registry: sync staging and dev environments with prod's DB and S3 #475
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Trunk registry workflow | |
defaults: | |
run: | |
shell: bash | |
working-directory: ./registry/ | |
on: | |
pull_request: | |
branches: | |
- main | |
paths: | |
- '.github/workflows/registry.yml' | |
- 'registry/**' | |
# Always run on main or release branches | |
push: | |
branches: | |
- main | |
paths: | |
- '.github/workflows/registry.yml' | |
- 'registry/**' | |
jobs: | |
lint: | |
name: Run linters | |
runs-on: | |
- self-hosted | |
- dind | |
- large-8x8 | |
env: | |
DATABASE_URL: "postgresql://postgres:postgres@localhost:5432/postgres" | |
services: | |
# Label used to access the service container | |
postgres: | |
# Docker Hub image | |
image: postgres | |
# Provide the password for postgres | |
env: | |
POSTGRES_PASSWORD: postgres | |
# Set health checks to wait until postgres has started | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
# Maps tcp port 5432 on service container to the host | |
- 5432:5432 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install minimal stable with clippy and rustfmt | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: stable | |
components: rustfmt, clippy | |
- name: Install system dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y pkg-config libssl-dev | |
- name: install sqlx-cli | |
run: cargo install [email protected] | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
prefix-key: "lint" | |
- name: Cargo format | |
run: cargo fmt --all --check | |
- name: Run migrations | |
run: cargo sqlx migrate run | |
- name: Migrations check | |
# ensure migration cache is up-to-date | |
run: cargo sqlx prepare --check | |
- name: Clippy | |
run: cargo clippy -- -Dwarnings | |
test: | |
name: Run tests | |
runs-on: | |
- self-hosted | |
- dind | |
- large-8x8 | |
env: | |
DATABASE_URL: "postgresql://postgres:postgres@localhost:5432/postgres" | |
CLERK_SECRET_KEY: "" | |
services: | |
# Label used to access the service container | |
postgres: | |
# Docker Hub image | |
image: postgres | |
# Provide the password for postgres | |
env: | |
POSTGRES_PASSWORD: postgres | |
# Set health checks to wait until postgres has started | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
# Maps tcp port 5432 on service container to the host | |
- 5432:5432 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: stable | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
prefix-key: "trunk-registry-functional-test" | |
workspaces: | | |
registry | |
- name: Install system dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y pkg-config libssl-dev | |
- name: install sqlx-cli | |
run: cargo install sqlx-cli | |
- name: Run migrations | |
run: cargo sqlx migrate run | |
- name: Run functional tests | |
run: cargo test -- --nocapture | |
build-push-image: | |
name: Build and push image | |
runs-on: | |
- self-hosted | |
- dind | |
- xlarge-16x16 | |
outputs: | |
short_sha: ${{ steps.versions.outputs.SHORT_SHA }} | |
steps: | |
- name: Check out the repo | |
uses: actions/checkout@v4 | |
- name: Set version strings | |
id: versions | |
run: | | |
echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | |
- name: Build image | |
run: | | |
set -xe | |
docker build -t trunk-registry . | |
docker tag trunk-registry trunk-registry:latest | |
docker tag trunk-registry trunk-registry:${{ steps.versions.outputs.SHORT_SHA }} | |
- name: Login to Quay | |
if: ${{ github.ref == 'refs/heads/main' }} | |
uses: docker/login-action@v2 | |
with: | |
registry: quay.io/coredb | |
username: ${{ secrets.QUAY_USER }} | |
password: ${{ secrets.QUAY_PASSWORD }} | |
- name: Push to Quay | |
if: ${{ github.ref == 'refs/heads/main' }} | |
shell: bash | |
run: | | |
set -xe | |
IFS=' ' read -ra TAG_ARRAY <<< "latest ${{ steps.versions.outputs.SHORT_SHA }}" | |
for tag in "${TAG_ARRAY[@]}"; do | |
docker tag trunk-registry:$tag quay.io/coredb/trunk-registry:$tag | |
docker push quay.io/coredb/trunk-registry:$tag | |
done | |
argocd-update: | |
name: ArgoCD update automation | |
if: ${{ github.ref == 'refs/heads/main' }} | |
runs-on: ubuntu-20.04 | |
strategy: | |
# fail-fast means to cancel all jobs if one fails | |
fail-fast: false | |
matrix: | |
include: | |
- repository: tembo-io/app-deploy-dev | |
subdirectory: dev | |
branch: main | |
- repository: tembo-io/app-deploy | |
subdirectory: staging | |
branch: staging-updates | |
- repository: tembo-io/app-deploy | |
subdirectory: prod | |
branch: prod-updates | |
needs: | |
- build-push-image | |
steps: | |
- name: Check out the repo | |
uses: actions/checkout@v4 | |
- name: Check out the repo | |
uses: ./.github/actions/argocd-update | |
with: | |
repository: ${{ matrix.repository }} | |
ssh_key: ${{ secrets.SERVICE_USER_GITHUB_SSH_KEY }} | |
branch: ${{ matrix.branch }} | |
version: ${{ needs.build-push-image.outputs.short_sha }} | |
subdirectory: ${{ matrix.subdirectory }} |