-
Notifications
You must be signed in to change notification settings - Fork 14.6k
192 lines (191 loc) · 8.03 KB
/
release_dockerhub_image.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
---
name: "Release PROD images"
on: # yamllint disable-line rule:truthy
workflow_dispatch:
inputs:
airflowVersion:
description: 'Airflow version'
required: true
skipLatest:
description: 'Skip Latest: Set to true if not latest.'
default: ''
required: false
permissions:
contents: read
packages: read
concurrency:
group: ${{ github.event.inputs.airflowVersion }}
cancel-in-progress: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VERBOSE: true
jobs:
build-info:
timeout-minutes: 10
name: "Build Info"
runs-on: ["ubuntu-22.04"]
outputs:
pythonVersions: ${{ steps.selective-checks.outputs.python-versions }}
allPythonVersions: ${{ steps.selective-checks.outputs.all-python-versions }}
defaultPythonVersion: ${{ steps.selective-checks.outputs.default-python-version }}
chicken-egg-providers: ${{ steps.selective-checks.outputs.chicken-egg-providers }}
skipLatest: ${{ github.event.inputs.skipLatest == '' && ' ' || '--skip-latest' }}
limitPlatform: ${{ github.repository == 'apache/airflow' && ' ' || '--limit-platform linux/amd64' }}
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
VERBOSE: true
steps:
- name: "Cleanup repo"
shell: bash
run: docker run -v "${GITHUB_WORKSPACE}:/workspace" -u 0:0 bash -c "rm -rf /workspace/*"
- name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
uses: actions/checkout@v4
with:
persist-credentials: false
- name: "Cleanup docker"
run: ./scripts/ci/cleanup_docker.sh
- name: "Install Breeze"
uses: ./.github/actions/breeze
- name: Selective checks
id: selective-checks
env:
VERBOSE: "false"
run: breeze ci selective-check 2>> ${GITHUB_OUTPUT}
release-images:
timeout-minutes: 120
name: "Release images: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }}"
runs-on: ["ubuntu-22.04"]
needs: [build-info]
strategy:
fail-fast: false
matrix:
python-version: ${{ fromJSON(needs.build-info.outputs.pythonVersions) }}
if: contains(fromJSON('[
"ashb",
"eladkal",
"ephraimbuddy",
"jedcunningham",
"kaxil",
"pierrejeambrun",
"potiuk",
]'), github.event.sender.login)
steps:
- name: "Cleanup repo"
shell: bash
run: docker run -v "${GITHUB_WORKSPACE}:/workspace" -u 0:0 bash -c "rm -rf /workspace/*"
- name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
uses: actions/checkout@v4
with:
persist-credentials: false
- name: "Cleanup docker"
run: ./scripts/ci/cleanup_docker.sh
- name: "Install Breeze"
uses: ./.github/actions/breeze
- name: Free space
run: breeze ci free-space --answer yes
- name: "Cleanup dist and context file"
run: rm -fv ./dist/* ./docker-context-files/*
- name: "Login to hub.docker.com"
run: >
echo ${{ secrets.DOCKERHUB_TOKEN }} |
docker login --password-stdin --username ${{ secrets.DOCKERHUB_USER }}
- name: Login to ghcr.io
run: echo "${{ env.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: "Install buildx plugin"
# yamllint disable rule:line-length
run: |
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt install docker-buildx-plugin
- name: "Install regctl"
# yamllint disable rule:line-length
run: |
mkdir -p ~/bin
curl -L https://github.com/regclient/regclient/releases/latest/download/regctl-linux-amd64 >${HOME}/bin/regctl
chmod 755 ${HOME}/bin/regctl
echo "${HOME}/bin" >>${GITHUB_PATH}
- name: "Install emulation support"
run: docker run --privileged --rm tonistiigi/binfmt --install all
- name: "Create airflow_cache builder"
run: docker buildx create --name airflow_cache
- name: "Prepare chicken-eggs provider packages"
# In case of provider packages which use latest dev0 version of providers, we should prepare them
# from the source code, not from the PyPI because they have apache-airflow>=X.Y.Z dependency
# And when we prepare them from sources they will have apache-airflow>=X.Y.Z.dev0
shell: bash
run: >
breeze release-management prepare-provider-packages
--package-format wheel
--version-suffix-for-pypi dev0 ${{ needs.build-info.outputs.chicken-egg-providers }}
if: needs.build-info.outputs.chicken-egg-providers != ''
- name: "Copy dist packages to docker-context files"
shell: bash
run: cp -v --no-preserve=mode,ownership ./dist/*.whl ./docker-context-files
if: needs.build-info.outputs.chicken-egg-providers != ''
- name: >
Release regular images: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }}
run: >
breeze release-management release-prod-images
--dockerhub-repo ${{ github.repository }}
--airflow-version ${{ github.event.inputs.airflowVersion }}
${{ needs.build-info.outputs.skipLatest }}
${{ needs.build-info.outputs.limitPlatform }}
--limit-python ${{ matrix.python-version }}
--chicken-egg-providers "${{ needs.build-info.outputs.chicken-egg-providers }}"
env:
COMMIT_SHA: ${{ github.sha }}
- name: >
Release slim images: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }}
run: >
breeze release-management release-prod-images
--dockerhub-repo ${{ github.repository }}
--airflow-version ${{ github.event.inputs.airflowVersion }}
${{ needs.build-info.outputs.skipLatest }}
${{ needs.build-info.outputs.limitPlatform }}
--limit-python ${{ matrix.python-version }} --slim-images
env:
COMMIT_SHA: ${{ github.sha }}
- name: >
Verify regular AMD64 image: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }}
run: >
breeze prod-image verify
--pull
--image-name
${{github.repository}}:${{github.event.inputs.airflowVersion}}-python${{matrix.python-version}}
- name: >
Verify slim AMD64 image: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }}
run: >
breeze prod-image verify
--pull
--slim-image
--image-name
${{github.repository}}:slim-${{github.event.inputs.airflowVersion}}-python${{matrix.python-version}}
- name: "Docker logout"
run: docker logout
if: always()