Build and Release HPC Resource Provisioner #289
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Build and Release HPC Resource Provisioner | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: Which environment to push the image to | |
| type: choice | |
| options: [aws-sandbox-hpc, public-ecr, aws-sandbox-benchmarks] | |
| required: true | |
| default: aws-sandbox-hpc | |
| push: | |
| tags: ['*'] | |
| jobs: | |
| tag-and-release: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| environment: ${{ inputs.environment || 'aws-sandbox-hpc' }} | |
| steps: | |
| - name: clone repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-tags: true | |
| fetch-depth: 0 | |
| - name: Install resource provisioner | |
| run: |- | |
| python3 -m venv venv | |
| source venv/bin/activate | |
| pip install ./hpc_provisioner | |
| - name: Determine version | |
| run: | | |
| echo REL_TAG=$(ls -d venv/lib/python3*/site-packages/hpc_provisioner*dist-info | awk -F- '{print $3}' | sed 's/.dist//') >> $GITHUB_ENV | |
| working-directory: ${{runner.workspace}}/hpc-resource-provisioner | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Authenticate with AWS ECR | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| registry-type: ${{ vars.AWS_REGISTRY_TYPE }} | |
| registries: ${{ secrets.AWS_ACCOUNT_ID }} | |
| - name: Build and push container | |
| run: | | |
| SOURCE_CHECKSUM=$(find hpc_provisioner -type f -exec sha256sum {} \; | sha256sum | awk '{print $1}') | |
| AWS_PATH=hpc/resource-provisioner | |
| docker build --build-arg SETUPTOOLS_SCM_PRETEND_VERSION=${REL_TAG} --label "org.opencontainers.image.checksum=${SOURCE_CHECKSUM}" --label "org.opencontainers.image.software_version=${REL_TAG}" -t ${AWS_PATH}:${REL_TAG} . | |
| echo "Setting tags for aws ecr" | |
| docker image tag ${AWS_PATH}:${REL_TAG} ${AWS_ECR_URI}:${REL_TAG} | |
| docker image tag ${AWS_PATH}:${REL_TAG} ${AWS_ECR_URI}:latest | |
| if [[ "${REL_TAG}" == *"dev"* ]] | |
| then | |
| docker image tag ${AWS_PATH}:${REL_TAG} ${AWS_ECR_URI}:latest-dev | |
| docker push ${AWS_ECR_URI}:latest-dev | |
| else | |
| docker push ${AWS_ECR_URI}:latest | |
| fi | |
| echo "Pushing to aws ecr" | |
| docker push ${AWS_ECR_URI}:${REL_TAG} | |
| working-directory: ${{runner.workspace}}/hpc-resource-provisioner | |
| env: | |
| AWS_ECR_URI: ${{ secrets.AWS_ECR_URI }} | |
| - name: Upload to S3 | |
| run: | | |
| aws s3 cp provisioner_scripts/create_users.py s3://${{ secrets.S3_BUCKET }}/scripts/create_users.py | |
| aws s3 cp provisioner_scripts/environment.sh s3://${{ secrets.S3_BUCKET }}/scripts/environment.sh | |
| aws s3 cp provisioner_scripts/80_cloudwatch_agent_config_prolog.sh s3://${{ secrets.S3_BUCKET }}/scripts/80_cloudwatch_agent_config_prolog.sh | |
| - name: Release | |
| uses: softprops/action-gh-release@v2 | |
| if: github.ref == 'refs/heads/main' | |
| with: | |
| tag_name: ${{ env.REL_TAG }} | |
| make_latest: true | |
| body: |- | |
| Latest container image will always be: `docker pull ghcr.io/openbraininstitute/hpc-resource-provisioner:latest` | |
| This particular version is `docker pull ghcr.io/openbraininstitute/hpc-resource-provisioner:${{ env.REL_TAG }}` | |
| - name: Version log | |
| run: echo ::notice title=hpc-resource-provisioner version::${{ env.REL_TAG }} |