Skip to content

Publish nix pg_upgrade_scripts #169

Publish nix pg_upgrade_scripts

Publish nix pg_upgrade_scripts #169

name: Publish nix pg_upgrade_scripts
on:
push:
branches:
- develop
- release/*
paths:
- '.github/workflows/publish-nix-pgupgrade-scripts.yml'
workflow_dispatch:
inputs:
postgresVersion:
description: 'Optional. Postgres version to publish against, i.e. 15.1.1.78'
required: false
permissions:
id-token: write
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
postgres_versions: ${{ steps.set-versions.outputs.postgres_versions }}
steps:
- name: Checkout Repo
uses: actions/checkout@v3
- uses: DeterminateSystems/nix-installer-action@main
- name: Set PostgreSQL versions
id: set-versions
run: |
VERSIONS=$(nix run nixpkgs#yq -- '.postgres_major[]' ansible/vars.yml | nix run nixpkgs#jq -- -R -s -c 'split("\n")[:-1]')
echo "postgres_versions=$VERSIONS" >> $GITHUB_OUTPUT
publish-staging:
needs: prepare
runs-on: ubuntu-latest
strategy:
matrix:
postgres_version: ${{ fromJson(needs.prepare.outputs.postgres_versions) }}
steps:
- name: Checkout Repo
uses: actions/checkout@v3
- uses: DeterminateSystems/nix-installer-action@main
- name: Grab release version
id: process_release_version
run: |
VERSION=$(sudo nix run nixpkgs#yq -- '.postgres_release["postgres'${{ matrix.postgres_version }}'"]' ansible/vars.yml)
VERSION=$(echo $PG_VERSION | tr -d '"') # Remove any surrounding quotes
if [[ "${{ inputs.postgresVersion }}" != "" ]]; then
VERSION=${{ inputs.postgresVersion }}
fi
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
- name: Create a tarball containing pg_upgrade scripts
run: |
mkdir -p /tmp/pg_upgrade_scripts
cp -r ansible/files/admin_api_scripts/pg_upgrade_scripts/* /tmp/pg_upgrade_scripts
tar -czvf /tmp/pg_upgrade_scripts.tar.gz -C /tmp/ pg_upgrade_scripts
- name: configure aws credentials - staging
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ${{ secrets.DEV_AWS_ROLE }}
aws-region: "us-east-1"
- name: Upload pg_upgrade scripts to s3 staging
run: |
aws s3 cp /tmp/pg_upgrade_scripts.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/pg_upgrade_scripts.tar.gz
- name: Slack Notification on Failure
if: ${{ failure() }}
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_NOTIFICATIONS_WEBHOOK }}
SLACK_USERNAME: 'gha-failures-notifier'
SLACK_COLOR: 'danger'
SLACK_MESSAGE: 'Publishing pg_upgrade scripts failed'
SLACK_FOOTER: ''
publish-prod:
needs: prepare
runs-on: ubuntu-latest
if: github.ref_name == 'develop' || contains( github.ref, 'release' )
strategy:
matrix:
postgres_version: ${{ fromJson(needs.prepare.outputs.postgres_versions) }}
steps:
- name: Checkout Repo
uses: actions/checkout@v3
- name: Grab release version
id: process_release_version
run: |
VERSION=$(sudo nix run nixpkgs#yq -- '.postgres_release["postgres'${{ matrix.postgres_version }}'"]' ansible/vars.yml)
VERSION=$(echo $PG_VERSION | tr -d '"') # Remove any surrounding quotes
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
- name: Create a tarball containing pg_upgrade scripts
run: |
mkdir -p /tmp/pg_upgrade_scripts
cp -r ansible/files/admin_api_scripts/pg_upgrade_scripts/* /tmp/pg_upgrade_scripts
tar -czvf /tmp/pg_upgrade_scripts.tar.gz -C /tmp/ pg_upgrade_scripts
- name: configure aws credentials - prod
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ${{ secrets.PROD_AWS_ROLE }}
aws-region: "us-east-1"
- name: Upload pg_upgrade scripts to s3 prod
run: |
aws s3 cp /tmp/pg_upgrade_scripts.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/pg_upgrade_scripts.tar.gz
- name: Slack Notification on Failure
if: ${{ failure() }}
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_NOTIFICATIONS_WEBHOOK }}
SLACK_USERNAME: 'gha-failures-notifier'
SLACK_COLOR: 'danger'
SLACK_MESSAGE: 'Publishing pg_upgrade scripts failed'
SLACK_FOOTER: ''