Skip to content

Commit 5e29129

Browse files
rhshahrhshah
authored
Merge pull request #23 from msk-access/filter_duplicates_set_to_true
Update small_variants.py
2 parents b61adce + 5ef8921 commit 5e29129

24 files changed

Lines changed: 789 additions & 519 deletions

.github/workflows/publish-pypi.yml

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
name: Publish Python Package
2+
3+
on:
4+
release:
5+
types: [published]
6+
workflow_dispatch:
7+
inputs:
8+
version:
9+
description: 'Version to publish (e.g., 1.0.0)'
10+
required: false
11+
12+
env:
13+
PYTHON_VERSION: '3.9'
14+
15+
jobs:
16+
deploy:
17+
name: Build and Publish
18+
runs-on: ubuntu-latest
19+
20+
steps:
21+
- name: Checkout repository
22+
uses: actions/checkout@v4
23+
with:
24+
fetch-depth: 0
25+
submodules: recursive
26+
27+
- name: Set up Python ${{ env.PYTHON_VERSION }}
28+
uses: actions/setup-python@v4
29+
with:
30+
python-version: ${{ env.PYTHON_VERSION }}
31+
cache: 'pip'
32+
cache-dependency-path: 'pyproject.toml'
33+
34+
- name: Install build dependencies
35+
run: |
36+
python -m pip install --upgrade pip
37+
pip install build twine
38+
39+
- name: Build package
40+
run: |
41+
python -m build --sdist --wheel --outdir dist/
42+
43+
- name: Verify package
44+
run: |
45+
twine check dist/*
46+
47+
- name: Publish to PyPI
48+
if: github.event_name == 'release' && github.event.action == 'published'
49+
uses: pypa/gh-action-pypi-publish@release/v1
50+
with:
51+
skip-existing: true
52+
verbose: true
53+
54+
- name: Show package info
55+
run: |
56+
echo "Package built for version: ${{ github.event.release.tag_name }}"
57+
ls -la dist/

.github/workflows/publish_docker.yaml

Lines changed: 158 additions & 62 deletions
Original file line numberDiff line numberDiff line change
@@ -1,64 +1,160 @@
1-
name: Publish Docker image to ghcr.io
1+
name: Publish Docker Image
2+
23
on:
3-
push:
4-
tags:
5-
- "*"
4+
push:
5+
branches: [ main, master ]
6+
tags: [ '*', '!*-*' ] # Match v1.2.3 but not v1.2.3-rc1
7+
pull_request:
8+
branches: [ main, master ]
9+
workflow_dispatch:
10+
inputs:
11+
version:
12+
description: 'Version to build (e.g., v1.2.3)'
13+
required: false
14+
15+
# Set job-level environment variables
16+
env:
17+
REGISTRY: ghcr.io
18+
IMAGE_NAME: ${{ github.repository }}
19+
DOCKERFILE_PATH: ./Dockerfile
20+
BUILDX_CACHE_DIR: /tmp/.buildx-cache
21+
BUILDX_CACHE_KEY: ${{ github.ref }}-${{ github.sha }}
22+
623
jobs:
7-
push_to_registries:
8-
name: Build and publish Docker image
9-
runs-on: ubuntu-latest
10-
steps:
11-
- name: Check out the repo
12-
uses: actions/checkout@v3
13-
- name: Set up QEMU
14-
uses: docker/setup-qemu-action@v2
15-
- name: Set up Docker Buildx
16-
uses: docker/setup-buildx-action@v2
17-
- name: Prepare
18-
# In this preparation step, a few configurations are made
19-
# according to tags that will be used to export the image
20-
# for Docker Hub, as well as the name of the image itself
21-
id: prep
22-
run: |
23-
DOCKER_IMAGE=ghcr.io/msk-access/genotype_variants
24-
VERSION=noop
25-
if [ "${{ github.event_name }}" = "schedule" ]; then
26-
VERSION=nightly
27-
elif [[ $GITHUB_REF == refs/tags/* ]]; then
28-
VERSION=${GITHUB_REF#refs/tags/}
29-
elif [[ $GITHUB_REF == refs/heads/* ]]; then
30-
VERSION=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g')
31-
fi
32-
TAGS="${DOCKER_IMAGE}:${VERSION}"
33-
if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
34-
MINOR=${VERSION%.*}
35-
MAJOR=${MINOR%.*}
36-
TAGS="$TAGS,${DOCKER_IMAGE}:latest"
37-
elif [[ $VERSION =~ ^v[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
38-
VERSION=$(echo ${VERSION#v})
39-
TAGS="${DOCKER_IMAGE}:${VERSION}"
40-
elif [ "${{ github.event_name }}" = "push" ]; then
41-
TAGS="$TAGS,${DOCKER_IMAGE}:sha-${GITHUB_SHA::8}"
42-
fi
43-
echo ::set-output name=version::${VERSION}
44-
echo ::set-output name=tags::${TAGS}
45-
- name: Login to GitHub Container Registry
46-
#if: github.event_name != 'pull_request'
47-
uses: docker/login-action@v2
48-
with:
49-
registry: ghcr.io
50-
username: ${{ github.repository_owner }}
51-
password: ${{ secrets.RS_PAT }}
52-
- name: Push to GitHub Packages
53-
uses: docker/build-push-action@v3
54-
with:
55-
context: .
56-
file: ./Dockerfile
57-
push: true
58-
tags: ${{ steps.prep.outputs.tags }}
59-
build-args: |
60-
GENOTYPE_VARIANTS_VERSION=${{ steps.prep.outputs.version }}
61-
labels: |
62-
org.opencontainers.image.title=${{ github.event.repository.name }}
63-
org.opencontainers.image.description=${{ github.event.repository.description }}
64-
org.opencontainers.image.version=${{ steps.prep.outputs.version }}
24+
build-and-push:
25+
name: Build and Push Docker Image
26+
runs-on: ubuntu-latest
27+
permissions:
28+
contents: read
29+
packages: write
30+
security-events: write # For Trivy SARIF upload
31+
32+
strategy:
33+
fail-fast: false
34+
matrix:
35+
platform: [linux/amd64, linux/arm64]
36+
37+
steps:
38+
- name: Checkout repository
39+
uses: actions/checkout@v4
40+
with:
41+
fetch-depth: 0 # Needed for version detection
42+
submodules: recursive
43+
44+
- name: Set up QEMU
45+
uses: docker/setup-qemu-action@v3
46+
with:
47+
platforms: arm64,amd64
48+
49+
- name: Set up Docker Buildx
50+
uses: docker/setup-buildx-action@v3
51+
with:
52+
install: true
53+
driver-opts: |
54+
image=moby/buildkit:latest
55+
network=host
56+
buildkitd-config-inline: |
57+
[worker.oci]
58+
max-parallelism = 4
59+
60+
- name: Get current date
61+
id: date
62+
run: echo "date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
63+
64+
- name: Extract metadata (tags, labels) for Docker
65+
id: meta
66+
uses: docker/metadata-action@v5
67+
with:
68+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
69+
tags: |
70+
type=schedule,pattern=nightly
71+
type=ref,event=branch
72+
type=ref,event=pr
73+
type=semver,pattern={{version}}
74+
type=semver,pattern={{major}}.{{minor}}
75+
type=semver,pattern={{major}}
76+
type=sha,format=long,prefix=sha-
77+
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
78+
flavor: |
79+
latest=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
80+
labels: |
81+
org.opencontainers.image.title=${{ github.event.repository.name }}
82+
org.opencontainers.image.description=${{ github.event.repository.description }}
83+
org.opencontainers.image.url=${{ github.server_url }}/${{ github.repository }}
84+
org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
85+
org.opencontainers.image.created=${{ steps.date.outputs.date }}
86+
org.opencontainers.image.revision=${{ github.sha }}
87+
org.opencontainers.image.version=${{ github.ref_name }}
88+
89+
- name: Log in to GitHub Container Registry
90+
if: github.event_name != 'pull_request'
91+
uses: docker/login-action@v3
92+
with:
93+
registry: ${{ env.REGISTRY }}
94+
username: ${{ github.actor }}
95+
password: ${{ secrets.GITHUB_TOKEN }}
96+
97+
- name: Set up Docker Buildx cache
98+
uses: actions/cache@v3
99+
with:
100+
path: ${{ env.BUILDX_CACHE_DIR }}
101+
key: buildx-${{ runner.os }}-${{ matrix.platform }}-${{ env.BUILDX_CACHE_KEY }}
102+
restore-keys: |
103+
buildx-${{ runner.os }}-${{ matrix.platform }}-
104+
buildx-${{ runner.os }}-
105+
106+
- name: Build and push Docker image
107+
uses: docker/build-push-action@v5
108+
with:
109+
context: .
110+
file: ${{ env.DOCKERFILE_PATH }}
111+
push: ${{ github.event_name != 'pull_request' }}
112+
tags: ${{ steps.meta.outputs.tags }}
113+
labels: ${{ steps.meta.outputs.labels }}
114+
platforms: ${{ matrix.platform }}
115+
cache-from: type=local,src=${{ env.BUILDX_CACHE_DIR }}
116+
cache-to: type=local,dest=${{ env.BUILDX_CACHE_DIR }}-new,mode=max
117+
build-args: |
118+
BUILDKIT_INLINE_CACHE=1
119+
GENOTYPE_VARIANTS_VERSION=${{ github.ref_name }}
120+
BUILD_VERSION=${{ github.ref_name }}
121+
BUILD_DATE=${{ steps.date.outputs.date }}
122+
VCS_REF=${{ github.sha }}
123+
provenance: ${{ github.event_name != 'pull_request' }}
124+
sbom: true
125+
secrets: |
126+
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
127+
128+
- name: Run Trivy vulnerability scanner
129+
if: github.event_name != 'pull_request'
130+
uses: aquasecurity/trivy-action@master
131+
with:
132+
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.meta.outputs.version }}
133+
format: 'sarif'
134+
output: 'trivy-results.sarif'
135+
severity: 'CRITICAL,HIGH'
136+
ignore-unfixed: true
137+
vuln-type: 'os,library'
138+
exit-code: '1'
139+
timeout: '5m'
140+
141+
- name: Upload Trivy scan results to GitHub Security tab
142+
if: always() && (github.event_name != 'pull_request')
143+
uses: github/codeql-action/upload-sarif@v2
144+
with:
145+
sarif_file: 'trivy-results.sarif'
146+
category: 'container-scan'
147+
148+
- name: Update Buildx cache
149+
if: github.event_name != 'pull_request'
150+
run: |
151+
rm -rf ${{ env.BUILDX_CACHE_DIR }}
152+
mv ${{ env.BUILDX_CACHE_DIR }}-new ${{ env.BUILDX_CACHE_DIR }}
153+
echo "Updated build cache"
154+
155+
- name: Show image details
156+
if: always()
157+
run: |
158+
echo "Built image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}"
159+
echo "Tags: ${{ steps.meta.outputs.tags }}"
160+
echo "Labels: ${{ steps.meta.outputs.labels }}"

.github/workflows/validate.yaml

Lines changed: 55 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -1,43 +1,68 @@
1-
name: validate
1+
name: Validate
2+
23
on:
34
push:
5+
branches: [ main ]
46
paths-ignore:
5-
- 'docs/**'
6-
- '**.md'
7-
- '**.rst'
8-
tags-ignore:
9-
- v*
7+
- 'docs/**'
8+
- '**.md'
9+
- '**.rst'
10+
- '**.gitignore'
11+
- '.github/**'
1012
pull_request:
1113
paths-ignore:
12-
- 'docs/**'
13-
- '**.md'
14-
- '**.rst'
14+
- 'docs/**'
15+
- '**.md'
16+
- '**.rst'
17+
- '**.gitignore'
18+
- '.github/**'
19+
20+
env:
21+
PYTHON_VERSION: '3.9'
1522

1623
jobs:
17-
test_nucleo:
18-
runs-on: ${{ matrix.platform }}
19-
if: "!contains(github.event.head_commit.message, 'ci skip')"
24+
test:
25+
name: Test Python 3.9 on Ubuntu
26+
runs-on: ubuntu-latest
27+
if: github.event.head_commit == null || !contains(github.event.head_commit.message, 'ci skip')
28+
2029
strategy:
21-
max-parallel: 4
22-
matrix:
23-
platform: [ubuntu-latest]
24-
python-version: [3.7, 3.8]
30+
fail-fast: false
31+
2532
steps:
26-
- name: Checkout repo
27-
uses: actions/checkout@v2
33+
- name: Checkout repository
34+
uses: actions/checkout@v4
2835
with:
29-
ref: ${{ github.head_ref }}
36+
fetch-depth: 0
3037
submodules: recursive
31-
- name: Set up Python ${{ matrix.python-version }}
32-
uses: actions/setup-python@v2
38+
39+
- name: Set up Python ${{ env.PYTHON_VERSION }}
40+
uses: actions/setup-python@v4
3341
with:
34-
python-version: ${{ matrix.python-version }}
35-
- name: Install Python dependencies
42+
python-version: ${{ env.PYTHON_VERSION }}
43+
cache: 'pip'
44+
cache-dependency-path: 'pyproject.toml'
45+
46+
- name: Set up environment and install dependencies
47+
run: |
48+
# Create virtual environment
49+
python -m venv .venv
50+
51+
# Activate and set up the environment
52+
source .venv/bin/activate
53+
54+
# Ensure pip is up to date and install build tools
55+
python -m pip install --upgrade pip setuptools wheel build
56+
57+
# Install package with dev dependencies from pyproject.toml
58+
pip install -e ".[dev]"
59+
60+
- name: Build package
61+
run: |
62+
source .venv/bin/activate
63+
python -m build --sdist --wheel --outdir dist/ .
64+
65+
- name: Run tests
3666
run: |
37-
python -m pip install --upgrade pip
38-
pip install tox tox-gh-actions
39-
- name: Test with tox
40-
id: run-tox
41-
run: tox -vv
42-
env:
43-
PLATFORM: ${{ matrix.platform }}
67+
source .venv/bin/activate
68+
python -m pytest tests/ -v

0 commit comments

Comments
 (0)