Skip to content

partition artifacts by registry #873

partition artifacts by registry

partition artifacts by registry #873

Workflow file for this run

name: Build and test container images
on:
push:
pull_request:
repository_dispatch:
types:
- dispatch-build
workflow_dispatch:
jobs:
build-images:
runs-on: ubuntu-latest
# Continue to the push/tag step even if some build matrix combos fail
# Check that all arch artifacts are present in the push/tag step
continue-on-error: true
strategy:
fail-fast: false
matrix:
# os: ['el9', 'cuda_11_8_0']
os: ['el9']
osg_series: ['23']
# repo: ['development', 'testing', 'release']
repo: ['development']
platform: ['linux/amd64','linux/arm64']
exclude:
# cuda builds take a super long time; only do one of them
- os: cuda_11_8_0
repo: development
- os: cuda_11_8_0
repo: testing
steps:
- uses: actions/checkout@v3
- id: custom-image-name
env:
SERIES: ${{ matrix.osg_series }}
REPO: ${{ matrix.repo }}
OS: ${{ matrix.os }}
run: |
PREFIX="output_image=${GITHUB_REPOSITORY}:${SERIES}"
echo "${PREFIX}-${OS}-${REPO}" >> ${GITHUB_OUTPUT}
echo "base_tag=${SERIES}-${OS}-${REPO}" >> ${GITHUB_OUTPUT}
- id: build-image
uses: ./.github/actions/build-container-local
with:
registry_url: hub.opensciencegrid.org
osg_series: ${{ matrix.osg_series }}
osg_repo: ${{ matrix.repo }}
base_os: ${{ matrix.os }}
platform: ${{ matrix.platform }}
output_image: ${{ steps.custom-image-name.outputs.output_image }}
# - name: Prepare CVMFS
# if: ${{ matrix.platform == 'linux/amd64' }}
# run: |
# sudo ./tests/setup_cvmfs.sh
# - name: Docker + CVMFS bindmount
# if: ${{ matrix.platform == 'linux/amd64' }}
# id: test-docker-cvmfs
# env:
# CONTAINER_IMAGE: ${{ steps.build-image.outputs.timestamp-image }}
# run: |
# sudo ./tests/test_inside_gha.sh docker \
# bindmount \
# "$CONTAINER_IMAGE"
# - name: Docker + cvmfsexec
# if: ${{ matrix.platform == 'linux/amd64' }}
# id: test-docker-cvmfsexec
# env:
# CONTAINER_IMAGE: ${{ steps.build-image.outputs.timestamp-image }}
# run: |
# sudo ./tests/test_inside_gha.sh docker \
# cvmfsexec \
# "$CONTAINER_IMAGE"
# - name: Singularity + CVMFS bindmount
# if: ${{ matrix.platform == 'linux/amd64' }}
# id: test-singularity-cvmfs
# env:
# CONTAINER_IMAGE: ${{ steps.build-image.outputs.timestamp-image }}
# run: |
# if [[ $CONTAINER_IMAGE == *cuda* ]]; then
# echo >&2 "Skipping test: \$APPTAINER_TMPDIR (${APPTAINER_TMPDIR:-/tmp}) too small for cuda-based images"
# exit 0
# else
# sudo ./tests/test_inside_gha.sh singularity \
# bindmount \
# "$CONTAINER_IMAGE"
# fi
- id: upload-by-digest
uses: ./.github/actions/push-digest-local
with:
registry: hub.opensciencegrid.org
username: ${{ secrets.OSG_HARBOR_ROBOT_USER }}
password: ${{ secrets.OSG_HARBOR_ROBOT_PASSWORD }}
osg_series: ${{ matrix.osg_series }}
osg_repo: ${{ matrix.repo }}
base_os: ${{ matrix.os }}
platform: ${{ matrix.platform }}
base_tag: ${{ steps.custom-image-name.outputs.base_tag }}
timestamp_image: ${{ steps.build-image.outputs.timestamp-image }}
output_image: ${{ steps.custom-image-name.outputs.output_image }}
# - name: Harbor login
# # if: >-
# # github.ref == 'refs/heads/master' &&
# # github.event_name != 'pull_request' &&
# # github.repository_owner == 'opensciencegrid'
# uses: docker/login-action@v2
# with:
# registry: hub.opensciencegrid.org
# username: ${{ secrets.OSG_HARBOR_ROBOT_USER }}
# password: ${{ secrets.OSG_HARBOR_ROBOT_PASSWORD }}
# - name: Docker login
# if: >-
# github.ref == 'refs/heads/master' &&
# github.event_name != 'pull_request' &&
# github.repository_owner == 'opensciencegrid'
# uses: docker/login-action@v2
# with:
# registry: docker.io
# username: ${{ secrets.DOCKER_USERNAME }}
# password: ${{ secrets.DOCKER_PASSWORD }}
# - id: upload-image
# uses: ./.github/actions/build-container-local
# with:
# registry_url: hub.opensciencegrid.org
# osg_series: ${{ matrix.osg_series }}
# osg_repo: ${{ matrix.repo }}
# base_os: ${{ matrix.os }}
# platform: ${{ matrix.platform }}
# push_by_digest: true
# timestamp_image: ${{ steps.build-image.outputs.timestamp-image }}
# setup: false
# output_image: ${{ steps.custom-image-name.outputs.output_image }}
# - name: Export digest
# run: |
# mkdir -p /tmp/digests
# digest="${{ steps.upload-image.outputs.digest }}"
# touch "/tmp/digests/${digest#sha256:}"
# - name: Upload digest
# uses: actions/upload-artifact@v4
# with:
# name: digests-${{ steps.custom-image-name.outputs.base_tag }}-${{ steps.slash-escape.outputs.platform }}
# path: /tmp/digests/*
# if-no-files-found: error
# retention-days: 1
# - name: Export tags
# run: |
# mkdir -p /tmp/tags
# echo ${{ steps.upload-image.outputs.image-list }} > /tmp/tags/${{ steps.custom-image-name.outputs.base_tag }}-${{ steps.slash-escape.outputs.platform }}
# - name: Upload tags
# uses: actions/upload-artifact@v4
# with:
# name: tags-${{ steps.custom-image-name.outputs.base_tag }}-${{ steps.slash-escape.outputs.platform }}
# path: /tmp/tags/*
# if-no-files-found: error
# retention-days: 1
merge-manifests:
runs-on: ubuntu-latest
needs:
- build-images
strategy:
fail-fast: false
matrix:
# os: ['el9', 'cuda_11_8_0']
os: ['el9']
osg_series: ['23']
repo: ['development']
# repo: ['development', 'testing', 'release']
registry: ['hub.opensciencegrid.org']
exclude:
# cuda builds take a super long time; only do one of them
- os: cuda_11_8_0
repo: development
- os: cuda_11_8_0
repo: testing
steps:
- id: base-tag
env:
SERIES: ${{ matrix.osg_series }}
REPO: ${{ matrix.repo }}
OS: ${{ matrix.os }}
run: |
echo "base_tag=${SERIES}-${OS}-${REPO}" >> ${GITHUB_OUTPUT}
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/${{ matrix.registry }}/digests
pattern: digests-${{ matrix.registry }}-${{ steps.base-tag.outputs.base_tag }}-*
merge-multiple: true
- name: Download tags
uses: actions/download-artifact@v4
with:
path: /tmp/${{ matrix.registry }}/tags
pattern: tags-${{ matrix.registry }}-${{ steps.base-tag.outputs.base_tag }}-*
merge-multiple: true
- name: Check Artifact Count
env:
EXPECTED: 2
working-directory: /tmp/${{ matrix.registry }}
run: |
for dir in tags digests; do
artifact_count=$(ls $dir -1q | wc -l)
if [[ $artifact_count != $EXPECTED ]]; then
echo "Expected $EXPECTED artifacts in $dir; got $artifact_count"
exit 1
fi
done
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Harbor login
# if: >-
# github.ref == 'refs/heads/master' &&
# github.event_name != 'pull_request' &&
# github.repository_owner == 'opensciencegrid'
uses: docker/login-action@v2
with:
registry: ${{ matrix.registry }}
username: ${{ secrets.OSG_HARBOR_ROBOT_USER }}
password: ${{ secrets.OSG_HARBOR_ROBOT_PASSWORD }}
- name: Merge Artifacts
working-directory: /tmp/${{ matrix.registry }}
env:
DEFAULT_OS: el9
run: |
BASE_IMG=${{ matrix.registry }}/opensciencegrid/osgvo-docker-pilot
DIGESTS=$(for digest in $(ls digests/); do echo $BASE_IMG@sha256:$digest; done)
TAGS=$(cat tags/*-amd64)
for tag in ${TAGS//,/ }; do
docker buildx imagetools create --tag $tag $DIGESTS;
# Also tag the image for the default OS as the OS-less tag
# (i.e. 23-el9-release -> 23-release)
tag2=${tag/-${DEFAULT_OS}-/-} # bash syntax for search-and-replace
if [[ $tag2 != $tag ]]; then
docker buildx imagetools create --tag $tag2 $DIGESTS;
fi
done