@@ -98,85 +98,50 @@ jobs:
9898 VERSION=$(cat common-nix.vars.pkr.hcl | sed -e 's/postgres-version = "\(.*\)"/\1/g')
9999 echo "version=$VERSION" >> $GITHUB_OUTPUT
100100
101- # - name: Create nix flake revision tarball
102- # run: |
103- # GIT_SHA=${{github.sha}}
104- # MAJOR_VERSION=${{ env.POSTGRES_MAJOR_VERSION }}
105-
106- # mkdir -p "/tmp/pg_upgrade_bin/${MAJOR_VERSION}"
107- # echo "$GIT_SHA" >> "/tmp/pg_upgrade_bin/${MAJOR_VERSION}/nix_flake_version"
108- # tar -czf "/tmp/pg_binaries.tar.gz" -C "/tmp/pg_upgrade_bin" .
109-
110101name : configure aws credentials - staging
111102 uses : aws-actions/configure-aws-credentials@v4
112103 with :
113- role-to-assume : ${{ secrets.DEV_AWS_ROLE }}
104+ role-to-assume : ${{ secrets.CONTROL_PLANE_DEV_ROLE }}
114105 aws-region : " us-east-1"
115106
116- - name : Login to Amazon ECR Public
117- id : login-ecr-public
107+ - name : Login to Amazon ECR
108+ id : login-ecr-private-dev
118109 uses : aws-actions/amazon-ecr-login@v2
110+
111+ - name : Build image
112+ env :
113+ IMAGE_TAG : ${{ steps.process_release_version.outputs.version }}
114+ run : |
115+ docker build -f Dockerfile-kubernetes -t "postgres:$IMAGE_TAG" .
116+
117+ name : Push docker image to Amazon ECR
118+ env :
119+ REGISTRY : 812073016711.dkr.ecr.us-east-1.amazonaws.com
120+ REPOSITORY : postgres-vm-image
121+ IMAGE_TAG : ${{ steps.process_release_version.outputs.version }}
122+ run : |
123+ docker tag "postgres:$IMAGE_TAG" "$REGISTRY/$REPOSITORY:$IMAGE_TAG"
124+ docker push "$REGISTRY/$REPOSITORY:$IMAGE_TAG"
125+
126+ # TODO (darora): temporarily also push to prod account from here - add a guard to only publish proper tagged releases to prod?
127+ - name : configure aws credentials - prod
128+ uses : aws-actions/configure-aws-credentials@v4
119129 with :
120- registry-type : public
130+ role-to-assume : ${{ secrets.CONTROL_PLANE_PROD_ROLE }}
131+ aws-region : " us-east-1"
132+
133+ - name : Login to Amazon ECR
134+ id : login-ecr-private-prod
135+ uses : aws-actions/amazon-ecr-login@v2
121136
122- - name : Build, tag, and push docker image to Amazon ECR Public
137+ - name : Push docker image to Amazon ECR
123138 env :
124- REGISTRY : public.ecr.aws/w9p6e7k7
125- REGISTRY_ALIAS : supabase
139+ REGISTRY : 156470330064.dkr.ecr.us-east-1.amazonaws.com
126140 REPOSITORY : postgres-vm-image
127141 IMAGE_TAG : ${{ steps.process_release_version.outputs.version }}
128142 run : |
129- docker build -f Dockerfile-kubernetes -t "$REGISTRY/$REGISTRY_ALIAS/$REPOSITORY:$IMAGE_TAG" .
130- docker push "$REGISTRY/$REGISTRY_ALIAS/$REPOSITORY:$IMAGE_TAG"
131-
132- # - name: Upload software manifest to s3 staging
133- # run: |
134- # cd ansible
135- # ansible-playbook -i localhost \
136- # -e "ami_release_version=${{ steps.process_release_version.outputs.version }}" \
137- # -e "internal_artifacts_bucket=${{ secrets.ARTIFACTS_BUCKET }}" \
138- # -e "postgres_major_version=${{ env.POSTGRES_MAJOR_VERSION }}" \
139- # manifest-playbook.yml
140-
141- # - name: Upload nix flake revision to s3 staging
142- # run: |
143- # aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz
144-
145- # - name: configure aws credentials - prod
146- # uses: aws-actions/configure-aws-credentials@v4
147- # with:
148- # role-to-assume: ${{ secrets.PROD_AWS_ROLE }}
149- # aws-region: "us-east-1"
150-
151- # - name: Upload software manifest to s3 prod
152- # run: |
153- # cd ansible
154- # ansible-playbook -i localhost \
155- # -e "ami_release_version=${{ steps.process_release_version.outputs.version }}" \
156- # -e "internal_artifacts_bucket=${{ secrets.PROD_ARTIFACTS_BUCKET }}" \
157- # -e "postgres_major_version=${{ env.POSTGRES_MAJOR_VERSION }}" \
158- # manifest-playbook.yml
159-
160- # - name: Upload nix flake revision to s3 prod
161- # run: |
162- # aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz
163-
164- # - name: Create release
165- # uses: softprops/action-gh-release@v1
166- # with:
167- # name: ${{ steps.process_release_version.outputs.version }}
168- # tag_name: ${{ steps.process_release_version.outputs.version }}
169- # target_commitish: ${{github.sha}}
170-
171- # - name: Slack Notification on Failure
172- # if: ${{ failure() }}
173- # uses: rtCamp/action-slack-notify@v2
174- # env:
175- # SLACK_WEBHOOK: ${{ secrets.SLACK_NOTIFICATIONS_WEBHOOK }}
176- # SLACK_USERNAME: 'gha-failures-notifier'
177- # SLACK_COLOR: 'danger'
178- # SLACK_MESSAGE: 'Building Postgres AMI failed'
179- # SLACK_FOOTER: ''
143+ docker tag "postgres:$IMAGE_TAG" "$REGISTRY/$REPOSITORY:$IMAGE_TAG"
144+ docker push "$REGISTRY/$REPOSITORY:$IMAGE_TAG"
180145
181146name : Cleanup resources after build
182147 if : ${{ always() }}
0 commit comments