moves to new base.

2b89e1ee · Emmanuel Bruno · e7723133 · 2b89e1ee · 2b89e1ee · 2b89e1ee
Commit 2b89e1ee authored 2 years ago by Emmanuel Bruno
--- a/.github/workflows/ci-baremetal.yml
+++ b/.github/workflows/ci-baremetal.yml
+name: Multi Arch Bare Metal CI
+on:
+  workflow_dispatch:  
+#  push:
+#    branches:
+#      - 'releases/v*'
+#      - 'develop'
+#    tags:
+#      - 'v*.*.*'
+concurrency:
+  group: ${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  docker:
+    runs-on: [self-hosted, multiarch]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Set the environment variable
+        run: echo REPOSITORY_NAME=${GITHUB_REPOSITORY#*\/} >> $GITHUB_ENV
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4     
+        with:
+          images: |
+            "${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}"
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+          labels: |
+            org.opencontainers.image.description=A test for Docker CI with Github Actions.            
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+#      - name: Login to Private registry
+#        if: github.event_name != 'pull_request'
+#        uses: docker/login-action@v2
+#        with:
+#          registry: ${{ secrets.PRIVATEHUB_HOSTNAME }}
+#          username: ${{ secrets.PRIVATEHUB_USERNAME }}
+#          password: ${{ secrets.PRIVATEHUB_TOKEN }}          
+      - uses: webfactory/ssh-agent@v0.7.0
+        with:
+          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:       
+#          config-inline: |
+#            [registry."docker.io"]
+#              mirrors = ["${{ secrets.DOCKERHUB_PROXY_HOSTNAME }}"]
+          driver-opts: |
+            network=host
+          buildkitd-flags: |
+            --debug 
+            --allow-insecure-entitlement network.host
+            --allow-insecure-entitlement security.insecure            
+          endpoint: ssh://bruno@pc-bruno-gpu
+          platforms: linux/amd64
+          append: |
+            - endpoint: ssh://bruno@mbp-bruno
+              platforms: linux/arm64/v8
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: |
+            linux/amd64
+            linux/arm64/v8
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+#          cache-from: type=registry,ref=${{ secrets.PRIVATEHUB_HOSTNAME }}/${{ secrets.PRIVATEHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}:buildcache
+#          cache-to: type=registry,ref=${{ secrets.PRIVATEHUB_HOSTNAME }}/${{ secrets.PRIVATEHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}:buildcache,mode=min,compression=zstd
+      - name: Update repo description
+        uses: peter-evans/dockerhub-description@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          repository: "${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}"          
--- a/.github/workflows/ci-qemu.yml
+++ b/.github/workflows/ci-qemu.yml
+name: Multi Arch QEMU CI
+on:
+  workflow_dispatch:  
+  push:
+    branches:
+      - 'releases/v*'
+      - 'develop'
+    tags:
+      - 'v*.*.*'
+concurrency:
+  group: ${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  docker:
+    runs-on: [self-hosted, qemu]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set the environment variable
+        run: echo REPOSITORY_NAME=${GITHUB_REPOSITORY#*\/} >> $GITHUB_ENV
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4     
+        with:
+          images: |
+            "${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}"
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+          labels: |
+            org.opencontainers.image.description=A test for Docker CI with Github Actions.            
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to Private registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ secrets.PRIVATEHUB_HOSTNAME }}
+          username: ${{ secrets.PRIVATEHUB_USERNAME }}
+          password: ${{ secrets.PRIVATEHUB_TOKEN }}          
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:       
+          config-inline: |
+            [registry."docker.io"]
+              mirrors = ["${{ secrets.DOCKERHUB_PROXY_HOSTNAME }}"]
+            [registry."${{ secrets.DOCKERHUB_PROXY_HOSTNAME }}"]
+              http = true              
+              insecure = true
+            [registry."${{ secrets.PRIVATEHUB_HOSTNAME }}"]
+              http = true
+              insecure = true
+          driver-opts: |
+            network=host
+          buildkitd-flags: |
+            --debug 
+            --allow-insecure-entitlement network.host
+            --allow-insecure-entitlement security.insecure  
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64/v8
+#          platforms: linux/amd64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=registry,ref=${{ secrets.PRIVATEHUB_HOSTNAME }}/${{ env.REPOSITORY_NAME }}:buildcache
+          cache-to: type=registry,ref=${{ secrets.PRIVATEHUB_HOSTNAME }}/${{ env.REPOSITORY_NAME }}:buildcache,mode=min,compression=zstd
+      - name: Update repo description
+        uses: peter-evans/dockerhub-description@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+          repository: "${{ secrets.DOCKERHUB_USERNAME }}/${{ env.REPOSITORY_NAME }}"          
--- a/Artefacts/apt_packages
+++ b/Artefacts/apt_packages
+coreutils
+dnsutils
+gnupg
+inkscape
+iputils-ping
+net-tools
+postgresql-client
+procps
+tree
\ No newline at end of file
--- a/Dockerfile
+++ b/Dockerfile
-ARG BASE_CONTAINER=brunoe/jupyterutln-default:develop
+FROM brunoe/jupyter-base:develop
-FROM $BASE_CONTAINER
-LABEL maintainer="Emmanuel Bruno <emmanuel.bruno@univ-tln.fr>"
-ENV PLANTUML_VERSION 1.2022.1
-ENV PLANTUML_SHA1 ac9847dac6687f5079793952cf981f8d75ff4515
 USER root
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+ 	apt-get update && \
-# Install minimal dependencies 
+	apt-get install -qq --yes --no-install-recommends \
-RUN	apt-get update && apt-get install -y --no-install-recommends\
+		$(cat /tmp/apt_packages) && \
-		coreutils \
+	rm -rf /var/lib/apt/lists/*
-		curl \
-		dnsutils \
-		gnupg \
-		graphviz \
-		inkscape \
-		iputils-ping \
-		net-tools \
-		pandoc \
-		postgresql-client \
-		procps \
-		tree \
-		ttf-bitstream-vera \
-		zsh && \
-  apt-get clean && rm -rf /var/lib/apt/lists/* && rm -rf /var/cache/apt
 # Postgresql python library
 # SQL support for ipython and PlantUML
-RUN conda install --quiet --yes psycopg2=2.9.1 && \
+RUN conda install --quiet --yes psycopg2 && \
-	conda install -y -c conda-forge postgresql=13.3 pgspecial=1.13.0 && \
+	conda install -y -c conda-forge postgresql pgspecial && \
-    	conda clean -tipsy && \
+    	conda clean -tipy && \
-	pip install ipython-sql==0.4.0 iplantuml==0.1.1 mocodo_magic==1.0.3 && \
+	pip install ipython-sql iplantuml mocodo && \
 	fix-permissions "${CONDA_DIR}" && \
 	fix-permissions "/home/${NB_USER}"
-RUN mkdir /usr/local/jre && \
-	curl -L https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.2%2B8/OpenJDK17U-jre_x64_linux_hotspot_17.0.2_8.tar.gz -o /usr/local/jre/jre.tgz && \
-	tar  zxf /usr/local/jre/jre.tgz --strip=1 -C /usr/local/jre && \
-	rm /usr/local/jre/jre.tgz
-ENV PATH /usr/local/jre/bin:$PATH
-RUN curl -L https://sourceforge.net/projects/plantuml/files/plantuml.${PLANTUML_VERSION}.jar/download -o /usr/local/bin/plantuml.jar && \
-    echo "$PLANTUML_SHA1 */usr/local/bin/plantuml.jar" | sha1sum -c - 
 ENV PGDATA=/home/jovyan/work/pgdata
 COPY initDB.sh /usr/local/bin/before-notebook.d/ 
-RUN ipython profile create && \
+#RUN ipython profile create && \
-	sed -i -e '/c.InteractiveShellApp.extensions = / s/= [^\]]*/= ["mocodo_magic","sql"]/' -e 's/# \(c.InteractiveShellApp.extensions\)/\1/' ~/.ipython/profile_default/ipython_config.py
+#	sed -i -e '/c.InteractiveShellApp.extensions = / s/= [^\]]*/= ["mocodo_magic","sql"]/' -e 's/# \(c.InteractiveShellApp.extensions\)/\1/' ~/.ipython/profile_default/ipython_config.py
 # Switch back to jovyan to avoid accidental container runs as root
 USER $NB_UID
-# RUN mkdir -p /home/jovyan/.ssh && ssh-keyscan -t rsa github.com > /home/jovyan/.ssh/known_hosts
-WORKDIR /home/jovyan
--- a/build.sh
+++ b/build.sh
 #!/bin/bash
+docker build --progress=plain -t brunoe/${PWD##*/}:$(git rev-parse --abbrev-ref HEAD) .
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-. ${DIR}/env.sh
-docker build \
-	--file Dockerfile \
-	-t ${BASE}:$SHA \
-	`[[ "$BRANCH" != "master" ]] && echo -t ${BASE}:$BRANCH` \
-	`[[ "$BRANCH" == "master" ]] && echo -t ${BASE}:latest` \
-	 .
--- a/env.sh
+++ b/env.sh
-#!/bin/bash
-REGISTRY=brunoe
-IMAGE_NAME=${PWD##*/}
-CURRENT=`pwd`
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-cd $DIR
-BASE=${REGISTRY}/${IMAGE_NAME}
-BRANCH=`git rev-parse --abbrev-ref HEAD|tr '/' '_' `
-SHA=`git log -1 --pretty=%h`
-cd $CURRENT
--- a/initDB.sh
+++ b/initDB.sh
 DB_NAME=DEMO_DB
 rm -rf $PGDATA/$DB_NAME
-initdb -D $PGDATA/$DB_NAME
+sudo -u jovyan initdb -D $PGDATA/$DB_NAME
-pg_ctl -D $PGDATA/$DB_NAME -l $PGDATA/../$DB_NAME.log start
+sudo -u jovyan pg_ctl -D $PGDATA/$DB_NAME -l $PGDATA/../$DB_NAME.log start
-createdb --owner=jovyan jovyandb
+sudo -u jovyan createdb --owner=jovyan jovyandb
\ No newline at end of file
--- a/push.sh
+++ b/push.sh
-#!/bin/bash
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
-echo $DIR
-. ${DIR}/env.sh
-BASE=${REGISTRY}/${IMAGE_NAME}
-BRANCH=`git rev-parse --abbrev-ref HEAD`
-echo Branche:$BRANCH
-docker push ${BASE} --all-tags
--- a/run.sh
+++ b/run.sh
 #!/usr/bin/env bash
-DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+WORKDIR=$HOME/JUPYTER_WORK_DIR
-. ${DIR}/env.sh
-docker run --rm \
+echo brunoe/${PWD##*/}:$(git rev-parse --abbrev-ref HEAD) 
+docker run --rm -it \
+	--user root \
 	--name ${PWD##*/} \
-	--volume $PWD/work:/home/jovyan/work \
+	--volume $WORKDIR:/home/jovyan/work \
    --publish 8888:8888 \
    --env NB_UID=$UID \
-	--env JUPYTER_ENABLE_LAB=yes \
+    brunoe/${PWD##*/}:$(git rev-parse --abbrev-ref HEAD) $@ 
-	--env GRANT_SUDO=yes \
-	--env NB_GID=100 \
-        ${BASE}:$SHA 
 #	--env CHOWN_HOME_OPTS='-R'	--env CHOWN_HOME=yes \
\ No newline at end of file