Add docker build and upload image to GitHub

[gregcorbett]

Depends on #193, this PR will need to be rebased once that has been merged.

Builds a container on a pull request or on a push of either any branch or a tag matching a "proper" release of the SSM (not a release candidate or other tagged version.

When it builds a tag, if the build was done in the main repository, the resultant image will also get pushed to container registry with the lastest tag (which is why we only build proper releases of the SSM).

[gregcorbett]

I've rebased this, for future reference - it's stalled because the container won't build (pip install -r requirements.txt fails).

#11 [ 8/11] RUN pip install -r requirements.txt
#11 0.532 Collecting stomp.py<5.0.0 (from -r requirements.txt (line 3))
#11 0.734   Downloading https://files.pythonhosted.org/packages/cc/50/a96cbaf79b7cb68a5c08511f4d2c275bc9ff962e342f79fdc98ac36ab617/stomp.py-4.1.24-py2.py3-none-any.whl
#11 0.764 Collecting python-daemon (from -r requirements.txt (line 4))
#11 0.855   Downloading https://files.pythonhosted.org/packages/b1/cc/2ab0d910548de45eaaa50d0372387951d9005c356a44c6858db12dc6b2b7/python_daemon-2.3.0-py2.py3-none-any.whl
#11 0.884 Collecting python-ldap (from -r requirements.txt (line 5))
#11 0.995   Downloading https://files.pythonhosted.org/packages/41/e2/6b12190c171b78d1cd8c9d0d3380d18b85959aecb2b1267f7bdd5b66cd8f/python-ldap-3.4.0.tar.gz (376kB)
#11 1.187     Complete output from command python setup.py egg_info:
#11 1.187     Traceback (most recent call last):
#11 1.187       File "<string>", line 1, in <module>
#11 1.187       File "/tmp/pip-build-QuKKUj/python-ldap/setup.py", line 12, in <module>
#11 1.187         'The C API from Python 3.6+ is required, found %s' % sys.version_info
#11 1.187     RuntimeError: The C API from Python 3.6+ is required, found sys.version_info(major=2, minor=7, micro=5, releaselevel='final', serial=0)
#11 1.187     
#11 1.187     ----------------------------------------
#11 1.196 Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-QuKKUj/python-ldap/
#11 1.310 You are using pip version 8.1.2, however version 22.0.4 is available.
#11 1.310 You should consider upgrading via the 'pip install --upgrade pip' command.
#11 ERROR: executor failed running [/bin/sh -c pip install -r requirements.txt]: exit code: 1

[gregcorbett]

the container won't build (pip install -r requirements.txt fails).

So the container build is trying to use python-ldap-3.4.0, which dropped support for python 2. The travis build is passing because it used python-ldap-3.3.1, not sure why there is this discrepancy...

[gregcorbett]

So the container build is trying to use python-ldap-3.4.0, which dropped support for python 2.

Capping python-ldap atleast allows the container to build, but then it fails uploading to GitHub... progress!

[gregcorbett]

it fails uploading to GitHub... progress!

ah, the "push" docker build was succsessful, but not the "pull_request" version

[gregcorbett]

ah, the "push" docker build was succsessful, but not the "pull_request" version

So it looks like:

• secrets.GITHUB_TOKEN is auto generated for access to my repo
• we need a secret named GIT_AUTH_TOKEN to push the built pacakge to the apel/ssm repo.

From https://github.com/docker/build-push-action

Building from the current repository automatically uses the GitHub Token so it does not need to be passed. If you want to authenticate against another private repository, you have to use a secret named GIT_AUTH_TOKEN to be able to authenticate against it with buildx:

[gregcorbett]

ah, the "push" docker build was succsessful, but not the "pull_request" version

Hmmmm, thinking about this more, we probably don't want to push a container built from a PR to the GitHub registry, though we would want to confirm the container still builds.

The action this uses does take push: boolean as an option so we just need to set it to false when a PR triggers the job.

[gregcorbett]

Hmmmm the container build is now failing because of the argo-ams-library.

Looks like argo-ams-library is set to use the latest version of requests (see its setup.py), which has recently dropped support for anything below Python 3.7 (according to pypi). argo-ams-library still supports Python 2.7 (again see its setup.py).

I've opened an issue with the argo-ams-library here: ARGOeu/argo-ams-library#136

[gregcorbett]

For testing-the-container-build purposes, I should be able to pin requests locally.

[gregcorbett]

Looks like argo-ams-library is set to use the latest version of requests (see its setup.py), which has recently dropped support for anything below Python 3.7 (according to pypi). argo-ams-library still supports Python 2.7 (again see its setup.py).

From version 0.5.7 of argo-ams-library and upwards, the requests library has been pinned to version 2.20

[gregcorbett]

The container now builds, and the push to the GitHub registry works on push events - see https://github.com/gregcorbett/ssm/pkgs/container/ssm/30046106?tag=github_actions_docker.