Skip to content
Create a new release

trigger-oss-release #250

Sign in to view logs

trigger-oss-release

trigger-oss-release #250

Workflow file for this run

.github/workflows/ci-release.yml at 6af3f1b
name: Create a new release
on:
repository_dispatch:
types: [trigger-oss-release]
workflow_dispatch:
inputs:
sha_to_release:
description: "SHA to release (don't invoke this manually except to fix release issues)"
required: true
version:
description: "Current version to release"
required: true
env:
REGISTRY: ghcr.io
jobs:
release:
runs-on: ubuntu-latest-amd64
permissions:
id-token: write
contents: read
packages: write
actions: read
steps:
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
with:
app-id: ${{ vars.CI_ACCESS_APP_ID }}
private-key: ${{ secrets.CI_ACCESS_APP_PKEY }}
owner: ${{ github.repository_owner }}
permission-contents: write
permission-actions: read
permission-workflows: write
permission-metadata: read
- name: Set SHA_TO_RELEASE and CURRENT_VERSION
if: github.event_name == 'repository_dispatch'
run: |
echo "Setting version from repository_dispatch"
echo "CURRENT_VERSION=${{ github.event.client_payload.version }}" >> $GITHUB_ENV
echo "SHA_TO_RELEASE=${{ github.event.client_payload.sha_to_release }}" >> $GITHUB_ENV
- name: Set SHA_TO_RELEASE and CURRENT_VERSION
if: github.event_name == 'workflow_dispatch'
run: |
echo "Setting version from workflow_dispatch"
echo "CURRENT_VERSION=${{ github.event.inputs.version }}" >> $GITHUB_ENV
echo "SHA_TO_RELEASE=${{ github.event.inputs.sha_to_release }}" >> $GITHUB_ENV
- name: Check SHA and version inputs
run: |
if [ -z "${SHA_TO_RELEASE}" ] || [ -z "${CURRENT_VERSION}" ]; then
echo "Missing required release parameters"
exit 1
fi
- name: Checkout
uses: actions/checkout@v6
with:
fetch-tags: true
ref: ${{ env.SHA_TO_RELEASE }}
persist-credentials: false
- name: Download artifact
id: download-artifact
uses: dawidd6/action-download-artifact@ac66b43f0e6a346234dd65d4d0c8fbb31cb316e5
with:
workflow: ci.yml
workflow_conclusion: success
commit: ${{ env.SHA_TO_RELEASE }}
name: feldera-sql-compiler-*|fda-*|pipeline-manager-*|feldera-docs|feldera-sbom
name_is_regexp: true
skip_unpack: true
if_no_artifact_found: fail
github_token: ${{ steps.app-token.outputs.token }}
- name: Prepare release artifacts
run: |
unzip -jo feldera-sql-compiler.zip 'sql2dbsp-jar-with-dependencies.jar' -d .
mv sql2dbsp-jar-with-dependencies.jar sql2dbsp-jar-with-dependencies-v${{ env.CURRENT_VERSION }}.jar
- name: Prepare SBOM files
run: |
unzip feldera-sbom.zip
mv feldera-sbom-source-${{ env.SHA_TO_RELEASE }}.spdx.json feldera-sbom-source.spdx.json
mv feldera-sbom-image-${{ env.SHA_TO_RELEASE }}.spdx.json feldera-sbom-image.spdx.json
- name: Generate Release token
id: release-token
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
with:
app-id: ${{ vars.CI_ACCESS_APP_ID }}
private-key: ${{ secrets.CI_ACCESS_APP_PKEY }}
permission-contents: write
permission-workflows: write
permission-metadata: read
repositories: ${{ github.event.repository.name }}
- name: Release on GitHub
uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8
with:
target_commitish: ${{ env.SHA_TO_RELEASE }}
tag_name: v${{ env.CURRENT_VERSION }}
draft: ${{ vars.RELEASE_DRY_RUN }}
generate_release_notes: true
make_latest: true
files: |
pipeline-manager-aarch64-unknown-linux-gnu.zip
pipeline-manager-x86_64-unknown-linux-gnu.zip
fda-x86_64-unknown-linux-gnu.zip
fda-aarch64-unknown-linux-gnu.zip
fda-x86_64-pc-windows-msvc.zip
sql2dbsp-jar-with-dependencies-v${{ env.CURRENT_VERSION }}.jar
feldera-sbom-source.spdx.json
feldera-sbom-image.spdx.json
# A custom token is necessary so the ci-post-release.yml workflow is triggered
# see also https://github.com/softprops/action-gh-release/issues/59
token: ${{ steps.release-token.outputs.token }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v5.1.0
with:
role-to-assume: arn:aws:iam::737834633458:role/GhaSql2DbspJarUpload
role-session-name: gha-${{ github.run_id }}
aws-region: ${{ vars.SQL2DBSP_S3_REGION }}
- name: Upload JAR to S3
run: |
JAR_FILE=sql2dbsp-jar-with-dependencies-v${{ env.CURRENT_VERSION }}.jar
aws s3 cp "$JAR_FILE" "s3://${{ vars.SQL2DBSP_S3_BUCKET }}/$JAR_FILE" \
--content-type application/java-archive
# Update docs.feldera.com
- name: Update docs.feldera.com
run: unzip feldera-docs.zip -d docs
- name: Deploy docs.feldera.com
if: ${{ vars.RELEASE_DRY_RUN == 'false' }}
uses: JamesIves/github-pages-deploy-action@4ef313c6a410f0883308623d45510e4a11625465 # v4.7.5
with:
folder: docs
token: ${{ steps.app-token.outputs.token }}
branch: ${{ vars.DOCS_PUBLISH_BRANCH }}
git-config-name: feldera-ci
git-config-email: dev@feldera.com
repository-name: feldera/docs.feldera.com
commit-message: Update docs for v${{ env.CURRENT_VERSION }}
# Publish Docker images
- name: Login to GHCR
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: latest
- name: Tag docker image with version and latest
if: ${{ vars.RELEASE_DRY_RUN == 'false' }}
run: |
docker buildx imagetools create -t ${{ vars.FELDERA_IMAGE_NAME }}:${{ env.CURRENT_VERSION }} ${{ vars.FELDERA_IMAGE_NAME }}:sha-${{ env.SHA_TO_RELEASE }}
docker buildx imagetools create -t ${{ vars.FELDERA_IMAGE_NAME }}:latest ${{ vars.FELDERA_IMAGE_NAME }}:sha-${{ env.SHA_TO_RELEASE }}