Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add CI action to push images to Docker Hub #1917

Draft
wants to merge 32 commits into
base: qa/1.x
Choose a base branch
from
Draft

Add CI action to push images to Docker Hub #1917

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
4afa5d1
Add GHA to build and push images to docker hub
DanielCosme Mar 18, 2024
6b5dbc7
Make Docker images smaller
DanielCosme Mar 18, 2024
550e541
WIP: feedback from code review
DanielCosme Apr 3, 2024
7221d26
WIP: fix typos in GH workflow
DanielCosme Apr 3, 2024
d207c91
WIP: trigger CI
DanielCosme Apr 3, 2024
f6a5367
Remove coreutils comment
DanielCosme Apr 3, 2024
1efafce
Revert back Github action trigger to manual
DanielCosme Apr 3, 2024
b3f5b83
Add SSH package to mcp-client
DanielCosme Apr 15, 2024
dabcad0
WIP: trim build time dependencies from final images
DanielCosme May 1, 2024
3e1bd3b
Extend elasticSearchFunctions test coverage
replaceafill May 2, 2024
58e30b3
Remove comment from JHOVE validation migration
replaceafill Apr 30, 2024
ba0db52
Fix default thumbnail normalization command
replaceafill Apr 30, 2024
fb09902
Fix SIP arrangement from ArchivesSpace pane
replaceafill May 7, 2024
79ab3d5
Fix failure reports index
replaceafill May 8, 2024
34aa3c8
Remove references to Binder
replaceafill May 8, 2024
159a1ec
Upgrade Python requirements
replaceafill May 9, 2024
44ae43e
Update submodules
replaceafill May 9, 2024
b08560e
Update archivematica-storage-service submodule
replaceafill May 15, 2024
fb498dc
Bump version to 1.17.0
replaceafill May 17, 2024
d5344ce
Upgrade Python requirements
replaceafill May 20, 2024
c73d1b3
Remove dead code in MCPServer
sevein Apr 20, 2024
1ae0dc7
Remove unused file filter
sevein Apr 22, 2024
6927afe
Use json.loads in OutputClientScriptJob
sevein Apr 23, 2024
54f9de7
Introduce JSONDataEncoder for Gearman
sevein Apr 10, 2024
ab63027
Use JSONDataEncoder in MCP task backend
sevein Apr 10, 2024
95153d7
Use JSONDataEncoder in RPC server
sevein Apr 11, 2024
96e9d3a
Remove use of pickle in Access.target
sevein Apr 11, 2024
5326b78
Use orjson in JSONDataEncoder
sevein Apr 23, 2024
caa3a56
Use JSONDataEncoder to encode task createdDate
sevein Apr 27, 2024
b49270e
Add SYS_NICE capability to MySQL container
sevein May 25, 2024
20d633e
Use Ruff for Python linting and formatting
replaceafill May 28, 2024
6ea792c
Allow triggering the test CI workflows manually
replaceafill May 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 15 additions & 1 deletion .github/workflows/acceptance-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,18 @@
---
name: "Acceptance Test"
on:
workflow_dispatch:
inputs:
am_version:
description: "Archivematica ref (branch, tag or SHA to checkout)"
default: "qa/1.x"
required: true
type: "string"
pull_request:
types: [labeled]
jobs:
test:
if: github.event.label.name == 'AMAUAT'
if: "${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.label.name == 'AMAUAT') }}"
name: "Test ${{ matrix.tag }} on ${{ matrix.browser }}"
runs-on: "ubuntu-22.04"
strategy:
Expand All @@ -30,9 +37,16 @@ jobs:
browser: Firefox
steps:
- name: "Check out repository"
if: "${{ github.event_name != 'workflow_dispatch' }}"
uses: "actions/checkout@v4"
with:
submodules: true
- name: "Check out repository (manually triggered)"
if: "${{ github.event_name == 'workflow_dispatch' }}"
uses: "actions/checkout@v4"
with:
ref: "${{ inputs.am_version || 'qa/1.x' }}"
submodules: true
- name: "Create external volumes"
run: |
make -C hack/ create-volumes
Expand Down
46 changes: 46 additions & 0 deletions .github/workflows/push-images.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
name: "Push images to Docker Hub"
on: workflow_dispatch
jobs:
build:
name: "Build and push images"
runs-on: "ubuntu-22.04"
steps:
- name: "Check out repository"
uses: "actions/checkout@v4"
- name: "Set up buildx"
uses: "docker/setup-buildx-action@v3"
with:
version: latest
driver-opts: image=moby/buildkit:v0.13.0
DanielCosme marked this conversation as resolved.
Show resolved Hide resolved
- name: "Login to Docker Hub"
uses: docker/login-action@v3
with:
username: artefactual
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: "Build and Push Dashboard"
uses: docker/build-push-action@v5
with:
context: .
push: true
load: true
file: ./hack/Dockerfile
target: "archivematica-dashboard"
tags: artefactual/archivematica-dashboard:latest
- name: "Build and Push MCPClient"
uses: docker/build-push-action@v5
with:
context: .
push: true
load: true
file: ./hack/Dockerfile
target: "archivematica-mcp-client"
tags: artefactual/archivematica-mcp-client:latest
- name: "Build and Push MCPServer"
uses: docker/build-push-action@v5
with:
context: .
push: true
load: true
file: ./hack/Dockerfile
target: "archivematica-mcp-server"
tags: artefactual/archivematica-mcp-server:latest
25 changes: 25 additions & 0 deletions .github/workflows/test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,13 @@
---
name: "Test"
on:
workflow_dispatch:
inputs:
am_version:
description: "Archivematica ref (branch, tag or SHA to checkout)"
default: "qa/1.x"
required: true
type: "string"
pull_request:
push:
branches:
Expand Down Expand Up @@ -38,7 +45,13 @@ jobs:
python-version: "3.9"
steps:
- name: "Check out repository"
if: "${{ github.event_name != 'workflow_dispatch' }}"
uses: "actions/checkout@v4"
- name: "Check out repository (manually triggered)"
if: "${{ github.event_name == 'workflow_dispatch' }}"
uses: "actions/checkout@v4"
with:
ref: "${{ inputs.am_version || 'qa/1.x' }}"
- name: "Check out the archivematica-storage-service submodule"
run: |
git submodule update --init hack/submodules/archivematica-storage-service/
Expand Down Expand Up @@ -97,7 +110,13 @@ jobs:
working-directory: "./src/dashboard/frontend/"
steps:
- name: "Check out repository"
if: "${{ github.event_name != 'workflow_dispatch' }}"
uses: "actions/checkout@v4"
- name: "Check out repository (manually triggered)"
if: "${{ github.event_name == 'workflow_dispatch' }}"
uses: "actions/checkout@v4"
with:
ref: "${{ inputs.am_version || 'qa/1.x' }}"
- name: "Set up Node JS"
uses: "actions/setup-node@v4"
with:
Expand All @@ -116,7 +135,13 @@ jobs:
runs-on: "ubuntu-22.04"
steps:
- name: "Check out repository"
if: "${{ github.event_name != 'workflow_dispatch' }}"
uses: "actions/checkout@v4"
- name: "Check out repository (manually triggered)"
if: "${{ github.event_name == 'workflow_dispatch' }}"
uses: "actions/checkout@v4"
with:
ref: "${{ inputs.am_version || 'qa/1.x' }}"
- name: "Set up Python 3.9"
uses: "actions/setup-python@v5"
with:
Expand Down
30 changes: 7 additions & 23 deletions .pre-commit-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,35 +9,19 @@ repos:
src/MCPServer/lib/assets/.*\.json|
src/(MCPClient/MCPServer|dashboard)/osdeps/.*\.json
)
- repo: https://github.com/asottile/pyupgrade
rev: v3.15.2
- repo: https://github.com/astral-sh/ruff-pre-commit
rev: v0.4.5
hooks:
- id: pyupgrade
args: [--py38-plus]
- repo: https://github.com/asottile/reorder_python_imports
rev: v3.12.0
hooks:
- id: reorder-python-imports
args: [--py38-plus]
- id: ruff
args: [--fix, --exit-non-zero-on-fix]
- id: ruff-format
- repo: https://github.com/adamchainz/django-upgrade
rev: "1.16.0"
rev: "1.17.0"
hooks:
- id: django-upgrade
args: [--target-version, "4.2"]
- repo: https://github.com/psf/black
rev: "23.12.1"
hooks:
- id: black
args: [--safe, --quiet]
- repo: https://github.com/pycqa/flake8
rev: "7.0.0"
hooks:
- id: flake8
additional_dependencies:
- flake8-bugbear==24.2.6
- flake8-comprehensions==3.14.0
- repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.39.0
rev: v0.41.0
hooks:
- id: markdownlint
exclude: |
Expand Down
135 changes: 100 additions & 35 deletions hack/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,11 +144,67 @@ ENTRYPOINT ["npm", "run", "test-single-run"]

# -----------------------------------------------------------------------------

FROM base-builder as base
FROM ubuntu:${UBUNTU_VERSION} AS base

ARG USER_ID=1000
ARG GROUP_ID=1000
ARG PYENV_DIR=/pyenv
ARG USER_ID
ARG GROUP_ID

ENV DEBIAN_FRONTEND noninteractive
ENV PYTHONUNBUFFERED 1

RUN set -ex \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
ca-certificates \
# gnupg \
# curl \
# git \
# libldap2-dev \
libmysqlclient-dev \
# libsasl2-dev \
# libsqlite3-dev \
locales \
# pkg-config \
tzdata \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/*

RUN locale-gen en_US.UTF-8
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8

ENV PYENV_ROOT=${PYENV_DIR}/data
ENV PATH=$PYENV_ROOT/shims:$PYENV_ROOT/bin:$PATH

RUN set -ex \
&& groupadd --gid ${GROUP_ID} --system archivematica \
&& useradd --uid ${USER_ID} --gid ${GROUP_ID} --home-dir /var/archivematica --system archivematica \
&& mkdir -p /var/archivematica/sharedDirectory \
&& chown -R archivematica:archivematica /var/archivematica

USER archivematica

COPY --chown=${USER_ID}:${GROUP_ID} --from=pyenv-builder --link ${PYENV_DIR} ${PYENV_DIR}
COPY --chown=${USER_ID}:${GROUP_ID} --link . /src


# -----------------------------------------------------------------------------

FROM base AS archivematica-mcp-client

USER root

RUN set -ex \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
gnupg \
curl \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/*

# Purge
# - gnupg
# - git

RUN set -ex \
&& curl --retry 3 -fsSL https://packages.archivematica.org/1.16.x/key.asc | gpg --dearmor -o /etc/apt/keyrings/archivematica-1.16.x.gpg \
Expand All @@ -159,66 +215,37 @@ RUN set -ex \
&& apt-get install -y --no-install-recommends \
atool \
bulk-extractor \
clamav \
coreutils \
ffmpeg \
fits \
g++ \
gcc \
gearman \
gettext \
ghostscript \
hashdeep \
imagemagick \
inkscape \
jhove \
libffi-dev \
libimage-exiftool-perl \
libldap2-dev \
libmysqlclient-dev \
libsasl2-dev \
libssl-dev \
libxml2-dev \
libxslt1-dev \
logapp \
md5deep \
nailgun \
mediaconch \
mediainfo \
nailgun \
nfs-common \
openjdk-8-jre-headless \
p7zip-full \
pbzip2 \
pst-utils \
python3-lxml \
rsync \
siegfried \
sleuthkit \
tesseract-ocr \
tree \
unar \
unrar-free \
uuid \
ssh \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/*

RUN set -ex \
&& groupadd --gid ${GROUP_ID} --system archivematica \
&& useradd --uid ${USER_ID} --gid ${GROUP_ID} --home-dir /var/archivematica --system archivematica \
&& mkdir -p /var/archivematica/sharedDirectory \
&& chown -R archivematica:archivematica /var/archivematica

# Download ClamAV virus signatures
RUN freshclam --quiet

USER archivematica

COPY --chown=${USER_ID}:${GROUP_ID} --from=pyenv-builder --link ${PYENV_DIR} ${PYENV_DIR}
COPY --chown=${USER_ID}:${GROUP_ID} --link . /src

# -----------------------------------------------------------------------------

FROM base AS archivematica-mcp-client

ENV DJANGO_SETTINGS_MODULE settings.common
ENV PYTHONPATH /src/src/MCPClient/lib/:/src/src/MCPClient/lib/clientScripts:/src/src/archivematicaCommon/lib/:/src/src/dashboard/src/
ENV ARCHIVEMATICA_MCPCLIENT_ARCHIVEMATICACLIENTMODULES /src/src/MCPClient/lib/archivematicaClientModules
Expand Down Expand Up @@ -251,6 +278,18 @@ ARG PYTHON_VERSION=3.9

USER root

RUN set -ex \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
# g++ \
gettext \
libffi-dev \
libxml2-dev \
libxslt1-dev \
unar \
libssl-dev \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/*

RUN set -ex \
&& internalDirs=' \
/src/src/dashboard/frontend \
Expand Down Expand Up @@ -284,7 +323,33 @@ ENTRYPOINT ["pyenv", "exec", "python3", "-m", "gunicorn", "--config=/src/src/das

# -----------------------------------------------------------------------------

FROM base AS archivematica-tests
FROM base-builder as archivematica-tests
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the archivematica-tests stage can be much more simple. It's needed for running tox and building its virtual environments, so it only needs Python, the common development libraries base-builder already has and from a quick local test based on the qa/1.x branch the following dependencies:

  • gcc for building C dependencies for the virtual environment.
  • media-types, p7zip-full, rsync and unar for being able to run the Storage Service tests from the hack/Makefile.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, it works, thank you. Done.


ARG USER_ID
ARG GROUP_ID
ARG PYENV_DIR

RUN set -ex \
&& curl --retry 3 -fsSL https://packages.archivematica.org/1.16.x/key.asc | gpg --dearmor -o /etc/apt/keyrings/archivematica-1.16.x.gpg \
&& echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/archivematica-1.16.x.gpg] http://packages.archivematica.org/1.16.x/ubuntu-externals jammy main" > /etc/apt/sources.list.d/archivematica-external.list \
&& curl --retry 3 -so /tmp/repo-mediaarea_1.0-21_all.deb -L https://mediaarea.net/repo/deb/repo-mediaarea_1.0-21_all.deb \
&& dpkg -i /tmp/repo-mediaarea_1.0-21_all.deb \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
gcc \
media-types \
p7zip-full \
pbzip2 \
pst-utils \
python3-lxml \
rsync \
unar \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/*

USER archivematica

COPY --chown=${USER_ID}:${GROUP_ID} --from=pyenv-builder --link ${PYENV_DIR} ${PYENV_DIR}
COPY --chown=${USER_ID}:${GROUP_ID} --link . /src

# -----------------------------------------------------------------------------

Expand Down
Loading