Merge pull request #705 from atlanhq/APP-7913

Aryamanz29 · web-flow · commit 6606b3508317 · 2025-08-22T18:28:44.000+05:30
[ci] Added workflow for `pyatlan-wolfi-base` image build
diff --git a/.github/workflows/pyatlan-wolfi-base.yaml b/.github/workflows/pyatlan-wolfi-base.yaml
@@ -0,0 +1,171 @@
+name: Build Pyatlan Wolfi Base Image
+
+on:
+  workflow_dispatch:
+    inputs:
+      build_type:
+        description: 'Build type (dev uses amd64 only, release uses amd64+arm64)'
+        required: true
+        default: 'dev'
+        type: choice
+        options:
+          - 'dev'
+          - 'release'
+      python_version:
+        description: 'Python version (leave empty for 3.13)'
+        required: false
+        type: choice
+        options:
+          - ''
+          - '3.9'
+          - '3.10'
+          - '3.11'
+          - '3.12'
+          - '3.13'
+      pyatlan_version:
+        description: 'Pyatlan version (leave empty to use version.txt ie: latest)'
+        required: false
+        type: string
+
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Need full history for commit hash
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set build parameters
+        id: set-params
+        run: |
+          # Set Python version (default to 3.13 if empty)
+          if [ -z "${{ github.event.inputs.python_version }}" ]; then
+            PYTHON_VERSION="3.13"
+          else
+            PYTHON_VERSION="${{ github.event.inputs.python_version }}"
+          fi
+          echo "PYTHON_VERSION=$PYTHON_VERSION" >> $GITHUB_ENV
+          
+          # Set Pyatlan version (default to version.txt if empty)
+          if [ -z "${{ github.event.inputs.pyatlan_version }}" ]; then
+            PYATLAN_VERSION=$(cat pyatlan/version.txt)
+            echo "Using pyatlan version from version.txt: $PYATLAN_VERSION"
+          else
+            PYATLAN_VERSION="${{ github.event.inputs.pyatlan_version }}"
+            echo "Using specified pyatlan version: $PYATLAN_VERSION"
+          fi
+          echo "PYATLAN_VERSION=$PYATLAN_VERSION" >> $GITHUB_ENV
+          
+          # Set platforms based on build type
+          if [ "${{ github.event.inputs.build_type }}" = "dev" ]; then
+            PLATFORMS="linux/amd64"
+          else
+            PLATFORMS="linux/amd64,linux/arm64"
+          fi
+          echo "PLATFORMS=$PLATFORMS" >> $GITHUB_ENV
+          
+          # Generate commit hash for dev builds
+          COMMIT_HASH=$(git rev-parse --short HEAD)
+          echo "COMMIT_HASH=$COMMIT_HASH" >> $GITHUB_ENV
+          
+          echo "Build parameters:"
+          echo "  - Build Type: ${{ github.event.inputs.build_type }}"
+          echo "  - Python Version: $PYTHON_VERSION"
+          echo "  - Pyatlan Version: $PYATLAN_VERSION"
+          echo "  - Platforms: $PLATFORMS"
+          echo "  - Commit Hash: $COMMIT_HASH"
+
+      - name: Generate image tags
+        id: generate-tags
+        run: |
+          BUILD_TYPE="${{ github.event.inputs.build_type }}"
+          PYTHON_VERSION="${{ env.PYTHON_VERSION }}"
+          PYATLAN_VERSION="${{ env.PYATLAN_VERSION }}"
+          COMMIT_HASH="${{ env.COMMIT_HASH }}"
+          
+          if [ "$BUILD_TYPE" = "dev" ]; then
+            # Dev: 8.0.0-3.11-commithash
+            IMAGE_TAG="${PYATLAN_VERSION}-${PYTHON_VERSION}-${COMMIT_HASH}"
+          else
+            # Release: 8.0.0-3.11
+            IMAGE_TAG="${PYATLAN_VERSION}-${PYTHON_VERSION}"
+          fi
+          
+          echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
+          
+          echo "Generated image tag: ghcr.io/atlanhq/pyatlan-wolfi-base:$IMAGE_TAG"
+
+      - name: Wait for PyPI availability
+        if: github.event.inputs.pyatlan_version != ''
+        uses: nick-fields/retry@v3
+        with:
+          max_attempts: 5
+          timeout_minutes: 3
+          command: |
+            echo "Checking if pyatlan==${{ env.PYATLAN_VERSION }} is available on PyPI..."
+            if pip index versions pyatlan | grep -q "${{ env.PYATLAN_VERSION }}"; then
+              echo "Package is available on PyPI!"
+              exit 0
+            else
+              echo "Package not available yet. Retrying..."
+              exit 1
+            fi
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile.wolfi
+          platforms: ${{ env.PLATFORMS }}
+          push: true
+          tags: |
+            ghcr.io/atlanhq/pyatlan-wolfi-base:${{ env.IMAGE_TAG }}
+          build-args: |
+            PYTHON_VERSION=${{ env.PYTHON_VERSION }}
+            PYATLAN_VERSION=${{ env.PYATLAN_VERSION }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Output image information
+        run: |
+          echo "## 🐳 Wolfi Docker Image Built Successfully!" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### Image Details:" >> $GITHUB_STEP_SUMMARY
+          echo "- **Base Image:** Wolfi" >> $GITHUB_STEP_SUMMARY
+          echo "- **Build Type:** ${{ github.event.inputs.build_type }}" >> $GITHUB_STEP_SUMMARY
+          echo "- **Python Version:** ${{ env.PYTHON_VERSION }}" >> $GITHUB_STEP_SUMMARY
+          echo "- **Pyatlan Version:** ${{ env.PYATLAN_VERSION }}" >> $GITHUB_STEP_SUMMARY
+          echo "- **Platforms:** ${{ env.PLATFORMS }}" >> $GITHUB_STEP_SUMMARY
+          if [ "${{ github.event.inputs.build_type }}" = "dev" ]; then
+            echo "- **Commit Hash:** ${{ env.COMMIT_HASH }}" >> $GITHUB_STEP_SUMMARY
+          fi
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### Available Tag:" >> $GITHUB_STEP_SUMMARY
+          echo "- \`ghcr.io/atlanhq/pyatlan-wolfi-base:${{ env.IMAGE_TAG }}\`" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### Usage in your Dockerfile:" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`dockerfile" >> $GITHUB_STEP_SUMMARY
+          echo "FROM ghcr.io/atlanhq/pyatlan-wolfi-base:${{ env.IMAGE_TAG }}" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "# Your application code here" >> $GITHUB_STEP_SUMMARY
+          echo "COPY your-package/ /app/" >> $GITHUB_STEP_SUMMARY
+          echo "RUN uv pip install --system -r requirements.txt" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "CMD [\"python\", \"your-app.py\"]" >> $GITHUB_STEP_SUMMARY
+          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi
@@ -0,0 +1,38 @@
+FROM cgr.dev/chainguard/wolfi-base
+
+# Build arguments for configurable versions
+ARG PYTHON_VERSION=3.11
+ARG PYATLAN_VERSION=latest
+
+WORKDIR /app
+
+# Install Python
+RUN apk add python-${PYTHON_VERSION} && \
+    chown -R nonroot:nonroot /app/
+
+# Install uv
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
+
+USER nonroot
+
+# Create uv cache directory with proper permissions
+RUN mkdir -p /home/nonroot/.cache/uv && \
+    chown -R nonroot:nonroot /home/nonroot/.cache
+
+# Install pyatlan from PyPI using uv pip install
+RUN --mount=type=cache,target=/home/nonroot/.cache/uv,uid=65532,gid=65532 \
+    if [ "$PYATLAN_VERSION" = "latest" ]; then \
+        uv pip install --system pyatlan; \
+    else \
+        uv pip install --system pyatlan==$PYATLAN_VERSION; \
+    fi
+
+# Set environment variables
+ENV PYTHONPATH=/app
+ENV PATH="/home/nonroot/.local/bin:${PATH}"
+
+# Default working directory for applications
+WORKDIR /app
+
+# Default command (can be overridden by extending images)
+CMD ["python"]
