Skip to content

Push new nextflow images to ECR #60

Push new nextflow images to ECR

Push new nextflow images to ECR #60

name: Push new nextflow images to ECR
on:
workflow_dispatch:
push:
branches: master
paths:
- 'nextflow-base-images/**' #Runs every time this folder gets updated
- '.github/workflows/build_and_push_nf_base_images.yml'
schedule:
- cron: '0 0 * * 6' # Run at midnight UTC every Saturday
jobs:
build_and_push_nf_images:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
path: containers
- name: Checkout other private repository
uses: actions/checkout@v3
with:
repository: uc-cdis/base-images
token: ${{ secrets.PLANXCYBORG_TOKEN }}
path: base-images
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Set up AWS CLI
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACCT_654654631253_ECR }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACCT_654654631253_ECR }}
aws-region: us-east-1
- name: Login to Amazon ECR
run: |
aws ecr-public get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin public.ecr.aws/u5x5h6w3
- name: Build and push Docker images
run: |
dir=base-images/amazonlinux-base/
echo "Building an image present in $dir"
image_name=nextflow-approved/public
tag_name=$(basename "$dir")
docker build -t public.ecr.aws/u5x5h6w3/$image_name:$tag_name $dir
docker push public.ecr.aws/u5x5h6w3/$image_name:$tag_name
echo "Built an image with name --> $image_name:$tag_name"
for dir in containers/nextflow-base-images/*/;do
echo "Building an image present in $dir"
image_name=nextflow-approved/public
tag_name=$(basename "$dir")
docker build -t public.ecr.aws/u5x5h6w3/$image_name:$tag_name $dir
docker push public.ecr.aws/u5x5h6w3/$image_name:$tag_name
echo "Built an image with name --> $image_name:$tag_name"
done
- name: Trigger `get_layer_info_for_nf_imgs.yml` workflow
env:
GH_TOKEN: ${{ secrets.PLANXCYBORG_TOKEN }}
run: |
gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/repos/uc-cdis/containers/actions/workflows/get_layer_info_for_nf_imgs.yml/dispatches \
-f "ref=master"
- name: Delete untagged docker images from public ECR
run: |
REPO_NAME=nextflow-approved/public
IMAGE_IDS=$(aws ecr-public describe-images --repository-name $REPO_NAME --query 'imageDetails[?imageTags==null].imageDigest' --output text)
if [ -n "$IMAGE_IDS" ]; then
for IMAGE_ID in $IMAGE_IDS; do
echo "Deleting image with SHA hash - $IMAGE_ID"
aws ecr-public batch-delete-image --repository-name $REPO_NAME --image-ids imageDigest=$IMAGE_ID
done
else
echo "No untagged images to delete."
fi