Skip to content

promote

promote #60

Workflow file for this run

name: promote
concurrency: prod-${{ github.ref_name }}
on:
workflow_call:
workflow_dispatch:
jobs:
run-qa-dev:
# Dispatch the qa-dev workflow to validate main prior to promotion
runs-on: ubuntu-latest
env:
WAIT_INTERVAL: "60"
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Capture current timestamp
run: |
current_time=$(date --utc +%Y-%m-%dT%H:%M:%S+00:00)
echo "current_time=${current_time}" >> "$GITHUB_ENV"
- name: Dispatch the qa-dev workflow
run: |
curl -X POST \
-H "Authorization: token ${{secrets.GITHUB_TOKEN}}" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/repos/${{github.repository}}/actions/workflows/qa-dev.yml/dispatches" \
-d '{"ref": "main", "inputs": {"deployment_size": "small", "pr_or_branch": "main"}}'
echo "Triggered qa-dev Workflow."
- name: Wait for qa-dev workflow to complete
timeout-minutes: 30
run: |
check_status() {
runs=$(curl -s -H "Authorization: token ${{secrets.GITHUB_TOKEN}}" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/repos/${{github.repository}}/actions/workflows/qa-dev.yml/runs?per_page=10")
latest_run=$(echo "$runs" | jq -r --arg timestamp "$current_time" \
'.workflow_runs[] | select(.created_at >= $timestamp) | .')
status=$(echo "$latest_run" | jq -r '.status')
conclusion=$(echo "$latest_run" | jq -r '.conclusion')
echo "Workflow status: $status, conclusion: $conclusion"
if [[ "$status" == "completed" && "$conclusion" == "success" ]]; then
return 0
elif [[ "$status" == "completed" && "$conclusion" != "success" ]]; then
echo "qa-dev workflow failed. For details, see https://github.com/nexodus-io/nexodus/actions/workflows/qa-dev.yml"
exit 1
else
return 1
fi
}
while ! check_status; do
echo "Waiting for qa-dev workflow to complete..."
sleep "$WAIT_INTERVAL"
done
update-prod:
# Sync prod with the QA ref
name: Update Production Deployment
runs-on: ubuntu-20.04
needs: ["run-qa-dev"]
steps:
- name: Checkout the qa Tag
uses: actions/checkout@v4
with:
ref: "qa"
token: ${{ secrets.GITHUB_TOKEN }}
- name: Promote to the prod Tag
shell: bash
run: |
git fetch --tags
git tag prod-previous prod --force
git tag prod --force
git push origin prod prod-previous --force
build-packages:
# Sync the agent binary in s3 /download with the prod promotion in the update-prod job
runs-on: ubuntu-latest
needs: ["run-qa-dev"]
steps:
- name: Checkout the qa Tag
uses: actions/checkout@v4
with:
ref: "qa"
- name: Setup Go
uses: ./.github/actions/setup-go-env
- name: Build nexodus packages
id: build
shell: bash
run: |
NEXODUS_BUILD_PROFILE=prod make -j dist/packages
- name: Upload nexodus zip packages
uses: actions/upload-artifact@v4
with:
name: nexodus-zip-packages
if-no-files-found: error
path: |
dist/packages/*.zip
- name: Upload nexodus tar.gz packages
uses: actions/upload-artifact@v4
with:
name: nexodus-tar-packages
if-no-files-found: error
path: |
dist/packages/*.tar.gz
upload-s3-packages:
needs: ["build-packages"]
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
environment: image-repositories
steps:
- name: Download nexodus zip packages
uses: actions/download-artifact@v4
with:
name: nexodus-zip-packages
path: dist/packages
- name: Download nexodus tar.gz packages
uses: actions/download-artifact@v4
with:
name: nexodus-tar-packages
path: dist/packages
- name: Display structure of downloaded files
run: ls -lah -R
working-directory: dist/packages
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE }}
role-session-name: nexodus-ci-deploy
aws-region: us-east-1
- name: Copy binaries to S3
run: |
aws s3 sync dist/packages s3://nexodus-io/download