Add EOPF-Zarr GDAL Driver Container with complete environment setup #4
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test EOPF-Zarr Driver | |
| on: | |
| push: | |
| branches: [ main, master, develop ] | |
| paths: | |
| - 'eopf-zarr-driver/**' | |
| pull_request: | |
| branches: [ main, master ] | |
| paths: | |
| - 'eopf-zarr-driver/**' | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: harbor.user.eopf.eodc.eu | |
| IMAGE_NAME: jupyterdask/eopf-zarr-driver | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| name: Test Environment Setup | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.11' | |
| - name: Install test dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pytest requests | |
| - name: Validate test script syntax | |
| run: | | |
| cd eopf-zarr-driver | |
| python -m py_compile test-environment.py | |
| echo "Test script syntax validation passed" | |
| - name: Check Docker files | |
| run: | | |
| cd eopf-zarr-driver | |
| # Validate Dockerfile syntax | |
| docker run --rm -i hadolint/hadolint < Dockerfile || true | |
| # Check if all required files exist | |
| test -f Dockerfile | |
| test -f docker-compose.yml | |
| test -f docker-entrypoint.sh | |
| test -f test-environment.py | |
| test -f README.md | |
| test -d notebooks | |
| echo "All required files present" | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| name: Build Docker Image | |
| outputs: | |
| image-tag: ${{ steps.meta.outputs.tags }} | |
| image-digest: ${{ steps.build.outputs.digest }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Harbor Registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ secrets.HARBOR_ROBOT_USER }} | |
| password: ${{ secrets.HARBOR_ROBOT_PWD }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| labels: | | |
| org.opencontainers.image.title=EOPF-Zarr GDAL Driver | |
| org.opencontainers.image.description=EOPF-Zarr GDAL Driver with Ubuntu 25, GDAL 3.10, and JupyterHub compatibility | |
| org.opencontainers.image.vendor=EOPF Sample Service | |
| - name: Build and push Docker image | |
| id: build | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./eopf-zarr-driver | |
| file: ./eopf-zarr-driver/Dockerfile | |
| platforms: linux/amd64 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Build test image (PR only) | |
| if: github.event_name == 'pull_request' | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./eopf-zarr-driver | |
| file: ./eopf-zarr-driver/Dockerfile | |
| platforms: linux/amd64 | |
| load: true | |
| tags: eopf-zarr-test:latest | |
| cache-from: type=gha | |
| integration-test: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| name: Integration Tests | |
| if: github.event_name == 'pull_request' || github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build test image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./eopf-zarr-driver | |
| file: ./eopf-zarr-driver/Dockerfile | |
| load: true | |
| tags: eopf-zarr-test:latest | |
| cache-from: type=gha | |
| - name: Test Docker image basic functionality | |
| run: | | |
| # Test if container starts correctly | |
| docker run --rm eopf-zarr-test:latest python3 --version | |
| # Test GDAL installation | |
| docker run --rm eopf-zarr-test:latest gdalinfo --version | |
| # Test Python environment | |
| docker run --rm eopf-zarr-test:latest python3 -c "import sys; print(f'Python {sys.version}')" | |
| - name: Run comprehensive environment tests | |
| run: | | |
| # Copy test script and run comprehensive tests | |
| docker run --rm -v $PWD/eopf-zarr-driver/test-environment.py:/tmp/test-environment.py \ | |
| eopf-zarr-test:latest python3 /tmp/test-environment.py | |
| - name: Test JupyterHub compatibility | |
| run: | | |
| # Test if JupyterHub single-user server can start | |
| timeout 30s docker run --rm -p 8888:8888 \ | |
| -e NB_USER=testuser -e NB_UID=1000 -e NB_GID=1000 \ | |
| eopf-zarr-test:latest || echo "JupyterHub test completed" | |
| - name: Test Docker Compose configuration | |
| run: | | |
| cd eopf-zarr-driver | |
| # Test if docker-compose file is valid | |
| docker compose -f docker-compose.yml config | |
| # Test services can be started (without actually running them) | |
| docker compose -f docker-compose.yml pull || echo "Pull completed" | |
| security-scan: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| name: Security Scan | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Run Trivy vulnerability scanner | |
| uses: aquasecurity/trivy-action@master | |
| with: | |
| image-ref: ${{ needs.build.outputs.image-tag }} | |
| format: 'sarif' | |
| output: 'trivy-results.sarif' | |
| - name: Upload Trivy scan results to GitHub Security tab | |
| uses: github/codeql-action/upload-sarif@v3 | |
| if: always() | |
| with: | |
| sarif_file: 'trivy-results.sarif' |