Build Runtime Images #58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Runtime Images | |
| on: | |
| workflow_call: | |
| outputs: | |
| py39_image: | |
| description: "Python 3.9 runtime image tag" | |
| value: ${{ jobs.build_runtime_images.outputs.py39_image }} | |
| py310_image: | |
| description: "Python 3.10 runtime image tag" | |
| value: ${{ jobs.build_runtime_images.outputs.py310_image }} | |
| build_locally: | |
| description: "Whether images should be built locally in autotests" | |
| value: ${{ jobs.build_runtime_images.outputs.build_locally }} | |
| schedule: | |
| - cron: '0 3 * * *' | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - 'etc/docker/test/runtime.Dockerfile' | |
| - 'requirements/requirements.server.txt' | |
| - 'requirements/requirements.dev.txt' | |
| workflow_dispatch: | |
| jobs: | |
| build_runtime_images: | |
| name: Build Runtime Images | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| outputs: | |
| py39_image: ${{ steps.set_outputs.outputs.py39_image }} | |
| py310_image: ${{ steps.set_outputs.outputs.py310_image }} | |
| build_locally: ${{ steps.set_outputs.outputs.build_locally }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| continue-on-error: true | |
| - name: Prepare metadata | |
| id: metadata | |
| run: | | |
| echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT | |
| echo "commit_sha=${{ github.sha }}" >> $GITHUB_OUTPUT | |
| echo "commit_ref=${{ github.ref }}" >> $GITHUB_OUTPUT | |
| - name: Build Runtime Images | |
| id: build_images | |
| run: | | |
| FILES_TO_HASH="etc/docker/test/runtime.Dockerfile requirements/requirements.server.txt requirements/requirements.dev.txt" | |
| BUILD_LOCALLY=false | |
| BUILD_DATE="${{ steps.metadata.outputs.build_date }}" | |
| COMMIT_SHA="${{ steps.metadata.outputs.commit_sha }}" | |
| COMMIT_REF="${{ steps.metadata.outputs.commit_ref }}" | |
| for PYVER in 3.9 3.10; do | |
| HASH=$(echo "PYTHON=${PYVER}" | cat - $FILES_TO_HASH | sha256sum | cut -d' ' -f1 | head -c 12) | |
| IMAGE="ghcr.io/${{ github.repository }}/rucio-dev-runtime:py${PYVER//.}-${HASH}" | |
| echo "Python ${PYVER} image tag: $IMAGE" | |
| # Export dynamic outputs | |
| if [[ "$PYVER" == "3.9" ]]; then | |
| echo "py39_image=$IMAGE" >> $GITHUB_OUTPUT | |
| else | |
| echo "py310_image=$IMAGE" >> $GITHUB_OUTPUT | |
| fi | |
| # Skip build if image exists | |
| if docker manifest inspect "$IMAGE" > /dev/null 2>&1; then | |
| echo "Python ${PYVER} image already exists, skipping build" | |
| continue | |
| fi | |
| # Build locally if PR to master (can't push) | |
| if [[ "${{ github.event_name }}" == "pull_request" && "${{ github.base_ref }}" == "master" ]]; then | |
| echo "Python ${PYVER} image missing, will build locally" | |
| BUILD_LOCALLY=true | |
| continue | |
| fi | |
| echo "Building Python ${PYVER} image..." | |
| docker buildx build \ | |
| --file etc/docker/test/runtime.Dockerfile \ | |
| --target final \ | |
| --build-arg PYTHON=${PYVER} \ | |
| --push \ | |
| --tag "$IMAGE" \ | |
| --label "org.opencontainers.image.title=Rucio Runtime Image Python ${PYVER}" \ | |
| --label "org.opencontainers.image.description=Runtime image for Rucio autotests with Python ${PYVER}" \ | |
| --label "org.opencontainers.image.version=py${PYVER//.}-${HASH}" \ | |
| --label "org.opencontainers.image.created=${BUILD_DATE}" \ | |
| --label "org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}" \ | |
| --label "org.opencontainers.image.revision=${COMMIT_SHA}" \ | |
| --label "org.opencontainers.image.ref.name=${COMMIT_REF}" \ | |
| --label "rucio.image.python.version=${PYVER}" \ | |
| --label "rucio.image.build.date=${BUILD_DATE}" \ | |
| --label "rucio.image.build.workflow=${{ github.workflow }}" \ | |
| --label "rucio.image.build.run_id=${{ github.run_id }}" \ | |
| --cache-from type=registry,ref=ghcr.io/${{ github.repository }}/rucio-dev-runtime:py${PYVER//.}-buildcache \ | |
| --cache-to type=registry,ref=ghcr.io/${{ github.repository }}/rucio-dev-runtime:py${PYVER//.}-buildcache,mode=max \ | |
| . | |
| done | |
| echo "build_locally=$BUILD_LOCALLY" >> $GITHUB_OUTPUT | |
| - name: Set Final Outputs | |
| id: set_outputs | |
| run: | | |
| echo "py39_image=${{ steps.build_images.outputs.py39_image }}" >> $GITHUB_OUTPUT | |
| echo "py310_image=${{ steps.build_images.outputs.py310_image }}" >> $GITHUB_OUTPUT | |
| echo "build_locally=${{ steps.build_images.outputs.build_locally }}" >> $GITHUB_OUTPUT |