Release PROD images #147
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Licensed to the Apache Software Foundation (ASF) under one | |
# or more contributor license agreements. See the NOTICE file | |
# distributed with this work for additional information | |
# regarding copyright ownership. The ASF licenses this file | |
# to you under the Apache License, Version 2.0 (the | |
# "License"); you may not use this file except in compliance | |
# with the License. You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, | |
# software distributed under the License is distributed on an | |
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
# KIND, either express or implied. See the License for the | |
# specific language governing permissions and limitations | |
# under the License. | |
# | |
--- | |
name: "Release PROD images" | |
on: # yamllint disable-line rule:truthy | |
workflow_dispatch: | |
inputs: | |
airflowVersion: | |
description: 'Airflow version' | |
required: true | |
skipLatest: | |
description: 'Skip Latest: Set to true if not latest.' | |
default: '' | |
required: false | |
permissions: | |
contents: read | |
packages: read | |
concurrency: | |
group: ${{ github.event.inputs.airflowVersion }} | |
cancel-in-progress: true | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
VERBOSE: true | |
jobs: | |
build-info: | |
timeout-minutes: 10 | |
name: "Build Info" | |
runs-on: ["ubuntu-22.04"] | |
outputs: | |
pythonVersions: ${{ steps.selective-checks.outputs.python-versions }} | |
allPythonVersions: ${{ steps.selective-checks.outputs.all-python-versions }} | |
defaultPythonVersion: ${{ steps.selective-checks.outputs.default-python-version }} | |
chicken-egg-providers: ${{ steps.selective-checks.outputs.chicken-egg-providers }} | |
skipLatest: ${{ github.event.inputs.skipLatest == '' && ' ' || '--skip-latest' }} | |
limitPlatform: ${{ github.repository == 'apache/airflow' && ' ' || '--limit-platform linux/amd64' }} | |
env: | |
GITHUB_CONTEXT: ${{ toJson(github) }} | |
VERBOSE: true | |
steps: | |
- name: "Cleanup repo" | |
shell: bash | |
run: docker run -v "${GITHUB_WORKSPACE}:/workspace" -u 0:0 bash -c "rm -rf /workspace/*" | |
- name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )" | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: "Cleanup docker" | |
run: ./scripts/ci/cleanup_docker.sh | |
- name: "Install Breeze" | |
uses: ./.github/actions/breeze | |
- name: Selective checks | |
id: selective-checks | |
env: | |
VERBOSE: "false" | |
run: breeze ci selective-check 2>> ${GITHUB_OUTPUT} | |
release-images: | |
timeout-minutes: 120 | |
name: "Release images: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }}" | |
runs-on: ["ubuntu-22.04"] | |
needs: [build-info] | |
strategy: | |
fail-fast: false | |
matrix: | |
python-version: ${{ fromJSON(needs.build-info.outputs.pythonVersions) }} | |
if: contains(fromJSON('[ | |
"ashb", | |
"eladkal", | |
"ephraimbuddy", | |
"jedcunningham", | |
"kaxil", | |
"pierrejeambrun", | |
"potiuk", | |
]'), github.event.sender.login) | |
steps: | |
- name: "Cleanup repo" | |
shell: bash | |
run: docker run -v "${GITHUB_WORKSPACE}:/workspace" -u 0:0 bash -c "rm -rf /workspace/*" | |
- name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )" | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: "Cleanup docker" | |
run: ./scripts/ci/cleanup_docker.sh | |
- name: "Install Breeze" | |
uses: ./.github/actions/breeze | |
- name: Free space | |
run: breeze ci free-space --answer yes | |
- name: "Cleanup dist and context file" | |
run: rm -fv ./dist/* ./docker-context-files/* | |
- name: "Login to hub.docker.com" | |
run: > | |
echo ${{ secrets.DOCKERHUB_TOKEN }} | | |
docker login --password-stdin --username ${{ secrets.DOCKERHUB_USER }} | |
- name: Login to ghcr.io | |
run: echo "${{ env.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: "Install buildx plugin" | |
# yamllint disable rule:line-length | |
run: | | |
sudo apt-get update | |
sudo apt-get install ca-certificates curl | |
sudo install -m 0755 -d /etc/apt/keyrings | |
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc | |
sudo chmod a+r /etc/apt/keyrings/docker.asc | |
# Add the repository to Apt sources: | |
echo \ | |
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ | |
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ | |
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null | |
sudo apt-get update | |
sudo apt install docker-buildx-plugin | |
- name: "Install regctl" | |
# yamllint disable rule:line-length | |
run: | | |
mkdir -p ~/bin | |
curl -L https://github.com/regclient/regclient/releases/latest/download/regctl-linux-amd64 >${HOME}/bin/regctl | |
chmod 755 ${HOME}/bin/regctl | |
echo "${HOME}/bin" >>${GITHUB_PATH} | |
- name: "Install emulation support" | |
run: docker run --privileged --rm tonistiigi/binfmt --install all | |
- name: "Create airflow_cache builder" | |
run: docker buildx create --name airflow_cache | |
- name: "Prepare chicken-eggs provider packages" | |
# In case of provider packages which use latest dev0 version of providers, we should prepare them | |
# from the source code, not from the PyPI because they have apache-airflow>=X.Y.Z dependency | |
# And when we prepare them from sources they will have apache-airflow>=X.Y.Z.dev0 | |
shell: bash | |
run: > | |
breeze release-management prepare-provider-packages | |
--package-format wheel | |
--version-suffix-for-pypi dev0 ${{ needs.build-info.outputs.chicken-egg-providers }} | |
if: needs.build-info.outputs.chicken-egg-providers != '' | |
- name: "Copy dist packages to docker-context files" | |
shell: bash | |
run: cp -v --no-preserve=mode,ownership ./dist/*.whl ./docker-context-files | |
if: needs.build-info.outputs.chicken-egg-providers != '' | |
- name: > | |
Release regular images: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }} | |
run: > | |
breeze release-management release-prod-images | |
--dockerhub-repo ${{ github.repository }} | |
--airflow-version ${{ github.event.inputs.airflowVersion }} | |
${{ needs.build-info.outputs.skipLatest }} | |
${{ needs.build-info.outputs.limitPlatform }} | |
--limit-python ${{ matrix.python-version }} | |
--chicken-egg-providers "${{ needs.build-info.outputs.chicken-egg-providers }}" | |
env: | |
COMMIT_SHA: ${{ github.sha }} | |
- name: > | |
Release slim images: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }} | |
run: > | |
breeze release-management release-prod-images | |
--dockerhub-repo ${{ github.repository }} | |
--airflow-version ${{ github.event.inputs.airflowVersion }} | |
${{ needs.build-info.outputs.skipLatest }} | |
${{ needs.build-info.outputs.limitPlatform }} | |
--limit-python ${{ matrix.python-version }} --slim-images | |
env: | |
COMMIT_SHA: ${{ github.sha }} | |
- name: > | |
Verify regular AMD64 image: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }} | |
run: > | |
breeze prod-image verify | |
--pull | |
--image-name | |
${{github.repository}}:${{github.event.inputs.airflowVersion}}-python${{matrix.python-version}} | |
- name: > | |
Verify slim AMD64 image: ${{ github.event.inputs.airflowVersion }}, ${{ matrix.python-version }} | |
run: > | |
breeze prod-image verify | |
--pull | |
--slim-image | |
--image-name | |
${{github.repository}}:slim-${{github.event.inputs.airflowVersion}}-python${{matrix.python-version}} | |
- name: "Docker logout" | |
run: docker logout | |
if: always() |