Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Releasing docker_workflow v2 #54

Merged
merged 23 commits into from
Jul 26, 2023
Merged

Releasing docker_workflow v2 #54

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
819d0a9
Bump anothrNick/github-tag-action from 1.38.0 to 1.39.0 (#20)
dependabot[bot] Apr 19, 2022
11782db
add public push (#21)
AlexFernandes-MOVAI Apr 19, 2022
09255aa
add snyk secret
AlexFernandes-MOVAI Apr 19, 2022
0c65e28
active snyk_check
AlexFernandes-MOVAI Apr 19, 2022
e10dcf6
Update docker-ci.yml (#24)
AlexFernandes-MOVAI Apr 20, 2022
a296287
Merge branch 'main' into dev
AlexFernandes-MOVAI Apr 20, 2022
d392fc2
Update docker-ci.yml
AlexFernandes-MOVAI Apr 20, 2022
423e6ff
fix namespaces
AlexFernandes-MOVAI Apr 20, 2022
8b1ee4d
Bump anothrNick/github-tag-action from 1.39.0 to 1.46.0 (#31)
dependabot[bot] Sep 22, 2022
18b3d4b
Merge branch 'main' into dev
AlexFernandes-MOVAI Sep 22, 2022
9f9569d
Bump anothrNick/github-tag-action from 1.39.0 to 1.46.0 (#34)
dependabot[bot] Sep 23, 2022
9f31aed
DP-112 : Feat/cicd build for arm (#32)
AlexFernandes-MOVAI Sep 23, 2022
2c2915f
Merge branch 'main' into dev
AlexFernandes-MOVAI Sep 23, 2022
270b264
Bump anothrNick/github-tag-action from 1.46.0 to 1.51.0 (#38)
dependabot[bot] Oct 4, 2022
df9d272
fix bad merge issue
AlexFernandes-MOVAI Oct 4, 2022
e7d6c68
Bump anothrNick/github-tag-action from 1.46.0 to 1.54.0 (#42)
dependabot[bot] Dec 20, 2022
54329eb
add dependencies for dal (#27)
AlexFernandes-MOVAI Dec 20, 2022
3957259
DP-956 add proxy, remove melodic (#40)
duartecoelhomovai Dec 20, 2022
9b88787
[skip actions] update readme.md
AlexFernandes-MOVAI Dec 20, 2022
85751fe
DP-1155 proxy ubuntu archive through movai nexus (#52)
duartecoelhomovai Jul 3, 2023
f1392e4
Merge branch 'main' into dev
AlexFernandes-MOVAI Jul 3, 2023
c85134c
Bump MOV-AI/.github from 1 to 2 (#45)
dependabot[bot] Jul 26, 2023
48332b7
Bump anothrNick/github-tag-action from 1.61.0 to 1.67.0 (#50)
dependabot[bot] Jul 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/bump-version.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
with:
fetch-depth: '0'
- name: Bump version and push tag
uses: anothrNick/github-tag-action@1.61.0
uses: anothrNick/github-tag-action@1.67.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
WITH_V: true
Expand Down
18 changes: 9 additions & 9 deletions .github/workflows/docker-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,15 +18,13 @@ on:
types: [released]
jobs:
movai-base-noetic:
uses: MOV-AI/.github/.github/workflows/docker-workflow.yml@v1
uses: MOV-AI/.github/.github/workflows/docker-workflow.yml@v2
with:
docker_file: docker/noetic/Dockerfile
docker_image: devops/movai-base-noetic
public: true
public_image: ce/movai-base-noetic
github_ref: ${{ github.ref }}
deploy: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/v')}}
version: ${GITHUB_REF##*/}
push_latest: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/v') }}
snyk_check: true
platforms: linux/amd64, linux/arm/v7, linux/arm64
Expand All @@ -35,17 +33,17 @@ jobs:
registry_password: ${{ secrets.PORTUS_APP_TOKEN }}
pub_registry_user: ${{ secrets.PORTUS_APP_USER }}
pub_registry_password: ${{ secrets.PORTUS_APP_TOKEN }}
github_registry_user: ${{ secrets.RAISE_BOT_COMMIT_USER }}
github_registry_password: ${{ secrets.RAISE_BOT_COMMIT_PASSWORD }}
snyk_token: ${{ secrets.SNYK_TOKEN }}
movai-base-bionic:
uses: MOV-AI/.github/.github/workflows/docker-workflow.yml@v1
uses: MOV-AI/.github/.github/workflows/docker-workflow.yml@v2
with:
docker_file: docker/melodic/Dockerfile-rosfree
docker_image: devops/movai-base-bionic
public: true
public_image: ce/movai-base-bionic
github_ref: ${{ github.ref }}
deploy: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/v')}}
version: ${GITHUB_REF##*/}
push_latest: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/v') }}
snyk_check: true
platforms: linux/amd64, linux/arm/v7, linux/arm64
Expand All @@ -54,17 +52,17 @@ jobs:
registry_password: ${{ secrets.PORTUS_APP_TOKEN }}
pub_registry_user: ${{ secrets.PORTUS_APP_USER }}
pub_registry_password: ${{ secrets.PORTUS_APP_TOKEN }}
github_registry_user: ${{ secrets.RAISE_BOT_COMMIT_USER }}
github_registry_password: ${{ secrets.RAISE_BOT_COMMIT_PASSWORD }}
snyk_token: ${{ secrets.SNYK_TOKEN }}
movai-base-focal:
uses: MOV-AI/.github/.github/workflows/docker-workflow.yml@v1
uses: MOV-AI/.github/.github/workflows/docker-workflow.yml@v2
with:
docker_file: docker/noetic/Dockerfile-rosfree
docker_image: devops/movai-base-focal
public: true
public_image: ce/movai-base-focal
github_ref: ${{ github.ref }}
deploy: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/v')}}
version: ${GITHUB_REF##*/}
push_latest: ${{ contains(github.ref, 'refs/heads/main') || contains(github.ref, 'refs/tags/v') }}
snyk_check: true
platforms: linux/amd64, linux/arm/v7, linux/arm64
Expand All @@ -73,4 +71,6 @@ jobs:
registry_password: ${{ secrets.PORTUS_APP_TOKEN }}
pub_registry_user: ${{ secrets.PORTUS_APP_USER }}
pub_registry_password: ${{ secrets.PORTUS_APP_TOKEN }}
github_registry_user: ${{ secrets.RAISE_BOT_COMMIT_USER }}
github_registry_password: ${{ secrets.RAISE_BOT_COMMIT_PASSWORD }}
snyk_token: ${{ secrets.SNYK_TOKEN }}
18 changes: 17 additions & 1 deletion docker/noetic/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
ARG USER_ID=1000
ARG ROS_VERSION="noetic"
ARG HEALTH_NODE_URL="http://health-node:8081"
ARG APT_REPOSITORY="https://artifacts.aws.cloud.mov.ai/repository"

### Environment config
ENV MOVAI_HOME="/opt/mov.ai" \
Expand Down Expand Up @@ -37,13 +38,28 @@
# Install base packages
COPY files/packages.bash /tmp/packages.bash
COPY docker/$ROS_VERSION/packages.apt /tmp/packages.apt

# Install requirements for ppa certificates registration
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections && \

Check failure on line 44 in docker/noetic/Dockerfile

View workflow job for this annotation

GitHub Actions / movai-base-noetic / build_deploy 

DL3008 warning: Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>`

Check failure on line 44 in docker/noetic/Dockerfile

View workflow job for this annotation

GitHub Actions / movai-base-noetic / build_deploy 

DL3027 warning: Do not use apt as it is meant to be a end-user tool, use apt-get or apt-cache instead

Check failure on line 44 in docker/noetic/Dockerfile

View workflow job for this annotation

GitHub Actions / movai-base-noetic / build_deploy 

DL3008 warning: Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>`

Check failure on line 44 in docker/noetic/Dockerfile

View workflow job for this annotation

GitHub Actions / movai-base-noetic / build_deploy 

DL3027 warning: Do not use apt as it is meant to be a end-user tool, use apt-get or apt-cache instead
apt update &&\
apt-get install -y curl gnupg --no-install-recommends

COPY files/apt/movai-ubuntu-archive-proxy.list /etc/apt/sources.list.d/movai-ubuntu-archive-proxy.list
COPY files/apt/movai-ubuntu-ports-proxy.list /etc/apt/sources.list.d/movai-ubuntu-ports-proxy.list
COPY files/apt/movai-ubuntu-security-proxy.list /etc/apt/sources.list.d/movai-ubuntu-security-proxy.list

SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN find /etc/apt/sources.list.d/ -type f -name 'ros*.list' -exec rm {} \; &&\
echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections &&\
apt-get update && apt-get upgrade -y && apt-get install -y curl --no-install-recommends &&\
curl -fsSL https://raw.githubusercontent.com/ros/rosdistro/master/ros.key | gpg --dearmor -o /usr/share/keyrings/ros.key &&\
echo "deb [signed-by=/usr/share/keyrings/ros.key] https://artifacts.aws.cloud.mov.ai/repository/ppa-proxy-ros focal main" | tee /etc/apt/sources.list.d/movai-ros.list > /dev/null &&\
mv /etc/apt/sources.list /etc/apt/sources.list.bck &&\
touch /etc/apt/sources.list &&\
curl -fsSL $APT_REPOSITORY/movai-applications/gpg | apt-key add - &&\
if [ "$(uname -m)" = "x86_64" ] ; then rm /etc/apt/sources.list.d/movai-ubuntu-ports-proxy.list ; fi &&\
if [ "$(uname -m)" = "aarch64" ] || [ "$(uname -m)" = "armv7l" ] ; then rm /etc/apt/sources.list.d/movai-ubuntu-archive* && rm /etc/apt/sources.list.d/movai-ubuntu-security* ; fi &&\
apt-get update && apt-get upgrade -y &&\
/usr/local/bin/install-packages.sh &&\
apt-get clean &&\
rm -rf /var/lib/apt/lists/* &&\
Expand Down
19 changes: 17 additions & 2 deletions docker/noetic/Dockerfile-rosfree
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
# Arguments
ARG USER_ID=1000
ARG HEALTH_NODE_URL="http://health-node:8081"
ARG APT_REPOSITORY="https://artifacts.aws.cloud.mov.ai/repository"

### Environment config
ENV MOVAI_HOME="/opt/mov.ai" \
Expand Down Expand Up @@ -35,11 +36,25 @@
COPY files/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
COPY files/movai-entrypoint.sh /usr/local/bin/movai-entrypoint.sh

# Install base packages
COPY files/packages.bash /tmp/packages.bash
COPY docker/$ROS_VERSION/packages.apt /tmp/packages.apt

# Install requirements for ppa certificates registration
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections && \

Check failure on line 44 in docker/noetic/Dockerfile-rosfree

View workflow job for this annotation

GitHub Actions / movai-base-focal / build_deploy 

DL3008 warning: Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>`

Check failure on line 44 in docker/noetic/Dockerfile-rosfree

View workflow job for this annotation

GitHub Actions / movai-base-focal / build_deploy 

DL3009 info: Delete the apt-get lists after installing something

Check failure on line 44 in docker/noetic/Dockerfile-rosfree

View workflow job for this annotation

GitHub Actions / movai-base-focal / build_deploy 

DL3008 warning: Pin versions in apt get install. Instead of `apt-get install <package>` use `apt-get install <package>=<version>`

Check failure on line 44 in docker/noetic/Dockerfile-rosfree

View workflow job for this annotation

GitHub Actions / movai-base-focal / build_deploy 

DL3009 info: Delete the apt-get lists after installing something
apt-get update &&\
apt-get install -y curl gnupg ca-certificates --no-install-recommends

COPY files/apt/movai-ubuntu-archive-proxy.list /etc/apt/sources.list.d/movai-ubuntu-archive-proxy.list
COPY files/apt/movai-ubuntu-ports-proxy.list /etc/apt/sources.list.d/movai-ubuntu-ports-proxy.list
COPY files/apt/movai-ubuntu-security-proxy.list /etc/apt/sources.list.d/movai-ubuntu-security-proxy.list

SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections && \
RUN mv /etc/apt/sources.list /etc/apt/sources.list.bck &&\
touch /etc/apt/sources.list &&\
curl -fsSL $APT_REPOSITORY/movai-applications/gpg | apt-key add - &&\
if [ "$(uname -m)" = "x86_64" ] ; then rm /etc/apt/sources.list.d/movai-ubuntu-ports-proxy.list ; fi &&\
if [ "$(uname -m)" = "aarch64" ] || [ "$(uname -m)" = "armv7l" ] ; then rm /etc/apt/sources.list.d/movai-ubuntu-archive* && rm /etc/apt/sources.list.d/movai-ubuntu-security* ; fi &&\
apt-get update && apt-get upgrade -y &&\
/usr/local/bin/install-packages.sh &&\
apt-get clean &&\
Expand Down
14 changes: 14 additions & 0 deletions files/apt/movai-ubuntu-archive-proxy.list
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
# Add focal proxy
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal focal universe
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal focal multiverse
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal focal main
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal focal restricted
# Add focal-updates proxy
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal-updates focal-updates universe
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal-updates focal-updates multiverse
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal-updates focal-updates main
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal-updates focal-updates restricted
# Add focal-backports proxy
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal-backports focal-backports universe
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal-backports focal-backports multiverse
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-archive-focal-backports focal-backports main
18 changes: 18 additions & 0 deletions files/apt/movai-ubuntu-ports-proxy.list
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# Add ports focal proxy
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal focal universe
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal focal multiverse
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal focal main
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal focal restricted
# Add ports focal-updates proxy
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-updates focal-updates main
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-updates focal-updates multiverse
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-updates focal-updates universe
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-updates focal-updates restricted
# Add ports focal-backports proxy
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-backports focal-backports universe
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-backports focal-backports main
# Add ports focal-security proxy
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-security focal-security main
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-security focal-security multiverse
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-security focal-security universe
deb [arch=arm64,armhf] https://artifacts.aws.cloud.mov.ai/repository/ppa-ports-focal-security focal-security restricted
4 changes: 4 additions & 0 deletions files/apt/movai-ubuntu-security-proxy.list
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# Add focal security proxy
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-security-focal focal-security main restricted
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-security-focal focal-security universe
deb [arch=amd64] https://artifacts.aws.cloud.mov.ai/repository/ppa-security-focal focal-security multiverse
11 changes: 5 additions & 6 deletions files/install-packages.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,11 @@ set -eo pipefail
# Install apt dependencies

PACKAGE_FILE=/tmp/packages.apt
PACKAGES_SCRIPT=/tmp/packages.bash

# If there is a package script, install packages then clean up
[ -f ${PACKAGES_SCRIPT} ] && { chmod 700 ${PACKAGES_SCRIPT}; ${PACKAGES_SCRIPT}; rm --preserve-root ${PACKAGES_SCRIPT}; }


# If there is a package definition file, install packages then clean up
if [ -f ${PACKAGE_FILE} ]; then
Expand All @@ -46,11 +51,5 @@ PIP_REQUIREMENTS=/tmp/requirements.txt
rm --preserve-root ${PIP_REQUIREMENTS};
}

PACKAGES_SCRIPT=/tmp/packages.bash

# If there is a package script, install packages then clean up
[ -f ${PACKAGES_SCRIPT} ] && { chmod 700 ${PACKAGES_SCRIPT}; ${PACKAGES_SCRIPT}; rm --preserve-root ${PACKAGES_SCRIPT}; }


printf "Cleaning up ...\n"
rm -rf /tmp/*
13 changes: 13 additions & 0 deletions files/packages.bash
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,20 @@ SUDO_COMMANDS=(

# Setup available sudo commands for user movai
adduser movai sudo
mkdir -p /etc/sudoers.d
touch /etc/sudoers.d/movai
for SUDO_COMMAND in ${SUDO_COMMANDS[@]}; do
echo "%sudo ALL=(ALL) NOPASSWD:SETENV: ${SUDO_COMMAND}" >> /etc/sudoers.d/movai
done

{
echo "Package: *"
echo "Pin: origin artifacts.cloud.mov.ai"
echo "Pin-Priority: 1001"
} >> /etc/apt/preferences.d/movai

{
echo "Package: *"
echo "Pin: origin artifacts.aws.cloud.mov.ai"
echo "Pin-Priority: 1001"
} >> /etc/apt/preferences.d/movai-ros