Skip to content

update docker configuration for 3.23 #11085

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
vot4anto wants to merge 2 commits into
base: engine-3.23
Choose a base branch
from
Open

update docker configuration for 3.23 #11085

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
48c550e
update docker folder from master
vot4anto Dec 23, 2025
613018b
update docker action and name from master
vot4anto Dec 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 0 additions & 64 deletions .github/workflows/docker_dev.yml
View file
Open in desktop

This file was deleted.

94 changes: 94 additions & 0 deletions .github/workflows/docker_latest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
---
name: Build Image Latest for Docker
on:
workflow_dispatch:
inputs:
tags:
description: Comma-separated list of tags
default: latest
required: true
git-ref:
description: Git Ref
default: master
Copy link
Member

@ptormene ptormene Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it ok to use master instead of engine-3.23 here?

required: true

jobs:
docker:
name: Build image and push after successfull calculation
runs-on: ubuntu-latest
env:
DOCKER_USERNAME: ${{ secrets.docker_username }}
DOCKER_PASSWORD: ${{ secrets.docker_password }}
REPO_REF: ${{ github.event.inputs.git-ref }}
DOCKER_TAG: ${{ github.event.inputs.version }}
steps:
# This Checkout is necessary when using a context in docker/build-push-action
- name: Clone Repository (Latest)
uses: actions/checkout@v4
if: github.event.inputs.git-ref == ''
- name: Clone Repository (Custom Ref)
uses: actions/checkout@v4
if: github.event.inputs.git-ref != ''
with:
ref: ${{ github.event.inputs.git-ref }}
- name: Extract tag names
shell: bash
run: echo "##[set-output name=tags;]" | tr -d '\n'; for tag in $(echo ${{ github.event.inputs.tags }} | tr , '\n'); do echo "-t openquake/engine:$tag " | tr -d '\n'; done
id: extract_tags
- name: Build image engine with tag ${{ github.event.inputs.version }}
id: docker_engine
run: docker build --build-arg oq_branch=$REPO_REF ${{ steps.extract_tags.outputs.tags }} -f docker/Dockerfile.engine docker
- name: List Image
run: |
docker image ls
- name: Test Auth mode and run calcs on single docker
run: |
# Test authentication on WebUI headless
echo "Test WEBUI HEADLESS"
cat > ./.env << EOF
OQ_APPLICATION_MODE=RESTRICTED
OQ_ADMIN_LOGIN=user
OQ_ADMIN_PASSWORD=login
OQ_ADMIN_EMAIL=user@login.input
EMAIL_BACKEND='django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST=smtp.gmail.com
EMAIL_PORT=587
EMAIL_USE_TLS=True
EMAIL_HOST_USER=admin@reply.com
EMAIL_HOST_PASSWORD=polhjuih@
EMAIL_SUPPORT=noreply@reply.com
DJANGO_SETTINGS_MODULE=openquake.server.settings
EOF
release_tag=$(echo ${{ github.event.inputs.tags }} | cut -f 1 -d ,)
echo "docker run --name openquake -d --env-file=./.env -p 127.0.0.1:8800:8800 openquake/engine:${release_tag} "
docker run --name openquake -d --env-file=./.env -p 127.0.0.1:8800:8800 openquake/engine:${release_tag}
echo "Waiting WEBUI up on port 8800...."
while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' http://127.0.0.1:8800/accounts/login/)" != "200" ]]; do
echo "Still waiting WEBUI account login up on port 8800...."
sleep 5 # wait for 5 seconds before check again
done
sleep 1
echo -n "TEST DJANGO LOGIN "
LOGIN_URL=http://127.0.0.1:8800/accounts/login/
YOUR_USER='user'
YOUR_PASS='login'
COOKIES=cookies.txt
CURL_BIN="curl -s -c $COOKIES -b $COOKIES -e $LOGIN_URL"
echo -n "Django Auth: get csrftoken ..."
$CURL_BIN $LOGIN_URL > /dev/null
DJANGO_TOKEN="csrfmiddlewaretoken=$(grep csrftoken $COOKIES | sed 's/^.*csrftoken\s*//')"
echo " perform login ..."
$CURL_BIN \
-d "$DJANGO_TOKEN&username=$YOUR_USER&password=$YOUR_PASS" \
-X POST $LOGIN_URL > /dev/null
docker logs -t -n 5 openquake
# Run calcs
echo "test run of calc on running container "
sleep 3
time docker exec -t openquake oq engine --run "https://github.com/gem/oq-engine/blob/master/openquake/server/tests/data/classical.zip?raw=true"
Copy link
Member

@ptormene ptormene Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it ok to get the file from master instead of engine-3.23?

echo "test run of a calcs on new created container"
time docker run openquake/engine:${release_tag} oq engine --run "https://downloads.openquake.org/jobs/risk_test.zip"
- name: push image engine with tags ${{ github.event.inputs.tags }} on dockerhub
run: |
docker login -u="$DOCKER_USERNAME" -p="$DOCKER_PASSWORD"
docker push openquake/engine --all-tags
107 changes: 107 additions & 0 deletions .github/workflows/docker_nightly.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
---
name: Build Image Nightly for Docker
on:
workflow_dispatch:
inputs:
version:
description: Image Tag
default: nightly
required: true
git-ref:
description: Git Ref
default: master
Copy link
Member

@ptormene ptormene Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above

required: true
schedule:
- cron: "30 23 * * *"
#push:
#branches: [ ci ]

jobs:
docker:
name: Build image and push after successfull calculation
runs-on: ubuntu-latest
env:
DOCKER_USERNAME: ${{ secrets.docker_username }}
DOCKER_PASSWORD: ${{ secrets.docker_password }}
DOCKER_TAG: ${{ github.event.inputs.version }}
REPO_REF: ${{ github.event.inputs.git-ref }}
steps:
# This Checkout is necessary when using a context in docker/build-push-action
- name: Clone Repository (Latest)
uses: actions/checkout@v4
if: github.event.inputs.git-ref == ''
- name: Clone Repository (Custom Ref)
uses: actions/checkout@v4
if: github.event.inputs.git-ref != ''
with:
ref: ${{ github.event.inputs.git-ref }}
- name: Build image engine
id: docker_engine_manual
run: |
if [ ${{ github.event.inputs.version }} != '' ]; then
echo "Is manual run"
else
echo "Is scheduled run"
DOCKER_TAG=nightly
REPO_REF=master
Copy link
Member

@ptormene ptormene Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above

fi
docker build --build-arg oq_branch=$REPO_REF -t openquake/engine:$DOCKER_TAG -f docker/Dockerfile.dev docker
echo "List Image"
docker image ls
# Test authentication on WebUI headless
echo "Test WEBUI HEADLESS"
cat > ./.env << EOF
OQ_APPLICATION_MODE=RESTRICTED
OQ_ADMIN_LOGIN=user
OQ_ADMIN_PASSWORD=login
OQ_ADMIN_EMAIL=user@login.input
EMAIL_BACKEND='django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST=smtp.gmail.com
EMAIL_PORT=587
EMAIL_USE_TLS=True
EMAIL_HOST_USER=admin@reply.com
EMAIL_HOST_PASSWORD=polhjuih@
EMAIL_SUPPORT=noreply@reply.com
DJANGO_SETTINGS_MODULE=openquake.server.settings
EOF
echo "docker run --name openquake -d --env-file=./.env -p 127.0.0.1:8800:8800 openquake/engine:$DOCKER_TAG "
docker run --name openquake -d --env-file=./.env -p 127.0.0.1:8800:8800 openquake/engine:$DOCKER_TAG
echo "Waiting WEBUI up on port 8800...."
while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' http://127.0.0.1:8800/accounts/login/)" != "200" ]]; do
echo "Still waiting WEBUI account login up on port 8800...."
sleep 5 # wait for 5 seconds before check again
done
sleep 1
echo -n "TEST DJANGO LOGIN "
LOGIN_URL=http://127.0.0.1:8800/accounts/login/
YOUR_USER='user'
YOUR_PASS='login'
COOKIES=cookies.txt
CURL_BIN="curl -s -c $COOKIES -b $COOKIES -e $LOGIN_URL"
echo -n "Django Auth: get csrftoken ..."
$CURL_BIN $LOGIN_URL > /dev/null
DJANGO_TOKEN="csrfmiddlewaretoken=$(grep csrftoken $COOKIES | sed 's/^.*csrftoken\s*//')"
echo " perform login ..."
$CURL_BIN \
-d "$DJANGO_TOKEN&username=$YOUR_USER&password=$YOUR_PASS" \
-X POST $LOGIN_URL > /dev/null
docker logs -t -n 5 openquake

echo "test run of calc on running container "
time docker exec -t openquake oq engine --run /usr/src/oq-engine/demos/risk/ScenarioDamage/job_hazard.ini /usr/src/oq-engine/demos/risk/ScenarioDamage/job_risk.ini
sleep 3
time docker exec -t openquake oq engine --run "https://github.com/gem/oq-engine/blob/master/openquake/server/tests/data/classical.zip?raw=true"
Copy link
Member

@ptormene ptormene Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above

echo "test run of a calcs on new created container"
Copy link
Member

@ptormene ptormene Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

calcs -> calc

time docker run openquake/engine:$DOCKER_TAG oq engine --run "https://github.com/gem/oq-engine/blob/master/openquake/server/tests/data/classical.zip?raw=true"
Copy link
Member

@ptormene ptormene Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above

- name: push Openquake engine image on dockerhub
run: |
if [ ${{ github.event.inputs.version }} != '' ]; then
echo "Is manual run"
else
echo "Is scheduled run"
DOCKER_TAG=nightly
REPO_REF=master
Copy link
Member

@ptormene ptormene Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above

fi
docker login -u="$DOCKER_USERNAME" -p="$DOCKER_PASSWORD"
echo " push image engine with tag :$DOCKER_TAG on docker hub "
docker push openquake/engine:$DOCKER_TAG
54 changes: 0 additions & 54 deletions .github/workflows/docker_stable.yml
View file
Open in desktop

This file was deleted.

15 changes: 8 additions & 7 deletions docker/Dockerfile.dev
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,33 +12,34 @@
#
# You should have received a copy of the GNU Affero General Public License
# along with OpenQuake. If not, see <http://www.gnu.org/licenses/>.
FROM python:3.11-slim AS compile-image
FROM python:3.12.6-slim AS compile-image
LABEL maintainer="GEM Foundation <devops@openquake.org>" \
vendor="GEM Foundation"
RUN apt-get update && \
apt-get install -y --no-install-recommends build-essential gcc git libcap-dev ssh dnsutils telnet netbase net-tools lsof tcpdump sudo strace time && \
useradd -m -u 1000 -G sudo -s /bin/bash openquake && echo "openquake ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers
ARG oq_branch
ENV LANG en_US.UTF-8
ENV LANG=en_US.UTF-8
WORKDIR /usr/src
# Create venv
ENV VIRTUAL_ENV=/opt/openquake
RUN python3 -m venv $VIRTUAL_ENV
ENV PATH="$VIRTUAL_ENV/bin:$PATH"
# Install dependencies and engine
RUN git clone https://github.com/gem/oq-engine.git --depth=1 --branch $oq_branch && chown -R openquake:openquake oq-engine && \
cd oq-engine && pip --disable-pip-version-check install -e . -r requirements-py311-linux64.txt --no-warn-script-location
cd oq-engine && pip --disable-pip-version-check install -e . -r requirements-py312-linux64.txt --no-warn-script-location
#
USER openquake
ENV HOME /home/openquake
ENV LOCKDOWN=False
ENV HOME=/home/openquake
#
#ENV OQ_CONFIG_FILE /opt/openquake/openquake.cfg
#ADD openquake.cfg /opt/openquake/openquake.cfg
#
WORKDIR ${HOME}
RUN mkdir oqdata
ADD scripts/oq-start.sh ${HOME}
#
EXPOSE 8800:8800
EXPOSE 8800
STOPSIGNAL SIGINT
ENTRYPOINT ["/bin/bash", "-c"]
ENTRYPOINT ["./oq-start.sh"]
CMD ["oq", "webui", "start", "0.0.0.0:8800", "-s"]
Loading