OCI for server #675
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Stage OCI container images through GitHub Actions (GHA) to GitHub Container Registry (GHCR). | |
# The `ghcr.io/crate/mlflow-cratedb` OCI image contains the amalgamated | |
# MLflow for CrateDB adapter. | |
name: OCI for server | |
on: | |
# Build images when merging to `main` and when running a release. | |
push: | |
branches: | |
- 'main' | |
tags: | |
- '*.*.*' | |
# Build images on each pull request. | |
# Remark: Activate only when needed, it will eat a lot of resources. The alternative | |
# is to build manually / on-demand, by using the `workflow_dispatch` feature, | |
# available through the GHA web UI. | |
# pull_request: ~ | |
# Produce a nightly image every day at 6 a.m. CEST. | |
schedule: | |
- cron: '0 4 * * *' | |
# Allow job to be triggered manually. | |
workflow_dispatch: | |
# Cancel in-progress jobs when pushing to the same branch. | |
concurrency: | |
cancel-in-progress: true | |
group: ${{ github.workflow }}-${{ github.ref }} | |
# The name for the produced image at ghcr.io. | |
env: | |
IMAGE_NAME: "${{ github.repository }}" | |
RECIPE_PATH: "release/oci-server" | |
jobs: | |
build_and_test: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Acquire sources | |
uses: actions/checkout@v3 | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.11" | |
architecture: "x64" | |
cache: "pip" | |
cache-dependency-path: "pyproject.toml" | |
- name: Build wheel package | |
run: | | |
pip install build | |
python -m build | |
- name: Upload wheel package | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ runner.os }}-wheel-${{ github.sha }} | |
path: dist/*.whl | |
retention-days: 7 | |
- name: Run tests | |
run: | | |
if [[ -f ${{ env.RECIPE_PATH }}/test.yml ]]; then | |
export DOCKER_BUILDKIT=1 | |
export COMPOSE_DOCKER_CLI_BUILD=1 | |
docker-compose --file ${{ env.RECIPE_PATH }}/test.yml build | |
docker-compose --file ${{ env.RECIPE_PATH }}/test.yml run sut | |
fi | |
oci: | |
needs: build_and_test | |
runs-on: ubuntu-latest | |
if: ${{ ! (startsWith(github.actor, 'dependabot') || github.event.pull_request.head.repo.fork ) }} | |
steps: | |
- name: Acquire sources | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Define image name and tags | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
# List of OCI images to use as base name for tags | |
images: | | |
ghcr.io/${{ env.IMAGE_NAME }} | |
# Generate OCI image tags based on the following events/attributes | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
type=schedule,pattern=nightly | |
- name: Inspect metadata | |
run: | | |
echo "Tags: ${{ steps.meta.outputs.tags }}" | |
echo "Labels: ${{ steps.meta.outputs.labels }}" | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Cache OCI layers | |
uses: actions/cache@v4 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Inspect builder | |
run: | | |
echo "Name: ${{ steps.buildx.outputs.name }}" | |
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" | |
echo "Status: ${{ steps.buildx.outputs.status }}" | |
echo "Flags: ${{ steps.buildx.outputs.flags }}" | |
echo "Platforms: ${{ steps.buildx.outputs.platforms }}" | |
- name: Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ github.token }} | |
- name: Build and push image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
file: ${{ env.RECIPE_PATH }}/Dockerfile | |
platforms: linux/amd64,linux/arm64 | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
push: true | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache-new | |
- name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
- name: Display git status | |
run: | | |
set -x | |
git describe --tags --always | |
git status |