Release Rill CLI #888
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow runs full or nightly releases. | |
# Full releases are published to brew, CDN (for install script), and Github Releases. | |
# A full release gets its version number from the Git tag that triggered it. | |
# Nightly releases are only published to CDN and do not have a version. Their version number is "nightly". | |
# Caching of the release artifacts are intentionally disabled at the bucket level by setting the Cache-Control header of the objects to 'no-store', | |
# this is done because the files are cached at the CDN layer instead and multiple caching layers makes invalidating the cache difficult. | |
# The CDN cache is explicitly invalidated as part of the release process, to prevent old versions from being accidentally served after the release is done. | |
name: Release Rill CLI | |
on: | |
push: | |
# Trigger a full release on new Git tag | |
tags: | |
- "**" | |
# Trigger a nightly release at midnight | |
schedule: | |
- cron: '0 0 * * *' | |
# Trigger a nightly release manually | |
workflow_dispatch: | |
env: | |
PUBLISH_NIGHTLY: ${{ contains(fromJSON('["schedule", "workflow_dispatch"]'), github.event_name) }} | |
PUBLISH_RELEASE: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
jobs: | |
release: | |
name: Release rill | |
runs-on: large-hosted | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Fetch tags required by goreleaser | |
run: git fetch --prune --unshallow | |
- name: Checkout sysroot for cross compilation | |
uses: actions/checkout@v4 | |
with: | |
repository: goreleaser/goreleaser-cross-example-sysroot | |
path: sysroot | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.22 | |
- name: Set up NodeJS | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: Build and embed static UI | |
run: make cli.prepare | |
- name: Build Rill using Goreleaser | |
run: |- | |
echo '${{ secrets.RILL_BINARY_SA }}' > rill-binary-sa.json | |
echo 'GITHUB_TOKEN=${{ secrets.GORELEASER_ACCESS_TOKEN }}' > .release-env | |
echo 'GOOGLE_APPLICATION_CREDENTIALS=/rill-binary-sa.json' >> .release-env | |
echo 'DOCKERHUB_USER=${{ secrets.DOCKERHUB_USER }}' >> .release-env | |
echo 'DOCKERHUB_PASS=${{ secrets.DOCKERHUB_PASS }}' >> .release-env | |
echo '${{ github.ref_name }}' >> latest.txt | |
if [[ ${{ env.PUBLISH_NIGHTLY }} == 'true' ]]; then | |
export NIGHTLY="--snapshot" | |
LATEST_TAG=$(git describe --tags $(git rev-list --tags --max-count=1)) | |
echo "GORELEASER_CURRENT_TAG=${LATEST_TAG}" >> .release-env | |
fi | |
docker run \ | |
--rm \ | |
--privileged \ | |
-e CGO_ENABLED=1 \ | |
--env-file .release-env \ | |
-v /var/run/docker.sock:/var/run/docker.sock \ | |
-v `pwd`:/go/src/rilldata/rill \ | |
-v `pwd`/sysroot:/sysroot \ | |
-v `pwd`/rill-binary-sa.json:/rill-binary-sa.json \ | |
-w /go/src/rilldata/rill \ | |
goreleaser/goreleaser-cross:v1.22 \ | |
release ${NIGHTLY} | |
- name: Authenticate GCS | |
uses: google-github-actions/auth@v2 | |
with: | |
credentials_json: "${{ secrets.RILL_BINARY_SA }}" | |
- name: Release - Upload install script to CDN bucket | |
uses: google-github-actions/upload-cloud-storage@v2 | |
if: env.PUBLISH_RELEASE == 'true' | |
with: | |
path: scripts/install.sh | |
destination: prod-cdn.rilldata.com/ | |
headers: |- | |
cache-control: no-store | |
- name: Release - Upload latest version file to CDN bucket | |
if: env.PUBLISH_RELEASE == 'true' | |
uses: google-github-actions/upload-cloud-storage@v2 | |
with: | |
path: latest.txt | |
destination: prod-cdn.rilldata.com/rill/ | |
headers: |- | |
cache-control: no-store | |
- name: Publish nightly docker image | |
if: env.PUBLISH_NIGHTLY == 'true' | |
run: |- | |
echo '${{ secrets.DOCKERHUB_PASS }}' | docker login -u '${{ secrets.DOCKERHUB_USER }}' --password-stdin | |
docker tag rilldata/rill:latest rilldata/rill:nightly | |
docker push rilldata/rill:nightly | |
- name: Nightly - Prepare for nightly GCS upload | |
if: env.PUBLISH_NIGHTLY == 'true' | |
run: |- | |
mkdir nightly | |
cp dist/*.zip nightly/ | |
cp dist/checksums.txt nightly/ | |
- name: Nightly - Upload nightly to CDN bucket | |
if: env.PUBLISH_NIGHTLY == 'true' | |
uses: google-github-actions/upload-cloud-storage@v2 | |
with: | |
path: nightly/ | |
destination: prod-cdn.rilldata.com/rill/ | |
headers: |- | |
cache-control: no-store | |
- name: Set up Cloud SDK | |
uses: 'google-github-actions/setup-gcloud@v2' | |
- name: CDN - Explicitly invalidate the old artifacts from CDN cache | |
run: |- | |
gcloud compute url-maps invalidate-cdn-cache prod --path "/install.sh" --async | |
gcloud compute url-maps invalidate-cdn-cache prod --path "/rill/latest.txt" --async | |
if [[ ${{ env.PUBLISH_NIGHTLY }} == 'true' ]]; then | |
gcloud compute url-maps invalidate-cdn-cache prod --path "/rill/nightly/*" --async | |
fi |