Skip to content
continuous-integration

Using sha as image reference in action #766

Sign in to view logs

Using sha as image reference in action

Using sha as image reference in action #766

Workflow file for this run

.github/workflows/ci.yml at c02b4c1
---
# Build and test all Docker images on every push and pull request.
#
# Builds the images with docker buildx bake and pushes them to a local Docker
# image registry, and runs the automated tests with pytest.
name: continuous-integration
on:
push:
branches:
- main
tags:
- "*"
pull_request:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 30
outputs:
build_vars: ${{ steps.build_vars.outputs.vars }}
targets: ${{ steps.bake_metadata.outputs.targets }}
images: ${{ steps.bake_metadata.outputs.images }}
steps:
- uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Read build variables
id: build_vars
run: |
vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries')
echo "vars=$vars" >> "${GITHUB_OUTPUT}"
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
bake-target: __template__-meta
images: |
name=ghcr.io/aiidalab/__template__
tags: |
type=edge
type=ref,event=pr
type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }}
type=match,pattern=v(\d{4}\.\d{4}(-.+)?),group=1
type=sha
- name: Generate docker-bake meta file.
env:
BAKE_TEMPLATE_META: ${{ steps.meta.outputs.bake-file }}
run: |
cat ${BAKE_TEMPLATE_META} | jq -c \
| .github/workflows/merge-bake-template-target.sh \
| tee docker-bake-template-meta.json
- name: Build images with buildx bake
id: bake
uses: docker/bake-action@v2.2.0
with:
files: |
docker-bake.hcl
build.json
docker-bake-template-meta.json
push: true
- name: Set output variables
id: bake_metadata
env:
BAKE_TEMPLATE_META: ${{ steps.meta.outputs.bake-file }}
run: |
cat ${BAKE_TEMPLATE_META} | jq -c \
| .github/workflows/merge-bake-template-target.sh \
| jq -c '.target | [to_entries[] | {"key": (.key|split("-")[:-1] | join("-")), "value": [.value.tags[], .value.labels."org.opencontainers.image.revision"] | join("@")}] | from_entries' \
| tee bake-meta.json
test:
needs: build
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Python test environment
uses: mamba-org/provision-with-micromamba@v13
with:
cache-env: true
- name: Run tests
shell: bash -l {0} # required to activate the conda environment
env: ${{ fromJSON(needs.build.outputs.images) }}
run: pytest -v -m "not integration"
integration-test:
needs: build
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Python test environment
uses: mamba-org/provision-with-micromamba@v13
with:
cache-env: true
- name: Run integration tests
shell: bash -l {0} # required to activate the conda environment
env: ${{ fromJSON(needs.build.outputs.images) }}
run: pytest -v -m "integration"
release:
if: >-
github.repository == 'aiidalab/aiidalab-docker-stack'
&& (github.ref_type == 'tag' || github.ref_name == 'main')
needs:
- build
- test
runs-on: ubuntu-latest
timeout-minutes: 10
strategy:
matrix:
target: ${{ fromJSON(needs.build.outputs.targets) }}
steps:
- uses: actions/checkout@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
env: ${{ fromJSON(needs.build.outputs.build_vars) }}
with:
images: docker.io/aiidalab/${{ matrix.target }}
tags: |
type=edge
type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }}
type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}
type=raw,value=python-${{ env.PYTHON_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}
type=raw,value=postgresql-${{ env.PGSQL_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}
type=match,pattern=v(\d{4}\.\d{4}(-.+)?),group=1
- name: Determine src image tag
id: images
run: |
src=$(echo '${{ needs.build.outputs.images }}'| jq -cr '.[("${{ matrix.target }}"|ascii_upcase|sub("-"; "_"; "g")) + "_IMAGE"]')
echo "src=$src" >> "${GITHUB_OUTPUT}"
- name: Push image
uses: akhilerm/tag-push-action@v2.0.0
with:
src: ${{ steps.images.outputs.src }}
dst: ${{ steps.meta.outputs.tags }}
- name: Docker Hub Description
uses: peter-evans/dockerhub-description@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
repository: aiidalab/${{ matrix.target }}
short-description: ${{ github.event.repository.description }}
- uses: softprops/action-gh-release@v0.1.14
name: Create release
if: startsWith(github.ref, 'refs/tags/v')
with:
generate_release_notes: true