From 1bc09f7768acaa32d1b61ef91cd22671b2836629 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 14:07:48 +1200 Subject: [PATCH 01/26] Add dockerfile and build workflow --- .github/workflows/build-image.yml | 53 +++++++++++++++++++++++++++++++ Dockerfile | 33 +++++++++++++++++++ 2 files changed, 86 insertions(+) create mode 100644 .github/workflows/build-image.yml create mode 100644 Dockerfile diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml new file mode 100644 index 0000000..3bce3cf --- /dev/null +++ b/.github/workflows/build-image.yml @@ -0,0 +1,53 @@ +name: Build Docker image + +on: + push: + branches: + - build_image + +env: + REGISTRY: us-central1-docker.pkg.dev + REPOSITORY: public + IMAGE_NAME: oceanum-python + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ vars.GCP_AR_DOCKER_USERNAME }} + password: ${{ secrets.GCP_AR_DOCKER_PASSWORD }} + + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Build Docker image + uses: docker/build-push-action@v2 + env: + DOCKER_BUILDKIT: ${{ env.DOCKER_BUILDKIT }} + REGISTRY: ${{ env.REGISTRY }} + PYTHON_VER: ${{ env.PYTHON_VER }} + DEBIAN_VER: ${{ env.DEBIAN_VER }} + IMAGE_TAG: ${{ env.PYTHON_VER }}-${{ env.DEBIAN_VER }}-${{ github.ref_name }} + with: + context: . + file: Dockerfile + build-args: | + PYTHON_VER=${{ env.PYTHON_VER }} + DEBIAN_VER=${{ env.DEBIAN_VER }} + push: true + tags: $REGISTRY/$REPOSITORY/$IMAGE_NAME:$IMAGE_TAG \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..bab1070 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,33 @@ +ARG PYTHON_VER=3.12 +ARG DEBIAN_VER=trixie +FROM python:${PYTHON_VER}-slim-${DEBIAN_VER} + +RUN apt-get update &&\ + apt-get install -y --no-install-recommends build-essential gcc gdal-bin gdal-data libgdal-dev &&\ + apt-get clean &&\ + rm -rf /var/lib/apt/lists/* + +RUN useradd -u 1001 -p oceanum --create-home --shell=/bin/bash oceanum + +USER oceanum +WORKDIR /home/oceanum +ENV PIP_NO_CACHE_DIR=false +RUN python -m venv .venv/oceanum + +# Set environment variables to activate the virtual environment globally +ENV VIRTUAL_ENV="/home/oceanum/.venv/oceanum" +ENV PATH="$VIRTUAL_ENV/bin:$PATH" +SHELL ["/bin/bash", "-c"] + +# Install dependencies first +COPY --chown=oceanum:oceanum pyproject.toml /home/oceanum/oceanum-python/ +RUN pip install -U pip pip-tools &&\ + pip-compile /home/oceanum/oceanum-python/pyproject.toml &&\ + pip install -r /home/oceanum/oceanum-python/requirements.txt + +# Now copy the rest of the code +COPY --chown=oceanum:oceanum . /home/oceanum/oceanum-python/ +WORKDIR /home/oceanum/oceanum-python +# Install the package (virtual environment is automatically activated via ENV variables) +RUN pip install -e . +CMD ["oceanum"] \ No newline at end of file From 5751ec722ca786cbbe66f5b4d8752c3734da7c83 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 17:32:35 +1200 Subject: [PATCH 02/26] add cache, fix vers --- .github/workflows/build-image.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 3bce3cf..da9159d 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -17,9 +17,6 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - name: Login to Docker Hub uses: docker/login-action@v3 with: @@ -27,8 +24,11 @@ jobs: username: ${{ vars.GCP_AR_DOCKER_USERNAME }} password: ${{ secrets.GCP_AR_DOCKER_PASSWORD }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Cache Docker layers - uses: actions/cache@v2 + uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} @@ -36,7 +36,7 @@ jobs: ${{ runner.os }}-buildx- - name: Build Docker image - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v6 env: DOCKER_BUILDKIT: ${{ env.DOCKER_BUILDKIT }} REGISTRY: ${{ env.REGISTRY }} @@ -46,6 +46,8 @@ jobs: with: context: . file: Dockerfile + cache-from: type=repo,src=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} + cache-to: type=repo,dest=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} build-args: | PYTHON_VER=${{ env.PYTHON_VER }} DEBIAN_VER=${{ env.DEBIAN_VER }} From fe28460b778b604136a34897b7158bb09d94cf3f Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 17:42:47 +1200 Subject: [PATCH 03/26] fix sintax --- .github/workflows/build-image.yml | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index da9159d..b265f07 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -27,14 +27,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Cache Docker layers - uses: actions/cache@v4 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - name: Build Docker image uses: docker/build-push-action@v6 env: @@ -52,4 +44,4 @@ jobs: PYTHON_VER=${{ env.PYTHON_VER }} DEBIAN_VER=${{ env.DEBIAN_VER }} push: true - tags: $REGISTRY/$REPOSITORY/$IMAGE_NAME:$IMAGE_TAG \ No newline at end of file + tags: ${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} \ No newline at end of file From 5bf71a6e250df28cc5a9cb0c984fbc30c9d857cd Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 17:47:06 +1200 Subject: [PATCH 04/26] Matrix vers --- .github/workflows/build-image.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index b265f07..fa6fb44 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -13,6 +13,10 @@ env: jobs: build: runs-on: ubuntu-latest + strategy: + matrix: + python-version: [3.12, 3.13] + debian-version: [trixie] steps: - name: Checkout code uses: actions/checkout@v2 @@ -32,8 +36,8 @@ jobs: env: DOCKER_BUILDKIT: ${{ env.DOCKER_BUILDKIT }} REGISTRY: ${{ env.REGISTRY }} - PYTHON_VER: ${{ env.PYTHON_VER }} - DEBIAN_VER: ${{ env.DEBIAN_VER }} + PYTHON_VER: ${{ matrix.python-version }} + DEBIAN_VER: ${{ matrix.debian-version }} IMAGE_TAG: ${{ env.PYTHON_VER }}-${{ env.DEBIAN_VER }}-${{ github.ref_name }} with: context: . From b814bfe1efcf3bfa691d5edc8769155f03431616 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 17:49:12 +1200 Subject: [PATCH 05/26] inline --- .github/workflows/build-image.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index fa6fb44..487055b 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -33,12 +33,6 @@ jobs: - name: Build Docker image uses: docker/build-push-action@v6 - env: - DOCKER_BUILDKIT: ${{ env.DOCKER_BUILDKIT }} - REGISTRY: ${{ env.REGISTRY }} - PYTHON_VER: ${{ matrix.python-version }} - DEBIAN_VER: ${{ matrix.debian-version }} - IMAGE_TAG: ${{ env.PYTHON_VER }}-${{ env.DEBIAN_VER }}-${{ github.ref_name }} with: context: . file: Dockerfile @@ -48,4 +42,4 @@ jobs: PYTHON_VER=${{ env.PYTHON_VER }} DEBIAN_VER=${{ env.DEBIAN_VER }} push: true - tags: ${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} \ No newline at end of file + tags: ${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ matrix.python-version }}-${{ matrix.debian-version }}-${{ github.ref_name }} \ No newline at end of file From ada3149b524fada31bf5bf6d69d082df179eed5d Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 17:51:45 +1200 Subject: [PATCH 06/26] fix cache typ --- .github/workflows/build-image.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 487055b..bd1a9ad 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -36,10 +36,10 @@ jobs: with: context: . file: Dockerfile - cache-from: type=repo,src=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} - cache-to: type=repo,dest=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} + cache-from: type=registry,src=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} + cache-to: type=registry,dest=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} build-args: | - PYTHON_VER=${{ env.PYTHON_VER }} - DEBIAN_VER=${{ env.DEBIAN_VER }} + PYTHON_VER=${{ matrix.python-version }} + DEBIAN_VER=${{ matrix.debian-version }} push: true tags: ${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ matrix.python-version }}-${{ matrix.debian-version }}-${{ github.ref_name }} \ No newline at end of file From 833ec0e36259f1ccb4f555be4da36fafc370415b Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 17:52:37 +1200 Subject: [PATCH 07/26] fix ref --- .github/workflows/build-image.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index bd1a9ad..46621c9 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -36,8 +36,8 @@ jobs: with: context: . file: Dockerfile - cache-from: type=registry,src=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} - cache-to: type=registry,dest=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} + cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} build-args: | PYTHON_VER=${{ matrix.python-version }} DEBIAN_VER=${{ matrix.debian-version }} From 8665678c197713ca39ad1fd41fe492aab80c43de Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 18:20:37 +1200 Subject: [PATCH 08/26] fix image path --- .github/workflows/build-image.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 46621c9..d5a8629 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -7,6 +7,7 @@ on: env: REGISTRY: us-central1-docker.pkg.dev + PROJECT: oceanum-registry REPOSITORY: public IMAGE_NAME: oceanum-python @@ -21,7 +22,7 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - - name: Login to Docker Hub + - name: Login to GCP Artifact Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} @@ -36,10 +37,10 @@ jobs: with: context: . file: Dockerfile - cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} - cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} + cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} build-args: | PYTHON_VER=${{ matrix.python-version }} DEBIAN_VER=${{ matrix.debian-version }} push: true - tags: ${{ env.REGISTRY }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ matrix.python-version }}-${{ matrix.debian-version }}-${{ github.ref_name }} \ No newline at end of file + tags: ${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ matrix.python-version }}-${{ matrix.debian-version }}-${{ github.ref_name }} \ No newline at end of file From f9563b9d5280d0d0183cbb9eeea00250d5b48714 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 18:28:54 +1200 Subject: [PATCH 09/26] different cache image --- .github/workflows/build-image.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index d5a8629..868861c 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -37,8 +37,8 @@ jobs: with: context: . file: Dockerfile - cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} - cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }} + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}-cache + cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}-cache build-args: | PYTHON_VER=${{ matrix.python-version }} DEBIAN_VER=${{ matrix.debian-version }} From 69a78d91f3bea30da10ca9719f7fc7d4873e3b00 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Thu, 28 Aug 2025 18:41:21 +1200 Subject: [PATCH 10/26] add multiplatform --- .github/workflows/build-image.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 868861c..3791546 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -29,12 +29,16 @@ jobs: username: ${{ vars.GCP_AR_DOCKER_USERNAME }} password: ${{ secrets.GCP_AR_DOCKER_PASSWORD }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Build Docker image uses: docker/build-push-action@v6 with: + platforms: linux/amd64,linux/arm64 context: . file: Dockerfile cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}-cache From ca09cc0db1845bc930385373ef51988079fe9940 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 09:32:35 +1300 Subject: [PATCH 11/26] Build on python3.11 for now --- .github/workflows/build-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 3791546..c567a05 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: [3.12, 3.13] + python-version: [3.11] debian-version: [trixie] steps: - name: Checkout code From 02af889ff2f0a4d5360d51d88c5fbb0d625ad9f7 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 09:43:17 +1300 Subject: [PATCH 12/26] Only on 3.12 --- .github/workflows/build-image.yml | 2 +- Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index c567a05..8220c23 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: [3.11] + python-version: [3.12] debian-version: [trixie] steps: - name: Checkout code diff --git a/Dockerfile b/Dockerfile index bab1070..176b3e5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -29,5 +29,5 @@ RUN pip install -U pip pip-tools &&\ COPY --chown=oceanum:oceanum . /home/oceanum/oceanum-python/ WORKDIR /home/oceanum/oceanum-python # Install the package (virtual environment is automatically activated via ENV variables) -RUN pip install -e . +RUN pip install . CMD ["oceanum"] \ No newline at end of file From fa6a7e595084eed56c1b3134a992e45bfbec0e23 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 10:19:23 +1300 Subject: [PATCH 13/26] Push to ghcr, no arm64 build --- .github/workflows/build-image.yml | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 8220c23..26a966a 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -6,11 +6,9 @@ on: - build_image env: - REGISTRY: us-central1-docker.pkg.dev - PROJECT: oceanum-registry - REPOSITORY: public + REGISTRY: ghcr.io + NAMESPACE: oceanum-io IMAGE_NAME: oceanum-python - jobs: build: runs-on: ubuntu-latest @@ -22,12 +20,12 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - - name: Login to GCP Artifact Registry + - name: Login to Container Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} - username: ${{ vars.GCP_AR_DOCKER_USERNAME }} - password: ${{ secrets.GCP_AR_DOCKER_PASSWORD }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Set up QEMU uses: docker/setup-qemu-action@v3 @@ -38,13 +36,13 @@ jobs: - name: Build Docker image uses: docker/build-push-action@v6 with: - platforms: linux/amd64,linux/arm64 + platforms: linux/amd64 context: . file: Dockerfile - cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}-cache - cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}-cache + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}-cache + cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}/${{ env.IMAGE_NAME }}-cache build-args: | PYTHON_VER=${{ matrix.python-version }} DEBIAN_VER=${{ matrix.debian-version }} push: true - tags: ${{ env.REGISTRY }}/${{ env.PROJECT }}/${{ env.REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ matrix.python-version }}-${{ matrix.debian-version }}-${{ github.ref_name }} \ No newline at end of file + tags: ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file From 97e26ad84dcd5c4e78995a8a231d12a07f349a86 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 10:25:29 +1300 Subject: [PATCH 14/26] Remove extra name --- .github/workflows/build-image.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 26a966a..2dec15d 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: [3.12] + python-version: [3.12, 3.13] debian-version: [trixie] steps: - name: Checkout code @@ -40,9 +40,9 @@ jobs: context: . file: Dockerfile cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}-cache - cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}/${{ env.IMAGE_NAME }}-cache + cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}-cache build-args: | PYTHON_VER=${{ matrix.python-version }} DEBIAN_VER=${{ matrix.debian-version }} push: true - tags: ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file + tags: ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file From c467e07bc2072751ecf6ecdc34fa48b23f323d46 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 10:30:31 +1300 Subject: [PATCH 15/26] Add tags --- .github/workflows/build-image.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 2dec15d..f3bf592 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -2,6 +2,8 @@ name: Build Docker image on: push: + tags: + - 'v*.*.*' branches: - build_image @@ -45,4 +47,6 @@ jobs: PYTHON_VER=${{ matrix.python-version }} DEBIAN_VER=${{ matrix.debian-version }} push: true - tags: ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file + tags: | + ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file From c1be131496968f90f6cc03425d741de5ed6479a3 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 12:42:34 +1300 Subject: [PATCH 16/26] Add version tags --- .github/workflows/build-image.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index f3bf592..f110020 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -22,6 +22,14 @@ jobs: - name: Checkout code uses: actions/checkout@v2 + - name: Split Versions + id: split_versions + run: | + MAJOR_VERSION=$(echo ${{ github.ref_name }} | cut -d. -f1) + MINOR_VERSION=$(echo ${{ github.ref_name }} | cut -d. -f2) + echo "MAJOR_VERSION=$MAJOR_VERSION" >> $GITHUB_ENV + echo "MINOR_VERSION=$MINOR_VERSION" >> $GITHUB_ENV + - name: Login to Container Registry uses: docker/login-action@v3 with: @@ -48,5 +56,7 @@ jobs: DEBIAN_VER=${{ matrix.debian-version }} push: true tags: | - ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ matrix.python-version }}-${{ matrix.debian-version }} - ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file + ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:$MINOR_VERSION-py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:$MINOR_VERSION.$MAJOR_VERSION-py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file From e9503f9802da9169a6c5cfd5cd1ec0354c1846c7 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 12:44:25 +1300 Subject: [PATCH 17/26] Get from env --- .github/workflows/build-image.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index f110020..4cfcbed 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -57,6 +57,6 @@ jobs: push: true tags: | ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:py${{ matrix.python-version }}-${{ matrix.debian-version }} - ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:$MINOR_VERSION-py${{ matrix.python-version }}-${{ matrix.debian-version }} - ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:$MINOR_VERSION.$MAJOR_VERSION-py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}.${{ env.MAJOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file From 585d4484f1bf450f874672b066502cb109ed75a1 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 12:44:57 +1300 Subject: [PATCH 18/26] Add latest tag --- .github/workflows/build-image.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 4cfcbed..9c0619e 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -56,6 +56,7 @@ jobs: DEBIAN_VER=${{ matrix.debian-version }} push: true tags: | + ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:latest ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:py${{ matrix.python-version }}-${{ matrix.debian-version }} ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}.${{ env.MAJOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} From d6367c5cfb52be04ae29c3636d2924d097d3591a Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 13:01:00 +1300 Subject: [PATCH 19/26] Push both to GAR and GHCR --- .github/workflows/build-image.yml | 35 +++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 9c0619e..c377ab7 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -8,8 +8,10 @@ on: - build_image env: - REGISTRY: ghcr.io - NAMESPACE: oceanum-io + GH_REGISTRY: ghcr.io + GH_NAMESPACE: oceanum-io + GAR_REGISTRY: us-central1-docker.pkg.dev + GAR_REPOSITORY: public IMAGE_NAME: oceanum-python jobs: build: @@ -29,11 +31,18 @@ jobs: MINOR_VERSION=$(echo ${{ github.ref_name }} | cut -d. -f2) echo "MAJOR_VERSION=$MAJOR_VERSION" >> $GITHUB_ENV echo "MINOR_VERSION=$MINOR_VERSION" >> $GITHUB_ENV + + - name: Login to GAR + uses: docker/login-action@v3 + with: + registry: ${{ env.GAR_REGISTRY }} + username: ${{ vars.GCP_AR_DOCKER_USERNAME }} + password: ${{ secrets.GCP_AR_DOCKER_PASSWORD }} - - name: Login to Container Registry + - name: Login to GHCR uses: docker/login-action@v3 with: - registry: ${{ env.REGISTRY }} + registry: ${{ env.GH_REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} @@ -49,15 +58,19 @@ jobs: platforms: linux/amd64 context: . file: Dockerfile - cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}-cache - cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}-cache + cache-from: type=registry,ref=${{ env.GAR_REGISTRY }}/${{ env.GAR_PROJECT }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}-cache + cache-to: type=registry,ref=${{ env.GAR_REGISTRY }}/${{ env.GAR_PROJECT }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}-cache build-args: | PYTHON_VER=${{ matrix.python-version }} DEBIAN_VER=${{ matrix.debian-version }} push: true tags: | - ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:latest - ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:py${{ matrix.python-version }}-${{ matrix.debian-version }} - ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} - ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}.${{ env.MAJOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} - ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file + ${{ env.GH_REGISTRY }}/${{ env.GH_NAMESPACE }}/${{ env.IMAGE_NAME }}:latest + ${{ env.GH_REGISTRY }}/${{ env.GH_NAMESPACE }}/${{ env.IMAGE_NAME }}:py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.GH_REGISTRY }}/${{ env.GH_NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.GH_REGISTRY }}/${{ env.GH_NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}.${{ env.MAJOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.GH_REGISTRY }}/${{ env.GH_NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.GAR_REGISTRY }}/${{ env.GAR_PROJECT }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}:latest + ${{ env.GAR_REGISTRY }}/${{ env.GAR_PROJECT }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}:py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.GAR_REGISTRY }}/${{ env.GAR_PROJECT }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} + ${{ env.GAR_REGISTRY }}/${{ env.GAR_PROJECT }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}:${{ env.MINOR_VERSION }}.${{ env.MAJOR_VERSION }}-py${{ matrix.python-version }}-${{ matrix.debian-version }} \ No newline at end of file From b0a2dfa4feb4f183dcb28cce6f0e93a4e7454bf8 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 13:05:00 +1300 Subject: [PATCH 20/26] Add GAR_PROJECT env --- .github/workflows/build-image.yml | 1 + Dockerfile | 3 +++ 2 files changed, 4 insertions(+) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index c377ab7..dae0f34 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -11,6 +11,7 @@ env: GH_REGISTRY: ghcr.io GH_NAMESPACE: oceanum-io GAR_REGISTRY: us-central1-docker.pkg.dev + GAR_PROJECT: oceanum-registry GAR_REPOSITORY: public IMAGE_NAME: oceanum-python jobs: diff --git a/Dockerfile b/Dockerfile index 176b3e5..c5ce5a2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,6 +2,9 @@ ARG PYTHON_VER=3.12 ARG DEBIAN_VER=trixie FROM python:${PYTHON_VER}-slim-${DEBIAN_VER} +LABEL org.opencontainers.image.description="oceanum-python: A Python library and CLI for Oceanum.io services." +LABEL org.opencontainers.image.source="https://github.com + RUN apt-get update &&\ apt-get install -y --no-install-recommends build-essential gcc gdal-bin gdal-data libgdal-dev &&\ apt-get clean &&\ From 31f935a6a6df3d56fc42ad72726b95c4a8db81bb Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 13:08:21 +1300 Subject: [PATCH 21/26] Fix labels --- Dockerfile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index c5ce5a2..c2463a0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,11 @@ ARG DEBIAN_VER=trixie FROM python:${PYTHON_VER}-slim-${DEBIAN_VER} LABEL org.opencontainers.image.description="oceanum-python: A Python library and CLI for Oceanum.io services." -LABEL org.opencontainers.image.source="https://github.com +LABEL org.opencontainers.image.source="https://github.com/oceanum-io/oceanum-python" +LABEL org.opencontainers.image.licenses="MIT" +LABEL org.opencontainers.image.vendor="Oceanum.io" +LABEL org.opencontainers.image.title="oceanum-python" +LABEL org.opencontainers.image.authors="Oceanum Developers" RUN apt-get update &&\ apt-get install -y --no-install-recommends build-essential gcc gdal-bin gdal-data libgdal-dev &&\ From eeb7ba20fd9bbbadc08620988d70e21adca5549b Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 13:33:33 +1300 Subject: [PATCH 22/26] No qemu, single platform --- .github/workflows/build-image.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index dae0f34..f0ec1f0 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -47,8 +47,8 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + # - name: Set up QEMU + # uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -56,7 +56,7 @@ jobs: - name: Build Docker image uses: docker/build-push-action@v6 with: - platforms: linux/amd64 + #platforms: linux/amd64 context: . file: Dockerfile cache-from: type=registry,ref=${{ env.GAR_REGISTRY }}/${{ env.GAR_PROJECT }}/${{ env.GAR_REPOSITORY }}/${{ env.IMAGE_NAME }}-cache From 7fd228d2cc2b2c784468e05b7bb499d5419b5950 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 14:16:45 +1300 Subject: [PATCH 23/26] oceanum entrypoint --- Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index c2463a0..214c1a5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,7 @@ RUN useradd -u 1001 -p oceanum --create-home --shell=/bin/bash oceanum USER oceanum WORKDIR /home/oceanum -ENV PIP_NO_CACHE_DIR=false +ENV PIP_NO_CACHE_DIR=1 RUN python -m venv .venv/oceanum # Set environment variables to activate the virtual environment globally @@ -36,5 +36,5 @@ RUN pip install -U pip pip-tools &&\ COPY --chown=oceanum:oceanum . /home/oceanum/oceanum-python/ WORKDIR /home/oceanum/oceanum-python # Install the package (virtual environment is automatically activated via ENV variables) -RUN pip install . -CMD ["oceanum"] \ No newline at end of file +RUN pip install -e . +ENTRYPOINT ["oceanum"] \ No newline at end of file From ac705f564ed124b2842a56a8d642c46d3e8083da Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Fri, 14 Nov 2025 14:21:43 +1300 Subject: [PATCH 24/26] only build images on tags --- .github/workflows/build-image.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index f0ec1f0..15991ea 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -4,8 +4,6 @@ on: push: tags: - 'v*.*.*' - branches: - - build_image env: GH_REGISTRY: ghcr.io From 7a7ecab1d1cf2a2b81974bbfbd71463d5a9fe7d4 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Wed, 10 Dec 2025 14:10:05 +1300 Subject: [PATCH 25/26] Add debian bookworm to image matrix --- .github/workflows/build-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 15991ea..79ab49a 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -18,7 +18,7 @@ jobs: strategy: matrix: python-version: [3.12, 3.13] - debian-version: [trixie] + debian-version: [bookworm, trixie] steps: - name: Checkout code uses: actions/checkout@v2 From dda37c7d80959a6dc4be66fd91b945adf1b903a3 Mon Sep 17 00:00:00 2001 From: Andre Lobato Date: Wed, 10 Dec 2025 14:30:02 +1300 Subject: [PATCH 26/26] Still build on branch --- .github/workflows/build-image.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 79ab49a..9c4d78e 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -2,6 +2,8 @@ name: Build Docker image on: push: + branches: + - build_image tags: - 'v*.*.*'