diff --git a/.github/workflows/build-gpu-cuda.yml b/.github/workflows/build-gpu-cuda.yml index 2f6dd7c..8f4d1a9 100644 --- a/.github/workflows/build-gpu-cuda.yml +++ b/.github/workflows/build-gpu-cuda.yml @@ -1,18 +1,17 @@ -name: Build and Push to AWS ECR Public - +name: Build and Push GPU CUDA Image on: push: branches: - master paths: - 'gpu-cuda/**' - - '.github/workflows/build-gpu-cuda.yml' + - '.github/workflows/build.yml' pull_request: branches: - master paths: - 'gpu-cuda/**' - - '.github/workflows/build-gpu-cuda.yml' + - '.github/workflows/build.yml' workflow_dispatch: inputs: tag: @@ -20,100 +19,8 @@ on: required: false default: 'latest' -env: - AWS_REGION: us-east-1 - REPOSITORY_NAME: jupyter-docker - IMAGE_NAME: codio/codio-jupyter - TAG_PREFIX: gpu-cuda - ECR_REGISTRY: public.ecr.aws/o0g3m8o6 - jobs: - build-and-push: - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - - steps: - - name: Checkout code - uses: actions/checkout@v6 - with: - fetch-depth: 0 - - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@main - with: - aws-region: us-east-1 - role-to-assume: arn:aws:iam::878986216776:role/Github/GithubECRPublicUploadRole_${{ env.REPOSITORY_NAME }} - role-session-name: GithubAction - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 - with: - registry-type: public - - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Create and use a new builder instance - run: | - docker buildx create --name ga-builder --use - - - name: Set image tags - id: meta - run: | - ECR_REGISTRY="${{ env.ECR_REGISTRY }}" - SHA_SHORT=${{ env.TAG_PREFIX }}-$(echo ${{ github.sha }} | cut -c1-7) - - if [ "${{ github.event_name }}" == "pull_request" ]; then - IMAGE_TAG="${{ env.TAG_PREFIX }}-${{ github.event.pull_request.head.ref }}" - else - IMAGE_TAG="${{ env.TAG_PREFIX }}-${{ github.event.inputs.tag || 'latest' }}" - TIMESTAMP=${{ env.TAG_PREFIX }}-$(date +%Y%m%d) - echo "timestamp=${TIMESTAMP}" >> $GITHUB_OUTPUT - fi - - echo "ecr_registry=${ECR_REGISTRY}" >> $GITHUB_OUTPUT - echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT - echo "sha_short=${SHA_SHORT}" >> $GITHUB_OUTPUT - - TAGS="${ECR_REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG},${ECR_REGISTRY}/${IMAGE_NAME}:${SHA_SHORT}" - - if [ "${{ github.event_name }}" != "pull_request" ]; then - TAGS="${TAGS},${ECR_REGISTRY}/${IMAGE_NAME}:${TIMESTAMP}" - fi - - echo "tags=${TAGS}" >> $GITHUB_OUTPUT - - - name: Build and push Docker image - uses: docker/build-push-action@v6 - timeout-minutes: 30 - with: - context: ./gpu-cuda - push: true - tags: ${{ steps.meta.outputs.tags }} - builder: ga-builder - cache-from: type=registry,ref=${{ steps.meta.outputs.ecr_registry }}/${{ env.IMAGE_NAME }}:cache - cache-to: type=registry,mode=max,image-manifest=true,oci-mediatypes=true,ref=${{ steps.meta.outputs.ecr_registry }}/${{ env.IMAGE_NAME }}:cache - - - name: Image summary - run: | - { - echo "### Docker Image Published :rocket:" - echo "event name: ${{ github.event_name }}" - echo "" - echo "**Registry:** ${{ steps.meta.outputs.ecr_registry }}" - echo "**Image:** ${IMAGE_NAME}" - echo "" - echo "**Tags:**" - echo "- \`${{ steps.meta.outputs.image_tag }}\`" - echo "- \`${{ steps.meta.outputs.timestamp || 'Timestamp tag is not available for PR' }}\`" - echo "- \`${{ steps.meta.outputs.sha_short }}\`" - echo "" - echo "**Pull command:**" - echo "\`\`\`bash" - echo "docker pull ${{ steps.meta.outputs.ecr_registry }}/${IMAGE_NAME}:${{ steps.meta.outputs.image_tag }}" - echo "\`\`\`" - } | tee -a $GITHUB_STEP_SUMMARY + call-build: + uses: ./.github/workflows/build.yml + with: + prefix: gpu-cuda diff --git a/.github/workflows/build-standard.yml b/.github/workflows/build-standard.yml new file mode 100644 index 0000000..296afc5 --- /dev/null +++ b/.github/workflows/build-standard.yml @@ -0,0 +1,26 @@ +name: Build and Push Standard Image +on: + push: + branches: + - master + paths: + - 'standard/**' + - '.github/workflows/build.yml' + pull_request: + branches: + - master + paths: + - 'standard/**' + - '.github/workflows/build.yml' + workflow_dispatch: + inputs: + tag: + description: 'Image tag' + required: false + default: 'latest' + +jobs: + call-build: + uses: ./.github/workflows/build.yml + with: + prefix: standard diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..e4d8f7c --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,105 @@ +name: Common Build + +on: + workflow_call: + inputs: + prefix: + required: true + type: string + +env: + AWS_REGION: us-east-1 + REPOSITORY_NAME: jupyter-docker + IMAGE_NAME: codio/codio-jupyter + ECR_REGISTRY: public.ecr.aws/o0g3m8o6 + +jobs: + build-and-push: + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + + steps: + - name: Checkout code + uses: actions/checkout@v6 + with: + fetch-depth: 0 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@main + with: + aws-region: us-east-1 + role-to-assume: arn:aws:iam::878986216776:role/Github/GithubECRPublicUploadRole_${{ env.REPOSITORY_NAME }} + role-session-name: GithubAction + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + with: + registry-type: public + + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Create and use a new builder instance + run: | + docker buildx create --name ga-builder --use + + - name: Set image tags + id: meta + run: | + ECR_REGISTRY="${{ env.ECR_REGISTRY }}" + SHA_SHORT=${{ inputs.prefix }}-$(echo ${{ github.sha }} | cut -c1-7) + + if [ "${{ github.event_name }}" == "pull_request" ]; then + IMAGE_TAG="${{ inputs.prefix }}-${{ github.event.pull_request.head.ref }}" + else + IMAGE_TAG="${{ inputs.prefix }}-${{ github.event.inputs.tag || 'latest' }}" + TIMESTAMP=${{ inputs.prefix }}-$(date +%Y%m%d) + echo "timestamp=${TIMESTAMP}" >> $GITHUB_OUTPUT + fi + + echo "ecr_registry=${ECR_REGISTRY}" >> $GITHUB_OUTPUT + echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT + echo "sha_short=${SHA_SHORT}" >> $GITHUB_OUTPUT + + TAGS="${ECR_REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG},${ECR_REGISTRY}/${IMAGE_NAME}:${SHA_SHORT}" + + if [ "${{ github.event_name }}" != "pull_request" ]; then + TAGS="${TAGS},${ECR_REGISTRY}/${IMAGE_NAME}:${TIMESTAMP}" + fi + + echo "tags=${TAGS}" >> $GITHUB_OUTPUT + + - name: Build and push Docker image + uses: docker/build-push-action@v6 + timeout-minutes: 30 + with: + context: ./${{ inputs.prefix }} + push: true + tags: ${{ steps.meta.outputs.tags }} + builder: ga-builder + cache-from: type=registry,ref=${{ steps.meta.outputs.ecr_registry }}/${{ env.IMAGE_NAME }}:cache + cache-to: type=registry,mode=max,image-manifest=true,oci-mediatypes=true,ref=${{ steps.meta.outputs.ecr_registry }}/${{ env.IMAGE_NAME }}:cache + + - name: Image summary + run: | + { + echo "### Docker Image Published :rocket:" + echo "event name: ${{ github.event_name }}" + echo "" + echo "**Registry:** ${{ steps.meta.outputs.ecr_registry }}" + echo "**Image:** ${IMAGE_NAME}" + echo "" + echo "**Tags:**" + echo "- \`${{ steps.meta.outputs.image_tag }}\`" + echo "- \`${{ steps.meta.outputs.timestamp || 'Timestamp tag is not available for PR' }}\`" + echo "- \`${{ steps.meta.outputs.sha_short }}\`" + echo "" + echo "**Pull command:**" + echo "\`\`\`bash" + echo "docker pull ${{ steps.meta.outputs.ecr_registry }}/${IMAGE_NAME}:${{ steps.meta.outputs.image_tag }}" + echo "\`\`\`" + } | tee -a $GITHUB_STEP_SUMMARY diff --git a/README.md b/README.md index e7336d9..c6953b6 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ # jupyter-docker -Docker images build for jupyter environments usind in sandboxes +Docker images build for jupyter environments using in jupyter sandboxes. + +Images are compatible with Jupyter original images diff --git a/gpu-cuda/README.md b/gpu-cuda/README.md index fa9c005..fe09496 100644 --- a/gpu-cuda/README.md +++ b/gpu-cuda/README.md @@ -14,20 +14,9 @@ Docker image for Jupyter Notebook with PyTorch CUDA support and LLM/Data Science ## GitHub Actions Setup -### AWS IAM Role Configuration -The workflow uses OIDC to authenticate with AWS. Ensure you have: -1. An IAM role named `GithubECRUploadRole_jupyter-docker` in account `878986216776` -2. Trust relationship configured for GitHub OIDC provider -3. Permissions to push to ECR Public - -### GitHub Secrets -Add this secret to your repository (Settings → Secrets and variables → Actions): -- `ECR_REGISTRY` - Your ECR public registry URL (e.g., `public.ecr.aws/your-alias`) - ### Workflow Triggers -- Push to `master` or `main` branch with changes in `gpu/` directory -- Pull requests (builds but doesn't push) -- Manual trigger via workflow_dispatch +- Push to `master` branch with changes in `gpu-cuda/` directory +- Pull requests (excludes timestamped tags) ## Running the Image @@ -35,16 +24,16 @@ Add this secret to your repository (Settings → Secrets and variables → Actio ```bash docker run --gpus all -p 8888:8888 \ -v $(pwd)/notebooks:/home/jovyan/work \ - public.ecr.aws/your-alias/jupyter-gpu:latest + public.ecr.aws/o0g3m8o6/codio-jupyter:gpu-cuda-latest ``` ### Pull from ECR ```bash # Pull image -docker pull public.ecr.aws/your-alias/jupyter-gpu:latest +docker pull public.ecr.aws/o0g3m8o6/codio-jupyter:gpu-cuda-latest # Or use specific version -docker pull public.ecr.aws/your-alias/jupyter-gpu:20260120-123456 +docker pull public.ecr.aws/o0g3m8o6/codio-jupyter:gpu-cuda-20260120 ``` ## Local Development @@ -52,14 +41,14 @@ docker pull public.ecr.aws/your-alias/jupyter-gpu:20260120-123456 ### Build locally ```bash cd gpu -docker build -t jupyter-gpu:latest . +docker build -t codio-jupyter:gpu-cuda-latest . ``` ### Test locally ```bash docker run --gpus all -p 8888:8888 \ -v $(pwd)/notebooks:/home/jovyan/work \ - jupyter-gpu:latest + codio-jupyter:gpu-cuda-latest ``` ## Customization diff --git a/standard/Dockerfile b/standard/Dockerfile new file mode 100644 index 0000000..9189b49 --- /dev/null +++ b/standard/Dockerfile @@ -0,0 +1,20 @@ +FROM quay.io/jupyter/base-notebook:x86_64-python-3.13 + +USER root + +# Install system dependencies +RUN apt-get update && apt-get install -y \ + git \ + wget \ + build-essential \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +USER ${NB_UID} + +# Copy requirements and install Python packages +COPY --chown=${NB_UID}:${NB_GID} requirements.txt /tmp/ +RUN pip install --no-cache-dir -r /tmp/requirements.txt + +# Expose Jupyter port +EXPOSE 8888 diff --git a/standard/README.md b/standard/README.md new file mode 100644 index 0000000..207a140 --- /dev/null +++ b/standard/README.md @@ -0,0 +1,47 @@ +# Jupyter GPU Docker Image + +Docker image for Jupyter Notebook. + +## Base Image +- `quay.io/jupyter/base-notebook:latest` + + +### Workflow Triggers +- Push to `master` branch with changes in `standard/` directory +- Pull requests (excludes timestamped tags) + +## Running the Image + +### Local with GPU +```bash +docker run --gpus all -p 8888:8888 \ + -v $(pwd)/notebooks:/home/jovyan/work \ + public.ecr.aws/o0g3m8o6/codio-jupyter:standard-latest +``` + +### Pull from ECR +```bash +# Pull image +docker pull public.ecr.aws/o0g3m8o6/codio-jupyter:standard-latest + +# Or use specific version +docker pull public.ecr.aws/o0g3m8o6/codio-jupyter:standard-20260120 +``` + +## Local Development + +### Build locally +```bash +cd gpu +docker build -t codio-jupyter:standard-latest . +``` + +### Test locally +```bash +docker run --gpus all -p 8888:8888 \ + -v $(pwd)/notebooks:/home/jovyan/work \ + codio-jupyter:standard-latest +``` + +## Customization +Edit `requirements.txt` to add or modify Python packages, then push to trigger the workflow. diff --git a/standard/requirements.txt b/standard/requirements.txt new file mode 100644 index 0000000..95e18fb --- /dev/null +++ b/standard/requirements.txt @@ -0,0 +1,27 @@ + +nbgrader +# Data Science Libraries +pandas +numpy +matplotlib +seaborn +scikit-learn +scipy +statsmodels +sympy +# NLP & LLM Tools +nltk +spacy +tiktoken +einops + +# Jupyter Extensions +ipywidgets +jupyter-contrib-nbextensions + +# Other Utilities +Pillow +requests +pyyaml +python-dotenv +plotly