singularityhub / github-ci Goto Github PK
View Code? Open in Web Editor NEWAn example GitHub Action (CI) to build a Singularity container
License: Mozilla Public License 2.0
An example GitHub Action (CI) to build a Singularity container
License: Mozilla Public License 2.0
Hi
Thanks for this nifty actions :P they are really a nice alternative to rebuild locally and provide a nice source of container images.
Would it be possible to use a prebuilt docker image with aingularity installed instead of rebuilding it every time?
Or is that limited by the docker image that one can use in the actions workflow?
I wanted to used the docker image at ghcr.io/truatpasteurdotfr/docker-c7-singularity-builder:latest instead of ubuntu-latest + installing from source singularity by just replacing:
runs-on: ubuntu-latest
-> runs-on: ghcr.io/truatpasteurdotfr/docker-c7-singularity-builder
But of course that didn't ended well!
Does that make sense?
Tru
Hi,
following your GREAT workflow I've managed to create a singularity image for my project and upload it to ghcr.io.
I still have some issues:
Install from the command line:
Learn more
$ docker pull ghcr.io/feelpp/salome.docker:latest
How can I tell github to display a more appropriate message like: singularity pull oras://....
Thanks for your help
Hi @vsoch ,
I've tried the manual deploy workflow for the attached recipe.
It fails with following error:
ERROR : Failed to create user namespace: user namespace requires to set /proc/sys/kernel/unprivileged_userns_clone to 1
FATAL: While performing build: while running engine: exit status 1
Error: Process completed with exit code 255.
I guess this has something to do with the quay.io/singularity/singularity:v3.8.3 image?
Best, C.
Could you please add one ? I hope it will be an open source one :D
I was wondering if it is in any way possible to use a singularity image that was pushed to ghcr.io with this workflow as the source for bootstrapping in a new singularity definition?
Another question:
Is public pulling without auth on the client possible?
When I try to pull the container associated with this repo I get this error:
FATAL: While pulling image from oci registry: error fetching image to cache: failed to get checksum for oras://ghcr.io/singularityhub/github-ci:latest: while resolving reference: failed to authorize: failed to fetch oauth token: unexpected status: 403 Forbidden
If I login to to github using a PAK, it works.
Hi, I'm trying to build a Singularity and push it to Github Container Registry using one of the Github Actions workflow provided in this repo as a template.
I run a modified version of the "Docker" workflow, where I skip the step that checks whether the Singularity recipe has been changed in order to build the image at every push. Here is the content of the .yaml
file for this workflow.
name: Singularity Build (docker)
on:
push:
# Edit the branches here if you want to change deploy behavior
branches:
- main
- master
# Do the builds on all pull requests (to test them)
# pull_request: []
jobs:
build-test-containers:
runs-on: ubuntu-latest
strategy:
# Keep going on other deployments if anything bloops
fail-fast: false
matrix:
singularity_version:
- '3.8.1'
recipe: ["Singularity"]
container:
image: quay.io/singularity/singularity:v${{ matrix.singularity_version }}
options: --privileged
name: Check ${{ matrix.recipe }}
steps:
- name: Check out code for the container builds
uses: actions/checkout@v2
- name: Continue if Singularity Recipe Exists
run: |
if [[ -f "${{ matrix.recipe }}" ]]; then
echo "keepgoing=true" >> $GITHUB_ENV
fi
- name: Build Container
if: ${{ env.keepgoing == 'true' }}
env:
recipe: ${{ matrix.recipe }}
run: |
ls
if [ -f "${{ matrix.recipe }}" ]; then
sudo -E singularity build container.sif ${{ matrix.recipe }}
tag=$(echo "${recipe/Singularity\./}")
if [ "$tag" == "Singularity" ]; then
tag=latest
fi
# Build the container and name by tag
echo "Tag is $tag."
echo "tag=$tag" >> $GITHUB_ENV
else
echo "${{ matrix.recipe }} is not found."
echo "Present working directory: $PWD"
ls
fi
- name: Login and Deploy Container
if: (github.event_name != 'pull_request')
env:
keepgoing: ${{ env.keepgoing }}
run: |
if [[ "${keepgoing}" == "true" ]]; then
echo ${{ secrets.GITHUB_TOKEN }} | singularity remote login -u ${{ secrets.GHCR_USERNAME }} --password-stdin oras://ghcr.io
singularity push container.sif oras://ghcr.io/${GITHUB_REPOSITORY}:${tag}
fi
The container is built without error but it fails on the Login and Deploy Container step with a 404
error:
Password (or token when username is empty):
INFO: Token stored in /root/.singularity/remote.yaml
FATAL: Unable to push image to oci registry: unable to push: unexpected status: 404 Not Found
Error: Process completed with exit code 255.
Am I doing something wrong?
Thanks,
Gianluca
If deploying an image to an existing tag, it would be nice if this workflow only deployed .sif files that are actually different from the currently hosted image. That way the timestamp of a tag doesn't change, for example, when a readme change is pushed to main. Any thoughts on how best to test identicalness?
Thank for this awesome example.
I've got this working on my project here: neuroscout/neuroscout-cli#136
I set it up to build based on Docker Hub builds using the same meta-data.
One thing I noticed is that for some reason, using {{ secrets.GITHUB_TOKEN }}
did not work for me. Instead, I had to create a personal token from my account, and add it to the repository secrets.
If so, it may be worth updating the example.
I believe there are some links in the README aimed at a URL containing 'workfolws'.
I think it should be 'workflows' ?
Thanks for writeup/template!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.