try new approach with bases (#2)

* try new approach with bases Signed-off-by: vsoch <vsoch@users.noreply.github.com>
rse-ops · Nov 10, 2022 · 40bac10 · 40bac10
1 parent eb5aa77
commit 40bac10
Show file tree

Hide file tree

Showing 9 changed files with 135 additions and 39 deletions.
diff --git a/.github/scripts/build_simple.sh b/.github/scripts/build_simple.sh
@@ -3,11 +3,9 @@
 set -e
 
 echo $PWD
-basedir=$(dirname $filename)
-printf "Base directory is ${basedir}\n"
 # Get relative path to PWD and generate dashed name from it
-echo "${prefix} -t ${container} ."
-${prefix} -f $filename -t ${container} .
-
+echo "${prefix} -t ${container} ${context}"
+${prefix} -t ${container} ${context}
 echo "uri=${container}" >> $GITHUB_OUTPUT
+basedir=$(dirname $filename)
 echo "dockerfile_dir=${basedir}" >> $GITHUB_OUTPUT
diff --git a/.github/scripts/combine_results.sh b/.github/scripts/combine_results.sh
@@ -23,4 +23,4 @@ echo ${result}
 
 # set for both workflows that use it
 echo "dockerfilelist_matrix=${result}" >> $GITHUB_OUTPUT
-echo "dockerbuild_matrix=${result}" >> $GITHUB_OUTPUT
+echo "dockerbases_matrix=${result}" >> $GITHUB_OUTPUT
diff --git a/.github/scripts/relative_path.sh b/.github/scripts/relative_path.sh
@@ -3,6 +3,13 @@
 set -e
 
 echo "Original path is $filename"
+echo "Original container is $container"
 relative=$(echo ${filename/\/github\/workspace\//})
 echo "Relative path is $relative"
 echo "relative_path=${relative}" >> $GITHUB_OUTPUT
+container=$(echo ${container/-bases/""})
+echo "Container is $container"
+echo "container=${container}" >> $GITHUB_OUTPUT
+echo "container=${container}" >> $GITHUB_ENV
+
+
diff --git a/.github/workflows/build-matrices.yaml b/.github/workflows/build-matrices.yaml
@@ -16,8 +16,8 @@ jobs:
     name: Test Changed Docker Builds
     runs-on: ubuntu-latest
     outputs:
-      dockerbuild_matrix: ${{ steps.dockerbuild.outputs.dockerbuild_matrix }}
-      empty_matrix: ${{ steps.dockerbuild.outputs.dockerbuild_matrix_empty }}
+      dockerbases_matrix: ${{ steps.dockerbuild.outputs.dockerbases_matrix }}
+      empty_matrix: ${{ steps.dockerbuild.outputs.dockerbasess_matrix_empty }}
 
     steps:
 
@@ -47,8 +47,8 @@ jobs:
       id: dockerbuild_pr
       with: 
         root: ${{ steps.parsed_files.outputs.parsed_files }}
-        parser: dockerbuild
-        flags: "--registry ghcr.io/rse-ops --all ."
+        parser: dockerbases
+        flags: "--registry ghcr.io/rse-ops --all --bases ./bases ."
       # END PULL REQUEST / PUSH checkout and file derivation =======================
 
       # START SCHEDULED checkout and file derivation =======================
@@ -62,15 +62,15 @@ jobs:
       id: dockerbuild_scheduled
       with: 
         root: .
-        parser: dockerbuild
-        flags: "--registry ghcr.io/rse-ops --all ."  
-      # END SCHEDULED checkout and file derivation
+        parser: dockerbases
+        flags: "--registry ghcr.io/rse-ops --all --bases ./bases ."
+        # END SCHEDULED checkout and file derivation
 
     - name: View Build Matrix Result
       id: dockerbuild
       env:
-        result: ${{ steps.dockerbuild_pr.outputs.dockerbuild_matrix }}
-        result_scheduled: ${{ steps.dockerbuild_scheduled.outputs.dockerbuild_matrix }}
+        result: ${{ steps.dockerbuild_pr.outputs.dockerbases_matrix }}
+        result_scheduled: ${{ steps.dockerbuild_scheduled.outputs.dockerbases_matrix }}
       run: /bin/bash .github/scripts/combine_results.sh
 
   build:
@@ -80,8 +80,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        result: ${{ fromJson(needs.generate.outputs.dockerbuild_matrix) }}
-    if: ${{ needs.generate.outputs.dockerbuild_matrix != '[]' }}
+        result: ${{ fromJson(needs.generate.outputs.dockerbases_matrix) }}
+    if: ${{ needs.generate.outputs.dockerbases_matrix != '[]' }}
     name: "Build ${{ matrix.result.container_name }}"
     steps:
     - name: Checkout Repository
@@ -104,22 +104,22 @@ jobs:
           sudo rm -rf /usr/local/lib/android
           sudo rm -rf /opt/ghc
 
-    - name: Pull Docker Layers
-      env:
-        container: ${{ matrix.result.container_name }}
-      run: docker pull ${container} || exit 0
-
     - name: Update to relative path
       id: relative_path
       env:
         filename: ${{ matrix.result.filename }}
+        container: ${{ matrix.result.container_name }}
       run: /bin/bash .github/scripts/relative_path.sh
 
-    - name: Build ${{ matrix.result.container_name }}
+    - name: Pull Docker Layers
+      run: docker pull ${{ env.container }} || exit 0
+
+    - name: Build ${{ env.container }}
       id: builder
       env:
-        container: ${{ matrix.result.container_name }}
+        container: ${{ env.container }}
         prefix: ${{ matrix.result.command_prefix }}
+        context: ${{ matrix.result.context }}
         filename: ${{ steps.relative_path.outputs.relative_path }}
       run: |
         /bin/bash .github/scripts/build_simple.sh || (
@@ -130,9 +130,7 @@ jobs:
 
     - name: Deploy Container
       if: (github.event_name != 'pull_request')
-      env:
-        container: ${{ matrix.result.container_name }}
-      run: docker push ${container}
+      run: docker push ${{ env.container}}
 
     - name: Run Librarian
       id: runner
@@ -145,4 +143,3 @@ jobs:
           outdir: _library
           # defaults to branch: gh-pages, deploy: true, outdir: pwd
           # outdir is in context of the gh-pages branch, not here.
-
diff --git a/README.md b/README.md
@@ -11,21 +11,61 @@ I like this approach because I think it's the best of both worlds - easy
 binaries with nix, but provided in containers so I don't need to worry about
 dumping them all onto my local hard drive!
 
+> How does it work?
+
+Each diretory here has a `shell.nix` that defines a Nix environment.
+We build every environment against every base container (e.g., one vanilla,
+and one for VSCode) in [bases](bases) using [uptodate](https://github.com/vsoch/uptodate).
+That's it!
+
 ## Environments
 
  - [openmpi](openmpi): with clang 14
 
 
 ## Usage
 
-## Containers
+Each environment (subfolder here that isn't bases) is built against each base.
+The below describes each of the bases, along with a local Devbox environment
+(not represented as a base).
 
 Most of these containers will be pre-built and you can pull them down.
 Browse the packages alongside the repository here to see what is available!
-We will eventually have a web interface to better show you this set.
+You an also browse our web interface at [https://rse-ops.github.io/devbox](https://rse-ops.github.io/devbox).
+
+### Vanilla
+
+- [bases/Dockerfile](bases/Dockerfile)
+
+For these containers, they are installed to a nix-os to nix-env, so you
+should be able to shell inside and find executables on the path.
+
+### VScode
+
+- [bases/vscode/Dockerfile](bases/vscode/Dockerfile)
+
+These containers are optimized for use in VSCode. You can add a `.devcontainers`
+directory as follows:
+
+```bash
+.devcontainer/
+    devcontaine.json
+    Dockerfile
+```
+
+Where the `devcontainer.json` can minimally have:
+
+```
+{
+    "name": "Development environments on your infrastructure",
+    "context": "../",
+    "dockerFile": "Dockerfile",
+}
+```
 
-For Nix derived containers, the package set included are installed to the
-defualt nix-env, meaning you can shell inside and find them on your path.
+And the Dockerfile can use one of the images as `FROM` and add more packages
+or otherwise update the base, and then when the container starts you run `nix-shell`
+to get into your enviornment.
 
 ## Devbox
 

diff --git a/bases/Dockerfile b/bases/Dockerfile
@@ -0,0 +1,5 @@
+FROM nixos/nix
+RUN nix-channel --update
+WORKDIR /code
+COPY shell.nix shell.nix
+RUN nix-env -i -f shell.nix
diff --git a/bases/vscode/Dockerfile b/bases/vscode/Dockerfile
@@ -0,0 +1,49 @@
+FROM ubuntu:22.04
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+ENV EDITOR=vim
+
+RUN apt-get update && apt-get upgrade
+RUN apt-get install --yes \
+        ca-certificates \
+        bash-completion \
+        build-essential \
+        curl \
+        cmake \
+        gnupg \
+        htop \
+        jq \
+        less \
+        lsb-release \
+        lsof \
+        man-db \
+        nano \
+        ssl-cert \
+        sudo \
+        unzip \
+        xz-utils \
+        zip
+
+# install nix
+RUN sh <(curl -L https://nixos.org/nix/install) --daemon
+
+RUN mkdir -p $HOME/.config/nix $HOME/.config/nixpkgs && \
+    echo 'sandbox = false' >> $HOME/.config/nix/nix.conf && \
+    echo '{ allowUnfree = true; }' >> $HOME/.config/nixpkgs/config.nix && \
+    echo '. $HOME/.nix-profile/etc/profile.d/nix.sh' >> $HOME/.bashrc
+
+# install docker and configure daemon to use vfs as GitHub codespaces requires vfs
+# https://github.com/moby/moby/issues/13742#issuecomment-725197223
+RUN mkdir -p /etc/apt/keyrings \
+        && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
+        && echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
+  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null \
+        && apt-get update \
+        && apt-get install --yes docker-ce docker-ce-cli containerd.io docker-compose-plugin \
+        && mkdir -p /etc/docker \
+        && echo '{"cgroup-parent":"/actions_job","storage-driver":"vfs"}' >> /etc/docker/daemon.json
+
+# Install our packages, enter the container in the shell
+WORKDIR /code
+COPY shell.nix shell.nix
+RUN $HOME/.nix-profile/bin/nix-env -i -f shell.nix
diff --git a/openmpi/Dockerfile b/openmpi/Dockerfile
diff --git a/openmpi/shell.nix b/openmpi/shell.nix
@@ -0,0 +1,7 @@
+{ pkgs ? import <nixpkgs> {} }:
+pkgs.mkShell {
+  buildInputs = [
+    pkgs.openmpi
+    pkgs.clang_14
+  ];
+}