Trying out Pixi for image building

.github/workflows/build-pixi-image.yml

@@ -0,0 +1,161 @@
+name: Build and Push Docker Image
+
+on:
+  workflow_call:
+    inputs:
+      working_directory:
+        type: string
+        description: What directory should the image be built from
+        required: true
+      image_name:
+        type: string
+        description: Name of Docker image
+        required: true
+      image_tag:
+        type: string
+        description: Tag for Docker image
+        required: true
+      push_image:
+        type: boolean
+        description: Should the image be pushed to the Github Container Registry
+        required: false
+        default: false
+    secrets:
+      GH_TOKEN:
+        description: Github access token
+        required: false
+      SLACK_WEBHOOK_URL:
+        description: Slack webhook URL to send messages to
+        required: false
+    outputs:
+      image_name:
+        description: Fully qualified image name
+        value: ${{ jobs.build-image.outputs.image_name}}
+      image_ref:
+        description: Docker image reference
+        value: ${{ jobs.build-image.outputs.image_ref }}
+
+  workflow_dispatch:
+    inputs:
+      working_directory:
+        type: string
+        description: What directory should the image be built from
+        required: true
+      image_name:
+        type: string
+        description: Name of Docker image
+        required: true
+      image_tag:
+        type: string
+        description: Tag for Docker image
+        required: true
+      push_image:
+        type: boolean
+        description: Should the image be pushed to the Github Container Registry
+        required: false
+        default: false
+
+jobs:
+  build-image:
+    runs-on: ubuntu-22.04
+    name: Build and push image
+    timeout-minutes: 30
+
+    outputs:
+      image_name: ${{ steps.env_var.outputs.image_name }}
+      image_ref: ${{ steps.env_var.outputs.image_ref }}
+
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1.5.1
+
+      - name: Cache Docker layers
+        uses: actions/cache@v2.1.6
+        with:
+          path: /tmp/.buildx-cache
+          key: ohw-docker-buildx-${{ inputs.image_name }}-${{ github.sha }}
+          restore-keys: |
+            ohw-docker-buildx-${{ inputs.image_name }}
+
+      - name: Set Job Environment Variables
+        id: env_var
+        run: |
+          SHA7="${GITHUB_SHA::7}"
+          DOCKER_TAG=$SHA7
+          IMAGE_NAME="ghcr.io/${{ github.repository_owner }}/${{ inputs.image_name }}"
+          echo "DOCKER_TAG=${{ inputs.image_tag }}" >> $GITHUB_ENV
+          echo "IMAGE_NAME=${IMAGE_NAME}" >> $GITHUB_ENV
+          echo "::set-output name=image_name::${IMAGE_NAME})"
+          echo "::set-output name=image_ref::${DOCKER_TAG})"
+
+      - name: Build Docker Image
+        uses: docker/build-push-action@v2.6.1
+        with:
+          tags: |
+            ${{ env.IMAGE_NAME }}:${{ env.DOCKER_TAG }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+          push: false
+          load: true
+          context: ${{ inputs.working_directory }}
+
+      - name: Docker image sizes
+        run: |
+          docker images | grep ${{ env.IMAGE_NAME }}
+
+          echo "### Image sizes" >> $GITHUB_STEP_SUMMARY
+          docker images | grep ${{ env.IMAGE_NAME }} >> $GITHUB_STEP_SUMMARY
+
+      - name: Export Full Conda Environment
+        run: |
+          docker run ${{ env.IMAGE_NAME }}:${{ env.DOCKER_TAG }} pixi list > conda-packages.txt
+
+          echo "### Conda Environment" >> $GITHUB_STEP_SUMMARY
+          cat conda-packages.txt >> $GITHUB_STEP_SUMMARY
+
+      - name: Archive Conda Package List
+        uses: actions/upload-artifact@v1
+        with:
+          name: conda-packages
+          path: conda-packages.txt
+
+      - name: "Log into GitHub Container Registery"
+        uses: docker/login-action@v1.9.0
+        if: ${{ inputs.push_image}}
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }}
+
+      - name: Push Docker Image to GitHub Container Registry
+        if: ${{ inputs.push_image }}
+        run: docker push ${{ env.IMAGE_NAME }}:${{ env.DOCKER_TAG }}
+
+      - name: Notify on newly built image
+        if: ${{ inputs.push_image }}
+        uses: slackapi/slack-github-action@v1.18.0
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+          SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
+        with:
+          payload: |
+            {
+              "text": "Built image ${{ env.IMAGE_NAME }}:${{ env.DOCKER_TAG }}. Maybe let 2i2c know?",
+              "blocks": [
+                {
+                  "type": "section",
+                  "text": {
+                    "type": "mrkdwn",
+                    "text": "Built image `${{ env.IMAGE_NAME }}:${{ env.DOCKER_TAG }}`. Maybe let 2i2c know?"
+                  }
+                }
+              ]
+            }
+
+      - name: Move Docker Cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache

.github/workflows/py-image.yml

@@ -19,7 +19,7 @@ jobs:
 
   build_push:
     needs: [shortsha]
-    uses: ./.github/workflows/build-image.yml
+    uses: ./.github/workflows/build-pixi-image.yml
     with:
       working_directory: ./py-base
       image_tag: ${{ needs.shortsha.outputs.shortsha }}

.gitignore

@@ -102,3 +102,6 @@ venv.bak/
 
 # mypy
 .mypy_cache/
+
+# Mac
+**/.DS_Store

py-base/.gitattributes

@@ -0,0 +1,3 @@
+# GitHub syntax highlighting
+pixi.lock linguist-language=YAML
+

py-base/.gitignore

@@ -0,0 +1,4 @@
+# pixi environments
+.pixi
+*.egg-info
+

py-base/Dockerfile

@@ -1,41 +1,33 @@
-#syntax=docker/dockerfile:1.3
-FROM continuumio/miniconda3:4.12.0@sha256:58b1c7df8d69655ffec017ede784a075e3c2e9feff0fc50ef65300fc75aa45ae
+#syntax=docker/dockerfile:1.7
+FROM ghcr.io/prefix-dev/pixi:0.26.1-jammy@sha256:45d86bb788aaa24d215eff57712f250329486ca8f442b91959bc9ce7ce6e053c
 
 ENV NB_USER jovyan
 ENV NB_UID 1000
 ENV HOME /home/jovyan
 
-ENV CONDA_DIR /srv/conda
-ENV CONDA_ENV base
+ENV PIXI_DIR /srv/pixi_env
 
 # Output logging faster
 ENV PYTHONUNBUFFERED 1
-# Don't write bytecode
-ENV PYTHONDONTWRITEBYTECODE 1
 
 USER root
 RUN adduser --disabled-password --gecos "Default Jupyter user" ${NB_USER} \
-    && echo ". ${CONDA_DIR}/etc/profile.d/conda.sh ; conda activate ${CONDA_ENV}" > /etc/profile.d/init_conda.sh \
-    && chown -R ${NB_USER}:${NB_USER} /srv
+    && chown -R ${NB_USER}:${NB_USER} /srv \
+    && mkdir -p ${PIXI_DIR} \
+    && chown -R ${NB_USER}:${NB_USER} ${PIXI_DIR}
 
-WORKDIR ${HOME}
-USER ${USER}
 
-COPY ./conda-linux-64.lock /tmp/
+WORKDIR ${PIXI_DIR}
+USER ${NB_USER}
 
-RUN --mount=type=cache,id=ohw_py,target=/opt/conda/pkgs,uid=${NB_UID},gid=${NB_UID} \
-    conda install --name ${CONDA_ENV} --file /tmp/conda-linux-64.lock && \
-    # micromamba install --name ${CONDA_ENV} --file environment.yml && \
-    find -name '*.a' -delete && \
-    # rm -rf /opt/conda/conda-meta && \
-    rm -rf ${CONDA_DIR}/include && \
-    find -name '__pycache__' -type d -exec rm -rf '{}' '+'
+COPY ./pixi.toml ./pixi.lock ${PIXI_DIR}/
 
-COPY CONDARC ./.condarc
-COPY --chown=${NB_USER} entrypoint.sh /opt/entrypoint.sh
+RUN --mount=type=cache,id=ohw_py,target=/home/jovyan/.cache/rattler/cache,uid=${NB_UID},gid=${NB_UID} \
+    pixi install --frozen -e default
 
-# USER root
-# RUN chown -R jovyan ${CONDA_DIR}
-USER ${NB_USER}
+RUN pixi shell-hook --frozen -e default > /srv/shell-hook.sh \
+    && echo 'exec "$@"' >> /srv/shell-hook.sh
 
-ENTRYPOINT [ "/opt/entrypoint.sh" ]
+ENTRYPOINT ["/bin/bash", "/srv/shell-hook.sh"]
+
+WORKDIR ${HOME}