Initial commit #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Build and publish a Docker image. | |
name: Build and publish docker images | |
on: | |
push: | |
branches: ["main"] | |
# Publish semver tags as releases. | |
tags: ["v*.*.*"] | |
pull_request: | |
branches: ["main"] | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
env: | |
REGISTRY: ghcr.io | |
permissions: | |
contents: write | |
packages: write | |
attestations: write | |
id-token: write | |
jobs: | |
# Job 1: Update Lock File | |
update-lockfile: | |
name: Update Python Lock File | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref || github.ref_name }} | |
submodules: true | |
- name: Install uv | |
uses: astral-sh/setup-uv@v2 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: "3.11" | |
- name: Update lock file | |
run: uv lock --upgrade-package nomad-lab | |
# Commits any changes made to the lockfile | |
- name: Commit lock file changes | |
run: | | |
git config --global user.name github-actions | |
git config --global user.email [email protected] | |
git add uv.lock | |
if [[ `git status --porcelain` ]]; then | |
git commit -m "Update lockfile" | |
git push origin -o ci.skip # prevent triggering the pipeline again | |
fi | |
# Job 2: Build and Push Docker Image | |
docker-publish: | |
name: Build Docker Image | |
runs-on: ubuntu-latest | |
needs: update-lockfile | |
strategy: | |
fail-fast: false | |
matrix: | |
service: [app, jupyter] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref || github.ref_name }} | |
submodules: true | |
- uses: docker/setup-buildx-action@v3 | |
- uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract Docker metadata | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.REGISTRY }}/${{ github.repository }}/${{ matrix.service }} | |
- name: Build and push Docker image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
target: ${{ matrix.service == 'jupyter' && 'jupyter' || 'final' }} | |
push: ${{ github.event_name != 'pull_request' }} | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} |