# This workflow uses actions that are not certified by GitHub. # They are provided by a third-party and are governed by # separate terms of service, privacy policy, and support # documentation. # GitHub recommends pinning actions to a commit SHA. # To get a newer version, you will need to update the SHA. # You can also reference a tag or branch, but the action may change without warning. # Workflow to automate docker image building during the openfe release process. name: Create and publish a Docker image on: workflow_dispatch: defaults: run: shell: bash -leo pipefail {0} env: REGISTRY: ghcr.io IMAGE_NAME: openfreeenergy/openfe jobs: build-and-push-image: runs-on: ubuntu-latest permissions: contents: read packages: write steps: # see https://dev.to/mathio/squeezing-disk-space-from-github-actions-runners-an-engineers-guide-3pjg - name: Aggressive cleanup run: | # remove unneeded packages to avoid running out of memory # Remove Java (JDKs) sudo rm -rf /usr/lib/jvm # Remove .NET SDKs sudo rm -rf /usr/share/dotnet # Remove Swift toolchain sudo rm -rf /usr/share/swift # Remove Haskell (GHC) sudo rm -rf /usr/local/.ghcup # Remove Julia sudo rm -rf /usr/local/julia* # Remove Android SDKs sudo rm -rf /usr/local/lib/android # Remove Chromium (optional if not using for browser tests) sudo rm -rf /usr/local/share/chromium # Remove Microsoft/Edge and Google Chrome builds sudo rm -rf /opt/microsoft /opt/google # Remove Azure CLI sudo rm -rf /opt/az # Remove PowerShell sudo rm -rf /usr/local/share/powershell # Remove CodeQL and other toolcaches sudo rm -rf /opt/hostedtoolcache docker system prune -af || true docker builder prune -af || true df -h - name: Checkout repository uses: actions/checkout@v4 with: fetch-depth: 0 - name: Get Latest Version id: latest-version run: | LATEST_TAG=$(git describe --tags $(git rev-list --tags --max-count=1)) echo $LATEST_TAG echo "LATEST_TAG=$LATEST_TAG" >> $GITHUB_OUTPUT # slice off the v, ie v0.7.2 -> 0.7.2 VERSION=${LATEST_TAG:1} echo $VERSION echo "VERSION=$VERSION" >> $GITHUB_OUTPUT - name: Print Latest Version run: echo ${{ steps.latest-version.outputs.VERSION }} - name: Create fully qualified image registry path id: fqirp run: | FQIRP=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.latest-version.outputs.VERSION }} echo "FQIRP=$FQIRP" >> $GITHUB_OUTPUT - name: Print FQIRP run: echo ${{ steps.fqirp.outputs.FQIRP }} - name: Log in to the Container registry uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=schedule,pattern=nightly,enable=true,priority=1000 type=ref,event=branch,enable=true,priority=600 type=ref,event=tag,enable=true,priority=600 type=ref,event=pr,prefix=pr-,enable=true,priority=600 type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{version}} type=sha ${{ steps.latest-version.outputs.VERSION }} - name: Build and export to Docker uses: docker/build-push-action@v6 with: context: . file: production/Dockerfile load: true push: false tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} build-args: | VERSION=${{ steps.latest-version.outputs.VERSION }} - name: Test image run: | docker run --rm ${{ steps.fqirp.outputs.FQIRP }} openfe --help docker run --rm ${{ steps.fqirp.outputs.FQIRP }} openfe --version docker run --rm ${{ steps.fqirp.outputs.FQIRP }} python -c "import gufe; print(f'{gufe.__version__=}')" docker run --rm ${{ steps.fqirp.outputs.FQIRP }} pytest --pyargs gufe -v docker run --rm ${{ steps.fqirp.outputs.FQIRP }} pytest --pyargs openfe openfecli -v - name: Push Docker image uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc with: context: . file: production/Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} build-args: | VERSION=${{ steps.latest-version.outputs.VERSION }} - name: Setup Apptainer uses: eWaterCycle/setup-apptainer@v2 with: apptainer-version: 1.3.4 - name: Build Apptainer Image run: singularity build openfe_${{ steps.latest-version.outputs.VERSION }}.sif docker-daemon:${{ steps.fqirp.outputs.FQIRP }} - name: Test & Push Apptainer Image run: | mkdir test_apptainer cd test_apptainer singularity run ../openfe_${{ steps.latest-version.outputs.VERSION }}.sif openfe --help singularity run ../openfe_${{ steps.latest-version.outputs.VERSION }}.sif openfe --version singularity run ../openfe_${{ steps.latest-version.outputs.VERSION }}.sif pytest --pyargs openfe openfecli -v -n auto echo ${{ secrets.GITHUB_TOKEN }} | singularity remote login -u ${{ secrets.GHCR_USERNAME }} --password-stdin oras://ghcr.io singularity push ../openfe_${{ steps.latest-version.outputs.VERSION }}.sif oras://${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.latest-version.outputs.VERSION }}-apptainer singularity push ../openfe_${{ steps.latest-version.outputs.VERSION }}.sif oras://${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest-apptainer