Merge branch 'hepscore' of github.com:stfc/cloud-docker-images into h…

…epscore
stfc · Oct 16, 2023 · 2ed212d · 2ed212d
2 parents 0ac7cc3 + 8df4bfc
commit 2ed212d
Showing 1 changed file with 66 additions and 61 deletions.
diff --git a/.github/workflows/build_images.yaml b/.github/workflows/build_images.yaml
@@ -8,19 +8,19 @@ jobs:
     if: github.event_name != 'pull_request' || !contains('OWNER,MEMBER,COLLABORATOR', github.event.pull_request.author_association)
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-      with:
-        ref: ${{ github.event.pull_request.head.sha || github.ref }} # fix SHA
-    - name: List all images
-      id: metadata
-      run: |
-        echo "images=$(
-          find -name Dockerfile | sed -r 's#\./(.+)/Dockerfile#\1#g' | jq -Rsc 'split("\n")[:-1]'
-        )" >> $GITHUB_OUTPUT
-        echo "apptainer-images=$(
-          find -name apptainer.def | sed -r 's#\./(.+)(\/apptainer\.def)#\1#g' | jq -Rsc 'split("\n")[:-1]'
-        )" >> $GITHUB_OUTPUT
-        echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha || github.ref }} # fix SHA
+      - name: List all images
+        id: metadata
+        run: |
+          echo "images=$(
+            find -name Dockerfile | sed -r 's#\./(.+)/Dockerfile#\1#g' | jq -Rsc 'split("\n")[:-1]'
+          )" >> $GITHUB_OUTPUT
+          echo "apptainer-images=$(
+            find -name apptainer.def | sed -r 's#\./(.+)(\/apptainer\.def)#\1#g' | jq -Rsc 'split("\n")[:-1]'
+          )" >> $GITHUB_OUTPUT
+          echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
     outputs:
       images: ${{ steps.metadata.outputs.images }}
       apptainer-images: ${{ steps.metadata.outputs.apptainer-images }}
@@ -33,38 +33,38 @@ jobs:
       matrix:
         image: ${{ fromJson(needs.setup.outputs.images) }}
     steps:
-    - uses: actions/checkout@v3
-    - uses: docker/setup-buildx-action@v2
-    - name: Login to DockerHub # increase pull rate limit
-      uses: docker/login-action@v2
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
-    - name: Login to Harbor
-      uses: docker/login-action@v2
-      with:
-        registry: harbor.stfc.ac.uk
-        username: ${{ secrets.HARBOR_USERNAME }}
-        password: ${{ secrets.HARBOR_TOKEN }}
-    - name: Build & push to prod
-      if: ${{ github.ref == 'refs/heads/master' }}
-      uses: docker/build-push-action@v3
-      with:
-        push: true
-        context: "{{defaultContext}}:${{ matrix.image }}"
-        tags: "harbor.stfc.ac.uk/stfc-cloud/${{ matrix.image }}:latest"
-    - name: Build & push to staging
-      if: ${{ github.ref != 'refs/heads/master' }}
-      uses: docker/build-push-action@v3
-      with:
-        cache-from: type=gha
-        cache-to: type=gha,mode=max
-        push: true
-        context: "{{defaultContext}}:${{ matrix.image }}"
-        tags: "harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}"
-    - name: Inform of tagged name
-      if: ${{ github.ref != 'refs/heads/master' }}
-      run: echo "::notice title=published::harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}"
+      - uses: actions/checkout@v3
+      - uses: docker/setup-buildx-action@v2
+      - name: Login to DockerHub # increase pull rate limit
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to Harbor
+        uses: docker/login-action@v2
+        with:
+          registry: harbor.stfc.ac.uk
+          username: ${{ secrets.HARBOR_USERNAME }}
+          password: ${{ secrets.HARBOR_TOKEN }}
+      - name: Build & push to prod
+        if: ${{ github.ref == 'refs/heads/master' }}
+        uses: docker/build-push-action@v3
+        with:
+          push: true
+          context: "{{defaultContext}}:${{ matrix.image }}"
+          tags: "harbor.stfc.ac.uk/stfc-cloud/${{ matrix.image }}:latest"
+      - name: Build & push to staging
+        if: ${{ github.ref != 'refs/heads/master' }}
+        uses: docker/build-push-action@v3
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          push: true
+          context: "{{defaultContext}}:${{ matrix.image }}"
+          tags: "harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}"
+      - name: Inform of tagged name
+        if: ${{ github.ref != 'refs/heads/master' }}
+        run: echo "::notice title=published::harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}"
 
   build-apptainer:
     needs: setup
@@ -73,18 +73,22 @@ jobs:
       fail-fast: false
       matrix:
         image: ${{ fromJson(needs.setup.outputs.apptainer-images) }}
-    permissions:
-      contents: read
-      packages: write
-
-    container:
-      image: quay.io/singularity/singularity:v3.8.1
-      options: --privileged
-
-    name: Build apptainer and push to prod
     steps:
-      - name: Check out code for the container builds
-        uses: actions/checkout@v2
+      - uses: actions/checkout@v3
+      - uses: docker/setup-buildx-action@v2
+      - uses: eWaterCycle/setup-apptainer@v2
+      - name: Login to Harbor
+        uses: docker/login-action@v2
+        with:
+          registry: harbor.stfc.ac.uk
+          username: ${{ secrets.HARBOR_USERNAME }}
+          password: ${{ secrets.HARBOR_TOKEN }}
+
+      - name: Login to DockerHub # increase pull rate limit
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: Log in to harbor
         run: >
@@ -96,16 +100,17 @@ jobs:
       - name: Build apptainer & push to prod
         if: ${{ github.ref == 'refs/heads/master' }}
         run: |
-           singularity build container.sif ${{ matrix.image }}/apptainer.def
-           singularity push container.sif oras://harbor.stfc.ac.uk/stfc-cloud/${{ matrix.image }}:${{ needs.setup.outputs.sha }}
+            apptainer remote login -u ${{ secrets.HARBOR_USERNAME }} -p ${{ secrets.HARBOR_TOKEN }} oras://harbor.stfc.ac.uk
+            apptainer build container.sif ${{ matrix.image }}/apptainer.def
+            apptainer push container.sif oras://harbor.stfc.ac.uk/stfc-cloud/${{ matrix.image }}:${{ needs.setup.outputs.sha }}
 
       - name: Build apptainer & push to staging
         if: ${{ github.ref != 'refs/heads/master' }}
         run: |
-           singularity build container.sif ${{ matrix.image }}/apptainer.def
-           singularity push container.sif oras://harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}
+            apptainer build container.sif ${{ matrix.image }}/apptainer.def
+            apptainer push container.sif oras://harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}
 
-      - name: Inform of tagged name apptainer
+      - name: Inform of tagged name
         if: ${{ github.ref != 'refs/heads/master' }}
         run: echo "::notice title=published::harbor.stfc.ac.uk/stfc-cloud-staging/${{ matrix.image }}:${{ needs.setup.outputs.sha }}"