Skip to content

Merge pull request #566 from mamba-org/dependabot/github_actions/ncip… #1836

Merge pull request #566 from mamba-org/dependabot/github_actions/ncip…

Merge pull request #566 from mamba-org/dependabot/github_actions/ncip… #1836

Workflow file for this run

name: Build and push micromamba docker image
on:
workflow_dispatch:
push:
branches:
- 'main'
tags:
- 'v*'
env:
DEFAULT_BASE_IMAGE: 'debian:12-slim'
LATEST_DEBIAN_BASE_IMAGE: 'debian:12'
LATEST_DEBIAN_SLIM_BASE_IMAGE: 'debian:12-slim'
LATEST_UBUNTU_BASE_IMAGE: 'ubuntu:24.10'
LATEST_AMAZON_BASE_IMAGE: 'public.ecr.aws/amazonlinux/amazonlinux:2023'
LATEST_ALPINE_BASE_IMAGE: 'frolvlad/alpine-glibc:alpine-3.20'
LATEST_CUDA_BASE_IMAGE: 'nvidia/cuda:12.6.2-base-ubuntu24.04'
jobs:
build_docker_image_and_push:
if: github.repository == 'mamba-org/micromamba-docker'
runs-on: ubuntu-22.04
strategy:
matrix:
image:
- debian:12-slim
- debian:12
- debian:11-slim
- debian:11
- ubuntu:24.10
- ubuntu:24.04
- ubuntu:22.04
- ubuntu:20.04
- frolvlad/alpine-glibc:alpine-3.20
- frolvlad/alpine-glibc:alpine-3.19
- frolvlad/alpine-glibc:alpine-3.18
- frolvlad/alpine-glibc:alpine-3.17
- public.ecr.aws/amazonlinux/amazonlinux:2023
- nvidia/cuda:12.6.2-base-ubuntu24.04
- nvidia/cuda:12.6.2-base-ubuntu22.04
- nvidia/cuda:12.6.2-base-ubuntu20.04
- nvidia/cuda:12.5.1-base-ubuntu24.04
- nvidia/cuda:12.5.1-base-ubuntu22.04
- nvidia/cuda:12.5.1-base-ubuntu20.04
- nvidia/cuda:12.4.1-base-ubuntu22.04
- nvidia/cuda:12.4.1-base-ubuntu20.04
- nvidia/cuda:12.3.2-base-ubuntu22.04
- nvidia/cuda:12.3.2-base-ubuntu20.04
- nvidia/cuda:12.2.2-base-ubuntu22.04
- nvidia/cuda:12.2.2-base-ubuntu20.04
- nvidia/cuda:12.1.1-base-ubuntu22.04
- nvidia/cuda:12.1.1-base-ubuntu20.04
- nvidia/cuda:11.8.0-base-ubuntu22.04
- nvidia/cuda:11.8.0-base-ubuntu20.04
- nvidia/cuda:11.7.1-base-ubuntu22.04
- nvidia/cuda:11.7.1-base-ubuntu20.04
- nvidia/cuda:11.6.2-base-ubuntu20.04
- nvidia/cuda:11.4.3-base-ubuntu20.04
steps:
- name: Install GNU parallel, shellcheck, and apptainer
run: |
sudo add-apt-repository -y ppa:apptainer/ppa
sudo apt update
sudo apt-get install --no-install-recommends -y parallel shellcheck software-properties-common apptainer
- name: Setup nox
uses: wntrblm/nox@1199ab3892b1a941f80ff052083d0a571abed79d
- name: Checkout source
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
submodules: recursive
- name: Get short git hash
id: short_hash
run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
- name: Get micromamba version
id: get_version
run: echo "version=$(grep '^ARG VERSION=' debian.Dockerfile | cut -d= -f2)" >> $GITHUB_OUTPUT
- name: Set image variables
id: set_image_variables
env:
BASE_IMAGE: ${{ matrix.image }}
run: |
base_tag="${BASE_IMAGE##*:}"
base_name="${BASE_IMAGE%%:*}"
if [ "${base_name}" = 'nvidia/cuda' ]; then
ubuntu_version_number="${base_tag##*-ubuntu}"
cuda_version="${base_tag%%-*}"
echo 'distro_id=debian' >> $GITHUB_OUTPUT
echo "tag=cuda${cuda_version}-ubuntu${ubuntu_version_number}" >> $GITHUB_OUTPUT
echo 'platforms=linux/amd64,linux/arm64' >> $GITHUB_OUTPUT
elif [ "${base_name}" = 'frolvlad/alpine-glibc' ]; then
echo 'distro_id=alpine' >> $GITHUB_OUTPUT
alpine_version_number="${base_tag##alpine-}"
echo "tag=alpine${alpine_version_number}" >> $GITHUB_OUTPUT
echo 'platforms=linux/amd64' >> $GITHUB_OUTPUT
elif [ "${base_name}" = 'public.ecr.aws/amazonlinux/amazonlinux' ]; then
echo 'distro_id=fedora' >> $GITHUB_OUTPUT
echo "tag=amazon${base_tag}" >> $GITHUB_OUTPUT
echo 'platforms=linux/amd64,linux/arm64' >> $GITHUB_OUTPUT
elif [ "${base_name}" = 'ubuntu' ]; then
echo 'distro_id=debian' >> $GITHUB_OUTPUT
echo "tag=ubuntu${base_tag}" >> $GITHUB_OUTPUT
echo 'platforms=linux/amd64,linux/arm64,linux/ppc64le' >> $GITHUB_OUTPUT
else
echo 'distro_id=debian' >> $GITHUB_OUTPUT
echo "tag=debian${base_tag}" >> $GITHUB_OUTPUT
if [ "${base_tag}" = '11' ] || [ "${base_tag}" = '11-slim' ]; then
echo 'platforms=linux/amd64,linux/arm64' >> $GITHUB_OUTPUT
else
echo 'platforms=linux/amd64,linux/arm64,linux/ppc64le' >> $GITHUB_OUTPUT
fi
fi
echo "is_default=$([ "$BASE_IMAGE" = "$DEFAULT_BASE_IMAGE" ] \
&& echo true || echo false)" >> $GITHUB_OUTPUT
echo "is_latest_alpine=$([ "$BASE_IMAGE" = "$LATEST_ALPINE_BASE_IMAGE" ] \
&& echo true || echo false)" >> $GITHUB_OUTPUT
echo "is_latest_debian=$([ "$BASE_IMAGE" = "$LATEST_DEBIAN_BASE_IMAGE" ] \
&& echo true || echo false)" >> $GITHUB_OUTPUT
echo "is_latest_debian_slim=$([ "$BASE_IMAGE" = "$LATEST_DEBIAN_SLIM_BASE_IMAGE" ] \
&& echo true || echo false)" >> $GITHUB_OUTPUT
echo "is_latest_ubuntu=$([ "$BASE_IMAGE" = "$LATEST_UBUNTU_BASE_IMAGE" ] \
&& echo true || echo false)" >> $GITHUB_OUTPUT
echo "is_latest_amazon=$([ "$BASE_IMAGE" = "$LATEST_AMAZON_BASE_IMAGE" ] \
&& echo true || echo false)" >> $GITHUB_OUTPUT
echo "is_latest_cuda=$([ "$BASE_IMAGE" = "$LATEST_CUDA_BASE_IMAGE" ] \
&& echo true || echo false)" >> $GITHUB_OUTPUT
- name: Get stage1 docker metadata
id: get_stage1_metadata
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96
with:
images: |
ghcr.io/mamba-org/micromamba-cache/stage1
flavor: latest=false
tags: |
type=raw,value=${{ steps.set_image_variables.outputs.tag }}
- name: Get docker metadata
id: get_metadata
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96
with:
images: |
mambaorg/micromamba
ghcr.io/mamba-org/micromamba
flavor: latest=false
# This comment provides a summary of the tags generated by this action:
# latest
# base_image
# alpine
# debian
# debian-slim
# ubuntu
# amazon
# cuda
# major.minor.patch
# major.minor
# major
# major.minor.patch-base_image
# major.minor-base_image
# major-base_imag git-commit-base_image
# git-commit
tags: |
type=raw,value=latest,priority=1000,enable=${{ steps.set_image_variables.outputs.is_default }}
type=raw,value=${{ steps.set_image_variables.outputs.tag }},priority=900
type=raw,value=alpine,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_alpine }}
type=raw,value=debian,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_debian }}
type=raw,value=debian-slim,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_debian_slim }}
type=raw,value=ubuntu,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_ubuntu }}
type=raw,value=amazon,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_amazon }}
type=raw,value=cuda,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_cuda }}
type=semver,pattern={{version}},enable=${{ steps.set_image_variables.outputs.is_default }},value=${{ steps.get_version.outputs.version }},priority=800
type=semver,pattern={{major}}.{{minor}},enable=${{ steps.set_image_variables.outputs.is_default }},value=${{ steps.get_version.outputs.version }},priority=700
type=semver,pattern={{major}},enable=${{ steps.set_image_variables.outputs.is_default }},value=${{ steps.get_version.outputs.version }},priority=600
type=semver,pattern={{version}}-${{ steps.set_image_variables.outputs.tag }},value=${{ steps.get_version.outputs.version }},priority=500
type=semver,pattern={{major}}.{{minor}}-${{ steps.set_image_variables.outputs.tag}},value=${{ steps.get_version.outputs.version }},priority=400
type=semver,pattern={{major}}-${{ steps.set_image_variables.outputs.tag}},value=${{ steps.get_version.outputs.version }},priority=300
type=sha,prefix=git-,suffix=-${{ steps.set_image_variables.outputs.tag }},priority=200
type=sha,prefix=git-,enable=${{ steps.set_image_variables.outputs.is_default }},priority=100
labels: |
distro_id=${{ steps.set_image_variables.outputs.distro_id }}
- name: Setup docker buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349
- name: Login to DockerHub
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GHCR
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build Docker images but do not push them yet
id: docker_build
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355
env:
DOCKER_BUILD_RECORD_UPLOAD: false
with:
file: ${{ steps.set_image_variables.outputs.distro_id }}.Dockerfile
platforms: ${{ steps.set_image_variables.outputs.platforms }}
push: false
build-args: |
BASE_IMAGE=${{ matrix.image }}
tags: ${{ steps.get_metadata.outputs.tags }}
labels: ${{ steps.get_metadata.outputs.labels}}
cache-from: type=registry,ref=ghcr.io/mamba-org/micromamba-cache/stage1:${{ steps.set_image_variables.outputs.tag }}
cache-to: type=registry,ref=ghcr.io/mamba-org/micromamba-cache/stage1:${{ steps.set_image_variables.outputs.tag }},mode=max
- name: Run tests
env:
IMAGE: ${{ matrix.image }}
run: nox -s "image_tests(base_image='${IMAGE}')"
- name: Push stage1 Docker images
id: docker_stage1_push
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355
with:
file: ${{ steps.set_image_variables.outputs.distro_id }}.Dockerfile
target: stage1
platforms: ${{ steps.set_image_variables.outputs.platforms }}
push: true
build-args: |
BASE_IMAGE=${{ matrix.image }}
tags: ${{ steps.get_stage1_metadata.outputs.tags }}
labels: ${{ steps.get_stage1_metadata.outputs.labels}}
cache-from: |
type=registry,ref=ghcr.io/mamba-org/micromaba-cache/stage1:${{ steps.set_image_variables.outputs.tag }}
cache-to: type=inline
- name: Push Docker images
id: docker_push
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355
env:
DOCKER_BUILD_RECORD_UPLOAD: false
with:
file: ${{ steps.set_image_variables.outputs.distro_id }}.Dockerfile
platforms: ${{ steps.set_image_variables.outputs.platforms }}
push: true
build-args: |
BASE_IMAGE=${{ matrix.image }}
tags: ${{ steps.get_metadata.outputs.tags }}
labels: ${{ steps.get_metadata.outputs.labels}}
cache-from: type=registry,ref=ghcr.io/mamba-org/micromamba-cache/cache:${{ steps.set_image_variables.outputs.tag }}
cache-to: type=registry,ref=ghcr.io/mamba-org/micromamba-cache/cache:${{ steps.set_image_variables.outputs.tag }},mode=max
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: ${{ steps.set_image_variables.outputs.tag }}.metadata
path: ${{ steps.get_metadata.outputs.bake-file }}
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
update_dockerhub_discription:
if: github.repository == 'mamba-org/micromamba-docker'
needs: build_docker_image_and_push
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Get artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
path: artifacts
pattern: '*.metadata'
- name: Format tags
id: format_tags
run: |
function process_tags {
distro_id="$(jq -r '.target."docker-metadata-action".labels["distro_id"]' "$1")"
printf '* '
jq -r '.target."docker-metadata-action".tags[]' "$1" \
| grep -v 'ghcr.io' \
| sed 's%^mambaorg/micromamba:\(.*\)$%`\1`, %' \
| tr -d '\n' \
| sed 's%, $%%' \
| sed "s%^\(.*\)%[\1](https://github.com/mamba-org/micromamba-docker/blob/main/${distro_id}.Dockerfile)%"
printf '\n\n'
}
function get_tags_markdown {
local latest
# want 'latest' image to be listed first
latest="$(grep -Rl ':latest"' */*/*.json)"
process_tags "${latest}"
find . -name docker-metadata-action-bake.json \
| grep -v "${latest}" \
| while read file; do process_tags "$file"; done
}
echo "TAGS_MARKDOWN<<EOF" >> $GITHUB_ENV
echo "## Recent Tags" >> $GITHUB_ENV
echo "" >> $GITHUB_ENV
get_tags_markdown >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
- name: generate README_with_tags.md
run: |
awk -v r='${{ env.TAGS_MARKDOWN }}' \
'{gsub(/<!-- DOCKER_TAGS_INSERTION_POINT -->/,r)}1' \
README.md > README_with_tags.md
- name: Copy GitHub README.md to Dockerhub
uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: mambaorg/micromamba
readme-filepath: ./README_with_tags.md
tag_and_release:
if: github.repository == 'mamba-org/micromamba-docker'
needs: build_docker_image_and_push
runs-on: ubuntu-22.04
steps:
- name: Checkout source
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Get micromamba version number
id: get_version
run: |
echo "version=$(grep '^ARG VERSION=' debian.Dockerfile | cut -d= -f2)" >> $GITHUB_OUTPUT
echo "leading_v_version=v$(grep '^ARG VERSION=' debian.Dockerfile | cut -d= -f2)" >> $GITHUB_OUTPUT
- name: Get current date
id: date
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
- name: Get last tag
id: last_tag
uses: mathieudutour/github-tag-action@a22cf08638b34d5badda920f9daf6e72c477b07b
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
dry_run: true
- name: Create git tag
if: steps.last_tag.outputs.previous_tag != steps.get_version.outputs.leading_v_version
id: create_tag
uses: mathieudutour/github-tag-action@a22cf08638b34d5badda920f9daf6e72c477b07b
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
custom_tag: ${{ steps.get_version.outputs.version }}
create_annotated_tag: true
- name: Create a GitHub release
if: steps.last_tag.outputs.previous_tag != steps.get_version.outputs.leading_v_version
uses: ncipollo/release-action@aa3b2fa675dd00a28f946e5c0390de0a6eb89770
with:
tag: ${{ steps.create_tag.outputs.new_tag }}
name: micromamba ${{ steps.create_tag.outputs.new_tag }}
body: |
micromamba ${{ steps.create_tag.outputs.new_tag }} - ${{ steps.date.outputs.date }}
See [release notes for mamba/libmamba/micromamba](https://github.com/mamba-org/mamba/releases) for non-docker changes.
Changes to docker image:
- micromamba updated to ${{ steps.create_tag.outputs.new_tag }}
- If this line exists, then these releases notes still need to be manually updated.