Skip to content

v0.3.17-rc20

v0.3.17-rc20 #410

Workflow file for this run

name: '[cd]docker images'
on:
push:
branches:
- master
release:
types:
- published
env:
OKD_PROJECT: siibra-api
OKD_PROD_ENDPOINT: https://okd.hbp.eu:443
OKD_DEV_ENDPOINT: https://okd-dev.hbp.eu:443
OKD_PROD_SECRET: ${{ secrets.OKD_PROD_SECRET }}
OKD_DEV_SECRET: ${{ secrets.OKD_DEV_SECRET }}
DOCKER_REGISTRY: 'docker-registry.ebrains.eu/siibra/'
DOCKER_IMG: 'siibra-api'
jobs:
build-docker-img:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
flavor: ['server', 'worker', 'all']
include:
- flavor: 'all'
dockerfile: 'Dockerfile'
tag_suffix: ''
- flavor: 'worker'
dockerfile: 'worker.dockerfile'
tag_suffix: '-worker'
- flavor: 'server'
dockerfile: 'server.dockerfile'
tag_suffix: '-server'
steps:
- name: "Sanity check github.ref"
run: echo GITHUB_REF - $GITHUB_REF - github.ref - ${{ github.ref }}
- uses: actions/checkout@v4
- name: "Build docker image"
run: |
GIT_HASH=$(git rev-parse --short HEAD)
cached_image=${{ env.DOCKER_REGISTRY }}${{ env.DOCKER_IMG }}:latest${{ matrix.tag_suffix }}
echo "Pulling $cached_image to populate cached layers."
docker pull $cached_image
docker build --build-arg GIT_HASH=$GIT_HASH -t siibra-api-tmp-img -f ${{ matrix.dockerfile }} .
- name: "Tag and Push (latest || rc)"
if: ${{ (github.event_name == 'push') || contains(github.ref, 'rc') }}
run: |
if [[ "$GITHUB_REF" = *"rc"* ]]
then
TAG_BASE=rc
else
TAG_BASE=latest
fi
NEW_TAG=${{ env.DOCKER_REGISTRY }}${{ env.DOCKER_IMG }}:${TAG_BASE}${{ matrix.tag_suffix }}
docker tag siibra-api-tmp-img ${NEW_TAG}
echo "Login to docker registry"
docker login \
-u '${{ secrets.EBRAINS_DOCKER_REG_USER }}' \
-p '${{ secrets.EBRAINS_DOCKER_REG_TOKEN }}' \
docker-registry.ebrains.eu
docker push $NEW_TAG
- name: "Tag and Push (release)"
if : ${{ (github.event_name == 'release') && !contains(github.ref, 'rc') }}
run: |
echo "Login to docker registry"
docker login \
-u '${{ secrets.EBRAINS_DOCKER_REG_USER }}' \
-p '${{ secrets.EBRAINS_DOCKER_REG_TOKEN }}' \
docker-registry.ebrains.eu
VERSION=$(cat api/VERSION)
while [[ "$VERSION" == *"."* ]]
do
if [[ "$BREAK" == "0" ]]
then
echo "Fuse broke!"
exit 1
fi
VERSIONED_DOCKERTAG=${{ env.DOCKER_REGISTRY }}${{ env.DOCKER_IMG }}:${VERSION}${{ matrix.tag_suffix }}
echo "tagging and pushing $VERSIONED_DOCKERTAG"
docker tag siibra-api-tmp-img $VERSIONED_DOCKERTAG
docker push $VERSIONED_DOCKERTAG
echo "Push successful... Incrementing version & break"
VERSION=$(echo $VERSION | sed -e 's/\.\w*$//g')
BREAK=$(( "$BREAK" - 1 ))
done
echo "Done"
setup-envvar:
runs-on: ubuntu-latest
outputs:
queues: ${{ steps.set-env-var.outputs.queues }}
version: ${{ steps.set-env-var.outputs.version }}
needs: build-docker-img
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: 'Setting env var'
id: set-env-var
run: |
queues=$(python -c 'import api.siibra_api_config as cfg; print(" ".join([f"{q!r}" for q in cfg.queues]))') >> "$GITHUB_OUTPUT"
version=$(python -c 'import api.siibra_api_config as cfg; print(cfg.__version__)') >> "$GITHUB_OUTPUT"
if [[ -z "$version" ]]
then
echo "Version population failed: $version"
exit 1
fi
if [[ -z "$queues" ]]
then
echo "Queues population failed: $queues"
exit 1
fi
echo queues=$queues >> $GITHUB_OUTPUT
echo version=$version >> $GITHUB_OUTPUT
deploy-latest-on-okd:
needs: setup-envvar
if: ${{ github.event_name == 'push' }}
uses: ./.github/workflows/deploy-on-okd.yml
with:
okd_endpoint: https://okd-dev.hbp.eu:443
flavor: latest
queues: ${{ needs.setup-envvar.outputs.queues }}
version: ${{ needs.setup-envvar.outputs.version }}
workerimage: docker-registry.ebrains.eu/siibra/siibra-api:latest-worker
secrets:
okd_token: ${{ secrets.OKD_DEV_SECRET }}
deploy-rc-on-okd:
needs: setup-envvar
if: ${{ github.event_name == 'release' && contains(github.ref, 'rc') }}
uses: ./.github/workflows/deploy-on-okd.yml
with:
okd_endpoint: https://okd.hbp.eu:443
flavor: rc
queues: ${{ needs.setup-envvar.outputs.queues }}
version: ${{ needs.setup-envvar.outputs.version }}
workerimage: docker-registry.ebrains.eu/siibra/siibra-api:rc-worker
secrets:
okd_token: ${{ secrets.OKD_PROD_SECRET }}
# disable deployment on jsc
# data-validation-config-hash:
# if: ${{ github.event_name == 'release' && contains(github.ref, 'rc') }}
# runs-on: ubuntu-latest
# outputs:
# CONFIG_SHORT_REV: ${{ steps.parse-rev.outputs.CONFIG_SHORT_REV }}
# steps:
# - id: parse-rev
# name: Get short rev of HEAD at master
# run: |
# git clone https://jugit.fz-juelich.de/t.dickscheid/brainscapes-configurations.git
# CONFIG_SHORT_REV=$(git -C brainscapes-configurations rev-parse --short=6 HEAD)
# echo CONFIG_SHORT_REV=$CONFIG_SHORT_REV >> $GITHUB_OUTPUT
# deploy-rc-on-data-validation:
# needs:
# - setup-envvar
# - data-validation-config-hash
# if: ${{ github.event_name == 'release' && contains(github.ref, 'rc') }}
# uses: ./.github/workflows/deploy-on-okd.yml
# with:
# okd_endpoint: https://okd.jsc.hbp.eu:443
# flavor: rc
# queues: ${{ needs.setup-envvar.outputs.queues }}
# version: c.${{ needs.data-validation-config-hash.outputs.CONFIG_SHORT_REV }}
# workerimage: docker-registry.ebrains.eu/siibra/siibra-api:rc-worker
# secrets:
# okd_token: ${{ secrets.OKD_JSC_SECRET }}
deploy-prod-on-okd:
needs: setup-envvar
if: ${{ github.event_name == 'release' && !contains(github.ref, 'rc') }}
strategy:
fail-fast: false
matrix:
deploy-site: ['jsc', 'cscs']
include:
- deploy-site: 'jsc'
okd-endpoint: https://okd.jsc.hbp.eu:443
- deploy-site: 'cscs'
okd-endpoint: https://okd.hbp.eu:443
uses: ./.github/workflows/deploy-on-okd.yml
with:
okd_endpoint: ${{ matrix.okd-endpoint }}
flavor: stable
queues: ${{ needs.setup-envvar.outputs.queues }}
version: ${{ needs.setup-envvar.outputs.version }}
workerimage: docker-registry.ebrains.eu/siibra/siibra-api:0.3-worker
secrets:
okd_token: ${{ matrix.deploy-site == 'jsc' && secrets.OKD_JSC_SECRET || secrets.OKD_PROD_SECRET }}
# rc
warmup-rc-at-helm:
needs: setup-envvar
if: ${{ github.event_name == 'release' && contains(github.ref, 'rc') }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/workflows/composite-set-k8s-cred
with:
secrets: ${{ secrets.KUBECONFIG }}
- timeout-minutes: 15 # should not take more than 15 minutes to warmup cache
run: |
# Delete pod at the beginning of the workflow
# This is so that logs can be inspected
kubectl delete pod/warmup-pod || echo "Pod pod/warmup-pod not found."
# TODO Flaky
# see .helm/siibra-api/templates/_helpers.tpl how siibra-api.cache-dir is defined
WARM_CACHE_YML=$(SIIBRA_CACHEDIR=/siibra-api-volume/${{ needs.setup-envvar.outputs.version }}-rc/ envsubst < .helm/adhoc/warm-cache.yaml)
echo -e "WARM_CACHE_YML: \n$WARM_CACHE_YML"
echo "$WARM_CACHE_YML" | kubectl apply -f -
while true
do
sleep 10
POD_PHASE=$(kubectl get pod warmup-pod -o json | jq -r '.status.phase')
echo Possible phases: Pending, Running, Succeeded, Failed, Unknown
echo Found phase: $POD_PHASE
if [[ "$POD_PHASE" == "Failed" ]] || [[ "$POD_PHASE" == "Unknown" ]]
then
exit 1
fi
if [[ "$POD_PHASE" == "Succeeded" ]]
then
exit 0
fi
done
clear-rc-redis-cache:
runs-on: ubuntu-latest
timeout-minutes: 1 # should not take more than 1 minute to clear the cache
needs:
- warmup-rc-at-helm
- setup-envvar
steps:
- uses: actions/checkout@v4
- uses: ./.github/workflows/composite-set-k8s-cred
with:
secrets: ${{ secrets.KUBECONFIG }}
- run: |
REDIS_POD=$(kubectl get pod -l app=cache-redis | grep Running | awk '{print $1}')
echo kubectl exec $REDIS_POD -- /bin/ash -c "redis-cli redis-cli --scan --pattern '*\[${{ needs.setup-envvar.outputs.version }}\]*' | while IFS= read -r line; do redis-cli del "$line"; done"
kubectl exec $REDIS_POD -- /bin/ash -c "redis-cli redis-cli --scan --pattern '*\[${{ needs.setup-envvar.outputs.version }}\]*' | while IFS= read -r line; do redis-cli del "$line"; done"
deploy-rc-via-helm:
needs: warmup-rc-at-helm
if: ${{ github.event_name == 'release' && contains(github.ref, 'rc') }}
uses: ./.github/workflows/deploy-helm.yml
with:
DEPLOYMENT_NAME: rc
secrets:
KUBECONFIG: ${{ secrets.KUBECONFIG }}
# prod
copy-by-helm:
needs: setup-envvar
if: ${{ github.event_name == 'release' && !contains(github.ref, 'rc') }}
runs-on: ubuntu-latest
timeout-minutes: 15 # should not take more than 15 minutes to copy cache
steps:
- uses: actions/checkout@v4
- uses: ./.github/workflows/composite-set-k8s-cred
with:
secrets: ${{ secrets.KUBECONFIG }}
- name: 'set FROM_DIR TO_DIR'
run: |
VERSION=${{ needs.setup-envvar.outputs.version }}
# TODO use label exclusively in the future
POD=$(kubectl get pod -l role=server | grep rc-siibra-api | awk '{print $1}')
echo POD: $POD
cache_str=$(kubectl exec $POD env | grep SIIBRA_CACHEDIR)
FROM_DIR=${cache_str//SIIBRA_CACHEDIR=/}
TO_DIR=${FROM_DIR//-rc/}
POD_NAME=copy-cache
echo FROM_DIR: $FROM_DIR, TO_DIR: $TO_DIR, POD_NAME: $POD_NAME
echo "FROM_DIR=$FROM_DIR" >> $GITHUB_ENV
echo "TO_DIR=$TO_DIR" >> $GITHUB_ENV
echo "POD_NAME=$POD_NAME" >> $GITHUB_ENV
- name: 'start container'
run: |
# delete pod before workflow, so that logs can be inspected
kubectl delete pod/$POD_NAME || echo "Pod pod/$POD_NAME not found."
FROM_DIR=$FROM_DIR TO_DIR=$TO_DIR envsubst < .helm/adhoc/copy-cache.yaml | kubectl apply -f -
- name: 'Ensure copy completes'
run: |
while true
do
sleep 10
POD_PHASE=$(kubectl get pod $POD_NAME -o json | jq -r '.status.phase')
echo Possible phases: Pending, Running, Succeeded, Failed, Unknown
echo Found phase: $POD_PHASE
if [[ "$POD_PHASE" == "Failed" ]] || [[ "$POD_PHASE" == "Unknown" ]]
then
exit 1
fi
if [[ "$POD_PHASE" == "Succeeded" ]]
then
exit 0
fi
done
deploy-prod-via-helm:
needs: copy-by-helm
if: ${{ github.event_name == 'release' && !contains(github.ref, 'rc') }}
uses: ./.github/workflows/deploy-helm.yml
with:
DEPLOYMENT_NAME: prod
secrets:
KUBECONFIG: ${{ secrets.KUBECONFIG }}