From 2b89e1ee6819ef02f1027ddc9b9f2a616385b100 Mon Sep 17 00:00:00 2001
From: Emmanuel Bruno <emmanuel.bruno@univ-tln.fr>
Date: Fri, 14 Apr 2023 22:47:49 +0200
Subject: [PATCH] moves to new base.
---
.github/workflows/ci-baremetal.yml | 88 +++++++++++++++++++++++++++
.github/workflows/ci-qemu.yml | 95 ++++++++++++++++++++++++++++++
Artefacts/apt_packages | 9 +++
Dockerfile | 54 ++++-------------
build.sh | 11 +---
env.sh | 11 ----
initDB.sh | 6 +-
push.sh | 12 ----
run.sh | 22 +++----
9 files changed, 219 insertions(+), 89 deletions(-)
create mode 100644 .github/workflows/ci-baremetal.yml
create mode 100644 .github/workflows/ci-qemu.yml
create mode 100644 Artefacts/apt_packages
delete mode 100755 env.sh
delete mode 100755 push.sh
diff --git a/.github/workflows/ci-baremetal.yml b/.github/workflows/ci-baremetal.yml
new file mode 100644
index 0000000..1a10496
--- /dev/null
+++ b/.github/workflows/ci-baremetal.yml
@@ -0,0 +1,88 @@
+name: Multi Arch Bare Metal CI
+
+on:
+ workflow_dispatch:
+# push:
+# branches:
+# - 'releases/v*'
+# - 'develop'
+# tags:
+# - 'v*.*.*'
+
+concurrency:
+ group: ${{ github.ref }}
+ cancel-in-progress: true
+
+jobs:
+ docker:
+ runs-on: [self-hosted, multiarch]
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Set the environment variable
+ run: echo REPOSITORY_NAME=${GITHUB_REPOSITORY#*\/} >> $GITHUB_ENV
+ - name: Docker meta
+ id: meta
+ uses: docker/metadata-action@v4
+ with:
+ images: |
+ "${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}"
+ tags: |
+ type=ref,event=branch
+ type=ref,event=pr
+ type=semver,pattern={{version}}
+ type=semver,pattern={{major}}.{{minor}}
+ type=semver,pattern={{major}}
+ labels: |
+ org.opencontainers.image.description=A test for Docker CI with Github Actions.
+ - name: Login to DockerHub
+ if: github.event_name != 'pull_request'
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+# - name: Login to Private registry
+# if: github.event_name != 'pull_request'
+# uses: docker/login-action@v2
+# with:
+# registry: ${{ secrets.PRIVATEHUB_HOSTNAME }}
+# username: ${{ secrets.PRIVATEHUB_USERNAME }}
+# password: ${{ secrets.PRIVATEHUB_TOKEN }}
+ - uses: webfactory/ssh-agent@v0.7.0
+ with:
+ ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v2
+ with:
+# config-inline: |
+# [registry."docker.io"]
+# mirrors = ["${{ secrets.DOCKERHUB_PROXY_HOSTNAME }}"]
+ driver-opts: |
+ network=host
+ buildkitd-flags: |
+ --debug
+ --allow-insecure-entitlement network.host
+ --allow-insecure-entitlement security.insecure
+ endpoint: ssh://bruno@pc-bruno-gpu
+ platforms: linux/amd64
+ append: |
+ - endpoint: ssh://bruno@mbp-bruno
+ platforms: linux/arm64/v8
+ - name: Build and push
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: |
+ linux/amd64
+ linux/arm64/v8
+ push: ${{ github.event_name != 'pull_request' }}
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+# cache-from: type=registry,ref=${{ secrets.PRIVATEHUB_HOSTNAME }}/${{ secrets.PRIVATEHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}:buildcache
+# cache-to: type=registry,ref=${{ secrets.PRIVATEHUB_HOSTNAME }}/${{ secrets.PRIVATEHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}:buildcache,mode=min,compression=zstd
+ - name: Update repo description
+ uses: peter-evans/dockerhub-description@v3
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ repository: "${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}"
diff --git a/.github/workflows/ci-qemu.yml b/.github/workflows/ci-qemu.yml
new file mode 100644
index 0000000..54b5bdd
--- /dev/null
+++ b/.github/workflows/ci-qemu.yml
@@ -0,0 +1,95 @@
+name: Multi Arch QEMU CI
+
+on:
+ workflow_dispatch:
+ push:
+ branches:
+ - 'releases/v*'
+ - 'develop'
+ tags:
+ - 'v*.*.*'
+
+concurrency:
+ group: ${{ github.ref }}
+ cancel-in-progress: true
+
+jobs:
+ docker:
+ runs-on: [self-hosted, qemu]
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v2
+
+ - name: Set the environment variable
+ run: echo REPOSITORY_NAME=${GITHUB_REPOSITORY#*\/} >> $GITHUB_ENV
+
+ - name: Docker meta
+ id: meta
+ uses: docker/metadata-action@v4
+ with:
+ images: |
+ "${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}"
+ tags: |
+ type=ref,event=branch
+ type=ref,event=pr
+ type=semver,pattern={{version}}
+ type=semver,pattern={{major}}.{{minor}}
+ type=semver,pattern={{major}}
+ labels: |
+ org.opencontainers.image.description=A test for Docker CI with Github Actions.
+
+ - name: Login to DockerHub
+ if: github.event_name != 'pull_request'
+ uses: docker/login-action@v2
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+ - name: Login to Private registry
+ if: github.event_name != 'pull_request'
+ uses: docker/login-action@v2
+ with:
+ registry: ${{ secrets.PRIVATEHUB_HOSTNAME }}
+ username: ${{ secrets.PRIVATEHUB_USERNAME }}
+ password: ${{ secrets.PRIVATEHUB_TOKEN }}
+
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v2
+ with:
+ config-inline: |
+ [registry."docker.io"]
+ mirrors = ["${{ secrets.DOCKERHUB_PROXY_HOSTNAME }}"]
+ [registry."${{ secrets.DOCKERHUB_PROXY_HOSTNAME }}"]
+ http = true
+ insecure = true
+ [registry."${{ secrets.PRIVATEHUB_HOSTNAME }}"]
+ http = true
+ insecure = true
+ driver-opts: |
+ network=host
+ buildkitd-flags: |
+ --debug
+ --allow-insecure-entitlement network.host
+ --allow-insecure-entitlement security.insecure
+
+ - name: Build and push
+ uses: docker/build-push-action@v4
+ with:
+ context: .
+ platforms: linux/amd64,linux/arm64/v8
+# platforms: linux/amd64
+ push: ${{ github.event_name != 'pull_request' }}
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+ cache-from: type=registry,ref=${{ secrets.PRIVATEHUB_HOSTNAME }}/${{ env.REPOSITORY_NAME }}:buildcache
+ cache-to: type=registry,ref=${{ secrets.PRIVATEHUB_HOSTNAME }}/${{ env.REPOSITORY_NAME }}:buildcache,mode=min,compression=zstd
+
+ - name: Update repo description
+ uses: peter-evans/dockerhub-description@v3
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ repository: "${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}"
diff --git a/Artefacts/apt_packages b/Artefacts/apt_packages
new file mode 100644
index 0000000..4351315
--- /dev/null
+++ b/Artefacts/apt_packages
@@ -0,0 +1,9 @@
+coreutils
+dnsutils
+gnupg
+inkscape
+iputils-ping
+net-tools
+postgresql-client
+procps
+tree
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 6ee1e3e..6e4fabe 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,58 +1,28 @@
-ARG BASE_CONTAINER=brunoe/jupyterutln-default:develop
-FROM $BASE_CONTAINER
+FROM brunoe/jupyter-base:develop
-LABEL maintainer="Emmanuel Bruno <emmanuel.bruno@univ-tln.fr>"
-
-ENV PLANTUML_VERSION 1.2022.1
-ENV PLANTUML_SHA1 ac9847dac6687f5079793952cf981f8d75ff4515
USER root
-
-
-# Install minimal dependencies
-RUN apt-get update && apt-get install -y --no-install-recommends\
- coreutils \
- curl \
- dnsutils \
- gnupg \
- graphviz \
- inkscape \
- iputils-ping \
- net-tools \
- pandoc \
- postgresql-client \
- procps \
- tree \
- ttf-bitstream-vera \
- zsh && \
- apt-get clean && rm -rf /var/lib/apt/lists/* && rm -rf /var/cache/apt
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+ apt-get update && \
+ apt-get install -qq --yes --no-install-recommends \
+ $(cat /tmp/apt_packages) && \
+ rm -rf /var/lib/apt/lists/*
# Postgresql python library
# SQL support for ipython and PlantUML
-RUN conda install --quiet --yes psycopg2=2.9.1 && \
- conda install -y -c conda-forge postgresql=13.3 pgspecial=1.13.0 && \
- conda clean -tipsy && \
- pip install ipython-sql==0.4.0 iplantuml==0.1.1 mocodo_magic==1.0.3 && \
+RUN conda install --quiet --yes psycopg2 && \
+ conda install -y -c conda-forge postgresql pgspecial && \
+ conda clean -tipy && \
+ pip install ipython-sql iplantuml mocodo && \
fix-permissions "${CONDA_DIR}" && \
fix-permissions "/home/${NB_USER}"
-RUN mkdir /usr/local/jre && \
- curl -L https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.2%2B8/OpenJDK17U-jre_x64_linux_hotspot_17.0.2_8.tar.gz -o /usr/local/jre/jre.tgz && \
- tar zxf /usr/local/jre/jre.tgz --strip=1 -C /usr/local/jre && \
- rm /usr/local/jre/jre.tgz
-ENV PATH /usr/local/jre/bin:$PATH
-
-RUN curl -L https://sourceforge.net/projects/plantuml/files/plantuml.${PLANTUML_VERSION}.jar/download -o /usr/local/bin/plantuml.jar && \
- echo "$PLANTUML_SHA1 */usr/local/bin/plantuml.jar" | sha1sum -c -
-
ENV PGDATA=/home/jovyan/work/pgdata
COPY initDB.sh /usr/local/bin/before-notebook.d/
-RUN ipython profile create && \
- sed -i -e '/c.InteractiveShellApp.extensions = / s/= [^\]]*/= ["mocodo_magic","sql"]/' -e 's/# \(c.InteractiveShellApp.extensions\)/\1/' ~/.ipython/profile_default/ipython_config.py
+#RUN ipython profile create && \
+# sed -i -e '/c.InteractiveShellApp.extensions = / s/= [^\]]*/= ["mocodo_magic","sql"]/' -e 's/# \(c.InteractiveShellApp.extensions\)/\1/' ~/.ipython/profile_default/ipython_config.py
# Switch back to jovyan to avoid accidental container runs as root
USER $NB_UID
-# RUN mkdir -p /home/jovyan/.ssh && ssh-keyscan -t rsa github.com > /home/jovyan/.ssh/known_hosts
-WORKDIR /home/jovyan
diff --git a/build.sh b/build.sh
index 065a9f9..f34af6d 100755
--- a/build.sh
+++ b/build.sh
@@ -1,11 +1,2 @@
#!/bin/bash
-
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-. ${DIR}/env.sh
-
-docker build \
- --file Dockerfile \
- -t ${BASE}:$SHA \
- `[[ "$BRANCH" != "master" ]] && echo -t ${BASE}:$BRANCH` \
- `[[ "$BRANCH" == "master" ]] && echo -t ${BASE}:latest` \
- .
+docker build --progress=plain -t brunoe/${PWD##*/}:$(git rev-parse --abbrev-ref HEAD) .
diff --git a/env.sh b/env.sh
deleted file mode 100755
index 8f244ee..0000000
--- a/env.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-REGISTRY=brunoe
-IMAGE_NAME=${PWD##*/}
-
-CURRENT=`pwd`
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-cd $DIR
-BASE=${REGISTRY}/${IMAGE_NAME}
-BRANCH=`git rev-parse --abbrev-ref HEAD|tr '/' '_' `
-SHA=`git log -1 --pretty=%h`
-cd $CURRENT
diff --git a/initDB.sh b/initDB.sh
index 8546fdd..08ffbf6 100755
--- a/initDB.sh
+++ b/initDB.sh
@@ -1,5 +1,5 @@
DB_NAME=DEMO_DB
rm -rf $PGDATA/$DB_NAME
-initdb -D $PGDATA/$DB_NAME
-pg_ctl -D $PGDATA/$DB_NAME -l $PGDATA/../$DB_NAME.log start
-createdb --owner=jovyan jovyandb
\ No newline at end of file
+sudo -u jovyan initdb -D $PGDATA/$DB_NAME
+sudo -u jovyan pg_ctl -D $PGDATA/$DB_NAME -l $PGDATA/../$DB_NAME.log start
+sudo -u jovyan createdb --owner=jovyan jovyandb
\ No newline at end of file
diff --git a/push.sh b/push.sh
deleted file mode 100755
index a62f4e7..0000000
--- a/push.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/bash
-
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-echo $DIR
-. ${DIR}/env.sh
-
-BASE=${REGISTRY}/${IMAGE_NAME}
-BRANCH=`git rev-parse --abbrev-ref HEAD`
-
-echo Branche:$BRANCH
-docker push ${BASE} --all-tags
-
diff --git a/run.sh b/run.sh
index 0e587df..58704a4 100755
--- a/run.sh
+++ b/run.sh
@@ -1,15 +1,15 @@
#!/usr/bin/env bash
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-. ${DIR}/env.sh
+WORKDIR=$HOME/JUPYTER_WORK_DIR
-docker run --rm \
+echo brunoe/${PWD##*/}:$(git rev-parse --abbrev-ref HEAD)
+
+docker run --rm -it \
+ --user root \
--name ${PWD##*/} \
- --volume $PWD/work:/home/jovyan/work \
- --publish 8888:8888 \
- --env NB_UID=$UID \
- --env JUPYTER_ENABLE_LAB=yes \
- --env GRANT_SUDO=yes \
- --env NB_GID=100 \
- ${BASE}:$SHA
- #--env CHOWN_HOME_OPTS='-R' --env CHOWN_HOME=yes \
+ --volume $WORKDIR:/home/jovyan/work \
+ --publish 8888:8888 \
+ --env NB_UID=$UID \
+ brunoe/${PWD##*/}:$(git rev-parse --abbrev-ref HEAD) $@
+# --env CHOWN_HOME_OPTS='-R' --env CHOWN_HOME=yes \
+
\ No newline at end of file
--
GitLab