forked from coecms/cms-conda-singularity
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Replace third-party ssh and rsync actions with access-nri/setup-ssh a…
…ctions
- Loading branch information
Showing
6 changed files
with
122 additions
and
77 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -9,18 +9,24 @@ jobs: | |
build: | ||
name: Build environment | ||
runs-on: ubuntu-latest | ||
environment: Gadi | ||
steps: | ||
- name: Build environment | ||
uses: appleboy/[email protected] | ||
- name: Setup SSH | ||
uses: access-nri/actions/.github/actions/setup-ssh@main | ||
id: ssh | ||
with: | ||
host: gadi.nci.org.au | ||
username: ${{secrets.GADI_USER}} | ||
key: ${{secrets.DEPLOY_KEY}} | ||
command_timeout: 120m | ||
script: | | ||
export SCRIPT_DIR=${{secrets.GADI_REPO_PATH}}/scripts | ||
eval $( grep ADMIN_DIR $SCRIPT_DIR/install_config.sh ) | ||
eval $( grep JOB_LOG_DIR $SCRIPT_DIR/install_config.sh ) | ||
cd $JOB_LOG_DIR | ||
# TODO: Replace with gdata/vk83 | ||
qsub -N build_${{ inputs.environment }} -lncpus=1,mem=20GB,walltime=2:00:00,jobfs=50GB,storage=scratch/tm70 -v SCRIPT_DIR,CONDA_ENVIRONMENT=${{ inputs.environment }} -P tm70 -q copyq -Wblock=true -Wumask=037 "${SCRIPT_DIR}"/build.sh | ||
hosts: ${{ secrets.HOST }} | ||
private-key: ${{ secrets.SSH_KEY }} | ||
|
||
- name: Build environment | ||
run: | | ||
ssh ${{ secrets.USER }}@${{ secrets.HOST }} -i ${{ steps.ssh.outputs.private-key-path }} /bin/bash <<'EOT' | ||
export SCRIPT_DIR=${{secrets.REPO_PATH}}/scripts | ||
eval $( grep ADMIN_DIR $SCRIPT_DIR/install_config.sh ) | ||
eval $( grep JOB_LOG_DIR $SCRIPT_DIR/install_config.sh ) | ||
cd $JOB_LOG_DIR | ||
# TODO: Replace with gdata/vk83 | ||
qsub -N build_${{ inputs.environment }} -lncpus=1,mem=20GB,walltime=2:00:00,jobfs=50GB,storage=scratch/tm70 -v SCRIPT_DIR,CONDA_ENVIRONMENT=${{ inputs.environment }} -P tm70 -q copyq -Wblock=true -Wumask=037 "${SCRIPT_DIR}"/build.sh | ||
EOT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -9,16 +9,23 @@ jobs: | |
deploy: | ||
name: Deploy environment | ||
runs-on: ubuntu-latest | ||
environment: Gadi | ||
steps: | ||
- name: Deploy environment | ||
uses: appleboy/[email protected] | ||
- name: Setup SSH | ||
uses: access-nri/actions/.github/actions/setup-ssh@main | ||
id: ssh | ||
with: | ||
host: gadi.nci.org.au | ||
username: ${{secrets.GADI_USER}} | ||
key: ${{secrets.DEPLOY_KEY}} | ||
script: | | ||
export SCRIPT_DIR=${{secrets.GADI_REPO_PATH}}/scripts | ||
export CONDA_ENVIRONMENT=${{ inputs.environment }} | ||
eval $( grep ADMIN_DIR $SCRIPT_DIR/install_config.sh ) | ||
eval $( grep BUILD_STAGE_DIR $SCRIPT_DIR/install_config.sh ) | ||
"${SCRIPT_DIR}"/deploy.sh | ||
hosts: ${{ secrets.HOST }} | ||
private-key: ${{ secrets.SSH_KEY }} | ||
|
||
- name: Deploy environment | ||
run: | | ||
ssh ${{ secrets.USER }}@${{ secrets.HOST }} -i ${{ steps.ssh.outputs.private-key-path }} /bin/bash <<'EOT' | ||
export SCRIPT_DIR=${{ secrets.REPO_PATH }}/scripts | ||
export CONDA_ENVIRONMENT=${{ inputs.environment }} | ||
eval $( grep ADMIN_DIR $SCRIPT_DIR/install_config.sh ) | ||
eval $( grep BUILD_STAGE_DIR $SCRIPT_DIR/install_config.sh ) | ||
"${SCRIPT_DIR}"/deploy.sh | ||
EOT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -10,27 +10,36 @@ on: | |
jobs: | ||
setup: | ||
runs-on: ubuntu-latest | ||
environment: Gadi | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup SSH | ||
uses: access-nri/actions/.github/actions/setup-ssh@main | ||
id: ssh | ||
with: | ||
hosts: | | ||
${{ secrets.HOST }} | ||
${{ secrets.HOST_DATA }} | ||
private-key: ${{ secrets.SSH_KEY }} | ||
|
||
- name: Sync repository to Gadi | ||
uses: up9cloud/[email protected] | ||
env: | ||
HOST: gadi.nci.org.au | ||
TARGET: ${{secrets.GADI_REPO_PATH}} | ||
KEY: ${{secrets.DEPLOY_KEY}} | ||
USER: ${{secrets.GADI_USER}} | ||
run: | | ||
rsync -e 'ssh -i ${{ steps.ssh.outputs.private-key-path }}' \ | ||
./ \ | ||
${{ secrets.USER }}@${{ secrets.HOST_DATA }}:${{ secrets.REPO_PATH }} | ||
- name: Create Admin dirs on Gadi | ||
uses: appleboy/[email protected] | ||
with: | ||
host: gadi.nci.org.au | ||
username: ${{secrets.GADI_USER}} | ||
key: ${{secrets.DEPLOY_KEY}} | ||
script: | | ||
source ${{secrets.GADI_REPO_PATH}}/scripts/install_config.sh | ||
source ${{secrets.GADI_REPO_PATH}}/scripts/functions.sh | ||
mkdir -p $ADMIN_DIR $JOB_LOG_DIR $BUILD_STAGE_DIR | ||
set_admin_perms $ADMIN_DIR $JOB_LOG_DIR $BUILD_STAGE_DIR | ||
run: | | ||
ssh ${{ secrets.USER }}@${{ secrets.HOST }} -i ${{ steps.ssh.outputs.private-key-path }} /bin/bash <<'EOT' | ||
source ${{ secrets.REPO_PATH }}/scripts/install_config.sh | ||
source ${{ secrets.REPO_PATH }}/scripts/functions.sh | ||
mkdir -p $ADMIN_DIR $JOB_LOG_DIR $BUILD_STAGE_DIR | ||
set_admin_perms $ADMIN_DIR $JOB_LOG_DIR $BUILD_STAGE_DIR | ||
EOT | ||
build: | ||
needs: setup | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -11,41 +11,51 @@ jobs: | |
container: | ||
image: quay.io/singularity/singularity:v3.11.4 | ||
options: --privileged | ||
environment: Gadi | ||
steps: | ||
- name: Checkout repository | ||
### Latest at time of writing | ||
uses: actions/checkout@v4 | ||
|
||
- name: Check if container definition has changed | ||
id: changed-container-def | ||
uses: tj-actions/changed-files@v41 | ||
with: | ||
files_yaml: | | ||
containerdef: | ||
- container/container.def | ||
- name: Build container if definition has changed | ||
if: steps.changed-container-def.outputs.containerdef_any_changed == 'true' | ||
run: | | ||
echo ${{ needs.generate_matrix.outputs.matrix }} | ||
sudo -E singularity build container/base.sif container/container.def | ||
- name: Setup SSH | ||
uses: access-nri/actions/.github/actions/setup-ssh@main | ||
id: ssh | ||
with: | ||
hosts: | | ||
${{ secrets.HOST }} | ||
${{ secrets.HOST_DATA }} | ||
private-key: ${{ secrets.SSH_KEY }} | ||
|
||
- name: Sync repository to Gadi | ||
### Latest at time of writing | ||
uses: up9cloud/[email protected] | ||
env: | ||
HOST: gadi.nci.org.au | ||
TARGET: ${{secrets.GADI_REPO_PATH}} | ||
KEY: ${{secrets.DEPLOY_KEY}} | ||
USER: ${{secrets.GADI_USER}} | ||
run: | | ||
rsync -e 'ssh -i ${{ steps.ssh.outputs.private-key-path }}' \ | ||
./ \ | ||
${{ secrets.USER }}@${{ secrets.HOST_DATA }}:${{ secrets.REPO_PATH }} | ||
- name: Create Admin dirs on Gadi | ||
uses: appleboy/[email protected] | ||
with: | ||
host: gadi.nci.org.au | ||
username: ${{secrets.GADI_USER}} | ||
key: ${{secrets.DEPLOY_KEY}} | ||
script: | | ||
source ${{secrets.GADI_REPO_PATH}}/scripts/install_config.sh | ||
source ${{secrets.GADI_REPO_PATH}}/scripts/functions.sh | ||
mkdir -p $ADMIN_DIR $JOB_LOG_DIR $BUILD_STAGE_DIR | ||
set_admin_perms $ADMIN_DIR $JOB_LOG_DIR $BUILD_STAGE_DIR | ||
run: | | ||
ssh ${{ secrets.USER }}@${{ secrets.HOST }} -i ${{ steps.ssh.outputs.private-key-path }} /bin/bash <<'EOT' | ||
source ${{ secrets.REPO_PATH }}/scripts/install_config.sh | ||
source ${{ secrets.REPO_PATH }}/scripts/functions.sh | ||
mkdir -p $ADMIN_DIR $JOB_LOG_DIR $BUILD_STAGE_DIR | ||
set_admin_perms $ADMIN_DIR $JOB_LOG_DIR $BUILD_STAGE_DIR | ||
EOT | ||
build: | ||
needs: [ generate_matrix, setup ] | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,19 +8,25 @@ jobs: | |
|
||
setup: | ||
runs-on: ubuntu-latest | ||
environment: Gadi | ||
steps: | ||
- name: Checkout repository | ||
### Latest at time of writing | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup SSH | ||
uses: access-nri/actions/.github/actions/setup-ssh@main | ||
id: ssh | ||
with: | ||
hosts: ${{ secrets.HOST_DATA }} | ||
private-key: ${{ secrets.SSH_KEY }} | ||
|
||
- name: Sync repository to Gadi | ||
### Latest at time of writing | ||
uses: up9cloud/[email protected] | ||
env: | ||
HOST: gadi.nci.org.au | ||
TARGET: ${{secrets.GADI_REPO_PATH}} | ||
KEY: ${{secrets.DEPLOY_KEY}} | ||
USER: ${{secrets.GADI_USER}} | ||
|
||
run: | | ||
rsync -e 'ssh -i ${{ steps.ssh.outputs.private-key-path }}' \ | ||
./ \ | ||
${{ secrets.USER }}@${{ secrets.HOST_DATA }}:${{ secrets.REPO_PATH }} | ||
deploy: | ||
needs: [ generate_matrix, setup ] | ||
uses: ./.github/workflows/deploy.yml | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -9,17 +9,24 @@ jobs: | |
test: | ||
name: Test environment | ||
runs-on: ubuntu-latest | ||
environment: Gadi | ||
steps: | ||
- name: Test environment | ||
uses: appleboy/[email protected] | ||
- name: Setup SSH | ||
uses: access-nri/actions/.github/actions/setup-ssh@main | ||
id: ssh | ||
with: | ||
host: gadi.nci.org.au | ||
username: ${{secrets.GADI_USER}} | ||
key: ${{secrets.DEPLOY_KEY}} | ||
script: | | ||
export SCRIPT_DIR=${{secrets.GADI_REPO_PATH}}/scripts | ||
eval $( grep ADMIN_DIR $SCRIPT_DIR/install_config.sh ) | ||
eval $( grep JOB_LOG_DIR $SCRIPT_DIR/install_config.sh ) | ||
cd $JOB_LOG_DIR | ||
# TODO: Update storage flags? | ||
qsub -N test_${{ inputs.environment }} -lncpus=4,mem=20GB,walltime=0:20:00,jobfs=50GB,storage=scratch/tm70 -v SCRIPT_DIR,CONDA_ENVIRONMENT=${{ inputs.environment }} -P tm70 -Wblock=true -Wumask=037 "${SCRIPT_DIR}"/test.sh | ||
hosts: ${{ secrets.HOST }} | ||
private-key: ${{ secrets.SSH_KEY }} | ||
|
||
- name: Test environment | ||
run: | | ||
ssh ${{ secrets.USER }}@${{ secrets.HOST }} -i ${{ steps.ssh.outputs.private-key-path }} /bin/bash <<'EOT' | ||
export SCRIPT_DIR=${{secrets.REPO_PATH}}/scripts | ||
eval $( grep ADMIN_DIR $SCRIPT_DIR/install_config.sh ) | ||
eval $( grep JOB_LOG_DIR $SCRIPT_DIR/install_config.sh ) | ||
cd $JOB_LOG_DIR | ||
# TODO: Update storage flags? | ||
qsub -N test_${{ inputs.environment }} -lncpus=4,mem=20GB,walltime=0:20:00,jobfs=50GB,storage=scratch/tm70 -v SCRIPT_DIR,CONDA_ENVIRONMENT=${{ inputs.environment }} -P tm70 -Wblock=true -Wumask=037 "${SCRIPT_DIR}"/test.sh | ||
EOT |