Home / Linux / System utilities

GitHub Action for repo2docker

GitHub Action for repo2docker
Information
Category: Linux / System utilities
Watchers: 7
Star: 115
Fork: 19
Last update: May 23, 2022
Resource links
https://github.com/jupyterhub/repo2docker-action

repo2docker GitHub Action

Trigger repo2docker to build a Jupyter enabled Docker image from your GitHub repository and push this image to a Docker registry of your choice. This will automatically attempt to build an environment from configuration files found in your repository in the manner described here.

Read the full docs on repo2docker for more information: https://repo2docker.readthedocs.io

Images generated by this action are automatically tagged with both latest and <SHA> corresponding to the relevant commit SHA on GitHub. Both tags are pushed to the Docker registry specified by the user. If an existing image with the latest tag already exists in your registry, this Action attempts to pull that image as a cache to reduce uncessary build steps.

What Can I Do With This Action?

  • Use repo2docker to pre-cache images for your own BinderHub cluster, or for mybinder.org.

    • You can use this Action to pre-cache Docker images to a Docker registry that you can reference in your repo. For example if you have the file Dockerfile in the binder/ directory relative to the root of your repository with the following contents, this will allow Binder to start quickly by pulling an image you have already built:

      # This is the image that is built and pushed by this Action (replace this with your image name)
FROM myorg/myimage:latest
...
  • Provide a way to Dockerize data science repositories with Jupyter server enabled that you can deploy to VMs, serverless computing or other services that can serve Docker containers as-a-service.
  • Maximize reproducibility by allowing authors, without any prior knowledge of Docker, to build and share containers.

API Reference

See the examples section is very helpful for understanding the inputs and outputs of this Action.

Mandatory Inputs

Exception: if the input parameter NO_PUSH is set to any value, these values become optional.

  • DOCKER_USERNAME: description: Docker registry username
  • DOCKER_PASSWORD: description: Docker registry password

Optional Inputs

  • NOTEBOOK_USER: description: username of the primary user in the image. If this is not specified, this is set to joyvan. NOTE: This value is also overriden with jovyan if the parameters BINDER_CACHE or MYBINDERORG_TAG are provided.
  • IMAGE_NAME: name of the image. Example - myusername/myContainer. If not supplied, this defaults to <DOCKER_USERNAME/GITHUB_REPOSITORY_NAME>.
  • DOCKER_REGISTRY: description: name of the docker registry. If not supplied, this defaults to DockerHub
  • LATEST_TAG_OFF: Setting this variable to any value will prevent your image from being tagged with latest. Note that your image is always tagged with the GitHub commit SHA.
  • ADDITIONAL_TAG: An optional string that specifies the name of an additional tag you would like to apply to the image. Images are already tagged with the relevant GitHub commit SHA.
  • NO_PUSH: Setting this variable to any value will prevent any images from being pushed to a registry. Furthermore, verbose logging will be enabled in this mode. This is disabled by default.
  • BINDER_CACHE: Setting this variable to any value will add the file binder/Dockerfile that references the docker image that was pushed to the registry by this Action. You cannot use this option if the parameter NO_PUSH is set. This is disabled by default.

    • Note: This Action assumes you are not explicitly using Binder to build your dependencies (You are using this Action to build your dependencies). If a directory binder with other files other than Dockerfile or a directory named .binder/ is detected, this step will be aborted. This Action does not support caching images for Binder where dependencies are defined in binder/Dockerfile (if you are defining your dependencies this way, you probably don't need this Action).

      When this parameter is supplied, this Action will add/override binder/Dockerfile in the branch checked out in the Actions runner:

      ### DO NOT EDIT THIS FILE! This Is Automatically Generated And Will Be Overwritten ###
FROM <IMAGE_NAME>
  • MYBINDERORG_TAG: This the Git branch, tag, or commit that you want mybinder.org to proactively build from your repo. This is useful if you wish to reduce startup time on mybinder.org. Your repository must be public for this work, as mybinder.org only works with public repositories.
  • PUBLIC_REGISTRY_CHECK: Setting this variable to any value will validate that the image pushed to the registry is publicly visible.

Outputs

  • IMAGE_SHA_NAME The name of the docker image, which is tagged with the SHA.
  • PUSH_STATUS: This is false if NO_PUSH is provided or true otherwhise.

Examples

mybinder.org

A very popular use case for this Action is to cache builds for mybinder.org. If you desire to cache builds for mybinder.org, you must specify the argument MYBINDERORG_TAG. Some examples of doing this are below:

Cache builds on mybinder.org

Proactively build your environment on mybinder.org for any branch. Alternatively, you can use using GitHub Actions to build an image for BindHub generally, including mybinder.org.

name: Binder
on: [push]

jobs:
  Create-MyBinderOrg-Cache:
    runs-on: ubuntu-latest
    steps:
    - name: cache binder build on mybinder.org
      uses: jupyterhub/[email protected]
      with:
        NO_PUSH: true
        MYBINDERORG_TAG: ${{ github.event.ref }} # This builds the container on mybinder.org with the branch that was pushed on.

Cache Builds On mybinder.org And Provide A Link

Same example as above, but also comment on a PR with a link to the binder environment. Commenting on the PR is optional, and is included here for informational purposes only. In this example the image will only be cached when the pull request is opened but not if the pull request is updated with subsequent commits.

In this example the image will only be cached when the pull request is opened but not if the pull request is updated with subsequent commits.

name: Binder
on:
  pull_request:
    types: [opened, reopened]

jobs:
  Create-Binder-Badge:
    runs-on: ubuntu-latest
    steps:
    - name: cache binder build on mybinder.org
      uses: jupyterhub/[email protected]
      with:
        NO_PUSH: true
        MYBINDERORG_TAG: ${{ github.event.pull_request.head.ref }}

    - name: comment on PR with Binder link
      uses: actions/[email protected]
      with:
        github-token: ${{secrets.GITHUB_TOKEN}}
        script: |
          var BRANCH_NAME = process.env.BRANCH_NAME;
          github.issues.createComment({
            issue_number: context.issue.number,
            owner: context.repo.owner,
            repo: context.repo.repo,
            body: `[![Binder](https://mybinder.org/badge_logo.svg)](https://mybinder.org/v2/gh/${context.repo.owner}/${context.repo.repo}/${BRANCH_NAME}) :point_left: Launch a binder notebook on this branch`
          })
      env:
        BRANCH_NAME: ${{ github.event.pull_request.head.ref }}

Use GitHub Actions To Cache The Build For BinderHub

Instead of forcing mybinder.org to cache your builds, you can optionally build an Docker image with GitHub Actions and push that to a Docker registry, so that any BinderHub instance, including mybinder.org only has to pull the image. This might give you more control than triggering a build directly on mybinder.org like the method illustrated above. In this example, you must supply the secrets DOCKER_USERNAME and DOCKER_PASSWORD so that Actions can push to DockerHub.

In this case, we set BINDER_CACHE to true to enable this option. See the documentation for the parameter BINDER_CACHE in the Optional Inputs section for more information.

name: Test
on: push

jobs:
  binder:
    - name: Checkout Code
      uses: actions/[email protected]
      with:
        ref: ${{ github.event.pull_request.head.sha }}

    - name: update jupyter dependencies with repo2docker
      uses: jupyterhub/[email protected]
      with:
        DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
        DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
        BINDER_CACHE: true
        PUBLIC_REGISTRY_CHECK: true

Push Repo2Docker Image To DockerHub

name: Build Notebook Container
on: [push] # You may want to trigger this Action on other things than a push.
jobs:
  build:
    runs-on: ubuntu-latest
    steps:

    - name: checkout files in repo
      uses: actions/[email protected]

    - name: update jupyter dependencies with repo2docker
      uses: jupyterhub/[email protected]
      with:
        DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
        DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}

Push Image To A Registry Other Than DockerHub

name: Build Notebook Container
on: [push]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:

    - name: checkout files in repo
      uses: actions/[email protected]

    - name: update jupyter dependencies with repo2docker
      uses: jupyterhub/[email protected]
      with: # make sure username & password matches your registry
        DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
        DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
        DOCKER_REGISTRY: "containers.pkg.github.com"

Change Image Name

When you do not provide an image name your image name defaults to DOCKER_USERNAME/GITHUB_REPOSITORY_NAME. For example if the user hamelsmu tried to run this Action from this repo, it would be named hamelsmu/repo2docker-action. However, sometimes you may want a different image name, you can accomplish by providing the IMAGE_NAME parameter as illustrated below:

name: Build Notebook Container
on: [push]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:

    - name: checkout files in repo
      uses: actions/[email protected]

    - name: update jupyter dependencies with repo2docker
      uses: jupyterhub/[email protected]
      with:
        DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
        DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
        IMAGE_NAME: "hamelsmu/my-awesome-image" # this overrides the image name

Test Image Build

You might want to only test the image build withtout pusing to a registry, for example to test a pull request. You can do this by specifying any value for the NO_PUSH parameter:

name: Build Notebook Container
on: [pull_request]

  build-image-without-pushing:
    runs-on: ubuntu-latest
    steps:  
    - name: Checkout PR
      uses: actions/[email protected]
      with:
        ref: ${{ github.event.pull_request.head.sha }}

    - name: test build
      uses: jupyterhub/[email protected]
      with:
        NO_PUSH: 'true'
        IMAGE_NAME: "hamelsmu/repo2docker-test"

When you specify a value for the NO_PUSH parameter, you can omit the otherwhise mandatory parameters DOCKER_USERNAME and DOCKER_PASSWORD.

Contributing To repo2docker-action

See the Contributing Guide.

6 Open More issues
Closed

[Bug] Docker image doesn't get rebuilt when using GitHub Packages

Describe the bug

Here's a clear example of my workflow (.yml configuration below): I have two images getting built together, one for GitHub Packages, the other for Docker Hub. The latter is used for Binder, so this action specifies a value for BINDER_CACHE. If an honest image assembly is visible in the step for Docker Hub, then there is no one in the step for GitHub Packages. See pictures or visit links below for a more detailed view. In this pull request I was going to install TeX dependencies inside the images. In the image for Docker Hub everything is fine, all packages have been installed. In the image for GitHub Packages none of the packages were installed, and it's even difficult to tell which version of the repository this image contains. What is happening in this step is the action pulls the last image from GitHub Packages registry and just updates its tag. There is no real rebuild.

To Reproduce

My current workflow looks like this:

jobs:
  Binder:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout Code
      uses: actions/[email protected]
      with:
        ref: ${{ github.event.pull_request.head.sha }}

    - name: Build and push to GitHub Packages
      uses: jupyterhub/[email protected]
      with:
        DOCKER_USERNAME: ${{ github.actor }}
        DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
        DOCKER_REGISTRY: "docker.pkg.github.com"
        IMAGE_NAME: "paveloom-j/scats.jl/binder"

    - name: Build and push to Docker Hub
      uses: jupyterhub/[email protected]
      with:
        DOCKER_USERNAME: paveloom
        DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
        BINDER_CACHE: true
        COMMIT_MSG: "Binder: update the image tag."
        PUBLIC_REGISTRY_CHECK: true
        IMAGE_NAME: "paveloom/scats.jl-binder"

It's difficult to test, so it's probably better to use existing logs.

Expected behavior

I'd like to see reassembly of the image as it happens with Docker Hub.

Screenshots

GitHub Packages

Docker Hub

Additional context

Logs:

bug 
opened Jul 31, 2020 by Paveloom 16
Closed

MyBinder still builds the image, rather than pulling it

Hello, thanks for this really nice action!
Not sure whether this is a bug with the action or a bug with my usage of it. I've used successfully the action in the past, but I am currently unable to make it work properly with this repo: https://github.com/ENCCS/veloxchem-workshop The workflow including the action goes through and the image is uploaded and publicly visible: https://github.com/orgs/ENCCS/packages/container/package/veloxchem-workshop Nevertheless, MyBinder.org will always rebuild it from scratch, so there must be something wrong in my set up.

bug 
opened Mar 29, 2021 by robertodr 13
Closed

Fixes invalid yaml in README

opened Jul 31, 2020 by arokem 9
Closed

Support testing built image with notebooks and .py files

You can automatically test your built image to make sure package additions or removals do not break your code, allowing you to make changes with confidence. pytest is used to run the tests, and pytest-notebook is used to run any Jupyter Notebooks as tests.

  1. Create a directory named image-tests/ in your GitHub repository.
  2. Any .py files you add inside this directory will be discovered and run with pytest inside the built image after the image has successfully built.
  3. Any Jupyter Notebook (.ipynb) files inside this directory will be run with pytest-notebook, and the notebook is considered to have failed if the outputs of the code execution do not match the outputs already in the notebook. A nice diff of the outputs is shown if they differ. See the pytest-notebook docs for more information.
  4. Optionally, a requirements.txt file inside the image-tests/ directory can list additional libraries installed just for the test.

See https://github.com/2i2c-org/utexas-image/runs/5431256062?check_suite_focus=true for an example of a notebook test that fails.

opened Mar 5, 2022 by yuvipanda 8
Closed

Add the ability to trigger a cache *on a binderhub*

I was thinking about other ways that this action could improve people's workflows with Binder, and it got me thinking that it could also be used to trigger a build on a specific BinderHub.

For example, once a commit has been pushed to a repository, all that needs to happen is for somebody to hit https://<mybinderhub.org>/v2/gh/org/repo/master, and it will trigger the repository to both build and cache with that BinderHub's Docker registry. Is there a way to have a GitHub action "visit" a specific URL to automatically trigger this build?

This could be a cleaner way to handle repositories that are expected to run on a specific BinderHub (like mybinder.org), and also doesn't require any manual interaction with a Docker registry (since that would be done by the BinderHub)

Perhaps this is an action that we should host in the jupyterhub repository, since it's more BinderHub-specific? I'd be happy to try implementing it myself if you could point me in the right direction, or to review a PR / repo that someone else creates.

feature_request 
opened Jun 24, 2020 by choldgraf 8
Closed

"[skip-test]"

Building Notebook 
opened Nov 4, 2019 by hamelsmu 7
Open

Adjust time limit for triggering mybinder

We use this action once a week to trigger mybinder and therefore to cache the builds. Lately, our action ends with the timeout error curl: (28) Operation timed out after 900000 milliseconds with 423286 bytes received. The full output can be found here.

Is it possible to adjust the maximum time allowed using a user input? CC @ranocha

opened Apr 5, 2022 by bennibolm 1
Open

Provide just docker tag as an output too

Very helpful when trying to auto-update helm charts, as they take the tag and the image separately

opened Mar 29, 2022 by yuvipanda 0
Open

Include a reference to the source repository inside the image

Context on the use-case Currently, there's no "quick" way to ask "where is the repository that defined the current user image" for images built from this action. This would be very useful for debugging or understanding the user environment for a JupyterHub.

Describe the solution you'd like To be able to list the location of the image's source files from within the user image. For example, either:

  • A menu-dropdown in JupyterLab or an entry in the JupyterHub admin page that would have a link like: Link to user image repository.
  • An environment variable I could grab like os.environ["USER_IMAGE_SOURCE"]

This would make it much quicker to figure out where source image files are located, which would make it faster / simpler to debug.

Implementation ideas

Binder already does something like this, and it is very useful. For example, in the classic notebook interface:

image

and in lab:

image

(I'm not sure where this is implemented though)

enhancement 
opened Mar 14, 2022 by choldgraf 3
Open

Add shellcheck action to lint bash

null

opened Mar 5, 2022 by yuvipanda 3
Open

nbgitpuller cannot pull from github to docker hub image

Describe the bug I'm currently using an environment repo and a content repo as per this discussion and tried your docker hub action to save the environment repo to docker hub.

When running https://mybinder.org/v2/gh/codema-dev/projects-sandbox/main?urlpath=git-pull%3Frepo%3Dhttps%253A%252F%252Fgithub.com%252Fcodema-dev%252Fprojects%26urlpath%3Dlab%252Ftree%252Fprojects%252Fbinder.ipynb%26branch%3Dmain pulling the environment image from docker hub mybinder.org build failed with

image

(see here for more information)

I've reverted back to code used from here before pushing to docker hub and once again it runs fine - https://github.com/codema-dev/projects

To Reproduce Steps to reproduce the behavior:

  1. Push an environment repo to docker hub by saving this action in .github/workflows.binder.yaml
name: Binder
on: [push]

jobs:
  binder:
    runs-on: ubuntu-latest
    environment: docker
    steps:
    - name: Checkout Code
      uses: actions/[email protected]
      with:
        ref: ${{ github.event.pull_request.head.sha }}

    - name: update jupyter dependencies with repo2docker
      uses: jupyterhub/[email protected]
      with:
        DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
        DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
        BINDER_CACHE: true
        PUBLIC_REGISTRY_CHECK: true
  1. Generate a binder link on the environment repo and on the content repo here
  2. Click the binder link

Expected behavior nbgitpuller pulls from the content repo as expected

Thanks a lot for all your work on this action, Binder has been a life saver in opening up our work to the wider public!

bug 
opened Oct 15, 2021 by rdmolony 3
Open

Explicit permissions for GITHUB_TOKEN

This repo has various workflows, both for itself and draft_workflows which is new to me what it means.

I'd like for this issue to represent the need to explicitly specify what permissions we need for the GITHUB_TOKEN in these workflow, so that we can default to readonly on an org level.

These permission are specified at the job level, for more details, see https://github.com/jupyterhub/team-compass/issues/404

opened Apr 22, 2021 by consideRatio 1

0.2(Jul 7, 2020)

0.3(Jul 14, 2020)

Bug fix for binder cache Improved logging for debugging

0.1(Jun 6, 2020)

Contents

    zhenyingfang Temporal Action Detection & Weakly Supervised Temporal Action Detection & Temporal Action Proposal Generation
    Scalified Floating Action Button Library for Android
    Scalified Floating Action Button Library for Android
    OctopusDeploy GitHub Action to Create a Release in Octopus Deploy
    dtolnay Fast `cargo install` action using a GitHub-based binary cache
    feichtenhofer Code release for "Spatiotemporal Residual Networks for Video Action Recognition", NIPS16 & "Spatiotemporal Multiplier Networks for Video Action Recognition", CVPR17.
    rails Action caching for Action Pack (removed from core in Rails 4.0)
    ayatkevich The simplest action creator for redux
    hustcc :horse_racing: pixi-action is a plugin for Pixi.js to create actions and animations easily, inspired by Cocos2d-x.
    leinardi A Floating Action Button Speed Dial implementation for Android that follows the Material Design specification (https://material.io/components/buttons-floating-action-button#types-of-transitions)
    icepuma rust-action β€” rust github action
    Alvin-Zeng A curated list of temporal action localization/detection and related area (e.g. temporal action proposal) resources.
    kojofosu A dual-function menu button that offers a default action as well as the possibility of choosing a different action by selecting from a set of alternatives.
    SecureStackCo A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.
    graalvm GitHub Action for setting up GraalVM CE.
    invertase A GitHub action to run Dart analyzer with annotation support.
    vn7n24fzkq A tool to generate you github summary card for profile README
    alexandregv GitHub Action for 42 norm
    jessfraz A GitHub action to automatically delete the branch after a pull request has been merged.
    mikepenz A GitHub action that builds your release notes / changelog fast, easy and exactly the way you want.
    aliscott GitHub Action for infracost
    Share this repo

    Related Repos


    System utilities
    24
    Files used for reproducing Fuzzware's experiments
    fuzzware-fuzzer Fuzzware Experiments This directory contains the data required to reproduce the experiments from our USENIX 2022 publication Fuzzware: Using Precise M
     
    System utilities
    25
    Presentation plugin for neovim written in lua
    Chaitanyabsprip Presenting.nvim A Presentation plugin written for Neovim in Lua Installation You can install Present with your plugin manager of choice with packer.nv
     
    System utilities
    3
    Static analysis tool for Go that finds vulnerabilities using SSA (single static assignment...
    bryk-io GitHub Action: GoKart Security Static Analysis GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA (single static assignm
     
    System utilities
    3
    Railway for Alist
    alist-org alist-railway Railway for Alist Usage Fork this repo Open Railway and click New Object Choose the repo that you forked and select the mysql branch Add
     
    System utilities
    19
    Basic Recon For Bug Bounty Hunter - "HuntTheBug" is Basic Scripts For Sub Domain Enumerati...
    vikrantbatra05 Basic Recon For Bug Bounty Hunter - "HuntTheBug" is Basic Scripts For Sub Domain Enumeration> Live Domain Enumeration > Sub Domain Hijack > URL + JavaScript Scan > Dir Brute Forcing > Open Port Check With Telegram Bot Notification
     
    System utilities
    84
    Extensible Neovim Scrollbar
    petertriho nvim-scrollbar Extensible Neovim Scrollbar 🚧 WORK IN PROGRESS 🚧 This is a work in progress and breaking changes to the setup/config could occur in t
     
    System utilities
    5
    😎😘 Free Windows 11 VPS for 4 Hours ! Easy Method!
    kmille36 Windows 11 RDP Here this tutorial using Azure Cloud Shell to create Virtual Machine on Microsoft Learn Sandbox. 😎 Its Four Hours RDP Completely Free
     
    System utilities
    3
    My configuraion files
    3Kevi Welcome! Here you can find my Void Linux dotfiles. Overview OS: Void Window manager: bspwm Terminal: kitty Shell: zsh Bar: Polybar Compositor: picom P
     
    System utilities
    3
    An especially small & quick & simple Algolia docsearch Indices upload action
    guzhongren algolia-docsearch-upload-action An especially small & quick & simple Algolia docsearch Indices upload action Usage - name: Algolia Docsearch Uploa
     
    System utilities
    35
    A simple and transparent alternative to boot2docker (backed by Vagrant)
    shyiko docker-vm The easiest way to get started with Docker on Mac OS X (tested on OS X Yosemite 10.10.1) and Windows (tested on Windows 10 Pro Insider Previ
     
    System utilities
    518
    GitOps powered K8s app suite with developer self-service
    redkubes Shift left with Otomi Otomi makes developers self-serving and helps DevOps teams to guarantee application security and availability at the earliest st
     
    System utilities
    102
    Awesome Bug bounty builder Project
    0xJin Awesome Bug Bounty Builder Β―\(ツ)/Β― Awesome Bug bounty builder Project - ALL common Tools for find your Vulnerabilities. Tested on Debian. Installation
     
    System utilities
    2
    Ready-to-use VSCode setup to preview/convert markdown documents
    logwolvy Ready-to-use VSCode setup to preview/convert markdown documents
     
    System utilities
    6.1k
    Testing TLS/SSL encryption anywhere on any port
    drwetter Testing TLS/SSL encryption anywhere on any port
     
    System utilities
    519
    Vegile - Ghost In The Shell
    Screetsec Vegile is a tool for Post exploitation Techniques in linux. Post Exploitation techniques will ensure that we maintain some level of access and can potentially lead to deeper footholds into our targets trusted network.