Release pipeline #22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Release pipeline | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version_bump_type: | |
| description: The version bump type to perform. | |
| required: true | |
| type: choice | |
| options: | |
| - major | |
| - minor | |
| - patch | |
| - prerelease | |
| env: | |
| IMAGE_NAME: ${{ github.repository }} | |
| POETRY_VERSION: "1.7.1" | |
| REGISTRY: ghcr.io | |
| jobs: | |
| build-and-push-image: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| id-token: write | |
| packages: write | |
| steps: | |
| - name: Validated users only | |
| if: github.actor != 'pgoslatara' | |
| run: exit 1 | |
| - name: Only run from `main` | |
| if: github.ref_name != github.event.repository.default_branch | |
| run: exit 1 | |
| - uses: actions/checkout@v4 | |
| - name: Fetch tags | |
| run: git fetch --prune --unshallow --tags | |
| - name: Setup Python | |
| id: setup-python | |
| uses: actions/setup-python@v5 | |
| - name: Load cached Poetry installation | |
| id: cached-poetry | |
| uses: actions/cache@v4 | |
| with: | |
| path: /home/runner/.local | |
| key: poetry-cache-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ env.POETRY_VERSION }} | |
| - name: Install Poetry | |
| if: steps.cached-poetry.outputs.cache-hit != 'true' | |
| uses: snok/install-poetry@v1 | |
| with: | |
| installer-parallel: true | |
| version: ${{ env.POETRY_VERSION }} | |
| virtualenvs-create: true | |
| virtualenvs-in-project: true | |
| - name: Install version bump Poetry plugin | |
| run: poetry self add poetry-bumpversion | |
| - name: Bump version | |
| run: | | |
| poetry version $(git tag --sort version:refname | tail -n 1) | |
| poetry version ${{ inputs.version_bump_type }} | |
| # Need to re-install dbt-bouncer so version bump is visible when `dbt-bouncer --version` is called | |
| - name: Re-install dbt-bouncer | |
| run: poetry install | |
| - name: Build pex file | |
| run: poetry run pex . -c dbt-bouncer -o ./dist/dbt-bouncer.pex | |
| - name: Save version to env var | |
| id: version | |
| run: | | |
| echo "version=$(poetry version --short)" >> $GITHUB_OUTPUT | |
| echo "major=$(echo $(poetry version --short | cut -d '.' -f 1))" >> $GITHUB_OUTPUT | |
| echo "minor=$(echo $(poetry version --short | cut -d '.' -f 2))" >> $GITHUB_OUTPUT | |
| echo "patch=$(echo $(poetry version --short | cut -d '.' -f 3))" >> $GITHUB_OUTPUT | |
| - name: Determine if prerelease flag is necessary | |
| run: | | |
| [ "${{ inputs.version_bump_type }}" = "prerelease" ] && export PRERELEASE="--prerelease" || export PRERELEASE="--latest" | |
| echo "PRERELEASE: $PRERELEASE" | |
| echo PRERELEASE=$PRERELEASE >> "$GITHUB_ENV" | |
| - name: Tag commit and push | |
| run: | | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "github-actions[bot]" | |
| git tag -f \ | |
| -a v${{ steps.version.outputs.version }} \ | |
| -m "v${{ steps.version.outputs.version }}" | |
| git push -f origin "v${{ steps.version.outputs.version }}" | |
| git tag -f \ | |
| -a v${{ steps.version.outputs.major }}.${{ steps.version.outputs.minor }} \ | |
| -m "v${{ steps.version.outputs.major }}.${{ steps.version.outputs.minor }}" | |
| git push -f origin "v${{ steps.version.outputs.major }}.${{ steps.version.outputs.minor }}" | |
| git tag -f \ | |
| -a v${{ steps.version.outputs.major }} \ | |
| -m "v${{ steps.version.outputs.major }}" | |
| git push -f origin "v${{ steps.version.outputs.major }}" | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=raw,value=v${{ steps.version.outputs.version }} | |
| type=raw,value=v${{ steps.version.outputs.major }}.${{ steps.version.outputs.minor }} | |
| type=raw,value=v${{ steps.version.outputs.major }} | |
| type=raw,value=${{ github.sha }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| - name: Determine python version | |
| id: python-version | |
| run: | | |
| export PYTHON_VERSION=$(cat .python-version) | |
| echo "PYTHON_VERSION: $PYTHON_VERSION" | |
| echo "PYTHON_VERSION=$PYTHON_VERSION" >> $GITHUB_OUTPUT | |
| - name: Build and push image | |
| id: push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| build-args: PYTHON_VERSION=${{ steps.python-version.outputs.PYTHON_VERSION }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| context: . | |
| load: false | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| - name: Create release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| gh release create v${{ steps.version.outputs.version }} \ | |
| --generate-notes \ | |
| --repo ${{ github.repository }} \ | |
| --target main \ | |
| --title 'v${{ steps.version.outputs.version }}' \ | |
| $PRELEASE \ | |
| --verify-tag | |
| - name: Upload .pex to release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: gh release upload v${{ steps.version.outputs.version }} ./dist/dbt-bouncer.pex |