From 48d8102d15176309c90799083758a1c08ac59d3b Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 13:17:08 +0100 Subject: [PATCH 01/11] Add Python setup step to GitHub Actions workflow Added a step to set up Python 3.11 in the workflow. --- .github/workflows/ghbuild.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index 8a94d2c356..6fdc6cbc6d 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -63,6 +63,11 @@ jobs: - name: Checkout code uses: actions/checkout@v4 + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: '3.11' + - name: Find PR number id: find_pr run: | From 2b24bdaa6d1673b2f9e27b09ce1c1535bdeff52e Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 14:38:08 +0100 Subject: [PATCH 02/11] Add step to install Python dependencies Added a step to install Python dependencies in the workflow. --- .github/workflows/ghbuild.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index 6fdc6cbc6d..cd4223c23c 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -68,6 +68,12 @@ jobs: with: python-version: '3.11' + - name: Install Python dependencies + run: | + python -m pip install --upgrade pip + pip install "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml + + - name: Find PR number id: find_pr run: | From 2cdda1ccb7f859075d89ba83ac7b513617691334 Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 14:58:15 +0100 Subject: [PATCH 03/11] Clean up Python dependency installations in workflow Removed redundant pip install commands for pyyaml and lxml in various steps of the GitHub Actions workflow. --- .github/workflows/ghbuild.yml | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index cd4223c23c..48de47eda5 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -73,7 +73,6 @@ jobs: python -m pip install --upgrade pip pip install "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml - - name: Find PR number id: find_pr run: | @@ -164,9 +163,6 @@ jobs: run: | echo "Preparing DAK environment with configuration scripts..." - # Install required Python dependencies - pip install pyyaml - # Check if DAK preparation scripts exist locally, download if needed if [ ! -f "input/scripts/generate_dak_from_sushi.py" ]; then echo "DAK generation script not found locally, downloading from smart-base repository..." @@ -246,9 +242,6 @@ jobs: run: | echo "Generating FHIR Questionnaires from DMN files before IG publisher runs..." - # Install required Python dependencies for questionnaire generation - pip install lxml - # Check if questionnaire generation files exist locally if [ ! -f "input/scripts/dmn_questionnaire_generator.py" ]; then echo "DMN questionnaire generator not found locally, downloading from smart-base repository..." @@ -338,7 +331,7 @@ jobs: -v ${{ github.workspace }}:/work \ -w /work \ hl7fhir/ig-publisher-base:latest \ - sh -c "$CMD" + sh -c "apt-get update && apt-get install -y python3 python3-pip && ln -sf /usr/bin/python3 /usr/bin/python && $CMD" # Additional step to upload qa.json as an artifact - name: Upload qa.json artifact @@ -353,9 +346,6 @@ jobs: run: | echo "Generating JSON schemas from FHIR resources..." - # Install required Python dependencies for schema generation - pip install pyyaml - # Check if schema generation files exist locally, download if needed if [ ! -f "input/scripts/generate_logical_model_schemas.py" ]; then echo "Schema generation files not found locally, downloading from smart-base repository..." @@ -381,9 +371,6 @@ jobs: run: | echo "Generating JSON-LD vocabularies from ValueSet expansions..." - # Install required Python dependencies - pip install pyyaml - # Check if JSON-LD generation files exist locally, download if needed if [ ! -f "input/scripts/generate_jsonld_vocabularies.py" ]; then echo "JSON-LD vocabulary generator not found locally, downloading from smart-base repository..." @@ -404,9 +391,6 @@ jobs: run: | echo "Generating DAK API documentation hub..." - # Install required Python dependencies - pip install pyyaml - # Check if API hub generation files exist locally, download if needed if [ ! -f "input/scripts/generate_dak_api_hub.py" ]; then echo "DAK API hub generator not found locally, downloading from smart-base repository..." From df4bebfa15a555e6f294489dfca9b7f7af37d825 Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 15:00:20 +0100 Subject: [PATCH 04/11] Enhance Docker setup with Python packages Updated Docker command to install additional Python packages and dependencies. --- .github/workflows/ghbuild.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index 48de47eda5..68c7e99794 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -331,7 +331,12 @@ jobs: -v ${{ github.workspace }}:/work \ -w /work \ hl7fhir/ig-publisher-base:latest \ - sh -c "apt-get update && apt-get install -y python3 python3-pip && ln -sf /usr/bin/python3 /usr/bin/python && $CMD" + sh -c "\ + apt-get update && \ + apt-get install -y --no-install-recommends python3 python3-pip python3-venv && \ + ln -sf /usr/bin/python3 /usr/bin/python && \ + pip3 install --break-system-packages 'GitPython>=3.1.40' 'PyYAML>=6.0' 'requests>=2.28.0' lxml && \ + $CMD" # Additional step to upload qa.json as an artifact - name: Upload qa.json artifact From 8900d375d8097cff75dea5ead431d6603894c0e0 Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 15:06:12 +0100 Subject: [PATCH 05/11] Update Docker command in ghbuild.yml --- .github/workflows/ghbuild.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index 68c7e99794..5325ad881b 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -328,6 +328,7 @@ jobs: echo "Running command: $CMD" docker run --rm \ + --user root \ -v ${{ github.workspace }}:/work \ -w /work \ hl7fhir/ig-publisher-base:latest \ From c11c9e1ae3fbb1ba768ffebe933e39fa9077672a Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 17:11:31 +0100 Subject: [PATCH 06/11] Update Docker python installation --- .github/workflows/ghbuild.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index 5325ad881b..37e9f839c8 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -329,15 +329,17 @@ jobs: docker run --rm \ --user root \ + --entrypoint /bin/sh \ -v ${{ github.workspace }}:/work \ -w /work \ + -e CMD="$CMD" \ hl7fhir/ig-publisher-base:latest \ - sh -c "\ + -c '\ apt-get update && \ apt-get install -y --no-install-recommends python3 python3-pip python3-venv && \ ln -sf /usr/bin/python3 /usr/bin/python && \ - pip3 install --break-system-packages 'GitPython>=3.1.40' 'PyYAML>=6.0' 'requests>=2.28.0' lxml && \ - $CMD" + pip3 install --break-system-packages "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml && \ + su -s /bin/sh publisher -c "$CMD"' # Additional step to upload qa.json as an artifact - name: Upload qa.json artifact From 2959f99deded1454c5c1d6fb0efda26e0101de78 Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 20:49:02 +0100 Subject: [PATCH 07/11] Update ghbuild.yml --- .github/workflows/ghbuild.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index 37e9f839c8..a410669e7e 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -339,7 +339,7 @@ jobs: apt-get install -y --no-install-recommends python3 python3-pip python3-venv && \ ln -sf /usr/bin/python3 /usr/bin/python && \ pip3 install --break-system-packages "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml && \ - su -s /bin/sh publisher -c "$CMD"' + su -s /bin/sh publisher -c "cd /work && $CMD"' # Additional step to upload qa.json as an artifact - name: Upload qa.json artifact From e6c3d8ea620a99087dc2beb2276db1c07e2db620 Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 21:00:18 +0100 Subject: [PATCH 08/11] Install Python and dependencies in Docker image Added a step to install Python and necessary packages in the Docker image for the IG publisher. --- .github/workflows/ghbuild.yml | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index a410669e7e..f24415b6d3 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -311,6 +311,18 @@ jobs: entrypoint: /bin/sh args: -c "mkdir -p /var/lib/.fhir && chown $(id -u):$(id -g) /var/lib/.fhir" + - name: Install Python in publisher image + run: | + docker run --name ig-python --user root --entrypoint /bin/sh \ + hl7fhir/ig-publisher-base:latest -c '\ + apt-get update && \ + apt-get install -y --no-install-recommends python3 python3-pip python3-venv && \ + ln -sf /usr/bin/python3 /usr/bin/python && \ + pip3 install --break-system-packages "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml && \ + apt-get clean && rm -rf /var/lib/apt/lists/*' + docker commit ig-python hl7fhir/ig-publisher-base:latest + docker rm ig-python + - name: Run the IG publisher with optional tx run: | echo "TX input: ${{ inputs.tx }}" @@ -328,18 +340,10 @@ jobs: echo "Running command: $CMD" docker run --rm \ - --user root \ - --entrypoint /bin/sh \ -v ${{ github.workspace }}:/work \ -w /work \ - -e CMD="$CMD" \ hl7fhir/ig-publisher-base:latest \ - -c '\ - apt-get update && \ - apt-get install -y --no-install-recommends python3 python3-pip python3-venv && \ - ln -sf /usr/bin/python3 /usr/bin/python && \ - pip3 install --break-system-packages "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml && \ - su -s /bin/sh publisher -c "cd /work && $CMD"' + sh -c "$CMD" # Additional step to upload qa.json as an artifact - name: Upload qa.json artifact From 7c1ea116f4109c04f42f0eda2c773dc34a6b2d32 Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 21:07:12 +0100 Subject: [PATCH 09/11] Update Docker commit command to set ENTRYPOINT --- .github/workflows/ghbuild.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index f24415b6d3..4464e45d3c 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -320,7 +320,7 @@ jobs: ln -sf /usr/bin/python3 /usr/bin/python && \ pip3 install --break-system-packages "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml && \ apt-get clean && rm -rf /var/lib/apt/lists/*' - docker commit ig-python hl7fhir/ig-publisher-base:latest + docker commit --change 'ENTRYPOINT []' ig-python hl7fhir/ig-publisher-base:latest docker rm ig-python - name: Run the IG publisher with optional tx From f5e7ea46bd7e762b3ecc92ff1dae57ea1cddd467 Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 21:12:18 +0100 Subject: [PATCH 10/11] Remove Python installation from ghbuild.yml Removed Python installation steps from the GitHub Actions workflow. --- .github/workflows/ghbuild.yml | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index 4464e45d3c..ce0d1c83b9 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -311,18 +311,6 @@ jobs: entrypoint: /bin/sh args: -c "mkdir -p /var/lib/.fhir && chown $(id -u):$(id -g) /var/lib/.fhir" - - name: Install Python in publisher image - run: | - docker run --name ig-python --user root --entrypoint /bin/sh \ - hl7fhir/ig-publisher-base:latest -c '\ - apt-get update && \ - apt-get install -y --no-install-recommends python3 python3-pip python3-venv && \ - ln -sf /usr/bin/python3 /usr/bin/python && \ - pip3 install --break-system-packages "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml && \ - apt-get clean && rm -rf /var/lib/apt/lists/*' - docker commit --change 'ENTRYPOINT []' ig-python hl7fhir/ig-publisher-base:latest - docker rm ig-python - - name: Run the IG publisher with optional tx run: | echo "TX input: ${{ inputs.tx }}" @@ -338,12 +326,19 @@ jobs: fi echo "Running command: $CMD" - + docker run --rm \ + --user root \ + --entrypoint /bin/sh \ -v ${{ github.workspace }}:/work \ -w /work \ + -e PUBLISHER_CMD="$CMD" \ hl7fhir/ig-publisher-base:latest \ - sh -c "$CMD" + -c 'apt-get update && \ + apt-get install -y --no-install-recommends python3 python3-pip python3-venv && \ + ln -sf /usr/bin/python3 /usr/bin/python && \ + pip3 install --break-system-packages "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml && \ + eval "$PUBLISHER_CMD"' # Additional step to upload qa.json as an artifact - name: Upload qa.json artifact From a5205e9416c55c11b7ef986931b28fcfe574657e Mon Sep 17 00:00:00 2001 From: Jose Costa Teixeira Date: Fri, 13 Feb 2026 21:17:18 +0100 Subject: [PATCH 11/11] Refactor Docker setup in ghbuild.yml Refactor Docker commands in GitHub Actions workflow to run container in detached mode and install Python packages as root. --- .github/workflows/ghbuild.yml | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ghbuild.yml b/.github/workflows/ghbuild.yml index ce0d1c83b9..ca92f2450c 100644 --- a/.github/workflows/ghbuild.yml +++ b/.github/workflows/ghbuild.yml @@ -327,18 +327,28 @@ jobs: echo "Running command: $CMD" - docker run --rm \ - --user root \ - --entrypoint /bin/sh \ + # Start container with entrypoint (sets up sushi, jekyll, etc.) and keep it running + docker run -d --name ig-run \ -v ${{ github.workspace }}:/work \ -w /work \ - -e PUBLISHER_CMD="$CMD" \ hl7fhir/ig-publisher-base:latest \ - -c 'apt-get update && \ - apt-get install -y --no-install-recommends python3 python3-pip python3-venv && \ - ln -sf /usr/bin/python3 /usr/bin/python && \ - pip3 install --break-system-packages "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml && \ - eval "$PUBLISHER_CMD"' + sleep infinity + + # Wait for entrypoint to finish setup + sleep 5 + + # Install Python as root + docker exec --user root ig-run sh -c '\ + apt-get update && \ + apt-get install -y --no-install-recommends python3 python3-pip python3-venv && \ + ln -sf /usr/bin/python3 /usr/bin/python && \ + pip3 install --break-system-packages "GitPython>=3.1.40" "PyYAML>=6.0" "requests>=2.28.0" lxml' + + # Run publisher as the default user + docker exec -w /work ig-run sh -c "$CMD" + + # Cleanup + docker rm -f ig-run # Additional step to upload qa.json as an artifact - name: Upload qa.json artifact