-
Notifications
You must be signed in to change notification settings - Fork 208
174 lines (146 loc) · 5.93 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
name: Release Artifacts
on:
workflow_dispatch:
inputs:
release-major-tag:
description: 'Whether to create major tag of docker image or not. This will create a tag such as 2 which points to this version.'
required: true
type: boolean
release-latest-tag:
description: >
Whether to create latest tag of docker image or not. This will update the latest tag to point to this version. You should set this when releasing the latest version, but not patches to old versions.
required: true
type: boolean
permissions:
id-token: write
contents: write
issues: write
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 50
steps:
- name: Set up JDK
uses: actions/setup-java@v1
with:
java-version: 11
- name: Checkout Data Prepper
uses: actions/checkout@v2
- name: Get Version
run: grep '^version=' gradle.properties >> $GITHUB_ENV
- name: Build Jar Files
run: ./gradlew --parallel --max-workers 2 build
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: ${{ secrets.RELEASE_IAM_ROLE }}
aws-region: us-east-1
- name: Build Archives
run: ./gradlew --parallel --max-workers 2 :release:archives:buildArchives
- name: Build Maven Artifacts
run: ./gradlew publish
- name: Build Docker Image
run: ./gradlew :release:docker:docker
- name: Upload Archives to Archives Bucket
run: ./gradlew :release:archives:uploadArchives -Pregion=us-east-1 -Pbucket=${{ secrets.ARCHIVES_BUCKET_NAME }} -Pprofile=default -PbuildNumber=${{ github.run_number }}
- name: Upload Maven Artifacts to Archives Bucket
run: ./gradlew :release:maven:uploadArtifact -Pregion=us-east-1 -Pbucket=${{ secrets.ARCHIVES_BUCKET_NAME }} -Pprofile=default -PbuildNumber=${{ github.run_number }}
- name: Log into Amazon ECR Public
id: login-ecr
uses: docker/login-action@v1
with:
registry: public.ecr.aws
env:
AWS_REGION: us-east-1
- name: Push Image to Staging ECR
run: |
docker tag opensearch-data-prepper:${{ env.version }} ${{ secrets.ECR_REPOSITORY_URL }}:${{ env.version }}-${{ github.run_number }}
docker push ${{ secrets.ECR_REPOSITORY_URL }}:${{ env.version }}-${{ github.run_number }}
validate-docker:
runs-on: ubuntu-latest
needs: build
timeout-minutes: 30
steps:
- name: Checkout Data Prepper
uses: actions/checkout@v2
- name: Get Version
run: grep '^version=' gradle.properties >> $GITHUB_ENV
- name: Smoke Test Docker Image
run: |
docker pull ${{ secrets.ECR_REPOSITORY_URL }}:${{ env.version }}-${{ github.run_number }}
./release/smoke-tests/run-smoke-tests.sh -v ${{ env.version }}-${{ github.run_number }} -i ${{ secrets.ECR_REPOSITORY_URL }}
validate-archive:
strategy:
matrix:
include:
- image : "openjdk:11"
archive: opensearch-data-prepper
- image : "openjdk:17"
archive: opensearch-data-prepper
- image : "ubuntu:latest"
archive: opensearch-data-prepper-jdk
fail-fast: false
runs-on: ubuntu-latest
needs: build
timeout-minutes: 8
steps:
- name: Checkout Data Prepper
uses: actions/checkout@v2
- name: Get Version
run: grep '^version=' gradle.properties >> $GITHUB_ENV
- name: Smoke Test Tarball Files
run: ./release/smoke-tests/run-tarball-files-smoke-tests.sh -v ${{ env.version }} -u ${{ secrets.ARCHIVES_PUBLIC_URL }} -n ${{ github.run_number }} -i ${{ matrix.image }} -t ${{ matrix.archive }}
promote:
runs-on: ubuntu-latest
if: ${{ (success() || failure()) && needs.build.result == 'success' }}
needs: [build, validate-docker, validate-archive]
permissions:
contents: write
issues: write
steps:
- name: Checkout Data Prepper
uses: actions/checkout@v3
- name: Get Version
run: grep '^version=' gradle.properties >> $GITHUB_ENV
- name: Get Approvers
id: get_approvers
run: |
echo "approvers=$(cat .github/CODEOWNERS | grep @ | tr -d '* ' | sed 's/@/,/g' | sed 's/,//1')" >> $GITHUB_OUTPUT
- uses: trstringer/manual-approval@v1
with:
secret: ${{ github.TOKEN }}
approvers: ${{ steps.get_approvers.outputs.approvers }}
minimum-approvals: 2
issue-title: 'Release Data Prepper : ${{ env.version }}'
issue-body: >
Please approve or deny the release of Data Prepper.
**VERSION**: ${{ env.version }}
**BUILD NUMBER**: ${{ github.run_number }}
**RELEASE MAJOR TAG**: ${{ github.event.inputs.release-major-tag }}
**RELEASE LATEST TAG**: ${{ github.event.inputs.release-latest-tag }}
exclude-workflow-initiator-as-approver: false
- name: Create Release Description
run: |
echo 'version: ${{ env.version }}' > release-description.yaml
echo 'build_number: ${{ github.run_number }}' >> release-description.yaml
echo 'release_major_tag: ${{ github.event.inputs.release-major-tag }}' >> release-description.yaml
echo 'release_latest_tag: ${{ github.event.inputs.release-latest-tag }}' >> release-description.yaml
- name: Create tag
uses: actions/github-script@v6
with:
github-token: ${{ github.TOKEN }}
script: |
github.rest.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: 'refs/tags/${{ env.version }}',
sha: context.sha
})
- name: Draft release
uses: softprops/action-gh-release@v1
with:
draft: true
name: '${{ env.version }}'
tag_name: 'refs/tags/${{ env.version }}'
files: |
release-description.yaml