From 309080929c512761fc0574574a27e47b7bad274f Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 14 May 2024 01:45:22 +0100 Subject: [PATCH] Refactor --- .github/workflows/ci.yml | 65 +++++++++-------------------------- .github/workflows/publish.yml | 60 ++++++++++++++++++++++++++++++++ environment.yml | 1 - 3 files changed, 76 insertions(+), 50 deletions(-) create mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0c64b8c..544c4e3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,7 @@ jobs: build: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 timeout-minutes: 20 permissions: packages: write @@ -37,29 +37,22 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}${{ env.ISPG_IMAGE }} - # Before tests pass, we tag the image by the branch name - # or by pull request number, e.g. pr-11 - # https://github.com/docker/metadata-action#tags-input - # See the release workflow for the release tags. - tags: | - type=sha - type=ref,event=pr + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - name: Build image id: build uses: docker/build-push-action@v5 with: - tags: ${{ steps.meta.outputs.tags }} push: true + cache-from: type=gha + cache-to: type=gha,mode=max + outputs: | + type=registry,push-by-digest=true,name-canonical=true test: needs: build - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 timeout-minutes: 10 permissions: packages: read @@ -87,40 +80,14 @@ jobs: # Image that was build in the build workflow ISPG_IMAGE: ${{ env.ISPG_IMAGE }}@${{ needs.build.outputs.image_digest }} - release: - if: >- - github.repository_owner == 'ispg-group' - && (github.ref_type == 'tag' || github.ref_name == 'main') - needs: - - build - - test + release-ghcr: + if: github.repository_owner == 'ispg-group' + needs: [build, test] + uses: ./.github/workflows/publish.yml + with: + image_digest: ${{ needs.build.outputs.image_digest}} + registry: ghcr.io + secrets: inherit permissions: packages: write contents: write - runs-on: ubuntu-latest - timeout-minutes: 10 - - steps: - - uses: actions/checkout@v4 - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}${{ env.ISPG_IMAGE }} - tags: | - type=edge - type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} - type=match,pattern=v(\d{4}\.\d{2}.\d+(-.+)?),group=1 - - - name: Release image - uses: akhilerm/tag-push-action@v2.2.0 - with: - src: ${{ env.REGISTRY }}${{ env.ISPG_IMAGE }}@${{ needs.build.outputs.image_digest }} - dst: ${{ steps.meta.outputs.tags }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..8a7810d --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,60 @@ +--- +name: Publish images to Docker container registries + +env: + # https://github.com/docker/metadata-action?tab=readme-ov-file#environment-variables + DOCKER_METADATA_PR_HEAD_SHA: true + +on: + workflow_call: + inputs: + image_digest: + description: Digest of image built in build step + required: true + type: string + registry: + description: Docker container registry + required: true + type: string + +jobs: + + release: + runs-on: ubuntu-22.04 + timeout-minutes: 30 + + steps: + - uses: actions/checkout@v4 + + - name: Login to GitHub Container Registry 🔑 + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Login to DockerHub 🔑 + uses: docker/login-action@v3 + if: inputs.registry == 'docker.io' + with: + registry: docker.io + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + env: ${{ fromJSON(steps.build_vars.outputs.vars) }} + with: + # e.g. ghcr.io/aiidalab/full-stack + images: ${{ inputs.registry }}/${{ env.ISPG_IMAGE }} + tags: | + type=ref,event=pr + type=edge,enable={{is_default_branch}} + type=match,pattern=v(\d{4}\.\d{2}.\d+(-.+)?),group=1 + + - name: Push image + uses: akhilerm/tag-push-action@v2.2.0 + with: + src: ${{ inputs.registry }}/${{ env.ISPG_IMAGE }}@${{ inputs.image_digest }} + dst: ${{ steps.meta.outputs.tags }} diff --git a/environment.yml b/environment.yml index 1e66ca9..100d59b 100644 --- a/environment.yml +++ b/environment.yml @@ -3,7 +3,6 @@ name: aiidalab-ispg-docker-stack channels: - conda-forge dependencies: - - bumpver=2023.1129 - docker-compose=1.29.2 - pip - pytest=7.4.4