From 13d319b6cc8c6ad1d23d4c2ddc58d3b161adca35 Mon Sep 17 00:00:00 2001 From: danlu1 Date: Tue, 2 Apr 2024 19:14:07 +0000 Subject: [PATCH 01/10] add workflow to build aocker image and push it to ghcr --- .github/workflows/docker_build.yml | 53 ++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 .github/workflows/docker_build.yml diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml new file mode 100644 index 00000000..203061db --- /dev/null +++ b/.github/workflows/docker_build.yml @@ -0,0 +1,53 @@ +# This workflow will build a docker image for this repository and publish it to the ghcr +# We also implement Docker Layer Caching using GHA(GitHub Actions cache) +# For more information, see: https://www.kenmuse.com/blog/implementing-docker-layer-caching-in-github-actions/ +name: Docker Build + +on: + workflow_dispatch: + push: + branches: [ "develop" ] + tags: [ 'v*.*.*' ] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-container: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Docker buildx + uses: docker/setup-buildx-action@v3 + + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name == 'push' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max \ No newline at end of file From 3107a5bb2962f7371bc0ec8f87e144e323018ec0 Mon Sep 17 00:00:00 2001 From: danlu1 Date: Wed, 3 Apr 2024 18:27:42 +0000 Subject: [PATCH 02/10] add build container step to ci workflow --- .github/workflows/docker_build.yml | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index 203061db..c5416fca 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -7,7 +7,6 @@ on: workflow_dispatch: push: branches: [ "develop" ] - tags: [ 'v*.*.*' ] env: REGISTRY: ghcr.io @@ -32,14 +31,26 @@ jobs: uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} + username: ${{ secrets.USERNAME }} password: ${{ secrets.GITHUB_TOKEN }} + - name: set lower case for IMAGE_NAME and GITHUB_REF_NAME + run: | + echo "IMAGE_NAME=${IMAGE_NAME,,}" >>${GITHUB_ENV} + echo "REF_NAME=${GITHUB_REF_NAME,,}" >>${GITHUB_ENV} + - name: Extract Docker metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Format tags as registry refs + id: registry_refs + env: + TAGS: ${{ steps.meta.outputs.json }} + run: | + echo tags=$(echo $TAGS | jq '.tags[] | "type=registry,ref=" + . + "_cache"| @text') >> $GITHUB_OUTPUT - name: Build and push Docker image id: build-and-push @@ -49,5 +60,5 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max \ No newline at end of file + cache-from: ${{ steps.registry_refs.outputs.tags }},mode=max + cache-to: ${{ steps.registry_refs.outputs.tags }},mode=max \ No newline at end of file From c6997066c6aeaca9374a4aeeb1b26ff265813e29 Mon Sep 17 00:00:00 2001 From: danlu1 Date: Wed, 3 Apr 2024 19:13:09 +0000 Subject: [PATCH 03/10] uncomment needs for build-container --- .github/workflows/ci.yml | 54 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2dfd3558..67d1679a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,6 +14,10 @@ on: types: - created +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + jobs: test: @@ -77,3 +81,53 @@ jobs: run: python -m build - name: Publish to pypi uses: pypa/gh-action-pypi-publish@release/v1 + + + build-container_build: + needs: [test, lint] + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Docker buildx + uses: docker/setup-buildx-action@v3 + + - name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=semver,pattern={{version}} + type=ref,event=branch + type=ref,event=tag + + - name: Format tags as registry refs + id: registry_refs + env: + TAGS: ${{ steps.meta.outputs.json }} + run: | + echo tags=$(echo $TAGS | jq '.tags[] | "type=registry,ref=" + . + "_cache"| @text') >> $GITHUB_OUTPUT + + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: ${{ steps.registry_refs.outputs.tags }},mode=max + cache-to: ${{ steps.registry_refs.outputs.tags }},mode=max \ No newline at end of file From b192f9cd53a2efe90abfdd2c0fcda3f0f3e9a968 Mon Sep 17 00:00:00 2001 From: danlu1 Date: Wed, 3 Apr 2024 19:13:39 +0000 Subject: [PATCH 04/10] remove docker_build.yml --- .github/workflows/docker_build.yml | 64 ------------------------------ 1 file changed, 64 deletions(-) delete mode 100644 .github/workflows/docker_build.yml diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml deleted file mode 100644 index c5416fca..00000000 --- a/.github/workflows/docker_build.yml +++ /dev/null @@ -1,64 +0,0 @@ -# This workflow will build a docker image for this repository and publish it to the ghcr -# We also implement Docker Layer Caching using GHA(GitHub Actions cache) -# For more information, see: https://www.kenmuse.com/blog/implementing-docker-layer-caching-in-github-actions/ -name: Docker Build - -on: - workflow_dispatch: - push: - branches: [ "develop" ] - -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - -jobs: - build-container: - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Setup Docker buildx - uses: docker/setup-buildx-action@v3 - - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name == 'push' - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.USERNAME }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: set lower case for IMAGE_NAME and GITHUB_REF_NAME - run: | - echo "IMAGE_NAME=${IMAGE_NAME,,}" >>${GITHUB_ENV} - echo "REF_NAME=${GITHUB_REF_NAME,,}" >>${GITHUB_ENV} - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - - name: Format tags as registry refs - id: registry_refs - env: - TAGS: ${{ steps.meta.outputs.json }} - run: | - echo tags=$(echo $TAGS | jq '.tags[] | "type=registry,ref=" + . + "_cache"| @text') >> $GITHUB_OUTPUT - - - name: Build and push Docker image - id: build-and-push - uses: docker/build-push-action@v5 - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: ${{ steps.registry_refs.outputs.tags }},mode=max - cache-to: ${{ steps.registry_refs.outputs.tags }},mode=max \ No newline at end of file From ed31a2559aa01ae915dbe2e528f008ab056a22c0 Mon Sep 17 00:00:00 2001 From: danlu1 Date: Wed, 3 Apr 2024 19:14:52 +0000 Subject: [PATCH 05/10] rename build-docker step --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 67d1679a..1adcb5fd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -83,7 +83,7 @@ jobs: uses: pypa/gh-action-pypi-publish@release/v1 - build-container_build: + build-container: needs: [test, lint] runs-on: ubuntu-latest permissions: From 8ff020195b1aaad70124dab25060b91ddf243449 Mon Sep 17 00:00:00 2001 From: Dan Lu <90745557+danlu1@users.noreply.github.com> Date: Wed, 3 Apr 2024 12:48:06 -0700 Subject: [PATCH 06/10] Update ci.yml Remove tags section in docker/metadata-action since only push event will generate tag for branch. But we want branch based cache. --- .github/workflows/ci.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1adcb5fd..574ab464 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -109,10 +109,6 @@ jobs: uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=semver,pattern={{version}} - type=ref,event=branch - type=ref,event=tag - name: Format tags as registry refs id: registry_refs @@ -130,4 +126,4 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: ${{ steps.registry_refs.outputs.tags }},mode=max - cache-to: ${{ steps.registry_refs.outputs.tags }},mode=max \ No newline at end of file + cache-to: ${{ steps.registry_refs.outputs.tags }},mode=max From 29ddba9213e221e96427fffba7de64f6a1dde2fd Mon Sep 17 00:00:00 2001 From: Dan Lu <90745557+danlu1@users.noreply.github.com> Date: Wed, 3 Apr 2024 16:16:13 -0700 Subject: [PATCH 07/10] Update ci.yml Disable provenance to avoid caching manifest --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 574ab464..af677c6b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -123,6 +123,7 @@ jobs: with: context: . push: true + provenance: false tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: ${{ steps.registry_refs.outputs.tags }},mode=max From 98516f700cdc0701d5ad1ee2fa85fe21f22c0cd1 Mon Sep 17 00:00:00 2001 From: danlu1 Date: Thu, 4 Apr 2024 01:11:25 +0000 Subject: [PATCH 08/10] build docker image when it is not a pull request --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index af677c6b..6dd4ff96 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -120,6 +120,7 @@ jobs: - name: Build and push Docker image id: build-and-push uses: docker/build-push-action@v5 + if: github.event_name != 'pull_request' with: context: . push: true From cd23ebf9d23bd6cfacf3b4186f617efed1cd23cf Mon Sep 17 00:00:00 2001 From: danlu1 Date: Thu, 4 Apr 2024 04:52:49 +0000 Subject: [PATCH 09/10] make push event on develop and feature branches --- .github/workflows/ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6dd4ff96..d1a9b807 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,8 +5,7 @@ name: build on: push: - branches: - - develop + branches: [develop, 'GEN*', 'gen*'] pull_request: From ffabfdb1689444f4c9717a6ae364e6f7207fdae2 Mon Sep 17 00:00:00 2001 From: Dan Lu <90745557+danlu1@users.noreply.github.com> Date: Thu, 4 Apr 2024 14:07:15 -0700 Subject: [PATCH 10/10] Update ci.yml Add main branch to push event branches. --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d1a9b807..8600f372 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,7 +5,7 @@ name: build on: push: - branches: [develop, 'GEN*', 'gen*'] + branches: [main, develop, 'GEN*', 'gen*'] pull_request: