Merge branch 'develop' of https://github.com/abcucberkeley/opticalabe… #91
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # docker_action.yml | |
| name: Docker-ubuntu-build | |
| on: | |
| push: | |
| branches: | |
| - 'main' | |
| - 'develop' | |
| - 'releases/**' | |
| tags: | |
| - '*' | |
| pull_request: | |
| branches: | |
| - 'main' | |
| - 'develop' | |
| - 'releases/**' | |
| env: | |
| # Use docker.io for Docker Hub if empty | |
| REGISTRY: ghcr.io | |
| # github.repository as <account>/<repo> | |
| IMAGE_NAME: ${{ github.repository }} | |
| DO_SIGNING: ${{ false }} | |
| jobs: | |
| build: | |
| name: docker_image_build | |
| runs-on: self-hosted | |
| steps: | |
| - name: Dump GitHub context | |
| env: | |
| GITHUB_CONTEXT: ${{ toJson(github) }} | |
| run: echo "$GITHUB_CONTEXT" | |
| - name: Dump job context | |
| env: | |
| JOB_CONTEXT: ${{ toJson(job) }} | |
| run: echo "$JOB_CONTEXT" | |
| - name: Dump steps context | |
| env: | |
| STEPS_CONTEXT: ${{ toJson(steps) }} | |
| run: echo "$STEPS_CONTEXT" | |
| - name: Dump runner context | |
| env: | |
| RUNNER_CONTEXT: ${{ toJson(runner) }} | |
| run: echo "$RUNNER_CONTEXT" | |
| # - name: Dump strategy context | |
| # env: | |
| # STRATEGY_CONTEXT: ${{ toJson(strategy) }} | |
| # run: echo "$STRATEGY_CONTEXT" | |
| # - name: Dump matrix context | |
| # env: | |
| # MATRIX_CONTEXT: ${{ toJson(matrix) }} | |
| # run: echo "$MATRIX_CONTEXT" | |
| - name: Show default environment variables | |
| run: | | |
| echo "The job_id is: $GITHUB_JOB" # reference the default environment variables | |
| echo "The id of this action is: $GITHUB_ACTION" # reference the default environment variables | |
| echo "The run id is: $GITHUB_RUN_ID" | |
| echo "The GitHub Actor's username is: $GITHUB_ACTOR" | |
| echo "GitHub SHA: $GITHUB_SHA" | |
| - name: Free Disk Space (Ubuntu) | |
| if: runner.environment != 'self-hosted' | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| # this might remove needed tools if set to "true" but frees about 6 GB | |
| tool-cache: false | |
| # all of these default to true | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: false | |
| docker-images: false | |
| swap-storage: true | |
| - name: Checkout just Dockerfile | |
| uses: actions/checkout@v4 | |
| with: | |
| sparse-checkout: | | |
| Dockerfile | |
| sparse-checkout-cone-mode: false | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| # Install the cosign tool except on PR | |
| # https://github.com/sigstore/cosign-installer | |
| # - name: Install cosign | |
| # if: ${{ env.DO_SIGNING }} && github.event_name != 'pull_request' | |
| # uses: sigstore/cosign-installer@v3.1.1 | |
| # with: | |
| # cosign-release: 'v2.1.1' | |
| # Login against a Docker registry except on PR | |
| # https://github.com/docker/login-action | |
| - name: Log into registry ${{ env.REGISTRY }} | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} # aka ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Extract metadata (tags, labels) for Docker | |
| # https://github.com/docker/metadata-action | |
| - name: Extract Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| labels: | | |
| org.opencontainers.image.title=OpticalNet_ubuntu | |
| org.opencontainers.image.description=Docker image for a transformer network to perform sensorless detection of aberrations in adaptive optics. https://github.com/abcucberkeley/opticalaberrations | |
| org.opencontainers.image.vendor=Advanced Bioimaging Center at UC Berkeley and Janelia Research Campus | |
| # Load image for local test. | |
| - name: Build and load Docker image | |
| id: build-and-load | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: false | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| load: true | |
| - name: Test IO | |
| run: | | |
| docker run --rm --gpus all ${{ steps.meta.outputs.tags }} "~/miniconda3/envs/ml/bin/python -m pytest -vvv --disable-warnings tests/test_io.py" | |
| - name: Test embeddings | |
| run: | | |
| docker run --rm --gpus all ${{ steps.meta.outputs.tags }} "~/miniconda3/envs/ml/bin/python -m pytest -vvv --disable-warnings tests/test_embeddings.py" | |
| - name: Test AO | |
| run: | | |
| docker run --rm --gpus all ${{ steps.meta.outputs.tags }} "~/miniconda3/envs/ml/bin/python -m pytest -vvv --disable-warnings tests/test_ao.py" | |
| - name: Test synthetic datasets | |
| run: | | |
| docker run --rm --gpus all ${{ steps.meta.outputs.tags }} "~/miniconda3/envs/ml/bin/python -m pytest -vvv --disable-warnings tests/test_datasets.py" | |
| - name: Build and push Docker image | |
| id: build-and-push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| # Sign the resulting Docker image digest except on PRs. | |
| # This will only write to the public Rekor transparency log when the Docker | |
| # repository is public to avoid leaking data. If you would like to publish | |
| # transparency data even for private images, pass --force to cosign below. | |
| # https://github.com/sigstore/cosign | |
| # - name: Sign the published Docker image | |
| # if: ${{ env.DO_SIGNING }} && ${{ github.event_name != 'pull_request' }} | |
| # env: | |
| # # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable | |
| # TAGS: ${{ steps.meta.outputs.tags }} | |
| # DIGEST: ${{ steps.build-and-push.outputs.digest }} | |
| # # This step uses the identity token to provision an ephemeral certificate | |
| # # against the sigstore community Fulcio instance. | |
| # run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} |