fix batch user ssh key permissions in Docker #283
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI-application-containers | |
on: | |
workflow_dispatch: | |
release: | |
types: [published] | |
env: | |
python-version: "3.9" | |
jobs: | |
build: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get the VCell version from tags | |
id: version | |
run: echo ::set-output name=tag::$(echo ${GITHUB_REF:10}) | |
- name: set global environment variables | |
run: | | |
echo "VCELL_TAG=`git rev-parse --short HEAD`" >> $GITHUB_ENV | |
echo "VCELL_REPO_NAMESPACE=ghcr.io/virtualcell" >> $GITHUB_ENV | |
echo "VCELL_DEPLOY_REMOTE_DIR=/share/apps/vcell3/deployed_github" >> $GITHUB_ENV | |
echo "VCELL_MANAGER_NODE=vcellapi-beta.cam.uchc.edu" >> $GITHUB_ENV | |
- name: setup ssh-agent | |
uses: webfactory/[email protected] | |
with: | |
ssh-private-key: ${{ secrets.VC_KEY }} | |
- name: get installer secrets | |
run: | | |
ssh-keyscan vcellapi-beta.cam.uchc.edu >> ~/.ssh/known_hosts | |
sudo mkdir /usr/local/deploy | |
sudo chmod 777 /usr/local/deploy | |
cd /usr/local/deploy | |
scp ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/deploy_dir_2023_07_30.tar . | |
cd .. | |
sudo tar -xvf deploy/deploy_dir_2023_07_30.tar | |
sudo chmod 777 -R deploy | |
- name: Set up Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.python-version }} | |
cache: "pip" | |
- name: Install Dependencies | |
run: pip install -r requirements.txt | |
- name: build vcell-cli-utils package | |
run: | | |
cd vcell-cli-utils | |
poetry install | |
poetry run python -m pytest | |
- name: build vcell-admin package | |
run: | | |
cd docker/swarm/vcell-admin | |
poetry install | |
poetry run python -m pytest | |
- name: build pythonCopasiOpt package | |
run: | | |
cd pythonCopasiOpt/vcell-opt | |
poetry install | |
poetry run python -m pytest | |
- name: build pythonVtk package | |
run: | | |
cd pythonVtk | |
poetry install | |
poetry run python -m pytest | |
- name: build vcutils package | |
run: | | |
cd python-utils | |
poetry install | |
poetry run python -m pytest | |
- name: build python-restclient package | |
run: | | |
cd python-restclient | |
poetry install | |
poetry run python -m pytest | |
- name: setup java 17 with maven cache | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
cache: 'maven' | |
- name: Install Singularity # to make singularity image for cluster | |
uses: eWaterCycle/setup-singularity@v6 | |
with: | |
singularity-version: 3.7.1 | |
- name: build and publish all images | |
shell: bash | |
run: | | |
cd docker/build | |
sudo docker login -u ${{ secrets.ACTION_USER }} -p ${{ secrets.ACTION_TOKEN }} ghcr.io | |
docker login -u ${{ secrets.ACTION_USER }} -p ${{ secrets.ACTION_TOKEN }} ghcr.io | |
./build.sh all ${{ env.VCELL_REPO_NAMESPACE }} ${{ env.VCELL_TAG }} | |
cd singularity-vm | |
singularity remote login -u ${{ secrets.ACTION_USER }} -p ${{ secrets.ACTION_TOKEN }} oras://ghcr.io | |
- name: tag as latest and push to registry # (jcs) are explicit singularity push commands redundant? (see ./build.sh) | |
shell: bash | |
run: | | |
for CONTAINER in vcell-api vcell-batch vcell-opt vcell-clientgen vcell-data vcell-db vcell-mongo vcell-sched vcell-submit vcell-admin;\ | |
do docker tag ${VCELL_REPO_NAMESPACE}/$CONTAINER:${VCELL_TAG} ${VCELL_REPO_NAMESPACE}/$CONTAINER:latest;\ | |
docker tag ${VCELL_REPO_NAMESPACE}/$CONTAINER:${VCELL_TAG} ${VCELL_REPO_NAMESPACE}/$CONTAINER:${{ steps.version.outputs.tag }};\ | |
docker push --all-tags ${VCELL_REPO_NAMESPACE}/$CONTAINER;\ | |
done | |
cd docker/build/singularity-vm | |
singularity push -U $(ls *batch*img) oras://${VCELL_REPO_NAMESPACE}/vcell-batch-singularity:${VCELL_TAG} | |
singularity push -U $(ls *batch*img) oras://${VCELL_REPO_NAMESPACE}/vcell-batch-singularity:${{ steps.version.outputs.tag }} | |
singularity push -U $(ls *batch*img) oras://${VCELL_REPO_NAMESPACE}/vcell-batch-singularity:latest | |
singularity push -U $(ls *opt*img) oras://${VCELL_REPO_NAMESPACE}/vcell-opt-singularity:${VCELL_TAG} | |
singularity push -U $(ls *opt*img) oras://${VCELL_REPO_NAMESPACE}/vcell-opt-singularity:${{ steps.version.outputs.tag }} | |
singularity push -U $(ls *opt*img) oras://${VCELL_REPO_NAMESPACE}/vcell-opt-singularity:latest | |
- name: Setup tmate session | |
uses: mxschmitt/action-tmate@v3 | |
if: ${{ failure() }} |