Skip to content

Nhudson/image ci fix #5

Nhudson/image ci fix

Nhudson/image ci fix #5

name: build-tembo-pg-slim
on:
push:
branches:
- main
paths:
- 'tembo-pg-slim/**'
pull_request:
branches:
- main
paths:
- 'tembo-pg-slim/**'
env:
ECR_REGISTRY: "387894460527.dkr.ecr.us-east-1.amazonaws.com/tembo-io"
QUAY_REGISTRY: "quay.io/tembo"
jobs:
pre-build:
runs-on: ubuntu-latest
outputs:
short_sha: ${{ steps.versions.outputs.SHORT_SHA }}
branch_name: ${{ steps.versions.outputs.BRANCH_NAME }}
build_matrix: ${{ steps.append_pg_configs.outputs.build_matrix }}
tags: ${{ steps.tags.outputs.tags }}
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Set version strings
id: versions
run: |
echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
echo "BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_OUTPUT
- name: Append PostgreSQL configurations to matrix
id: append_pg_configs
run: |
PG_CONFIGS='[{"pg_release": "14.10", "pg_version": "14"}, {"pg_release": "15.3", "pg_version": "15"}, {"pg_release": "16.1", "pg_version": "16"}]'
MODIFIED_MATRIX=$(echo $PG_CONFIGS | jq -c '{include: .}')
echo "build_matrix=$MODIFIED_MATRIX" >> $GITHUB_OUTPUT
- name: Determine which tags to publish
id: tags_list
run: |
BRANCH_NAME="${{ steps.versions.outputs.BRANCH_NAME }}"
if [ "${BRANCH_NAME}" == "main" ]; then
echo "tag_latest=true" >> $GITHUB_OUTPUT
echo "tag_cargo=true" >> $GITHUB_OUTPUT
elif [[ "${BRANCH_NAME}" == release/* ]]; then
echo "tag_cargo=true" >> $GITHUB_OUTPUT
echo "tag_latest=false" >> $GITHUB_OUTPUT
else
echo "tag_latest=false" >> $GITHUB_OUTPUT
echo "tag_cargo=false" >> $GITHUB_OUTPUT
fi
- name: Install TOML parser
run: |
set -xe
wget https://github.com/freshautomations/stoml/releases/download/v0.7.1/stoml_linux_amd64
mv stoml_linux_amd64 stoml
chmod +x stoml
sudo mv stoml /usr/local/bin/
- name: Create whitespace-separated tags list
id: tags
run: |
SHORT_SHA="${{ steps.versions.outputs.SHORT_SHA }}"
TAGS=''
if [ "${{ steps.tags_list.outputs.tag_cargo }}" == "true" ]; then
echo "Cargo file detected, adding to tags"
VERSION=$(stoml Cargo.toml package.version)-${SHORT_SHA}
TAGS="$TAGS $VERSION"
fi
if [ "${{ steps.tags_list.outputs.tag_latest }}" == "true" ]; then
TAGS="$TAGS latest"
fi
TAGS="$TAGS ${SHORT_SHA}"
echo "tags=$TAGS" >> $GITHUB_OUTPUT
- name: Debug outputs
run: |
echo "Short SHA: ${{ steps.versions.outputs.SHORT_SHA }}"
echo "Branch Name: ${{ steps.versions.outputs.BRANCH_NAME }}"
echo "Build Matrix: ${{ steps.append_pg_configs.outputs.build_matrix }}"
echo "Tags: ${{ steps.tags.outputs.tags }}"
tembo-pg-slim-build:
needs: pre-build
permissions:
id-token: write
contents: read
runs-on:
- self-hosted
- dind
- large-8x8
strategy:
fail-fast: false
matrix: ${{fromJson(needs.pre-build.outputs.build_matrix)}}
env:
CONTAINER_NAME: "tembo-pg-slim"
steps:
- uses: actions/checkout@v4
- name: Build Docker images based on conditions
run: |
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
docker build ./$CONTAINER_NAME --build-arg PG_RELEASE=${{ matrix.pg_release }} --build-arg PG_VERSION=${{ matrix.pg_version }} -t $IMAGE_NAME
shell: bash
- name: Login to Tembo Quay
uses: docker/login-action@v2
with:
registry: $QUAY_REGISTRY
username: ${{ secrets.QUAY_USER_TEMBO }}
password: ${{ secrets.QUAY_PASSWORD_TEMBO }}
- name: Push to Quay
shell: bash
run: |
set -xe
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}"
for tag in "${TAG_ARRAY[@]}"; do
docker tag $IMAGE_NAME $QUAY_REGISTRY/$IMAGE_NAME-$tag
docker push $QUAY_REGISTRY/$IMAGE_NAME-$tag
done
standard-cnpg-build:
needs: [pre-build, tembo-pg-slim-build]
permissions:
id-token: write
contents: read
runs-on:
- self-hosted
- dind
- large-8x8
strategy:
fail-fast: false
matrix: ${{fromJson(needs.pre-build.outputs.build_matrix)}}
env:
CONTAINER_NAME: "standard-cnpg"
steps:
- uses: actions/checkout@v4
- name: Build Docker images based on conditions
run: |
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
docker build ./$CONTAINER_NAME --build-arg PG_RELEASE=${{ matrix.pg_release }} --build-arg PG_VERSION=${{ matrix.pg_version }} --build-arg TAG=${{ needs.pre-build.outputs.short_sha }} -t $IMAGE_NAME
shell: bash
- name: Login to Tembo Quay
uses: docker/login-action@v2
with:
registry: $QUAY_REGISTRY
username: ${{ secrets.QUAY_USER_TEMBO }}
password: ${{ secrets.QUAY_PASSWORD_TEMBO }}
- name: Push to Quay
shell: bash
run: |
set -xe
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}"
for tag in "${TAG_ARRAY[@]}"; do
docker tag $IMAGE_NAME $QUAY_REGISTRY/$IMAGE_NAME-$tag
docker push $QUAY_REGISTRY/$IMAGE_NAME-$tag
done
- name: Configure AWS credentials for ECR
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.GHA_IAM_ROLE }}
role-session-name: images-gha-docker-build-and-push
aws-region: "us-east-1"
- name: Install awscli
uses: unfor19/install-aws-cli-action@v1
- name: Push to ECR
shell: bash
run: |
set -xe
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}"
for tag in "${TAG_ARRAY[@]}"; do
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $ECR_REGISTRY/$CONTAINER_NAME
docker tag $IMAGE_NAME $ECR_REGISTRY/$IMAGE_NAME-$tag
docker push $ECR_REGISTRY/$IMAGE_NAME-$tag
done
ml-cnpg-build:
needs: [pre-build, standard-cnpg]
permissions:
id-token: write
contents: read
runs-on:
- self-hosted
- dind
- large-8x8
strategy:
fail-fast: false
matrix: ${{fromJson(needs.pre-build.outputs.build_matrix)}}
env:
CONTAINER_NAME: "ml-cnpg"
steps:
- uses: actions/checkout@v4
- name: Build Docker images based on conditions
run: |
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
docker build ./$CONTAINER_NAME --build-arg PG_RELEASE=${{ matrix.pg_release }} --build-arg PG_VERSION=${{ matrix.pg_version }} --build-arg TAG=${{ needs.pre-build.outputs.short_sha }} -t $IMAGE_NAME
shell: bash
- name: Login to Tembo Quay
uses: docker/login-action@v2
with:
registry: $QUAY_REGISTRY
username: ${{ secrets.QUAY_USER_TEMBO }}
password: ${{ secrets.QUAY_PASSWORD_TEMBO }}
- name: Push to Quay
shell: bash
run: |
set -xe
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}"
for tag in "${TAG_ARRAY[@]}"; do
docker tag $IMAGE_NAME $QUAY_REGISTRY/$IMAGE_NAME-$tag
docker push $QUAY_REGISTRY/$IMAGE_NAME-$tag
done
- name: Configure AWS credentials for ECR
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.GHA_IAM_ROLE }

Check failure on line 220 in .github/workflows/build_tembo_pg_slim.yaml

View workflow run for this annotation

GitHub Actions / build-tembo-pg-slim

Invalid workflow file

The workflow is not valid. .github/workflows/build_tembo_pg_slim.yaml (Line: 220, Col: 27): The expression is not closed. An unescaped ${{ sequence was found, but the closing }} sequence was not found. .github/workflows/build_tembo_pg_slim.yaml (Line: 277, Col: 27): The expression is not closed. An unescaped ${{ sequence was found, but the closing }} sequence was not found.
role-session-name: images-gha-docker-build-and-push
aws-region: "us-east-1"
- name: Install awscli
uses: unfor19/install-aws-cli-action@v1
- name: Push to ECR
shell: bash
run: |
set -xe
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}"
for tag in "${TAG_ARRAY[@]}"; do
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $ECR_REGISTRY/$CONTAINER_NAME
docker tag $IMAGE_NAME $ECR_REGISTRY/$IMAGE_NAME-$tag
docker push $ECR_REGISTRY/$IMAGE_NAME-$tag
done
dw-cnpg-build:
needs: [pre-build, standard-cnpg]
permissions:
id-token: write
contents: read
runs-on:
- self-hosted
- dind
- large-8x8
strategy:
fail-fast: false
matrix: ${{fromJson(needs.pre-build.outputs.build_matrix)}}
env:
CONTAINER_NAME: "dw-cnpg"
steps:
- uses: actions/checkout@v4
- name: Build Docker images based on conditions
run: |
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
docker build ./$CONTAINER_NAME --build-arg PG_RELEASE=${{ matrix.pg_release }} --build-arg PG_VERSION=${{ matrix.pg_version }} --build-arg TAG=${{ needs.pre-build.outputs.short_sha }} -t $IMAGE_NAME
shell: bash
- name: Login to Tembo Quay
uses: docker/login-action@v2
with:
registry: $QUAY_REGISTRY
username: ${{ secrets.QUAY_USER_TEMBO }}
password: ${{ secrets.QUAY_PASSWORD_TEMBO }}
- name: Push to Quay
shell: bash
run: |
set -xe
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}"
for tag in "${TAG_ARRAY[@]}"; do
docker tag $IMAGE_NAME $QUAY_REGISTRY/$IMAGE_NAME-$tag
docker push $QUAY_REGISTRY/$IMAGE_NAME-$tag
done
- name: Configure AWS credentials for ECR
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.GHA_IAM_ROLE }
role-session-name: images-gha-docker-build-and-push
aws-region: "us-east-1"
- name: Install awscli
uses: unfor19/install-aws-cli-action@v1
- name: Push to ECR
shell: bash
run: |
set -xe
IMAGE_NAME=$CONTAINER_NAME:pg${{ matrix.pg_version }}
IFS=' ' read -ra TAG_ARRAY <<< "${{ needs.pre-build.outputs.tags }}"
for tag in "${TAG_ARRAY[@]}"; do
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $ECR_REGISTRY/$CONTAINER_NAME
docker tag $IMAGE_NAME $ECR_REGISTRY/$IMAGE_NAME-$tag
docker push $ECR_REGISTRY/$IMAGE_NAME-$tag
done