Merge pull request #14 from HippocampusGirl/pre-commit-ci-update-config #108
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
push: | |
branches: | |
- main | |
release: | |
types: | |
- published | |
- edited | |
jobs: | |
docker_build: | |
runs-on: self-hosted | |
outputs: | |
tag: ${{ steps.build_tag.outputs.tag }} | |
steps: | |
- name: Login to DockerHub | |
uses: docker/login-action@v2 | |
with: | |
username: hippocampusgirl | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to container registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ secrets.REGISTRY }} | |
username: ${{ secrets.REGISTRY_USERNAME }} | |
password: ${{ secrets.REGISTRY_PASSWORD }} | |
- name: Set up build tag | |
id: build_tag | |
shell: bash | |
env: | |
github_ref: ${{ github.ref }} | |
github_repository: ${{ github.repository }} | |
run: | | |
version=$(echo "${github_ref}" | cut -d '/' -f 3) | |
if [[ "$version" == "main" ]]; then | |
version="latest" | |
fi | |
owner=$( \ | |
echo "${github_repository}" | \ | |
cut -d'/' -f1 | \ | |
tr '[:upper:]' '[:lower:]' \ | |
) | |
name=$( \ | |
echo "${github_repository}" | \ | |
cut -d'/' -f2 | \ | |
sed -r 's/([A-Za-z0-9])([A-Z])([a-z0-9])/\1-\L\2\3/g' | \ | |
tr '[:upper:]' '[:lower:]' \ | |
) | |
echo "repo=${name}" >> ${GITHUB_OUTPUT} | |
echo "tag=${name}:${version}" >> ${GITHUB_OUTPUT} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build and push to container registry | |
uses: docker/build-push-action@v5 | |
with: | |
context: "." | |
file: "./Dockerfile" | |
platforms: linux/amd64 | |
cache-from: | | |
type=registry,ref=${{ secrets.REGISTRY }}/${{ steps.build_tag.outputs.repo }}:buildcache | |
cache-to: | | |
type=registry,ref=${{ secrets.REGISTRY }}/${{ steps.build_tag.outputs.repo }}:buildcache,compression=zstd,mode=max | |
outputs: | | |
type=image,name=${{ secrets.REGISTRY }}/${{ steps.build_tag.outputs.tag }},push=true,compression=gzip,compression-level=9,force-compression=true | |
labels: | | |
org.opencontainers.image.title=${{ github.event.repository.name }} | |
org.opencontainers.image.url=${{ github.event.repository.html_url }} | |
org.opencontainers.image.source=${{ github.event.repository.html_url }} | |
org.opencontainers.image.revision=${{ github.sha }} | |
org.opencontainers.image.created=${{ github.event.repository.updated_at}} | |
singularity_build: | |
runs-on: self-hosted | |
needs: | |
- docker_build | |
strategy: | |
matrix: | |
singularity_version: | |
- "v3.11.5" | |
- "v2.6" | |
container: | |
image: quay.io/singularity/docker2singularity:${{ matrix.singularity_version }} | |
options: --privileged | |
steps: | |
- name: Patch docker2singularity | |
shell: bash | |
run: | | |
wget -qO /tmp/docker2singularity.patch https://gist.githubusercontent.com/HippocampusGirl/e2c2166cbdc71e11b75380d34448b3f3/raw | |
patch /docker2singularity.sh /tmp/docker2singularity.patch | |
- name: Convert to Singularity | |
shell: bash | |
env: | |
docker_build_tag: ${{ needs.docker_build.outputs.tag }} | |
run: | | |
singularity_image_name=$(echo -n ${docker_build_tag} | tr -c '[:alnum:]' '-') | |
mkdir -p -v /output | |
docker-entrypoint.sh /docker2singularity.sh \ | |
--name ${singularity_image_name} \ | |
${{ secrets.REGISTRY }}/${docker_build_tag} | |
- name: Upload to DigitalOcean | |
shell: bash | |
env: | |
DIGITALOCEAN_ACCESS_KEY: ${{ secrets.DIGITALOCEAN_ACCESS_KEY }} | |
DIGITALOCEAN_SECRET_KEY: ${{ secrets.DIGITALOCEAN_SECRET_KEY }} | |
DIGITALOCEAN_REGION: ${{ secrets.DIGITALOCEAN_REGION }} | |
DIGITALOCEAN_SPACE_NAME: ${{ secrets.DIGITALOCEAN_SPACE_NAME }} | |
run: | | |
apk add python3 py3-pip | |
pip3 install --upgrade pip | |
pip3 install s3cmd | |
s3cmd --stop-on-error \ | |
--ssl --no-encrypt \ | |
--access_key="${DIGITALOCEAN_ACCESS_KEY}" \ | |
--secret_key="${DIGITALOCEAN_SECRET_KEY}" \ | |
--host="${DIGITALOCEAN_REGION}.digitaloceanspaces.com" \ | |
--host-bucket="%(bucket)s.${DIGITALOCEAN_REGION}.digitaloceanspaces.com" \ | |
--dump-config \ | |
> ${HOME}/.s3cfg | |
singularity_image_file=$(find "/output" -type f | head -n1) | |
s3cmd put ${singularity_image_file} s3://${DIGITALOCEAN_SPACE_NAME}/singularity/ | |
s3cmd setacl s3://${DIGITALOCEAN_SPACE_NAME}/singularity/$(basename ${singularity_image_file}) --acl-public |