Skip to content

BioNemo Image Build and Unit Tests #415

BioNemo Image Build and Unit Tests

BioNemo Image Build and Unit Tests #415

Workflow file for this run

name: "BioNemo Image Build and Unit Tests"
on:
pull_request:
branches: [main]
types: [opened, synchronize, reopened, ready_for_review]
push:
branches: [main]
merge_group:
types: [checks_requested]
defaults:
run:
shell: bash -x -e -u -o pipefail {0}
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: "recursive"
- uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: "pip"
- run: pip install -r requirements-dev.txt
- run: ./ci/scripts/static_checks.sh
# For pull requests and merge_group events, trufflehog only runs on the diff between the base and head branches.
# For `push` events, (i.e., post-merge tests), we run trufflehog on the entire main branch by setting the base to
# ''. For some reason, the default behavior doesn't work well with the merge_group event, so we need to set these
# manually.
- uses: trufflesecurity/trufflehog@main
with:
path: ./
base: ${{ github.event_name != 'push' && github.event.repository.default_branch || '' }}
head: HEAD
extra_args: --only-verified
build-bionemo-image:
needs: pre-commit
runs-on: self-hosted-azure-cpu
if: ${{ !contains(github.event.pull_request.labels.*.name, 'SKIP_CI') }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
# This working directory / path business is because our self-hosted runners are not ephemeral VMs, so we
# isolate each build into their own folder. Note that these are not currently cleaned up, so that will need to
# be automated in the future.
path: ${{ github.run_id }}
submodules: "recursive"
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker Metadata
id: metadata
uses: docker/metadata-action@v5
with:
images: nemoci.azurecr.io/bionemo
labels: nemo.library=bionemo
tags: |
type=schedule
type=ref,event=branch
type=ref,event=tag
type=ref,event=pr
type=raw,value=${{ github.run_id }}
# This action sets up our cache-from and cache-to flags appropriately; see the README of this action for more
# info. It doesn't seem to cache correctly for merge_group events, so we need to add that as an extra argument in
# the step below. There's probably a slight optimization to be had here by caching from the pr- caches for
# merge_group events. See https://github.com/int128/docker-build-cache-config-action/issues/1005 for more info.
- uses: int128/docker-build-cache-config-action@v1
id: cache
with:
image: nemoci.azurecr.io/bionemo/build-cache
pull-request-cache: true
- name: Build and push
uses: docker/build-push-action@v5
with:
file: ${{ github.run_id }}/Dockerfile
context: ${{ github.run_id }}/
push: true
tags: ${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
cache-from: |
${{ steps.cache.outputs.cache-from }}
${{ github.event_name == 'merge_group' && 'nemoci.azurecr.io/bionemo/build-cache:main' || '' }}
cache-to: ${{ steps.cache.outputs.cache-to }}
run-tests:
needs: build-bionemo-image
runs-on: self-hosted-nemo-gpus-1
defaults:
run:
working-directory: ./${{ github.run_id }}
container:
image: nemoci.azurecr.io/bionemo:${{ github.run_id }}
options: --gpus all
# We mount the cache directory to avoid downloading the test data every run. Note that this only works because our
# VMs are not ephemeral, otherwise we'd need to cache the data somewhere that persists between runs.
volumes:
- /home/azureuser/actions-runner-bionemo/cache:/github/home/.cache
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
path: ${{ github.run_id }}
- name: Run tests
# Tests in this stage generate code coverage metrics for the repository
# Coverage data is uploaded to Codecov in subsequent stages
env:
BIONEMO_DATA_SOURCE: ngc
run: ./ci/scripts/run_pytest.sh --no-nbval --skip-slow
- name: Run slow tests
if: |
github.event_name == 'merge_group' ||
(github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'INCLUDE_SLOW_TESTS'))
env:
BIONEMO_DATA_SOURCE: ngc
run: pytest -m "slow" sub-packages/
- name: Run notebook tests
if: |
github.event_name == 'merge_group' ||
(github.event_name == 'pull_request' &&
contains(github.event.pull_request.labels.*.name, 'INCLUDE_NOTEBOOKS_TESTS'))
env:
BIONEMO_DATA_SOURCE: ngc
run: pytest --nbval-lax -p no:python docs/ sub-packages/
- name: Upload coverage to Codecov
# Don't run coverage on merge queue CI to avoid duplicating reports
# to codecov. See https://github.com/matplotlib/napari-matplotlib/issues/155
if: github.event_name != 'merge_group'
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
working-directory: ${{ github.run_id }}
- name: Upload test results to Codecov
# Don't run coverage on merge queue CI to avoid duplicating reports
# to codecov. See https://github.com/matplotlib/napari-matplotlib/issues/155
if: ${{ !cancelled() && github.event_name != 'merge_group' }}
uses: codecov/test-results-action@v1
with:
token: ${{ secrets.CODECOV_TOKEN }}
working-directory: ${{ github.run_id }}
# Again, because our VMs are not ephemeral, we need to clean up the image after the tests are done. Otherwise `docker
# images list` will get very cluttered and we'll run out of disk space on these runners.
clean-up:
needs: run-tests
runs-on: self-hosted-nemo-gpus-1
if: ${{ success() || failure() }}
steps:
- name: clean up image
run: docker rmi nemoci.azurecr.io/bionemo:${{ github.run_id }}
# TODO: exclude tests from base image; run tests from github workspace mounted in the image.
# TODO: figure out way of cleaning up working directory (requires sudo or for us to fix file ownership from release container)