From 84862d2454d0fb955fb5b24db00153e5d628c3b4 Mon Sep 17 00:00:00 2001 From: bpinsard Date: Fri, 30 May 2025 10:32:53 -0400 Subject: [PATCH 1/4] add build env and ci build of build env. --- .github/workflows/docker-build.yml | 48 ++++++++++++++++++++++++++++++ Dockerfile | 13 ++++++++ 2 files changed, 61 insertions(+) create mode 100644 .github/workflows/docker-build.yml create mode 100644 Dockerfile diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 00000000..64aea0c6 --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,48 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +name: Create and publish a Docker image + +on: + push: + branches: ['master'] + paths: + - Dockerfile +env: + REGISTRY: ghcr.io + IMAGE_NAME: courtois-neuromod/repronim_buildenv + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Log in to the Container registry + uses: docker/login-action@v3.3.0 + with: + registry: ${{ env.REGISTRY }} + username: cneuromod-bot + password: ${{ secrets.CNEUROMOD_BOT_REGISTRY_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5.6.1 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + uses: docker/build-push-action@v6.13.0 + with: + context: . + file: Dockerfile + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..45500f6f --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM alpine:3.21.3 +ENV PATH="/usr/local/apptainer/bin:$PATH" \ + APPTAINER_TMPDIR="/tmp-apptainer" +RUN apk add --no-cache apptainer py3-pytest ca-certificates libseccomp squashfs-tools tzdata fuse2fs fuse-overlayfs squashfuse \ + python3 py3-pip git openssh-client git-annex curl bzip2 bash glab jq\ + && mkdir -p $APPTAINER_TMPDIR \ + && cp /usr/share/zoneinfo/UTC /etc/localtime \ + && apk del tzdata \ + && rm -rf /tmp/* /var/cache/apk/* + +RUN pip install --break-system-packages --no-cache-dir datalad datalad-container ssh_agent_setup python-gitlab + +WORKDIR /work From 30d0b7d212caa464499d74189cbb0e392127ee3b Mon Sep 17 00:00:00 2001 From: bpinsard Date: Fri, 22 Aug 2025 15:31:59 -0400 Subject: [PATCH 2/4] wip: wf to build apptainers on github --- .github/workflows/apptainer-build.yml | 40 +++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 .github/workflows/apptainer-build.yml diff --git a/.github/workflows/apptainer-build.yml b/.github/workflows/apptainer-build.yml new file mode 100644 index 00000000..00e50b03 --- /dev/null +++ b/.github/workflows/apptainer-build.yml @@ -0,0 +1,40 @@ +name: Create and publish a Docker image + +on: + push: + branches: ['master'] + paths: + - image/*/Singularity* +env: + REGISTRY: ghcr.io + IMAGE_NAME: courtois-neuromod/repronim_buildenv:master + +jobs: + build-and-push-apptainer: + runs-on: ubuntu-latest + permissions: + contents: write + container: + image: ${REGISTRY}/${IMAGE_NAME} + options: + - "--device=/dev/fuse" + - "--security-opt apparmor=unconfined" + - "--security-opt seccomp=unconfined" + - "--security-opt systempaths=unconfined" + steps: + - name: Setup git + run: + - git config --global user.name "GitHub al MiGhtY" + - git config --global user.email "git@github.com" + - name: install dataset + run: + datalad install -s https://github.com/${{ env.GITHUB_REPOSITORY }}.git /work + - name: Build new apptainer image + run: | + cd /work + deffile=$(git show --name-only | grep Singularity) + target_image=${deffile/Singularity./}.sing + apptainer build $target_image $deffile + datalad save -m "build container ${target_image} from ${deffile}" + datalad push --to storage-remote || true + datalad push --to origin From 507710f943805bb253b5988bfb84446ef24c49e2 Mon Sep 17 00:00:00 2001 From: bpinsard Date: Fri, 22 Aug 2025 15:34:13 -0400 Subject: [PATCH 3/4] dummy test commit --- .github/workflows/apptainer-build.yml | 29 +++++++++------------------ 1 file changed, 10 insertions(+), 19 deletions(-) diff --git a/.github/workflows/apptainer-build.yml b/.github/workflows/apptainer-build.yml index 00e50b03..efaa37c4 100644 --- a/.github/workflows/apptainer-build.yml +++ b/.github/workflows/apptainer-build.yml @@ -1,40 +1,31 @@ -name: Create and publish a Docker image +name: Update container images on: push: branches: ['master'] paths: - image/*/Singularity* -env: - REGISTRY: ghcr.io - IMAGE_NAME: courtois-neuromod/repronim_buildenv:master - + workflow_dispatch: jobs: build-and-push-apptainer: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: contents: write container: - image: ${REGISTRY}/${IMAGE_NAME} - options: - - "--device=/dev/fuse" - - "--security-opt apparmor=unconfined" - - "--security-opt seccomp=unconfined" - - "--security-opt systempaths=unconfined" + image: ghcr.io/courtois-neuromod/repronim_buildenv:master + options: "--device=/dev/fuse --security-opt apparmor=unconfined --security-opt seccomp=unconfined --security-opt systempaths=unconfined" steps: - name: Setup git - run: - - git config --global user.name "GitHub al MiGhtY" - - git config --global user.email "git@github.com" + run: | + git config --global user.name "GitHub al'MiGhtY" + git config --global user.email "git@github.com" - name: install dataset - run: - datalad install -s https://github.com/${{ env.GITHUB_REPOSITORY }}.git /work + run: datalad install -s https://${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git /work - name: Build new apptainer image run: | cd /work deffile=$(git show --name-only | grep Singularity) target_image=${deffile/Singularity./}.sing - apptainer build $target_image $deffile - datalad save -m "build container ${target_image} from ${deffile}" + datalad run --output $target_image -m "build container ${target_image} from ${deffile}" -- apptainer build $target_image $deffile datalad push --to storage-remote || true datalad push --to origin From e474288a2c0e5610802c34443b03d44105f6a148 Mon Sep 17 00:00:00 2001 From: bpinsard Date: Mon, 8 Sep 2025 16:41:41 -0400 Subject: [PATCH 4/4] cleanup branch --- .github/workflows/apptainer-build.yml | 31 --------------------------- .github/workflows/docker-build.yml | 6 +++--- Dockerfile | 4 ++-- 3 files changed, 5 insertions(+), 36 deletions(-) delete mode 100644 .github/workflows/apptainer-build.yml diff --git a/.github/workflows/apptainer-build.yml b/.github/workflows/apptainer-build.yml deleted file mode 100644 index efaa37c4..00000000 --- a/.github/workflows/apptainer-build.yml +++ /dev/null @@ -1,31 +0,0 @@ -name: Update container images - -on: - push: - branches: ['master'] - paths: - - image/*/Singularity* - workflow_dispatch: -jobs: - build-and-push-apptainer: - runs-on: ubuntu-22.04 - permissions: - contents: write - container: - image: ghcr.io/courtois-neuromod/repronim_buildenv:master - options: "--device=/dev/fuse --security-opt apparmor=unconfined --security-opt seccomp=unconfined --security-opt systempaths=unconfined" - steps: - - name: Setup git - run: | - git config --global user.name "GitHub al'MiGhtY" - git config --global user.email "git@github.com" - - name: install dataset - run: datalad install -s https://${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git /work - - name: Build new apptainer image - run: | - cd /work - deffile=$(git show --name-only | grep Singularity) - target_image=${deffile/Singularity./}.sing - datalad run --output $target_image -m "build container ${target_image} from ${deffile}" -- apptainer build $target_image $deffile - datalad push --to storage-remote || true - datalad push --to origin diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 64aea0c6..d73a8369 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -12,7 +12,7 @@ on: - Dockerfile env: REGISTRY: ghcr.io - IMAGE_NAME: courtois-neuromod/repronim_buildenv + IMAGE_NAME: ReproNim/repronim-buildenv jobs: build-and-push-image: @@ -29,8 +29,8 @@ jobs: uses: docker/login-action@v3.3.0 with: registry: ${{ env.REGISTRY }} - username: cneuromod-bot - password: ${{ secrets.CNEUROMOD_BOT_REGISTRY_TOKEN }} + username: repro-bot + password: ${{ secrets.REPROBOT_REGISTRY_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta diff --git a/Dockerfile b/Dockerfile index 45500f6f..9786c1f9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,12 +2,12 @@ FROM alpine:3.21.3 ENV PATH="/usr/local/apptainer/bin:$PATH" \ APPTAINER_TMPDIR="/tmp-apptainer" RUN apk add --no-cache apptainer py3-pytest ca-certificates libseccomp squashfs-tools tzdata fuse2fs fuse-overlayfs squashfuse \ - python3 py3-pip git openssh-client git-annex curl bzip2 bash glab jq\ + python3 py3-pip git openssh-client git-annex curl bzip2 bash\ && mkdir -p $APPTAINER_TMPDIR \ && cp /usr/share/zoneinfo/UTC /etc/localtime \ && apk del tzdata \ && rm -rf /tmp/* /var/cache/apk/* -RUN pip install --break-system-packages --no-cache-dir datalad datalad-container ssh_agent_setup python-gitlab +RUN pip install --break-system-packages --no-cache-dir datalad datalad-container WORKDIR /work