From bfebed8b36be49d493bddcee7f6c63b6355d9bf1 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 20 Mar 2024 18:39:36 +0000 Subject: [PATCH 001/149] Remove artifact upload/download --- .github/actions/load-image/action.yml | 31 ------------------- .../workflows/docker-build-test-upload.yml | 22 ++----------- .github/workflows/docker-merge-tags.yml | 3 ++ .github/workflows/docker-push.yml | 6 +--- 4 files changed, 7 insertions(+), 55 deletions(-) delete mode 100644 .github/actions/load-image/action.yml diff --git a/.github/actions/load-image/action.yml b/.github/actions/load-image/action.yml deleted file mode 100644 index 4a8665f9..00000000 --- a/.github/actions/load-image/action.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -name: Load Docker image -description: Download image tar and load it to docker - -inputs: - image: - description: Image name - required: true - type: string - architecture: - description: Image architecture - required: true - type: string - -runs: - using: composite - steps: - - name: Download built image 📥 - uses: actions/download-artifact@v4 - with: - name: ${{ inputs.image }}-${{ inputs.architecture }} - path: /tmp/aiidalab - - name: Load downloaded image to docker 📥 - run: | - docker load --input /tmp/aiidalab/${{ inputs.image }}-${{ inputs.architecture }}.tar - docker image ls --all - shell: bash - - name: Delete the file 🗑️ - run: rm -f /tmp/aiidalab/${{ inputs.image }}-${{ inputs.architecture }}.tar - shell: bash - if: always() diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-test-upload.yml index bfa6ac78..dd217e56 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-test-upload.yml @@ -1,5 +1,5 @@ --- -name: Build a new image and test it; then upload the image, tags and manifests to GitHub artifacts +name: Build a new image, upload to ghcr.io and test it env: OWNER: ${{ github.repository_owner }} @@ -28,6 +28,7 @@ jobs: steps: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 + - name: Create dev environment 📦 uses: ./.github/actions/create-dev-env with: @@ -36,13 +37,12 @@ jobs: # Self-hosted runners share a state (whole VM) between runs # Also, they might have running or stopped containers, # which are not cleaned up by `docker system prun` - - name: Reset docker state and cleanup artifacts 🗑️ + - name: Reset docker state if: ${{ inputs.platform != 'x86_64' }} run: | docker kill $(docker ps --quiet) || true docker rm $(docker ps --all --quiet) || true docker system prune --all --force - rm -rf /tmp/aiidalab/ shell: bash - name: Build image 🛠 @@ -55,19 +55,3 @@ jobs: - name: Run tests ✅ run: VERSION=newly-build pytest -s tests/test-common.py tests/test-${{ inputs.image }}.py --variant ${{ inputs.image }} shell: bash - - - name: Save image as a tar for later use 💾 - run: | - mkdir -p /tmp/aiidalab/ - docker save ${{ env.OWNER }}/${{ inputs.image }} -o /tmp/aiidalab/${{ inputs.image }}-${{ inputs.architecture }}.tar - shell: bash - if: always() - - - name: Upload image as artifact 💾 - uses: actions/upload-artifact@v4 - with: - name: ${{ inputs.image }}-${{ inputs.architecture }} - path: /tmp/aiidalab/${{ inputs.image }}-${{ inputs.architecture }}.tar - retention-days: 3 - if-no-files-found: error - if: always() diff --git a/.github/workflows/docker-merge-tags.yml b/.github/workflows/docker-merge-tags.yml index b0d43fec..3d850788 100644 --- a/.github/workflows/docker-merge-tags.yml +++ b/.github/workflows/docker-merge-tags.yml @@ -26,6 +26,7 @@ jobs: steps: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 + - name: Create dev environment 📦 uses: ./.github/actions/create-dev-env with: @@ -35,7 +36,9 @@ jobs: uses: actions/download-artifact@v4 with: name: ${{ inputs.registry }}-${{ inputs.image }}-amd64-tags + # TODO: Use unique path here! path: /tmp/aiidalab + - name: Download arm64 tags file 📥 uses: actions/download-artifact@v4 with: diff --git a/.github/workflows/docker-push.yml b/.github/workflows/docker-push.yml index c264b1b1..5ae7b65f 100644 --- a/.github/workflows/docker-push.yml +++ b/.github/workflows/docker-push.yml @@ -32,15 +32,11 @@ jobs: steps: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 + - name: Create dev environment 📦 uses: ./.github/actions/create-dev-env with: architecture: ${{ inputs.architecture }} - - name: Load image to Docker 📥 - uses: ./.github/actions/load-image - with: - image: ${{ inputs.image }} - architecture: ${{ inputs.architecture }} - name: Read build variables id: build_vars From eb7f22a08eab0fa166b8d27ec46a940171c92c6a Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 20 Mar 2024 18:42:56 +0000 Subject: [PATCH 002/149] Run only amd64-base for now --- .github/workflows/docker.yml | 155 ----------------------------------- 1 file changed, 155 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index d9d4480d..67751d61 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -23,158 +23,3 @@ jobs: image: base architecture: amd64 runsOn: ubuntu-latest - - amd64-base-with-services: - uses: ./.github/workflows/docker-build-test-upload.yml - with: - image: base-with-services - architecture: amd64 - runsOn: ubuntu-latest - needs: [amd64-base] - - amd64-lab: - uses: ./.github/workflows/docker-build-test-upload.yml - with: - image: lab - architecture: amd64 - runsOn: ubuntu-latest - needs: [amd64-base] - - amd64-full-stack: - uses: ./.github/workflows/docker-build-test-upload.yml - with: - image: full-stack - architecture: amd64 - runsOn: ubuntu-latest - needs: [amd64-base-with-services, amd64-lab] - - arm64-base: - uses: ./.github/workflows/docker-build-test-upload.yml - with: - image: base - architecture: arm64 - runsOn: ARM64 - - arm64-lab: - uses: ./.github/workflows/docker-build-test-upload.yml - with: - image: lab - architecture: arm64 - runsOn: ARM64 - needs: [arm64-base] - - arm64-base-with-services: - uses: ./.github/workflows/docker-build-test-upload.yml - with: - image: base-with-services - architecture: arm64 - runsOn: ARM64 - needs: [arm64-base] - - arm64-full-stack: - uses: ./.github/workflows/docker-build-test-upload.yml - with: - image: full-stack - architecture: arm64 - runsOn: ARM64 - needs: [arm64-base-with-services, arm64-lab] - - amd64-push-ghcr: - if: always() - uses: ./.github/workflows/docker-push.yml - strategy: - matrix: - image: ["base", "base-with-services", "lab", "full-stack"] - with: - architecture: amd64 - image: ${{ matrix.image }} - registry: ghcr.io - secrets: - REGISTRY_USERNAME: ${{ github.actor }} - REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }} - needs: [amd64-base, amd64-base-with-services, amd64-lab, amd64-full-stack] - - arm64-push-ghcr: - if: always() - uses: ./.github/workflows/docker-push.yml - strategy: - matrix: - image: ["base", "base-with-services", "lab", "full-stack"] - with: - architecture: arm64 - image: ${{ matrix.image }} - registry: ghcr.io - secrets: - REGISTRY_USERNAME: ${{ github.actor }} - REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }} - needs: [arm64-base, arm64-base-with-services, arm64-lab, arm64-full-stack] - - merge-tags-ghcr: - if: always() - uses: ./.github/workflows/docker-merge-tags.yml - strategy: - matrix: - image: ["base", "base-with-services", "lab", "full-stack"] - with: - image: ${{ matrix.image }} - registry: ghcr.io - secrets: - REGISTRY_USERNAME: ${{ github.actor }} - REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }} - needs: [amd64-push-ghcr, arm64-push-ghcr] - - amd64-push-dockerhub: - if: github.repository == 'aiidalab/aiidalab-docker-stack' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) - uses: ./.github/workflows/docker-push.yml - strategy: - matrix: - image: ["base", "base-with-services", "lab", "full-stack"] - with: - architecture: amd64 - image: ${{ matrix.image }} - registry: docker.io - secrets: - REGISTRY_USERNAME: ${{ secrets.DOCKER_USERNAME }} - REGISTRY_TOKEN: ${{ secrets.DOCKER_PASSWORD }} - needs: [amd64-base, amd64-base-with-services, amd64-lab, amd64-full-stack] - - arm64-push-dockerhub: - if: github.repository == 'aiidalab/aiidalab-docker-stack' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) - uses: ./.github/workflows/docker-push.yml - strategy: - matrix: - image: ["base", "base-with-services", "lab", "full-stack"] - with: - architecture: arm64 - image: ${{ matrix.image }} - registry: docker.io - secrets: - REGISTRY_USERNAME: ${{ secrets.DOCKER_USERNAME }} - REGISTRY_TOKEN: ${{ secrets.DOCKER_PASSWORD }} - needs: [arm64-base, arm64-base-with-services, arm64-lab, arm64-full-stack] - - merge-tags-dockerhub: - if: github.repository == 'aiidalab/aiidalab-docker-stack' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) - uses: ./.github/workflows/docker-merge-tags.yml - strategy: - matrix: - image: ["base", "base-with-services", "lab", "full-stack"] - with: - image: ${{ matrix.image }} - registry: docker.io - secrets: - REGISTRY_USERNAME: ${{ secrets.DOCKER_USERNAME }} - REGISTRY_TOKEN: ${{ secrets.DOCKER_PASSWORD }} - needs: [amd64-push-dockerhub, arm64-push-dockerhub] - - release: - runs-on: ubuntu-latest - needs: [merge-tags-ghcr, merge-tags-dockerhub] - steps: - - uses: actions/checkout@v4 - - - name: Create release - uses: softprops/action-gh-release@v1 - with: - generate_release_notes: true - if: github.repository == 'aiidalab/aiidalab-docker-stack' && startsWith(github.ref, 'refs/tags/v') From dce9a383cb2ca557106242bc085465252086e60a Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 20 Mar 2024 19:49:40 +0000 Subject: [PATCH 003/149] Use docker/build-push-action --- .../workflows/docker-build-test-upload.yml | 44 +++++++++++++++---- 1 file changed, 35 insertions(+), 9 deletions(-) diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-test-upload.yml index dd217e56..1db933da 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-test-upload.yml @@ -3,6 +3,7 @@ name: Build a new image, upload to ghcr.io and test it env: OWNER: ${{ github.repository_owner }} + REGISTRY: ghcr.io on: workflow_call: @@ -34,6 +35,13 @@ jobs: with: architecture: ${{ inputs.architecture }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + # Self-hosted runners share a state (whole VM) between runs # Also, they might have running or stopped containers, # which are not cleaned up by `docker system prun` @@ -45,13 +53,31 @@ jobs: docker system prune --all --force shell: bash - - name: Build image 🛠 - run: doit build --target ${{ inputs.image }} --arch ${{ inputs.architecture }} --organization ${{ env.OWNER }} - env: - # Full logs for CI build - BUILDKIT_PROGRESS: plain - shell: bash + #- name: Build image 🛠 + #run: doit build --target ${{ inputs.image }} --arch ${{ inputs.architecture }} --organization ${{ env.OWNER }} + #env: + # # Full logs for CI build + # BUILDKIT_PROGRESS: plain + #shell: bash + # + - name: Docker meta + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.REGISTRY }}/${{ env.OWNER }}/${{ inputs.image }} + tags: | + type=sha,enable=${{ github.ref_type != 'tag' }} + type=ref,event=pr - - name: Run tests ✅ - run: VERSION=newly-build pytest -s tests/test-common.py tests/test-${{ inputs.image }}.py --variant ${{ inputs.image }} - shell: bash + - name: Build image + id: build + uses: docker/build-push-action@v3 + with: + tags: ${{ steps.meta.outputs.tags }} + arch: ${{ inputs.architectore }} + push: false + + # TODO: Run tests in a separate job + #- name: Run tests ✅ + #run: VERSION=newly-build pytest -s tests/test-common.py tests/test-${{ inputs.image }}.py --variant ${{ inputs.image }} + #shell: bash From 50b9f16f23053513f768494d439d17855c9127c4 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 20 Mar 2024 20:27:59 +0000 Subject: [PATCH 004/149] Simplify --- .../workflows/docker-build-test-upload.yml | 36 ++++--------------- 1 file changed, 6 insertions(+), 30 deletions(-) diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-test-upload.yml index 1db933da..46e8c69b 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-test-upload.yml @@ -27,13 +27,12 @@ jobs: timeout-minutes: 20 steps: - - name: Checkout Repo ⚡️ - uses: actions/checkout@v4 - - name: Create dev environment 📦 - uses: ./.github/actions/create-dev-env - with: - architecture: ${{ inputs.architecture }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry uses: docker/login-action@v2 @@ -42,24 +41,6 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - # Self-hosted runners share a state (whole VM) between runs - # Also, they might have running or stopped containers, - # which are not cleaned up by `docker system prun` - - name: Reset docker state - if: ${{ inputs.platform != 'x86_64' }} - run: | - docker kill $(docker ps --quiet) || true - docker rm $(docker ps --all --quiet) || true - docker system prune --all --force - shell: bash - - #- name: Build image 🛠 - #run: doit build --target ${{ inputs.image }} --arch ${{ inputs.architecture }} --organization ${{ env.OWNER }} - #env: - # # Full logs for CI build - # BUILDKIT_PROGRESS: plain - #shell: bash - # - name: Docker meta id: meta uses: docker/metadata-action@v4 @@ -74,10 +55,5 @@ jobs: uses: docker/build-push-action@v3 with: tags: ${{ steps.meta.outputs.tags }} - arch: ${{ inputs.architectore }} + platforms: ${{ inputs.architectore }} push: false - - # TODO: Run tests in a separate job - #- name: Run tests ✅ - #run: VERSION=newly-build pytest -s tests/test-common.py tests/test-${{ inputs.image }}.py --variant ${{ inputs.image }} - #shell: bash From ce8b97d056afbd2d0b86fe95f99432011b49440d Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 21 Mar 2024 01:03:43 +0000 Subject: [PATCH 005/149] Set target, bump action versions --- .github/workflows/docker-build-test-upload.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-test-upload.yml index 46e8c69b..bf5e01ee 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-test-upload.yml @@ -32,9 +32,10 @@ jobs: uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3.2 - name: Login to GitHub Container Registry + # TODO: Bump this to v3 uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} @@ -43,7 +44,7 @@ jobs: - name: Docker meta id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5.5 with: images: ${{ env.REGISTRY }}/${{ env.OWNER }}/${{ inputs.image }} tags: | @@ -52,8 +53,10 @@ jobs: - name: Build image id: build - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5.3 with: tags: ${{ steps.meta.outputs.tags }} platforms: ${{ inputs.architectore }} push: false + load: true + target: base From 94d05d6f1909de6e58e871c1d5f8e3c61719109d Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 21 Mar 2024 01:13:58 +0000 Subject: [PATCH 006/149] Huh? --- .github/workflows/docker-build-test-upload.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-test-upload.yml index bf5e01ee..9a104226 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-test-upload.yml @@ -32,7 +32,7 @@ jobs: uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3.2 + uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry # TODO: Bump this to v3 @@ -44,7 +44,7 @@ jobs: - name: Docker meta id: meta - uses: docker/metadata-action@v5.5 + uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.OWNER }}/${{ inputs.image }} tags: | @@ -53,7 +53,7 @@ jobs: - name: Build image id: build - uses: docker/build-push-action@v5.3 + uses: docker/build-push-action@v5 with: tags: ${{ steps.meta.outputs.tags }} platforms: ${{ inputs.architectore }} From 4dd865ef50b68a76f36f6a70615c7259979b8038 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 21 Mar 2024 01:16:42 +0000 Subject: [PATCH 007/149] Add context --- .github/workflows/docker-build-test-upload.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-test-upload.yml index 9a104226..8120555c 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-test-upload.yml @@ -60,3 +60,4 @@ jobs: push: false load: true target: base + context: ./stack/base From 589ee67e8f87fad23916abbe8ca0eb971643efd7 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 21 Mar 2024 01:21:16 +0000 Subject: [PATCH 008/149] One more try --- .github/workflows/docker-build-test-upload.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-test-upload.yml index 8120555c..4f1b00d4 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-test-upload.yml @@ -60,4 +60,4 @@ jobs: push: false load: true target: base - context: ./stack/base + context: "{{defaultContext}}/stack/base" From ea59188370fcd5fdc136944d96b1bbe347fe1a79 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 21 Mar 2024 01:25:20 +0000 Subject: [PATCH 009/149] Path context --- .github/workflows/docker-build-test-upload.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-test-upload.yml index 4f1b00d4..30142136 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-test-upload.yml @@ -28,6 +28,9 @@ jobs: steps: + - name: Checkout Repo ⚡️ + uses: actions/checkout@v4 + - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -60,4 +63,4 @@ jobs: push: false load: true target: base - context: "{{defaultContext}}/stack/base" + context: ./stack/base/ From 9e6d443ed5c1cc2cd79c2bf4ba971a3b5537f633 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 21 Mar 2024 01:45:00 +0000 Subject: [PATCH 010/149] Try bake-action --- .github/workflows/docker-build-test-upload.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-test-upload.yml index 30142136..2dfda923 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-test-upload.yml @@ -56,11 +56,15 @@ jobs: - name: Build image id: build - uses: docker/build-push-action@v5 + uses: docker/bake-action@v4 with: tags: ${{ steps.meta.outputs.tags }} platforms: ${{ inputs.architectore }} push: false load: true - target: base - context: ./stack/base/ + # Using provenance to disable default attestation so it will build only desired images: + # https://github.com/orgs/community/discussions/45969 + provenance: false + files: | + docker-bake.hcl + build.json From 59259c1f8f89f9ec37f91a23b3b8ceee0141975f Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 15:52:35 +0100 Subject: [PATCH 011/149] ARM build --- ...-build-test-upload.yml => docker-build-upload.yml} | 6 +++--- .github/workflows/docker.yml | 11 ++++++++--- 2 files changed, 11 insertions(+), 6 deletions(-) rename .github/workflows/{docker-build-test-upload.yml => docker-build-upload.yml} (94%) diff --git a/.github/workflows/docker-build-test-upload.yml b/.github/workflows/docker-build-upload.yml similarity index 94% rename from .github/workflows/docker-build-test-upload.yml rename to .github/workflows/docker-build-upload.yml index 2dfda923..a61712f4 100644 --- a/.github/workflows/docker-build-test-upload.yml +++ b/.github/workflows/docker-build-upload.yml @@ -1,5 +1,5 @@ --- -name: Build a new image, upload to ghcr.io and test it +name: Build images upload them to ghcr.io env: OWNER: ${{ github.repository_owner }} @@ -10,7 +10,7 @@ on: inputs: image: description: Image name - required: true + required: false type: string architecture: description: Image architecture, e.g. amd64, arm64 @@ -60,7 +60,7 @@ jobs: with: tags: ${{ steps.meta.outputs.tags }} platforms: ${{ inputs.architectore }} - push: false + push: true load: true # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 67751d61..d2de757f 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -17,9 +17,14 @@ concurrency: cancel-in-progress: true jobs: - amd64-base: - uses: ./.github/workflows/docker-build-test-upload.yml + amd64-build: + uses: ./.github/workflows/docker-build-upload.yml with: - image: base architecture: amd64 runsOn: ubuntu-latest + + arm-build: + uses: ./.github/workflows/docker-build-upload.yml + with: + architecture: amd64 + runsOn: macos-14 From 056f859009826d3bcbf8376a887dfdc4066e4cec Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 16:13:24 +0100 Subject: [PATCH 012/149] Add check-jsonschema pre-commit --- .pre-commit-config.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index bcaacc61..d5da3e38 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -8,7 +8,6 @@ repos: rev: v4.5.0 hooks: - id: check-json - - id: check-yaml - id: end-of-file-fixer - id: trailing-whitespace @@ -22,3 +21,9 @@ repos: rev: 23.12.1 hooks: - id: black + + - repo: https://github.com/python-jsonschema/check-jsonschema + rev: "0.27.3" + hooks: + - id: check-dependabot + - id: check-github-workflows From fd361010e0e1d3f540caa8182001879abf702b5c Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 16:14:04 +0100 Subject: [PATCH 013/149] Comment out QEMU action --- .github/workflows/docker-build-upload.yml | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/docker-build-upload.yml b/.github/workflows/docker-build-upload.yml index a61712f4..0c97913b 100644 --- a/.github/workflows/docker-build-upload.yml +++ b/.github/workflows/docker-build-upload.yml @@ -22,7 +22,7 @@ on: type: string jobs: - build-test-upload: + build-upload: runs-on: ${{ inputs.runsOn }} timeout-minutes: 20 @@ -31,15 +31,14 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + #- name: Set up QEMU + #uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry - # TODO: Bump this to v3 - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -51,17 +50,16 @@ jobs: with: images: ${{ env.REGISTRY }}/${{ env.OWNER }}/${{ inputs.image }} tags: | - type=sha,enable=${{ github.ref_type != 'tag' }} + type=sha type=ref,event=pr - name: Build image id: build uses: docker/bake-action@v4 with: - tags: ${{ steps.meta.outputs.tags }} - platforms: ${{ inputs.architectore }} - push: true - load: true + # tags: ${{ steps.meta.outputs.tags }} + # platforms: ${{ inputs.architecture }} + push: false # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 provenance: false From 303cc2796c85f759c42f17d308978983c0317e41 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 16:25:43 +0100 Subject: [PATCH 014/149] Try self-hosted runner --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index d2de757f..2cf7e1e7 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -27,4 +27,4 @@ jobs: uses: ./.github/workflows/docker-build-upload.yml with: architecture: amd64 - runsOn: macos-14 + runsOn: ARM64 From bd5200c08d8a79b0d2872ff4edac53fc0355cce1 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 16:48:25 +0100 Subject: [PATCH 015/149] Pass in correct metadata --- .github/workflows/docker-build-upload.yml | 27 +++++++++++++++-- .../workflows/merge-bake-template-target.sh | 29 +++++++++++++++++++ 2 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/merge-bake-template-target.sh diff --git a/.github/workflows/docker-build-upload.yml b/.github/workflows/docker-build-upload.yml index 0c97913b..59af058c 100644 --- a/.github/workflows/docker-build-upload.yml +++ b/.github/workflows/docker-build-upload.yml @@ -26,6 +26,11 @@ jobs: runs-on: ${{ inputs.runsOn }} timeout-minutes: 20 + outputs: + build_vars: ${{ steps.build_vars.outputs.vars }} + #targets: ${{ steps.bake_metadata.outputs.targets }} + #images: ${{ steps.bake_metadata.outputs.images }} + steps: - name: Checkout Repo ⚡️ @@ -44,11 +49,21 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Docker meta + - name: Read and flatten build variables + id: build_vars + # Example output: + # {"PYTHON_VERSION":"3.9.13","PGSQL_VERSION":"15","AIIDA_VERSION":"2.4.3","AIIDALAB_VERSION":"23.03.2","AIIDALAB_HOME_VERSION":"23.03.1"} + run: | + vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') + echo "vars=$vars" | tee >> "${GITHUB_OUTPUT}" + + - name: Generate tags for images on ghcr.io id: meta uses: docker/metadata-action@v5 with: - images: ${{ env.REGISTRY }}/${{ env.OWNER }}/${{ inputs.image }} + bake-target: __template__-meta + images: | + name=ghcr.io/aiidalab/__template__ tags: | type=sha type=ref,event=pr @@ -66,3 +81,11 @@ jobs: files: | docker-bake.hcl build.json + docker-bake-template-meta.json + + - name: Set output variables + id: bake_metadata + run: | + cat docker-bake-template-meta.json \ + | jq -c '.target | [to_entries[] | {"key": (.key|split("-")[:-1] | join("-")), "value": [.value.tags[]][1]}] | from_entries' \ + | tee bake-meta.json diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh new file mode 100644 index 00000000..739065aa --- /dev/null +++ b/.github/workflows/merge-bake-template-target.sh @@ -0,0 +1,29 @@ +#!/bin/bash +set -e + +# For each target that is part of the "default" group, replace the term +# "__template__" in the provided template bake-file, and then merge all +# resulting bake-files into one. +# +# That means if the default group contains a target named "base", the script +# will replace all occurrences of the term "__template__" with "base" and then +# merge the result with those for all other targets part of the "default" group. +# +# The motivation is to be able to use a bake-file generated by the +# docker/meta-action (which can currently only handle a single bake-target) for +# all targets currently specified in the main bake-file ("docker-bake.hcl"). + +input=$(cat; echo x) +input=${input%x} # Strip the trailing x + +# Determine the targets. +TARGETS=$(docker buildx bake --print | jq -cr '.group.default.targets' | jq -r '.[]') + +# Generate the meta JSON strings +meta="" +for target in $TARGETS; do + meta="${meta} ${input//__template__/${target}}" +done + +# Combine into merged bake file. +echo $meta | jq -s 'reduce .[] as $x ({}; . * $x)' From ff0efa919e7c2bbd9358b704580d48ea3a4753b6 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 17:06:36 +0100 Subject: [PATCH 016/149] Generate bake meta file --- .github/workflows/docker-build-upload.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker-build-upload.yml b/.github/workflows/docker-build-upload.yml index 59af058c..1f473677 100644 --- a/.github/workflows/docker-build-upload.yml +++ b/.github/workflows/docker-build-upload.yml @@ -50,12 +50,13 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Read and flatten build variables + if: false id: build_vars # Example output: # {"PYTHON_VERSION":"3.9.13","PGSQL_VERSION":"15","AIIDA_VERSION":"2.4.3","AIIDALAB_VERSION":"23.03.2","AIIDALAB_HOME_VERSION":"23.03.1"} run: | vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') - echo "vars=$vars" | tee >> "${GITHUB_OUTPUT}" + cat vars && echo "vars=$vars" >> "${GITHUB_OUTPUT}" - name: Generate tags for images on ghcr.io id: meta @@ -68,6 +69,14 @@ jobs: type=sha type=ref,event=pr + - name: Generate docker-bake meta file. + env: + BAKE_TEMPLATE_META: ${{ steps.meta.outputs.bake-file }} + run: | + cat ${BAKE_TEMPLATE_META} | jq -c \ + | .github/workflows/merge-bake-template-target.sh \ + | tee docker-bake-template-meta.json + - name: Build image id: build uses: docker/bake-action@v4 From 076e9b293c345c75835913e26c73ea69d1a85842 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 17:18:29 +0100 Subject: [PATCH 017/149] Install jq --- .github/workflows/docker-build-upload.yml | 4 +--- .github/workflows/merge-bake-template-target.sh | 0 aarch64-runner/setup.sh | 1 + requirements-dev.txt | 1 + 4 files changed, 3 insertions(+), 3 deletions(-) mode change 100644 => 100755 .github/workflows/merge-bake-template-target.sh diff --git a/.github/workflows/docker-build-upload.yml b/.github/workflows/docker-build-upload.yml index 1f473677..dbaa62be 100644 --- a/.github/workflows/docker-build-upload.yml +++ b/.github/workflows/docker-build-upload.yml @@ -50,7 +50,6 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Read and flatten build variables - if: false id: build_vars # Example output: # {"PYTHON_VERSION":"3.9.13","PGSQL_VERSION":"15","AIIDA_VERSION":"2.4.3","AIIDALAB_VERSION":"23.03.2","AIIDALAB_HOME_VERSION":"23.03.1"} @@ -81,9 +80,8 @@ jobs: id: build uses: docker/bake-action@v4 with: - # tags: ${{ steps.meta.outputs.tags }} - # platforms: ${{ inputs.architecture }} push: false + load: true # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 provenance: false diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh old mode 100644 new mode 100755 diff --git a/aarch64-runner/setup.sh b/aarch64-runner/setup.sh index 78fb4387..e7b3eb2c 100755 --- a/aarch64-runner/setup.sh +++ b/aarch64-runner/setup.sh @@ -71,4 +71,5 @@ brew install docker brew install docker-compose brew install docker-buildx brew install colima +brew install jq EOF diff --git a/requirements-dev.txt b/requirements-dev.txt index 6ba03f75..f240d732 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -5,3 +5,4 @@ pytest~=7.0 pytest-docker doit dunamai +jq From 8f090b7ccfafa406c840ddbcf0efa95c69ef9945 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 17:22:14 +0100 Subject: [PATCH 018/149] Ugh --- .github/workflows/docker-build-upload.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-build-upload.yml b/.github/workflows/docker-build-upload.yml index dbaa62be..24e44611 100644 --- a/.github/workflows/docker-build-upload.yml +++ b/.github/workflows/docker-build-upload.yml @@ -55,7 +55,7 @@ jobs: # {"PYTHON_VERSION":"3.9.13","PGSQL_VERSION":"15","AIIDA_VERSION":"2.4.3","AIIDALAB_VERSION":"23.03.2","AIIDALAB_HOME_VERSION":"23.03.1"} run: | vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') - cat vars && echo "vars=$vars" >> "${GITHUB_OUTPUT}" + echo "vars=$vars" && echo "vars=$vars" >> "${GITHUB_OUTPUT}" - name: Generate tags for images on ghcr.io id: meta From daecefcab31dffbc2b1d7dee1c5791f31b396db0 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 17:38:44 +0100 Subject: [PATCH 019/149] Push! --- .github/workflows/docker-build-upload.yml | 15 ++++++++++++--- .github/workflows/docker.yml | 2 +- requirements-dev.txt | 2 -- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/.github/workflows/docker-build-upload.yml b/.github/workflows/docker-build-upload.yml index 24e44611..8fa17514 100644 --- a/.github/workflows/docker-build-upload.yml +++ b/.github/workflows/docker-build-upload.yml @@ -28,8 +28,8 @@ jobs: outputs: build_vars: ${{ steps.build_vars.outputs.vars }} - #targets: ${{ steps.bake_metadata.outputs.targets }} - #images: ${{ steps.bake_metadata.outputs.images }} + targets: ${{ steps.bake_metadata.outputs.targets }} + images: ${{ steps.bake_metadata.outputs.images }} steps: @@ -49,6 +49,10 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Install jq + if: inputs.architecture == 'arm64' + run: pip install jq + - name: Read and flatten build variables id: build_vars # Example output: @@ -80,7 +84,7 @@ jobs: id: build uses: docker/bake-action@v4 with: - push: false + push: true load: true # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 @@ -96,3 +100,8 @@ jobs: cat docker-bake-template-meta.json \ | jq -c '.target | [to_entries[] | {"key": (.key|split("-")[:-1] | join("-")), "value": [.value.tags[]][1]}] | from_entries' \ | tee bake-meta.json + targets=$(echo $(cat bake-meta.json | jq -c 'keys')) + images=$(echo $(cat bake-meta.json | jq -c '. | [to_entries[] | {"key": (.key| split("-")| join("_") |ascii_upcase + "_IMAGE"), "value": .value}] | from_entries')) + echo -e "targets=$targets\nimages=$images" + echo "targets=$targets" >> "${GITHUB_OUTPUT}" + echo "images=$images" >> "${GITHUB_OUTPUT}" diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 2cf7e1e7..68ec150c 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -26,5 +26,5 @@ jobs: arm-build: uses: ./.github/workflows/docker-build-upload.yml with: - architecture: amd64 + architecture: arm64 runsOn: ARM64 diff --git a/requirements-dev.txt b/requirements-dev.txt index f240d732..63414c85 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,8 +1,6 @@ -docker requests pre-commit pytest~=7.0 pytest-docker doit dunamai -jq From 2db11cc2d3772c2d99d8df1c69a6a5714e77220c Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 18:00:26 +0100 Subject: [PATCH 020/149] Push? --- .../{docker-build-upload.yml => build.yml} | 13 ++++++++----- .github/workflows/docker.yml | 5 +++-- requirements-dev.txt | 1 + 3 files changed, 12 insertions(+), 7 deletions(-) rename .github/workflows/{docker-build-upload.yml => build.yml} (91%) diff --git a/.github/workflows/docker-build-upload.yml b/.github/workflows/build.yml similarity index 91% rename from .github/workflows/docker-build-upload.yml rename to .github/workflows/build.yml index 8fa17514..41e351bf 100644 --- a/.github/workflows/docker-build-upload.yml +++ b/.github/workflows/build.yml @@ -49,10 +49,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Install jq - if: inputs.architecture == 'arm64' - run: pip install jq - + # TODO: Maybe use https://github.com/marketplace/actions/run-jq? - name: Read and flatten build variables id: build_vars # Example output: @@ -61,6 +58,12 @@ jobs: vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') echo "vars=$vars" && echo "vars=$vars" >> "${GITHUB_OUTPUT}" + - name: Read and flatten build variables + uses: sergeysova/jq-action@v2 + id: build_vars2 + with: + cmd: 'jq [.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries build.json -r' + - name: Generate tags for images on ghcr.io id: meta uses: docker/metadata-action@v5 @@ -85,7 +88,7 @@ jobs: uses: docker/bake-action@v4 with: push: true - load: true + load: false # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 provenance: false diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 68ec150c..2541f3cb 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -18,13 +18,14 @@ concurrency: jobs: amd64-build: - uses: ./.github/workflows/docker-build-upload.yml + uses: ./.github/workflows/build.yml with: architecture: amd64 runsOn: ubuntu-latest arm-build: - uses: ./.github/workflows/docker-build-upload.yml + uses: ./.github/workflows/build.yml + if: false with: architecture: arm64 runsOn: ARM64 diff --git a/requirements-dev.txt b/requirements-dev.txt index 63414c85..6ba03f75 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,3 +1,4 @@ +docker requests pre-commit pytest~=7.0 From b9fe7d6bc0e525c57cb341e0498645834de06394 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 18:03:57 +0100 Subject: [PATCH 021/149] ugh, suspicious --- .github/workflows/build.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 41e351bf..5cc16bd7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -58,12 +58,6 @@ jobs: vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') echo "vars=$vars" && echo "vars=$vars" >> "${GITHUB_OUTPUT}" - - name: Read and flatten build variables - uses: sergeysova/jq-action@v2 - id: build_vars2 - with: - cmd: 'jq [.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries build.json -r' - - name: Generate tags for images on ghcr.io id: meta uses: docker/metadata-action@v5 From dabc273d24075d1fa18da024a2059a0952dfd642 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 18:19:37 +0100 Subject: [PATCH 022/149] Tests? --- .github/workflows/build.yml | 44 +++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5cc16bd7..ac9f4bb6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -102,3 +102,47 @@ jobs: echo -e "targets=$targets\nimages=$images" echo "targets=$targets" >> "${GITHUB_OUTPUT}" echo "images=$images" >> "${GITHUB_OUTPUT}" + + test: + needs: build + runs-on: ${{ inputs.runsOn }} + timeout-minutes: 20 + strategy: + matrix: + target: ["base", "lab", "base-with-services", "full-stack"] + + steps: + + - name: Checkout Repo ⚡️ + uses: actions/checkout@v4 + + - uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.11' + cache: pip + cache-dependency-path: | + **/requirements*.txt + + - name: Install dependencies + run: pip install -r requirements-dev.txt + + - name: Run tests + run: pytest --variant ${{matrix.target}} tests/test-common.py tests/test-${{matrix.target}}.py + + + upload: + needs: build + runs-on: ${{ inputs.runsOn }} + timeout-minutes: 20 + + steps: + + - name: Checkout Repo ⚡️ + uses: actions/checkout@v4 From 7369fc84829b4b9f17e6a06f1876e81c7235ec64 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 20:40:11 +0100 Subject: [PATCH 023/149] fix workflow file --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ac9f4bb6..6702fa7a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -120,7 +120,7 @@ jobs: with: registry: ghcr.io username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN + password: ${{ secrets.GITHUB_TOKEN }} - name: Set up Python uses: actions/setup-python@v5 From 4a5da9aa7449a41acbef169addbb57a8e75d5cde Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 21:37:07 +0100 Subject: [PATCH 024/149] Fix --- .github/workflows/build.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6702fa7a..96b353e2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,7 +22,7 @@ on: type: string jobs: - build-upload: + build: runs-on: ${{ inputs.runsOn }} timeout-minutes: 20 @@ -49,7 +49,6 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - # TODO: Maybe use https://github.com/marketplace/actions/run-jq? - name: Read and flatten build variables id: build_vars # Example output: From 7978b1e8afe372e40bdee17a0e8313d83848804b Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 22:25:36 +0100 Subject: [PATCH 025/149] Fix? --- .github/workflows/build.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 96b353e2..f3b3ef51 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -117,7 +117,7 @@ jobs: - uses: docker/login-action@v2 with: - registry: ghcr.io + registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} @@ -134,6 +134,8 @@ jobs: - name: Run tests run: pytest --variant ${{matrix.target}} tests/test-common.py tests/test-${{matrix.target}}.py + env: + REGISTRY: ${{ env.REGISTRY }}/ upload: From c256c9c4408f6bcf01d33c5fcacb7ab12886c30b Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 23:23:42 +0100 Subject: [PATCH 026/149] Try again --- .github/workflows/build.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f3b3ef51..bf8dc750 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -133,9 +133,8 @@ jobs: run: pip install -r requirements-dev.txt - name: Run tests - run: pytest --variant ${{matrix.target}} tests/test-common.py tests/test-${{matrix.target}}.py - env: - REGISTRY: ${{ env.REGISTRY }}/ + run: pytest -s --variant ${{matrix.target}} tests/test-common.py::test_verdi_status + env: ${{ fromJSON(needs.build.outputs.images) }} upload: From 05909e99d8ef9e3eff787bdd8b143eeaf8774e83 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 8 Apr 2024 23:44:59 +0100 Subject: [PATCH 027/149] Try metadatav4 --- .github/workflows/build.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bf8dc750..b66573c7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -49,6 +49,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + # TODO: This probably is not needed here, only for push to Docker - name: Read and flatten build variables id: build_vars # Example output: @@ -59,7 +60,7 @@ jobs: - name: Generate tags for images on ghcr.io id: meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v4 with: bake-target: __template__-meta images: | From 510dca68bf5f7455d4f55852b3e47bc9dda088fe Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 9 Apr 2024 00:00:05 +0100 Subject: [PATCH 028/149] Now? --- .github/workflows/build.yml | 3 ++- stack/docker-compose.base-with-services.yml | 2 +- stack/docker-compose.base.yml | 2 +- stack/docker-compose.full-stack.yml | 2 +- stack/docker-compose.lab.yml | 2 +- 5 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b66573c7..cf135805 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -134,7 +134,8 @@ jobs: run: pip install -r requirements-dev.txt - name: Run tests - run: pytest -s --variant ${{matrix.target}} tests/test-common.py::test_verdi_status + # TODO: Hack with REGISTRY + run: REGISTRY= pytest -s --variant ${{matrix.target}} tests/test-common.py::test_verdi_status env: ${{ fromJSON(needs.build.outputs.images) }} diff --git a/stack/docker-compose.base-with-services.yml b/stack/docker-compose.base-with-services.yml index 9074a8e7..51e4f7c3 100644 --- a/stack/docker-compose.base-with-services.yml +++ b/stack/docker-compose.base-with-services.yml @@ -4,7 +4,7 @@ version: '3.4' services: aiidalab: - image: ${REGISTRY:-}${BASE_WITH_SERVICES_IMAGE:-aiidalab/base-with-services}:${VERSION:-newly-build} + image: ${REGISTRY:-}${BASE_WITH_SERVICES_IMAGE:-aiidalab/base-with-services}:${VERSION:-} environment: TZ: Europe/Zurich DOCKER_STACKS_JUPYTER_CMD: notebook diff --git a/stack/docker-compose.base.yml b/stack/docker-compose.base.yml index 3888e526..d6cab0bf 100644 --- a/stack/docker-compose.base.yml +++ b/stack/docker-compose.base.yml @@ -25,7 +25,7 @@ services: - aiida-rmq-data:/var/lib/rabbitmq/ aiidalab: - image: ${REGISTRY:-}${BASE_IMAGE:-aiidalab/base}:${VERSION:-newly-build} + image: ${REGISTRY:-}${BASE_IMAGE:-aiidalab/base}:${VERSION:-} environment: RMQHOST: messaging TZ: Europe/Zurich diff --git a/stack/docker-compose.full-stack.yml b/stack/docker-compose.full-stack.yml index b21f7538..2fe37003 100644 --- a/stack/docker-compose.full-stack.yml +++ b/stack/docker-compose.full-stack.yml @@ -4,7 +4,7 @@ version: '3.4' services: aiidalab: - image: ${REGISTRY:-}${FULL_STACK_IMAGE:-aiidalab/full-stack}:${VERSION:-newly-build} + image: ${REGISTRY:-}${FULL_STACK_IMAGE:-aiidalab/full-stack}:${VERSION:-} environment: TZ: Europe/Zurich DOCKER_STACKS_JUPYTER_CMD: notebook diff --git a/stack/docker-compose.lab.yml b/stack/docker-compose.lab.yml index 5cc6f765..7790da24 100644 --- a/stack/docker-compose.lab.yml +++ b/stack/docker-compose.lab.yml @@ -25,7 +25,7 @@ services: - aiida-rmq-data:/var/lib/rabbitmq/ aiidalab: - image: ${REGISTRY:-}${LAB_IMAGE:-aiidalab/lab}:${VERSION:-newly-build} + image: ${REGISTRY:-}${LAB_IMAGE:-aiidalab/lab}:${VERSION:-} environment: RMQHOST: messaging TZ: Europe/Zurich From cb77324c5b59e9136f50d37a71f8f0c89918c722 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 9 Apr 2024 00:14:03 +0100 Subject: [PATCH 029/149] Getting closer --- docker-bake.hcl | 3 ++- stack/docker-compose.base-with-services.yml | 2 +- stack/docker-compose.base.yml | 2 +- stack/docker-compose.full-stack.yml | 2 +- stack/docker-compose.lab.yml | 2 +- 5 files changed, 6 insertions(+), 5 deletions(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index b9a204de..0a3f4a8a 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -1,5 +1,6 @@ # docker-bake.hcl variable "VERSION" { + default = "new-build" } variable "PYTHON_VERSION" { @@ -40,7 +41,7 @@ variable "TARGETS" { function "tags" { params = [image] result = [ - "${REGISTRY}${ORGANIZATION}/${image}:newly-build", + "${REGISTRY}${ORGANIZATION}/${image}:${VERSION}", ] } diff --git a/stack/docker-compose.base-with-services.yml b/stack/docker-compose.base-with-services.yml index 51e4f7c3..4250d756 100644 --- a/stack/docker-compose.base-with-services.yml +++ b/stack/docker-compose.base-with-services.yml @@ -4,7 +4,7 @@ version: '3.4' services: aiidalab: - image: ${REGISTRY:-}${BASE_WITH_SERVICES_IMAGE:-aiidalab/base-with-services}:${VERSION:-} + image: ${REGISTRY:-}${BASE_WITH_SERVICES_IMAGE:-aiidalab/base-with-services}${VERSION:-} environment: TZ: Europe/Zurich DOCKER_STACKS_JUPYTER_CMD: notebook diff --git a/stack/docker-compose.base.yml b/stack/docker-compose.base.yml index d6cab0bf..b24dbac2 100644 --- a/stack/docker-compose.base.yml +++ b/stack/docker-compose.base.yml @@ -25,7 +25,7 @@ services: - aiida-rmq-data:/var/lib/rabbitmq/ aiidalab: - image: ${REGISTRY:-}${BASE_IMAGE:-aiidalab/base}:${VERSION:-} + image: ${REGISTRY:-}${BASE_IMAGE:-aiidalab/base}${VERSION:-} environment: RMQHOST: messaging TZ: Europe/Zurich diff --git a/stack/docker-compose.full-stack.yml b/stack/docker-compose.full-stack.yml index 2fe37003..788c52b6 100644 --- a/stack/docker-compose.full-stack.yml +++ b/stack/docker-compose.full-stack.yml @@ -4,7 +4,7 @@ version: '3.4' services: aiidalab: - image: ${REGISTRY:-}${FULL_STACK_IMAGE:-aiidalab/full-stack}:${VERSION:-} + image: ${REGISTRY:-}${FULL_STACK_IMAGE:-aiidalab/full-stack}${VERSION:-} environment: TZ: Europe/Zurich DOCKER_STACKS_JUPYTER_CMD: notebook diff --git a/stack/docker-compose.lab.yml b/stack/docker-compose.lab.yml index 7790da24..e906d67e 100644 --- a/stack/docker-compose.lab.yml +++ b/stack/docker-compose.lab.yml @@ -25,7 +25,7 @@ services: - aiida-rmq-data:/var/lib/rabbitmq/ aiidalab: - image: ${REGISTRY:-}${LAB_IMAGE:-aiidalab/lab}:${VERSION:-} + image: ${REGISTRY:-}${LAB_IMAGE:-aiidalab/lab}${VERSION:-} environment: RMQHOST: messaging TZ: Europe/Zurich From df94b22b2bbcb314424a6bea136baa1387fe7933 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 9 Apr 2024 00:23:13 +0100 Subject: [PATCH 030/149] Hmm? --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cf135805..d2c2f821 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -135,7 +135,7 @@ jobs: - name: Run tests # TODO: Hack with REGISTRY - run: REGISTRY= pytest -s --variant ${{matrix.target}} tests/test-common.py::test_verdi_status + run: REGISTRY= pytest -s --variant ${{matrix.target}} tests/test-common.py env: ${{ fromJSON(needs.build.outputs.images) }} From 64a47f82e92b956cd58c8425e154c40846068912 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 9 Apr 2024 00:35:04 +0100 Subject: [PATCH 031/149] aiidalab_exec depends on notebook_service --- tests/conftest.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/conftest.py b/tests/conftest.py index 5524cc44..55e92c83 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -48,7 +48,7 @@ def docker_compose(docker_services): @pytest.fixture -def aiidalab_exec(docker_compose): +def aiidalab_exec(notebook_service, docker_compose): def execute(command, user=None, **kwargs): if user: command = f"exec -T --user={user} aiidalab {command}" From 04cba1128575ea3bcff07d1ba0b64aeb8a38bd33 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 9 Apr 2024 00:51:31 +0100 Subject: [PATCH 032/149] Cleanup --- .github/workflows/build.yml | 17 ++--------------- .github/workflows/docker.yml | 11 +++++++++++ 2 files changed, 13 insertions(+), 15 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d2c2f821..c67eea2f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -6,12 +6,9 @@ env: REGISTRY: ghcr.io on: + # TODO: Can we define outputs here? workflow_call: inputs: - image: - description: Image name - required: false - type: string architecture: description: Image architecture, e.g. amd64, arm64 required: true @@ -91,6 +88,7 @@ jobs: build.json docker-bake-template-meta.json + # TODO: Maybe upload docker-bake-template-meta.json as artifact - name: Set output variables id: bake_metadata run: | @@ -137,14 +135,3 @@ jobs: # TODO: Hack with REGISTRY run: REGISTRY= pytest -s --variant ${{matrix.target}} tests/test-common.py env: ${{ fromJSON(needs.build.outputs.images) }} - - - upload: - needs: build - runs-on: ${{ inputs.runsOn }} - timeout-minutes: 20 - - steps: - - - name: Checkout Repo ⚡️ - uses: actions/checkout@v4 diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 2541f3cb..0da43c0a 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -23,8 +23,19 @@ jobs: architecture: amd64 runsOn: ubuntu-latest + # TODO: Split test from build + #amd64-test: + # needs: amd64-build + # uses: ./.github/workflows/test.yml + # with: + # architecture: amd64 + # runsOn: ubuntu-latest + + # Postpone ARM build until amd64 succeeds + # but run it in parallel with amd64 tests. arm-build: uses: ./.github/workflows/build.yml + needs: amd64-build if: false with: architecture: arm64 From 9142e30475ecf49c1e1fb277c00d3625895b6db2 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 9 Apr 2024 03:20:23 +0100 Subject: [PATCH 033/149] Update .github/workflows/build.yml --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c67eea2f..26d6960a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -133,5 +133,5 @@ jobs: - name: Run tests # TODO: Hack with REGISTRY - run: REGISTRY= pytest -s --variant ${{matrix.target}} tests/test-common.py + run: REGISTRY= pytest -sv --variant ${{matrix.target}} tests/test-common.py tests/test-${{matrix.target}}.py env: ${{ fromJSON(needs.build.outputs.images) }} From 877edbdbc3a27f9490dfee4d008d5b72e4480dcc Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 12:08:03 +0100 Subject: [PATCH 034/149] Simplify pytest invocation --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 26d6960a..2c1faf75 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -133,5 +133,5 @@ jobs: - name: Run tests # TODO: Hack with REGISTRY - run: REGISTRY= pytest -sv --variant ${{matrix.target}} tests/test-common.py tests/test-${{matrix.target}}.py + run: REGISTRY= pytest -s --target ${{matrix.target}} env: ${{ fromJSON(needs.build.outputs.images) }} From f4beeaecd8743ecb95cdb2aa344ad07cb4fa488e Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 12:28:52 +0100 Subject: [PATCH 035/149] Fix? --- docker-bake.hcl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index 40f4969a..f980a819 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -27,7 +27,7 @@ variable "ORGANIZATION" { } variable "REGISTRY" { - default = "docker.io/" + default = "docker.io" } variable "PLATFORMS" { @@ -41,7 +41,7 @@ variable "TARGETS" { function "tags" { params = [image] result = [ - "${REGISTRY}${ORGANIZATION}/${image}:${VERSION}", + "${REGISTRY}/${ORGANIZATION}/${image}:${VERSION}", ] } From c3fbf5562bfc84bacbea652dd8ac3f55f7fd149d Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 12:50:28 +0100 Subject: [PATCH 036/149] Remove unneeded step --- .github/workflows/build.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2c1faf75..49662525 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,6 @@ jobs: timeout-minutes: 20 outputs: - build_vars: ${{ steps.build_vars.outputs.vars }} targets: ${{ steps.bake_metadata.outputs.targets }} images: ${{ steps.bake_metadata.outputs.images }} @@ -46,15 +45,6 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - # TODO: This probably is not needed here, only for push to Docker - - name: Read and flatten build variables - id: build_vars - # Example output: - # {"PYTHON_VERSION":"3.9.13","PGSQL_VERSION":"15","AIIDA_VERSION":"2.4.3","AIIDALAB_VERSION":"23.03.2","AIIDALAB_HOME_VERSION":"23.03.1"} - run: | - vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') - echo "vars=$vars" && echo "vars=$vars" >> "${GITHUB_OUTPUT}" - - name: Generate tags for images on ghcr.io id: meta uses: docker/metadata-action@v4 From d3b3da12f27585450a35c4af8e9a0390fdfbc871 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 12:54:14 +0100 Subject: [PATCH 037/149] Debug --- .github/workflows/build.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 49662525..2de947a0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,9 +82,11 @@ jobs: - name: Set output variables id: bake_metadata run: | + echo "First step" && cat docker-bake-template-meta.json cat docker-bake-template-meta.json \ | jq -c '.target | [to_entries[] | {"key": (.key|split("-")[:-1] | join("-")), "value": [.value.tags[]][1]}] | from_entries' \ | tee bake-meta.json + echo "Second step: bake-meta.json" && cat bake-meta.json targets=$(echo $(cat bake-meta.json | jq -c 'keys')) images=$(echo $(cat bake-meta.json | jq -c '. | [to_entries[] | {"key": (.key| split("-")| join("_") |ascii_upcase + "_IMAGE"), "value": .value}] | from_entries')) echo -e "targets=$targets\nimages=$images" From 62b1d774a819db9d88ef12b56ae49154ea3dd300 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 13:11:38 +0100 Subject: [PATCH 038/149] Update merge-bake-template-target.sh Pipefail --- .github/workflows/merge-bake-template-target.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh index 739065aa..d11843b2 100755 --- a/.github/workflows/merge-bake-template-target.sh +++ b/.github/workflows/merge-bake-template-target.sh @@ -1,5 +1,5 @@ #!/bin/bash -set -e +set -euo pipefail # For each target that is part of the "default" group, replace the term # "__template__" in the provided template bake-file, and then merge all From 8332a670e1255c38e43ace42e046f87ad72ea085 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 14:09:59 +0100 Subject: [PATCH 039/149] pipefail in GHA --- .github/workflows/build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2de947a0..e5fb65ee 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -27,6 +27,11 @@ jobs: targets: ${{ steps.bake_metadata.outputs.targets }} images: ${{ steps.bake_metadata.outputs.images }} + # Make sure we fail if any command in a piped command sequence fails + defaults: + run: + shell: bash -e -o pipefail {0} + steps: - name: Checkout Repo ⚡️ From f05761be681485841afefe8e99e1650022be6a02 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 14:22:25 +0100 Subject: [PATCH 040/149] Try fixing PYTHON_MINOR_VERSION --- docker-bake.hcl | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index f980a819..eabdb469 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -6,6 +6,13 @@ variable "VERSION" { variable "PYTHON_VERSION" { } +# PYTHON_MINOR_VERSION is a Python version string +# without the patch version (e.g. "3.9") +# Used to construct paths to Python site-packages folder. +variable "PYTHON_MINOR_VERSION" { + default = join(".", slice(split(".", "${PYTHON_VERSION}"), 0, 2)) +} + variable "PGSQL_VERSION" { } @@ -84,9 +91,6 @@ target "base-with-services" { "PGSQL_VERSION" = "${PGSQL_VERSION}" } } -# PYTHON_MINOR_VERSION is a Python version string -# without the patch version (e.g. "3.9") -# Used to construct paths to Python site-packages folder. target "lab" { inherits = ["lab-meta"] context = "stack/lab" @@ -97,7 +101,7 @@ target "lab" { args = { "AIIDALAB_VERSION" = "${AIIDALAB_VERSION}" "AIIDALAB_HOME_VERSION" = "${AIIDALAB_HOME_VERSION}" - "PYTHON_MINOR_VERSION" = join(".", slice(split(".", "${PYTHON_VERSION}"), 0, 2)) + "PYTHON_MINOR_VERSION" = "${PYTHON_MINOR_VERSION}" } } target "full-stack" { From 59944872fcecc49005eb6a82b2ac7a22e30554bb Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 14:41:34 +0100 Subject: [PATCH 041/149] One more try --- docker-bake.hcl | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index eabdb469..926c8d1e 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -9,9 +9,9 @@ variable "PYTHON_VERSION" { # PYTHON_MINOR_VERSION is a Python version string # without the patch version (e.g. "3.9") # Used to construct paths to Python site-packages folder. -variable "PYTHON_MINOR_VERSION" { - default = join(".", slice(split(".", "${PYTHON_VERSION}"), 0, 2)) -} +#variable "PYTHON_MINOR_VERSION" { +# default = join(".", slice(split(".", "${PYTHON_VERSION}"), 0, 2)) +#} variable "PGSQL_VERSION" { } @@ -52,6 +52,11 @@ function "tags" { ] } +function "get_python_minor_version" { + params = [python_version] + result = join(".", slice(split(".", "${python_version}"), 0, 2)) +} + group "default" { targets = "${TARGETS}" } @@ -101,7 +106,7 @@ target "lab" { args = { "AIIDALAB_VERSION" = "${AIIDALAB_VERSION}" "AIIDALAB_HOME_VERSION" = "${AIIDALAB_HOME_VERSION}" - "PYTHON_MINOR_VERSION" = "${PYTHON_MINOR_VERSION}" + "PYTHON_MINOR_VERSION" = get_python_minor_version(${PYTHON_VERSION}) } } target "full-stack" { From 202128dac08709cad5d4b5d4d5edbcae765b0b14 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 14:57:51 +0100 Subject: [PATCH 042/149] Ugh --- docker-bake.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index 926c8d1e..de637b48 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -106,7 +106,7 @@ target "lab" { args = { "AIIDALAB_VERSION" = "${AIIDALAB_VERSION}" "AIIDALAB_HOME_VERSION" = "${AIIDALAB_HOME_VERSION}" - "PYTHON_MINOR_VERSION" = get_python_minor_version(${PYTHON_VERSION}) + "PYTHON_MINOR_VERSION" = get_python_minor_version("${PYTHON_VERSION}") } } target "full-stack" { From 0305af34744b5ea4960601e1a90ff33cd29a793e Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 15:05:49 +0100 Subject: [PATCH 043/149] Cleanup --- docker-bake.hcl | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index de637b48..b481d610 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -6,9 +6,6 @@ variable "VERSION" { variable "PYTHON_VERSION" { } -# PYTHON_MINOR_VERSION is a Python version string -# without the patch version (e.g. "3.9") -# Used to construct paths to Python site-packages folder. #variable "PYTHON_MINOR_VERSION" { # default = join(".", slice(split(".", "${PYTHON_VERSION}"), 0, 2)) #} @@ -52,6 +49,8 @@ function "tags" { ] } +# Get a Python version string without the patch version (e.g. "3.9.13" -> "3.9") +# Used to construct paths to Python site-packages folder. function "get_python_minor_version" { params = [python_version] result = join(".", slice(split(".", "${python_version}"), 0, 2)) From 418bb217f0d201ad7ee084ad3ea0a496405c79dc Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 15:06:15 +0100 Subject: [PATCH 044/149] Remove new-build version --- docker-bake.hcl | 1 - 1 file changed, 1 deletion(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index b481d610..98acc057 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -1,6 +1,5 @@ # docker-bake.hcl variable "VERSION" { - default = "new-build" } variable "PYTHON_VERSION" { From 87cc98b07333c8a19e8f12e145e2ce5bf232b0ed Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 15:14:06 +0100 Subject: [PATCH 045/149] More robust merge script --- .github/workflows/build.yml | 5 ++--- .github/workflows/merge-bake-template-target.sh | 15 +++++++++++++-- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e5fb65ee..5fd638d0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -63,10 +63,9 @@ jobs: - name: Generate docker-bake meta file. env: - BAKE_TEMPLATE_META: ${{ steps.meta.outputs.bake-file }} + BAKE_TEMPLATE_FILE: ${{ steps.meta.outputs.bake-file }} run: | - cat ${BAKE_TEMPLATE_META} | jq -c \ - | .github/workflows/merge-bake-template-target.sh \ + .github/workflows/merge-bake-template-target.sh ${BAKE_TEMPLATE_FILE} \ | tee docker-bake-template-meta.json - name: Build image diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh index d11843b2..7abf5919 100755 --- a/.github/workflows/merge-bake-template-target.sh +++ b/.github/workflows/merge-bake-template-target.sh @@ -12,9 +12,20 @@ set -euo pipefail # The motivation is to be able to use a bake-file generated by the # docker/meta-action (which can currently only handle a single bake-target) for # all targets currently specified in the main bake-file ("docker-bake.hcl"). +# +if [[ -z ${1-} ]];then + echo "ERROR: Provide path to bake-file template as first parameter" + exit 1 +fi + +input_file=$1 +if [[ ! -f ${input_file} ]];then + echo "ERROR: File $input_file does not exist!" + exit 1 +fi -input=$(cat; echo x) -input=${input%x} # Strip the trailing x +# Flatten the json file into a single line +input=$(cat $input_file | jq -c) # Determine the targets. TARGETS=$(docker buildx bake --print | jq -cr '.group.default.targets' | jq -r '.[]') From 75ce6b02a9669dd0ef364295fcfa00f0d5539374 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 15:21:29 +0100 Subject: [PATCH 046/149] One more thing --- .github/workflows/merge-bake-template-target.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh index 7abf5919..b404ee72 100755 --- a/.github/workflows/merge-bake-template-target.sh +++ b/.github/workflows/merge-bake-template-target.sh @@ -28,7 +28,7 @@ fi input=$(cat $input_file | jq -c) # Determine the targets. -TARGETS=$(docker buildx bake --print | jq -cr '.group.default.targets' | jq -r '.[]') +TARGETS=$(docker buildx bake --print docker-bake.hcl build.json | jq -cr '.group.default.targets' | jq -r '.[]') # Generate the meta JSON strings meta="" From 84e274bc904f6b3906059a678dc696bccf7b4b87 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 15:29:38 +0100 Subject: [PATCH 047/149] Probably not --- .github/workflows/merge-bake-template-target.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh index b404ee72..cda6b20b 100755 --- a/.github/workflows/merge-bake-template-target.sh +++ b/.github/workflows/merge-bake-template-target.sh @@ -28,7 +28,7 @@ fi input=$(cat $input_file | jq -c) # Determine the targets. -TARGETS=$(docker buildx bake --print docker-bake.hcl build.json | jq -cr '.group.default.targets' | jq -r '.[]') +TARGETS=$(docker buildx bake --print build.json docker-bake.hcl | jq -cr '.group.default.targets' | jq -r '.[]') # Generate the meta JSON strings meta="" From 8ceb3de16c545fc27b38c98e55a6a5f87187a1cb Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 15:41:24 +0100 Subject: [PATCH 048/149] Hotfix --- .github/workflows/merge-bake-template-target.sh | 2 +- docker-bake.hcl | 12 ++++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh index cda6b20b..7abf5919 100755 --- a/.github/workflows/merge-bake-template-target.sh +++ b/.github/workflows/merge-bake-template-target.sh @@ -28,7 +28,7 @@ fi input=$(cat $input_file | jq -c) # Determine the targets. -TARGETS=$(docker buildx bake --print build.json docker-bake.hcl | jq -cr '.group.default.targets' | jq -r '.[]') +TARGETS=$(docker buildx bake --print | jq -cr '.group.default.targets' | jq -r '.[]') # Generate the meta JSON strings meta="" diff --git a/docker-bake.hcl b/docker-bake.hcl index 98acc057..2ad16dd0 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -2,13 +2,17 @@ variable "VERSION" { } +# TODO: The default here is just a hotfix to make +# merge-bake-template-target.sh otherwise I get: +# +# "get_python_minor_version" failed: docker-bake.hcl:55,64-65: +# Invalid function argument; Invalid value for "end_index" parameter: +# end index must not be greater than the length of the list.., and 1 other diagnostic(s) + variable "PYTHON_VERSION" { + default = "3.9.13" } -#variable "PYTHON_MINOR_VERSION" { -# default = join(".", slice(split(".", "${PYTHON_VERSION}"), 0, 2)) -#} - variable "PGSQL_VERSION" { } From d2ceb23d19f8e775026b3826ee84f584ac1aee38 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 16:07:12 +0100 Subject: [PATCH 049/149] Default registry in docker-compose files --- .github/workflows/build.yml | 3 +-- stack/docker-compose.base-with-services.yml | 2 +- stack/docker-compose.base.yml | 2 +- stack/docker-compose.full-stack.yml | 2 +- stack/docker-compose.lab.yml | 2 +- tests/conftest.py | 1 - 6 files changed, 5 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5fd638d0..2bc8d6dd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -128,6 +128,5 @@ jobs: run: pip install -r requirements-dev.txt - name: Run tests - # TODO: Hack with REGISTRY - run: REGISTRY= pytest -s --target ${{matrix.target}} + run: pytest --target ${{matrix.target}} env: ${{ fromJSON(needs.build.outputs.images) }} diff --git a/stack/docker-compose.base-with-services.yml b/stack/docker-compose.base-with-services.yml index 4250d756..edc7a8ab 100644 --- a/stack/docker-compose.base-with-services.yml +++ b/stack/docker-compose.base-with-services.yml @@ -4,7 +4,7 @@ version: '3.4' services: aiidalab: - image: ${REGISTRY:-}${BASE_WITH_SERVICES_IMAGE:-aiidalab/base-with-services}${VERSION:-} + image: ${REGISTRY:-docker.io}/${BASE_WITH_SERVICES_IMAGE:-aiidalab/base-with-services}${VERSION:-} environment: TZ: Europe/Zurich DOCKER_STACKS_JUPYTER_CMD: notebook diff --git a/stack/docker-compose.base.yml b/stack/docker-compose.base.yml index b24dbac2..7122c779 100644 --- a/stack/docker-compose.base.yml +++ b/stack/docker-compose.base.yml @@ -25,7 +25,7 @@ services: - aiida-rmq-data:/var/lib/rabbitmq/ aiidalab: - image: ${REGISTRY:-}${BASE_IMAGE:-aiidalab/base}${VERSION:-} + image: ${REGISTRY:-docker.io}/${BASE_IMAGE:-aiidalab/base}${VERSION:-} environment: RMQHOST: messaging TZ: Europe/Zurich diff --git a/stack/docker-compose.full-stack.yml b/stack/docker-compose.full-stack.yml index 788c52b6..071cbbcd 100644 --- a/stack/docker-compose.full-stack.yml +++ b/stack/docker-compose.full-stack.yml @@ -4,7 +4,7 @@ version: '3.4' services: aiidalab: - image: ${REGISTRY:-}${FULL_STACK_IMAGE:-aiidalab/full-stack}${VERSION:-} + image: ${REGISTRY:-docker.io}/${FULL_STACK_IMAGE:-aiidalab/full-stack}${VERSION:-} environment: TZ: Europe/Zurich DOCKER_STACKS_JUPYTER_CMD: notebook diff --git a/stack/docker-compose.lab.yml b/stack/docker-compose.lab.yml index e906d67e..b0e3c698 100644 --- a/stack/docker-compose.lab.yml +++ b/stack/docker-compose.lab.yml @@ -25,7 +25,7 @@ services: - aiida-rmq-data:/var/lib/rabbitmq/ aiidalab: - image: ${REGISTRY:-}${LAB_IMAGE:-aiidalab/lab}${VERSION:-} + image: ${REGISTRY:-docker.io}/${LAB_IMAGE:-aiidalab/lab}${VERSION:-} environment: RMQHOST: messaging TZ: Europe/Zurich diff --git a/tests/conftest.py b/tests/conftest.py index d66cca61..a08c8788 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -43,7 +43,6 @@ def target(pytestconfig): def docker_compose_file(pytestconfig): target = pytestconfig.getoption("target") compose_file = f"stack/docker-compose.{target}.yml" - print(f"Using docker compose file {compose_file}") return compose_file From 711efe171e95600a7a3712b79aaa7bebeb88a120 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 16:08:57 +0100 Subject: [PATCH 050/149] Revert "Default registry in docker-compose files" This reverts commit d2ceb23d19f8e775026b3826ee84f584ac1aee38. --- .github/workflows/build.yml | 3 ++- stack/docker-compose.base-with-services.yml | 2 +- stack/docker-compose.base.yml | 2 +- stack/docker-compose.full-stack.yml | 2 +- stack/docker-compose.lab.yml | 2 +- tests/conftest.py | 1 + 6 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2bc8d6dd..5fd638d0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -128,5 +128,6 @@ jobs: run: pip install -r requirements-dev.txt - name: Run tests - run: pytest --target ${{matrix.target}} + # TODO: Hack with REGISTRY + run: REGISTRY= pytest -s --target ${{matrix.target}} env: ${{ fromJSON(needs.build.outputs.images) }} diff --git a/stack/docker-compose.base-with-services.yml b/stack/docker-compose.base-with-services.yml index edc7a8ab..4250d756 100644 --- a/stack/docker-compose.base-with-services.yml +++ b/stack/docker-compose.base-with-services.yml @@ -4,7 +4,7 @@ version: '3.4' services: aiidalab: - image: ${REGISTRY:-docker.io}/${BASE_WITH_SERVICES_IMAGE:-aiidalab/base-with-services}${VERSION:-} + image: ${REGISTRY:-}${BASE_WITH_SERVICES_IMAGE:-aiidalab/base-with-services}${VERSION:-} environment: TZ: Europe/Zurich DOCKER_STACKS_JUPYTER_CMD: notebook diff --git a/stack/docker-compose.base.yml b/stack/docker-compose.base.yml index 7122c779..b24dbac2 100644 --- a/stack/docker-compose.base.yml +++ b/stack/docker-compose.base.yml @@ -25,7 +25,7 @@ services: - aiida-rmq-data:/var/lib/rabbitmq/ aiidalab: - image: ${REGISTRY:-docker.io}/${BASE_IMAGE:-aiidalab/base}${VERSION:-} + image: ${REGISTRY:-}${BASE_IMAGE:-aiidalab/base}${VERSION:-} environment: RMQHOST: messaging TZ: Europe/Zurich diff --git a/stack/docker-compose.full-stack.yml b/stack/docker-compose.full-stack.yml index 071cbbcd..788c52b6 100644 --- a/stack/docker-compose.full-stack.yml +++ b/stack/docker-compose.full-stack.yml @@ -4,7 +4,7 @@ version: '3.4' services: aiidalab: - image: ${REGISTRY:-docker.io}/${FULL_STACK_IMAGE:-aiidalab/full-stack}${VERSION:-} + image: ${REGISTRY:-}${FULL_STACK_IMAGE:-aiidalab/full-stack}${VERSION:-} environment: TZ: Europe/Zurich DOCKER_STACKS_JUPYTER_CMD: notebook diff --git a/stack/docker-compose.lab.yml b/stack/docker-compose.lab.yml index b0e3c698..e906d67e 100644 --- a/stack/docker-compose.lab.yml +++ b/stack/docker-compose.lab.yml @@ -25,7 +25,7 @@ services: - aiida-rmq-data:/var/lib/rabbitmq/ aiidalab: - image: ${REGISTRY:-docker.io}/${LAB_IMAGE:-aiidalab/lab}${VERSION:-} + image: ${REGISTRY:-}${LAB_IMAGE:-aiidalab/lab}${VERSION:-} environment: RMQHOST: messaging TZ: Europe/Zurich diff --git a/tests/conftest.py b/tests/conftest.py index a08c8788..d66cca61 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -43,6 +43,7 @@ def target(pytestconfig): def docker_compose_file(pytestconfig): target = pytestconfig.getoption("target") compose_file = f"stack/docker-compose.{target}.yml" + print(f"Using docker compose file {compose_file}") return compose_file From aa675c81e18bd0b066b4d1e6dd1054d381a9a4b7 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 16:16:55 +0100 Subject: [PATCH 051/149] Split integration tests --- .github/workflows/build.yml | 34 ++++++++++++++++++- ...st_full_stack.py => test_aiidalab_apps.py} | 5 ++- 2 files changed, 37 insertions(+), 2 deletions(-) rename tests/{test_full_stack.py => test_aiidalab_apps.py} (91%) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5fd638d0..46b9d0c6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -129,5 +129,37 @@ jobs: - name: Run tests # TODO: Hack with REGISTRY - run: REGISTRY= pytest -s --target ${{matrix.target}} + run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} + env: ${{ fromJSON(needs.build.outputs.images) }} + + integration-test: + needs: build + runs-on: ${{ inputs.runsOn }} + timeout-minutes: 20 + + steps: + + - name: Checkout Repo ⚡️ + uses: actions/checkout@v4 + + - uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.11' + cache: pip + cache-dependency-path: | + **/requirements*.txt + + - name: Install dependencies + run: pip install -r requirements-dev.txt + + - name: Run tests + # TODO: Hack with REGISTRY + run: REGISTRY= pytest -m "integration" --target full-stack env: ${{ fromJSON(needs.build.outputs.images) }} diff --git a/tests/test_full_stack.py b/tests/test_aiidalab_apps.py similarity index 91% rename from tests/test_full_stack.py rename to tests/test_aiidalab_apps.py index 62939272..33b92198 100644 --- a/tests/test_full_stack.py +++ b/tests/test_aiidalab_apps.py @@ -1,6 +1,7 @@ import pytest -# Tests in this file should pass for the following images +# Integration tests for the full-stack image. +# Here we make sure we can install aiidalab-widgets-base and aiidalab-qe apps TESTED_TARGETS = "full-stack" @@ -30,6 +31,7 @@ def _generate_aiidalab_install_output(package_name): @pytest.mark.parametrize("package_name", ["aiidalab-widgets-base", "quantum-espresso"]) +@pytest.mark.integration def test_install_apps_from_stable(generate_aiidalab_install_output, package_name): """Test that apps can be installed from app store.""" output = generate_aiidalab_install_output(package_name) @@ -41,6 +43,7 @@ def test_install_apps_from_stable(generate_aiidalab_install_output, package_name @pytest.mark.parametrize("repo_name", ["aiidalab-widgets-base", "aiidalab-qe"]) +@pytest.mark.integration def test_install_apps_from_default_branch(generate_aiidalab_install_output, repo_name): """Test that apps can be installed from the default branch of the repository.""" package = f"{repo_name}@git+https://github.com/aiidalab/{repo_name}.git" From 4072d674a6e17ad054b0bdefc9d62527d9d778c4 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 16:35:56 +0100 Subject: [PATCH 052/149] Cleanup --- .github/workflows/build.yml | 13 +++++-------- .github/workflows/{docker.yml => main.yml} | 6 +++--- 2 files changed, 8 insertions(+), 11 deletions(-) rename .github/workflows/{docker.yml => main.yml} (86%) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 46b9d0c6..f0301fa1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,5 +1,5 @@ --- -name: Build images upload them to ghcr.io +name: Build and test image and upload them to ghcr.io env: OWNER: ${{ github.repository_owner }} @@ -51,19 +51,19 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Generate tags for images on ghcr.io - id: meta + id: tags_template uses: docker/metadata-action@v4 with: bake-target: __template__-meta images: | - name=ghcr.io/aiidalab/__template__ + name=${{ env.REGISTRY }}/aiidalab/__template__ tags: | type=sha type=ref,event=pr - - name: Generate docker-bake meta file. + - name: Generate docker-bake metadata file. env: - BAKE_TEMPLATE_FILE: ${{ steps.meta.outputs.bake-file }} + BAKE_TEMPLATE_FILE: ${{ steps.tags_template.outputs.bake-file }} run: | .github/workflows/merge-bake-template-target.sh ${BAKE_TEMPLATE_FILE} \ | tee docker-bake-template-meta.json @@ -82,15 +82,12 @@ jobs: build.json docker-bake-template-meta.json - # TODO: Maybe upload docker-bake-template-meta.json as artifact - name: Set output variables id: bake_metadata run: | - echo "First step" && cat docker-bake-template-meta.json cat docker-bake-template-meta.json \ | jq -c '.target | [to_entries[] | {"key": (.key|split("-")[:-1] | join("-")), "value": [.value.tags[]][1]}] | from_entries' \ | tee bake-meta.json - echo "Second step: bake-meta.json" && cat bake-meta.json targets=$(echo $(cat bake-meta.json | jq -c 'keys')) images=$(echo $(cat bake-meta.json | jq -c '. | [to_entries[] | {"key": (.key| split("-")| join("_") |ascii_upcase + "_IMAGE"), "value": .value}] | from_entries')) echo -e "targets=$targets\nimages=$images" diff --git a/.github/workflows/docker.yml b/.github/workflows/main.yml similarity index 86% rename from .github/workflows/docker.yml rename to .github/workflows/main.yml index 0da43c0a..abc9568d 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/main.yml @@ -23,7 +23,8 @@ jobs: architecture: amd64 runsOn: ubuntu-latest - # TODO: Split test from build + # TODO: Split test from build, but we'd need to + # pass outputs from build here. #amd64-test: # needs: amd64-build # uses: ./.github/workflows/test.yml @@ -31,8 +32,7 @@ jobs: # architecture: amd64 # runsOn: ubuntu-latest - # Postpone ARM build until amd64 succeeds - # but run it in parallel with amd64 tests. + # Postpone ARM build until amd64 build and tests succeeds arm-build: uses: ./.github/workflows/build.yml needs: amd64-build From 260d2618ff76ef49277a3b55ec50f603fb2b48f8 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 17:25:43 +0100 Subject: [PATCH 053/149] Reuse setup python env action --- .github/actions/create-dev-env/action.yml | 18 ++++++------- .github/workflows/build.yml | 31 ++++++++--------------- .github/workflows/docker-merge-tags.yml | 5 ---- .github/workflows/docker-push.yml | 5 ---- .github/workflows/main.yml | 2 +- 5 files changed, 20 insertions(+), 41 deletions(-) diff --git a/.github/actions/create-dev-env/action.yml b/.github/actions/create-dev-env/action.yml index 85c46980..5aa44520 100644 --- a/.github/actions/create-dev-env/action.yml +++ b/.github/actions/create-dev-env/action.yml @@ -1,6 +1,6 @@ --- -name: Build environment -description: Create build environment +name: Python environment +description: Create Python environment and install dependencies for running tests inputs: architecture: @@ -16,12 +16,12 @@ runs: # python3 is manually preinstalled in the arm64 VM self-hosted runner - name: Set Up Python 🐍 if: ${{ inputs.architecture == 'amd64' }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: - python-version: 3.11 + python-version: '3.11' + cache: pip + cache-dependency-path: | + **/requirements*.txt - - name: Install Dev Dependencies 📦 - run: | - pip install --upgrade pip - pip install --upgrade -r requirements-dev.txt - shell: bash + - name: Install dependencies 📦 + run: pip install -r requirements-dev.txt diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f0301fa1..efb946ee 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,7 +43,7 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Login to GitHub Container Registry + - name: Login to GitHub Container Registry 🔑 uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} @@ -107,28 +107,23 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - uses: docker/login-action@v2 + - uses: docker/login-action@v2 🔑 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Set up Python - uses: actions/setup-python@v5 + - name: Create Python dev environment 📦 + uses: ./.github/actions/create-dev-env with: - python-version: '3.11' - cache: pip - cache-dependency-path: | - **/requirements*.txt - - - name: Install dependencies - run: pip install -r requirements-dev.txt + architecture: ${{ inputs.architecture }} - name: Run tests # TODO: Hack with REGISTRY run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} env: ${{ fromJSON(needs.build.outputs.images) }} + integration-test: needs: build runs-on: ${{ inputs.runsOn }} @@ -139,22 +134,16 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - uses: docker/login-action@v2 + - uses: docker/login-action@v2 🔑 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Set up Python - uses: actions/setup-python@v5 + - name: Create Python dev environment 📦 + uses: ./.github/actions/create-dev-env with: - python-version: '3.11' - cache: pip - cache-dependency-path: | - **/requirements*.txt - - - name: Install dependencies - run: pip install -r requirements-dev.txt + architecture: ${{ inputs.architecture }} - name: Run tests # TODO: Hack with REGISTRY diff --git a/.github/workflows/docker-merge-tags.yml b/.github/workflows/docker-merge-tags.yml index 3d850788..44242334 100644 --- a/.github/workflows/docker-merge-tags.yml +++ b/.github/workflows/docker-merge-tags.yml @@ -27,11 +27,6 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - name: Create dev environment 📦 - uses: ./.github/actions/create-dev-env - with: - architecture: amd64 - - name: Download amd64 tags file 📥 uses: actions/download-artifact@v4 with: diff --git a/.github/workflows/docker-push.yml b/.github/workflows/docker-push.yml index 5ae7b65f..912493c4 100644 --- a/.github/workflows/docker-push.yml +++ b/.github/workflows/docker-push.yml @@ -33,11 +33,6 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - name: Create dev environment 📦 - uses: ./.github/actions/create-dev-env - with: - architecture: ${{ inputs.architecture }} - - name: Read build variables id: build_vars run: | diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index abc9568d..92154271 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,5 +1,5 @@ --- -name: Build, test and push Docker Images +name: Docker Images on: pull_request: From 9f1a5ad260b3743855af11a6e3fd16fca053f6f1 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 21:47:21 +0100 Subject: [PATCH 054/149] Simplify --- .github/workflows/merge-bake-template-target.sh | 5 ++++- docker-bake.hcl | 8 -------- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh index 7abf5919..6f9fb5f7 100755 --- a/.github/workflows/merge-bake-template-target.sh +++ b/.github/workflows/merge-bake-template-target.sh @@ -28,7 +28,10 @@ fi input=$(cat $input_file | jq -c) # Determine the targets. -TARGETS=$(docker buildx bake --print | jq -cr '.group.default.targets' | jq -r '.[]') +# TODO: This currently fails due to PYTHON_MINOR_VERSION computation, +# let's just hardcode for now +# TARGETS=$(docker buildx bake --print | jq -cr '.group.default.targets' | jq -r '.[]') +TARGETS="base base-with-services lab full-stack" # Generate the meta JSON strings meta="" diff --git a/docker-bake.hcl b/docker-bake.hcl index 2ad16dd0..5fe77879 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -2,15 +2,7 @@ variable "VERSION" { } -# TODO: The default here is just a hotfix to make -# merge-bake-template-target.sh otherwise I get: -# -# "get_python_minor_version" failed: docker-bake.hcl:55,64-65: -# Invalid function argument; Invalid value for "end_index" parameter: -# end index must not be greater than the length of the list.., and 1 other diagnostic(s) - variable "PYTHON_VERSION" { - default = "3.9.13" } variable "PGSQL_VERSION" { From dd51bf58a7a1e4219e57087539dc087568db2c39 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 22:20:00 +0100 Subject: [PATCH 055/149] Build arm64 on GHA using QEMU --- .github/workflows/build.yml | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index efb946ee..e547e81f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -37,8 +37,8 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - #- name: Set up QEMU - #uses: docker/setup-qemu-action@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -50,7 +50,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Generate tags for images on ghcr.io + - name: Generate tags for images on ghcr.io 🏷️ id: tags_template uses: docker/metadata-action@v4 with: @@ -68,12 +68,11 @@ jobs: .github/workflows/merge-bake-template-target.sh ${BAKE_TEMPLATE_FILE} \ | tee docker-bake-template-meta.json - - name: Build image + - name: Build images and upload to ghcr.io 📤 id: build uses: docker/bake-action@v4 with: push: true - load: false # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 provenance: false @@ -82,6 +81,21 @@ jobs: build.json docker-bake-template-meta.json + - name: Build images for ARM64 🍎 + id: build-arm64 + uses: docker/bake-action@v4 + with: + push: true + # Using provenance to disable default attestation so it will build only desired images: + # https://github.com/orgs/community/discussions/45969 + provenance: false + set: | + *.platform=linux/arm64 + files: | + docker-bake.hcl + build.json + docker-bake-template-meta.json + - name: Set output variables id: bake_metadata run: | From 19a3ee244fcd91f92ce8de4911fbd356bb283826 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 23:01:06 +0100 Subject: [PATCH 056/149] Update build.yml --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e547e81f..775b7670 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -121,7 +121,7 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - uses: docker/login-action@v2 🔑 + - uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -148,7 +148,7 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - uses: docker/login-action@v2 🔑 + - uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} From df2f4400402e0ac9830f4fee840d4bb90bbaafdb Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Wed, 17 Apr 2024 22:01:13 +0000 Subject: [PATCH 057/149] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 775b7670..1b035e34 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -121,7 +121,7 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - uses: docker/login-action@v2 + - uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} From ed07958b6cb18466b4775b31abdb1567f313f6c2 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 17 Apr 2024 23:26:20 +0100 Subject: [PATCH 058/149] shell: bash --- .github/actions/create-dev-env/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/create-dev-env/action.yml b/.github/actions/create-dev-env/action.yml index 5aa44520..807b716a 100644 --- a/.github/actions/create-dev-env/action.yml +++ b/.github/actions/create-dev-env/action.yml @@ -25,3 +25,4 @@ runs: - name: Install dependencies 📦 run: pip install -r requirements-dev.txt + shell: bash \ No newline at end of file From e8b31d728b19380ac8e8896082e73484e3f0fa6d Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Wed, 17 Apr 2024 22:26:26 +0000 Subject: [PATCH 059/149] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- .github/actions/create-dev-env/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/create-dev-env/action.yml b/.github/actions/create-dev-env/action.yml index 807b716a..a52aa11f 100644 --- a/.github/actions/create-dev-env/action.yml +++ b/.github/actions/create-dev-env/action.yml @@ -25,4 +25,4 @@ runs: - name: Install dependencies 📦 run: pip install -r requirements-dev.txt - shell: bash \ No newline at end of file + shell: bash From ecbe74718775026203d82e8ec9e1ea69da9e51b2 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 00:01:22 +0100 Subject: [PATCH 060/149] Disable arm64 build --- .github/workflows/build.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1b035e34..d6ba4efa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -4,6 +4,7 @@ name: Build and test image and upload them to ghcr.io env: OWNER: ${{ github.repository_owner }} REGISTRY: ghcr.io + BUILDKIT_PROGRESS: plain on: # TODO: Can we define outputs here? @@ -81,8 +82,11 @@ jobs: build.json docker-bake-template-meta.json + # TODO: Just testing how long it takes to build arm64 image on GHA with QEMU + # (looks like ~12min) - name: Build images for ARM64 🍎 id: build-arm64 + if: false uses: docker/bake-action@v4 with: push: true From cfab33b2d292eab1ab41238e9e40de07e298b984 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 10:58:56 +0100 Subject: [PATCH 061/149] Checkout head commit instead of merge commit --- .github/workflows/build.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d6ba4efa..eeb7aa45 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -37,6 +37,8 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -124,6 +126,8 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} - uses: docker/login-action@v2 with: @@ -151,6 +155,8 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} - uses: docker/login-action@v2 with: From cbfa736fb101e585f0efac2e41b18426dace3813 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 11:25:42 +0100 Subject: [PATCH 062/149] Revert "Checkout head commit instead of merge commit" This reverts commit cfab33b2d292eab1ab41238e9e40de07e298b984. --- .github/workflows/build.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index eeb7aa45..d6ba4efa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -37,8 +37,6 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -126,8 +124,6 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - uses: docker/login-action@v2 with: @@ -155,8 +151,6 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - uses: docker/login-action@v2 with: From eeb1eead1f892709ce1811775738955d33d92218 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 11:27:07 +0100 Subject: [PATCH 063/149] Enable arm64 build --- .github/workflows/build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d6ba4efa..65214fd6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -86,7 +86,6 @@ jobs: # (looks like ~12min) - name: Build images for ARM64 🍎 id: build-arm64 - if: false uses: docker/bake-action@v4 with: push: true From 0d68dd5e8a944d8cdc9a8f4608df284586a19991 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 11:54:34 +0100 Subject: [PATCH 064/149] Try building arm/amd together --- .github/workflows/build.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 65214fd6..58da72dc 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -92,8 +92,9 @@ jobs: # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 provenance: false + pull: true set: | - *.platform=linux/arm64 + *.platform=linux/arm64,linux/amd64 files: | docker-bake.hcl build.json From 58febf16114f9f62d309cd43210c51f9e9c1be82 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 12:25:31 +0100 Subject: [PATCH 065/149] Test before arm64 build --- .github/workflows/build.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 58da72dc..af12b378 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -73,7 +73,7 @@ jobs: id: build uses: docker/bake-action@v4 with: - push: true + load: true # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 provenance: false @@ -82,6 +82,15 @@ jobs: build.json docker-bake-template-meta.json + - name: Create Python dev environment 📦 + uses: ./.github/actions/create-dev-env + with: + architecture: ${{ inputs.architecture }} + + - name: Run tests for full-stack image + run: REGISTRY= pytest -m "not integration" --target full-stack + env: ${{ fromJSON(needs.build.outputs.images) }} + # TODO: Just testing how long it takes to build arm64 image on GHA with QEMU # (looks like ~12min) - name: Build images for ARM64 🍎 @@ -92,7 +101,6 @@ jobs: # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 provenance: false - pull: true set: | *.platform=linux/arm64,linux/amd64 files: | From f7285268c0c16fe081c98e1821f81d3b9b80289a Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 14:07:27 +0100 Subject: [PATCH 066/149] Reorder --- .github/workflows/build.yml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index af12b378..6120899b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,6 +82,18 @@ jobs: build.json docker-bake-template-meta.json + - name: Set output variables + id: bake_metadata + run: | + cat docker-bake-template-meta.json \ + | jq -c '.target | [to_entries[] | {"key": (.key|split("-")[:-1] | join("-")), "value": [.value.tags[]][1]}] | from_entries' \ + | tee bake-meta.json + targets=$(echo $(cat bake-meta.json | jq -c 'keys')) + images=$(echo $(cat bake-meta.json | jq -c '. | [to_entries[] | {"key": (.key| split("-")| join("_") |ascii_upcase + "_IMAGE"), "value": .value}] | from_entries')) + echo -e "targets=$targets\nimages=$images" + echo "targets=$targets" >> "${GITHUB_OUTPUT}" + echo "images=$images" >> "${GITHUB_OUTPUT}" + - name: Create Python dev environment 📦 uses: ./.github/actions/create-dev-env with: @@ -89,7 +101,7 @@ jobs: - name: Run tests for full-stack image run: REGISTRY= pytest -m "not integration" --target full-stack - env: ${{ fromJSON(needs.build.outputs.images) }} + env: ${{ fromJSON(steps.bake_metadata.outputs.images) }} # TODO: Just testing how long it takes to build arm64 image on GHA with QEMU # (looks like ~12min) @@ -100,7 +112,7 @@ jobs: push: true # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 - provenance: false + # provenance: false set: | *.platform=linux/arm64,linux/amd64 files: | @@ -108,18 +120,6 @@ jobs: build.json docker-bake-template-meta.json - - name: Set output variables - id: bake_metadata - run: | - cat docker-bake-template-meta.json \ - | jq -c '.target | [to_entries[] | {"key": (.key|split("-")[:-1] | join("-")), "value": [.value.tags[]][1]}] | from_entries' \ - | tee bake-meta.json - targets=$(echo $(cat bake-meta.json | jq -c 'keys')) - images=$(echo $(cat bake-meta.json | jq -c '. | [to_entries[] | {"key": (.key| split("-")| join("_") |ascii_upcase + "_IMAGE"), "value": .value}] | from_entries')) - echo -e "targets=$targets\nimages=$images" - echo "targets=$targets" >> "${GITHUB_OUTPUT}" - echo "images=$images" >> "${GITHUB_OUTPUT}" - test: needs: build runs-on: ${{ inputs.runsOn }} From b61ee7da7e2e795e6183024ec336e1e4b015e500 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 17:58:01 +0100 Subject: [PATCH 067/149] Use SHA of the actual commit --- .github/workflows/build.yml | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6120899b..f59dc7de 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -5,6 +5,8 @@ env: OWNER: ${{ github.repository_owner }} REGISTRY: ghcr.io BUILDKIT_PROGRESS: plain + # https://github.com/docker/metadata-action?tab=readme-ov-file#environment-variables + DOCKER_METADATA_PR_HEAD_SHA: true on: # TODO: Can we define outputs here? @@ -59,7 +61,7 @@ jobs: images: | name=${{ env.REGISTRY }}/aiidalab/__template__ tags: | - type=sha + type=sha,event=push type=ref,event=pr - name: Generate docker-bake metadata file. @@ -69,14 +71,14 @@ jobs: .github/workflows/merge-bake-template-target.sh ${BAKE_TEMPLATE_FILE} \ | tee docker-bake-template-meta.json - - name: Build images and upload to ghcr.io 📤 - id: build + - name: Build amd64 images 🏗️ + id: build-amd64 uses: docker/bake-action@v4 with: + # Do not push the resulting images, just load them to Docker for testing load: true - # Using provenance to disable default attestation so it will build only desired images: - # https://github.com/orgs/community/discussions/45969 - provenance: false + set: | + *.platform=linux/amd64 files: | docker-bake.hcl build.json @@ -103,16 +105,16 @@ jobs: run: REGISTRY= pytest -m "not integration" --target full-stack env: ${{ fromJSON(steps.bake_metadata.outputs.images) }} - # TODO: Just testing how long it takes to build arm64 image on GHA with QEMU - # (looks like ~12min) - - name: Build images for ARM64 🍎 - id: build-arm64 + # Here we build ARM64 images and upload both amd64 and arm64 to ghcr.io + - name: Build images for ARM64 and upload to ghcr.io 🍎📤 + id: build-upload uses: docker/bake-action@v4 with: push: true # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 - # provenance: false + provenance: false + # NOTE: linux/amd64 images will be taken from previous step set: | *.platform=linux/arm64,linux/amd64 files: | From da8f350506955cb17d2fbb14c3d2b72af52d6bca Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 18:10:54 +0100 Subject: [PATCH 068/149] Test AMR64 full-stack image --- .github/workflows/build.yml | 46 +++++++++++++++++++++++++++++++++---- 1 file changed, 42 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f59dc7de..a3bcc319 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -61,8 +61,9 @@ jobs: images: | name=${{ env.REGISTRY }}/aiidalab/__template__ tags: | - type=sha,event=push + type=sha type=ref,event=pr + type=edge,branch=main - name: Generate docker-bake metadata file. env: @@ -128,14 +129,16 @@ jobs: timeout-minutes: 20 strategy: matrix: - target: ["base", "lab", "base-with-services", "full-stack"] + # NOTE: full-stack is tested during build step + target: ["base", "lab", "base-with-services"] steps: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - uses: docker/login-action@v2 + - name: Login to Container Registry 🔑 + uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -151,6 +154,40 @@ jobs: run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} env: ${{ fromJSON(needs.build.outputs.images) }} + test-arm64: + needs: build + runs-on: ARM64 + timeout-minutes: 20 + strategy: + matrix: + # Only testing full-stack image to save self-hosted runner resources + target: ["full-stack"] + + steps: + + - name: Checkout Repo ⚡️ + uses: actions/checkout@v4 + + - name: Login to Container Registry 🔑 + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Create Python dev environment 📦 + uses: ./.github/actions/create-dev-env + with: + architecture: ${{ inputs.architecture }} + + - name: Run tests + run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} + env: ${{ fromJSON(needs.build.outputs.images) }} + + - name: Run integration tests + run: REGISTRY= pytest -m "integration" --target ${{matrix.target}} + env: ${{ fromJSON(needs.build.outputs.images) }} + integration-test: needs: build @@ -162,7 +199,8 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - uses: docker/login-action@v2 + - name: Login to Container Registry 🔑 + uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} From 2b7460598f2c694e618f6f4d234520adae7e9dc7 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 18:35:35 +0100 Subject: [PATCH 069/149] Fix --- .github/workflows/build.yml | 2 +- .github/workflows/main.yml | 20 +------------------- 2 files changed, 2 insertions(+), 20 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a3bcc319..cd8fb5cd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -178,7 +178,7 @@ jobs: - name: Create Python dev environment 📦 uses: ./.github/actions/create-dev-env with: - architecture: ${{ inputs.architecture }} + architecture: arm64 - name: Run tests run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 92154271..b6c7594e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -17,26 +17,8 @@ concurrency: cancel-in-progress: true jobs: - amd64-build: + build: uses: ./.github/workflows/build.yml with: architecture: amd64 runsOn: ubuntu-latest - - # TODO: Split test from build, but we'd need to - # pass outputs from build here. - #amd64-test: - # needs: amd64-build - # uses: ./.github/workflows/test.yml - # with: - # architecture: amd64 - # runsOn: ubuntu-latest - - # Postpone ARM build until amd64 build and tests succeeds - arm-build: - uses: ./.github/workflows/build.yml - needs: amd64-build - if: false - with: - architecture: arm64 - runsOn: ARM64 From 30431aad1af2af960ab6d23d564c1d5f34ae3bab Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 18:38:52 +0100 Subject: [PATCH 070/149] Delete old files --- .github/workflows/docker-merge-tags.yml | 63 ------------------ .github/workflows/docker-push.yml | 85 ------------------------- 2 files changed, 148 deletions(-) delete mode 100644 .github/workflows/docker-merge-tags.yml delete mode 100644 .github/workflows/docker-push.yml diff --git a/.github/workflows/docker-merge-tags.yml b/.github/workflows/docker-merge-tags.yml deleted file mode 100644 index 44242334..00000000 --- a/.github/workflows/docker-merge-tags.yml +++ /dev/null @@ -1,63 +0,0 @@ ---- -name: Download images tags from GitHub artifacts and create multi-platform manifests - -on: - workflow_call: - inputs: - image: - description: Image name - required: true - type: string - registry: - description: Docker registry, e.g. ghcr.io, docker.io - required: true - type: string - secrets: - REGISTRY_USERNAME: - required: true - REGISTRY_TOKEN: - required: true - - -jobs: - merge-tags: - runs-on: ubuntu-latest - - steps: - - name: Checkout Repo ⚡️ - uses: actions/checkout@v4 - - - name: Download amd64 tags file 📥 - uses: actions/download-artifact@v4 - with: - name: ${{ inputs.registry }}-${{ inputs.image }}-amd64-tags - # TODO: Use unique path here! - path: /tmp/aiidalab - - - name: Download arm64 tags file 📥 - uses: actions/download-artifact@v4 - with: - name: ${{ inputs.registry }}-${{ inputs.image }}-arm64-tags - path: /tmp/aiidalab - - - name: Login to Container Registry 🔑 - uses: docker/login-action@v2 - with: - registry: ${{ inputs.registry }} - username: ${{ secrets.REGISTRY_USERNAME }} - password: ${{ secrets.REGISTRY_TOKEN }} - - - name: Merge tags for the images of different arch 🔀 - run: | - for arch_tag in $(cat /tmp/aiidalab/${{ inputs.image }}-amd64-tags.txt); do - tag=$(echo $arch_tag | sed "s/:amd64-/:/") - docker manifest create $tag --amend $arch_tag - docker manifest push $tag - done - - for arch_tag in $(cat /tmp/aiidalab/${{ inputs.image }}-arm64-tags.txt); do - tag=$(echo $arch_tag | sed "s/:arm64-/:/") - docker manifest create $tag --amend $arch_tag - docker manifest push $tag - done - shell: bash diff --git a/.github/workflows/docker-push.yml b/.github/workflows/docker-push.yml deleted file mode 100644 index 912493c4..00000000 --- a/.github/workflows/docker-push.yml +++ /dev/null @@ -1,85 +0,0 @@ ---- -name: Download Docker image and its tags from GitHub artifacts, apply them and push the image to container registry - -env: - OWNER: ${{ github.repository_owner }} - -on: - workflow_call: - inputs: - image: - description: Image name - required: true - type: string - architecture: - description: Image architecture - required: true - type: string - registry: - description: Docker registry - required: true - type: string - secrets: - REGISTRY_USERNAME: - required: true - REGISTRY_TOKEN: - required: true - -jobs: - tag-push: - runs-on: ubuntu-latest - - steps: - - name: Checkout Repo ⚡️ - uses: actions/checkout@v4 - - - name: Read build variables - id: build_vars - run: | - vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') - echo "vars=$vars" >> "${GITHUB_OUTPUT}" - - - name: Docker meta 📝 - id: meta - uses: docker/metadata-action@v4 - env: ${{ fromJson(steps.build_vars.outputs.vars) }} - with: - images: | - name=${{ inputs.registry }}/${{ env.OWNER }}/${{ inputs.image }} - tags: | - type=edge,enable={{is_default_branch}} - type=sha,enable=${{ github.ref_type != 'tag' }} - type=ref,event=pr - type=match,pattern=v(\d{4}\.\d{4}),group=1 - type=raw,value={{tag}},enable=${{ startsWith(github.ref, 'refs/tags/v') }} - type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ startsWith(github.ref, 'refs/tags/v') }} - type=raw,value=python-${{ env.PYTHON_VERSION }},enable=${{ startsWith(github.ref, 'refs/tags/v') }} - type=raw,value=postgresql-${{ env.PGSQL_VERSION }},enable=${{ startsWith(github.ref, 'refs/tags/v') }} - - - name: Login to Container Registry 🔑 - uses: docker/login-action@v2 - with: - registry: ${{ inputs.registry }} - username: ${{ secrets.REGISTRY_USERNAME }} - password: ${{ secrets.REGISTRY_TOKEN }} - - - name: Set tags for image and push 🏷️📤💾 - run: | - declare -a arr=(${{ steps.meta.outputs.tags }}) - for tag in "${arr[@]}"; do - arch_tag=$(echo ${tag} | sed "s/:/:${{ inputs.architecture }}-/") - docker tag aiidalab/${{ inputs.image }}:newly-build ${arch_tag} - docker push ${arch_tag} - - # write tag to file - mkdir -p /tmp/aiidalab/ - echo ${arch_tag} >> /tmp/aiidalab/${{ inputs.image }}-${{ inputs.architecture }}-tags.txt - done - shell: bash - - - name: Upload tags file 📤 - uses: actions/upload-artifact@v4 - with: - name: ${{ inputs.registry }}-${{ inputs.image }}-${{ inputs.architecture }}-tags - path: /tmp/aiidalab/${{ inputs.image }}-${{ inputs.architecture }}-tags.txt - retention-days: 3 From 28c00505ab6b2b94e9492679116e52d98db13c1a Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 19:17:53 +0100 Subject: [PATCH 071/149] Use digest to identify image --- .github/workflows/build.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cd8fb5cd..171e3131 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -87,12 +87,12 @@ jobs: - name: Set output variables id: bake_metadata + env: + BAKE_META: ${{ steps.build-amd64.outputs.metadata }} + # TODO: Make this into a shell script run: | - cat docker-bake-template-meta.json \ - | jq -c '.target | [to_entries[] | {"key": (.key|split("-")[:-1] | join("-")), "value": [.value.tags[]][1]}] | from_entries' \ - | tee bake-meta.json - targets=$(echo $(cat bake-meta.json | jq -c 'keys')) - images=$(echo $(cat bake-meta.json | jq -c '. | [to_entries[] | {"key": (.key| split("-")| join("_") |ascii_upcase + "_IMAGE"), "value": .value}] | from_entries')) + targets=$(echo "${BAKE_META}"| jq -c 'keys') + images=$(echo "${BAKE_META}"| jq -c '. as $base |[to_entries[] |{"key": (.key|ascii_upcase|sub("-"; "_"; "g") + "_IMAGE"), "value": [(.value."image.name"|split(",")[0]),.value."containerimage.digest"]|join("@")}] |from_entries') echo -e "targets=$targets\nimages=$images" echo "targets=$targets" >> "${GITHUB_OUTPUT}" echo "images=$images" >> "${GITHUB_OUTPUT}" From 6746037507cca411182124a2aa9cfc0842c48373 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 19:57:02 +0100 Subject: [PATCH 072/149] Try pushing --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 171e3131..964c4e47 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -77,7 +77,7 @@ jobs: uses: docker/bake-action@v4 with: # Do not push the resulting images, just load them to Docker for testing - load: true + push: true set: | *.platform=linux/amd64 files: | From ce6e5d4b1df2254717f69bedfd648658b680afba Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 20:08:02 +0100 Subject: [PATCH 073/149] What's in there? --- .github/workflows/build.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 964c4e47..ca72c4ae 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -123,6 +123,16 @@ jobs: build.json docker-bake-template-meta.json + - name: Set output variables2 + env: + BAKE_META: ${{ steps.build-upload.outputs.metadata }} + run: | + targets=$(echo "${BAKE_META}"| jq -c 'keys') + images=$(echo "${BAKE_META}"| jq -c '. as $base |[to_entries[] |{"key": (.key|ascii_upcase|sub("-"; "_"; "g") + "_IMAGE"), "value": [(.value."image.name"|split(",")[0]),.value."containerimage.digest"]|join("@")}] |from_entries') + echo -e "targets=$targets\nimages=$images" + echo "targets=$targets" >> "${GITHUB_OUTPUT}" + echo "images=$images" >> "${GITHUB_OUTPUT}" + test: needs: build runs-on: ${{ inputs.runsOn }} From fa4e6e5ab37742c83499e6e91aeeb4697c1ab520 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 20:10:55 +0100 Subject: [PATCH 074/149] Add outputs --- .github/workflows/build.yml | 14 ++++++++------ .github/workflows/main.yml | 1 - 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ca72c4ae..4600ebde 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,5 +1,5 @@ --- -name: Build and test image and upload them to ghcr.io +name: Build images and upload them to ghcr.io env: OWNER: ${{ github.repository_owner }} @@ -9,17 +9,19 @@ env: DOCKER_METADATA_PR_HEAD_SHA: true on: - # TODO: Can we define outputs here? workflow_call: inputs: - architecture: - description: Image architecture, e.g. amd64, arm64 - required: true - type: string runsOn: description: GitHub Actions Runner image required: true type: string + outputs: + targets: + description: Target images + value: ${{ jobs.build.outputs.targets }} + images: + description: Built images, identified with digests + value: ${{ jobs.build.outputs.images }} jobs: build: diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b6c7594e..d08a7821 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -20,5 +20,4 @@ jobs: build: uses: ./.github/workflows/build.yml with: - architecture: amd64 runsOn: ubuntu-latest From 887f94a38b3e675f2b2251e941e9fbf051c84ca0 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 22:11:20 +0100 Subject: [PATCH 075/149] Maybe? --- .github/workflows/build.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4600ebde..f2ceaf9f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -88,7 +88,7 @@ jobs: docker-bake-template-meta.json - name: Set output variables - id: bake_metadata + id: bake_metadata_amd64 env: BAKE_META: ${{ steps.build-amd64.outputs.metadata }} # TODO: Make this into a shell script @@ -106,7 +106,7 @@ jobs: - name: Run tests for full-stack image run: REGISTRY= pytest -m "not integration" --target full-stack - env: ${{ fromJSON(steps.bake_metadata.outputs.images) }} + env: ${{ fromJSON(steps.bake_metadata_amd64.outputs.images) }} # Here we build ARM64 images and upload both amd64 and arm64 to ghcr.io - name: Build images for ARM64 and upload to ghcr.io 🍎📤 @@ -125,7 +125,8 @@ jobs: build.json docker-bake-template-meta.json - - name: Set output variables2 + - name: Set final output variables + id: bake_metadata env: BAKE_META: ${{ steps.build-upload.outputs.metadata }} run: | From 837b11ee84bf9b4c987049162f164d31327eed35 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 23:44:49 +0100 Subject: [PATCH 076/149] Global pytest mark --- tests/test_aiidalab_apps.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/test_aiidalab_apps.py b/tests/test_aiidalab_apps.py index 33b92198..dd3719d2 100644 --- a/tests/test_aiidalab_apps.py +++ b/tests/test_aiidalab_apps.py @@ -1,5 +1,6 @@ import pytest +pytestmark = pytest.mark.integration # Integration tests for the full-stack image. # Here we make sure we can install aiidalab-widgets-base and aiidalab-qe apps TESTED_TARGETS = "full-stack" @@ -31,7 +32,6 @@ def _generate_aiidalab_install_output(package_name): @pytest.mark.parametrize("package_name", ["aiidalab-widgets-base", "quantum-espresso"]) -@pytest.mark.integration def test_install_apps_from_stable(generate_aiidalab_install_output, package_name): """Test that apps can be installed from app store.""" output = generate_aiidalab_install_output(package_name) @@ -43,7 +43,6 @@ def test_install_apps_from_stable(generate_aiidalab_install_output, package_name @pytest.mark.parametrize("repo_name", ["aiidalab-widgets-base", "aiidalab-qe"]) -@pytest.mark.integration def test_install_apps_from_default_branch(generate_aiidalab_install_output, repo_name): """Test that apps can be installed from the default branch of the repository.""" package = f"{repo_name}@git+https://github.com/aiidalab/{repo_name}.git" From 66ee2e1536a3915ca2fc27e61a97cc7a00e278c5 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 23:51:50 +0100 Subject: [PATCH 077/149] Remove missing input --- .github/workflows/build.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f2ceaf9f..f02f2cfa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -102,7 +102,7 @@ jobs: - name: Create Python dev environment 📦 uses: ./.github/actions/create-dev-env with: - architecture: ${{ inputs.architecture }} + architecture: amd64 - name: Run tests for full-stack image run: REGISTRY= pytest -m "not integration" --target full-stack @@ -160,7 +160,7 @@ jobs: - name: Create Python dev environment 📦 uses: ./.github/actions/create-dev-env with: - architecture: ${{ inputs.architecture }} + architecture: amd64 - name: Run tests # TODO: Hack with REGISTRY @@ -222,7 +222,7 @@ jobs: - name: Create Python dev environment 📦 uses: ./.github/actions/create-dev-env with: - architecture: ${{ inputs.architecture }} + architecture: amd64 - name: Run tests # TODO: Hack with REGISTRY From f9c5ef239f97fe9a1289e1840a495e54349e6134 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 23:52:38 +0100 Subject: [PATCH 078/149] Add test.yml --- .github/workflows/test.yml | 115 +++++++++++++++++++++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..917c57f3 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,115 @@ +--- +name: Build images and upload them to ghcr.io + +env: + OWNER: ${{ github.repository_owner }} + REGISTRY: ghcr.io + BUILDKIT_PROGRESS: plain + # https://github.com/docker/metadata-action?tab=readme-ov-file#environment-variables + DOCKER_METADATA_PR_HEAD_SHA: true + +on: + workflow_call: + inputs: + runsOn: + description: GitHub Actions Runner image + required: true + type: string + + architecture: + description: Target architecture ("amd64" or "arm64") + required: true + type: string + +jobs: + + test: + runs-on: ${{ inputs.runsOn }} + timeout-minutes: 20 + strategy: + matrix: + # NOTE: full-stack is tested already during build step + target: ["base", "lab", "base-with-services"] + + steps: + + - name: Checkout Repo ⚡️ + uses: actions/checkout@v4 + + - name: Login to Container Registry 🔑 + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Create Python dev environment 📦 + uses: ./.github/actions/create-dev-env + with: + architecture: ${{ inputs.architecture }} + + - name: Run tests + # TODO: Hack with REGISTRY + run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} + env: ${{ fromJSON(inputs.images) }} + + test-arm64: + needs: build + runs-on: ARM64 + timeout-minutes: 20 + strategy: + matrix: + # Only testing full-stack image to save self-hosted runner resources + target: ["full-stack"] + + steps: + + - name: Checkout Repo ⚡️ + uses: actions/checkout@v4 + + - name: Login to Container Registry 🔑 + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Create Python dev environment 📦 + uses: ./.github/actions/create-dev-env + with: + architecture: arm64 + + - name: Run tests + run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} + env: ${{ fromJSON(needs.build.outputs.images) }} + + - name: Run integration tests + run: REGISTRY= pytest -m "integration" --target ${{matrix.target}} + env: ${{ fromJSON(needs.build.outputs.images) }} + + + integration-test: + runs-on: ${{ inputs.runsOn }} + timeout-minutes: 20 + + steps: + + - name: Checkout Repo ⚡️ + uses: actions/checkout@v4 + + - name: Login to Container Registry 🔑 + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Create Python dev environment 📦 + uses: ./.github/actions/create-dev-env + with: + architecture: ${{ inputs.architecture }} + + - name: Run tests + # TODO: Hack with REGISTRY + run: REGISTRY= pytest -m "integration" --target full-stack + env: ${{ fromJSON(inputs.images) }} From 8dee62a9dfcb7163ff855061042c875cac30149e Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 23:58:26 +0100 Subject: [PATCH 079/149] Temporarily skip arm64 build --- .github/workflows/build.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f02f2cfa..563ad1d4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -118,8 +118,9 @@ jobs: # https://github.com/orgs/community/discussions/45969 provenance: false # NOTE: linux/amd64 images will be taken from previous step + # DEBUG: Build only amd64 for now set: | - *.platform=linux/arm64,linux/amd64 + *.platform=linux/amd64 files: | docker-bake.hcl build.json From e341bfd44e4d70d429356a5629a8d75496ba3c87 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 18 Apr 2024 23:59:04 +0100 Subject: [PATCH 080/149] Remove tests from build --- .github/workflows/build.yml | 93 ------------------------------------- 1 file changed, 93 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 563ad1d4..b1cd50fb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -136,96 +136,3 @@ jobs: echo -e "targets=$targets\nimages=$images" echo "targets=$targets" >> "${GITHUB_OUTPUT}" echo "images=$images" >> "${GITHUB_OUTPUT}" - - test: - needs: build - runs-on: ${{ inputs.runsOn }} - timeout-minutes: 20 - strategy: - matrix: - # NOTE: full-stack is tested during build step - target: ["base", "lab", "base-with-services"] - - steps: - - - name: Checkout Repo ⚡️ - uses: actions/checkout@v4 - - - name: Login to Container Registry 🔑 - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Create Python dev environment 📦 - uses: ./.github/actions/create-dev-env - with: - architecture: amd64 - - - name: Run tests - # TODO: Hack with REGISTRY - run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} - env: ${{ fromJSON(needs.build.outputs.images) }} - - test-arm64: - needs: build - runs-on: ARM64 - timeout-minutes: 20 - strategy: - matrix: - # Only testing full-stack image to save self-hosted runner resources - target: ["full-stack"] - - steps: - - - name: Checkout Repo ⚡️ - uses: actions/checkout@v4 - - - name: Login to Container Registry 🔑 - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Create Python dev environment 📦 - uses: ./.github/actions/create-dev-env - with: - architecture: arm64 - - - name: Run tests - run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} - env: ${{ fromJSON(needs.build.outputs.images) }} - - - name: Run integration tests - run: REGISTRY= pytest -m "integration" --target ${{matrix.target}} - env: ${{ fromJSON(needs.build.outputs.images) }} - - - integration-test: - needs: build - runs-on: ${{ inputs.runsOn }} - timeout-minutes: 20 - - steps: - - - name: Checkout Repo ⚡️ - uses: actions/checkout@v4 - - - name: Login to Container Registry 🔑 - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Create Python dev environment 📦 - uses: ./.github/actions/create-dev-env - with: - architecture: amd64 - - - name: Run tests - # TODO: Hack with REGISTRY - run: REGISTRY= pytest -m "integration" --target full-stack - env: ${{ fromJSON(needs.build.outputs.images) }} From 033dff3658cc2d57ce912fd2f05334bff63b4e09 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 00:07:19 +0100 Subject: [PATCH 081/149] update create-dev-env --- .github/actions/create-dev-env/action.yml | 6 +++--- .github/workflows/build.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/actions/create-dev-env/action.yml b/.github/actions/create-dev-env/action.yml index a52aa11f..72ac6c57 100644 --- a/.github/actions/create-dev-env/action.yml +++ b/.github/actions/create-dev-env/action.yml @@ -3,8 +3,8 @@ name: Python environment description: Create Python environment and install dependencies for running tests inputs: - architecture: - description: architecture to be run on + runner: + description: Github Actions runner required: true type: string @@ -15,7 +15,7 @@ runs: # See: https://github.com/actions/setup-python/issues/108 # python3 is manually preinstalled in the arm64 VM self-hosted runner - name: Set Up Python 🐍 - if: ${{ inputs.architecture == 'amd64' }} + if: ${{ inputs.runner != 'ARM64' }} uses: actions/setup-python@v5 with: python-version: '3.11' diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b1cd50fb..9d55a2af 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -102,7 +102,7 @@ jobs: - name: Create Python dev environment 📦 uses: ./.github/actions/create-dev-env with: - architecture: amd64 + runner: ${{ inputs.runsOn }} - name: Run tests for full-stack image run: REGISTRY= pytest -m "not integration" --target full-stack From f4cc6c5d416a7b0086547e24c6acb01bcdb99dad Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 00:10:35 +0100 Subject: [PATCH 082/149] Hook up new test workflow --- .github/workflows/main.yml | 19 ++++++++ .github/workflows/test.yml | 94 ++++++-------------------------------- 2 files changed, 34 insertions(+), 79 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d08a7821..cee919c5 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -17,7 +17,26 @@ concurrency: cancel-in-progress: true jobs: + build: uses: ./.github/workflows/build.yml with: runsOn: ubuntu-latest + + test-amd64: + needs: build + uses: ./.github/workflows/test.yml + with: + runsOn: ubuntu-latest + images: ${{ needs.build.outputs.images }} + target: "base" + integration: false + + test-arm64: + needs: build + uses: ./.github/workflows/test.yml + with: + runsOn: ARM64 + images: ${{ needs.build.outputs.images }} + target: "full-stack" + integration: false diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 917c57f3..a15c44d3 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,13 +1,6 @@ --- name: Build images and upload them to ghcr.io -env: - OWNER: ${{ github.repository_owner }} - REGISTRY: ghcr.io - BUILDKIT_PROGRESS: plain - # https://github.com/docker/metadata-action?tab=readme-ov-file#environment-variables - DOCKER_METADATA_PR_HEAD_SHA: true - on: workflow_call: inputs: @@ -15,82 +8,25 @@ on: description: GitHub Actions Runner image required: true type: string - - architecture: - description: Target architecture ("amd64" or "arm64") + images: + description: Images built in build step required: true type: string + target: + description: Target image for testing + required: false + type: string + integration: + description: Run integration tests + required: false + type: boolean + jobs: test: runs-on: ${{ inputs.runsOn }} timeout-minutes: 20 - strategy: - matrix: - # NOTE: full-stack is tested already during build step - target: ["base", "lab", "base-with-services"] - - steps: - - - name: Checkout Repo ⚡️ - uses: actions/checkout@v4 - - - name: Login to Container Registry 🔑 - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Create Python dev environment 📦 - uses: ./.github/actions/create-dev-env - with: - architecture: ${{ inputs.architecture }} - - - name: Run tests - # TODO: Hack with REGISTRY - run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} - env: ${{ fromJSON(inputs.images) }} - - test-arm64: - needs: build - runs-on: ARM64 - timeout-minutes: 20 - strategy: - matrix: - # Only testing full-stack image to save self-hosted runner resources - target: ["full-stack"] - - steps: - - - name: Checkout Repo ⚡️ - uses: actions/checkout@v4 - - - name: Login to Container Registry 🔑 - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Create Python dev environment 📦 - uses: ./.github/actions/create-dev-env - with: - architecture: arm64 - - - name: Run tests - run: REGISTRY= pytest -m "not integration" --target ${{matrix.target}} - env: ${{ fromJSON(needs.build.outputs.images) }} - - - name: Run integration tests - run: REGISTRY= pytest -m "integration" --target ${{matrix.target}} - env: ${{ fromJSON(needs.build.outputs.images) }} - - - integration-test: - runs-on: ${{ inputs.runsOn }} - timeout-minutes: 20 steps: @@ -100,16 +36,16 @@ jobs: - name: Login to Container Registry 🔑 uses: docker/login-action@v2 with: - registry: ${{ env.REGISTRY }} + registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Create Python dev environment 📦 uses: ./.github/actions/create-dev-env with: - architecture: ${{ inputs.architecture }} + runner: ${{ inputs.runsOn }} - name: Run tests - # TODO: Hack with REGISTRY - run: REGISTRY= pytest -m "integration" --target full-stack + # TODO: Enable/disable integration tests + run: pytest -m "not integration" --target ${{inputs.target}} env: ${{ fromJSON(inputs.images) }} From b63da1154d4387c771bc7eb82b45549e47a16f73 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 00:29:59 +0100 Subject: [PATCH 083/149] Add integration tests --- .github/workflows/build.yml | 4 +--- .github/workflows/main.yml | 11 +++++++++++ .github/workflows/test.yml | 4 +--- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9d55a2af..203030e3 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -93,10 +93,8 @@ jobs: BAKE_META: ${{ steps.build-amd64.outputs.metadata }} # TODO: Make this into a shell script run: | - targets=$(echo "${BAKE_META}"| jq -c 'keys') images=$(echo "${BAKE_META}"| jq -c '. as $base |[to_entries[] |{"key": (.key|ascii_upcase|sub("-"; "_"; "g") + "_IMAGE"), "value": [(.value."image.name"|split(",")[0]),.value."containerimage.digest"]|join("@")}] |from_entries') - echo -e "targets=$targets\nimages=$images" - echo "targets=$targets" >> "${GITHUB_OUTPUT}" + echo "images=$images" echo "images=$images" >> "${GITHUB_OUTPUT}" - name: Create Python dev environment 📦 diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index cee919c5..9cec22a0 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -23,6 +23,7 @@ jobs: with: runsOn: ubuntu-latest + # NOTE: amd64 full-stack image is being tested as part of the build test-amd64: needs: build uses: ./.github/workflows/test.yml @@ -32,6 +33,7 @@ jobs: target: "base" integration: false + # To save self-hosted runner resources, we're only testing full-stack image test-arm64: needs: build uses: ./.github/workflows/test.yml @@ -40,3 +42,12 @@ jobs: images: ${{ needs.build.outputs.images }} target: "full-stack" integration: false + + test-integration: + needs: build + uses: ./.github/workflows/test.yml + with: + runsOn: ARM64 + images: ${{ needs.build.outputs.images }} + target: "full-stack" + integration: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a15c44d3..0e77f909 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -21,7 +21,6 @@ on: required: false type: boolean - jobs: test: @@ -46,6 +45,5 @@ jobs: runner: ${{ inputs.runsOn }} - name: Run tests - # TODO: Enable/disable integration tests - run: pytest -m "not integration" --target ${{inputs.target}} + run: pytest -m "${{ inputs.integration && "integration" || "not integration" }} --target ${{inputs.target}} env: ${{ fromJSON(inputs.images) }} From 656f2b211abe1a3ca8a0ed5da1e1d8e67dc36ac4 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 00:33:24 +0100 Subject: [PATCH 084/149] matrix strategy in main? --- .github/workflows/main.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9cec22a0..1cff2de1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -26,11 +26,16 @@ jobs: # NOTE: amd64 full-stack image is being tested as part of the build test-amd64: needs: build + strategy: + matrix: + # NOTE: amd64 full-stack image is tested during build step + target: ["base", "lab", "base-with-services"] + uses: ./.github/workflows/test.yml with: runsOn: ubuntu-latest images: ${{ needs.build.outputs.images }} - target: "base" + target: ${{ matrix.target }} integration: false # To save self-hosted runner resources, we're only testing full-stack image @@ -45,9 +50,12 @@ jobs: test-integration: needs: build + strategy: + matrix: + runner: ["ubuntu-latest", "ARM64"] uses: ./.github/workflows/test.yml with: - runsOn: ARM64 + runsOn: ${{ matrix.runner }} images: ${{ needs.build.outputs.images }} target: "full-stack" integration: true From ac46f763bbcd19e0b94421511b7bd2280d7d9d55 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 00:45:05 +0100 Subject: [PATCH 085/149] Single quote --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0e77f909..d6dc4f0c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -45,5 +45,5 @@ jobs: runner: ${{ inputs.runsOn }} - name: Run tests - run: pytest -m "${{ inputs.integration && "integration" || "not integration" }} --target ${{inputs.target}} + run: pytest -m "${{ inputs.integration && 'integration' || 'not integration' }} --target ${{inputs.target}} env: ${{ fromJSON(inputs.images) }} From a0cd2be06e8e4590d2ffd20df27c27ef3546969b Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 00:51:40 +0100 Subject: [PATCH 086/149] Fix tests and customize name --- .github/workflows/main.yml | 1 - .github/workflows/test.yml | 3 ++- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1cff2de1..13f9e11f 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -23,7 +23,6 @@ jobs: with: runsOn: ubuntu-latest - # NOTE: amd64 full-stack image is being tested as part of the build test-amd64: needs: build strategy: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d6dc4f0c..552cc7c5 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -24,6 +24,7 @@ on: jobs: test: + name: ${{ inputs.integration && inputs.runsOn || inputs.target }} runs-on: ${{ inputs.runsOn }} timeout-minutes: 20 @@ -45,5 +46,5 @@ jobs: runner: ${{ inputs.runsOn }} - name: Run tests - run: pytest -m "${{ inputs.integration && 'integration' || 'not integration' }} --target ${{inputs.target}} + run: pytest -m "${{ inputs.integration && 'integration' || 'not integration' }}" --target ${{inputs.target}} env: ${{ fromJSON(inputs.images) }} From d6c2f5404d411d56001059ac8dddff51c8a6da43 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 01:14:48 +0100 Subject: [PATCH 087/149] Extract image names --- .github/workflows/build.yml | 27 +++++-------- .github/workflows/extract-image-names.sh | 49 ++++++++++++++++++++++++ .github/workflows/test.yml | 2 +- 3 files changed, 60 insertions(+), 18 deletions(-) create mode 100755 .github/workflows/extract-image-names.sh diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 203030e3..94e7fc51 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,20 +16,17 @@ on: required: true type: string outputs: - targets: - description: Target images - value: ${{ jobs.build.outputs.targets }} images: description: Built images, identified with digests value: ${{ jobs.build.outputs.images }} jobs: build: + name: amd64 and arm64 runs-on: ${{ inputs.runsOn }} timeout-minutes: 20 outputs: - targets: ${{ steps.bake_metadata.outputs.targets }} images: ${{ steps.bake_metadata.outputs.images }} # Make sure we fail if any command in a piped command sequence fails @@ -87,26 +84,26 @@ jobs: build.json docker-bake-template-meta.json - - name: Set output variables + - name: Get amd64 images with digests id: bake_metadata_amd64 env: - BAKE_META: ${{ steps.build-amd64.outputs.metadata }} - # TODO: Make this into a shell script + BAKE_METADATA: ${{ steps.build-amd64.outputs.metadata }} run: | - images=$(echo "${BAKE_META}"| jq -c '. as $base |[to_entries[] |{"key": (.key|ascii_upcase|sub("-"; "_"; "g") + "_IMAGE"), "value": [(.value."image.name"|split(",")[0]),.value."containerimage.digest"]|join("@")}] |from_entries') - echo "images=$images" - echo "images=$images" >> "${GITHUB_OUTPUT}" + .github/workflows/extract-image-names.sh >> "${GITHUB_OUTPUT}" - name: Create Python dev environment 📦 uses: ./.github/actions/create-dev-env with: runner: ${{ inputs.runsOn }} + + # We run tests here to catch issues early, before running arm64 build which is slow - name: Run tests for full-stack image run: REGISTRY= pytest -m "not integration" --target full-stack env: ${{ fromJSON(steps.bake_metadata_amd64.outputs.images) }} - # Here we build ARM64 images and upload both amd64 and arm64 to ghcr.io + + # Here we build amr64 images (with help of QEMU) and upload both amd64 and arm64 to ghcr.io - name: Build images for ARM64 and upload to ghcr.io 🍎📤 id: build-upload uses: docker/bake-action@v4 @@ -124,13 +121,9 @@ jobs: build.json docker-bake-template-meta.json - - name: Set final output variables + - name: Set output variables id: bake_metadata env: BAKE_META: ${{ steps.build-upload.outputs.metadata }} run: | - targets=$(echo "${BAKE_META}"| jq -c 'keys') - images=$(echo "${BAKE_META}"| jq -c '. as $base |[to_entries[] |{"key": (.key|ascii_upcase|sub("-"; "_"; "g") + "_IMAGE"), "value": [(.value."image.name"|split(",")[0]),.value."containerimage.digest"]|join("@")}] |from_entries') - echo -e "targets=$targets\nimages=$images" - echo "targets=$targets" >> "${GITHUB_OUTPUT}" - echo "images=$images" >> "${GITHUB_OUTPUT}" + .github/workflows/extract-image-names.sh >> "${GITHUB_OUTPUT}" diff --git a/.github/workflows/extract-image-names.sh b/.github/workflows/extract-image-names.sh new file mode 100755 index 00000000..4a9f7a27 --- /dev/null +++ b/.github/workflows/extract-image-names.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +set -euo pipefail + +# Extract built image names including their digests +# to uniquely identify newly built images in subsequent steps. + +# The input to this script is a JSON string passed via BAKE_METADATA env variable +# Here's example input (trimmed to relevant bits): +# BAKE_META: { +# "base": { +# "buildx.build.ref": "builder-9dc30f03-42f5-4fd5-8c9a-0d54be5ad996/builder-9dc30f03-42f5-4fd5-8c9a-0d54be5ad9960/jex1w6zvslbbomtkedn4no62l", +# "containerimage.config.digest": "sha256:b76dc61672dd0efbd586d56393d3a57f6309654e6903d738168892bc09017e8b", +# "containerimage.descriptor": { +# "mediaType": "application/vnd.docker.distribution.manifest.v2+json", +# "digest": "sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d", +# "size": 6170, +# "platform": { +# "architecture": "amd64", +# "os": "linux" +# } +# }, +# "containerimage.digest": "sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d", +# "image.name": "ghcr.io/aiidalab/base:pr-439,ghcr.io/aiidalab/base:sha-a0cd2be" +# }, +# "base-with-services": { +# "containerimage.digest": "sha256:6753a809b5b2675bf4c22408e07c1df155907a465b33c369ef93ebcb1c4fec26", +# "...": "" +# } +# "full-stack": { +# "containerimage.digest": "sha256:85ee91f61be1ea601591c785db038e5899d68d5fb89e07d66d9efbe8f352ee48", +# "...": "" +# } +# "lab": { +# "containerimage.digest": "sha256:4d9be090da287fcdf2d4658bb82f78bad791ccd15dac9af594fb8306abe47e97", +# "...": "" +# } +# } +# +# Example output: +# images={"BASE_IMAGE":"ghcr.io/aiidalab/base:pr-439@sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d","BASE_WITH_SERVICES_IMAGE":"ghcr.io/aiidalab/base-with-services:pr-439@sha256:6753a809b5b2675bf4c22408e07c1df155907a465b33c369ef93ebcb1c4fec26","FULL_STACK_IMAGE":"ghcr.io/aiidalab/full-stack:pr-439@sha256:85ee91f61be1ea601591c785db038e5899d68d5fb89e07d66d9efbe8f352ee48","LAB_IMAGE":"ghcr.io/aiidalab/lab:pr-439@sha256:4d9be090da287fcdf2d4658bb82f78bad791ccd15dac9af594fb8306abe47e97"} + +if [[ -z ${BAKE_METADATA-} ]];then + echo "ERROR: Environment variable BAKE_METADATA is not set!" + exit 1 +fi + +images=$(echo "${BAKE_METADATA}" | jq -c '. as $base |[to_entries[] |{"key": (.key|ascii_upcase|sub("-"; "_"; "g") + "_IMAGE"), "value": [(.value."image.name"|split(",")[0]),.value."containerimage.digest"]|join("@")}] |from_entries') +echo "images=$images" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 552cc7c5..d2fda749 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,5 +1,5 @@ --- -name: Build images and upload them to ghcr.io +name: Test newly built images on: workflow_call: From bcbe78c2beda5f8447bc235c39061d1e475bfa60 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 01:19:39 +0100 Subject: [PATCH 088/149] Remove create-dev-env --- .github/actions/create-dev-env/action.yml | 28 ----------------------- .github/workflows/build.yml | 12 +++++++--- .github/workflows/test.yml | 13 ++++++++--- requirements-dev.txt => requirements.txt | 0 4 files changed, 19 insertions(+), 34 deletions(-) delete mode 100644 .github/actions/create-dev-env/action.yml rename requirements-dev.txt => requirements.txt (100%) diff --git a/.github/actions/create-dev-env/action.yml b/.github/actions/create-dev-env/action.yml deleted file mode 100644 index 72ac6c57..00000000 --- a/.github/actions/create-dev-env/action.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -name: Python environment -description: Create Python environment and install dependencies for running tests - -inputs: - runner: - description: Github Actions runner - required: true - type: string - -runs: - using: composite - steps: - # actions/setup-python doesn't support Linux arm64 runners - # See: https://github.com/actions/setup-python/issues/108 - # python3 is manually preinstalled in the arm64 VM self-hosted runner - - name: Set Up Python 🐍 - if: ${{ inputs.runner != 'ARM64' }} - uses: actions/setup-python@v5 - with: - python-version: '3.11' - cache: pip - cache-dependency-path: | - **/requirements*.txt - - - name: Install dependencies 📦 - run: pip install -r requirements-dev.txt - shell: bash diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 94e7fc51..8979edff 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -91,11 +91,17 @@ jobs: run: | .github/workflows/extract-image-names.sh >> "${GITHUB_OUTPUT}" - - name: Create Python dev environment 📦 - uses: ./.github/actions/create-dev-env + - name: Set Up Python 🐍 + if: ${{ inputs.runner != 'ARM64' }} + uses: actions/setup-python@v5 with: - runner: ${{ inputs.runsOn }} + python-version: '3.11' + cache: pip + - name: Install dependencies 📦 + run: | + pip install -r requirements-dev.txt + pip freeze # We run tests here to catch issues early, before running arm64 build which is slow - name: Run tests for full-stack image diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d2fda749..8390afb8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -40,10 +40,17 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Create Python dev environment 📦 - uses: ./.github/actions/create-dev-env + - name: Set Up Python 🐍 + if: ${{ inputs.runner != 'ARM64' }} + uses: actions/setup-python@v5 with: - runner: ${{ inputs.runsOn }} + python-version: '3.11' + cache: pip + + - name: Install dependencies 📦 + run: | + pip install -r requirements-dev.txt + pip freeze - name: Run tests run: pytest -m "${{ inputs.integration && 'integration' || 'not integration' }}" --target ${{inputs.target}} diff --git a/requirements-dev.txt b/requirements.txt similarity index 100% rename from requirements-dev.txt rename to requirements.txt From 493c72f04dfee295ad9fab001a6656c40a300895 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 01:21:11 +0100 Subject: [PATCH 089/149] Reenable arm64 build --- .github/workflows/build.yml | 5 ++--- .github/workflows/test.yml | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8979edff..11248876 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -100,7 +100,7 @@ jobs: - name: Install dependencies 📦 run: | - pip install -r requirements-dev.txt + pip install -r requirements.txt pip freeze # We run tests here to catch issues early, before running arm64 build which is slow @@ -119,9 +119,8 @@ jobs: # https://github.com/orgs/community/discussions/45969 provenance: false # NOTE: linux/amd64 images will be taken from previous step - # DEBUG: Build only amd64 for now set: | - *.platform=linux/amd64 + *.platform=linux/amd64,linux/arm64 files: | docker-bake.hcl build.json diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8390afb8..08256fc0 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -49,7 +49,7 @@ jobs: - name: Install dependencies 📦 run: | - pip install -r requirements-dev.txt + pip install -r requirements.txt pip freeze - name: Run tests From 0b1f1bfda268cd65119d59751f047d128b6d67c2 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 01:54:36 +0100 Subject: [PATCH 090/149] increase timeout --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 11248876..a6041768 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,7 @@ jobs: build: name: amd64 and arm64 runs-on: ${{ inputs.runsOn }} - timeout-minutes: 20 + timeout-minutes: 30 outputs: images: ${{ steps.bake_metadata.outputs.images }} From 004eb1603715b5a3760fd4887eeeda81d74cdf7b Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 09:58:45 +0100 Subject: [PATCH 091/149] fix --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a6041768..ff9d7838 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -129,6 +129,6 @@ jobs: - name: Set output variables id: bake_metadata env: - BAKE_META: ${{ steps.build-upload.outputs.metadata }} + BAKE_METADATA: ${{ steps.build-upload.outputs.metadata }} run: | .github/workflows/extract-image-names.sh >> "${GITHUB_OUTPUT}" From fb23e0059774738ab096a4b6a7d3088940c00c66 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 10:37:16 +0100 Subject: [PATCH 092/149] further timeout increase --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ff9d7838..81d9576b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,7 @@ jobs: build: name: amd64 and arm64 runs-on: ${{ inputs.runsOn }} - timeout-minutes: 30 + timeout-minutes: 60 outputs: images: ${{ steps.bake_metadata.outputs.images }} From 48057243ce610bfcb5975f68a4f261589fb1e3cf Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 11:29:35 +0100 Subject: [PATCH 093/149] remove precommit from dev requirements --- requirements.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 6ba03f75..4ea33c40 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,5 @@ docker requests -pre-commit pytest~=7.0 pytest-docker doit From 6d403f851c5a7bd8ff4e710620814355446c8ae5 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 11:30:39 +0100 Subject: [PATCH 094/149] Add note to integration tests --- stack/full-stack/Dockerfile | 4 +--- tests/test_aiidalab_apps.py | 8 +++++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/stack/full-stack/Dockerfile b/stack/full-stack/Dockerfile index 2a39b0ec..05210246 100644 --- a/stack/full-stack/Dockerfile +++ b/stack/full-stack/Dockerfile @@ -9,10 +9,8 @@ COPY --from=base /opt/config-quick-setup.yaml /opt/ COPY --from=base "${CONDA_DIR}/envs/aiida-core-services" "${CONDA_DIR}/envs/aiida-core-services" COPY --from=base /usr/local/bin/before-notebook.d /usr/local/bin/before-notebook.d -# This is needed because we use multi-stage build. +# This is needed because we use multi-stage build, # the erlang package is not available after the first stage. -# After we move base-with-services to a aiida-core repo, we can remove this. -# Note that it is very important to having the TARGETARCH argument here, otherwise the variable is empty. ARG TARGETARCH RUN if [ "$TARGETARCH" = "arm64" ]; then \ # Install erlang. diff --git a/tests/test_aiidalab_apps.py b/tests/test_aiidalab_apps.py index dd3719d2..0be6f5dc 100644 --- a/tests/test_aiidalab_apps.py +++ b/tests/test_aiidalab_apps.py @@ -22,12 +22,14 @@ def _generate_aiidalab_install_output(package_name): output += aiidalab_exec("pip check", user=nb_user).strip() - # Uninstall the package to make sure the test is repeatable + yield output + # Now, ninstall the package to make sure the test is repeatable. + # NOTE: This will only uninstall the package itself, not its dependencies! + # Since the dependencies are installed via pip, this is basically a pip limitation + # that would be hard to workaround here. app_name = package_name.split("@")[0] aiidalab_exec(f"aiidalab uninstall --yes --force {app_name}", user=nb_user) - return output - return _generate_aiidalab_install_output From 40bdfc9491e409c67320ca3566f85aaf3feb36ea Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 12:49:36 +0100 Subject: [PATCH 095/149] Timeout after two hours --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 81d9576b..1902f453 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,7 @@ jobs: build: name: amd64 and arm64 runs-on: ${{ inputs.runsOn }} - timeout-minutes: 60 + timeout-minutes: 120 outputs: images: ${{ steps.bake_metadata.outputs.images }} From 1e286166df4daa296e6a331c2d36c64f43d1b778 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 14:33:33 +0100 Subject: [PATCH 096/149] Fix arm tests --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 08256fc0..15b34fe9 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -41,7 +41,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Set Up Python 🐍 - if: ${{ inputs.runner != 'ARM64' }} + if: ${{ inputs.runsOn != 'ARM64' }} uses: actions/setup-python@v5 with: python-version: '3.11' From a76bbfdeab17f0778b0d6195b465db4c1a2f408b Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 14:43:25 +0100 Subject: [PATCH 097/149] Update login action --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 15b34fe9..eceeca22 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -34,7 +34,7 @@ jobs: uses: actions/checkout@v4 - name: Login to Container Registry 🔑 - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} From 23130e25d0bd25707b64c31ba00d934122a5b9cf Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 14:44:21 +0100 Subject: [PATCH 098/149] Update metadata-action --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1902f453..b6e2cf00 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -54,7 +54,7 @@ jobs: - name: Generate tags for images on ghcr.io 🏷️ id: tags_template - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: bake-target: __template__-meta images: | From ae5b70c34d18b0c543f6f27ba91ae6760581b2cb Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 14:48:52 +0100 Subject: [PATCH 099/149] Example output of merge-bake-template-target.sh --- .../workflows/merge-bake-template-target.sh | 59 +++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh index 6f9fb5f7..6443865e 100755 --- a/.github/workflows/merge-bake-template-target.sh +++ b/.github/workflows/merge-bake-template-target.sh @@ -13,6 +13,65 @@ set -euo pipefail # docker/meta-action (which can currently only handle a single bake-target) for # all targets currently specified in the main bake-file ("docker-bake.hcl"). # +# Example output (trimmed): +# { +# "target": { +# "base-meta": { +# "tags": [ +# "ghcr.io/aiidalab/base:pr-439", +# "ghcr.io/aiidalab/base:sha-40bdfc9" +# ], +# "labels": { +# "org.opencontainers.image.created": "2024-04-19T11:50:09.021Z", +# "org.opencontainers.image.description": "Docker images with the basic software stack for AiiDAlab", +# "org.opencontainers.image.licenses": "NOASSERTION", +# "org.opencontainers.image.revision": "40bdfc9491e409c67320ca3566f85aaf3feb36ea", +# "org.opencontainers.image.source": "https://github.com/aiidalab/aiidalab-docker-stack", +# "org.opencontainers.image.title": "aiidalab-docker-stack", +# "org.opencontainers.image.url": "https://github.com/aiidalab/aiidalab-docker-stack", +# "org.opencontainers.image.version": "pr-439" +# }, +# "args": { +# "DOCKER_META_IMAGES": "ghcr.io/aiidalab/base", +# "DOCKER_META_VERSION": "pr-439" +# } +# }, +# "base-with-services-meta": { +# "tags": [ +# "ghcr.io/aiidalab/base-with-services:pr-439", +# "ghcr.io/aiidalab/base-with-services:sha-40bdfc9" +# ], +# "labels": {}, +# "args": { +# "DOCKER_META_IMAGES": "ghcr.io/aiidalab/base-with-services", +# "DOCKER_META_VERSION": "pr-439" +# } +# }, +# "lab-meta": { +# "tags": [ +# "ghcr.io/aiidalab/lab:pr-439", +# "ghcr.io/aiidalab/lab:sha-40bdfc9" +# ], +# "labels": {}, +# "args": { +# "DOCKER_META_IMAGES": "ghcr.io/aiidalab/lab", +# "DOCKER_META_VERSION": "pr-439" +# } +# }, +# "full-stack-meta": { +# "tags": [ +# "ghcr.io/aiidalab/full-stack:pr-439", +# "ghcr.io/aiidalab/full-stack:sha-40bdfc9" +# ], +# "labels": {}, +# "args": { +# "DOCKER_META_IMAGES": "ghcr.io/aiidalab/full-stack", +# "DOCKER_META_VERSION": "pr-439" +# } +# } +# } +#} + if [[ -z ${1-} ]];then echo "ERROR: Provide path to bake-file template as first parameter" exit 1 From 336837759f8722da8392f6937b05f37b884a417e Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 14:56:58 +0100 Subject: [PATCH 100/149] Initial publish workflow --- .github/workflows/main.yml | 11 ++++++ .github/workflows/publish.yml | 70 +++++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+) create mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 13f9e11f..e5d03924 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -26,6 +26,7 @@ jobs: test-amd64: needs: build strategy: + fail-fast: false matrix: # NOTE: amd64 full-stack image is tested during build step target: ["base", "lab", "base-with-services"] @@ -50,6 +51,7 @@ jobs: test-integration: needs: build strategy: + fail-fast: false matrix: runner: ["ubuntu-latest", "ARM64"] uses: ./.github/workflows/test.yml @@ -58,3 +60,12 @@ jobs: images: ${{ needs.build.outputs.images }} target: "full-stack" integration: true + + publish: + # TODO: This needs to be more restricted + if: github.repository == 'aiidalab/aiidalab-docker-stack' + needs: [build, test-amd64, test-arm64] + uses: ./.github/workflows/publish.yml + with: + runsOn: ubuntu-latest + images: ${{ needs.build.outputs.images }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 00000000..0a64a897 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,70 @@ +--- +name: Publish images to DockerHub + +on: + workflow_call: + inputs: + runsOn: + description: GitHub Actions Runner image + required: true + type: string + images: + description: Images built in build step + required: true + type: string + +jobs: + + release: + name: DockerHub release + runs-on: ${{ inputs.runsOn }} + timeout-minutes: 30 + strategy: + fail-fast: true + matrix: + # TODO: More targets + target: ["base"] + + steps: + - uses: actions/checkout@v4 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Read build variables + id: build_vars + run: | + vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') + echo "vars=$vars" + echo "vars=$vars" >> "${GITHUB_OUTPUT}" + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + env: ${{ fromJSON(steps.build_vars.outputs.vars) }} + with: + images: docker.io/aiidalab/${{ matrix.target }} + tags: | + type=edge + type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} + type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} + type=raw,value=python-${{ env.PYTHON_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} + type=raw,value=postgresql-${{ env.PGSQL_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} + type=match,pattern=v(\d{4}\.\d{4}(-.+)?),group=1 + + - name: Determine src image tag + id: images + run: | + src=$(echo '${{ inputs.images }}'| jq -cr '.[("${{ matrix.target }}"|ascii_upcase|sub("-"; "_"; "g")) + "_IMAGE"]') + echo "src=$src" + echo "src=$src" >> "${GITHUB_OUTPUT}" From 658a2ddc33d3e9ceaca2a31f6c7fd4432262a899 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 16:46:32 +0100 Subject: [PATCH 101/149] Disable arm build --- .github/workflows/build.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b6e2cf00..bc6b7bc7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -108,7 +108,6 @@ jobs: run: REGISTRY= pytest -m "not integration" --target full-stack env: ${{ fromJSON(steps.bake_metadata_amd64.outputs.images) }} - # Here we build amr64 images (with help of QEMU) and upload both amd64 and arm64 to ghcr.io - name: Build images for ARM64 and upload to ghcr.io 🍎📤 id: build-upload @@ -120,7 +119,7 @@ jobs: provenance: false # NOTE: linux/amd64 images will be taken from previous step set: | - *.platform=linux/amd64,linux/arm64 + *.platform=linux/amd64 files: | docker-bake.hcl build.json From b8153c30b0799579177e2a91253de4f697d54e4b Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 17:02:21 +0100 Subject: [PATCH 102/149] More tags for ghcr.io images --- .github/workflows/build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bc6b7bc7..a389e5f7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -63,6 +63,11 @@ jobs: type=sha type=ref,event=pr type=edge,branch=main + type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} + type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} + type=raw,value=python-${{ env.PYTHON_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} + type=raw,value=postgresql-${{ env.PGSQL_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} + type=match,pattern=v(\d{4}\.\d{4}(-.+)?),group=1 - name: Generate docker-bake metadata file. env: From 6a1b4da5f1de205549cc92fbcabb8940461fcbb1 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 17:06:15 +0100 Subject: [PATCH 103/149] Reword --- .github/workflows/extract-image-names.sh | 12 +++++++++--- .github/workflows/main.yml | 2 +- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/extract-image-names.sh b/.github/workflows/extract-image-names.sh index 4a9f7a27..af814684 100755 --- a/.github/workflows/extract-image-names.sh +++ b/.github/workflows/extract-image-names.sh @@ -2,7 +2,7 @@ set -euo pipefail -# Extract built image names including their digests +# Extract image names together with their digests # to uniquely identify newly built images in subsequent steps. # The input to this script is a JSON string passed via BAKE_METADATA env variable @@ -37,8 +37,14 @@ set -euo pipefail # } # } # -# Example output: -# images={"BASE_IMAGE":"ghcr.io/aiidalab/base:pr-439@sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d","BASE_WITH_SERVICES_IMAGE":"ghcr.io/aiidalab/base-with-services:pr-439@sha256:6753a809b5b2675bf4c22408e07c1df155907a465b33c369ef93ebcb1c4fec26","FULL_STACK_IMAGE":"ghcr.io/aiidalab/full-stack:pr-439@sha256:85ee91f61be1ea601591c785db038e5899d68d5fb89e07d66d9efbe8f352ee48","LAB_IMAGE":"ghcr.io/aiidalab/lab:pr-439@sha256:4d9be090da287fcdf2d4658bb82f78bad791ccd15dac9af594fb8306abe47e97"} +# Example output (real output is on one line): +# +# images={ +# "BASE_IMAGE":"ghcr.io/aiidalab/base:pr-439@sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d", +# "BASE_WITH_SERVICES_IMAGE":"ghcr.io/aiidalab/base-with-services:pr-439@sha256:6753a809b5b2675bf4c22408e07c1df155907a465b33c369ef93ebcb1c4fec26", +# "FULL_STACK_IMAGE":"ghcr.io/aiidalab/full-stack:pr-439@sha256:85ee91f61be1ea601591c785db038e5899d68d5fb89e07d66d9efbe8f352ee48", +# "LAB_IMAGE":"ghcr.io/aiidalab/lab:pr-439@sha256:4d9be090da287fcdf2d4658bb82f78bad791ccd15dac9af594fb8306abe47e97" +# } if [[ -z ${BAKE_METADATA-} ]];then echo "ERROR: Environment variable BAKE_METADATA is not set!" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e5d03924..47aa5ac2 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -28,7 +28,7 @@ jobs: strategy: fail-fast: false matrix: - # NOTE: amd64 full-stack image is tested during build step + # NOTE: amd64 full-stack image is tested during build step target: ["base", "lab", "base-with-services"] uses: ./.github/workflows/test.yml From 7a76a9a93067de2cac5477e0fb3bdef070ac706e Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 17:23:40 +0100 Subject: [PATCH 104/149] Dependabot monthly --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 23a311ee..ce0d77c8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,7 +5,7 @@ updates: - package-ecosystem: github-actions directory: / schedule: - interval: daily + interval: monthly groups: gha-dependencies: patterns: From 2fddb7934ee9df6734af50823e93f2054e18b962 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 17:26:13 +0100 Subject: [PATCH 105/149] Skip arm test --- .github/workflows/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 47aa5ac2..63f8bc01 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -40,6 +40,7 @@ jobs: # To save self-hosted runner resources, we're only testing full-stack image test-arm64: + if: false needs: build uses: ./.github/workflows/test.yml with: @@ -64,7 +65,7 @@ jobs: publish: # TODO: This needs to be more restricted if: github.repository == 'aiidalab/aiidalab-docker-stack' - needs: [build, test-amd64, test-arm64] + needs: [build, test-amd64] #, test-arm64] uses: ./.github/workflows/publish.yml with: runsOn: ubuntu-latest From 202233073f7667e02776bc89d60244f43dbbabf3 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 17:32:10 +0100 Subject: [PATCH 106/149] Fix integration tests --- tests/test_aiidalab_apps.py | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/tests/test_aiidalab_apps.py b/tests/test_aiidalab_apps.py index 0be6f5dc..c30fcd8c 100644 --- a/tests/test_aiidalab_apps.py +++ b/tests/test_aiidalab_apps.py @@ -16,22 +16,26 @@ def skip_if_incompatible_target(target): @pytest.fixture(scope="function") def generate_aiidalab_install_output(aiidalab_exec, nb_user): + pkg = None + def _generate_aiidalab_install_output(package_name): + nonlocal pkg + pkg = package_name cmd = f"aiidalab install --yes --pre {package_name}" - output = aiidalab_exec(cmd, user=nb_user).strip() + output = aiidalab_exec(cmd, user=nb_user).strip() output += aiidalab_exec("pip check", user=nb_user).strip() - - yield output - # Now, ninstall the package to make sure the test is repeatable. - # NOTE: This will only uninstall the package itself, not its dependencies! - # Since the dependencies are installed via pip, this is basically a pip limitation - # that would be hard to workaround here. - app_name = package_name.split("@")[0] + return output + + # Uninstall the package to make sure the test is repeatable. + # NOTE: This will only uninstall the package itself, not its dependencies! + # Since the dependencies are installed via pip, this is basically a pip limitation + # that would be hard to workaround here. + yield _generate_aiidalab_install_output + if pkg: + app_name = pkg.split("@")[0] aiidalab_exec(f"aiidalab uninstall --yes --force {app_name}", user=nb_user) - return _generate_aiidalab_install_output - @pytest.mark.parametrize("package_name", ["aiidalab-widgets-base", "quantum-espresso"]) def test_install_apps_from_stable(generate_aiidalab_install_output, package_name): From b68e1ff6ad3eefacbe84c7cddb1b753590a882f4 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 17:32:40 +0100 Subject: [PATCH 107/149] Skip ARM64 integration test --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 63f8bc01..367632bb 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -54,7 +54,7 @@ jobs: strategy: fail-fast: false matrix: - runner: ["ubuntu-latest", "ARM64"] + runner: ["ubuntu-latest"] #, "ARM64"] uses: ./.github/workflows/test.yml with: runsOn: ${{ matrix.runner }} From 87ffc4f017ce07d79cd3c261dc7d6a8f368b89b1 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 17:55:09 +0100 Subject: [PATCH 108/149] Rest of publish workflow --- .github/workflows/publish.yml | 20 ++++++++++++++++++-- .github/workflows/test.yml | 2 +- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0a64a897..ecf6483b 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -28,16 +28,17 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Login to GitHub Container Registry + - name: Login to GitHub Container Registry 🔑 uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Login to Docker Hub + - name: Login to DockerHub 🔑 uses: docker/login-action@v3 with: + registry: docker.io username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} @@ -68,3 +69,18 @@ jobs: src=$(echo '${{ inputs.images }}'| jq -cr '.[("${{ matrix.target }}"|ascii_upcase|sub("-"; "_"; "g")) + "_IMAGE"]') echo "src=$src" echo "src=$src" >> "${GITHUB_OUTPUT}" + + - name: Push image + if: false + uses: akhilerm/tag-push-action@v2.2.0 + with: + src: ${{ steps.images.outputs.src }} + dst: ${{ steps.meta.outputs.tags }} + + - name: Docker Hub Description + uses: peter-evans/dockerhub-description@v4 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + repository: aiidalab/${{ matrix.target }} + short-description: ${{ github.event.repository.description }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index eceeca22..6f9a917b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -33,7 +33,7 @@ jobs: - name: Checkout Repo ⚡️ uses: actions/checkout@v4 - - name: Login to Container Registry 🔑 + - name: Login to GitHub Container Registry 🔑 uses: docker/login-action@v3 with: registry: ghcr.io From 7e3cb1a46130e23531dc06c81ed6d1f66ffa175e Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 18:12:24 +0100 Subject: [PATCH 109/149] Disable dockerhub login for now --- .github/workflows/publish.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ecf6483b..4af040d6 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -36,6 +36,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Login to DockerHub 🔑 + if: false uses: docker/login-action@v3 with: registry: docker.io From 366fa3431ff9e73c8367b515b02dd81070639d90 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 18:16:16 +0100 Subject: [PATCH 110/149] Move build-essential to lab image, hopefully speed up build a bit --- stack/base/Dockerfile | 7 ------- stack/lab/Dockerfile | 3 +++ 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/stack/base/Dockerfile b/stack/base/Dockerfile index b74691aa..ac15379a 100644 --- a/stack/base/Dockerfile +++ b/stack/base/Dockerfile @@ -5,13 +5,6 @@ LABEL maintainer="AiiDAlab Team " USER root -RUN apt-get update --yes && \ - apt-get install --yes --no-install-recommends \ - # for apps which need to install pymatgen: - # https://pymatgen.org/installation.html#installation-tips-for-optional-libraries - build-essential && \ - apt-get clean && rm -rf /var/lib/apt/lists/* - WORKDIR /opt/ ARG AIIDA_VERSION diff --git a/stack/lab/Dockerfile b/stack/lab/Dockerfile index 565c74e8..c4bbdb70 100644 --- a/stack/lab/Dockerfile +++ b/stack/lab/Dockerfile @@ -16,6 +16,9 @@ WORKDIR /opt/ # Install additional system packages RUN apt-get update --yes && \ apt-get install --yes --no-install-recommends \ + # Install C-compilers etc for apps which need to install pymatgen from source: + # https://pymatgen.org/installation.html#installation-tips-for-optional-libraries + build-essential && \ curl \ povray \ && apt-get clean \ From dcda9947dacf71730508abadfdf74cd4ee9b1e7e Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 18:18:50 +0100 Subject: [PATCH 111/149] Skip erlang install in base-with-services image --- stack/base-with-services/Dockerfile | 4 ---- 1 file changed, 4 deletions(-) diff --git a/stack/base-with-services/Dockerfile b/stack/base-with-services/Dockerfile index 1a987e63..90d21176 100644 --- a/stack/base-with-services/Dockerfile +++ b/stack/base-with-services/Dockerfile @@ -26,10 +26,6 @@ RUN if [ "$TARGETARCH" = "amd64" ]; then \ fix-permissions "${CONDA_DIR}" && \ fix-permissions "/home/${NB_USER}"; \ elif [ "$TARGETARCH" = "arm64" ]; then \ - apt-get update && apt-get install -y --no-install-recommends \ - erlang && \ - rm -rf /var/lib/apt/lists/* && \ - apt-get clean all && \ export RMQ_VERSION=3.9.13 && \ wget -c https://github.com/rabbitmq/rabbitmq-server/releases/download/v${RMQ_VERSION}/rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ tar -xf rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ From 8bdf705af837fc7472d6f12b8cb7e09eb3a38fc2 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 18:23:58 +0100 Subject: [PATCH 112/149] Pass secrets to publish workflow --- .github/workflows/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 367632bb..19135be7 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -70,3 +70,6 @@ jobs: with: runsOn: ubuntu-latest images: ${{ needs.build.outputs.images }} + secrets: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} From c6ecf2cf9607a5c06b414cee2e9d0bcdda719e81 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 18:24:53 +0100 Subject: [PATCH 113/149] Fix build --- stack/lab/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack/lab/Dockerfile b/stack/lab/Dockerfile index c4bbdb70..79039e66 100644 --- a/stack/lab/Dockerfile +++ b/stack/lab/Dockerfile @@ -18,7 +18,7 @@ RUN apt-get update --yes && \ apt-get install --yes --no-install-recommends \ # Install C-compilers etc for apps which need to install pymatgen from source: # https://pymatgen.org/installation.html#installation-tips-for-optional-libraries - build-essential && \ + build-essential \ curl \ povray \ && apt-get clean \ From faebcc0579b4137cb67a7f84a761c7b34b55a3e1 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 18:28:43 +0100 Subject: [PATCH 114/149] Inherit secrets --- .github/workflows/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 19135be7..b4d299e9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -70,6 +70,6 @@ jobs: with: runsOn: ubuntu-latest images: ${{ needs.build.outputs.images }} - secrets: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + secrets: inherit + # DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + # DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} From 961a6d226c1c50b98f363db24cc2fb4f67887bb0 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 18:38:55 +0100 Subject: [PATCH 115/149] Reenable dockerhub login --- .github/workflows/publish.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 4af040d6..ecf6483b 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -36,7 +36,6 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Login to DockerHub 🔑 - if: false uses: docker/login-action@v3 with: registry: docker.io From eb9ec7062d91f325aa1865b9079c73abe0bcdb5b Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 18:40:39 +0100 Subject: [PATCH 116/149] Reenable arm64 build and tests --- .github/workflows/build.yml | 2 +- .github/workflows/main.yml | 7 ++----- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a389e5f7..45ee410b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -83,7 +83,7 @@ jobs: # Do not push the resulting images, just load them to Docker for testing push: true set: | - *.platform=linux/amd64 + *.platform=linux/amd64,linux/arm64 files: | docker-bake.hcl build.json diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b4d299e9..8184bec2 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -40,7 +40,6 @@ jobs: # To save self-hosted runner resources, we're only testing full-stack image test-arm64: - if: false needs: build uses: ./.github/workflows/test.yml with: @@ -54,7 +53,7 @@ jobs: strategy: fail-fast: false matrix: - runner: ["ubuntu-latest"] #, "ARM64"] + runner: ["ubuntu-latest", "ARM64"] uses: ./.github/workflows/test.yml with: runsOn: ${{ matrix.runner }} @@ -65,11 +64,9 @@ jobs: publish: # TODO: This needs to be more restricted if: github.repository == 'aiidalab/aiidalab-docker-stack' - needs: [build, test-amd64] #, test-arm64] + needs: [build, test-amd64, test-arm64] uses: ./.github/workflows/publish.yml with: runsOn: ubuntu-latest images: ${{ needs.build.outputs.images }} secrets: inherit - # DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - # DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} From a1610087e42386f12ac366d81e9776608ee00a4a Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Fri, 19 Apr 2024 23:47:44 +0100 Subject: [PATCH 117/149] Revert "Skip erlang install in base-with-services image" This reverts commit dcda9947dacf71730508abadfdf74cd4ee9b1e7e. --- stack/base-with-services/Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/stack/base-with-services/Dockerfile b/stack/base-with-services/Dockerfile index 90d21176..1a987e63 100644 --- a/stack/base-with-services/Dockerfile +++ b/stack/base-with-services/Dockerfile @@ -26,6 +26,10 @@ RUN if [ "$TARGETARCH" = "amd64" ]; then \ fix-permissions "${CONDA_DIR}" && \ fix-permissions "/home/${NB_USER}"; \ elif [ "$TARGETARCH" = "arm64" ]; then \ + apt-get update && apt-get install -y --no-install-recommends \ + erlang && \ + rm -rf /var/lib/apt/lists/* && \ + apt-get clean all && \ export RMQ_VERSION=3.9.13 && \ wget -c https://github.com/rabbitmq/rabbitmq-server/releases/download/v${RMQ_VERSION}/rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ tar -xf rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ From 861b44443de191f1b29ff0be67ef74ee0a14ce2a Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sat, 20 Apr 2024 12:11:00 +0100 Subject: [PATCH 118/149] Run publish even if arm64 tests fail --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8184bec2..d23f26ed 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -64,7 +64,7 @@ jobs: publish: # TODO: This needs to be more restricted if: github.repository == 'aiidalab/aiidalab-docker-stack' - needs: [build, test-amd64, test-arm64] + needs: [build, test-amd64] #, test-arm64] uses: ./.github/workflows/publish.yml with: runsOn: ubuntu-latest From 7ee4c96dda7dd3a64b8a56075d909b6416dafff6 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sat, 20 Apr 2024 12:23:50 +0100 Subject: [PATCH 119/149] Fix arm64 build --- .github/workflows/build.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 45ee410b..668e1136 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,7 +22,7 @@ on: jobs: build: - name: amd64 and arm64 + name: amd64 & arm64 runs-on: ${{ inputs.runsOn }} timeout-minutes: 120 @@ -80,10 +80,9 @@ jobs: id: build-amd64 uses: docker/bake-action@v4 with: - # Do not push the resulting images, just load them to Docker for testing push: true set: | - *.platform=linux/amd64,linux/arm64 + *.platform=linux/amd64 files: | docker-bake.hcl build.json @@ -113,8 +112,9 @@ jobs: run: REGISTRY= pytest -m "not integration" --target full-stack env: ${{ fromJSON(steps.bake_metadata_amd64.outputs.images) }} - # Here we build amr64 images (with help of QEMU) and upload both amd64 and arm64 to ghcr.io - - name: Build images for ARM64 and upload to ghcr.io 🍎📤 + # Here we build arm64 images (with help of QEMU virtualization) + # and upload both amd64 and arm64 images to ghcr.io + - name: Build ARM64 and upload to ghcr.io 🍎📤 id: build-upload uses: docker/bake-action@v4 with: @@ -122,9 +122,9 @@ jobs: # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 provenance: false - # NOTE: linux/amd64 images will be taken from previous step + # NOTE: linux/amd64 images are taken from previous step set: | - *.platform=linux/amd64 + *.platform=linux/amd64,linux/arm64 files: | docker-bake.hcl build.json From a37f7f56eb4dc9e95d166339f21faa1b6b9fac64 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sat, 20 Apr 2024 12:55:48 +0100 Subject: [PATCH 120/149] Enable all targets for publishing --- .github/workflows/main.yml | 2 +- .github/workflows/publish.yml | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d23f26ed..8184bec2 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -64,7 +64,7 @@ jobs: publish: # TODO: This needs to be more restricted if: github.repository == 'aiidalab/aiidalab-docker-stack' - needs: [build, test-amd64] #, test-arm64] + needs: [build, test-amd64, test-arm64] uses: ./.github/workflows/publish.yml with: runsOn: ubuntu-latest diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ecf6483b..c06c981c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -22,8 +22,7 @@ jobs: strategy: fail-fast: true matrix: - # TODO: More targets - target: ["base"] + target: ["base", "base-with-services", "lab", "full-stack"] steps: - uses: actions/checkout@v4 @@ -56,7 +55,7 @@ jobs: with: images: docker.io/aiidalab/${{ matrix.target }} tags: | - type=edge + type=edge,branch=main type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} type=raw,value=python-${{ env.PYTHON_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} From cfc094ff4cfa1f4e7359543b1cb716bf8650db77 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sat, 20 Apr 2024 12:57:47 +0100 Subject: [PATCH 121/149] Remove sha tag --- .github/workflows/build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 668e1136..03b6bc10 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -60,7 +60,6 @@ jobs: images: | name=${{ env.REGISTRY }}/aiidalab/__template__ tags: | - type=sha type=ref,event=pr type=edge,branch=main type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} From 69aeae25231c58c46d37f1f51093dfb9992c274d Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sun, 21 Apr 2024 16:18:06 +0100 Subject: [PATCH 122/149] Add proper if check for publish workflow --- .github/workflows/main.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8184bec2..2f644f94 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -62,8 +62,9 @@ jobs: integration: true publish: - # TODO: This needs to be more restricted - if: github.repository == 'aiidalab/aiidalab-docker-stack' + if: >- + github.repository == 'aiidalab/aiidalab-docker-stack' + && (github.ref_type == 'tag' || github.ref_name == 'main') needs: [build, test-amd64, test-arm64] uses: ./.github/workflows/publish.yml with: From cdbd9a9e209da7f00e24ba3f8eda9aba18ffb99d Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sun, 21 Apr 2024 16:19:36 +0100 Subject: [PATCH 123/149] Add softprops/action-gh-release --- .github/workflows/publish.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c06c981c..34bdfeba 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -70,6 +70,7 @@ jobs: echo "src=$src" >> "${GITHUB_OUTPUT}" - name: Push image + # TODO: Enable this if: false uses: akhilerm/tag-push-action@v2.2.0 with: @@ -83,3 +84,9 @@ jobs: password: ${{ secrets.DOCKER_PASSWORD }} repository: aiidalab/${{ matrix.target }} short-description: ${{ github.event.repository.description }} + + - uses: softprops/action-gh-release@v0.1.14 + name: Create release + if: startsWith(github.ref, 'refs/tags/v') + with: + generate_release_notes: true From 6feb9a5be9e407d0314a15c41d4087800a150d9d Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sun, 21 Apr 2024 16:23:30 +0100 Subject: [PATCH 124/149] Remove unneeded pip check --- tests/test_aiidalab_apps.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/test_aiidalab_apps.py b/tests/test_aiidalab_apps.py index c30fcd8c..9399828e 100644 --- a/tests/test_aiidalab_apps.py +++ b/tests/test_aiidalab_apps.py @@ -24,7 +24,6 @@ def _generate_aiidalab_install_output(package_name): cmd = f"aiidalab install --yes --pre {package_name}" output = aiidalab_exec(cmd, user=nb_user).strip() - output += aiidalab_exec("pip check", user=nb_user).strip() return output # Uninstall the package to make sure the test is repeatable. From 32f2a8250ffe38512998594e316c18c2f3918f04 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sun, 21 Apr 2024 16:24:26 +0100 Subject: [PATCH 125/149] Revert "remove precommit from dev requirements" This reverts commit 48057243ce610bfcb5975f68a4f261589fb1e3cf. --- requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements.txt b/requirements.txt index 4ea33c40..6ba03f75 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,6 @@ docker requests +pre-commit pytest~=7.0 pytest-docker doit From 30eba268ac0608008b1c2b1b4ac09cb716303212 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sun, 21 Apr 2024 16:32:59 +0100 Subject: [PATCH 126/149] Pin ubuntu runner version --- .github/workflows/main.yml | 8 ++++---- .github/workflows/publish.yml | 2 -- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 2f644f94..36d4ef42 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -21,7 +21,7 @@ jobs: build: uses: ./.github/workflows/build.yml with: - runsOn: ubuntu-latest + runsOn: ubuntu-22.04 test-amd64: needs: build @@ -33,7 +33,7 @@ jobs: uses: ./.github/workflows/test.yml with: - runsOn: ubuntu-latest + runsOn: ubuntu-22.04 images: ${{ needs.build.outputs.images }} target: ${{ matrix.target }} integration: false @@ -53,7 +53,7 @@ jobs: strategy: fail-fast: false matrix: - runner: ["ubuntu-latest", "ARM64"] + runner: ["ubuntu-22.04", "ARM64"] uses: ./.github/workflows/test.yml with: runsOn: ${{ matrix.runner }} @@ -68,6 +68,6 @@ jobs: needs: [build, test-amd64, test-arm64] uses: ./.github/workflows/publish.yml with: - runsOn: ubuntu-latest + runsOn: ubuntu-22.04 images: ${{ needs.build.outputs.images }} secrets: inherit diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 34bdfeba..3c248736 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -70,8 +70,6 @@ jobs: echo "src=$src" >> "${GITHUB_OUTPUT}" - name: Push image - # TODO: Enable this - if: false uses: akhilerm/tag-push-action@v2.2.0 with: src: ${{ steps.images.outputs.src }} From b9ca67d34c5376bcafb853d96bbc483547ac447a Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sun, 21 Apr 2024 16:37:14 +0100 Subject: [PATCH 127/149] Revert "Move build-essential to lab image, hopefully speed up build a bit" This reverts commit 366fa3431ff9e73c8367b515b02dd81070639d90. --- stack/base/Dockerfile | 7 +++++++ stack/lab/Dockerfile | 3 --- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/stack/base/Dockerfile b/stack/base/Dockerfile index ac15379a..b74691aa 100644 --- a/stack/base/Dockerfile +++ b/stack/base/Dockerfile @@ -5,6 +5,13 @@ LABEL maintainer="AiiDAlab Team " USER root +RUN apt-get update --yes && \ + apt-get install --yes --no-install-recommends \ + # for apps which need to install pymatgen: + # https://pymatgen.org/installation.html#installation-tips-for-optional-libraries + build-essential && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + WORKDIR /opt/ ARG AIIDA_VERSION diff --git a/stack/lab/Dockerfile b/stack/lab/Dockerfile index 79039e66..565c74e8 100644 --- a/stack/lab/Dockerfile +++ b/stack/lab/Dockerfile @@ -16,9 +16,6 @@ WORKDIR /opt/ # Install additional system packages RUN apt-get update --yes && \ apt-get install --yes --no-install-recommends \ - # Install C-compilers etc for apps which need to install pymatgen from source: - # https://pymatgen.org/installation.html#installation-tips-for-optional-libraries - build-essential \ curl \ povray \ && apt-get clean \ From fad7527e72e069b4f26fc8bd12bc9035d8cf0cd1 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Sun, 21 Apr 2024 17:11:59 +0100 Subject: [PATCH 128/149] Revert "Remove unneeded pip check" This reverts commit 6feb9a5be9e407d0314a15c41d4087800a150d9d. --- tests/test_aiidalab_apps.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/test_aiidalab_apps.py b/tests/test_aiidalab_apps.py index 9399828e..c30fcd8c 100644 --- a/tests/test_aiidalab_apps.py +++ b/tests/test_aiidalab_apps.py @@ -24,6 +24,7 @@ def _generate_aiidalab_install_output(package_name): cmd = f"aiidalab install --yes --pre {package_name}" output = aiidalab_exec(cmd, user=nb_user).strip() + output += aiidalab_exec("pip check", user=nb_user).strip() return output # Uninstall the package to make sure the test is repeatable. From e538e73f76b1fefa468da983be1bfb42b440132c Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 23 Apr 2024 10:39:07 +0100 Subject: [PATCH 129/149] minor cleanup --- .github/workflows/build.yml | 3 +-- .github/workflows/publish.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 03b6bc10..87b5b4b0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -131,7 +131,6 @@ jobs: - name: Set output variables id: bake_metadata + run: .github/workflows/extract-image-names.sh >> "${GITHUB_OUTPUT}" env: BAKE_METADATA: ${{ steps.build-upload.outputs.metadata }} - run: | - .github/workflows/extract-image-names.sh >> "${GITHUB_OUTPUT}" diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 3c248736..6fd22a8c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -55,7 +55,7 @@ jobs: with: images: docker.io/aiidalab/${{ matrix.target }} tags: | - type=edge,branch=main + type=edge,enable={{is_default_branch}} type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} type=raw,value=python-${{ env.PYTHON_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} From 30eb7c9c6491b9c4e67554086ffc46411c4def32 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Mon, 29 Apr 2024 16:02:40 +0100 Subject: [PATCH 130/149] Remove bake template (#446) --- .github/workflows/build.yml | 45 +++----- .github/workflows/env.hcl | 2 + .github/workflows/extract-image-names.sh | 38 +++---- .github/workflows/main.yml | 23 +++- .../workflows/merge-bake-template-target.sh | 102 ------------------ .github/workflows/publish.yml | 26 +++-- docker-bake.hcl | 3 +- 7 files changed, 69 insertions(+), 170 deletions(-) create mode 100644 .github/workflows/env.hcl delete mode 100755 .github/workflows/merge-bake-template-target.sh diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 87b5b4b0..55ce51a6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,11 +2,7 @@ name: Build images and upload them to ghcr.io env: - OWNER: ${{ github.repository_owner }} - REGISTRY: ghcr.io BUILDKIT_PROGRESS: plain - # https://github.com/docker/metadata-action?tab=readme-ov-file#environment-variables - DOCKER_METADATA_PR_HEAD_SHA: true on: workflow_call: @@ -48,54 +44,36 @@ jobs: - name: Login to GitHub Container Registry 🔑 uses: docker/login-action@v3 with: - registry: ${{ env.REGISTRY }} + registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Generate tags for images on ghcr.io 🏷️ - id: tags_template - uses: docker/metadata-action@v5 - with: - bake-target: __template__-meta - images: | - name=${{ env.REGISTRY }}/aiidalab/__template__ - tags: | - type=ref,event=pr - type=edge,branch=main - type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} - type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} - type=raw,value=python-${{ env.PYTHON_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} - type=raw,value=postgresql-${{ env.PGSQL_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} - type=match,pattern=v(\d{4}\.\d{4}(-.+)?),group=1 - - - name: Generate docker-bake metadata file. - env: - BAKE_TEMPLATE_FILE: ${{ steps.tags_template.outputs.bake-file }} - run: | - .github/workflows/merge-bake-template-target.sh ${BAKE_TEMPLATE_FILE} \ - | tee docker-bake-template-meta.json - + # https://docs.docker.com/build/ci/github-actions/multi-platform/#with-bake - name: Build amd64 images 🏗️ id: build-amd64 uses: docker/bake-action@v4 with: - push: true + # Using provenance to disable default attestation so it will build only desired images: + # https://github.com/orgs/community/discussions/45969 + provenance: false set: | *.platform=linux/amd64 + *.output=type=registry,push-by-digest=true,name-canonical=true files: | docker-bake.hcl build.json - docker-bake-template-meta.json + .github/workflows/env.hcl - name: Get amd64 images with digests id: bake_metadata_amd64 env: BAKE_METADATA: ${{ steps.build-amd64.outputs.metadata }} run: | + .github/workflows/extract-image-names.sh .github/workflows/extract-image-names.sh >> "${GITHUB_OUTPUT}" - name: Set Up Python 🐍 - if: ${{ inputs.runner != 'ARM64' }} + if: startsWith(inputs.runsOn, 'ubuntu') uses: actions/setup-python@v5 with: python-version: '3.11' @@ -108,7 +86,7 @@ jobs: # We run tests here to catch issues early, before running arm64 build which is slow - name: Run tests for full-stack image - run: REGISTRY= pytest -m "not integration" --target full-stack + run: pytest -m "not integration" --target full-stack env: ${{ fromJSON(steps.bake_metadata_amd64.outputs.images) }} # Here we build arm64 images (with help of QEMU virtualization) @@ -124,10 +102,11 @@ jobs: # NOTE: linux/amd64 images are taken from previous step set: | *.platform=linux/amd64,linux/arm64 + *.output=type=registry,push-by-digest=true,name-canonical=true files: | docker-bake.hcl build.json - docker-bake-template-meta.json + .github/workflows/env.hcl - name: Set output variables id: bake_metadata diff --git a/.github/workflows/env.hcl b/.github/workflows/env.hcl new file mode 100644 index 00000000..fc2b844e --- /dev/null +++ b/.github/workflows/env.hcl @@ -0,0 +1,2 @@ +# env.hcl +REGISTRY = "ghcr.io/" diff --git a/.github/workflows/extract-image-names.sh b/.github/workflows/extract-image-names.sh index af814684..9aca2de8 100755 --- a/.github/workflows/extract-image-names.sh +++ b/.github/workflows/extract-image-names.sh @@ -2,49 +2,51 @@ set -euo pipefail -# Extract image names together with their digests -# to uniquely identify newly built images in subsequent steps. +# Extract image names together with their sha256 digests +# from the docker/bake-action metadata output. +# These together uniquely identify newly built images. # The input to this script is a JSON string passed via BAKE_METADATA env variable # Here's example input (trimmed to relevant bits): -# BAKE_META: { +# BAKE_METADATA: { # "base": { -# "buildx.build.ref": "builder-9dc30f03-42f5-4fd5-8c9a-0d54be5ad996/builder-9dc30f03-42f5-4fd5-8c9a-0d54be5ad9960/jex1w6zvslbbomtkedn4no62l", -# "containerimage.config.digest": "sha256:b76dc61672dd0efbd586d56393d3a57f6309654e6903d738168892bc09017e8b", # "containerimage.descriptor": { # "mediaType": "application/vnd.docker.distribution.manifest.v2+json", # "digest": "sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d", # "size": 6170, -# "platform": { -# "architecture": "amd64", -# "os": "linux" -# } # }, # "containerimage.digest": "sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d", -# "image.name": "ghcr.io/aiidalab/base:pr-439,ghcr.io/aiidalab/base:sha-a0cd2be" +# "image.name": "ghcr.io/aiidalab/base" # }, # "base-with-services": { +# "image.name": "ghcr.io/aiidalab/base-with-services" # "containerimage.digest": "sha256:6753a809b5b2675bf4c22408e07c1df155907a465b33c369ef93ebcb1c4fec26", # "...": "" # } # "full-stack": { -# "containerimage.digest": "sha256:85ee91f61be1ea601591c785db038e5899d68d5fb89e07d66d9efbe8f352ee48", -# "...": "" +# "image.name": "ghcr.io/aiidalab/full-stack" +# "containerimage.digest": "sha256:85ee91f61be1ea601591c785db038e5899d68d5fb89e07d66d9efbe8f352ee48", +# "...": "" # } # "lab": { -# "containerimage.digest": "sha256:4d9be090da287fcdf2d4658bb82f78bad791ccd15dac9af594fb8306abe47e97", -# "...": "" +# "image.name": "ghcr.io/aiidalab/lab" +# "containerimage.digest": "sha256:4d9be090da287fcdf2d4658bb82f78bad791ccd15dac9af594fb8306abe47e97", +# "...": "" # } # } # # Example output (real output is on one line): # # images={ -# "BASE_IMAGE":"ghcr.io/aiidalab/base:pr-439@sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d", -# "BASE_WITH_SERVICES_IMAGE":"ghcr.io/aiidalab/base-with-services:pr-439@sha256:6753a809b5b2675bf4c22408e07c1df155907a465b33c369ef93ebcb1c4fec26", -# "FULL_STACK_IMAGE":"ghcr.io/aiidalab/full-stack:pr-439@sha256:85ee91f61be1ea601591c785db038e5899d68d5fb89e07d66d9efbe8f352ee48", -# "LAB_IMAGE":"ghcr.io/aiidalab/lab:pr-439@sha256:4d9be090da287fcdf2d4658bb82f78bad791ccd15dac9af594fb8306abe47e97" +# "BASE_IMAGE": "ghcr.io/aiidalab/base@sha256:8e57a52b924b67567314b8ed3c968859cad99ea13521e60bbef40457e16f391d", +# "BASE_WITH_SERVICES_IMAGE": "ghcr.io/aiidalab/base-with-services@sha256:6753a809b5b2675bf4c22408e07c1df155907a465b33c369ef93ebcb1c4fec26", +# "FULL_STACK_IMAGE": "ghcr.io/aiidalab/full-stack@sha256:85ee91f61be1ea601591c785db038e5899d68d5fb89e07d66d9efbe8f352ee48", +# "LAB_IMAGE": "ghcr.io/aiidalab/lab@sha256:4d9be090da287fcdf2d4658bb82f78bad791ccd15dac9af594fb8306abe47e97" # } +# +# This json output is later turned to environment variables using fromJson() GHA builtin +# (e.g. BASE_IMAGE=ghcr.io/aiidalab/base@sha256:8e57a52b...) +# and these are in turn read in the docker-compose..yml files for tests. if [[ -z ${BAKE_METADATA-} ]];then echo "ERROR: Environment variable BAKE_METADATA is not set!" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 36d4ef42..d8a02807 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -16,6 +16,9 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true +env: + FORCE_COLOR: 1 + jobs: build: @@ -45,7 +48,7 @@ jobs: with: runsOn: ARM64 images: ${{ needs.build.outputs.images }} - target: "full-stack" + target: full-stack integration: false test-integration: @@ -53,21 +56,31 @@ jobs: strategy: fail-fast: false matrix: - runner: ["ubuntu-22.04", "ARM64"] + runner: [ubuntu-22.04, ARM64] uses: ./.github/workflows/test.yml with: runsOn: ${{ matrix.runner }} images: ${{ needs.build.outputs.images }} - target: "full-stack" + target: full-stack integration: true - publish: + publish-ghcr: + needs: [build, test-amd64, test-arm64] + uses: ./.github/workflows/publish.yml + with: + runsOn: ubuntu-22.04 + images: ${{ needs.build.outputs.images }} + registry: ghcr.io + secrets: inherit + + publish-dockerhub: if: >- github.repository == 'aiidalab/aiidalab-docker-stack' && (github.ref_type == 'tag' || github.ref_name == 'main') - needs: [build, test-amd64, test-arm64] + needs: [build, publish-ghcr] uses: ./.github/workflows/publish.yml with: runsOn: ubuntu-22.04 images: ${{ needs.build.outputs.images }} + registry: docker.io secrets: inherit diff --git a/.github/workflows/merge-bake-template-target.sh b/.github/workflows/merge-bake-template-target.sh deleted file mode 100755 index 6443865e..00000000 --- a/.github/workflows/merge-bake-template-target.sh +++ /dev/null @@ -1,102 +0,0 @@ -#!/bin/bash -set -euo pipefail - -# For each target that is part of the "default" group, replace the term -# "__template__" in the provided template bake-file, and then merge all -# resulting bake-files into one. -# -# That means if the default group contains a target named "base", the script -# will replace all occurrences of the term "__template__" with "base" and then -# merge the result with those for all other targets part of the "default" group. -# -# The motivation is to be able to use a bake-file generated by the -# docker/meta-action (which can currently only handle a single bake-target) for -# all targets currently specified in the main bake-file ("docker-bake.hcl"). -# -# Example output (trimmed): -# { -# "target": { -# "base-meta": { -# "tags": [ -# "ghcr.io/aiidalab/base:pr-439", -# "ghcr.io/aiidalab/base:sha-40bdfc9" -# ], -# "labels": { -# "org.opencontainers.image.created": "2024-04-19T11:50:09.021Z", -# "org.opencontainers.image.description": "Docker images with the basic software stack for AiiDAlab", -# "org.opencontainers.image.licenses": "NOASSERTION", -# "org.opencontainers.image.revision": "40bdfc9491e409c67320ca3566f85aaf3feb36ea", -# "org.opencontainers.image.source": "https://github.com/aiidalab/aiidalab-docker-stack", -# "org.opencontainers.image.title": "aiidalab-docker-stack", -# "org.opencontainers.image.url": "https://github.com/aiidalab/aiidalab-docker-stack", -# "org.opencontainers.image.version": "pr-439" -# }, -# "args": { -# "DOCKER_META_IMAGES": "ghcr.io/aiidalab/base", -# "DOCKER_META_VERSION": "pr-439" -# } -# }, -# "base-with-services-meta": { -# "tags": [ -# "ghcr.io/aiidalab/base-with-services:pr-439", -# "ghcr.io/aiidalab/base-with-services:sha-40bdfc9" -# ], -# "labels": {}, -# "args": { -# "DOCKER_META_IMAGES": "ghcr.io/aiidalab/base-with-services", -# "DOCKER_META_VERSION": "pr-439" -# } -# }, -# "lab-meta": { -# "tags": [ -# "ghcr.io/aiidalab/lab:pr-439", -# "ghcr.io/aiidalab/lab:sha-40bdfc9" -# ], -# "labels": {}, -# "args": { -# "DOCKER_META_IMAGES": "ghcr.io/aiidalab/lab", -# "DOCKER_META_VERSION": "pr-439" -# } -# }, -# "full-stack-meta": { -# "tags": [ -# "ghcr.io/aiidalab/full-stack:pr-439", -# "ghcr.io/aiidalab/full-stack:sha-40bdfc9" -# ], -# "labels": {}, -# "args": { -# "DOCKER_META_IMAGES": "ghcr.io/aiidalab/full-stack", -# "DOCKER_META_VERSION": "pr-439" -# } -# } -# } -#} - -if [[ -z ${1-} ]];then - echo "ERROR: Provide path to bake-file template as first parameter" - exit 1 -fi - -input_file=$1 -if [[ ! -f ${input_file} ]];then - echo "ERROR: File $input_file does not exist!" - exit 1 -fi - -# Flatten the json file into a single line -input=$(cat $input_file | jq -c) - -# Determine the targets. -# TODO: This currently fails due to PYTHON_MINOR_VERSION computation, -# let's just hardcode for now -# TARGETS=$(docker buildx bake --print | jq -cr '.group.default.targets' | jq -r '.[]') -TARGETS="base base-with-services lab full-stack" - -# Generate the meta JSON strings -meta="" -for target in $TARGETS; do - meta="${meta} ${input//__template__/${target}}" -done - -# Combine into merged bake file. -echo $meta | jq -s 'reduce .[] as $x ({}; . * $x)' diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 6fd22a8c..186a4eb2 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,5 +1,9 @@ --- -name: Publish images to DockerHub +name: Publish images to Docker container registries + +env: + # https://github.com/docker/metadata-action?tab=readme-ov-file#environment-variables + DOCKER_METADATA_PR_HEAD_SHA: true on: workflow_call: @@ -12,11 +16,15 @@ on: description: Images built in build step required: true type: string + registry: + description: Docker container registry + required: true + type: string jobs: release: - name: DockerHub release + name: Release to ${{ inputs.registry }} runs-on: ${{ inputs.runsOn }} timeout-minutes: 30 strategy: @@ -36,6 +44,7 @@ jobs: - name: Login to DockerHub 🔑 uses: docker/login-action@v3 + if: inputs.registry == 'docker.io' with: registry: docker.io username: ${{ secrets.DOCKER_USERNAME }} @@ -53,8 +62,10 @@ jobs: uses: docker/metadata-action@v5 env: ${{ fromJSON(steps.build_vars.outputs.vars) }} with: - images: docker.io/aiidalab/${{ matrix.target }} + # e.g. ghcr.io/aiidalab/full-stack + images: ${{ inputs.registry }}/${{ github.repository_owner }}/${{ matrix.target }} tags: | + type=ref,event=pr type=edge,enable={{is_default_branch}} type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} @@ -62,7 +73,7 @@ jobs: type=raw,value=postgresql-${{ env.PGSQL_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} type=match,pattern=v(\d{4}\.\d{4}(-.+)?),group=1 - - name: Determine src image tag + - name: Determine source image id: images run: | src=$(echo '${{ inputs.images }}'| jq -cr '.[("${{ matrix.target }}"|ascii_upcase|sub("-"; "_"; "g")) + "_IMAGE"]') @@ -76,15 +87,10 @@ jobs: dst: ${{ steps.meta.outputs.tags }} - name: Docker Hub Description + if: inputs.registry == 'docker.io' uses: peter-evans/dockerhub-description@v4 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} repository: aiidalab/${{ matrix.target }} short-description: ${{ github.event.repository.description }} - - - uses: softprops/action-gh-release@v0.1.14 - name: Create release - if: startsWith(github.ref, 'refs/tags/v') - with: - generate_release_notes: true diff --git a/docker-bake.hcl b/docker-bake.hcl index 5fe77879..46d8225b 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -26,7 +26,6 @@ variable "ORGANIZATION" { } variable "REGISTRY" { - default = "docker.io" } variable "PLATFORMS" { @@ -40,7 +39,7 @@ variable "TARGETS" { function "tags" { params = [image] result = [ - "${REGISTRY}/${ORGANIZATION}/${image}:${VERSION}", + "${REGISTRY}${ORGANIZATION}/${image}${VERSION}", ] } From 83b1975305e34572caf8fdfe5e40408fd7c37426 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 30 Apr 2024 05:04:00 +0100 Subject: [PATCH 131/149] Move all extra apt packages to base, hopefully speeds up build --- stack/base/Dockerfile | 12 +++++++----- stack/lab/Dockerfile | 8 -------- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/stack/base/Dockerfile b/stack/base/Dockerfile index b74691aa..2dcb6476 100644 --- a/stack/base/Dockerfile +++ b/stack/base/Dockerfile @@ -5,17 +5,19 @@ LABEL maintainer="AiiDAlab Team " USER root +# build-essential: includes GCC compilers that are needed when building +# pip packages from sources, which often seems to happen for pymatgen: +# https://pymatgen.org/installation.html#installation-tips-for-optional-libraries +# rsync: needed to support the new AiiDA backup command +# povray: rendering engine used in aiidalab-widgets-base +ENV EXTRA_APT_PACKAGES "curl povray rsync build-essential" RUN apt-get update --yes && \ - apt-get install --yes --no-install-recommends \ - # for apps which need to install pymatgen: - # https://pymatgen.org/installation.html#installation-tips-for-optional-libraries - build-essential && \ + apt-get install --yes --no-install-recommends ${EXTRA_APT_PACKAGES} && \ apt-get clean && rm -rf /var/lib/apt/lists/* WORKDIR /opt/ ARG AIIDA_VERSION - # Pin shared requirements in the base environment. # We pin aiida-core to the exact installed version, # to prevent accidental upgrade or downgrade, that might diff --git a/stack/lab/Dockerfile b/stack/lab/Dockerfile index 565c74e8..15f122c2 100644 --- a/stack/lab/Dockerfile +++ b/stack/lab/Dockerfile @@ -13,14 +13,6 @@ ENV DOCKER_STACKS_JUPYTER_CMD=notebook USER root WORKDIR /opt/ -# Install additional system packages -RUN apt-get update --yes && \ - apt-get install --yes --no-install-recommends \ - curl \ - povray \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* - # Install aiidalab package ARG AIIDALAB_VERSION RUN mamba install --yes \ From cf014d9cdfa58c107cc90e67c3a6a6ed755c7f1d Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 30 Apr 2024 05:25:05 +0100 Subject: [PATCH 132/149] Move erlang installation to base image --- stack/base-with-services/Dockerfile | 10 ++++------ stack/base/Dockerfile | 9 +++++++++ stack/full-stack/Dockerfile | 10 ---------- 3 files changed, 13 insertions(+), 16 deletions(-) diff --git a/stack/base-with-services/Dockerfile b/stack/base-with-services/Dockerfile index 1a987e63..60b71f39 100644 --- a/stack/base-with-services/Dockerfile +++ b/stack/base-with-services/Dockerfile @@ -18,7 +18,9 @@ RUN mamba create -p /opt/conda/envs/aiida-core-services --yes \ # Install RabbitMQ in a dedicated conda environment. # If the architecture is arm64, we install the default version of rabbitmq provided by the generic binary, -# # https://www.rabbitmq.com/install-generic-unix.html the version needs to be compatible with system's erlang version. +# https://www.rabbitmq.com/install-generic-unix.html the version needs to be compatible with system's erlang version. +# Note that system erlang from arm64 is already installed in the base image, together with other APT dependencies +# to save build time. RUN if [ "$TARGETARCH" = "amd64" ]; then \ mamba install -p /opt/conda/envs/aiida-core-services --yes \ rabbitmq-server=3.8.14 && \ @@ -26,10 +28,6 @@ RUN if [ "$TARGETARCH" = "amd64" ]; then \ fix-permissions "${CONDA_DIR}" && \ fix-permissions "/home/${NB_USER}"; \ elif [ "$TARGETARCH" = "arm64" ]; then \ - apt-get update && apt-get install -y --no-install-recommends \ - erlang && \ - rm -rf /var/lib/apt/lists/* && \ - apt-get clean all && \ export RMQ_VERSION=3.9.13 && \ wget -c https://github.com/rabbitmq/rabbitmq-server/releases/download/v${RMQ_VERSION}/rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ tar -xf rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ @@ -38,7 +36,7 @@ elif [ "$TARGETARCH" = "arm64" ]; then \ fix-permissions "/opt/conda/envs/aiida-core-services/rabbitmq_server-${RMQ_VERSION}" && \ ln -sf /opt/conda/envs/aiida-core-services/rabbitmq_server-${RMQ_VERSION}/sbin/* /opt/conda/envs/aiida-core-services/bin/; \ else \ - echo "Unknown architecture: ${TARGETARCH}."; \ + echo "Unknown architecture: ${TARGETARCH}."; \ fi # Configure AiiDA profile. diff --git a/stack/base/Dockerfile b/stack/base/Dockerfile index 2dcb6476..c0d738f3 100644 --- a/stack/base/Dockerfile +++ b/stack/base/Dockerfile @@ -11,6 +11,15 @@ USER root # rsync: needed to support the new AiiDA backup command # povray: rendering engine used in aiidalab-widgets-base ENV EXTRA_APT_PACKAGES "curl povray rsync build-essential" + +# For ARM64 we need to install erlang as it is not available on conda-forge +# (this is needed later as rabbitmq dependency in base-with-services image, +# but we install it here so that we don't have to invoke apt multiple times. +ARG TARGETARCH +RUN if [ "$TARGETARCH" = "arm64" ]; then \ + EXTRA_APT_PACKAGES="erlang "${EXTRA_APT_PACKAGES}; \ + fi + RUN apt-get update --yes && \ apt-get install --yes --no-install-recommends ${EXTRA_APT_PACKAGES} && \ apt-get clean && rm -rf /var/lib/apt/lists/* diff --git a/stack/full-stack/Dockerfile b/stack/full-stack/Dockerfile index 05210246..aefe2a82 100644 --- a/stack/full-stack/Dockerfile +++ b/stack/full-stack/Dockerfile @@ -9,16 +9,6 @@ COPY --from=base /opt/config-quick-setup.yaml /opt/ COPY --from=base "${CONDA_DIR}/envs/aiida-core-services" "${CONDA_DIR}/envs/aiida-core-services" COPY --from=base /usr/local/bin/before-notebook.d /usr/local/bin/before-notebook.d -# This is needed because we use multi-stage build, -# the erlang package is not available after the first stage. -ARG TARGETARCH -RUN if [ "$TARGETARCH" = "arm64" ]; then \ - # Install erlang. - apt-get update --yes && \ - apt-get install --yes --no-install-recommends erlang && \ - apt-get clean && rm -rf /var/lib/apt/lists/*; \ -fi - RUN fix-permissions "${CONDA_DIR}" RUN fix-permissions "/home/${NB_USER}/.aiida" From 3979fb4b426b28dce24b0792925fdd32ef992e1c Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 30 Apr 2024 06:00:33 +0100 Subject: [PATCH 133/149] Actually install erlang this time --- stack/base/Dockerfile | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/stack/base/Dockerfile b/stack/base/Dockerfile index c0d738f3..6489157f 100644 --- a/stack/base/Dockerfile +++ b/stack/base/Dockerfile @@ -17,10 +17,9 @@ ENV EXTRA_APT_PACKAGES "curl povray rsync build-essential" # but we install it here so that we don't have to invoke apt multiple times. ARG TARGETARCH RUN if [ "$TARGETARCH" = "arm64" ]; then \ - EXTRA_APT_PACKAGES="erlang "${EXTRA_APT_PACKAGES}; \ - fi - -RUN apt-get update --yes && \ + EXTRA_APT_PACKAGES="erlang ${EXTRA_APT_PACKAGES}"; \ + fi;\ + apt-get update --yes && \ apt-get install --yes --no-install-recommends ${EXTRA_APT_PACKAGES} && \ apt-get clean && rm -rf /var/lib/apt/lists/* From 6a4f8fe71e2cda43d68be6743ab6be7eb52ed868 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 30 Apr 2024 06:53:10 +0100 Subject: [PATCH 134/149] Combine mamba install call for amd64 build in base-with-services --- stack/base-with-services/Dockerfile | 37 +++++++++++++++-------------- 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/stack/base-with-services/Dockerfile b/stack/base-with-services/Dockerfile index 60b71f39..ce1c5158 100644 --- a/stack/base-with-services/Dockerfile +++ b/stack/base-with-services/Dockerfile @@ -10,33 +10,34 @@ ARG AIIDA_VERSION ARG PGSQL_VERSION ARG TARGETARCH -RUN mamba create -p /opt/conda/envs/aiida-core-services --yes \ - postgresql=${PGSQL_VERSION} \ - && mamba clean --all -f -y && \ - fix-permissions "${CONDA_DIR}" && \ - fix-permissions "/home/${NB_USER}" - -# Install RabbitMQ in a dedicated conda environment. -# If the architecture is arm64, we install the default version of rabbitmq provided by the generic binary, -# https://www.rabbitmq.com/install-generic-unix.html the version needs to be compatible with system's erlang version. -# Note that system erlang from arm64 is already installed in the base image, together with other APT dependencies -# to save build time. +# Install RabbitMQ and PostgreSQL in a dedicated conda environment. +# +# RabbitMQ is not available on conda-forge at the time being, see: +# https://github.com/conda-forge/rabbitmq-server-feedstock/issues/67If +# Instead we need install erlang via apt and RabbitMQ as a "Generic Unix Build", see: +# https://www.rabbitmq.com/install-generic-unix.html +# Note that this version must be compatible with system's erlang version. +# Note that system erlang from arm64 is already installed in the base image, +# together with other APT dependencies to save build time. RUN if [ "$TARGETARCH" = "amd64" ]; then \ mamba install -p /opt/conda/envs/aiida-core-services --yes \ - rabbitmq-server=3.8.14 && \ + postgresql=${PGSQL_VERSION} \ + rabbitmq-server=3.8.14 && \ mamba clean --all -f -y && \ fix-permissions "${CONDA_DIR}" && \ fix-permissions "/home/${NB_USER}"; \ elif [ "$TARGETARCH" = "arm64" ]; then \ + mamba install -p /opt/conda/envs/aiida-core-services --yes \ + postgresql=${PGSQL_VERSION} \ + mamba clean --all -f -y && \ export RMQ_VERSION=3.9.13 && \ wget -c https://github.com/rabbitmq/rabbitmq-server/releases/download/v${RMQ_VERSION}/rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ tar -xf rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ rm rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ mv rabbitmq_server-${RMQ_VERSION} /opt/conda/envs/aiida-core-services/ && \ - fix-permissions "/opt/conda/envs/aiida-core-services/rabbitmq_server-${RMQ_VERSION}" && \ + fix-permissions "${CONDA_DIR}" && \ + fix-permissions "/home/${NB_USER}"; \ ln -sf /opt/conda/envs/aiida-core-services/rabbitmq_server-${RMQ_VERSION}/sbin/* /opt/conda/envs/aiida-core-services/bin/; \ -else \ - echo "Unknown architecture: ${TARGETARCH}."; \ fi # Configure AiiDA profile. @@ -44,9 +45,9 @@ COPY config-quick-setup.yaml . COPY before-notebook.d/20_start-postgresql.sh /usr/local/bin/before-notebook.d/ COPY before-notebook.d/30_start-rabbitmq-${TARGETARCH}.sh /usr/local/bin/before-notebook.d/ -# Supress rabbitmq version warning for arm64 since -# it is built using latest version rabbitmq from apt install. -# We explicitly set consumer_timeout to 100 hours in /etc/rabbitmq/rabbitmq.conf +# Supress rabbitmq version warning from aiida-core. +# This is needed for the arm64 build which uses RabbitMQ version >3.8, for which +# we explicitly set consumer_timeout to 100 hours in /etc/rabbitmq/rabbitmq.conf COPY before-notebook.d/41_suppress-rabbitmq-version-warning.sh /usr/local/bin/before-notebook.d/ RUN if [ "$TARGETARCH" = "amd64" ]; then \ rm /usr/local/bin/before-notebook.d/41_suppress-rabbitmq-version-warning.sh; \ From 0f647b070cbb35da5bf40650110d32daf9a1beab Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 30 Apr 2024 08:30:35 +0100 Subject: [PATCH 135/149] fix1 --- stack/base-with-services/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack/base-with-services/Dockerfile b/stack/base-with-services/Dockerfile index ce1c5158..b17ab936 100644 --- a/stack/base-with-services/Dockerfile +++ b/stack/base-with-services/Dockerfile @@ -27,7 +27,7 @@ RUN if [ "$TARGETARCH" = "amd64" ]; then \ fix-permissions "${CONDA_DIR}" && \ fix-permissions "/home/${NB_USER}"; \ elif [ "$TARGETARCH" = "arm64" ]; then \ - mamba install -p /opt/conda/envs/aiida-core-services --yes \ + mamba create -p /opt/conda/envs/aiida-core-services --yes \ postgresql=${PGSQL_VERSION} \ mamba clean --all -f -y && \ export RMQ_VERSION=3.9.13 && \ From fb4455403c8033db1572d24a98a254ed92066a3e Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 30 Apr 2024 08:30:48 +0100 Subject: [PATCH 136/149] fix2 --- stack/base-with-services/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack/base-with-services/Dockerfile b/stack/base-with-services/Dockerfile index b17ab936..7df5c117 100644 --- a/stack/base-with-services/Dockerfile +++ b/stack/base-with-services/Dockerfile @@ -20,7 +20,7 @@ ARG TARGETARCH # Note that system erlang from arm64 is already installed in the base image, # together with other APT dependencies to save build time. RUN if [ "$TARGETARCH" = "amd64" ]; then \ - mamba install -p /opt/conda/envs/aiida-core-services --yes \ + mamba create -p /opt/conda/envs/aiida-core-services --yes \ postgresql=${PGSQL_VERSION} \ rabbitmq-server=3.8.14 && \ mamba clean --all -f -y && \ From 263b7c6a6a22ce9d0a460dbb6deaa744a86e90b2 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 30 Apr 2024 08:54:29 +0100 Subject: [PATCH 137/149] Update stack/base-with-services/Dockerfile --- stack/base-with-services/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack/base-with-services/Dockerfile b/stack/base-with-services/Dockerfile index 7df5c117..99f0331e 100644 --- a/stack/base-with-services/Dockerfile +++ b/stack/base-with-services/Dockerfile @@ -28,7 +28,7 @@ RUN if [ "$TARGETARCH" = "amd64" ]; then \ fix-permissions "/home/${NB_USER}"; \ elif [ "$TARGETARCH" = "arm64" ]; then \ mamba create -p /opt/conda/envs/aiida-core-services --yes \ - postgresql=${PGSQL_VERSION} \ + postgresql=${PGSQL_VERSION} && \ mamba clean --all -f -y && \ export RMQ_VERSION=3.9.13 && \ wget -c https://github.com/rabbitmq/rabbitmq-server/releases/download/v${RMQ_VERSION}/rabbitmq-server-generic-unix-${RMQ_VERSION}.tar.xz && \ From 9190d81797c7846bfb99811ba148cc8b28c84f4c Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Tue, 30 Apr 2024 21:35:51 +0100 Subject: [PATCH 138/149] Simplify build workflow (#449) * Skip QEMU for amd64-only build * Cup of tee --- .github/workflows/build.yml | 60 +++++++---------------------------- .github/workflows/main.yml | 18 +++++++---- .github/workflows/publish.yml | 6 ++-- 3 files changed, 25 insertions(+), 59 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 55ce51a6..130ec7ee 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,14 +11,18 @@ on: description: GitHub Actions Runner image required: true type: string + platforms: + description: Target platforms for the build (linux/amd64 and/or linux/arm64) + required: true + type: string outputs: images: - description: Built images, identified with digests + description: Images identified by digests value: ${{ jobs.build.outputs.images }} jobs: build: - name: amd64 & arm64 + name: build ${{ inputs.platforms }} runs-on: ${{ inputs.runsOn }} timeout-minutes: 120 @@ -36,6 +40,7 @@ jobs: uses: actions/checkout@v4 - name: Set up QEMU + if: ${{ inputs.platforms != 'linux/amd64' }} uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx @@ -48,50 +53,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - # https://docs.docker.com/build/ci/github-actions/multi-platform/#with-bake - - name: Build amd64 images 🏗️ - id: build-amd64 - uses: docker/bake-action@v4 - with: - # Using provenance to disable default attestation so it will build only desired images: - # https://github.com/orgs/community/discussions/45969 - provenance: false - set: | - *.platform=linux/amd64 - *.output=type=registry,push-by-digest=true,name-canonical=true - files: | - docker-bake.hcl - build.json - .github/workflows/env.hcl - - - name: Get amd64 images with digests - id: bake_metadata_amd64 - env: - BAKE_METADATA: ${{ steps.build-amd64.outputs.metadata }} - run: | - .github/workflows/extract-image-names.sh - .github/workflows/extract-image-names.sh >> "${GITHUB_OUTPUT}" - - - name: Set Up Python 🐍 - if: startsWith(inputs.runsOn, 'ubuntu') - uses: actions/setup-python@v5 - with: - python-version: '3.11' - cache: pip - - - name: Install dependencies 📦 - run: | - pip install -r requirements.txt - pip freeze - - # We run tests here to catch issues early, before running arm64 build which is slow - - name: Run tests for full-stack image - run: pytest -m "not integration" --target full-stack - env: ${{ fromJSON(steps.bake_metadata_amd64.outputs.images) }} - - # Here we build arm64 images (with help of QEMU virtualization) - # and upload both amd64 and arm64 images to ghcr.io - - name: Build ARM64 and upload to ghcr.io 🍎📤 + - name: Build and upload to ghcr.io 📤 id: build-upload uses: docker/bake-action@v4 with: @@ -99,9 +61,8 @@ jobs: # Using provenance to disable default attestation so it will build only desired images: # https://github.com/orgs/community/discussions/45969 provenance: false - # NOTE: linux/amd64 images are taken from previous step set: | - *.platform=linux/amd64,linux/arm64 + *.platform=${{ inputs.platforms }} *.output=type=registry,push-by-digest=true,name-canonical=true files: | docker-bake.hcl @@ -110,6 +71,7 @@ jobs: - name: Set output variables id: bake_metadata - run: .github/workflows/extract-image-names.sh >> "${GITHUB_OUTPUT}" + run: | + .github/workflows/extract-image-names.sh | tee -a "${GITHUB_OUTPUT}" env: BAKE_METADATA: ${{ steps.build-upload.outputs.metadata }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d8a02807..3bfe5d16 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -21,26 +21,32 @@ env: jobs: - build: + build-amd64: uses: ./.github/workflows/build.yml with: runsOn: ubuntu-22.04 + platforms: linux/amd64 test-amd64: - needs: build + needs: build-amd64 strategy: fail-fast: false matrix: - # NOTE: amd64 full-stack image is tested during build step - target: ["base", "lab", "base-with-services"] - + target: ["base", "lab", "base-with-services", "full-stack"] uses: ./.github/workflows/test.yml with: runsOn: ubuntu-22.04 - images: ${{ needs.build.outputs.images }} + images: ${{ needs.build-amd64.outputs.images }} target: ${{ matrix.target }} integration: false + build: + needs: test-amd64 + uses: ./.github/workflows/build.yml + with: + runsOn: ubuntu-22.04 + platforms: linux/amd64,linux/arm64 + # To save self-hosted runner resources, we're only testing full-stack image test-arm64: needs: build diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 186a4eb2..32d09204 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -54,8 +54,7 @@ jobs: id: build_vars run: | vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') - echo "vars=$vars" - echo "vars=$vars" >> "${GITHUB_OUTPUT}" + echo "vars=$vars" | tee -a "${GITHUB_OUTPUT}" - name: Docker meta id: meta @@ -77,8 +76,7 @@ jobs: id: images run: | src=$(echo '${{ inputs.images }}'| jq -cr '.[("${{ matrix.target }}"|ascii_upcase|sub("-"; "_"; "g")) + "_IMAGE"]') - echo "src=$src" - echo "src=$src" >> "${GITHUB_OUTPUT}" + echo "src=$src" | tee -a "${GITHUB_OUTPUT}" - name: Push image uses: akhilerm/tag-push-action@v2.2.0 From 57f04acb335250369ae491f4de97f8631af8c74b Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 8 May 2024 12:46:58 +0100 Subject: [PATCH 139/149] try without push-by-digest --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 130ec7ee..59457359 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -63,7 +63,7 @@ jobs: provenance: false set: | *.platform=${{ inputs.platforms }} - *.output=type=registry,push-by-digest=true,name-canonical=true + *.output=type=registry,name-canonical=true files: | docker-bake.hcl build.json From 1cc98373036583eb2be90ed2d2ed6ec7e3695009 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 8 May 2024 15:04:38 +0100 Subject: [PATCH 140/149] Revert "try without push-by-digest" This reverts commit 57f04acb335250369ae491f4de97f8631af8c74b. --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 59457359..130ec7ee 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -63,7 +63,7 @@ jobs: provenance: false set: | *.platform=${{ inputs.platforms }} - *.output=type=registry,name-canonical=true + *.output=type=registry,push-by-digest=true,name-canonical=true files: | docker-bake.hcl build.json From 8f8a30e0c8fadd0af9bf853a10d7334c868bd73b Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 8 May 2024 15:10:34 +0100 Subject: [PATCH 141/149] Tweak name --- .github/workflows/publish.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 32d09204..645cde99 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -24,7 +24,6 @@ on: jobs: release: - name: Release to ${{ inputs.registry }} runs-on: ${{ inputs.runsOn }} timeout-minutes: 30 strategy: From c555da077c98853aeb3f09567ec156f5dbb9b329 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 8 May 2024 16:00:11 +0100 Subject: [PATCH 142/149] Fix local build --- .github/workflows/build.yml | 2 +- dodo.py | 20 +++++++++++--------- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 130ec7ee..8e65a758 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,7 +22,7 @@ on: jobs: build: - name: build ${{ inputs.platforms }} + name: ${{ inputs.platforms }} runs-on: ${{ inputs.runsOn }} timeout-minutes: 120 diff --git a/dodo.py b/dodo.py index 99d53d42..fb14902b 100644 --- a/dodo.py +++ b/dodo.py @@ -62,6 +62,15 @@ "help": "Specify the platform to build for. Examples: arm64, amd64.", } +_TARGET_PARAM = { + "name": "targets", + "long": "targets", + "short": "t", + "type": list, + "default": ["base", "lab", "base-with-services", "full-stack"], + "help": "Specify the target to build.", +} + def task_build(): """Build all docker images.""" @@ -74,7 +83,7 @@ def generate_version_override( Path("docker-bake.override.json").write_text( json.dumps( { - "VERSION": version, + "VERSION": f":{version}", "REGISTRY": registry, "TARGETS": targets, "ORGANIZATION": organization, @@ -96,14 +105,7 @@ def generate_version_override( _REGISTRY_PARAM, _VERSION_PARAM, _ARCH_PARAM, - { - "name": "targets", - "long": "targets", - "short": "t", - "type": list, - "default": [], - "help": "Specify the target to build.", - }, + _TARGET_PARAM, ], "verbosity": 2, } From eb4d2018ad5105d6abfff36bdfa510022e57cdab Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 8 May 2024 18:04:58 +0100 Subject: [PATCH 143/149] Fix dodo.py --- dodo.py | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/dodo.py b/dodo.py index fb14902b..424cc401 100644 --- a/dodo.py +++ b/dodo.py @@ -46,7 +46,7 @@ _VERSION_PARAM = { "name": "version", "long": "version", - "type": "str", + "type": str, "default": VERSION, "help": ( "Specify the version of the stack for building / testing. Defaults to a " @@ -67,7 +67,7 @@ "long": "targets", "short": "t", "type": list, - "default": ["base", "lab", "base-with-services", "full-stack"], + "default": [], "help": "Specify the target to build.", } @@ -79,18 +79,18 @@ def generate_version_override( version, registry, targets, architecture, organization ): platforms = [f"linux/{architecture}"] - - Path("docker-bake.override.json").write_text( - json.dumps( - { - "VERSION": f":{version}", - "REGISTRY": registry, - "TARGETS": targets, - "ORGANIZATION": organization, - "PLATFORMS": platforms, - } - ) - ) + overrides = { + "VERSION": f":{version}", + "REGISTRY": registry, + "ORGANIZATION": organization, + "PLATFORMS": platforms, + } + # If no targets are specifies, we're build all images, + # as specified in docker-bake.hcl + if targets: + overrides["TARGETS"] = targets + + Path("docker-bake.override.json").write_text(json.dumps(overrides)) return { "actions": [ @@ -114,9 +114,10 @@ def generate_version_override( def task_tests(): """Run tests with pytest.""" + # TODO: This currently does not work! return { "actions": ["REGISTRY=%(registry)s VERSION=:%(version)s pytest -v"], - "params": [_REGISTRY_PARAM, _VERSION_PARAM], + "params": [_REGISTRY_PARAM, _VERSION_PARAM, _TARGET_PARAM], "verbosity": 2, } From 85b011e3f587c632886d958c961bca14bb728597 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 9 May 2024 12:38:27 +0100 Subject: [PATCH 144/149] Do not allow special tags --- .github/workflows/publish.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 645cde99..49ddb15e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -65,7 +65,6 @@ jobs: tags: | type=ref,event=pr type=edge,enable={{is_default_branch}} - type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} type=raw,value=python-${{ env.PYTHON_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} type=raw,value=postgresql-${{ env.PGSQL_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} From d5f8b9a5f0eaf9e77c92edadb7c921e3d1b873e0 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 9 May 2024 12:52:37 +0100 Subject: [PATCH 145/149] Run on buildjet temporarily --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 3bfe5d16..83919cb4 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -52,7 +52,7 @@ jobs: needs: build uses: ./.github/workflows/test.yml with: - runsOn: ARM64 + runsOn: buildjet-4vcpu-ubuntu-2204-arm images: ${{ needs.build.outputs.images }} target: full-stack integration: false @@ -62,7 +62,7 @@ jobs: strategy: fail-fast: false matrix: - runner: [ubuntu-22.04, ARM64] + runner: [ubuntu-22.04, buildjet-4vcpu-ubuntu-2204-arm] uses: ./.github/workflows/test.yml with: runsOn: ${{ matrix.runner }} From 569bb8c041118043085dbeadd57bffbf9a649f3d Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 9 May 2024 12:56:53 +0100 Subject: [PATCH 146/149] Link to GH issue --- dodo.py | 1 + 1 file changed, 1 insertion(+) diff --git a/dodo.py b/dodo.py index 424cc401..96a30697 100644 --- a/dodo.py +++ b/dodo.py @@ -115,6 +115,7 @@ def task_tests(): """Run tests with pytest.""" # TODO: This currently does not work! + # https://github.com/aiidalab/aiidalab-docker-stack/issues/451 return { "actions": ["REGISTRY=%(registry)s VERSION=:%(version)s pytest -v"], "params": [_REGISTRY_PARAM, _VERSION_PARAM, _TARGET_PARAM], From 00bd17659cc5af7d3fb15a1f6a28db5d9aad8908 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Wed, 8 May 2024 18:28:25 +0100 Subject: [PATCH 147/149] Shorten main name --- .github/workflows/main.yml | 2 +- dodo.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 83919cb4..a7e7195b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,5 +1,5 @@ --- -name: Docker Images +name: Docker on: pull_request: diff --git a/dodo.py b/dodo.py index 96a30697..d5d493f8 100644 --- a/dodo.py +++ b/dodo.py @@ -85,7 +85,7 @@ def generate_version_override( "ORGANIZATION": organization, "PLATFORMS": platforms, } - # If no targets are specifies, we're build all images, + # If no targets are specifies via cmdline, we'll build all images, # as specified in docker-bake.hcl if targets: overrides["TARGETS"] = targets From d896289fb3fd9404b9cd54a5e5dc6f73d7e65d42 Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 9 May 2024 16:19:42 +0100 Subject: [PATCH 148/149] Fix buildjet setup-python --- .github/workflows/test.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 6f9a917b..0226b6b6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -41,12 +41,19 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Set Up Python 🐍 - if: ${{ inputs.runsOn != 'ARM64' }} + if: ${{ startsWith(inputs.runsOn, 'ubuntu') }} uses: actions/setup-python@v5 with: python-version: '3.11' cache: pip + - name: Set Up Python on buildjet 🐍 + if: ${{ startsWith(inputs.runsOn, 'buildjet') }} + uses: buildjet/setup-python@v5 + with: + python-version: '3.11' + cache: pip + - name: Install dependencies 📦 run: | pip install -r requirements.txt From 251e6ba5fe23f6af6f09a143056c409aa8dad12e Mon Sep 17 00:00:00 2001 From: Daniel Hollas Date: Thu, 9 May 2024 17:20:10 +0100 Subject: [PATCH 149/149] Nope, setup-python simply doesn't work with linux/arm64 arch --- .github/workflows/test.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0226b6b6..9fb79317 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -47,13 +47,6 @@ jobs: python-version: '3.11' cache: pip - - name: Set Up Python on buildjet 🐍 - if: ${{ startsWith(inputs.runsOn, 'buildjet') }} - uses: buildjet/setup-python@v5 - with: - python-version: '3.11' - cache: pip - - name: Install dependencies 📦 run: | pip install -r requirements.txt