publish docker images/image updates for major versions #977
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Testinfra Integration Tests Nix | |
on: | |
pull_request: | |
workflow_dispatch: | |
jobs: | |
prepare: | |
runs-on: ubuntu-latest | |
outputs: | |
postgres_versions: ${{ steps.set-versions.outputs.postgres_versions }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- uses: DeterminateSystems/nix-installer-action@main | |
- name: Set PostgreSQL versions | |
id: set-versions | |
run: | | |
VERSIONS=$(nix run nixpkgs#yq -- '.postgres_major[]' ansible/vars.yml | nix run nixpkgs#jq -- -R -s -c 'split("\n")[:-1]') | |
echo "postgres_versions=$VERSIONS" >> $GITHUB_OUTPUT | |
test-ami-nix: | |
needs: prepare | |
strategy: | |
fail-fast: false | |
matrix: | |
postgres_version: ${{ fromJson(needs.prepare.outputs.postgres_versions) }} | |
include: | |
- runner: arm-runner | |
arch: arm64 | |
ubuntu_release: focal | |
ubuntu_version: 20.04 | |
mcpu: neoverse-n1 | |
runs-on: ${{ matrix.runner }} | |
timeout-minutes: 150 | |
permissions: | |
contents: write | |
packages: write | |
id-token: write | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- id: args | |
uses: mikefarah/yq@master | |
with: | |
cmd: yq 'to_entries | map(select(.value|type == "!!str")) | map(.key + "=" + .value) | join("\n")' 'ansible/vars.yml' | |
- run: docker context create builders | |
- uses: docker/setup-buildx-action@v3 | |
with: | |
endpoint: builders | |
- name: Generate random string | |
id: random | |
run: echo "random_string=$(openssl rand -hex 8)" >> $GITHUB_OUTPUT | |
- name: Set PostgreSQL version environment variable | |
run: echo "POSTGRES_MAJOR_VERSION=${{ matrix.postgres_version }}" >> $GITHUB_ENV | |
- name: Generate common-nix.vars.pkr.hcl | |
run: | | |
PG_VERSION=$(sudo nix run nixpkgs#yq -- '.postgres_release["postgres'${{ matrix.postgres_version }}'"]' ansible/vars.yml) | |
PG_VERSION=$(echo $PG_VERSION | tr -d '"') # Remove any surrounding quotes | |
echo 'postgres-version = "'$PG_VERSION'"' > common-nix.vars.pkr.hcl | |
# Ensure there's a newline at the end of the file | |
echo "" >> common-nix.vars.pkr.hcl | |
- name: Build AMI stage 1 | |
run: | | |
packer init amazon-arm64-nix.pkr.hcl | |
GIT_SHA=${{github.sha}} | |
packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var-file="development-arm.vars.pkr.hcl" -var-file="common-nix.vars.pkr.hcl" -var "ansible_arguments=" -var "postgres-version=${{ steps.random.outputs.random_string }}" -var "region=ap-southeast-1" -var 'ami_regions=["ap-southeast-1"]' -var "force-deregister=true" -var "ansible_arguments=-e postgresql_major=${POSTGRES_MAJOR_VERSION}" amazon-arm64-nix.pkr.hcl | |
- name: Build AMI stage 2 | |
run: | | |
packer init stage2-nix-psql.pkr.hcl | |
GIT_SHA=${{github.sha}} | |
packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var "postgres_major_version=${POSTGRES_MAJOR_VERSION}" -var-file="development-arm.vars.pkr.hcl" -var-file="common-nix.vars.pkr.hcl" -var "postgres-version=${{ steps.random.outputs.random_string }}" -var "region=ap-southeast-1" -var 'ami_regions=["ap-southeast-1"]' -var "force-deregister=true" -var "git_sha=${GITHUB_SHA}" stage2-nix-psql.pkr.hcl | |
- name: Run tests | |
timeout-minutes: 10 | |
env: | |
AMI_NAME: "supabase-postgres-${{ steps.random.outputs.random_string }}" | |
run: | | |
# TODO: use poetry for pkg mgmt | |
pip3 install boto3 boto3-stubs[essential] docker ec2instanceconnectcli pytest pytest-testinfra[paramiko,docker] requests | |
pytest -vv -s testinfra/test_ami_nix.py | |
- name: Cleanup resources on build cancellation | |
if: ${{ cancelled() }} | |
run: | | |
aws ec2 --region ap-southeast-1 describe-instances --filters "Name=tag:packerExecutionId,Values=${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -r aws ec2 terminate-instances --region ap-southeast-1 --instance-ids | |
- name: Cleanup resources after build | |
if: ${{ always() }} | |
run: | | |
aws ec2 --region ap-southeast-1 describe-instances --filters "Name=tag:testinfra-run-id,Values=${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -r aws ec2 terminate-instances --region ap-southeast-1 --instance-ids || true | |
- name: Cleanup AMIs | |
if: always() | |
run: | | |
# Define AMI name patterns | |
STAGE1_AMI_NAME="supabase-postgres-ci-ami-test-stage-1" | |
STAGE2_AMI_NAME="${{ steps.random.outputs.random_string }}" | |
# Function to deregister AMIs by name pattern | |
deregister_ami_by_name() { | |
local ami_name_pattern=$1 | |
local ami_ids=$(aws ec2 describe-images --region ap-southeast-1 --owners self --filters "Name=name,Values=${ami_name_pattern}" --query 'Images[*].ImageId' --output text) | |
for ami_id in $ami_ids; do | |
echo "Deregistering AMI: $ami_id" | |
aws ec2 deregister-image --region ap-southeast-1 --image-id $ami_id | |
done | |
} | |
# Deregister AMIs | |
deregister_ami_by_name "$STAGE1_AMI_NAME" | |
deregister_ami_by_name "$STAGE2_AMI_NAME" |