jprdonnelly/airbyte
1
0
Fork 0
mirror of synced 2026-01-24 07:01:51 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
c72012012ff05c087e8da1663f288ea94765107b
airbyte/.github/workflows/publish-external-command.yml
Tim Roes 3df0619b84 Allow slash commands on PRs from forks (#9742) 
This enables all slash commands to also work on PRs created from forks. This will not run CI on PRs coming from a fork. There are unfortunately some limitations around injecting secrets in pull_request actions, which I described in detail in this comment.

I've done most of the testing for this in https://github.com/timroes/github-actions-test to test out that the context are set the way I'd expect them.

There's one risk: if any of the actual build scripts called by one of the slash commands would use this repository hard-coded they might fail. I've tried to search through the whole code base and don't believe this is the case.
2022-03-08 18:15:18 +08:00

124 lines
5.4 KiB
YAML
Raw Blame History

name: Publish External Connector Image
on:
workflow_dispatch:
inputs:
connector:
description: "Airbyte Connector image"
required: true
version:
description: "Airbyte Connector version"
required: true
comment-id:
description: "The comment-id of the slash command. Used to update the comment with the status."
required: false
repo:
description: "Repo to check out code from. Defaults to the main airbyte repo. Set this when building connectors from forked repos."
required: false
default: "airbytehq/airbyte"
gitref:
description: "The git ref to check out from the specified repository."
required: false
default: master
jobs:
## Gradle Build
# In case of self-hosted EC2 errors, remove this block.
start-publish-image-runner:
name: Start Build EC2 Runner
runs-on: ubuntu-latest
outputs:
label: ${{ steps.start-ec2-runner.outputs.label }}
ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }}
steps:
- name: Checkout Airbyte
uses: actions/checkout@v2
with:
repository: ${{ gituhb.event.inputs.repo }}
ref: ${{ github.event.inputs.gitref }}
- name: Start AWS Runner
id: start-ec2-runner
uses: ./.github/actions/start-aws-runner
with:
aws-access-key-id: ${{ secrets.SELF_RUNNER_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.SELF_RUNNER_AWS_SECRET_ACCESS_KEY }}
github-token: ${{ secrets.SELF_RUNNER_GITHUB_ACCESS_TOKEN }}
# 80 gb disk
ec2-image-id: ami-0d648081937c75a73
publish-image:
needs: start-publish-image-runner
runs-on: ${{ needs.start-publish-image-runner.outputs.label }}
environment: more-secrets
steps:
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@master
with:
service_account_key: ${{ secrets.SPEC_CACHE_SERVICE_ACCOUNT_KEY }}
export_default_credentials: true
- name: Link comment to workflow run
if: github.event.inputs.comment-id
uses: peter-evans/create-or-update-comment@v1
with:
comment-id: ${{ github.event.inputs.comment-id }}
body: |
> :clock2: ${{github.event.inputs.connector}} https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}
- name: Checkout Airbyte
uses: actions/checkout@v2
with:
repository: ${{ gituhb.event.inputs.repo }}
ref: ${{ github.event.inputs.gitref }}
- run: |
echo "$SPEC_CACHE_SERVICE_ACCOUNT_KEY" > spec_cache_key_file.json && docker login -u airbytebot -p ${DOCKER_PASSWORD}
./tools/integrations/manage.sh publish_external ${{ github.event.inputs.connector }} ${{ github.event.inputs.version }}
name: publish ${{ github.event.inputs.connector }}
id: publish
env:
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
# Oracle expects this variable to be set. Although usually present, this is not set by default on Github virtual runners.
TZ: UTC
- name: Add Success Comment
if: github.event.inputs.comment-id && success()
uses: peter-evans/create-or-update-comment@v1
with:
comment-id: ${{ github.event.inputs.comment-id }}
body: |
> :white_check_mark: ${{github.event.inputs.connector}} https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}
- name: Add Failure Comment
if: github.event.inputs.comment-id && !success()
uses: peter-evans/create-or-update-comment@v1
with:
comment-id: ${{ github.event.inputs.comment-id }}
body: |
> :x: ${{github.event.inputs.connector}} https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}
- name: Slack Notification - Failure
if: failure()
uses: rtCamp/action-slack-notify@master
env:
SLACK_WEBHOOK: ${{ secrets.BUILD_SLACK_WEBHOOK }}
SLACK_USERNAME: Buildozer
SLACK_ICON: https://avatars.slack-edge.com/temp/2020-09-01/1342729352468_209b10acd6ff13a649a1.jpg
SLACK_COLOR: DC143C
SLACK_TITLE: "Failed to publish connector ${{ github.event.inputs.connector }} from branch ${{ github.ref }}"
SLACK_FOOTER: ""
# In case of self-hosted EC2 errors, remove this block.
stop-publish-image-runner:
name: Stop Build EC2 Runner
needs:
- start-publish-image-runner # required to get output from the start-runner job
- publish-image # required to wait when the main job is done
runs-on: ubuntu-latest
if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.SELF_RUNNER_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.SELF_RUNNER_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-2
- name: Stop EC2 runner
uses: machulav/ec2-github-runner@v2
with:
mode: stop
github-token: ${{ secrets.SELF_RUNNER_GITHUB_ACCESS_TOKEN }}
label: ${{ needs.start-publish-image-runner.outputs.label }}
ec2-instance-id: ${{ needs.start-publish-image-runner.outputs.ec2-instance-id }}
Reference in New Issue View Git Blame Copy Permalink