-
Notifications
You must be signed in to change notification settings - Fork 0
135 lines (129 loc) · 4.49 KB
/
build-service.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
---
name: "Build and test service"
on:
push:
branches:
- main
paths:
- '.github/workflows/build-service.yml'
- 'pipelines/**'
- 'python/activator/**'
- 'tests/**'
- 'Dockerfile'
pull_request:
paths:
- '.github/workflows/build-service.yml'
- 'pipelines/**'
- 'python/activator/**'
- 'tests/**'
- 'Dockerfile'
workflow_dispatch:
permissions:
packages: write
env:
# This is a bracketed, comma-separated list of double-quoted base container
# tags that will be used to build service containers on each branch
# (including "main"). Typically, any tags listed beyond "latest" would be
# relatively stable Pipelines containers that are needed to avoid issues with
# the "latest" version; they would remain in this list until "latest" becomes
# usable for all building and testing.
BASE_TAG_LIST: '["latest"]'
jobs:
matrix-gen:
# This job exists solely because fromJSON() cannot directly accept
# env.BASE_TAG_LIST for some reason.
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- id: set-matrix
run: echo "matrix=${BASE_TAG_LIST}" >> $GITHUB_OUTPUT
test-service:
needs: matrix-gen
strategy:
matrix:
baseTag: ${{ fromJSON(needs.matrix-gen.outputs.matrix) }}
name: Test service
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Fix permissions
run: chmod -R a+rwX $GITHUB_WORKSPACE
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Run tests
run: |
docker run \
-v $GITHUB_WORKSPACE:/home/lsst/prompt_processing \
ghcr.io/${{ github.repository_owner }}/prompt-base:${{ matrix.baseTag }} \
bash -c '
cd /home/lsst/prompt_processing
source /opt/lsst/software/stack/loadLSST.bash
setup -r .
# Fix permissions; arg must be absolute path.
git config --global --add safe.directory /home/lsst/prompt_processing
scons'
update-service-image:
name: Update service image
needs:
- matrix-gen
- test-service
runs-on: ubuntu-latest
strategy:
matrix:
baseTag: ${{ fromJSON(needs.matrix-gen.outputs.matrix) }}
env:
IMAGE_NAME: prompt-service
BASE_TAG: ${{ matrix.baseTag }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Determine eups tag
run: |
docker run ghcr.io/${{ github.repository_owner }}/prompt-base:"$BASE_TAG" bash -c "cat stack/miniconda*/ups_db/global.tags" > eups.tag || echo "Unknown" > eups.tag
echo "Eups tag = $(< eups.tag)"
- name: Build image
run: |
docker build . -f Dockerfile \
--build-arg "BASE_TAG=$BASE_TAG" \
--tag $IMAGE_NAME \
--label "runnumber=${GITHUB_RUN_ID}" \
--label "basetag=${BASE_TAG}" \
--label "eupstag=$(< eups.tag)"
- name: Push image to container registries
run: |
BRANCH=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
[ "$BRANCH" == "merge" ] && BRANCH=$(echo "${{ github.head_ref }}" | sed -e 's,.*/\(.*\),\1,')
for IMAGE_ID in "ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME"; do
if [ "$BRANCH" == "main" ]; then
VERSION="$BASE_TAG"
else
VERSION="${BRANCH}-$BASE_TAG"
fi
echo IMAGE_ID=$IMAGE_ID
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
EUPS_TAG=$(< eups.tag)
if [ "$EUPS_TAG" != "Unknown" ] && [ "$BASE_TAG" != "$EUPS_TAG" ]; then
if [ "$BRANCH" == "main" ]; then
VERSION="$EUPS_TAG"
else
VERSION="${BRANCH}-$EUPS_TAG"
fi
echo VERSION=$VERSION
docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
docker push $IMAGE_ID:$VERSION
fi
done