-
Notifications
You must be signed in to change notification settings - Fork 1
134 lines (124 loc) · 4.81 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: build
on:
push:
branches:
- main
release:
types:
- published
- edited
jobs:
docker_build:
runs-on: self-hosted
outputs:
tag: ${{ steps.build_tag.outputs.tag }}
steps:
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: hippocampusgirl
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to container registry
uses: docker/login-action@v2
with:
registry: ${{ secrets.REGISTRY }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Set up build tag
id: build_tag
shell: bash
env:
github_ref: ${{ github.ref }}
github_repository: ${{ github.repository }}
run: |
version=$(echo "${github_ref}" | cut -d '/' -f 3)
if [[ "$version" == "main" ]]; then
version="latest"
fi
owner=$( \
echo "${github_repository}" | \
cut -d'/' -f1 | \
tr '[:upper:]' '[:lower:]' \
)
name=$( \
echo "${github_repository}" | \
cut -d'/' -f2 | \
sed -r 's/([A-Za-z0-9])([A-Z])([a-z0-9])/\1-\L\2\3/g' | \
tr '[:upper:]' '[:lower:]' \
)
echo "repo=${name}" >> ${GITHUB_OUTPUT}
echo "tag=${name}:${version}" >> ${GITHUB_OUTPUT}
- name: Checkout
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
buildkitd-flags: --debug
config-inline: |
[worker.oci]
max-parallelism = 1
- name: Build and push to container registry
uses: docker/build-push-action@v5
with:
context: "."
file: "./Dockerfile"
platforms: linux/amd64
cache-from: type=registry,ref=${{ secrets.REGISTRY }}/${{ steps.build_tag.outputs.repo }}:buildcache
cache-to: type=registry,ref=${{ secrets.REGISTRY }}/${{ steps.build_tag.outputs.repo }}:buildcache,compression=zstd,mode=max
outputs: type=image,name=${{ secrets.REGISTRY }}/${{ steps.build_tag.outputs.tag }},push=true,compression=gzip,compression-level=9,force-compression=true
labels: |
org.opencontainers.image.title=${{ github.event.repository.name }}
org.opencontainers.image.url=${{ github.event.repository.html_url }}
org.opencontainers.image.source=${{ github.event.repository.html_url }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.created=${{ github.event.repository.updated_at}}
singularity_build:
runs-on: self-hosted
needs:
- docker_build
strategy:
matrix:
singularity_version:
- "latest"
- "v2.6"
container:
image: quay.io/singularity/docker2singularity:${{ matrix.singularity_version }}
options: --privileged
steps:
- name: Patch docker2singularity
shell: bash
run: |
wget -qO /tmp/docker2singularity.patch https://gist.githubusercontent.com/HippocampusGirl/e2c2166cbdc71e11b75380d34448b3f3/raw
patch /docker2singularity.sh /tmp/docker2singularity.patch
- name: Convert to Singularity
shell: bash
env:
docker_build_tag: ${{ needs.docker_build.outputs.tag }}
run: |
singularity_image_name=$(echo -n ${docker_build_tag} | tr -c '[:alnum:]' '-')
mkdir -p -v /output
docker-entrypoint.sh /docker2singularity.sh \
--name ${singularity_image_name} \
${{ secrets.REGISTRY }}/${docker_build_tag}
- name: Upload to DigitalOcean
shell: bash
env:
DIGITALOCEAN_ACCESS_KEY: ${{ secrets.DIGITALOCEAN_ACCESS_KEY }}
DIGITALOCEAN_SECRET_KEY: ${{ secrets.DIGITALOCEAN_SECRET_KEY }}
DIGITALOCEAN_REGION: ${{ secrets.DIGITALOCEAN_REGION }}
DIGITALOCEAN_SPACE_NAME: ${{ secrets.DIGITALOCEAN_SPACE_NAME }}
run: |
apk add python3 py3-pip
pip3 install --upgrade pip
pip3 install s3cmd
s3cmd --stop-on-error \
--ssl --no-encrypt \
--access_key="${DIGITALOCEAN_ACCESS_KEY}" \
--secret_key="${DIGITALOCEAN_SECRET_KEY}" \
--host="${DIGITALOCEAN_REGION}.digitaloceanspaces.com" \
--host-bucket="%(bucket)s.${DIGITALOCEAN_REGION}.digitaloceanspaces.com" \
--dump-config \
> ${HOME}/.s3cfg
singularity_image_file=$(find "/output" -type f | head -n1)
s3cmd put ${singularity_image_file} s3://${DIGITALOCEAN_SPACE_NAME}/singularity/
s3cmd setacl s3://${DIGITALOCEAN_SPACE_NAME}/singularity/$(basename ${singularity_image_file}) --acl-public