From 69951e6db4077ed4c81ffc7932145117a9eb4fb6 Mon Sep 17 00:00:00 2001 From: Francesco Ceccon Date: Wed, 20 Mar 2024 15:20:32 +0100 Subject: [PATCH] Add CD workflow --- .github/workflows/build.yml | 17 ++- .github/workflows/cd-check.yml | 41 +++++++ .github/workflows/cd-pipeline.yml | 20 ++++ .github/workflows/cd-release.yml | 100 ++++++++++++++++++ .../{pipeline.yml => ci-pipeline.yml} | 4 - CONTRIBUTING.md | 2 +- nix/crates.nix | 22 +++- 7 files changed, 198 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/cd-check.yml create mode 100644 .github/workflows/cd-pipeline.yml create mode 100644 .github/workflows/cd-release.yml rename .github/workflows/{pipeline.yml => ci-pipeline.yml} (96%) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d0cc4bf5..e7c981d8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -6,13 +6,21 @@ on: os: required: true type: string + target: + required: false + type: string + default: "all-crates" + upload_result: + required: false + type: boolean + default: false secrets: cachix-token: required: true jobs: build: - name: Build all crates + name: "Build ${{ inputs.target }}" runs-on: "${{ inputs.os }}" steps: - name: Set $USER if needed @@ -28,4 +36,9 @@ jobs: with: name: apibara-public authToken: "${{ secrets.cachix-token }}" - - run: nix build .#all-crates -L --accept-flake-config + - run: nix build .#${{ inputs.target }} -L --accept-flake-config + - uses: actions/upload-artifact@v4 + if: ${{ inputs.upload_result }} + with: + name: ${{ inputs.target }} + path: result diff --git a/.github/workflows/cd-check.yml b/.github/workflows/cd-check.yml new file mode 100644 index 00000000..66680840 --- /dev/null +++ b/.github/workflows/cd-check.yml @@ -0,0 +1,41 @@ +name: CD Check Pipeline + +concurrency: + group: cd-check-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +on: + merge_group: + + pull_request: + branches: + - "release" + - "release/*" + types: + - opened + - synchronize + +jobs: + build-linux-x86_64: + name: "Linux x86_64: Build" + uses: ./.github/workflows/build.yml + with: + os: warp-ubuntu-latest-x64-4x + secrets: + cachix-token: "${{ secrets.CACHIX_AUTH_TOKEN }}" + + build-linux-aarch64: + name: "Linux aarch64: Build" + uses: ./.github/workflows/build.yml + with: + os: warp-ubuntu-latest-arm64-8x + secrets: + cachix-token: "${{ secrets.CACHIX_AUTH_TOKEN }}" + + build-macos-aarch64: + name: "MacOS aarch64: Build" + uses: ./.github/workflows/build.yml + with: + os: warp-macos-latest-arm64-6x + secrets: + cachix-token: "${{ secrets.CACHIX_AUTH_TOKEN }}" diff --git a/.github/workflows/cd-pipeline.yml b/.github/workflows/cd-pipeline.yml new file mode 100644 index 00000000..8775c89c --- /dev/null +++ b/.github/workflows/cd-pipeline.yml @@ -0,0 +1,20 @@ +name: CD Release Pipeline + +concurrency: + group: cd-${{ github.ref }} + cancel-in-progress: true + +on: + push: + branches: ["add-cd"] + tags: + - "*/*" + +jobs: + release: + name: "Release sink-mongo" + uses: ./.github/workflows/cd-release.yml + with: + target: sink-mongo + secrets: + cachix-token: "${{ secrets.CACHIX_AUTH_TOKEN }}" diff --git a/.github/workflows/cd-release.yml b/.github/workflows/cd-release.yml new file mode 100644 index 00000000..eef9a96e --- /dev/null +++ b/.github/workflows/cd-release.yml @@ -0,0 +1,100 @@ +name: Release a target + +on: + workflow_call: + inputs: + target: + required: true + type: string + secrets: + cachix-token: + required: true + +jobs: + # Step 1: build the target for all platforms + + build-linux-x86_64: + name: "Linux x86_64: Build" + uses: ./.github/workflows/build.yml + with: + os: warp-ubuntu-latest-x64-4x + target: ${{ inputs.target }} + secrets: + cachix-token: "${{ secrets.cachix-token }}" + + build-linux-aarch64: + name: "Linux aarch64: Build" + uses: ./.github/workflows/build.yml + with: + os: warp-ubuntu-latest-arm64-8x + target: ${{ inputs.target }} + secrets: + cachix-token: "${{ secrets.cachix-token }}" + + build-macos-aarch64: + name: "MacOS aarch64: Build" + uses: ./.github/workflows/build.yml + with: + os: warp-macos-latest-arm64-6x + target: ${{ inputs.target }} + secrets: + cachix-token: "${{ secrets.cachix-token }}" + + # Step 2a: create release archive for all platforms + + build-linux-x86_64-archive: + name: "Linux x86_64: Build archive" + needs: build-linux-x86_64 + uses: ./.github/workflows/build.yml + with: + os: warp-ubuntu-latest-x64-4x + target: ${{ inputs.target }}-archive + upload_result: true + secrets: + cachix-token: "${{ secrets.cachix-token }}" + + build-linux-aarch64-archive: + name: "Linux aarch64: Build archive" + needs: build-linux-aarch64 + uses: ./.github/workflows/build.yml + with: + os: warp-ubuntu-latest-arm64-8x + target: ${{ inputs.target }}-archive + upload_result: true + secrets: + cachix-token: "${{ secrets.cachix-token }}" + + build-macos-aarch64-archive: + name: "MacOS aarch64: Build archive" + needs: build-macos-aarch64 + uses: ./.github/workflows/build.yml + with: + os: warp-macos-latest-arm64-6x + target: ${{ inputs.target }}-archive + upload_result: true + secrets: + cachix-token: "${{ secrets.cachix-token }}" + + # Step 2b: create Docker image for all (Linux) platforms. + + build-linux-x86_64-image: + name: "Linux x86_64: Build Docker image" + needs: build-linux-x86_64 + uses: ./.github/workflows/build.yml + with: + os: warp-ubuntu-latest-x64-4x + target: ${{ inputs.target }}-image + upload_result: true + secrets: + cachix-token: "${{ secrets.cachix-token }}" + + build-linux-aarch64-image: + name: "Linux aarch64: Build Docker image" + needs: build-linux-aarch64 + uses: ./.github/workflows/build.yml + with: + os: warp-ubuntu-latest-arm64-8x + target: ${{ inputs.target }}-image + upload_result: true + secrets: + cachix-token: "${{ secrets.cachix-token }}" diff --git a/.github/workflows/pipeline.yml b/.github/workflows/ci-pipeline.yml similarity index 96% rename from .github/workflows/pipeline.yml rename to .github/workflows/ci-pipeline.yml index 206fc54c..a6dd5e47 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/ci-pipeline.yml @@ -14,10 +14,6 @@ on: - opened - synchronize - push: - branches: - - "main" - jobs: check: name: "Checks" diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f4ae4253..46f89463 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -174,7 +174,7 @@ We switched to merge commits for PRs for the following reasons: learn more about backporting fixes. - Start by opening a PR from `main` into `release`. This PR should contain no changes other than changes to the CHANGELOGs and version numbers. -- The `release-check.yml` pipeline is executed. This pipeline simply builds the +- The `cd-check.yml` pipeline is executed. This pipeline simply builds the binaries (we follow the ["not rocket science"](https://graydon2.dreamwidth.org/1597.html) rule). - Once the PR is merged, nothing happens. diff --git a/nix/crates.nix b/nix/crates.nix index 0c2043c4..04047198 100644 --- a/nix/crates.nix +++ b/nix/crates.nix @@ -240,6 +240,26 @@ let in pkgs.lib.attrsets.mapAttrs' mkUniversal binaries; + binariesArchive = + let + mkArchive = name: value: { + name = "${name}-archive"; + value = pkgs.stdenv.mkDerivation { + name = "${name}-archive"; + buildInputs = [ + value + pkgs.gzip + ]; + phases = [ "installPhase" ]; + installPhase = '' + mkdir -p $out + gzip -c ${value}/bin/* > $out/${name}.gz + ''; + }; + }; + in + pkgs.lib.attrsets.mapAttrs' mkArchive binariesUniversal; + # Ubuntu-based Docker images. imagesUbuntu = let @@ -313,7 +333,7 @@ in binaries = builtins.attrNames binariesUniversal; - packages = images // imagesUbuntu // binariesUniversal // { + packages = images // imagesUbuntu // binariesUniversal // binariesArchive // { all-crates = allCrates; unit-tests = unitTests; integration-tests-archive = integrationTestsArchive;