OpenMS/.github/workflows/containerdeploy.yml at develop · mwalzer/OpenMS · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
name: Deploy container images
on:
  workflow_dispatch:
  push:
    branches:
      - nightly
    tags:
      - "Release*"
      - "Release/*"

jobs:
  deploy-docker:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        include:
          - os: ubuntu-22.04
            platform: linux/amd64
          - os: ubuntu-22.04-arm
            platform: linux/arm64
    outputs:
      tag_name: ${{ steps.tag_name.outputs.tag }}
      downcase_repo: ${{ steps.downcase_repo.outputs.repo }}
    steps:
      - name: Free up space on the runner
        run: |
          # see: https://github.com/actions/runner-images/issues/2840
          df -h
          sudo rm -rf /usr/share/dotnet
          sudo rm -rf "/usr/local/share/boost"
          sudo rm -rf "/opt/ghc"
          sudo rm -rf "$AGENT_TOOLSDIRECTORY"
          df -h
      - name: Extract branch name
        shell: bash
        run: echo "branch=${GITHUB_REF#refs/heads/}" >> $GITHUB_OUTPUT
        id: extract_branch
      - name: Define tag name
        shell: bash
        run: |
            BRANCH=${{ steps.extract_branch.outputs.branch }}
            ## use latest to follow docker conventions
            if [[ "$BRANCH" == "develop" || "$BRANCH" == "nightly" || "$BRANCH" == "feat/singularity" ]]
            then
              BRANCH="latest"
            fi
            ## Remove release/ from release branch name (or keep the non-release name)
            echo "tag=${BRANCH#release/}" >> $GITHUB_OUTPUT
        id: tag_name
      - name: Downcase REPO
        run: echo "repo=${GITHUB_REPOSITORY,,}" >> $GITHUB_OUTPUT
        id: downcase_repo
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          fetch-depth: 1
      - name: Test docker build in runtime base
        uses: docker/build-push-action@v5
        with:
          load: true # so other build steps can make use of cache layers from this build
          file: dockerfiles/Dockerfile
          target: test
          platforms: ${{ matrix.platform }}
          build-args: |
            NUM_BUILD_CORES=4
            BUILDKIT_CONTEXT_KEEP_GIT_DIR=1
            OPENMS_VERSION_TAG=${{ steps.tag_name.outputs.tag }}
          # cache-from: type=gha
          # cache-to: type=gha,mode=max
      - name: Build and push library image
        uses: docker/build-push-action@v5
        with:
          push: true # Will only build if this is not here
          file: dockerfiles/Dockerfile
          target: library
          platforms: ${{ matrix.platform }}
          provenance: mode=max
          build-args: |
            NUM_BUILD_CORES=4
            BUILDKIT_CONTEXT_KEEP_GIT_DIR=1
            OPENMS_VERSION_TAG=${{ steps.tag_name.outputs.tag }}
          tags: |
            ghcr.io/${{ steps.downcase_repo.outputs.repo }}-library:${{ steps.tag_name.outputs.tag }}
          # cache-from: type=gha
          # cache-to: type=gha,mode=max
      - name: Build and push tools image
        uses: docker/build-push-action@v6
        with:
          push: true # Will only build if this is not here
          file: dockerfiles/Dockerfile
          target: tools
          platforms: ${{ matrix.platform }}
          provenance: mode=max
          build-args: |
            NUM_BUILD_CORES=4
            BUILDKIT_CONTEXT_KEEP_GIT_DIR=1
            OPENMS_VERSION_TAG=${{ steps.tag_name.outputs.tag }}
          tags: |
            ghcr.io/${{ steps.downcase_repo.outputs.repo }}-executables:${{ steps.tag_name.outputs.tag }}
            ghcr.io/${{ steps.downcase_repo.outputs.repo }}-tools:${{ steps.tag_name.outputs.tag }}
          # cache-from: type=gha
          # cache-to: type=gha,mode=max
      - name: Build and push tools + thirdparty image
        uses: docker/build-push-action@v5
        with:
          push: true # Will only build if this is not here
          file: dockerfiles/Dockerfile
          target: tools-thirdparty
          platforms: ${{ matrix.platform }}
          provenance: mode=max
          build-args: |
            NUM_BUILD_CORES=4
            BUILDKIT_CONTEXT_KEEP_GIT_DIR=1
            OPENMS_VERSION_TAG=${{ steps.tag_name.outputs.tag }}
          tags: |
            ghcr.io/${{ steps.downcase_repo.outputs.repo }}-tools-thirdparty:${{ steps.tag_name.outputs.tag }}
          # cache-from: type=gha
          # cache-to: type=gha,mode=max
  deploy-singularity:
    runs-on: ubuntu-latest
    needs: deploy-docker
    steps:
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      # install glib2.0 development package needed by singularity
      - name: Install Dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y libglib2.0-dev
      - name: Singularity install with defaults
        uses: singularityhub/install-singularity@main
        with:
          singularity-version: '3.11.5'
      - name: Build Singularity library image
        shell: bash
        run: |
            sudo singularity build library.sif docker://ghcr.io/${{ needs.deploy-docker.outputs.downcase_repo }}-library:${{ needs.deploy-docker.outputs.tag_name }}
      - name: Build Singularity tools image
        shell: bash
        run: |
            sudo singularity build executables.sif docker://ghcr.io/${{ needs.deploy-docker.outputs.downcase_repo }}-executables:${{ needs.deploy-docker.outputs.tag_name }}
      - name: Build Singularity tools + thirdparty image
        shell: bash
        run: |
            sudo singularity build executables-thirdparty.sif docker://ghcr.io/${{ needs.deploy-docker.outputs.downcase_repo }}-tools-thirdparty:${{ needs.deploy-docker.outputs.tag_name }}
      - name: Upload Singularity images to ghcr.io
        shell: bash
        run: |
            echo ${{ secrets.GITHUB_TOKEN }} | singularity remote login -u jpfeuffer --password-stdin oras://ghcr.io
            singularity push library.sif oras://ghcr.io/${{ needs.deploy-docker.outputs.downcase_repo }}-library-sif:${{ needs.deploy-docker.outputs.tag_name }}
            singularity push executables.sif oras://ghcr.io/${{ needs.deploy-docker.outputs.downcase_repo }}-executables-sif:${{ needs.deploy-docker.outputs.tag_name }}
            singularity push executables-thirdparty.sif oras://ghcr.io/${{ needs.deploy-docker.outputs.downcase_repo }}-tools-thirdparty-sif:${{ needs.deploy-docker.outputs.tag_name }}