mirror of
https://github.com/turbot/steampipe.git
synced 2026-02-23 17:03:00 -05:00
165 lines
5.9 KiB
YAML
165 lines
5.9 KiB
YAML
name: Build and Publish DB Image
|
|
|
|
# Controls when the action will run.
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
version:
|
|
description: |
|
|
Version number for the OCI image for this release - usually the same as the
|
|
postgres version
|
|
required: true
|
|
default: 14.2.0
|
|
|
|
postgres_version:
|
|
description: "Postgres Version to package (eg 14.2.0)"
|
|
required: true
|
|
default: 14.2.0
|
|
|
|
env:
|
|
PROJECT_ID: steampipe
|
|
IMAGE_NAME: db
|
|
CORE_REPO: us-docker.pkg.dev/steampipe/steampipe
|
|
ORG: turbot
|
|
CONFIG_SCHEMA_VERSION: "2020-11-18"
|
|
VERSION: ${{ github.event.inputs.version }}
|
|
PG_VERSION: ${{ github.event.inputs.postgres_version }}
|
|
PATH_BASE: https://repo1.maven.org/maven2/io/zonky/test/postgres
|
|
NAME_PREFIX: embedded-postgres-binaries
|
|
STEAMPIPE_UPDATE_CHECK: false
|
|
|
|
jobs:
|
|
# This workflow contains a single job called "build"
|
|
build:
|
|
# The type of runner that the job will run on
|
|
runs-on: ubuntu-latest
|
|
# Steps represent a sequence of tasks that will be executed as part of the job
|
|
steps:
|
|
- name: Trim asset version prefix and Validate
|
|
run: |-
|
|
echo $VERSION
|
|
trim=${VERSION#"v"}
|
|
echo $trim
|
|
if [[ $trim =~ ^[0-9]+\.[0-9]+\.[0-9]+(-.+)?$ ]]; then
|
|
echo "Version OK: $trim"
|
|
else
|
|
echo "Invalid version: $trim"
|
|
exit 1
|
|
fi
|
|
echo "VERSION=${trim}" >> $GITHUB_ENV
|
|
|
|
- name: Ensure Version Does Not Exist
|
|
run: |-
|
|
|
|
URL=https://$(echo $CORE_REPO | sed 's/\//\/v2\//')/$IMAGE_NAME/tags/list
|
|
IDX=$(curl -L $URL | jq ".tags | index(\"$VERSION\")")
|
|
if [ $IDX == "null" ]; then
|
|
echo "OK - Version does not exist: $VERSION"
|
|
else
|
|
echo "Version already exists: $VERSION"
|
|
exit 1
|
|
fi
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
with:
|
|
ref: ${{ github.event.inputs.branch }}
|
|
|
|
- name: Pull & Extract - darwin amd64
|
|
run: |-
|
|
EXTRACT_DIR=extracted-darwin-amd64
|
|
curl -L -O -J -L https://www.dropbox.com/s/4ilvb7ixmkbyhq5/darwin-amd64.txz?dl=0 --output darwin-amd64.txz
|
|
mkdir $EXTRACT_DIR
|
|
tar -xf darwin-amd64.txz --directory $EXTRACT_DIR
|
|
|
|
- name: Pull & Extract - darwin arm64
|
|
run: |-
|
|
EXTRACT_DIR=extracted-darwin-arm64
|
|
curl -L -O -J -L https://www.dropbox.com/s/qztyzex9zr6pq00/darwin-arm64.txz?dl=0 --output darwin-arm64.txz
|
|
mkdir $EXTRACT_DIR
|
|
tar -xf darwin-arm64.txz --directory $EXTRACT_DIR
|
|
|
|
- name: Pull & Extract - linux amd64
|
|
run: |-
|
|
EXTRACT_DIR=extracted-linux-amd64
|
|
curl -L -O -J -L https://www.dropbox.com/s/kqkcp6q8jts82e9/linux-amd64.txz?dl=0 --output linux-amd64.txz
|
|
mkdir $EXTRACT_DIR
|
|
tar -xf linux-amd64.txz --directory $EXTRACT_DIR
|
|
|
|
- name: Pull & Extract - linux arm64
|
|
run: |-
|
|
EXTRACT_DIR=extracted-linux-arm64
|
|
curl -L -O -J -L https://www.dropbox.com/s/mcyi7lmx0r3x008/linux-arm64.txz?dl=0 --output linux-arm64.txz
|
|
mkdir $EXTRACT_DIR
|
|
tar -xf linux-arm64.txz --directory $EXTRACT_DIR
|
|
|
|
- name: Build Config JSON
|
|
run: |-
|
|
JSON_STRING=$( jq -n \
|
|
--arg name "$IMAGE_NAME" \
|
|
--arg organization "$ORG" \
|
|
--arg version "$VERSION" \
|
|
--arg schemaVersion "$CONFIG_SCHEMA_VERSION" \
|
|
--arg dbVersion "$PG_VERSION" \
|
|
'{schemaVersion: $schemaVersion, db: { name: $name, organization: $organization, version: $version, dbVersion: $dbVersion} }' )
|
|
|
|
echo $JSON_STRING > config.json
|
|
|
|
- name: Build Annotations JSON
|
|
run: |-
|
|
JSON_STRING=$( jq -n \
|
|
--arg title "$IMAGE_NAME" \
|
|
--arg desc "$ORG" \
|
|
--arg version "$VERSION" \
|
|
--arg timestamp "$(date +%FT%T%z)" \
|
|
--arg vendor "Turbot HQ, Inc." \
|
|
'{
|
|
"$manifest": {
|
|
"org.opencontainers.image.title": $title,
|
|
"org.opencontainers.image.description": $desc,
|
|
"org.opencontainers.image.version": $version,
|
|
"org.opencontainers.image.created": $timestamp,
|
|
"org.opencontainers.image.vendor": $vendor
|
|
}
|
|
}' )
|
|
|
|
echo $JSON_STRING > annotations.json
|
|
|
|
- name: Get GCloud CLI
|
|
uses: google-github-actions/setup-gcloud@v0.6.0
|
|
with:
|
|
service_account_key: ${{ secrets.GCP_GITHUB_ACTION_PUSH_ARTIFACTS }}
|
|
project_id: ${{ env.PROJECT_ID }}
|
|
export_default_credentials: true
|
|
|
|
- name: Setup GCloud CLI
|
|
run: |-
|
|
echo ${{ secrets.STEAMPIPE_REGISTRY_SA_KEY }}
|
|
gcloud config list
|
|
gcloud components install beta
|
|
gcloud components install alpha --quiet
|
|
gcloud beta auth configure-docker us-docker.pkg.dev
|
|
|
|
- name: Verify ORAS
|
|
run: |-
|
|
oras version
|
|
|
|
- name: Push to Registry
|
|
run: |-
|
|
REF="$CORE_REPO/$IMAGE_NAME:$GITHUB_RUN_ID"
|
|
|
|
oras push $REF \
|
|
--manifest-config config.json:application/vnd.turbot.steampipe.config.v1+json \
|
|
--manifest-annotations annotations.json \
|
|
extracted-darwin-amd64:application/vnd.turbot.steampipe.db.darwin-amd64.layer.v1+tar \
|
|
extracted-darwin-arm64:application/vnd.turbot.steampipe.db.darwin-arm64.layer.v1+tar \
|
|
extracted-linux-amd64:application/vnd.turbot.steampipe.db.linux-amd64.layer.v1+tar \
|
|
extracted-linux-arm64:application/vnd.turbot.steampipe.db.linux-arm64.layer.v1+tar
|
|
|
|
- name: Set version tags
|
|
uses: ./.github/actions/semver-tags
|
|
id: semver
|
|
with:
|
|
image-to-tag: "${{ env.CORE_REPO }}/${{ env.IMAGE_NAME }}:${{ github.run_id }}"
|
|
image-version: ${{ env.VERSION }}
|