Add workflow to publish container image to ghcr

r0x0d · Oct 25, 2024 · 22c38de · 22c38de
1 parent f64851e
commit 22c38de
Show file tree

Hide file tree

Showing 3 changed files with 74 additions and 0 deletions.
diff --git a/.github/workflows/ghcr-push.yaml b/.github/workflows/ghcr-push.yaml
@@ -0,0 +1,71 @@
+# This workflow will perform a test whenever there
+# is some change in code done to ensure that the changes
+# are not buggy and we are getting the desired output.
+name: Push to GHCR
+on:
+  push:
+    branches: [main, push-to-ghcr]
+  workflow_dispatch:
+
+env:
+    IMAGE_NAME: ${{ github.event.repository.name }}
+    IMAGE_TAGS: latest ${{ github.sha }}
+    IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
+    REGISTRY_USER: ${{ github.actor }}
+    REGISTRY_PASSWORD: ${{ github.token }}
+    REDHAT_IMAGE_REGISTRY: registry.redhat.io
+
+jobs:
+  push-ghcr:
+    name: Build and push image
+    runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+
+    steps:
+      # Checkout push-to-registry action github repository
+      - name: Checkout Push to Registry action
+        uses: actions/checkout@v4
+
+      - name: Install podman
+        run: |
+          sudo apt-get install podman -y
+
+      - name: Log in to ${{ env.REDHAT_IMAGE_REGISTRY }}
+        uses: redhat-actions/podman-login@v1
+        with:
+          username: ${{ secrets.REGISTRY_USER }}
+          password: ${{ secrets.REGISTRY_PASSWORD }}
+          registry: ${{ env.REDHAT_IMAGE_REGISTRY }}
+
+      - name: Generate required files for building images
+        run: |
+          pip install pdm pip-tools && make requirements.txt
+
+      # Build image using Buildah action
+      - name: Build Image
+        id: build_image
+        uses: redhat-actions/buildah-build@v2
+        with:
+          image: ${{ env.IMAGE_NAME }}
+          tags: ${{ env.IMAGE_TAGS }}
+          oci: true
+          containerfiles: |
+            ./Containerfile
+                                                                            
+      # Push the image to GHCR (Image Registry)
+      - name: Push To GHCR
+        uses: redhat-actions/push-to-registry@v2
+        id: push
+        with:
+          image: ${{ steps.build_image.outputs.image }}
+          tags: ${{ steps.build_image.outputs.tags }}
+          registry: ${{ env.IMAGE_REGISTRY }}
+          username: ${{ env.REGISTRY_USER }}
+          password: ${{ env.REGISTRY_PASSWORD }}
+          # extra-args: |
+          #  --disable-content-trust
+
+      - name: Echo outputs
+        run: |
+          echo "${{ toJSON(steps.push.outputs) }}"
diff --git a/Makefile b/Makefile
@@ -113,6 +113,7 @@ schema:	## Generate OpenAPI schema file
 
 requirements.txt:	pyproject.toml pdm.lock ## Generate requirements.txt file containing hashes for all non-devel packages
 	pdm export --prod --format requirements --output requirements.txt
+	pip-compile -vv pyproject.toml --generate-hashes
 
 verify-packages-completeness:	requirements.txt ## Verify that requirements.txt file contains complete list of packages
 	pip download -d /tmp/ --use-pep517 --verbose -r requirements.txt
@@ -124,6 +125,7 @@ get-rag: ## Download a copy of the RAG embedding model and vector database
 	podman cp tmp-rag-container:/rag/embeddings_model embeddings_model
 	podman rm tmp-rag-container
 
+
 help: ## Show this help screen
 	@echo 'Usage: make <OPTIONS> ... <TARGETS>'
 	@echo ''

diff --git a/pyproject.toml b/pyproject.toml
@@ -53,6 +53,7 @@ dev = [
     "reportportal-client==5.5.6",
     "pytest-reportportal==5.4.1",
     "pytest-benchmark[histogram]>=4.0.0",
+    "pip-tools==7.4.1"
 ]
 
 # The following section is needed only for torch[cpu] variant on Linux,