diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dd0d1ce..70e01a1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,7 +7,7 @@ on: pull_request: env: - DEFAULT_BASE_IMAGE: ubuntu:jammy + DEFAULT_BASE_IMAGE: ubuntu:noble jobs: version: @@ -18,8 +18,8 @@ jobs: version-changed: ${{ steps.version-metadata.outputs.changed }} new-version: ${{ steps.version-metadata.outputs.newVersion }} steps: - - uses: actions/checkout@v4 - - uses: Quantco/ui-actions/version-metadata@v1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: Quantco/ui-actions/version-metadata@cd71d2a0e30b25569f6d723e57acca83347e58fc # v1.0.18 id: version-metadata with: file: Dockerfile @@ -39,31 +39,24 @@ jobs: fail-fast: false matrix: base-image: + # https://hub.docker.com/_/debian - debian:bookworm-slim # 12 - debian:bookworm # 12 - debian:bullseye-slim # 11 - debian:bullseye # 11 + # https://hub.docker.com/_/ubuntu + - ubuntu:plucky # 25.04 + - ubuntu:oracular # 24.10 - ubuntu:noble # 24.04 - - ubuntu:mantic # 23.10 - ubuntu:jammy # 22.04 - ubuntu:focal # 20.04 - - nvidia/cuda:12.3.1-base-ubuntu22.04 - - nvidia/cuda:12.3.1-base-ubuntu20.04 - - nvidia/cuda:12.2.2-base-ubuntu22.04 - - nvidia/cuda:12.2.2-base-ubuntu20.04 - - nvidia/cuda:12.1.1-base-ubuntu22.04 - - nvidia/cuda:12.1.1-base-ubuntu20.04 - - nvidia/cuda:11.8.0-base-ubuntu22.04 - - nvidia/cuda:11.8.0-base-ubuntu20.04 - - nvidia/cuda:11.7.1-base-ubuntu22.04 - - nvidia/cuda:11.7.1-base-ubuntu20.04 - - nvidia/cuda:11.6.2-base-ubuntu20.04 - - nvidia/cuda:11.4.3-base-ubuntu20.04 - - nvidia/cuda:11.3.1-base-ubuntu20.04 - - nvidia/cuda:11.2.2-base-ubuntu20.04 + # https://hub.docker.com/r/nvidia/cuda + - nvidia/cuda:12.6.3-base-ubuntu24.04 + - nvidia/cuda:12.6.3-base-ubuntu22.04 + - nvidia/cuda:12.6.3-base-ubuntu20.04 steps: - name: Checkout source - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set image variables id: image-variables env: @@ -76,8 +69,9 @@ jobs: code_names = { "22.04": "jammy", "20.04": "focal", - "23.10": "mantic", "24.04": "noble", + "24.10": "oracular", + "25.05": "plucky" } ubuntu_version_number = base_image.split("-ubuntu")[-1] base_tag = base_image.split(":")[-1] @@ -97,7 +91,7 @@ jobs: shell: python - name: Get docker metadata id: metadata - uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 + uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1 with: images: |- ghcr.io/prefix-dev/pixi @@ -112,16 +106,16 @@ jobs: type=semver,pattern={{version}},enable=${{ steps.image-variables.outputs.is-default }},value=${{ needs.version.outputs.new-version }},priority=800 type=semver,pattern={{version}}-${{ steps.image-variables.outputs.tag }},value=${{ needs.version.outputs.new-version }},priority=500 - name: Setup docker buildx - uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Login to GHCR - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build Docker images id: build - uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 + uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0 with: # provenance: false is needed to avoid unkown/unknown os/arch on ghcr # see: https://github.com/docker/build-push-action/issues/820 @@ -132,7 +126,7 @@ jobs: BASE_IMAGE=${{ matrix.base-image }} tags: ${{ steps.metadata.outputs.tags }} labels: ${{ steps.metadata.outputs.labels }} - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: ${{ steps.image-variables.outputs.tag }} path: ${{ steps.metadata.outputs.bake-file }} @@ -152,18 +146,18 @@ jobs: release: needs: [version, build] - runs-on: ubuntu-22.04 + runs-on: ubuntu-latest permissions: contents: write if: needs.version.outputs.push == 'true' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Push ${{ needs.version.outputs.new-version }} tag run: | git tag ${{ needs.version.outputs.new-version }} git push origin ${{ needs.version.outputs.new-version }} - name: Create release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2.2.1 with: generate_release_notes: true tag_name: ${{ needs.version.outputs.new-version }} diff --git a/.github/workflows/bump.yml b/.github/workflows/bump.yml index c7016c7..1011958 100644 --- a/.github/workflows/bump.yml +++ b/.github/workflows/bump.yml @@ -13,7 +13,7 @@ jobs: contents: write pull-requests: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Assert latest pixi version is mentioned in README id: bump @@ -27,7 +27,7 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Create pull request - uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f + uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.6.0 if: github.ref_name == 'main' with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/README.md b/README.md index 1cac6dc..adeee35 100644 --- a/README.md +++ b/README.md @@ -15,10 +15,10 @@ docker pull ghcr.io/prefix-dev/pixi:latest There are different tags for different base images available: -- `latest` - based on `ubuntu:jammy` +- `latest` - based on `ubuntu:noble` - `focal` - based on `ubuntu:focal` - `bullseye` - based on `debian:bullseye` -- `jammy-cuda-12.2.2` - based on `nvidia/cuda:12.2.2-jammy` +- `noble-cuda-12.6.3` - based on `nvidia/cuda:12.6.3-ubuntu24.04` - ... and more ## Usage with shell-hook @@ -27,7 +27,7 @@ The following example uses the pixi docker image as a base image for a multi-sta It also makes use of the `shell-hook` feature of pixi to define a convenient entry point (after executing the `shell-hook` script, the environment is activated. ```Dockerfile -FROM ghcr.io/prefix-dev/pixi:0.18.0 AS build +FROM ghcr.io/prefix-dev/pixi:0.40.0 AS build # copy source code, pixi.toml and pixi.lock to the container COPY . /app @@ -43,7 +43,7 @@ RUN pixi shell-hook -e prod > /shell-hook.sh # extend the shell-hook script to run the command passed to the container RUN echo 'exec "$@"' >> /shell-hook.sh -FROM ubuntu:22.04 AS production +FROM ubuntu:24.04 AS production # only copy the production environment into prod container # please note that the "prefix" (path) needs to stay the same as in the build container @@ -65,17 +65,17 @@ There are images based on `ubuntu`, `debian` and `nvidia/cuda` available. ### Ubuntu -The `ubuntu:jammy` (22.04) based image is the default base image. It is used for the `latest` and `0.x.y` tag. +The [`ubuntu:noble`](https://hub.docker.com/_/ubuntu) (24.04) based image is the default base image. It is used for the `latest` and `0.x.y` tag. -There are also images based on `ubuntu:focal` (20.04), `ubuntu:mantic` (23.10) and `ubuntu:noble` (24.04) available. +There are also images based on `ubuntu:focal` (20.04), `ubuntu:jammy` (22.04), `ubuntu:oracular` (24.10) and `ubuntu:plucky` (25.04) available. These images use the tags `focal`, `0.x.y-focal`, ... ### Debian -Images based on `debian:bullseye`, `debian:bullseye-slim` (11), `debian:bookworm` and `debian:bookworm-slim` (12) are available. +Images based on [`debian:bullseye`](https://hub.docker.com/_/debian), `debian:bullseye-slim` (11), `debian:bookworm` and `debian:bookworm-slim` (12) are available. These images have the tags `bullseye`, `0.x.y-bullseye`, ... ### NVIDIA/CUDA -Images based on `nvidia/cuda` are available using the tags `cuda--jammy`, `cuda--focal`, `0.x.y-cuda--jammy`, ... +Images based on [`nvidia/cuda`](https://hub.docker.com/r/nvidia/cuda) are available using the tags `cuda--jammy`, `cuda--focal`, `0.x.y-cuda--jammy`, ...