From 43a10fc4379eefb437fd030bcde8f3254234d852 Mon Sep 17 00:00:00 2001 From: EttoreM Date: Sun, 8 Mar 2026 11:44:28 +0000 Subject: [PATCH] Added dockerfile and workflow to build Docker image with baked-in profiles when releasing new version of Cratey-Validator --- .github/workflows/build-with-profiles.yml | 52 +++++++++++++++++++++++ Dockerfile.profiles | 27 ++++++++++++ 2 files changed, 79 insertions(+) create mode 100644 .github/workflows/build-with-profiles.yml create mode 100644 Dockerfile.profiles diff --git a/.github/workflows/build-with-profiles.yml b/.github/workflows/build-with-profiles.yml new file mode 100644 index 0000000..16af3e7 --- /dev/null +++ b/.github/workflows/build-with-profiles.yml @@ -0,0 +1,52 @@ +name: Create and publish a Docker image (with profiles) + +on: + release: + types: [published] + workflow_dispatch: + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }}-profiles + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + attestations: write + id-token: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + id: push + uses: docker/build-push-action@v6 + with: + context: . + file: ./Dockerfile.profiles + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v2 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true diff --git a/Dockerfile.profiles b/Dockerfile.profiles new file mode 100644 index 0000000..6a8a505 --- /dev/null +++ b/Dockerfile.profiles @@ -0,0 +1,27 @@ +FROM python:3.11-slim + +# Install required system packages, including git +RUN apt-get update && apt-get install -y git && rm -rf /var/lib/apt/lists/* + +WORKDIR /app + +COPY requirements.txt . +RUN pip install --upgrade pip +RUN pip install --no-cache-dir -r requirements.txt + +COPY cratey.py LICENSE /app/ +COPY app /app/app +COPY tests/data/rocrate_validator_profiles /app/profiles + +RUN useradd -ms /bin/bash flaskuser +RUN chown -R flaskuser:flaskuser /app + +ENV PROFILES_PATH=/app/profiles + +USER flaskuser + +EXPOSE 5000 + +CMD ["flask", "run", "--host=0.0.0.0"] + +LABEL org.opencontainers.image.source="https://github.com/eScienceLab/Cratey-Validator"