chore: use saved GPG key for Postgres' PPA; update pg_upgrade version… #30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Collect Ubuntu 18 compatible binaries | |
on: | |
push: | |
branches: | |
- develop | |
- pcnc/pg-upgrade-fixes | |
paths: | |
- '.github/workflows/collect-u18-binaries.yml' | |
- 'common.vars.pkr.hcl' | |
workflow_run: | |
workflows: [Release AMI] | |
branches: | |
- develop | |
types: | |
- completed | |
workflow_dispatch: | |
jobs: | |
build: | |
strategy: | |
matrix: | |
include: | |
- runner: arm-runner | |
arch: arm64 | |
ubuntu_release: bionic | |
ubuntu_version: 18.04 | |
mcpu: neoverse-n1 | |
runs-on: ${{ matrix.runner }} | |
timeout-minutes: 150 | |
permissions: | |
contents: write | |
packages: write | |
id-token: write | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
- id: args | |
uses: mikefarah/yq@master | |
with: | |
cmd: yq 'to_entries | map(select(.value|type == "!!str")) | map(.key + "=" + .value) | join("\n")' 'ansible/vars.yml' | |
- run: docker context create builders | |
- uses: docker/setup-buildx-action@v3 | |
with: | |
endpoint: builders | |
- uses: docker/build-push-action@v5 | |
with: | |
load: true | |
file: Dockerfile-u18 | |
build-args: | | |
${{ steps.args.outputs.result }} | |
target: extensions | |
tags: supabase/postgres:extensions-u18 | |
platforms: linux/${{ matrix.arch }} | |
cache-from: type=gha,scope=${{ github.ref_name }}-extensions-u18 | |
cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-extensions-u18,ignore-error=true | |
- name: Extract built packages | |
run: | | |
mkdir -p /tmp/extensions ansible/files/extensions | |
docker save supabase/postgres:extensions-u18 | tar xv -C /tmp/extensions | |
for layer in /tmp/extensions/*/layer.tar; do | |
tar xvf "$layer" -C ansible/files/extensions --strip-components 1 | |
done | |
- id: version | |
run: echo "${{ steps.args.outputs.result }}" | grep "postgresql" >> "$GITHUB_OUTPUT" | |
- name: Build Postgres deb | |
uses: docker/build-push-action@v5 | |
with: | |
load: true | |
file: docker/Dockerfile | |
target: pg-deb | |
build-args: | | |
ubuntu_release=${{ matrix.ubuntu_release }} | |
ubuntu_release_no=${{ matrix.ubuntu_version }} | |
postgresql_major=${{ steps.version.outputs.postgresql_major }} | |
postgresql_release=${{ steps.version.outputs.postgresql_release }} | |
DEB_BUILD_PROFILES=pkg.postgresql.nozstd | |
tags: supabase/postgres:deb-u18 | |
platforms: linux/${{ matrix.arch }} | |
cache-from: type=gha,scope=${{ github.ref_name }}-deb-u18 | |
cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-deb-u18,ignore-error=true | |
- name: Extract Postgres deb | |
run: | | |
mkdir -p /tmp/build ansible/files/postgres | |
docker save supabase/postgres:deb-u18 | tar xv -C /tmp/build | |
for layer in /tmp/build/*/layer.tar; do | |
tar xvf "$layer" -C ansible/files/postgres --strip-components 1 | |
done | |
- name: Build surrogate Docker image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
load: true | |
file: Dockerfile-u18 | |
target: pg_binary_collection | |
build-args: | | |
ubuntu_release=${{ matrix.ubuntu_release }} | |
ubuntu_release_no=${{ matrix.ubuntu_version }} | |
postgresql_major=${{ steps.version.outputs.postgresql_major }} | |
postgresql_release=${{ steps.version.outputs.postgresql_release }} | |
tags: supabase/postgres:u18-binaries | |
platforms: linux/${{ matrix.arch }} | |
cache-from: type=gha,scope=${{ github.ref_name }}-u18-binaries | |
cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-u18-binaries,ignore-error=true | |
- name: Copy binary tarball | |
run: | | |
CONTAINER_ID=$(docker create supabase/postgres:u18-binaries) | |
docker cp "${CONTAINER_ID}:/tmp/pg_binaries/${{ matrix.ubuntu_version }}.tar.gz" - > /tmp/pg_binaries.tar.gz | |
docker rm "${CONTAINER_ID}" | |
- name: configure aws credentials - staging | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
role-to-assume: ${{ secrets.DEV_AWS_ROLE }} | |
aws-region: "us-east-1" | |
- name: Upload pg binaries to s3 staging | |
run: | | |
aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/18.04.tar.gz | |
- name: configure aws credentials - prod | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
role-to-assume: ${{ secrets.PROD_AWS_ROLE }} | |
aws-region: "us-east-1" | |
- name: Upload pg binaries to s3 prod | |
run: | | |
aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/18.04.tar.gz |