Skip to content

add latest behaviour version to the aws client (#13) #27

add latest behaviour version to the aws client (#13)

add latest behaviour version to the aws client (#13) #27

Workflow file for this run

name: ship
on:
push:
jobs:
nix-build:
name: nix build
runs-on: ubuntu-latest
strategy:
matrix:
target:
- x86_64-linux
- aarch64-linux
steps:
- name: Checkout πŸ›ŽοΈ
uses: actions/checkout@v4
- name: Install Nix ❄
uses: cachix/install-nix-action@V28
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
- name: Set up the Nix Cache πŸ”Œ
uses: cachix/cachix-action@v15
with:
name: hasura-v3-dev
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
useDaemon: false # attempt to stop hanging on cleanup
- name: Build a binary with Nix
run: nix build --print-build-logs '.#${{ matrix.target }}'
- name: Build a Docker image with Nix
run: nix build --print-build-logs '.#docker-${{ matrix.target }}'
# scream into Slack if something goes wrong
- name: Report Status
if: always() && github.ref == 'refs/heads/main'
uses: ravsamhq/notify-slack-action@v2
with:
status: ${{ job.status }}
notify_when: failure
notification_title: "😧 Error on <{repo_url}|{repo}>"
message_format: "🐴 *{workflow}* {status_message} for <{repo_url}|{repo}>"
env:
SLACK_WEBHOOK_URL: ${{ secrets.BROKEN_BUILD_SLACK_WEBHOOK_URL }}
push-docker-images:
name: push Docker images
needs:
- nix-build
runs-on: ubuntu-latest
# Only run on the `main` branch or version tags.
# Note we currently tag the image with 'latest', so will want to stop doing
# so if we run this on PR branches, etc.
if: (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v'))
permissions:
contents: read
id-token: write
packages: write
steps:
- name: Checkout πŸ›ŽοΈ
uses: actions/checkout@v4
- name: Install Nix ❄
uses: cachix/install-nix-action@V28
with:
github_access_token: ${{ secrets.GITHUB_TOKEN }}
- name: Set up the Nix Cache πŸ”Œ
uses: cachix/cachix-action@v15
with:
name: hasura-v3-dev
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
useDaemon: false # attempt to stop hanging on cleanup
- id: gcloud-auth
name: Authenticate to Google Cloud πŸ”‘
uses: google-github-actions/auth@v2
with:
token_format: access_token
service_account: "hasura-ci-docker-writer@hasura-ddn.iam.gserviceaccount.com"
workload_identity_provider: "projects/1025009031284/locations/global/workloadIdentityPools/hasura-ddn/providers/github"
- name: Login to Google Container Registry πŸ“¦
uses: "docker/login-action@v3"
with:
registry: "us-docker.pkg.dev"
username: "oauth2accesstoken"
password: "${{ steps.gcloud-auth.outputs.access_token }}"
- name: Login to GitHub Container Registry πŸ“¦
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push Docker images to Google Container Registry 🚒
run: nix run .#publish-docker-image '${{ github.ref }}' 'us-docker.pkg.dev/hasura-ddn/ddn/ndc-dynamodb'
- name: Push Docker images to GitHub Packages 🚒
run: nix run .#publish-docker-image '${{ github.ref }}' 'ghcr.io/hasura/ndc-dynamodb'
# scream into Slack if something goes wrong
- name: Report Status
if: always()
uses: ravsamhq/notify-slack-action@v2
with:
status: ${{ job.status }}
notify_when: failure
notification_title: "😧 Error on <{repo_url}|{repo}>"
message_format: "🐴 *{workflow}* {status_message} for <{repo_url}|{repo}>"
env:
SLACK_WEBHOOK_URL: ${{ secrets.BROKEN_BUILD_SLACK_WEBHOOK_URL }}
build-cli-binaries:
name: build the CLI binaries
strategy:
matrix:
include:
- runner: ubuntu-20.04
target: x86_64-unknown-linux-gnu
- runner: ubuntu-20.04
target: aarch64-unknown-linux-gnu
linux-packages: gcc-aarch64-linux-gnu
linker: /usr/bin/aarch64-linux-gnu-gcc
- runner: macos-latest
target: x86_64-apple-darwin
- runner: macos-latest
target: aarch64-apple-darwin
- runner: windows-latest
target: x86_64-pc-windows-msvc
extension: .exe
extra-rust-flags: "-C target-feature=+crt-static"
runs-on: ${{ matrix.runner }}
env:
CARGO_BUILD_TARGET: ${{ matrix.target }}
CARGO_NET_GIT_FETCH_WITH_CLI: "true"
RUSTFLAGS: "-D warnings" # fail on warnings
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@v4
- name: install protoc
uses: arduino/setup-protoc@v3
with:
version: "25.x"
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: install tools
run: |
rustup show
rustup target add ${{ matrix.target }}
- name: install other packages required
if: matrix.linux-packages
run: |
sudo apt-get update
sudo apt-get install -y ${{ matrix.linux-packages }}
- uses: Swatinem/rust-cache@v2
with:
shared-key: "build-${matrix.runner}" # share the cache across jobs
- name: build the CLI
run: |
# If we're on a tag, use the tag name as the release version.
if [[ "$GITHUB_REF_TYPE" == 'tag' ]]; then
# Ensure that the version specified in Cargo.toml is the same as the tag (with a 'v' prefix).
CARGO_VERSION="$(cargo metadata --format-version=1 | jq -r '.packages | .[] | select(.name == "ndc-dynamodb") | .version')"
echo "Git tag: ${GITHUB_REF_NAME}"
echo "Cargo version: ${CARGO_VERSION}"
if [[ "$GITHUB_REF_NAME" != "v${CARGO_VERSION}" ]]; then
echo >&2 "The Git tag is \"${GITHUB_REF_NAME}\", but the version in Cargo.toml is \"${CARGO_VERSION}\"."
echo >&2 'These must be the same, with a "v" prefix for the tag. Aborting.'
exit 1
fi
export RELEASE_VERSION="$GITHUB_REF_NAME"
echo "RELEASE_VERSION = ${RELEASE_VERSION}"
fi
if [[ -n '${{ matrix.linker }}' ]]; then
TARGET_SCREAMING="$(echo '${{ matrix.target }}' | tr '[:lower:]' '[:upper:]' | tr '-' '_')"
echo "CARGO_TARGET_${TARGET_SCREAMING}_LINKER"='${{ matrix.linker }}'
declare "CARGO_TARGET_${TARGET_SCREAMING}_LINKER"='${{ matrix.linker }}'
export "CARGO_TARGET_${TARGET_SCREAMING}_LINKER"
fi
if [[ -n '${{ matrix.extra-rust-flags }}' ]]; then
RUSTFLAGS="${RUSTFLAGS} ${{ matrix.extra-rust-flags }}"
export RUSTFLAGS
fi
echo "RUSTFLAGS = ${RUSTFLAGS}"
echo "Building for target: ${CARGO_BUILD_TARGET}"
cargo build --release --package=ndc-dynamodb-cli
mkdir -p release
mv -v target/${{ matrix.target }}/release/ndc-dynamodb-cli release/ndc-dynamodb-cli-${{ matrix.target }}${{ matrix.extension }}
- uses: actions/upload-artifact@v4
with:
name: ndc-dynamodb-cli-${{ matrix.target }}
path: release
if-no-files-found: error
release:
name: release to GitHub
needs:
- push-docker-images # not strictly necessary, but if this fails, we should abort
- build-cli-binaries
runs-on: ubuntu-latest
# We release when a tag is pushed.
if: startsWith(github.ref, 'refs/tags/v')
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
path: release/artifacts
merge-multiple: true
- name: generate SHA-256 checksums
run: |
cd release/artifacts
sha256sum * > ./sha256sum
- name: generate a changelog
run: |
./scripts/release-notes.py "${GITHUB_REF_NAME}" >> release/notes.md
- name: generate a connector package
run: |
chmod +x ./release/artifacts/ndc-dynamodb-cli-*
mkdir release/package
./release/artifacts/ndc-dynamodb-cli-x86_64-unknown-linux-gnu --context=release/package initialize --with-metadata
tar vczf release/artifacts/package.tar.gz -C release/package .
- name: create a draft release
uses: ncipollo/release-action@v1
with:
draft: true
bodyFile: release/notes.md
artifacts: release/artifacts/*