Use build context to fetch imputation server resources #129
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
push: | |
branches: | |
- main | |
release: | |
types: | |
- published | |
- edited | |
jobs: | |
docker_build: | |
runs-on: self-hosted | |
outputs: | |
tag: ${{ steps.build_tag.outputs.tag }} | |
steps: | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: hippocampusgirl | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ secrets.REGISTRY }} | |
username: ${{ secrets.REGISTRY_USERNAME }} | |
password: ${{ secrets.REGISTRY_PASSWORD }} | |
- name: Set up build tag | |
id: build_tag | |
shell: bash | |
env: | |
github_ref: ${{ github.ref }} | |
github_repository: ${{ github.repository }} | |
run: | | |
version=$(echo "${github_ref}" | cut -d '/' -f 3) | |
if [[ "$version" == "main" ]]; then | |
version=latest | |
fi | |
owner=$( \ | |
echo "${github_repository}" | \ | |
cut -d'/' -f1 | \ | |
tr '[:upper:]' '[:lower:]' \ | |
) | |
name=$( \ | |
echo "${github_repository}" | \ | |
cut -d'/' -f2 | \ | |
sed -r 's/([A-Za-z0-9])([A-Z])([a-z0-9])/\1-\L\2\3/g' | \ | |
tr '[:upper:]' '[:lower:]' \ | |
) | |
echo "repo=${name}" >> ${GITHUB_OUTPUT} | |
echo "tag=${name}:${version}" >> ${GITHUB_OUTPUT} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Build and push to container registry | |
uses: docker/build-push-action@v5 | |
with: | |
context: "." | |
file: "./Dockerfile" | |
platforms: linux/amd64 | |
cache-from: type=registry,ref=${{ secrets.REGISTRY }}/${{ steps.build_tag.outputs.repo }}:buildcache | |
cache-to: type=registry,ref=${{ secrets.REGISTRY }}/${{ steps.build_tag.outputs.repo }}:buildcache,compression=zstd,mode=max | |
outputs: type=image,name=${{ secrets.REGISTRY }}/${{ steps.build_tag.outputs.tag }},push=true,compression=gzip,compression-level=9,force-compression=true | |
labels: | | |
org.opencontainers.image.title=${{ github.event.repository.name }} | |
org.opencontainers.image.url=${{ github.event.repository.html_url }} | |
org.opencontainers.image.source=${{ github.event.repository.html_url }} | |
org.opencontainers.image.revision=${{ github.sha }} | |
org.opencontainers.image.created=${{ github.event.repository.updated_at}} | |
singularity_build: | |
runs-on: self-hosted | |
needs: | |
- docker_build | |
defaults: | |
run: | |
shell: bash --login -x -e {0} | |
steps: | |
- uses: conda-incubator/setup-miniconda@v2 | |
with: | |
miniforge-variant: Mambaforge | |
miniforge-version: latest | |
auto-activate-base: true | |
activate-environment: "" | |
use-mamba: true | |
- name: Set up Singularity | |
run: | | |
mamba install --yes singularity | |
- name: Singularity build | |
id: singularity_build | |
env: | |
docker_build_tag: ${{ needs.docker_build.outputs.tag }} | |
run: | | |
# Configure Singularity to not use the host's /tmp folder | |
# because it is too small | |
export SINGULARITY_TMPDIR="${PWD}" | |
# Build Singularity image from Docker image | |
singularity_build_name=$(echo -n ${docker_build_tag} | tr -c '[:alnum:]' '-') | |
singularity build --disable-cache \ | |
${singularity_build_name}.sif \ | |
docker://${{ secrets.REGISTRY }}/${docker_build_tag} | |
echo "name=${singularity_build_name}" >> ${GITHUB_OUTPUT} | |
- name: Upload to DigitalOcean | |
env: | |
digitalocean_access_key: ${{ secrets.DIGITALOCEAN_ACCESS_KEY }} | |
digitalocean_secret_key: ${{ secrets.DIGITALOCEAN_SECRET_KEY }} | |
digitalocean_region: ${{ secrets.DIGITALOCEAN_REGION }} | |
digitalocean_space_name: ${{ secrets.DIGITALOCEAN_SPACE_NAME }} | |
singularity_build_name: ${{ steps.singularity_build.outputs.name }} | |
run: | | |
pip install s3cmd | |
s3cmd --stop-on-error \ | |
--ssl --no-encrypt \ | |
--access_key="${digitalocean_access_key}" \ | |
--secret_key="${digitalocean_secret_key}" \ | |
--host="${digitalocean_region}.digitaloceanspaces.com" \ | |
--host-bucket="%(bucket)s.${digitalocean_region}.digitaloceanspaces.com" \ | |
--dump-config \ | |
> ${HOME}/.s3cfg | |
s3cmd put ${singularity_build_name}.sif s3://${digitalocean_space_name}/singularity/ | |
s3cmd setacl s3://${digitalocean_space_name}/singularity/${singularity_build_name}.sif --acl-public |