Skip to content

v2.22.0

v2.22.0 #72

Workflow file for this run

# Releases a new version of FPD.
#
# It will do the following:
# - Do one more test run.
# - Build and upload the Docker images.
# - Download the Docker image, tag it as an release image and push it to our
# internal repository.
# - Download the artifacts from our internal builds bucket and sync them to our
# release bucket (while also adding a version file).
# - Deploy beta releases to our demo environment, and releases without suffix
# to our production environment.
---
on:
release:
types:
- published
workflow_dispatch:
name: Release
env:
SERVICE: fpd
ARCHS: "amd64 arm64v8"
jobs:
test-release:
name: Test release
runs-on: ubuntu-latest-8-cores
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
- name: setup-git-credentials
uses: fusion-engineering/setup-git-credentials@v2
with:
credentials: "https://fiberplanebot:${{ secrets.PRIVATE_GITHUB_TOKEN }}@github.com/"
- uses: Swatinem/rust-cache@v2
- name: Pull latest providers
run: cargo run pull
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run tests
run: cargo test
build-release:
uses: ./.github/workflows/reusable_build_images.yml
needs: test-release
secrets:
BUILDS_BUCKET: ${{ secrets.BUILDS_BUCKET }}
PRIVATE_GITHUB_TOKEN: ${{ secrets.PRIVATE_GITHUB_TOKEN }}
release-to-docker-hub:
name: Release fpd ${{ github.event.release.tag_name }}
needs: build-release
runs-on: ubuntu-22.04
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.sha }}
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: eu-central-1
role-to-assume: arn:aws:iam::901443922744:role/github_actions
- name: Login to Amazon ECR
id: ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Export variables
run: |
SHORT_SHA=$(git rev-parse --short "${{ github.sha }}")
MAJOR_VERSION=$(echo '${{ github.event.release.tag_name }}' | awk '{ split($0,version,".") ; print version[1] }')
echo "SHORT_SHA=${SHORT_SHA}" >> $GITHUB_ENV
echo "DEV_IMAGE=${{ steps.ecr.outputs.registry }}/${SERVICE}" >> $GITHUB_ENV
echo "DEV_TAG=dev-${SHORT_SHA}" >> $GITHUB_ENV
echo "RELEASE_IMAGE=${{ steps.ecr.outputs.registry }}/${SERVICE}" >> $GITHUB_ENV
echo "RELEASE_TAG=release-${{ github.event.release.tag_name }}" >> $GITHUB_ENV
echo "DOCKER_HUB_IMAGE=fiberplane/${SERVICE}" >> $GITHUB_ENV
echo "DOCKER_HUB_LEGACY_IMAGE=fiberplane/proxy" >> $GITHUB_ENV
echo "DOCKER_HUB_TAG="${{ github.event.release.tag_name }}"" >> $GITHUB_ENV
echo "DOCKER_HUB_MAJOR_TAG="$MAJOR_VERSION"" >> $GITHUB_ENV
- name: Write summary
run: |
echo "# Variables" >> $GITHUB_STEP_SUMMARY
echo "- \`VERSION\`: ${{ github.event.release.tag_name }}" >> $GITHUB_STEP_SUMMARY
echo "- \`SHA\`: ${{ github.sha }}" >> $GITHUB_STEP_SUMMARY
echo "- \`SHORT_SHA\`: $SHORT_SHA" >> $GITHUB_STEP_SUMMARY
echo "- \`DEV_IMAGE\`: $DEV_IMAGE" >> $GITHUB_STEP_SUMMARY
echo "- \`DEV_TAG\`: $DEV_TAG" >> $GITHUB_STEP_SUMMARY
echo "- \`RELEASE_IMAGE\`: $RELEASE_IMAGE" >> $GITHUB_STEP_SUMMARY
echo "- \`RELEASE_TAG\`: $RELEASE_TAG" >> $GITHUB_STEP_SUMMARY
echo "- \`DOCKER_HUB_IMAGE\`: $DOCKER_HUB_IMAGE" >> $GITHUB_STEP_SUMMARY
echo "- \`DOCKER_HUB_LEGACY_IMAGE\`: $DOCKER_HUB_LEGACY_IMAGE" >> $GITHUB_STEP_SUMMARY
echo "- \`DOCKER_HUB_TAG\`: $DOCKER_HUB_TAG" >> $GITHUB_STEP_SUMMARY
echo "- \`DOCKER_HUB_MAJOR_TAG\`: $DOCKER_HUB_MAJOR_TAG" >> $GITHUB_STEP_SUMMARY
# Make sure that release Docker image does not exist
- name: Verify new version
run: |
if docker pull "${RELEASE_IMAGE}:${RELEASE_TAG}" ; then
echo "::error::Version already exists in Docker registry"
exit 1
fi
# TODO: Verify that the release artifacts do no exist on s3
# Make sure that all the dev Docker image exist
- name: Pull Docker images
run: |
for ARCH in $ARCHS; do
if ! docker pull "${DEV_IMAGE}:${DEV_TAG}-${ARCH}" ; then
echo "::error::Image for arch $ARCH was not found, please wait until it is finished uploading"
exit 1
fi
done
# Make sure that the artifacts exist in the builds bucket
- name: Sync artifacts from S3 builds bucket
run: |
aws s3 sync \
s3://${{ secrets.BUILDS_BUCKET }}/${SERVICE}/commits/${SHORT_SHA}/ \
artifacts/
- name: Create version file
run: echo "${{ github.event.release.tag_name }}" | cut -c2- > artifacts/version
- name: Upload to GitHub artifacts
uses: actions/upload-artifact@v4
with:
name: artifacts
path: artifacts
if-no-files-found: error
retention-days: 1
- name: Sync artifacts to S3 release bucket
run: |
aws s3 sync \
--acl public-read \
--delete \
artifacts/ \
s3://${{ secrets.RELEASES_BUCKET }}/${SERVICE}/${{ github.event.release.tag_name }}/
aws s3 sync \
--acl public-read \
--delete \
artifacts/ \
s3://${{ secrets.RELEASES_BUCKET }}/${SERVICE}/latest
- name: Tag and push release Docker image (AWS ECR)
run: |
for ARCH in $ARCHS; do
docker tag "${DEV_IMAGE}:${DEV_TAG}-${ARCH}" "${RELEASE_IMAGE}:${RELEASE_TAG}-${ARCH}"
docker push "${RELEASE_IMAGE}:${RELEASE_TAG}-${ARCH}"
docker manifest create "${RELEASE_IMAGE}:${RELEASE_TAG}" -a "${RELEASE_IMAGE}:${RELEASE_TAG}-${ARCH}"
done
docker manifest push "${RELEASE_IMAGE}:${RELEASE_TAG}"
# Daemon also needs to be released to the Docker Hub registry
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Tag and push release Docker image (Docker Hub)
run: |
DOCKER_TAGS="${DOCKER_HUB_TAG} ${DOCKER_HUB_MAJOR_TAG}"
for TAG in $DOCKER_TAGS; do
for ARCH in $ARCHS; do
docker tag "${DEV_IMAGE}:${DEV_TAG}-${ARCH}" "${DOCKER_HUB_IMAGE}:${TAG}-${ARCH}"
docker push "${DOCKER_HUB_IMAGE}:${TAG}-${ARCH}"
docker manifest create "${DOCKER_HUB_IMAGE}:${TAG}" -a "${DOCKER_HUB_IMAGE}:${TAG}-${ARCH}"
done
docker manifest push "${DOCKER_HUB_IMAGE}:${TAG}"
done
- name: Tag and push release Docker legacy images (Docker Hub)
run: |
DOCKER_TAGS="${DOCKER_HUB_TAG} ${DOCKER_HUB_MAJOR_TAG}"
for TAG in $DOCKER_TAGS; do
for ARCH in $ARCHS; do
docker tag "${DEV_IMAGE}:${DEV_TAG}-${ARCH}" "${DOCKER_HUB_LEGACY_IMAGE}:${TAG}-${ARCH}"
docker push "${DOCKER_HUB_LEGACY_IMAGE}:${TAG}-${ARCH}"
docker manifest create "${DOCKER_HUB_LEGACY_IMAGE}:${TAG}" -a "${DOCKER_HUB_LEGACY_IMAGE}:${TAG}-${ARCH}"
done
docker manifest push "${DOCKER_HUB_LEGACY_IMAGE}:${TAG}"
done
beta-deploy:
needs: release-to-docker-hub
if: ${{ contains(github.event.release.tag_name, '-beta.') }}
uses: fiberplane/fpd/.github/workflows/deploy_release.yml@main
with:
environment: demo
version: ${{ github.event.release.tag_name }}
secrets:
DEPLOY_STARTED_SLACK_WEBHOOK_URL: ${{ secrets.DEPLOY_STARTED_SLACK_WEBHOOK_URL }}
DEPLOY_FINISHED_SLACK_WEBHOOK_URL: ${{ secrets.DEPLOY_FINISHED_SLACK_WEBHOOK_URL }}
DEPLOY_FAILED_SLACK_WEBHOOK_URL: ${{ secrets.DEPLOY_FAILED_SLACK_WEBHOOK_URL }}
FIBERPLANE_TOKEN: ${{ secrets.FIBERPLANE_TOKEN }}
FIBERPLANE_DEMO_TOKEN: ${{ secrets.FIBERPLANE_DEMO_TOKEN }}
FIBERPLANE_DEV_TOKEN: ${{ secrets.FIBERPLANE_DEV_TOKEN }}
production-deploy:
needs: release-to-docker-hub
if: ${{ !contains(github.event.release.tag_name, '-') }}
uses: fiberplane/fpd/.github/workflows/deploy_release.yml@main
with:
environment: production
version: ${{ github.event.release.tag_name }}
secrets:
DEPLOY_STARTED_SLACK_WEBHOOK_URL: ${{ secrets.DEPLOY_STARTED_SLACK_WEBHOOK_URL }}
DEPLOY_FINISHED_SLACK_WEBHOOK_URL: ${{ secrets.DEPLOY_FINISHED_SLACK_WEBHOOK_URL }}
DEPLOY_FAILED_SLACK_WEBHOOK_URL: ${{ secrets.DEPLOY_FAILED_SLACK_WEBHOOK_URL }}
FIBERPLANE_TOKEN: ${{ secrets.FIBERPLANE_TOKEN }}
FIBERPLANE_DEMO_TOKEN: ${{ secrets.FIBERPLANE_DEMO_TOKEN }}
FIBERPLANE_DEV_TOKEN: ${{ secrets.FIBERPLANE_DEV_TOKEN }}