add CI job to push cloud images to ECR #180
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and push images | |
| on: | |
| pull_request: {} | |
| push: | |
| branches: | |
| - 'main' | |
| jobs: | |
| find_directories: | |
| name: Find directories with Dockerfiles | |
| runs-on: ubuntu-20.04 | |
| outputs: | |
| build_images: ${{ steps.find_directories.outputs.build_matrix }} | |
| short_sha: ${{ steps.versions.outputs.SHORT_SHA }} | |
| branch_name: ${{ steps.versions.outputs.BRANCH_NAME }} | |
| steps: | |
| - name: Check out the repo | |
| uses: actions/checkout@v3 | |
| - name: Set version strings | |
| id: versions | |
| run: | | |
| echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
| echo "BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_OUTPUT | |
| - name: Check out the tembo repo to reuse some actions | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: tembo-io/tembo | |
| path: ./.tembo | |
| ref: 737713f5839bcd3f533644fe316540d890c611a8 | |
| - name: list dir | |
| run: ls -la .tembo/.github/actions | |
| - name: Find directories with Dockerfiles that changed | |
| id: find_directories | |
| uses: ./.tembo/.github/actions/find-changed-directories | |
| with: | |
| contains_the_file: Dockerfile | |
| # If the branch does not exist, then it will not | |
| # filter any directories containing the file. | |
| # This allows for filtering out unchanged directories | |
| # in a pull request, and using all directories on the release | |
| # or main branches. | |
| changed_relative_to_ref: origin/${{ github.base_ref || 'not-a-branch' }} | |
| ignore_dirs: ".tembo, tembo-pg-slim" | |
| build_and_push: | |
| name: Build and push images | |
| permissions: | |
| id-token: write | |
| contents: read | |
| runs-on: | |
| - self-hosted | |
| - dind | |
| - large-8x8 | |
| needs: | |
| - find_directories | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJson(needs.find_directories.outputs.build_images) }} | |
| outputs: | |
| short_sha: ${{ steps.versions.outputs.SHORT_SHA }} | |
| steps: | |
| - name: Check out the repo | |
| uses: actions/checkout@v3 | |
| - name: Set version strings | |
| id: versions | |
| run: | | |
| echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
| - name: Determine which tags to publish | |
| id: tags | |
| run: | | |
| BRANCH_NAME="${{ needs.find_directories.outputs.branch_name }}" | |
| if [ "${BRANCH_NAME}" == "main" ]; then | |
| echo "tag_latest=true" >> $GITHUB_OUTPUT | |
| echo "tag_cargo=true" >> $GITHUB_OUTPUT | |
| elif [[ "${BRANCH_NAME}" == release/* ]]; then | |
| echo "tag_cargo=true" >> $GITHUB_OUTPUT | |
| echo "tag_latest=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "tag_latest=false" >> $GITHUB_OUTPUT | |
| echo "tag_cargo=false" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Build and upload image | |
| uses: ./.github/actions/build-and-push-to-quay | |
| with: | |
| image_name: ${{ matrix.name }} | |
| docker_directory: ${{ matrix.path }} | |
| registry: "quay.io/tembo" | |
| tag_cargo_version_if_present: ${{ steps.tags.outputs.tag_cargo }} | |
| publish_latest: ${{ steps.tags.outputs.tag_latest }} | |
| publish_calver: ${{ steps.tags_outputs.tag_latest }} | |
| quay_user: ${{ secrets.QUAY_USER_TEMBO }} | |
| quay_password: ${{ secrets.QUAY_PASSWORD_TEMBO }} | |
| quay_user_tembo: ${{ secrets.QUAY_USER_TEMBO }} | |
| quay_password_tembo: ${{ secrets.QUAY_PASSWORD_TEMBO }} | |
| gha_iam_role: ${{ secrets.GHA_IAM_ROLE }} | |
| ecr_registry: ${{ secrets.ECR_REGISTRY }} | |
| build_and_push_pg_slim: | |
| name: Build and push tembo-pg-slim | |
| runs-on: | |
| - self-hosted | |
| - dind | |
| - large-8x8 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - pg_version: "15.3" | |
| pg_major: "15" | |
| - pg_version: "16.1" | |
| pg_major: "16" | |
| steps: | |
| - name: Check out the repo | |
| uses: actions/checkout@v3 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v2 | |
| with: | |
| image: quay.io/coredb/binfmt:latest | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Login to Quay.io | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USER }} | |
| password: ${{ secrets.QUAY_PASSWORD }} | |
| - name: Build and push | |
| run: | | |
| set -xe | |
| BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD) | |
| PUSH_FLAG="" | |
| if [ "${BRANCH_NAME}" == "main" ]; then | |
| PUSH_FLAG="--push" | |
| fi | |
| docker buildx build \ | |
| --build-arg PG_VERSION=${{ matrix.pg_version }} \ | |
| --build-arg PG_MAJOR=${{ matrix.pg_major }} \ | |
| --platform linux/amd64,linux/arm64 \ | |
| --tag quay.io/coredb/tembo-pg-slim:pg${{ matrix.pg_version }} \ | |
| --pull ${PUSH_FLAG} ./tembo-pg-slim |