subtract newlines #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Push build to prod | |
| on: | |
| push: | |
| branches: [main] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| JFROG_REGISTRY: mskcc.jfrog.io | |
| JFROG_CONTAINER_REPO: mskcc.jfrog.io/omicswf-docker-prod-local/mskcc-omics-workflows | |
| GHCR_CONTAINER_REPO: ghcr.io/mskcc-omics-workflows | |
| jobs: | |
| dockerfile-changes: | |
| name: dockerfile-changes | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: read | |
| outputs: | |
| # Expose matched filters as job 'docker-images' output variable | |
| docker-images: ${{ steps.filter.outputs.changes }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 2 | |
| - name: debug | |
| run: git log --pretty=format:'%h' -n 2 | |
| - name: Create tags.yml to grab changes | |
| id: get_tags | |
| run: | | |
| for i in $(find containers -name "Dockerfile") | |
| do | |
| path=$(dirname $i) | |
| tag=$(echo $path | cut -f 2- -d/) | |
| echo -e "$tag:\n $path/**" | |
| done > .github/tags.yml | |
| - name: debug | |
| run: cat .github/tags.yml | |
| - uses: mirpedrol/paths-filter@main | |
| id: filter | |
| with: | |
| filters: ".github/tags.yml" | |
| token: "" | |
| dockerfile-validate-build: | |
| runs-on: ubuntu-latest | |
| name: dockerfile-build | |
| needs: [dockerfile-changes] | |
| if: needs.dockerfile-changes.outputs.docker-images != '[]' | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| tags: ["${{ fromJson(needs.dockerfile-changes.outputs.docker-images) }}"] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Hadolint | |
| uses: hadolint/[email protected] | |
| with: | |
| dockerfile: containers/${{ matrix.tags }}/Dockerfile | |
| verbose: true | |
| - name: Set up Python | |
| uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Get docker repo name | |
| id: docker_repo_name | |
| run: echo name=$( dirname "${{ matrix.tags }}" ) >> $GITHUB_OUTPUT | |
| - name: Get docker version | |
| id: docker_repo_version | |
| run: echo version=$( basename "${{ matrix.tags }}" ) >> $GITHUB_OUTPUT | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.JFROG_REGISTRY }} | |
| username: ${{ secrets.MSK_JFROG_USERNAME }} | |
| password: ${{ secrets.MSK_JFROG_TOKEN }} | |
| - name: Build Docker Jfrog | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: containers/${{ matrix.tags }}/ | |
| file: containers/${{ matrix.tags }}/Dockerfile | |
| load: true | |
| tags: ${{ env.JFROG_CONTAINER_REPO }}/${{ steps.docker_repo_name.outputs.name}}:${{steps.docker_repo_version.outputs.version}} | |
| - name: Install pip | |
| run: python -m pip install --upgrade pip | |
| - name: Install python docker package | |
| run : pip install docker jsonschema | |
| - name: Validate docker | |
| run: | | |
| python .github/validate_docker.py ${{ env.JFROG_CONTAINER_REPO }}/${{ steps.docker_repo_name.outputs.name}}:${{steps.docker_repo_version.outputs.version}} .github/jsonschema/docker_image.json | |
| - name: Test image | |
| run: | | |
| docker run --rm ${{ env.JFROG_CONTAINER_REPO }}/${{ steps.docker_repo_name.outputs.name}}:${{steps.docker_repo_version.outputs.version}} | |
| - name: Push build to Jfrog repo | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: containers/${{ matrix.tags }}/ | |
| file: containers/${{ matrix.tags }}/Dockerfile | |
| tags: ${{ env.JFROG_CONTAINER_REPO }}/${{ steps.docker_repo_name.outputs.name}}:${{steps.docker_repo_version.outputs.version}} | |
| push: true | |
| - name: Log in to GHCR registry | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
| - name: Build and push Docker to GHCR | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: containers/${{ matrix.tags }}/ | |
| file: containers/${{ matrix.tags }}/Dockerfile | |
| load: true | |
| tags: ${{ env.GHCR_CONTAINER_REPO }}/${{ steps.docker_repo_name.outputs.name}}:${{steps.docker_repo_version.outputs.version}} | |
| push: true | |
| confirm-pass: | |
| runs-on: ubuntu-latest | |
| needs: [ dockerfile-changes, dockerfile-validate-build ] | |
| if: always() | |
| steps: | |
| - name: All tests ok | |
| if: ${{ success() || !contains(needs.*.result, 'failure') }} | |
| run: exit 0 | |
| - name: One or more tests failed | |
| if: ${{ contains(needs.*.result, 'failure') }} | |
| run: exit 1 | |
| - name: debug-print | |
| if: always() | |
| run: | | |
| echo "toJSON(needs) = ${{ toJSON(needs) }}" | |
| echo "toJSON(needs.*.result) = ${{ toJSON(needs.*.result) }}" |