Audience: maintainers operating CI/CD and release image builds.
SimBoard uses GitHub Actions to build and publish frontend and backend container images to the NERSC container registry.
registry.nersc.gov/e3sm/simboard/backend
registry.nersc.gov/e3sm/simboard/frontend
A NERSC E3SM project robot account is provided to SimBoard administrators for automated registry access.
Configure these secrets in repository Actions settings:
| Secret | Purpose |
|---|---|
NERSC_REGISTRY_USERNAME |
Username for docker login registry.nersc.gov. |
NERSC_REGISTRY_PASSWORD |
Password or token for docker login registry.nersc.gov. |
Test locally:
docker login registry.nersc.govCurrent workflow files and exact trigger filters live under .github/workflows/ on GitHub.
| Workflow | Trigger | Image tags |
|---|---|---|
| Backend dev build | Push to main with backend changes, or manual dispatch |
:dev, :sha-<commit> |
| Frontend dev build | Push to main with frontend changes, or manual dispatch |
:dev, :sha-<commit> |
| Backend release build | Tag matching backend-v* |
:X.Y.Z, :sha-<commit>, :latest |
| Frontend release build | Tag matching frontend-v* |
:X.Y.Z, :sha-<commit>, :latest |
Dev builds: push to main or manual dispatch -> :dev, :sha-<short>
Release builds: component tag -> :X.Y.Z, :sha-<short>, :latest
Dev builds do not modify production images. Release builds do not modify the :dev image.
| Git tag | Component | Image |
|---|---|---|
backend-vX.Y.Z |
Backend | registry.nersc.gov/e3sm/simboard/backend:X.Y.Z |
frontend-vX.Y.Z |
Frontend | registry.nersc.gov/e3sm/simboard/frontend:X.Y.Z |
Use full semantic versions in production for reproducibility. Use :sha-<commit> tags for debugging or precise rollback.
Trigger a manual dev build:
- Open GitHub Actions.
- Select the backend or frontend dev build workflow.
- Click Run workflow.
- Select
main. - Run the workflow.
Verify images:
docker login registry.nersc.gov
docker pull registry.nersc.gov/e3sm/simboard/backend:dev
docker pull registry.nersc.gov/e3sm/simboard/frontend:dev- Verify GitHub Actions secrets are configured.
- Test the same credentials with
docker login registry.nersc.gov. - Confirm the account has push permissions for the
e3sm/simboardregistry namespace.
- Verify changes match the workflow path filters.
- Verify tags follow the component conventions:
backend-vX.Y.Zorfrontend-vX.Y.Z. - Check that GitHub Actions are enabled for the repository.
CI only builds and publishes images. Deployment updates are handled separately through NERSC Spin.