Skip to content

Commit

Permalink
Use CI that generic for single code build repo
Browse files Browse the repository at this point in the history
  • Loading branch information
unkcpz committed Jun 18, 2024
1 parent 5a8c7ca commit 6dbd74f
Show file tree
Hide file tree
Showing 10 changed files with 322 additions and 195 deletions.
12 changes: 12 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: github-actions
directory: /
schedule:
interval: monthly
groups:
gha-dependencies:
patterns:
- '*'
78 changes: 78 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
---
name: Build images and upload them to ghcr.io

env:
BUILDKIT_PROGRESS: plain

on:
workflow_call:
inputs:
runsOn:
description: GitHub Actions Runner image
required: true
type: string
platforms:
description: Target platforms for the build (linux/amd64 and/or linux/arm64)
required: true
type: string
outputs:
image:
description: Image identified by digests
value: ${{ jobs.build.outputs.image }}

jobs:
build:
name: ${{ inputs.platforms }}
runs-on: ${{ inputs.runsOn }}
timeout-minutes: 120

outputs:
image: ${{ steps.bake_metadata.outputs.image }}

# Make sure we fail if any command in a piped command sequence fails
defaults:
run:
shell: bash -e -o pipefail {0}

steps:

- name: Checkout Repo ⚡️
uses: actions/checkout@v4

- name: Set up QEMU
if: ${{ inputs.platforms != 'linux/amd64' }}
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to GitHub Container Registry 🔑
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build and upload to ghcr.io 📤
id: build-upload
uses: docker/bake-action@v4
with:
push: true
# Using provenance to disable default attestation so it will build only desired images:
# https://github.com/orgs/community/discussions/45969
provenance: false
set: |
*.platform=${{ inputs.platforms }}
*.output=type=registry,push-by-digest=true,name-canonical=true
*.cache-to=type=gha,scope=${{ github.workflow }},mode=max
*.cache-from=type=gha,scope=${{ github.workflow }}
files: |
docker-bake.hcl
build.json
- name: Set output variables
id: bake_metadata
run: |
.github/workflows/extract-image-name.sh | tee -a "${GITHUB_OUTPUT}"
env:
BAKE_METADATA: ${{ steps.build-upload.outputs.metadata }}
158 changes: 0 additions & 158 deletions .github/workflows/ci.yml

This file was deleted.

2 changes: 0 additions & 2 deletions .github/workflows/env.hcl

This file was deleted.

8 changes: 4 additions & 4 deletions .github/workflows/extract-image-name.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,24 +5,24 @@
# The input to this script is a JSON string passed via BAKE_METADATA env variable
# Here's example input (trimmed to relevant bits):
# BAKE_METADATA: {
# "base": {
# "python": {
# "containerimage.descriptor": {
# "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
# "digest": "sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d",
# "size": 6170,
# },
# "containerimage.digest": "sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d",
# "image.name": "ghcr.io/pspgen/quantum-espresso"
# "image.name": "ghcr.io/cnts4sci/python"
# }
# }
#
# Example output (real output is on one line):
#
# image="ghcr.io/pspgen/quantum-espresso@sha256:79a0f984b9e03b733304fda809ad3e8eec8416992ff334052d75da00cadb8f12"
# image="ghcr.io/cnts4sci/python@sha256:79a0f984b9e03b733304fda809ad3e8eec8416992ff334052d75da00cadb8f12"
# }
#
# This json output is later turned to environment variables using fromJson() GHA builtin
# (e.g. BUILD_MACHINE_IMAGE=ghcr.io/pspgen/quantum-espresso@sha256:8e57a52b...)
# (e.g. BUILD_MACHINE_IMAGE=ghcr.io/cnts4sci/python@sha256:8e57a52b...)
# and these are in turn read in the docker-compose.<target>.yml files for tests.

if [[ -z ${BAKE_METADATA-} ]];then
Expand Down
94 changes: 94 additions & 0 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
---
name: Docker

on:
pull_request:
paths-ignore:
- "**.md"
- ruff.toml
- bumpver.toml
- .pre-commit-config.yaml
push:
branches:
- main
tags:
- "v*"
workflow_dispatch:

# https://docs.github.com/en/actions/using-jobs/using-concurrency
concurrency:
# only cancel in-progress jobs or runs for the current workflow - matches against branch & tags
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

env:
FORCE_COLOR: 1

jobs:

build-amd64:
uses: ./.github/workflows/build.yml
with:
runsOn: ubuntu-22.04
platforms: linux/amd64

test-amd64:
needs: build-amd64
strategy:
fail-fast: false
uses: ./.github/workflows/test.yml
with:
runsOn: ubuntu-22.04
image: ${{ needs.build-amd64.outputs.image }}
integration: false

build:
needs: test-amd64
uses: ./.github/workflows/build.yml
with:
runsOn: ubuntu-22.04
platforms: linux/amd64,linux/arm64

# To save arm64 runner resources, we run the tests only on main
# and only for full-stack image (same for integration tests below).
test-arm64:
if: >-
github.repository == 'cnts4sci/build-machine'
&& (github.ref_type == 'tag' || github.ref_name == 'main')
needs: build
uses: ./.github/workflows/test.yml
with:
runsOn: buildjet-4vcpu-ubuntu-2204-arm
image: ${{ needs.build.outputs.image }}
integration: false

test-integration:
name: Integration tests
needs: build
strategy:
fail-fast: false
# Trick to exclude arm64 tests from PRs
# https://github.com/orgs/community/discussions/26253
matrix:
runner: [ubuntu-22.04, buildjet-4vcpu-ubuntu-2204-arm]
isPR:
- ${{ github.event_name == 'pull_request' }}
exclude:
- isPR: true
runner: buildjet-4vcpu-ubuntu-2204-arm

uses: ./.github/workflows/test.yml
with:
runsOn: ${{ matrix.runner }}
image: ${{ needs.build.outputs.image }}
integration: true

publish-ghcr:
needs: [build, test-amd64]
uses: ./.github/workflows/publish.yml
with:
runsOn: ubuntu-22.04
image: ${{ needs.build.outputs.image }}
registry: ghcr.io
secrets: inherit

Loading

0 comments on commit 6dbd74f

Please sign in to comment.