BioNemo Image Build and Unit Tests #255
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "BioNemo Image Build and Unit Tests" | |
on: | |
pull_request: | |
branches: [main] | |
push: | |
branches: [main] | |
merge_group: | |
types: [checks_requested] | |
defaults: | |
run: | |
shell: bash -x -e -u -o pipefail {0} | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
pre-commit: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
submodules: "recursive" | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: "3.12" | |
cache: "pip" | |
- run: pip install -r requirements-dev.txt | |
- run: ./ci/scripts/static_checks.sh | |
# For pull requests and merge_group events, trufflehog only runs on the diff between the base and head branches. | |
# For `push` events, (i.e., post-merge tests), we run trufflehog on the entire main branch by setting the base to | |
# ''. For some reason, the default behavior doesn't work well with the merge_group event, so we need to set these | |
# manually. | |
- uses: trufflesecurity/trufflehog@main | |
with: | |
path: ./ | |
base: ${{ github.event_name != 'push' && github.event.repository.default_branch || '' }} | |
head: HEAD | |
extra_args: --only-verified | |
build-bionemo-image: | |
needs: pre-commit | |
runs-on: self-hosted-azure-cpu | |
if: ${{ !contains(github.event.pull_request.labels.*.name, 'SKIP_CI') }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
# This working directory / path business is because our self-hosted runners are not ephemeral VMs, so we | |
# isolate each build into their own folder. Note that these are not currently cleaned up, so that will need to | |
# be automated in the future. | |
path: ${{ github.run_id }} | |
submodules: "recursive" | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Docker Metadata | |
id: metadata | |
uses: docker/metadata-action@v5 | |
with: | |
images: nemoci.azurecr.io/bionemo | |
labels: nemo.library=bionemo | |
tags: | | |
type=schedule | |
type=ref,event=branch | |
type=ref,event=tag | |
type=ref,event=pr | |
type=raw,value=${{ github.run_id }} | |
# This action sets up our cache-from and cache-to flags appropriately; see the README of this action for more | |
# info. It doesn't seem to cache correctly for merge_group events, so we need to add that as an extra argument in | |
# the step below. There's probably a slight optimization to be had here by caching from the pr- caches for | |
# merge_group events. See https://github.com/int128/docker-build-cache-config-action/issues/1005 for more info. | |
- uses: int128/docker-build-cache-config-action@v1 | |
id: cache | |
with: | |
image: nemoci.azurecr.io/bionemo/build-cache | |
pull-request-cache: true | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
file: ${{ github.run_id }}/Dockerfile | |
context: ${{ github.run_id }}/ | |
push: true | |
tags: ${{ steps.metadata.outputs.tags }} | |
labels: ${{ steps.metadata.outputs.labels }} | |
cache-from: | | |
${{ steps.cache.outputs.cache-from }} | |
${{ github.event_name == 'merge_group' && 'nemoci.azurecr.io/bionemo/build-cache:main' || '' }} | |
cache-to: ${{ steps.cache.outputs.cache-to }} | |
run-tests: | |
needs: build-bionemo-image | |
runs-on: self-hosted-nemo-gpus-1 | |
defaults: | |
run: | |
working-directory: ./${{ github.run_id }} | |
container: | |
image: nemoci.azurecr.io/bionemo:${{ github.run_id }} | |
options: --gpus all | |
# We mount the cache directory to avoid downloading the test data every run. Note that this only works because our | |
# VMs are not ephemeral, otherwise we'd need to cache the data somewhere that persists between runs. | |
volumes: | |
- /home/azureuser/actions-runner-bionemo/cache:/github/home/.cache | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
path: ${{ github.run_id }} | |
- name: Run tests | |
env: | |
BIONEMO_DATA_SOURCE: ngc | |
run: ./ci/scripts/run_pytest.sh --no-nbval --skip-slow | |
- name: Run notebook tests | |
if: ${{ contains(github.event.pull_request.labels.*.name, 'INCLUDE_NOTEBOOKS_TESTS') }} | |
env: | |
BIONEMO_DATA_SOURCE: ngc | |
run: pytest --nbval-lax -p no:python docs/ sub-packages/ | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
working-directory: ${{ github.run_id }} | |
- name: Upload test results to Codecov | |
if: ${{ !cancelled() }} | |
uses: codecov/test-results-action@v1 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
working-directory: ${{ github.run_id }} | |
# Again, because our VMs are not ephemeral, we need to clean up the image after the tests are done. Otherwise `docker | |
# images list` will get very cluttered and we'll run out of disk space on these runners. | |
clean-up: | |
needs: run-tests | |
runs-on: self-hosted-nemo-gpus-1 | |
if: ${{ success() || failure() }} | |
steps: | |
- name: clean up image | |
run: docker rmi nemoci.azurecr.io/bionemo:${{ github.run_id }} | |
# TODO: exclude tests from base image; run tests from github workspace mounted in the image. | |
# TODO: figure out way of cleaning up working directory (requires sudo or for us to fix file ownership from release container) |