-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
b899343
commit c1f6a16
Showing
1 changed file
with
143 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,143 @@ | ||
| name: Build and push container image, open PR if needed | ||
| # try to follow the example here: https://gist.github.com/Daniel-ltw/552b90800b07c22e4a83dfa68ada6318 | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
|
|
||
| jobs: | ||
| build-and-push: | ||
| runs-on: ubuntu-latest | ||
| env: | ||
| DOCKER_CONFIG: $HOME/.docker | ||
| IMAGE: ${{ vars.IMAGE }} | ||
| outputs: | ||
| image-tag: ${{ steps.build-and-push.outputs.IMAGE_SHA_TAG }} | ||
|
|
||
| steps: | ||
| - name: cleanup disk space | ||
| run: | | ||
| sudo rm -rf /usr/local/lib/android /usr/share/dotnet /opt/ghc | ||
| df -h | ||
| - name: Display the image and hub names | ||
| run: | | ||
| echo "$IMAGE" | ||
| echo "$HUB" | ||
| - name: Check out the repo | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 # OR "2" -> To retrieve the preceding commit. | ||
|
|
||
| - name: Get changed files | ||
| id: changed-files | ||
| uses: tj-actions/changed-files@v44 | ||
| with: | ||
| files_ignore: | | ||
| .github/** | ||
| images/** | ||
| - name: Log in to GAR | ||
| if: steps.changed-files.outputs.any_changed == 'true' | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: us-central1-docker.pkg.dev | ||
| username: _json_key | ||
| password: ${{ secrets.GAR_SECRET_KEY }} | ||
|
|
||
| - name: Build the image and push to artifact registry | ||
| id: build-and-push | ||
| if: steps.changed-files.outputs.any_changed == 'true' | ||
| uses: jupyterhub/repo2docker-action@master | ||
| with: | ||
| # Make sure username & password/token pair matches your registry credentials | ||
| DOCKER_REGISTRY: us-central1-docker.pkg.dev | ||
| IMAGE_NAME: ${{ env.IMAGE }} | ||
| #IMAGE_NAME: ucb-datahub-2018/user-images/logodev-user-image | ||
| # Disable pushing a 'latest' tag, as this often just causes confusion | ||
| LATEST_TAG_OFF: true | ||
| # Put repo contents in /srv/repo, rather than the default (/home/jovyan). The home directory | ||
| # is mounted over by persistent storage when we are using the built image in a JupyterHub, and | ||
| # so all contents put in /home/jovyan are lost. This particularly prevents any 'start' script from | ||
| # working, as it is needed in runtime. | ||
| REPO_DIR: /srv/repo | ||
|
|
||
| # Lets us monitor disks getting full as images get bigger over time | ||
| - name: Show how much disk space is left | ||
| run: df -h | ||
|
|
||
| create-pr: | ||
| runs-on: ubuntu-latest | ||
| needs: build-and-push | ||
| env: | ||
| HUB: ${{ vars.HUB }} | ||
| IMAGE: ${{ vars.IMAGE }} | ||
| steps: | ||
| - name: store the image tag in an env variable | ||
| run: | | ||
| echo ${{ needs.build-and-push.outputs.image-tag }} | ||
| echo "IMAGE_TAG=${{ needs.build-and-push.outputs.image-tag }}" >> $GITHUB_ENV | ||
| - name: logic test to see if we should create a PR | ||
| run: | | ||
| if [ -z "$IMAGE_TAG" ]; then | ||
| echo "CREATE_PR=false" >> $GITHUB_ENV | ||
| else | ||
| echo "CREATE_PR=true" >> $GITHUB_ENV | ||
| fi | ||
| - name: Checkout files in repo | ||
| if: ${{ env.CREATE_PR }} == 'true' | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| repository: 'berkeley-dsep-infra/datahub' | ||
| sparse-checkout: | | ||
| deployments/ | ||
| hub/ | ||
| - name: install python | ||
| if: ${{ env.CREATE_PR }} == 'true' | ||
| uses: actions/setup-python@v4 | ||
| with: | ||
| python-version: '3.12' | ||
|
|
||
| - name: install dependencies | ||
| if: ${{ env.CREATE_PR }} == 'true' | ||
| run: | | ||
| python -m pip install --upgrade pip | ||
| pip install -r requirements.txt | ||
| - name: set git identity | ||
| if: ${{ env.CREATE_PR }} == 'true' | ||
| run: | | ||
| git config --global user.email "${{ vars.IMAGE_BUILDER_BOT_EMAIL }}" | ||
| git config --global user.name "${{ vars.IMAGE_BUILDER_BOT_NAME }}" | ||
| - name: create feature branch | ||
| if: ${{ env.CREATE_PR }} == 'true' | ||
| run: | | ||
| git checkout -b update-${{ env.HUB }}-image-tag | ||
| - name: update the image tag in hubploy.yaml for any deployments that use this image | ||
| if: ${{ env.CREATE_PR }} == 'true' | ||
| run: | | ||
| for deployment in $(grep -lr ${{ env.IMAGE }} **/hubploy.yaml); do | ||
| echo "DEPLOYMENT=${deployment}" | ||
| old_hash=$(grep ${{ env.IMAGE }} ${deployment} | awk -F":" '{print $3}') | ||
| new_hash=${IMAGE_TAG} | ||
| sed -i -e "s/${old_hash}/${new_hash}/g" ${deployment} | ||
| done | ||
| - name: add, commit and push changes | ||
| if: ${{ env.CREATE_PR }} == 'true' | ||
| run: | | ||
| CHANGED_FILES=$(git status --porcelain -uno) | ||
| git add . | ||
| git commit -m "update ${HUB} image tag to ${IMAGE_TAG}: ${CHANGED_FILES}" | ||
| git push origin update-${HUB}-image-tag | ||
| - name: print out a message if no PR is created | ||
| if: ${{ env.CREATE_PR }} == 'false' | ||
| run: | | ||
| echo "No PR created" |