Skip to content

Publish docker images to GitHub container registry #244

Publish docker images to GitHub container registry

Publish docker images to GitHub container registry #244

Workflow file for this run

name: Build and publish
on: [push, pull_request]
jobs:
get_python_versions:
name: "Determine Python versions"
runs-on: ubuntu-latest
outputs:
min-python: ${{ steps.nep29.outputs.min-python }}
max-python: ${{ steps.nep29.outputs.max-python }}
steps:
- name: "calculate versions according to NEP29"
id: nep29
uses: mstimberg/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
build:
needs: [get_python_versions]
name: Build 🎡 on ${{ matrix.os }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ windows-latest, macOS-12, macOS-14 ]
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Python 3.x
uses: actions/setup-python@v5
with:
python-version: '3.x'
- name: Install platformdirs
run: python -m pip install platformdirs
- name: Display cibuildwheel cache dir
id: cibuildwheel-cache
run: |
from platformdirs import user_cache_path
import os
with open(os.getenv('GITHUB_OUTPUT'), 'w') as f:
f.write(f"dir={str(user_cache_path(appname='cibuildwheel', appauthor='pypa'))}")
shell: python
- name: Cache cibuildwheel tools
uses: actions/cache@v4
with:
path: ${{ steps.cibuildwheel-cache.outputs.dir }}
key: ${{ runner.os }}-cibuildwheel
- name: Build wheels
uses: pypa/[email protected]
env:
CIBW_PROJECT_REQUIRES_PYTHON: ">=${{ needs.get_python_versions.outputs.min-python }}"
CIBW_ARCHS: auto64
# Do not build for PyPy
CIBW_SKIP: 'pp*'
CIBW_TEST_COMMAND: python {project}/dev/continuous-integration/run_simple_test.py
CIBW_TEST_REQUIRES: pytest
with:
output-dir: dist
- name: store distribution 📦
uses: actions/upload-artifact@v4
with:
name: packages-${{ matrix.os }}
path: dist
build-linux:
needs: [get_python_versions]
name: Build ${{ matrix.arch }} 🎡 and source 📦 on Linux
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
arch: [ auto64, aarch64 ]
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Python 3.x
uses: actions/setup-python@v5
with:
python-version: '3.x'
- name: Build source tarball
run: |
python -m pip install --upgrade pip build
python -m build --sdist --config-setting=--formats=gztar --config-setting=--with-cython --config-setting=--fail-on-error
if: ${{ matrix.arch == 'auto64' }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: all
- name: Install platformdirs
run: python -m pip install platformdirs
- name: Display cibuildwheel cache dir
id: cibuildwheel-cache
run: |
from platformdirs import user_cache_path
import os
with open(os.getenv('GITHUB_OUTPUT'), 'w') as f:
f.write(f"dir={str(user_cache_path(appname='cibuildwheel', appauthor='pypa'))}")
shell: python
- name: Cache cibuildwheel tools
uses: actions/cache@v4
with:
path: ${{ steps.cibuildwheel-cache.outputs.dir }}
key: ${{ runner.os }}-${{ matrix.arch }}-cibuildwheel
- name: Build wheels
uses: pypa/[email protected]
env:
CIBW_PROJECT_REQUIRES_PYTHON: ">=${{ needs.get_python_versions.outputs.min-python }}"
CIBW_ARCHS_LINUX: ${{ matrix.arch }}
CIBW_MANYLINUX_X86_64_IMAGE: manylinux2014
CIBW_SKIP: 'pp* *-musllinux_aarch64'
CIBW_TEST_COMMAND: python {project}/dev/continuous-integration/run_simple_test.py
CIBW_TEST_REQUIRES: pytest
with:
output-dir: dist
- name: store distribution 📦
uses: actions/upload-artifact@v4
with:
name: packages-linux-${{ matrix.arch }}
path: dist
deploy_dev:
name: Publish development 📦 to TestPyPI
runs-on: ubuntu-latest
if: github.repository == 'brian-team/brian2' && github.ref == 'refs/heads/master'
environment: development_release
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
needs:
- build
- build-linux
steps:
- name: load distribution 📦
uses: actions/download-artifact@v4
with:
pattern: packages-*
merge-multiple: true
path: dist/
- name: Publish distribution 📦 to Test PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
repository-url: https://test.pypi.org/legacy/
deploy:
name: Publish release 📦 to PyPI
runs-on: ubuntu-latest
if: github.repository == 'brian-team/brian2' && startsWith(github.ref, 'refs/tags')
environment: release
permissions:
id-token: write # IMPORTANT: mandatory for trusted publishing
needs:
- build
- build-linux
steps:
- name: load distribution 📦
uses: actions/download-artifact@v4
with:
pattern: packages-*
merge-multiple: true
path: dist/
- name: Publish distribution release 📦 to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
build-docker:
name: Build docker image
runs-on: ubuntu-latest
needs: build-linux
# Skip everything for PR authors that do not have permission to access secrets
if: ${{ github.event.pull_request.author_association != 'COLLABORATOR' && github.event.pull_request.author_association != 'OWNER' }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
# https://github.com/actions/checkout/
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
# https://github.com/docker/metadata-action
with:
images: |
briansimulator/brian
ghcr.io/brian-team/brian
flavor: latest=true
tags: |
type=ref,event=tag
type=ref,event=branch
labels: |
org.opencontainers.image.title="Brian Docker Image"
org.opencontainers.image.description="Docker image for Brian - a free, open source simulator for spiking neural networks"
org.opencontainers.image.url=https://hub.docker.com/r/briansimulator/brian
org.opencontainers.image.source=https://github.com/brian-team/brian2
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
# https://github.com/docker/setup-qemu-action
with:
platforms: 'amd64,arm64'
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# https://github.com/docker/setup-buildx-action
- name: Login to DockerHub
if: ${{ github.repository == 'brian-team/brian2' && github.actor != 'dependabot[bot]'}}
uses: docker/login-action@v3
# https://github.com/docker/login-action
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
if: ${{ github.repository == 'brian-team/brian2' && github.actor != 'dependabot[bot]'}}
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: load Linux x86 distribution 📦
uses: actions/download-artifact@v4
with:
pattern: packages-linux-*
merge-multiple: true
path: packages
- run: |
mkdir dist
cp packages/Brian2*cp312-manylinux*_x86_64.whl dist
cp packages/Brian2*cp312-manylinux*_aarch64.whl dist
- name: Build (and potentially push) the Docker image
uses: docker/build-push-action@v6
# https://github.com/docker/build-push-action
with:
context: .
file: docker/Dockerfile
build-args: |
'BASE_IMAGE_TAG=3.12-bookworm'
platforms: 'amd64,arm64'
push: ${{ github.repository == 'brian-team/brian2' && startsWith(github.ref, 'refs/tags') && github.actor != 'dependabot[bot]'}}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Push docker image to dev repository
if: ${{ github.repository == 'brian-team/brian2' && github.event_name == 'push' && !startsWith(github.ref, 'refs/tags') && github.actor != 'dependabot[bot]'}}
uses: docker/build-push-action@v6
with:
context: .
file: docker/Dockerfile
build-args: |
'BASE_IMAGE_TAG=3.12-bookworm'
platforms: 'amd64,arm64'
push: true
tags: briansimulator/brian-dev:dev-${{ github.ref_name }}
labels: ${{ steps.meta.outputs.labels }}