diff --git a/.github/workflows/docker-autobuild-release.yaml b/.github/workflows/docker-autobuild-release.yaml index 4bc2b2e3..5e707837 100644 --- a/.github/workflows/docker-autobuild-release.yaml +++ b/.github/workflows/docker-autobuild-release.yaml @@ -1,4 +1,4 @@ -name: Docker automatic build and publish on repository release +name: Docker automatic build and publish with repository releases on: push: @@ -23,33 +23,32 @@ jobs: steps: - name: Docker Checkout - uses: actions/checkout@v3 - - # TODO: probably do here the git checkout and the set of the version as a global VAR - + uses: actions/checkout@v4 + with: + fetch-depth: 0 - name: Log in to the GH Container Registry id: login - uses: docker/login-action@v2.1.0 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata for ${{ matrix.environments }} - id: meta - uses: docker/metadata-action@v4.3.0 + id: metadata + uses: docker/metadata-action@v5.3.0 with: flavor: | latest=true tags: | - type=sha - # TODO: custome image tag so that it can be done a: tag_describe=$(git describe --tags | sed 's/-g/-/g') - images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.environments }} + type=ref,event=tag + # ghcr.io/vre-hub/{vre}-{base-ops}:{tag} + images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ github.event.repository.name }}-${{ matrix.environments }} - name: Build and push ${{ matrix.environments }} id: build - uses: docker/build-push-action@v4.0.0 + uses: docker/build-push-action@v5.1.0 with: context: ./${{ matrix.environments }} file: ./${{ matrix.environments }}/Dockerfile @@ -58,8 +57,6 @@ jobs: labels: ${{ steps.meta.outputs.labels }} build-args: | BUILD_DATE=$(date +'%Y-%m-%dT%H:%M:%SZ') - #TODO implement to thing below ! - TAG=$(git describe --tags | sed 's/-g/-/g') build-and-push-container: runs-on: ubuntu-latest @@ -79,30 +76,36 @@ jobs: steps: - name: Docker Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 + + - name: Get tag + run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV + + - name: Check env output + run: echo "tag" is ${{ env.RELEASE_VERSION }} - name: Log in to the GH Container Registry id: login - uses: docker/login-action@v2.1.0 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata for ${{ matrix.environments }} - id: meta - uses: docker/metadata-action@v4.3.0 + id: metadata + uses: docker/metadata-action@v5.3.0 with: flavor: | latest=true tags: | - type=sha - # TODO: custome image tag so that it can be done a: tag_describe=$(git describe --tags | sed 's/-g/-/g') - images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.environments }} + type=ref,event=tag + # ghcr.io/vre-hub/{vre}-{container_name}:{tag} + images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ github.event.repository.name }}-${{ matrix.environments }} - name: Build and push ${{ matrix.environments }} id: build - uses: docker/build-push-action@v4.0.0 + uses: docker/build-push-action@v5.1.0 with: context: ./${{ matrix.environments }} file: ./${{ matrix.environments }}/Dockerfile @@ -111,7 +114,6 @@ jobs: labels: ${{ steps.meta.outputs.labels }} build-args: | BUILD_DATE=$(date +'%Y-%m-%dT%H:%M:%SZ') - #TODO implement to thing below ! - TAG=$(git describe --tags | sed 's/-g/-/g') + TAG=${{ env.RELEASE_VERSION }} diff --git a/.github/workflows/docker-base-ops.yaml b/.github/workflows/docker-base-ops.yaml deleted file mode 100644 index 86b7cbd1..00000000 --- a/.github/workflows/docker-base-ops.yaml +++ /dev/null @@ -1,61 +0,0 @@ -name: Docker base container for VRE ops build - -# Build image with changes to any file within containers/base-ops/ -# and when a new tag is created. -on: - push: - paths: - - containers/base-ops/** - tags: - - '**' - -env: - CONTAINER: base-ops - # Use docker.io for Docker Hub if empty - REGISTRY: ghcr.io - # github.repository as / - IMAGE_NAME: ${{ github.repository }}-$CONTAINER - - -jobs: - build: - - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - # This is used to complete the identity challenge - # with sigstore/fulcio when running outside of PRs. - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # Login against a Docker registry except on PR - # https://github.com/docker/login-action - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push Docker image - id: build-and-push - working-directory: containers/base-ops - run: | - docker build --build-arg BUILD_DATE=$(date +'%Y-%m-%dT%H:%M:%SZ') --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest . - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - git clone https://github.com/vre-hub/vre.git - cd vre - # Echo the output, substitute the `-g` with a `-` and export the result. - # The `-g` is by default on git describe because of historical reasons. - echo "tag_describe is $(git describe --tags | sed 's/-g/-/g')" - export tag_describe=$(git describe --tags | sed 's/-g/-/g') - cd .. - docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} - rm -rf vre - \ No newline at end of file diff --git a/.github/workflows/docker-iam-reana-sync.yaml b/.github/workflows/docker-iam-reana-sync.yaml deleted file mode 100644 index 08a24df1..00000000 --- a/.github/workflows/docker-iam-reana-sync.yaml +++ /dev/null @@ -1,58 +0,0 @@ -name: Docker iam reana sync build - -on: - push: - branches: - - main - paths: - - containers/iam-reana-sync/** - -env: - CONTAINER: iam-reana-sync - # Use docker.io for Docker Hub if empty - REGISTRY: ghcr.io - # github.repository as / - IMAGE_NAME: ${{ github.repository }}-$CONTAINER - - -jobs: - build: - - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - # This is used to complete the identity challenge - # with sigstore/fulcio when running outside of PRs. - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # Login against a Docker registry except on PR - # https://github.com/docker/login-action - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push Docker image - id: build-and-push - working-directory: containers/${{ env.CONTAINER }} - run: | - git clone https://github.com/vre-hub/vre.git - cd vre - # Echo the output, substitute the `-g` with a `-` and export the result. - # The `-g` is by default on git describe because of historical reasons. - echo "tag_describe is $(git describe --tags | sed 's/-g/-/g')" - export tag_describe=$(git describe --tags | sed 's/-g/-/g') - cd .. - docker build --build-arg BUILD_DATE=$(date +'%Y-%m-%dT%H:%M:%SZ') --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} . - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} - docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - rm -rf vre diff --git a/.github/workflows/docker-iam-rucio-sync.yaml b/.github/workflows/docker-iam-rucio-sync.yaml deleted file mode 100644 index 032e5ab2..00000000 --- a/.github/workflows/docker-iam-rucio-sync.yaml +++ /dev/null @@ -1,58 +0,0 @@ -name: Docker iam rucio sync build - -on: - push: - branches: - - main - paths: - - containers/iam-rucio-sync/** - -env: - CONTAINER: iam-rucio-sync - # Use docker.io for Docker Hub if empty - REGISTRY: ghcr.io - # github.repository as / - IMAGE_NAME: ${{ github.repository }}-$CONTAINER - - -jobs: - build: - - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - # This is used to complete the identity challenge - # with sigstore/fulcio when running outside of PRs. - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # Login against a Docker registry except on PR - # https://github.com/docker/login-action - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push Docker image - id: build-and-push - working-directory: containers/${{ env.CONTAINER }} - run: | - git clone https://github.com/vre-hub/vre.git - cd vre - # Echo the output, substitute the `-g` with a `-` and export the result. - # The `-g` is by default on git describe because of historical reasons. - echo "tag_describe is $(git describe --tags | sed 's/-g/-/g')" - export tag_describe=$(git describe --tags | sed 's/-g/-/g') - cd .. - docker build --build-arg BUILD_DATE=$(date +'%Y-%m-%dT%H:%M:%SZ') --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} . - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} - docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - rm -rf vre diff --git a/.github/workflows/docker-rucio-client.yaml b/.github/workflows/docker-rucio-client.yaml deleted file mode 100644 index 0e8d4204..00000000 --- a/.github/workflows/docker-rucio-client.yaml +++ /dev/null @@ -1,63 +0,0 @@ -name: Docker rucio client build - -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -on: - push: - branches: - - main - paths: - - containers/rucio-client/** - -env: - CONTAINER: rucio-client - # Use docker.io for Docker Hub if empty - REGISTRY: ghcr.io - # github.repository as / - IMAGE_NAME: ${{ github.repository }}-$CONTAINER - - -jobs: - build: - - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - # This is used to complete the identity challenge - # with sigstore/fulcio when running outside of PRs. - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # Login against a Docker registry except on PR - # https://github.com/docker/login-action - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push Docker image - id: build-and-push - working-directory: containers/${{ env.CONTAINER }} - run: | - git clone https://github.com/vre-hub/vre.git - cd vre - # Echo the output, substitute the `-g` with a `-` and export the result. - # The `-g` is by default on git describe because of historical reasons. - echo "tag_describe is $(git describe --tags | sed 's/-g/-/g')" - export tag_describe=$(git describe --tags | sed 's/-g/-/g') - cd .. - docker build . --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} - docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - rm -rf vre diff --git a/.github/workflows/docker-rucio-noise.yaml b/.github/workflows/docker-rucio-noise.yaml deleted file mode 100644 index a54a1399..00000000 --- a/.github/workflows/docker-rucio-noise.yaml +++ /dev/null @@ -1,58 +0,0 @@ -name: Docker rucio noise build - -on: - push: - branches: - - main - paths: - - containers/rucio-noise/** - -env: - CONTAINER: rucio-noise - # Use docker.io for Docker Hub if empty - REGISTRY: ghcr.io - # github.repository as / - IMAGE_NAME: ${{ github.repository }}-$CONTAINER - - -jobs: - build: - - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - # This is used to complete the identity challenge - # with sigstore/fulcio when running outside of PRs. - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # Login against a Docker registry except on PR - # https://github.com/docker/login-action - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push Docker image - id: build-and-push - working-directory: containers/${{ env.CONTAINER }} - run: | - git clone https://github.com/vre-hub/vre.git - cd vre - # Echo the output, substitute the `-g` with a `-` and export the result. - # The `-g` is by default on git describe because of historical reasons. - echo "tag_describe is $(git describe --tags | sed 's/-g/-/g')" - export tag_describe=$(git describe --tags | sed 's/-g/-/g') - cd .. - docker build --build-arg BUILD_DATE=$(date +'%Y-%m-%dT%H:%M:%SZ') --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} . - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} - docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${tag_describe} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - rm -rf vre diff --git a/containers/iam-reana-sync/Dockerfile b/containers/iam-reana-sync/Dockerfile index 77e6e8e7..eeb5b9c3 100644 --- a/containers/iam-reana-sync/Dockerfile +++ b/containers/iam-reana-sync/Dockerfile @@ -1,8 +1,11 @@ ARG BASETAG=0.9.1-alpha.3 +ARG BUILD_DATE # To be changed to specific version+hsa FROM reanahub/reana-server:${BASETAG} -LABEL maintainer="E. Gazzarrini" +LABEL maintainer="VRE TEAM @ CERN 2023 - E. Gazzarrini, E. Garcia" +LABEL org.opencontainers.image.source https://github.com/vre-hub/vre +LABEL org.label-schema.build-date=${BUILD_DATE} # Workdir is /home COPY requirements.txt add_reana_users.py generate_email_list.py /home/ diff --git a/containers/iam-rucio-sync/Dockerfile b/containers/iam-rucio-sync/Dockerfile index 57ab3993..77501d72 100644 --- a/containers/iam-rucio-sync/Dockerfile +++ b/containers/iam-rucio-sync/Dockerfile @@ -1,11 +1,12 @@ -ARG BASETAG=v0.1.2 +# ARG TAG should be updated with the latest-1 version in case no tag is provided +ARG TAG=v1.0.0-rc.1 +ARG BUILD_DATE # To be changed to specific version+hsa -FROM ghcr.io/vre-hub/vre-base-ops:${BASETAG} +FROM ghcr.io/vre-hub/vre-base-ops:${TAG} LABEL maintainer="VRE Team @ CERN 22/23 - E. Garcia, E. Gazzarrini, D. Gosein" LABEL org.opencontainers.image.source https://github.com/vre-hub/vre -ARG BUILD_DATE -LABEL org.label-schema.build-date=$BUILD_DATE +LABEL org.label-schema.build-date=${BUILD_DATE} # Workdir is /home COPY requirements.txt sync_iam_rucio.py iam-sync.conf /home/ diff --git a/containers/rucio-client/Dockerfile b/containers/rucio-client/Dockerfile index 76d15193..191ec5c0 100644 --- a/containers/rucio-client/Dockerfile +++ b/containers/rucio-client/Dockerfile @@ -1,10 +1,11 @@ -ARG BASETAG=v0.1.2 +# ARG TAG should be updated with the latest-1 version in case no tag is provided +ARG TAG=v1.0.0-rc.1 +ARG BUILD_DATE -FROM ghcr.io/vre-hub/vre-base-ops:${BASETAG} +FROM ghcr.io/vre-hub/vre-base-ops:${TAG} LABEL maintainer="VRE Team @ CERN 22/23 - E. Garcia, E. Gazzarrini, D. Gosein" LABEL org.opencontainers.image.source https://github.com/vre-hub/vre -ARG BUILD_DATE -LABEL org.label-schema.build-date=$BUILD_DATE +LABEL org.label-schema.build-date=${BUILD_DATE} USER root # install reana-client diff --git a/containers/rucio-noise/Dockerfile b/containers/rucio-noise/Dockerfile index 8142ab2e..bc8aebef 100644 --- a/containers/rucio-noise/Dockerfile +++ b/containers/rucio-noise/Dockerfile @@ -1,10 +1,11 @@ -ARG BASETAG=v0.1.2 +# ARG TAG should be updated with the latest-1 version in case no tag is provided +ARG TAG=v1.0.0-rc.1 +ARG BUILD_DATE -FROM ghcr.io/vre-hub/vre-base-ops:${BASETAG} +FROM ghcr.io/vre-hub/vre-base-ops:${TAG} LABEL maintainer="VRE Team @ CERN 22/23 - E. Garcia, E. Gazzarrini, D. Gosein" LABEL org.opencontainers.image.source https://github.com/vre-hub/vre -ARG BUILD_DATE -LABEL org.label-schema.build-date=$BUILD_DATE +LABEL org.label-schema.build-date=${BUILD_DATE} # Workdir is /home COPY produce_noise.sh requirements.txt rses.txt /home/