Release Artifacts #79
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Artifacts | |
on: | |
workflow_dispatch: | |
inputs: | |
release-major-tag: | |
description: 'Whether to create major tag of docker image or not. This will create a tag such as 2 which points to this version.' | |
required: true | |
type: boolean | |
release-latest-tag: | |
description: > | |
Whether to create latest tag of docker image or not. This will update the latest tag to point to this version. You should set this when releasing the latest version, but not patches to old versions. | |
required: true | |
type: boolean | |
permissions: | |
id-token: write | |
contents: write | |
issues: write | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
timeout-minutes: 50 | |
steps: | |
- name: Set up JDK | |
uses: actions/setup-java@v1 | |
with: | |
java-version: 11 | |
- name: Checkout Data Prepper | |
uses: actions/checkout@v2 | |
- name: Get Version | |
run: grep '^version=' gradle.properties >> $GITHUB_ENV | |
- name: Build Jar Files | |
run: ./gradlew --parallel --max-workers 2 build | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
role-to-assume: ${{ secrets.RELEASE_IAM_ROLE }} | |
aws-region: us-east-1 | |
- name: Build Archives | |
run: ./gradlew --parallel --max-workers 2 :release:archives:buildArchives | |
- name: Build Maven Artifacts | |
run: ./gradlew publish | |
- name: Build Docker Image | |
run: ./gradlew :release:docker:docker | |
- name: Upload Archives to Archives Bucket | |
run: ./gradlew :release:archives:uploadArchives -Pregion=us-east-1 -Pbucket=${{ secrets.ARCHIVES_BUCKET_NAME }} -Pprofile=default -PbuildNumber=${{ github.run_number }} | |
- name: Upload Maven Artifacts to Archives Bucket | |
run: ./gradlew :release:maven:uploadArtifact -Pregion=us-east-1 -Pbucket=${{ secrets.ARCHIVES_BUCKET_NAME }} -Pprofile=default -PbuildNumber=${{ github.run_number }} | |
- name: Log into Amazon ECR Public | |
id: login-ecr | |
uses: docker/login-action@v1 | |
with: | |
registry: public.ecr.aws | |
env: | |
AWS_REGION: us-east-1 | |
- name: Push Image to Staging ECR | |
run: | | |
docker tag opensearch-data-prepper:${{ env.version }} ${{ secrets.ECR_REPOSITORY_URL }}:${{ env.version }}-${{ github.run_number }} | |
docker push ${{ secrets.ECR_REPOSITORY_URL }}:${{ env.version }}-${{ github.run_number }} | |
validate-docker: | |
runs-on: ubuntu-latest | |
needs: build | |
timeout-minutes: 30 | |
steps: | |
- name: Checkout Data Prepper | |
uses: actions/checkout@v2 | |
- name: Get Version | |
run: grep '^version=' gradle.properties >> $GITHUB_ENV | |
- name: Smoke Test Docker Image | |
run: | | |
docker pull ${{ secrets.ECR_REPOSITORY_URL }}:${{ env.version }}-${{ github.run_number }} | |
./release/smoke-tests/run-smoke-tests.sh -v ${{ env.version }}-${{ github.run_number }} -i ${{ secrets.ECR_REPOSITORY_URL }} | |
validate-archive: | |
strategy: | |
matrix: | |
include: | |
- image : "openjdk:11" | |
archive: opensearch-data-prepper | |
- image : "openjdk:17" | |
archive: opensearch-data-prepper | |
- image : "ubuntu:latest" | |
archive: opensearch-data-prepper-jdk | |
fail-fast: false | |
runs-on: ubuntu-latest | |
needs: build | |
timeout-minutes: 8 | |
steps: | |
- name: Checkout Data Prepper | |
uses: actions/checkout@v2 | |
- name: Get Version | |
run: grep '^version=' gradle.properties >> $GITHUB_ENV | |
- name: Smoke Test Tarball Files | |
run: ./release/smoke-tests/run-tarball-files-smoke-tests.sh -v ${{ env.version }} -u ${{ secrets.ARCHIVES_PUBLIC_URL }} -n ${{ github.run_number }} -i ${{ matrix.image }} -t ${{ matrix.archive }} | |
promote: | |
runs-on: ubuntu-latest | |
if: ${{ (success() || failure()) && needs.build.result == 'success' }} | |
needs: [build, validate-docker, validate-archive] | |
permissions: | |
contents: write | |
issues: write | |
steps: | |
- name: Checkout Data Prepper | |
uses: actions/checkout@v3 | |
- name: Get Version | |
run: grep '^version=' gradle.properties >> $GITHUB_ENV | |
- name: Get Approvers | |
id: get_approvers | |
run: | | |
echo "approvers=$(cat .github/CODEOWNERS | grep @ | tr -d '* ' | sed 's/@/,/g' | sed 's/,//1')" >> $GITHUB_OUTPUT | |
- uses: trstringer/manual-approval@v1 | |
with: | |
secret: ${{ github.TOKEN }} | |
approvers: ${{ steps.get_approvers.outputs.approvers }} | |
minimum-approvals: 2 | |
issue-title: 'Release Data Prepper : ${{ env.version }}' | |
issue-body: > | |
Please approve or deny the release of Data Prepper. | |
**VERSION**: ${{ env.version }} | |
**BUILD NUMBER**: ${{ github.run_number }} | |
**RELEASE MAJOR TAG**: ${{ github.event.inputs.release-major-tag }} | |
**RELEASE LATEST TAG**: ${{ github.event.inputs.release-latest-tag }} | |
exclude-workflow-initiator-as-approver: false | |
- name: Create Release Description | |
run: | | |
echo 'version: ${{ env.version }}' > release-description.yaml | |
echo 'build_number: ${{ github.run_number }}' >> release-description.yaml | |
echo 'release_major_tag: ${{ github.event.inputs.release-major-tag }}' >> release-description.yaml | |
echo 'release_latest_tag: ${{ github.event.inputs.release-latest-tag }}' >> release-description.yaml | |
- name: Create tag | |
uses: actions/github-script@v6 | |
with: | |
github-token: ${{ github.TOKEN }} | |
script: | | |
github.rest.git.createRef({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
ref: 'refs/tags/${{ env.version }}', | |
sha: context.sha | |
}) | |
- name: Draft release | |
uses: softprops/action-gh-release@v1 | |
with: | |
draft: true | |
name: '${{ env.version }}' | |
tag_name: 'refs/tags/${{ env.version }}' | |
files: | | |
release-description.yaml |