Merge pull request #566 from mamba-org/dependabot/github_actions/ncip… #1836
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and push micromamba docker image | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- 'main' | |
tags: | |
- 'v*' | |
env: | |
DEFAULT_BASE_IMAGE: 'debian:12-slim' | |
LATEST_DEBIAN_BASE_IMAGE: 'debian:12' | |
LATEST_DEBIAN_SLIM_BASE_IMAGE: 'debian:12-slim' | |
LATEST_UBUNTU_BASE_IMAGE: 'ubuntu:24.10' | |
LATEST_AMAZON_BASE_IMAGE: 'public.ecr.aws/amazonlinux/amazonlinux:2023' | |
LATEST_ALPINE_BASE_IMAGE: 'frolvlad/alpine-glibc:alpine-3.20' | |
LATEST_CUDA_BASE_IMAGE: 'nvidia/cuda:12.6.2-base-ubuntu24.04' | |
jobs: | |
build_docker_image_and_push: | |
if: github.repository == 'mamba-org/micromamba-docker' | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
image: | |
- debian:12-slim | |
- debian:12 | |
- debian:11-slim | |
- debian:11 | |
- ubuntu:24.10 | |
- ubuntu:24.04 | |
- ubuntu:22.04 | |
- ubuntu:20.04 | |
- frolvlad/alpine-glibc:alpine-3.20 | |
- frolvlad/alpine-glibc:alpine-3.19 | |
- frolvlad/alpine-glibc:alpine-3.18 | |
- frolvlad/alpine-glibc:alpine-3.17 | |
- public.ecr.aws/amazonlinux/amazonlinux:2023 | |
- nvidia/cuda:12.6.2-base-ubuntu24.04 | |
- nvidia/cuda:12.6.2-base-ubuntu22.04 | |
- nvidia/cuda:12.6.2-base-ubuntu20.04 | |
- nvidia/cuda:12.5.1-base-ubuntu24.04 | |
- nvidia/cuda:12.5.1-base-ubuntu22.04 | |
- nvidia/cuda:12.5.1-base-ubuntu20.04 | |
- nvidia/cuda:12.4.1-base-ubuntu22.04 | |
- nvidia/cuda:12.4.1-base-ubuntu20.04 | |
- nvidia/cuda:12.3.2-base-ubuntu22.04 | |
- nvidia/cuda:12.3.2-base-ubuntu20.04 | |
- nvidia/cuda:12.2.2-base-ubuntu22.04 | |
- nvidia/cuda:12.2.2-base-ubuntu20.04 | |
- nvidia/cuda:12.1.1-base-ubuntu22.04 | |
- nvidia/cuda:12.1.1-base-ubuntu20.04 | |
- nvidia/cuda:11.8.0-base-ubuntu22.04 | |
- nvidia/cuda:11.8.0-base-ubuntu20.04 | |
- nvidia/cuda:11.7.1-base-ubuntu22.04 | |
- nvidia/cuda:11.7.1-base-ubuntu20.04 | |
- nvidia/cuda:11.6.2-base-ubuntu20.04 | |
- nvidia/cuda:11.4.3-base-ubuntu20.04 | |
steps: | |
- name: Install GNU parallel, shellcheck, and apptainer | |
run: | | |
sudo add-apt-repository -y ppa:apptainer/ppa | |
sudo apt update | |
sudo apt-get install --no-install-recommends -y parallel shellcheck software-properties-common apptainer | |
- name: Setup nox | |
uses: wntrblm/nox@1199ab3892b1a941f80ff052083d0a571abed79d | |
- name: Checkout source | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
submodules: recursive | |
- name: Get short git hash | |
id: short_hash | |
run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
- name: Get micromamba version | |
id: get_version | |
run: echo "version=$(grep '^ARG VERSION=' debian.Dockerfile | cut -d= -f2)" >> $GITHUB_OUTPUT | |
- name: Set image variables | |
id: set_image_variables | |
env: | |
BASE_IMAGE: ${{ matrix.image }} | |
run: | | |
base_tag="${BASE_IMAGE##*:}" | |
base_name="${BASE_IMAGE%%:*}" | |
if [ "${base_name}" = 'nvidia/cuda' ]; then | |
ubuntu_version_number="${base_tag##*-ubuntu}" | |
cuda_version="${base_tag%%-*}" | |
echo 'distro_id=debian' >> $GITHUB_OUTPUT | |
echo "tag=cuda${cuda_version}-ubuntu${ubuntu_version_number}" >> $GITHUB_OUTPUT | |
echo 'platforms=linux/amd64,linux/arm64' >> $GITHUB_OUTPUT | |
elif [ "${base_name}" = 'frolvlad/alpine-glibc' ]; then | |
echo 'distro_id=alpine' >> $GITHUB_OUTPUT | |
alpine_version_number="${base_tag##alpine-}" | |
echo "tag=alpine${alpine_version_number}" >> $GITHUB_OUTPUT | |
echo 'platforms=linux/amd64' >> $GITHUB_OUTPUT | |
elif [ "${base_name}" = 'public.ecr.aws/amazonlinux/amazonlinux' ]; then | |
echo 'distro_id=fedora' >> $GITHUB_OUTPUT | |
echo "tag=amazon${base_tag}" >> $GITHUB_OUTPUT | |
echo 'platforms=linux/amd64,linux/arm64' >> $GITHUB_OUTPUT | |
elif [ "${base_name}" = 'ubuntu' ]; then | |
echo 'distro_id=debian' >> $GITHUB_OUTPUT | |
echo "tag=ubuntu${base_tag}" >> $GITHUB_OUTPUT | |
echo 'platforms=linux/amd64,linux/arm64,linux/ppc64le' >> $GITHUB_OUTPUT | |
else | |
echo 'distro_id=debian' >> $GITHUB_OUTPUT | |
echo "tag=debian${base_tag}" >> $GITHUB_OUTPUT | |
if [ "${base_tag}" = '11' ] || [ "${base_tag}" = '11-slim' ]; then | |
echo 'platforms=linux/amd64,linux/arm64' >> $GITHUB_OUTPUT | |
else | |
echo 'platforms=linux/amd64,linux/arm64,linux/ppc64le' >> $GITHUB_OUTPUT | |
fi | |
fi | |
echo "is_default=$([ "$BASE_IMAGE" = "$DEFAULT_BASE_IMAGE" ] \ | |
&& echo true || echo false)" >> $GITHUB_OUTPUT | |
echo "is_latest_alpine=$([ "$BASE_IMAGE" = "$LATEST_ALPINE_BASE_IMAGE" ] \ | |
&& echo true || echo false)" >> $GITHUB_OUTPUT | |
echo "is_latest_debian=$([ "$BASE_IMAGE" = "$LATEST_DEBIAN_BASE_IMAGE" ] \ | |
&& echo true || echo false)" >> $GITHUB_OUTPUT | |
echo "is_latest_debian_slim=$([ "$BASE_IMAGE" = "$LATEST_DEBIAN_SLIM_BASE_IMAGE" ] \ | |
&& echo true || echo false)" >> $GITHUB_OUTPUT | |
echo "is_latest_ubuntu=$([ "$BASE_IMAGE" = "$LATEST_UBUNTU_BASE_IMAGE" ] \ | |
&& echo true || echo false)" >> $GITHUB_OUTPUT | |
echo "is_latest_amazon=$([ "$BASE_IMAGE" = "$LATEST_AMAZON_BASE_IMAGE" ] \ | |
&& echo true || echo false)" >> $GITHUB_OUTPUT | |
echo "is_latest_cuda=$([ "$BASE_IMAGE" = "$LATEST_CUDA_BASE_IMAGE" ] \ | |
&& echo true || echo false)" >> $GITHUB_OUTPUT | |
- name: Get stage1 docker metadata | |
id: get_stage1_metadata | |
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 | |
with: | |
images: | | |
ghcr.io/mamba-org/micromamba-cache/stage1 | |
flavor: latest=false | |
tags: | | |
type=raw,value=${{ steps.set_image_variables.outputs.tag }} | |
- name: Get docker metadata | |
id: get_metadata | |
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 | |
with: | |
images: | | |
mambaorg/micromamba | |
ghcr.io/mamba-org/micromamba | |
flavor: latest=false | |
# This comment provides a summary of the tags generated by this action: | |
# latest | |
# base_image | |
# alpine | |
# debian | |
# debian-slim | |
# ubuntu | |
# amazon | |
# cuda | |
# major.minor.patch | |
# major.minor | |
# major | |
# major.minor.patch-base_image | |
# major.minor-base_image | |
# major-base_imag git-commit-base_image | |
# git-commit | |
tags: | | |
type=raw,value=latest,priority=1000,enable=${{ steps.set_image_variables.outputs.is_default }} | |
type=raw,value=${{ steps.set_image_variables.outputs.tag }},priority=900 | |
type=raw,value=alpine,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_alpine }} | |
type=raw,value=debian,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_debian }} | |
type=raw,value=debian-slim,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_debian_slim }} | |
type=raw,value=ubuntu,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_ubuntu }} | |
type=raw,value=amazon,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_amazon }} | |
type=raw,value=cuda,priority=850,enable=${{ steps.set_image_variables.outputs.is_latest_cuda }} | |
type=semver,pattern={{version}},enable=${{ steps.set_image_variables.outputs.is_default }},value=${{ steps.get_version.outputs.version }},priority=800 | |
type=semver,pattern={{major}}.{{minor}},enable=${{ steps.set_image_variables.outputs.is_default }},value=${{ steps.get_version.outputs.version }},priority=700 | |
type=semver,pattern={{major}},enable=${{ steps.set_image_variables.outputs.is_default }},value=${{ steps.get_version.outputs.version }},priority=600 | |
type=semver,pattern={{version}}-${{ steps.set_image_variables.outputs.tag }},value=${{ steps.get_version.outputs.version }},priority=500 | |
type=semver,pattern={{major}}.{{minor}}-${{ steps.set_image_variables.outputs.tag}},value=${{ steps.get_version.outputs.version }},priority=400 | |
type=semver,pattern={{major}}-${{ steps.set_image_variables.outputs.tag}},value=${{ steps.get_version.outputs.version }},priority=300 | |
type=sha,prefix=git-,suffix=-${{ steps.set_image_variables.outputs.tag }},priority=200 | |
type=sha,prefix=git-,enable=${{ steps.set_image_variables.outputs.is_default }},priority=100 | |
labels: | | |
distro_id=${{ steps.set_image_variables.outputs.distro_id }} | |
- name: Setup docker buildx | |
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 | |
- name: Login to DockerHub | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to GHCR | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build Docker images but do not push them yet | |
id: docker_build | |
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 | |
env: | |
DOCKER_BUILD_RECORD_UPLOAD: false | |
with: | |
file: ${{ steps.set_image_variables.outputs.distro_id }}.Dockerfile | |
platforms: ${{ steps.set_image_variables.outputs.platforms }} | |
push: false | |
build-args: | | |
BASE_IMAGE=${{ matrix.image }} | |
tags: ${{ steps.get_metadata.outputs.tags }} | |
labels: ${{ steps.get_metadata.outputs.labels}} | |
cache-from: type=registry,ref=ghcr.io/mamba-org/micromamba-cache/stage1:${{ steps.set_image_variables.outputs.tag }} | |
cache-to: type=registry,ref=ghcr.io/mamba-org/micromamba-cache/stage1:${{ steps.set_image_variables.outputs.tag }},mode=max | |
- name: Run tests | |
env: | |
IMAGE: ${{ matrix.image }} | |
run: nox -s "image_tests(base_image='${IMAGE}')" | |
- name: Push stage1 Docker images | |
id: docker_stage1_push | |
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 | |
with: | |
file: ${{ steps.set_image_variables.outputs.distro_id }}.Dockerfile | |
target: stage1 | |
platforms: ${{ steps.set_image_variables.outputs.platforms }} | |
push: true | |
build-args: | | |
BASE_IMAGE=${{ matrix.image }} | |
tags: ${{ steps.get_stage1_metadata.outputs.tags }} | |
labels: ${{ steps.get_stage1_metadata.outputs.labels}} | |
cache-from: | | |
type=registry,ref=ghcr.io/mamba-org/micromaba-cache/stage1:${{ steps.set_image_variables.outputs.tag }} | |
cache-to: type=inline | |
- name: Push Docker images | |
id: docker_push | |
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 | |
env: | |
DOCKER_BUILD_RECORD_UPLOAD: false | |
with: | |
file: ${{ steps.set_image_variables.outputs.distro_id }}.Dockerfile | |
platforms: ${{ steps.set_image_variables.outputs.platforms }} | |
push: true | |
build-args: | | |
BASE_IMAGE=${{ matrix.image }} | |
tags: ${{ steps.get_metadata.outputs.tags }} | |
labels: ${{ steps.get_metadata.outputs.labels}} | |
cache-from: type=registry,ref=ghcr.io/mamba-org/micromamba-cache/cache:${{ steps.set_image_variables.outputs.tag }} | |
cache-to: type=registry,ref=ghcr.io/mamba-org/micromamba-cache/cache:${{ steps.set_image_variables.outputs.tag }},mode=max | |
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 | |
with: | |
name: ${{ steps.set_image_variables.outputs.tag }}.metadata | |
path: ${{ steps.get_metadata.outputs.bake-file }} | |
- name: Image digest | |
run: echo ${{ steps.docker_build.outputs.digest }} | |
update_dockerhub_discription: | |
if: github.repository == 'mamba-org/micromamba-docker' | |
needs: build_docker_image_and_push | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout source | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Get artifacts | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 | |
with: | |
path: artifacts | |
pattern: '*.metadata' | |
- name: Format tags | |
id: format_tags | |
run: | | |
function process_tags { | |
distro_id="$(jq -r '.target."docker-metadata-action".labels["distro_id"]' "$1")" | |
printf '* ' | |
jq -r '.target."docker-metadata-action".tags[]' "$1" \ | |
| grep -v 'ghcr.io' \ | |
| sed 's%^mambaorg/micromamba:\(.*\)$%`\1`, %' \ | |
| tr -d '\n' \ | |
| sed 's%, $%%' \ | |
| sed "s%^\(.*\)%[\1](https://github.com/mamba-org/micromamba-docker/blob/main/${distro_id}.Dockerfile)%" | |
printf '\n\n' | |
} | |
function get_tags_markdown { | |
local latest | |
# want 'latest' image to be listed first | |
latest="$(grep -Rl ':latest"' */*/*.json)" | |
process_tags "${latest}" | |
find . -name docker-metadata-action-bake.json \ | |
| grep -v "${latest}" \ | |
| while read file; do process_tags "$file"; done | |
} | |
echo "TAGS_MARKDOWN<<EOF" >> $GITHUB_ENV | |
echo "## Recent Tags" >> $GITHUB_ENV | |
echo "" >> $GITHUB_ENV | |
get_tags_markdown >> $GITHUB_ENV | |
echo "EOF" >> $GITHUB_ENV | |
- name: generate README_with_tags.md | |
run: | | |
awk -v r='${{ env.TAGS_MARKDOWN }}' \ | |
'{gsub(/<!-- DOCKER_TAGS_INSERTION_POINT -->/,r)}1' \ | |
README.md > README_with_tags.md | |
- name: Copy GitHub README.md to Dockerhub | |
uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
repository: mambaorg/micromamba | |
readme-filepath: ./README_with_tags.md | |
tag_and_release: | |
if: github.repository == 'mamba-org/micromamba-docker' | |
needs: build_docker_image_and_push | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout source | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Get micromamba version number | |
id: get_version | |
run: | | |
echo "version=$(grep '^ARG VERSION=' debian.Dockerfile | cut -d= -f2)" >> $GITHUB_OUTPUT | |
echo "leading_v_version=v$(grep '^ARG VERSION=' debian.Dockerfile | cut -d= -f2)" >> $GITHUB_OUTPUT | |
- name: Get current date | |
id: date | |
run: echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT | |
- name: Get last tag | |
id: last_tag | |
uses: mathieudutour/github-tag-action@a22cf08638b34d5badda920f9daf6e72c477b07b | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
dry_run: true | |
- name: Create git tag | |
if: steps.last_tag.outputs.previous_tag != steps.get_version.outputs.leading_v_version | |
id: create_tag | |
uses: mathieudutour/github-tag-action@a22cf08638b34d5badda920f9daf6e72c477b07b | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
custom_tag: ${{ steps.get_version.outputs.version }} | |
create_annotated_tag: true | |
- name: Create a GitHub release | |
if: steps.last_tag.outputs.previous_tag != steps.get_version.outputs.leading_v_version | |
uses: ncipollo/release-action@aa3b2fa675dd00a28f946e5c0390de0a6eb89770 | |
with: | |
tag: ${{ steps.create_tag.outputs.new_tag }} | |
name: micromamba ${{ steps.create_tag.outputs.new_tag }} | |
body: | | |
micromamba ${{ steps.create_tag.outputs.new_tag }} - ${{ steps.date.outputs.date }} | |
See [release notes for mamba/libmamba/micromamba](https://github.com/mamba-org/mamba/releases) for non-docker changes. | |
Changes to docker image: | |
- micromamba updated to ${{ steps.create_tag.outputs.new_tag }} | |
- If this line exists, then these releases notes still need to be manually updated. |