-
Notifications
You must be signed in to change notification settings - Fork 118
176 lines (168 loc) · 6.01 KB
/
ci-post-release.yml
File metadata and controls
176 lines (168 loc) · 6.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
name: Post Release Tasks
on:
release:
types: [published]
env:
RUSTC_WRAPPER: sccache
SCCACHE_CACHE_SIZE: ${{ vars.SCCACHE_CACHE_SIZE }}
SCCACHE_BUCKET: ${{ vars.SCCACHE_BUCKET }}
SCCACHE_ENDPOINT: ${{ vars.SCCACHE_ENDPOINT }}
SCCACHE_REGION: ${{ vars.SCCACHE_REGION }}
AWS_ACCESS_KEY_ID: "${{ secrets.CI_K8S_MINIO_ACCESS_KEY_ID }}"
AWS_SECRET_ACCESS_KEY: "${{ secrets.CI_K8S_MINIO_SECRET_ACCESS_KEY }}"
jobs:
# Ideally this would just invoke `publish-python.yml`
#
# But not yet supported:
# https://docs.pypi.org/trusted-publishers/troubleshooting/#reusable-workflows-on-github
# https://github.com/pypa/gh-action-pypi-publish/issues/166
# https://github.com/pypi/warehouse/issues/11096
#
# When this is solved, do this again:
# - name: ""
# uses: ./.github/workflows/publish-python.yml
# secrets: inherit
publish-python:
runs-on: ubuntu-latest-amd64
environment:
name: release
url: https://pypi.org/p/feldera
permissions:
contents: read
id-token: write
defaults:
run:
shell: bash
working-directory: ./python
steps:
- uses: actions/checkout@v6
- name: Install uv
uses: astral-sh/setup-uv@v2
with:
version: "0.11.3"
enable-cache: true
cache-dependency-glob: "python/uv.lock"
- name: "Set up Python"
uses: actions/setup-python@v5
with:
python-version-file: "python/pyproject.toml"
- name: Install the project
run: uv sync --all-extras --dev
- name: Build package
run: |
uv build
- name: Publish package
if: ${{ vars.RELEASE_DRY_RUN == 'false' }}
uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e
with:
packages-dir: ./python/dist
- name: Minimize uv cache
run: uv cache prune --ci
# Ideally this would just invoke `publish-python.yml`
#
# But not yet supported:
# https://docs.pypi.org/trusted-publishers/troubleshooting/#reusable-workflows-on-github
# https://github.com/pypa/gh-action-pypi-publish/issues/166
# https://github.com/pypi/warehouse/issues/11096
#
# When this is solved, do this again:
# - name: ""
# uses: ./.github/workflows/publish-python.yml
# secrets: inherit
publish-dbt-feldera:
runs-on: ubuntu-latest-amd64
environment:
name: release
url: https://pypi.org/p/dbt-feldera
permissions:
contents: read
id-token: write
defaults:
run:
shell: bash
working-directory: ./python
steps:
- uses: actions/checkout@v6
- name: Install uv
uses: astral-sh/setup-uv@v2
with:
version: "0.11.3"
enable-cache: true
- name: "Set up Python"
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Install and build dbt-feldera
working-directory: ./python/dbt-feldera
run: |
uv venv
uv pip install -e ".[dev]"
uv build
- name: Publish dbt-feldera
if: ${{ vars.RELEASE_DRY_RUN == 'false' }}
uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e
with:
packages-dir: ./python/dbt-feldera/dist
- name: Minimize uv cache
working-directory: ./python/dbt-feldera
run: uv cache prune --ci
publish-crates:
name: ""
uses: ./.github/workflows/publish-crates.yml
with:
environment: release
secrets: inherit
adjust-versions:
runs-on: [k8s-runners-amd64]
container:
image: ghcr.io/feldera/feldera-dev:sha-3613839bd73108aee58017bf75dda42f7a3d0bb4
steps:
- name: Show Kubernetes node
if: always()
run: |
echo "K8S node: ${K8S_NODE_NAME}"
- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@v2
with:
app-id: ${{ vars.CI_ACCESS_APP_ID }}
private-key: ${{ secrets.CI_ACCESS_APP_PKEY }}
permission-contents: write
- uses: actions/checkout@v6
with:
# This runs on main because we make the commit on main at the end of the workflow,
# we use the token so it can circument push to main protection rules
ref: main
token: ${{ steps.app-token.outputs.token }}
- name: Determine current version based on pipeline-manager
run: |
echo "CURRENT_VERSION=$(cargo metadata --no-deps | jq -r '.packages[]|select(.name == "pipeline-manager")|.version')" >> $GITHUB_ENV
- name: Bump cargo versions
run: |
cargo set-version --bump ${{ vars.RELEASE_NEXT_VERSION }}
cargo run --release --locked --bin pipeline-manager -- --dump-openapi
- name: Determine next version based on pipeline-manager
run: |
echo "NEXT_VERSION=$(cargo metadata --no-deps | jq -r '.packages[]|select(.name == "pipeline-manager")|.version')" >> $GITHUB_ENV
- name: Adjust python version
working-directory: ./python
run: |
sed -i "s/version = \"${{ env.CURRENT_VERSION }}\"/version = \"${{ env.NEXT_VERSION }}\"/g" pyproject.toml
uv sync
- name: Adjust dbt-feldera version
working-directory: ./python/dbt-feldera
run: |
sed -i "s/version = \"${{ env.CURRENT_VERSION }}\"/version = \"${{ env.NEXT_VERSION }}\"/g" pyproject.toml
sed -i "s/version: '${{ env.CURRENT_VERSION }}'/version: '${{ env.NEXT_VERSION }}'/g" dbt/include/feldera/dbt_project.yml
- name: Adjust sql compiler version
working-directory: ./sql-to-dbsp-compiler/SQL-compiler
run: |
sed -i "s|<project.version>${{ env.CURRENT_VERSION }}|<project.version>${{ env.NEXT_VERSION }}|g" pom.xml
- name: List changes
run: |
git diff
- uses: EndBug/add-and-commit@a94899bca583c204427a224a7af87c02f9b325d5
if: ${{ vars.RELEASE_DRY_RUN == 'false' }}
with:
message: "ci: Prepare for v${{ env.NEXT_VERSION }}"
push: origin main