-
Notifications
You must be signed in to change notification settings - Fork 169
176 lines (153 loc) · 6.35 KB
/
cli-release.yml
File metadata and controls
176 lines (153 loc) · 6.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
# This workflow runs full or nightly releases.
# Full releases are published to brew, CDN (for install script), and Github Releases.
# A full release gets its version number from the Git tag that triggered it.
# Nightly releases are only published to CDN and do not have a version. Their version number is "nightly".
# Caching of the release artifacts are intentionally disabled at the bucket level by setting the Cache-Control header of the objects to 'no-store',
# this is done because the files are cached at the CDN layer instead and multiple caching layers makes invalidating the cache difficult.
# The CDN cache is explicitly invalidated as part of the release process, to prevent old versions from being accidentally served after the release is done.
name: Release Rill CLI
on:
push:
# Trigger a full release on new Git tag
tags:
- "v*"
# Trigger a nightly release at midnight
schedule:
- cron: '0 0 * * *'
# Trigger a nightly release manually
workflow_dispatch:
env:
PUBLISH_NIGHTLY: ${{ contains(fromJSON('["schedule", "workflow_dispatch"]'), github.event_name) }}
PUBLISH_RELEASE: ${{ startsWith(github.ref, 'refs/tags/v') }}
jobs:
build:
name: Build rill
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- os: ubuntu-24.04
platform: linux_amd64
- os: ubuntu-24.04-arm
platform: linux_arm64
- os: macos-14
platform: darwin_arm64
- os: macos-15-intel
platform: darwin_amd64
fail-fast: false
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: 1.25
- name: Set up NodeJS
uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
- name: Build and embed static UI
run: make cli.prepare
env:
RILL_UI_PUBLIC_INTAKE_USER: "data-modeler"
RILL_UI_PUBLIC_INTAKE_PASSWORD: ${{ secrets.RILL_INTAKE_PASSWORD }}
RILL_UI_PUBLIC_POSTHOG_API_KEY: "phc_4qnfUotXUuevk2zJN8ei8HgKXMynddEMI0wPI9XwzlS"
RILL_UI_PUBLIC_PYLON_APP_ID: "26a0fdd2-3bd3-41e2-82bc-1b35a444729f"
NODE_OPTIONS: --max-old-space-size=4096
- name: Build rill cli
run: |-
if [[ ${{ env.PUBLISH_NIGHTLY }} == 'true' ]]; then
git fetch --prune --unshallow
VERSION="$(scripts/versiontag.sh --next)-nightly"
else
VERSION='${{ github.ref_name }}'
fi
go build -o rill \
-mod=readonly \
-ldflags="-s -w -X main.Version=${VERSION} -X main.Commit=${{ github.sha }} -X main.BuildDate=$(date +%FT%TZ)" \
cli/main.go
- name: Authenticate GCS
uses: google-github-actions/auth@v2
with:
credentials_json: "${{ secrets.RILL_BINARY_SA }}"
- name: Nightly - Upload nightly to CDN bucket
if: env.PUBLISH_NIGHTLY == 'true'
uses: google-github-actions/upload-cloud-storage@v2
with:
path: rill
destination: prod-cdn.rilldata.com/rill/nightly/binaries/${{ matrix.platform }}/
process_gcloudignore: false
headers: |-
cache-control: no-store
- name: Release - Upload nightly to CDN bucket
if: env.PUBLISH_RELEASE == 'true'
uses: google-github-actions/upload-cloud-storage@v2
with:
path: rill
destination: prod-cdn.rilldata.com/rill/${{ github.ref_name }}/binaries/${{ matrix.platform }}/
process_gcloudignore: false
headers: |-
cache-control: no-store
release:
name: Release rill
runs-on: ubuntu-latest
needs: build
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Fetch tags required by goreleaser
run: git fetch --prune --unshallow
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
credentials_json: "${{ secrets.RILL_BINARY_SA }}"
- name: Set up gcloud CLI
uses: google-github-actions/setup-gcloud@v2
- name: Set GORELEASER_CURRENT_TAG and NIGHTLY
run: |-
if [[ ${{ env.PUBLISH_NIGHTLY }} == 'true' ]]; then
BUCKET_DIR=nightly
LATEST_TAG=$(scripts/versiontag.sh)
echo "NIGHTLY=--nightly" >> $GITHUB_ENV
echo "GORELEASER_CURRENT_TAG=$(echo ${LATEST_TAG})" >> $GITHUB_ENV
else
echo "NIGHTLY=" >> $GITHUB_ENV
BUCKET_DIR=$(echo "${GITHUB_REF#refs/tags/}")
fi
echo '${{ github.ref_name }}' >> latest.txt
gsutil -m cp -r gs://prod-cdn.rilldata.com/rill/$BUCKET_DIR/binaries .
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASS }}
- name: Release Rill using Goreleaser
uses: goreleaser/goreleaser-action@v6
with:
distribution: goreleaser-pro
version: '~> v2'
args: release ${{ env.NIGHTLY }}
env:
CGO_ENABLED: 1
GITHUB_TOKEN: ${{ secrets.GORELEASER_ACCESS_TOKEN }}
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
GORELEASER_CURRENT_TAG: ${{ env.GORELEASER_CURRENT_TAG }}
PUBLISH_NIGHTLY: ${{ env.PUBLISH_NIGHTLY }}
- name: CDN - Explicitly invalidate the old artifacts from CDN cache
run: |-
gcloud compute url-maps invalidate-cdn-cache prod --path "/install.sh" --async
gcloud compute url-maps invalidate-cdn-cache prod --path "/rill/latest.txt" --async
if [[ ${{ env.PUBLISH_NIGHTLY }} == 'true' ]]; then
gcloud compute url-maps invalidate-cdn-cache prod --path "/rill/nightly/*" --async
fi
- name: Notify Slack
uses: ravsamhq/notify-slack-action@v2
if: always() && (env.PUBLISH_NIGHTLY == 'true' || env.PUBLISH_RELEASE == 'true')
with:
status: ${{ job.status }}
notification_title: "Nightly - ${{ env.PUBLISH_NIGHTLY }} / Release - ${{ env.PUBLISH_RELEASE }} "
message_format: "{emoji} *{workflow}* {status_message} in <{repo_url}|{repo}>"
footer: "Linked Repo <{repo_url}|{repo}>"
notify_when: "failure"
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_ANNOUNCE_DD }}