry: harbor.stfc.ac.uk | |
username: ${{ secrets.HARBOR_USERNAME }} | |
password: ${{ secrets.HARBOR_TOKEN }} | |
- name: Build & push to prod | |
if: ${{ github.ref == 'refs/heads/master' }} | |
uses: docker/build-push-action@v3 | |
with: | |
push: true | |
context: "{{defaultContext}}:${{ matrix.image }}" | |
tags: "harbor.stfc.ac.uk/stfc-cloud/${{ matrix.image }}:latest" | |
- name: Build & push to staging | |
if: ${{ github.ref != 'refs/heads/master' }} | |
uses: docker/build-push-action@v3 | |
with: | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
push: true | |
context: "{{defaultContext}}:${{ matrix.image }}" | |
tags: "harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}" | |
- name: Inform of tagged name | |
if: ${{ github.ref != 'refs/heads/master' }} | |
run: echo "::notice title=published::harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}" | |
build-apptainer: | |
needs: setup | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
image: ${{ fromJson(needs.setup.outputs.apptainer-images) }} | |
permissions: | |
contents: read | |
packages: write | |
container: | |
image: quay.io/singularity/singularity:v3.8.1 | |
options: --privileged | |
name: Build apptainer and push to prod | |
steps: | |
- name: Check out code for the container builds | |
uses: actions/checkout@v2 | |
- name: Build apptainer & push to prod | |
if: ${{ github.ref == 'refs/heads/master' }} | |
run: | | |
singularity build container.sif ${{ matrix.image }}/apptainer.def | |
singularity push container.sif harbor.stfc.ac.uk/stfc-cloud/${{ matrix.image }}:${{ needs.setup.outputs.sha }} | |
- name: Build apptainer & push to staging | |
if: ${{ github.ref != 'refs/heads/master' }} | |
run: | | |
singularity build container.sif ${{ matrix.image }}/apptainer.def | |
singularity push container.sif harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }} | |
- name: Inform of tagged name apptainer | |
if: ${{ github.ref != 'refs/heads/master' }} | |
run: echo "::notice title=published::harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}" | |
finished: # convenient single job name to apply branch protection to | |
needs: build | |
runs-on: ubuntu-latest | |
steps: [{run: true}] |