v0.3.17-rc25 #423

Workflow file for this run

.github/workflows/docker-img.yml at ad35c2f

	name: '[cd]docker images'

	on:
	push:
	branches:
	- master
	release:
	types:
	- published

	env:
	OKD_PROJECT: siibra-api
	OKD_PROD_ENDPOINT: https://okd.hbp.eu:443
	OKD_DEV_ENDPOINT: https://okd-dev.hbp.eu:443
	OKD_PROD_SECRET: ${{ secrets.OKD_PROD_SECRET }}
	OKD_DEV_SECRET: ${{ secrets.OKD_DEV_SECRET }}
	DOCKER_REGISTRY: 'docker-registry.ebrains.eu/siibra/'
	DOCKER_IMG: 'siibra-api'

	jobs:
	build-docker-img:
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	flavor: ['server', 'worker', 'all']
	include:
	- flavor: 'all'
	dockerfile: 'Dockerfile'
	tag_suffix: ''
	- flavor: 'worker'
	dockerfile: 'worker.dockerfile'
	tag_suffix: '-worker'
	- flavor: 'server'
	dockerfile: 'server.dockerfile'
	tag_suffix: '-server'

	steps:
	- name: "Sanity check github.ref"
	run: echo GITHUB_REF - $GITHUB_REF - github.ref - ${{ github.ref }}
	- uses: actions/checkout@v4
	- name: "Build docker image"
	run: \|
	GIT_HASH=$(git rev-parse --short HEAD)
	cached_image=${{ env.DOCKER_REGISTRY }}${{ env.DOCKER_IMG }}:latest${{ matrix.tag_suffix }}
	echo "Pulling $cached_image to populate cached layers."
	docker pull $cached_image
	docker build --build-arg GIT_HASH=$GIT_HASH -t siibra-api-tmp-img -f ${{ matrix.dockerfile }} .

	- name: "Tag and Push (latest \|\| rc)"
	if: ${{ (github.event_name == 'push') \|\| contains(github.ref, 'rc') }}
	run: \|
	if [[ "$GITHUB_REF" = "rc" ]]
	then
	TAG_BASE=rc
	else
	TAG_BASE=latest
	fi

	NEW_TAG=${{ env.DOCKER_REGISTRY }}${{ env.DOCKER_IMG }}:${TAG_BASE}${{ matrix.tag_suffix }}
	docker tag siibra-api-tmp-img ${NEW_TAG}

	echo "Login to docker registry"
	docker login \
	-u '${{ secrets.EBRAINS_DOCKER_REG_USER }}' \
	-p '${{ secrets.EBRAINS_DOCKER_REG_TOKEN }}' \
	docker-registry.ebrains.eu

	docker push $NEW_TAG

	- name: "Tag and Push (release)"
	if : ${{ (github.event_name == 'release') && !contains(github.ref, 'rc') }}
	run: \|

	echo "Login to docker registry"
	docker login \
	-u '${{ secrets.EBRAINS_DOCKER_REG_USER }}' \
	-p '${{ secrets.EBRAINS_DOCKER_REG_TOKEN }}' \
	docker-registry.ebrains.eu

	VERSION=$(cat api/VERSION)
	while [[ "$VERSION" == "." ]]
	do
	if [[ "$BREAK" == "0" ]]
	then
	echo "Fuse broke!"
	exit 1
	fi
	VERSIONED_DOCKERTAG=${{ env.DOCKER_REGISTRY }}${{ env.DOCKER_IMG }}:${VERSION}${{ matrix.tag_suffix }}
	echo "tagging and pushing $VERSIONED_DOCKERTAG"
	docker tag siibra-api-tmp-img $VERSIONED_DOCKERTAG
	docker push $VERSIONED_DOCKERTAG

	echo "Push successful... Incrementing version & break"
	VERSION=$(echo $VERSION \| sed -e 's/\.\w*$//g')
	BREAK=$(( "$BREAK" - 1 ))
	done
	echo "Done"

	setup-envvar:
	runs-on: ubuntu-latest
	outputs:
	queues: ${{ steps.set-env-var.outputs.queues }}
	version: ${{ steps.set-env-var.outputs.version }}
	needs: build-docker-img
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-python@v5
	with:
	python-version: '3.10'
	- name: 'Setting env var'
	id: set-env-var
	run: \|
	queues=$(python -c 'import api.siibra_api_config as cfg; print(" ".join([f"{q!r}" for q in cfg.queues]))') >> "$GITHUB_OUTPUT"
	version=$(python -c 'import api.siibra_api_config as cfg; print(cfg.__version__)') >> "$GITHUB_OUTPUT"

	if [[ -z "$version" ]]
	then
	echo "Version population failed: $version"
	exit 1
	fi
	if [[ -z "$queues" ]]
	then
	echo "Queues population failed: $queues"
	exit 1
	fi

	echo queues=$queues >> $GITHUB_OUTPUT
	echo version=$version >> $GITHUB_OUTPUT

	deploy-latest-on-okd:
	needs: setup-envvar
	if: ${{ github.event_name == 'push' }}

	uses: ./.github/workflows/deploy-on-okd.yml
	with:
	okd_endpoint: https://okd-dev.hbp.eu:443
	flavor: latest
	queues: ${{ needs.setup-envvar.outputs.queues }}
	version: ${{ needs.setup-envvar.outputs.version }}
	workerimage: docker-registry.ebrains.eu/siibra/siibra-api:latest-worker
	secrets:
	okd_token: ${{ secrets.OKD_DEV_SECRET }}

	deploy-rc-on-okd:
	needs: setup-envvar
	if: ${{ github.event_name == 'release' && contains(github.ref, 'rc') }}

	uses: ./.github/workflows/deploy-on-okd.yml
	with:
	okd_endpoint: https://okd.hbp.eu:443
	flavor: rc
	queues: ${{ needs.setup-envvar.outputs.queues }}
	version: ${{ needs.setup-envvar.outputs.version }}
	workerimage: docker-registry.ebrains.eu/siibra/siibra-api:rc-worker
	secrets:
	okd_token: ${{ secrets.OKD_PROD_SECRET }}

	deploy-rc-on-data-validation:
	needs:
	- build-docker-img
	if: ${{ github.event_name == 'push' }}
	runs-on: siibra-data-validation
	steps:
	- run: \|
	/bin/bash -c "cd /softwares/software && ./restart.sh"

	deploy-prod-on-okd:
	needs: setup-envvar
	if: ${{ github.event_name == 'release' && !contains(github.ref, 'rc') }}
	strategy:
	fail-fast: false
	matrix:
	deploy-site: ['jsc', 'cscs']
	include:
	- deploy-site: 'jsc'
	okd-endpoint: https://okd.jsc.hbp.eu:443

	- deploy-site: 'cscs'
	okd-endpoint: https://okd.hbp.eu:443

	uses: ./.github/workflows/deploy-on-okd.yml
	with:
	okd_endpoint: ${{ matrix.okd-endpoint }}
	flavor: stable
	queues: ${{ needs.setup-envvar.outputs.queues }}
	version: ${{ needs.setup-envvar.outputs.version }}
	workerimage: docker-registry.ebrains.eu/siibra/siibra-api:0.3-worker
	secrets:
	okd_token: ${{ matrix.deploy-site == 'jsc' && secrets.OKD_JSC_SECRET \|\| secrets.OKD_PROD_SECRET }}


	# rc
	warmup-rc-at-helm:
	needs: setup-envvar
	if: ${{ github.event_name == 'release' && contains(github.ref, 'rc') }}
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: ./.github/workflows/composite-set-k8s-cred
	with:
	secrets: ${{ secrets.KUBECONFIG }}
	- timeout-minutes: 15 # should not take more than 15 minutes to warmup cache
	run: \|
	# Delete pod at the beginning of the workflow
	# This is so that logs can be inspected
	kubectl delete pod/warmup-pod \|\| echo "Pod pod/warmup-pod not found."

	# TODO Flaky
	# see .helm/siibra-api/templates/_helpers.tpl how siibra-api.cache-dir is defined

	WARM_CACHE_YML=$(SIIBRA_CACHEDIR=/siibra-api-volume/${{ needs.setup-envvar.outputs.version }}-rc/ envsubst < .helm/adhoc/warm-cache.yaml)
	echo -e "WARM_CACHE_YML: \n$WARM_CACHE_YML"

	echo "$WARM_CACHE_YML" \| kubectl apply -f -

	while true
	do
	sleep 10
	POD_PHASE=$(kubectl get pod warmup-pod -o json \| jq -r '.status.phase')

	echo Possible phases: Pending, Running, Succeeded, Failed, Unknown
	echo Found phase: $POD_PHASE

	if [[ "$POD_PHASE" == "Failed" ]] \|\| [[ "$POD_PHASE" == "Unknown" ]]
	then
	exit 1
	fi

	if [[ "$POD_PHASE" == "Succeeded" ]]
	then
	exit 0
	fi
	done

	clear-rc-redis-cache:
	runs-on: ubuntu-latest
	timeout-minutes: 1 # should not take more than 1 minute to clear the cache
	needs:
	- warmup-rc-at-helm
	- setup-envvar
	steps:
	- uses: actions/checkout@v4
	- uses: ./.github/workflows/composite-set-k8s-cred
	with:
	secrets: ${{ secrets.KUBECONFIG }}
	- run: \|
	REDIS_POD=$(kubectl get pod -l app=cache-redis \| grep Running \| awk '{print $1}')
	echo kubectl exec $REDIS_POD -- /bin/ash -c "redis-cli redis-cli --scan --pattern '\[${{ needs.setup-envvar.outputs.version }}\]' \| while IFS= read -r line; do redis-cli del "$line"; done"
	kubectl exec $REDIS_POD -- /bin/ash -c "redis-cli redis-cli --scan --pattern '\[${{ needs.setup-envvar.outputs.version }}\]' \| while IFS= read -r line; do redis-cli del "$line"; done"

	deploy-rc-via-helm:
	needs: warmup-rc-at-helm
	if: ${{ github.event_name == 'release' && contains(github.ref, 'rc') }}
	uses: ./.github/workflows/deploy-helm.yml
	with:
	DEPLOYMENT_NAME: rc
	secrets:
	KUBECONFIG: ${{ secrets.KUBECONFIG }}

	# prod
	copy-by-helm:
	needs: setup-envvar
	if: ${{ github.event_name == 'release' && !contains(github.ref, 'rc') }}
	runs-on: ubuntu-latest
	timeout-minutes: 15 # should not take more than 15 minutes to copy cache
	steps:
	- uses: actions/checkout@v4
	- uses: ./.github/workflows/composite-set-k8s-cred
	with:
	secrets: ${{ secrets.KUBECONFIG }}
	- name: 'set FROM_DIR TO_DIR'
	run: \|
	VERSION=${{ needs.setup-envvar.outputs.version }}

	# TODO use label exclusively in the future
	POD=$(kubectl get pod -l role=server \| grep rc-siibra-api \| awk '{print $1}')
	echo POD: $POD

	cache_str=$(kubectl exec $POD env \| grep SIIBRA_CACHEDIR)
	FROM_DIR=${cache_str//SIIBRA_CACHEDIR=/}
	TO_DIR=${FROM_DIR//-rc/}
	POD_NAME=copy-cache

	echo FROM_DIR: $FROM_DIR, TO_DIR: $TO_DIR, POD_NAME: $POD_NAME

	echo "FROM_DIR=$FROM_DIR" >> $GITHUB_ENV
	echo "TO_DIR=$TO_DIR" >> $GITHUB_ENV
	echo "POD_NAME=$POD_NAME" >> $GITHUB_ENV

	- name: 'start container'
	run: \|
	# delete pod before workflow, so that logs can be inspected
	kubectl delete pod/$POD_NAME \|\| echo "Pod pod/$POD_NAME not found."
	FROM_DIR=$FROM_DIR TO_DIR=$TO_DIR envsubst < .helm/adhoc/copy-cache.yaml \| kubectl apply -f -
	- name: 'Ensure copy completes'
	run: \|
	while true
	do
	sleep 10
	POD_PHASE=$(kubectl get pod $POD_NAME -o json \| jq -r '.status.phase')

	echo Possible phases: Pending, Running, Succeeded, Failed, Unknown
	echo Found phase: $POD_PHASE

	if [[ "$POD_PHASE" == "Failed" ]] \|\| [[ "$POD_PHASE" == "Unknown" ]]
	then
	exit 1
	fi

	if [[ "$POD_PHASE" == "Succeeded" ]]
	then
	exit 0
	fi
	done

	deploy-prod-via-helm:
	needs: copy-by-helm
	if: ${{ github.event_name == 'release' && !contains(github.ref, 'rc') }}
	uses: ./.github/workflows/deploy-helm.yml
	with:
	DEPLOYMENT_NAME: prod
	secrets:
	KUBECONFIG: ${{ secrets.KUBECONFIG }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v0.3.17-rc25 #423

Workflow file

v0.3.17-rc25 #423

Jobs

Run details

Workflow file for this run