CT-1964: Add cert auth support to snowflake in php-table-backend-utils #1478

Workflow file for this run

	name: CI

	on:
	push:
	branches:
	- main
	tags:
	- '**'
	pull_request:
	workflow_dispatch:

	env:
	AWS_CREDENTIALS_REGION: us-east-1
	AWS_CREDENTIALS_ROLE_TO_ASSUME: arn:aws:iam::149899208592:role/ci-storage-backend-BaseStorageBackendRole-5WXOY9DYENCT
	MAIN_BRANCH: main
	jobs:

	build:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	contents: read
	outputs:
	changed-php-datatypes: ${{ steps.changes.outputs.php-datatypes }}
	changed-php-table-backend-utils: ${{ steps.changes.outputs.php-table-backend-utils }}
	changed-php-db-import-export: ${{ steps.changes.outputs.php-db-import-export }}
	changed-php-storage-driver-common: ${{ steps.changes.outputs.php-storage-driver-common }}
	table-utils-requirements: ${{ steps.changes.outputs.table-utils-requirements }}
	db-import-export-requirements: ${{ steps.changes.outputs.db-import-export-requirements }}
	isReleaseTag: ${{ steps.checkReleaseTag.outputs.isReleaseTag }}
	steps:
	- uses: actions/checkout@v4

	- name: Check build type
	id: checkReleaseTag
	run: \|
	git fetch origin $MAIN_BRANCH
	echo "git rev-parse origin/$MAIN_BRANCH: $(git rev-parse origin/$MAIN_BRANCH)"
	echo "git rev-parse HEAD: $(git rev-parse HEAD)"
	echo "github.ref_type: ${{ github.ref_type }}"
	echo "isReleaseTag=$(if [ "$(git rev-parse origin/$MAIN_BRANCH)" == "$(git rev-parse HEAD)" ] && ${{ github.ref_type == 'tag' }}; then echo 1; else echo 0; fi)" >> "$GITHUB_OUTPUT"
	echo "isReleaseTag=$(if [ "$(git rev-parse origin/$MAIN_BRANCH)" == "$(git rev-parse HEAD)" ] && ${{ github.ref_type == 'tag' }}; then echo 1; else echo 0; fi)"
	-
	name: Configure AWS Credentials
	id: creds
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-duration-seconds: 900
	role-to-assume: ${{ env.AWS_CREDENTIALS_ROLE_TO_ASSUME }}
	aws-region: ${{ env.AWS_CREDENTIALS_REGION }}

	- uses: dorny/paths-filter@v3
	id: changes
	with:
	filters: \|
	php-datatypes:
	- 'packages/php-datatypes/**'
	php-table-backend-utils:
	- 'packages/php-table-backend-utils/**'
	php-db-import-export:
	- 'packages/php-db-import-export/**'
	php-storage-driver-common:
	- 'packages/php-storage-driver-common/**'
	table-utils-requirements:
	- 'packages/php-datatypes/**'
	db-import-export-requirements:
	- 'packages/php-datatypes/**'
	- 'packages/php-table-backend-utils/**'

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v2

	-
	name: Build docker image
	env:
	DOCKER_BUILDKIT: 1
	REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	ECR_REPOSITORY: storage-backend-build
	IMAGE_TAG: ${{ github.sha }}
	run: \|
	docker compose build ci-monorepo
	docker compose run ci-monorepo composer install
	docker compose run ci-monorepo vendor/bin/monorepo-builder validate
	docker tag ci-monorepo:latest $REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
	docker push $REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

	build_datatypes:
	if: ${{ needs.build.outputs.isReleaseTag == 0 }}
	uses: ./.github/workflows/build-php-datatypes.yml
	with:
	hasCodeChanged: ${{ needs.build.outputs.changed-php-datatypes == 'true' }}
	isTag: ${{ startsWith(github.ref, 'refs/tags/') }}
	needs: build

	build_php_table_backend_utils:
	if: ${{ needs.build.outputs.isReleaseTag == 0 }}
	uses: ./.github/workflows/build-php-table-backend-utils.yml
	with:
	hasCodeChanged: ${{ needs.build.outputs.changed-php-table-backend-utils == 'true' }}
	isTag: ${{ startsWith(github.ref, 'refs/tags/') }}
	isRequiredRepoChanged: ${{ needs.build.outputs.table-utils-requirements== 'true' }}
	secrets:
	SNOWFLAKE_PASSWORD: ${{ secrets.SNOWFLAKE_PASSWORD }}
	SYNAPSE_PWD: ${{ secrets.SYNAPSE_PWD }}
	SYNAPSE_PRINCIPAL_PASSWORD: ${{ secrets.SYNAPSE_PRINCIPAL_PASSWORD }}
	TERADATA_PASSWORD: ${{ secrets.TERADATA_PASSWORD }}
	BQ_KEY_FILE: ${{ secrets.BQ_KEY_FILE }}
	needs: build

	build_php_db_import_export:
	if: ${{ needs.build.outputs.isReleaseTag == 0 }}
	uses: ./.github/workflows/build-php-db-import-export.yml
	with:
	hasCodeChanged: ${{ needs.build.outputs.changed-php-db-import-export == 'true' }}
	isTag: ${{ startsWith(github.ref, 'refs/tags/') }}
	isRequiredRepoChanged: ${{ needs.build.outputs.db-import-export-requirements == 'true' }}
	secrets:
	AWS_SECRET_ACCESS_KEY: ${{ secrets.IE_AWS_SECRET_ACCESS_KEY }}
	ABS_ACCOUNT_KEY: ${{ secrets.ABS_ACCOUNT_KEY }}
	SNOWFLAKE_PASSWORD: ${{ secrets.CI_SNOWFLAKE_PASSWORD }}
	SYNAPSE_PWD: ${{ secrets.IE_SYNAPSE_PWD }}
	AZURE_CLIENT_SECRET: ${{ secrets.IE_AZURE_CLIENT_SECRET }}
	TERADATA_PASSWORD: ${{ secrets.IE_TERADATA_PASSWORD }}
	ABS_TERADATA_PASSWORD: ${{ secrets.IE_ABS_TERADATA_PASSWORD }}
	BQ_KEY_FILE: ${{ secrets.IE_BQ_KEY_FILE }}
	OAUTH_TOKEN_GITHUB: ${{ secrets.IE_OAUTH_TOKEN_GITHUB }}
	GCS_CREDENTIALS: ${{ secrets.IE_GCS_CREDENTIALS }}
	SYNAPSE_PRINCIPAL_PASSWORD: ${{ secrets.IE_SYNAPSE_PRINCIPAL_PASSWORD }}
	needs: build

	build_php_storage_driver_common:
	if: ${{ needs.build.outputs.isReleaseTag == 0 }}
	uses: ./.github/workflows/build-php-storage-driver-common.yml
	with:
	hasCodeChanged: ${{ needs.build.outputs.changed-php-storage-driver-common == 'true' }}
	isTag: ${{ startsWith(github.ref, 'refs/tags/') }}
	secrets:
	S3_BUCKET: ${{ secrets.S3_BUCKET }}
	S3_AWS_REGION: ${{ secrets.S3_AWS_REGION }}
	needs: build

	test_results:
	needs:
	- build_datatypes
	- build_php_table_backend_utils
	- build_php_db_import_export
	- build_php_storage_driver_common
	runs-on: ubuntu-latest
	if: \|
	always()
	&& contains(fromJson('["success", "skipped"]'), needs.build_datatypes.result)
	&& contains(fromJson('["success", "skipped"]'), needs.build_php_table_backend_utils.result)
	&& contains(fromJson('["success", "skipped"]'), needs.build_php_db_import_export.result)
	&& contains(fromJson('["success", "skipped"]'), needs.build_php_storage_driver_common.result)
	steps:
	- name: Tests passed
	run: echo "Tests passed"

	monorepo_split:
	needs: test_results
	runs-on: ubuntu-latest
	if : always() && needs.test_results.result == 'success' && github.ref_type == 'tag'
	concurrency: ${{ matrix.repo }}
	strategy:
	matrix:
	include:
	- name: 'php-datatypes'
	path: 'packages/php-datatypes'
	repo: '[email protected]:keboola/php-datatypes.git'
	lastTag: '6.1.0'
	sshKey: 'PHP_DATATYPES_SSH_PRIVATE_KEY'
	- name: 'php-table-backend-utils'
	path: 'packages/php-table-backend-utils'
	repo: '[email protected]:keboola/php-table-backend-utils'
	lastTag: '1.14.1'
	sshKey: 'PHP_TABLE_BACKEND_UTILS_SSH_PRIVATE_KEY'
	- name: 'php-db-import-export'
	path: 'packages/php-db-import-export'
	repo: '[email protected]:keboola/php-db-import-export'
	lastTag: 'v1.20.1'
	sshKey: 'PHP_DB_IMPORT_EXPORT_SSH_PRIVATE_KEY'
	- name: 'php-storage-driver-common'
	path: 'packages/php-storage-driver-common'
	repo: '[email protected]:keboola/php-storage-driver-common'
	lastTag: 'v2.5.0'
	sshKey: 'PHP_STORAGE_DRIVER_COMMON_SSH_PRIVATE_KEY'
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	- uses: webfactory/ssh-agent@fc49353b67b2b7c1e0e6a600572d01a69f2672dd
	with:
	ssh-private-key: ${{ secrets[matrix.sshKey] }}

	- name: Split monorepo
	run: \|
	ssh-add -l
	docker build -t monorepo-tools ./bin
	docker run -v $PWD:/monorepo -w /monorepo -v $SSH_AUTH_SOCK:/ssh-agent -v ~/.ssh/known_hosts:/root/.ssh/known_hosts -e SSH_AUTH_SOCK=/ssh-agent monorepo-tools bin/split-repo.sh . ${{ matrix.repo }} ${{ matrix.path }} ${{ matrix.name }}/ ${{ matrix.lastTag}}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CT-1964: Add cert auth support to snowflake in php-table-backend-utils #1478

Workflow file

CT-1964: Add cert auth support to snowflake in php-table-backend-utils #1478

Jobs

Run details

Workflow file for this run