Skip to content

use same timestamp image in both invocations of build action #864

use same timestamp image in both invocations of build action

use same timestamp image in both invocations of build action #864

Workflow file for this run

name: Build and test container images
on:
push:
pull_request:
repository_dispatch:
types:
- dispatch-build
workflow_dispatch:
jobs:
build-images:
runs-on: ubuntu-latest
# Continue to the push/tag step even if some build matrix combos fail
# Check that all arch artifacts are present in the push/tag step
continue-on-error: true
strategy:
fail-fast: false
matrix:
# os: ['el9', 'cuda_11_8_0']
os: ['el9']
osg_series: ['23']
# repo: ['development', 'testing', 'release']
repo: ['development']
platform: ['linux/amd64','linux/arm64']
exclude:
# cuda builds take a super long time; only do one of them
- os: cuda_11_8_0
repo: development
- os: cuda_11_8_0
repo: testing
steps:
- uses: actions/checkout@v3
- id: custom-image-name
env:
SERIES: ${{ matrix.osg_series }}
REPO: ${{ matrix.repo }}
OS: ${{ matrix.os }}
run: |
PREFIX="output_image=${GITHUB_REPOSITORY}:${SERIES}"
echo "${PREFIX}-${OS}-${REPO}" >> ${GITHUB_OUTPUT}
echo "base_tag=${SERIES}-${OS}-${REPO}" >> ${GITHUB_OUTPUT}
- id: slash-escape
run: |
platform=${{ matrix.platform }}
echo "platform=${platform//\//-}" >> ${GITHUB_OUTPUT}
- id: build-image
uses: ./.github/actions/build-container-local
with:
registry_url: hub.opensciencegrid.org
osg_series: ${{ matrix.osg_series }}
osg_repo: ${{ matrix.repo }}
base_os: ${{ matrix.os }}
platform: ${{ matrix.platform }}
output_image: ${{ steps.custom-image-name.outputs.output_image }}
- name: Prepare CVMFS
# if: ${{ matrix.platform == 'linux/amd64' }}
run: |
sudo ./tests/setup_cvmfs.sh
- name: Docker + CVMFS bindmount
# if: ${{ matrix.platform == 'linux/amd64' }}
id: test-docker-cvmfs
env:
CONTAINER_IMAGE: ${{ steps.build-image.outputs.timestamp-image }}
run: |
sudo ./tests/test_inside_gha.sh docker \
bindmount \
"$CONTAINER_IMAGE"
- name: Docker + cvmfsexec
# if: ${{ matrix.platform == 'linux/amd64' }}
id: test-docker-cvmfsexec
env:
CONTAINER_IMAGE: ${{ steps.build-image.outputs.timestamp-image }}
run: |
sudo ./tests/test_inside_gha.sh docker \
cvmfsexec \
"$CONTAINER_IMAGE"
- name: Singularity + CVMFS bindmount
if: ${{ matrix.platform == 'linux/amd64' }}
id: test-singularity-cvmfs
env:
CONTAINER_IMAGE: ${{ steps.build-image.outputs.timestamp-image }}
run: |
if [[ $CONTAINER_IMAGE == *cuda* ]]; then
echo >&2 "Skipping test: \$APPTAINER_TMPDIR (${APPTAINER_TMPDIR:-/tmp}) too small for cuda-based images"
exit 0
else
sudo ./tests/test_inside_gha.sh singularity \
bindmount \
"$CONTAINER_IMAGE"
fi
- name: Harbor login
# if: >-
# github.ref == 'refs/heads/master' &&
# github.event_name != 'pull_request' &&
# github.repository_owner == 'opensciencegrid'
uses: docker/login-action@v2
with:
registry: hub.opensciencegrid.org
username: ${{ secrets.OSG_HARBOR_ROBOT_USER }}
password: ${{ secrets.OSG_HARBOR_ROBOT_PASSWORD }}
# - name: Docker login
# if: >-
# github.ref == 'refs/heads/master' &&
# github.event_name != 'pull_request' &&
# github.repository_owner == 'opensciencegrid'
# uses: docker/login-action@v2
# with:
# registry: docker.io
# username: ${{ secrets.DOCKER_USERNAME }}
# password: ${{ secrets.DOCKER_PASSWORD }}
- id: upload-image
uses: ./.github/actions/build-container-local
with:
registry_url: hub.opensciencegrid.org
osg_series: ${{ matrix.osg_series }}
osg_repo: ${{ matrix.repo }}
base_os: ${{ matrix.os }}
platform: ${{ matrix.platform }}
push_by_digest: true
timestamp_image: ${{ steps.build-image.outputs.timestamp-image }}
output_image: ${{ steps.custom-image-name.outputs.output_image }}
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.upload-image.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ steps.custom-image-name.outputs.base_tag }}-${{ steps.slash-escape.outputs.platform }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
- name: Export tags
run: |
mkdir -p /tmp/tags
echo ${{ steps.upload-image.outputs.image-list }} > /tmp/tags/${{ steps.custom-image-name.outputs.base_tag }}-${{ steps.slash-escape.outputs.platform }}
- name: Upload tags
uses: actions/upload-artifact@v4
with:
name: tags-${{ steps.custom-image-name.outputs.base_tag }}-${{ steps.slash-escape.outputs.platform }}
path: /tmp/tags/*
if-no-files-found: error
retention-days: 1
merge-manifests:
runs-on: ubuntu-latest
needs:
- build-images
strategy:
fail-fast: false
matrix:
# os: ['el9', 'cuda_11_8_0']
os: ['el9']
osg_series: ['23']
repo: ['development']
# repo: ['development', 'testing', 'release']
exclude:
# cuda builds take a super long time; only do one of them
- os: cuda_11_8_0
repo: development
- os: cuda_11_8_0
repo: testing
steps:
- id: base-tag
env:
SERIES: ${{ matrix.osg_series }}
REPO: ${{ matrix.repo }}
OS: ${{ matrix.os }}
run: |
echo "base_tag=${SERIES}-${OS}-${REPO}" >> ${GITHUB_OUTPUT}
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-${{ steps.base-tag.outputs.base_tag }}-*
merge-multiple: true
- name: Download tags
uses: actions/download-artifact@v4
with:
path: /tmp/tags
pattern: tags-${{ steps.base-tag.outputs.base_tag }}-*
merge-multiple: true
- name: Check Artifact Count
env:
EXPECTED: 2
run: |
for dir in /tmp/tags /tmp/digests; do
artifact_count=$(ls $dir -1q | wc -l)
if [[ $artifact_count != $EXPECTED ]]; then
echo "Expected $EXPECTED artifacts in $dir; got $artifact_count"
exit 1
fi
done
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Harbor login
# if: >-
# github.ref == 'refs/heads/master' &&
# github.event_name != 'pull_request' &&
# github.repository_owner == 'opensciencegrid'
uses: docker/login-action@v2
with:
registry: hub.opensciencegrid.org
username: ${{ secrets.OSG_HARBOR_ROBOT_USER }}
password: ${{ secrets.OSG_HARBOR_ROBOT_PASSWORD }}
- name: Merge Artifacts
working-directory: /tmp
env:
DEFAULT_OS: el9
run: |
BASE_IMG=hub.opensciencegrid.org/opensciencegrid/osgvo-docker-pilot
DIGESTS=$(for digest in $(ls digests/); do echo $BASE_IMG@sha256:$digest; done)
TAGS=$(cat tags/*-amd64)
for tag in ${TAGS//,/ }; do
docker buildx imagetools create --tag $tag $DIGESTS;
# Also tag the image for the default OS as the OS-less tag
# (i.e. 23-el9-release -> 23-release)
tag2=${tag/-${DEFAULT_OS}-/-} # bash syntax for search-and-replace
if [[ $tag2 != $tag ]]; then
docker buildx imagetools create --tag $tag2 $DIGESTS;
fi
done