Skip to content

Commit 708f4c3

Browse files
committed
feat: realease 15 and 16 to staging
1 parent f379f0c commit 708f4c3

File tree

5 files changed

+98
-25
lines changed

5 files changed

+98
-25
lines changed

.github/workflows/ami-release-nix.yml

Lines changed: 52 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -3,17 +3,40 @@ name: Release AMI Nix
33
on:
44
push:
55
branches:
6-
- develop
7-
- release/*
6+
#- develop
7+
#- release/*
8+
- sam/15-16-ghactions
89
paths:
910
- '.github/workflows/ami-release-nix.yml'
1011
- 'common-nix.vars.pkr.hcl'
12+
- 'ansible/vars.yml'
1113
workflow_dispatch:
1214

1315
jobs:
16+
prepare:
17+
runs-on: ubuntu-latest
18+
outputs:
19+
postgres_versions: ${{ steps.set-versions.outputs.postgres_versions }}
20+
steps:
21+
- name: Checkout Repo
22+
uses: actions/checkout@v3
23+
24+
- name: Install yq
25+
run: |
26+
sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
27+
sudo chmod a+x /usr/local/bin/yq
28+
29+
- name: Set PostgreSQL versions
30+
id: set-versions
31+
run: |
32+
VERSIONS=$(yq eval '.postgres_major[]' ansible/vars.yml | jq -R -s -c 'split("\n")[:-1]')
33+
echo "postgres_versions=$VERSIONS" >> $GITHUB_OUTPUT
34+
1435
build:
36+
needs: prepare
1537
strategy:
1638
matrix:
39+
postgres_version: ${{ fromJson(needs.prepare.outputs.postgres_versions) }}
1740
include:
1841
- runner: arm-runner
1942
arch: arm64
@@ -31,42 +54,54 @@ jobs:
3154
- name: Checkout Repo
3255
uses: actions/checkout@v3
3356

57+
- name: Install yq
58+
run: |
59+
sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
60+
sudo chmod a+x /usr/local/bin/yq
61+
3462
- name: Run checks if triggered manually
3563
if: ${{ github.event_name == 'workflow_dispatch' }}
36-
# Update `ci.yaml` too if changing constraints.
3764
run: |
38-
SUFFIX=$(sed -E 's/postgres-version = "[0-9\.]+(.*)"/\1/g' common-nix.vars.pkr.hcl)
65+
SUFFIX=$(yq eval '.postgres_release["postgres${{ matrix.postgres_version }}"]' ansible/vars.yml | sed -E 's/[0-9\.]+(.*)$/\1/')
3966
if [[ -z $SUFFIX ]] ; then
4067
echo "Version must include non-numeric characters if built manually."
4168
exit 1
4269
fi
4370
44-
# extensions are build in nix prior to this step
45-
# so we can just use the binaries from the nix store
46-
# for postgres, extensions and wrappers
71+
- name: Set PostgreSQL version environment variable
72+
run: echo "POSTGRES_MAJOR_VERSION=${{ matrix.postgres_version }}" >> $GITHUB_ENV
73+
74+
- name: Generate common-nix.vars.pkr.hcl
75+
run: |
76+
PG_VERSION=$(yq eval '.postgres_release["postgres${{ matrix.postgres_version }}"]' ansible/vars.yml)
77+
echo "postgres-version = \"$PG_VERSION\"" > common-nix.vars.pkr.hcl
4778
4879
- name: Build AMI stage 1
80+
env:
81+
POSTGRES_MAJOR_VERSION: ${{ env.POSTGRES_MAJOR_VERSION }}
4982
run: |
5083
packer init amazon-arm64-nix.pkr.hcl
5184
GIT_SHA=${{github.sha}}
52-
packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var-file="development-arm.vars.pkr.hcl" -var-file="common-nix.vars.pkr.hcl" -var "ansible_arguments=" amazon-arm64-nix.pkr.hcl
85+
packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var "postgres_major_version=${POSTGRES_MAJOR_VERSION}" -var-file="development-arm.vars.pkr.hcl" -var-file="common-nix.vars.pkr.hcl" -var "ansible_arguments=-e postgres_major_version=${POSTGRES_MAJOR_VERSION}" amazon-arm64-nix.pkr.hcl
5386
5487
- name: Build AMI stage 2
88+
env:
89+
POSTGRES_MAJOR_VERSION: ${{ env.POSTGRES_MAJOR_VERSION }}
5590
run: |
5691
packer init stage2-nix-psql.pkr.hcl
5792
GIT_SHA=${{github.sha}}
58-
packer build -var "git_sha=${GIT_SHA}" -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var-file="development-arm.vars.pkr.hcl" -var-file="common-nix.vars.pkr.hcl" stage2-nix-psql.pkr.hcl
93+
packer build -var "git_sha=${GIT_SHA}" -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var "postgres_major_version=${POSTGRES_MAJOR_VERSION}" -var-file="development-arm.vars.pkr.hcl" -var-file="common-nix.vars.pkr.hcl" -var "ansible_arguments=-e postgres_major_version=${POSTGRES_MAJOR_VERSION}" stage2-nix-psql.pkr.hcl
5994
6095
- name: Grab release version
6196
id: process_release_version
6297
run: |
63-
VERSION=$(sed -e 's/postgres-version = "\(.*\)"/\1/g' common-nix.vars.pkr.hcl)
64-
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
98+
VERSION=$(cat common-nix.vars.pkr.hcl | sed -e 's/postgres-version = "\(.*\)"/\1/g')
99+
echo "version=$VERSION" >> $GITHUB_OUTPUT
65100
66101
- name: Create nix flake revision tarball
67102
run: |
68103
GIT_SHA=${{github.sha}}
69-
MAJOR_VERSION=$(echo "${{ steps.process_release_version.outputs.version }}" | cut -d. -f1)
104+
MAJOR_VERSION=${{ env.POSTGRES_MAJOR_VERSION }}
70105
71106
mkdir -p "/tmp/pg_upgrade_bin/${MAJOR_VERSION}"
72107
echo "$GIT_SHA" >> "/tmp/pg_upgrade_bin/${MAJOR_VERSION}/nix_flake_version"
@@ -84,17 +119,13 @@ jobs:
84119
ansible-playbook -i localhost \
85120
-e "ami_release_version=${{ steps.process_release_version.outputs.version }}" \
86121
-e "internal_artifacts_bucket=${{ secrets.ARTIFACTS_BUCKET }}" \
122+
-e "postgres_major_version=${{ env.POSTGRES_MAJOR_VERSION }}" \
87123
manifest-playbook.yml
88124
89125
- name: Upload nix flake revision to s3 staging
90126
run: |
91127
aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz
92128
93-
#Our self hosted github runner already has permissions to publish images
94-
#but they're limited to only that;
95-
#so if we want s3 access we'll need to config credentials with the below steps
96-
# (which overwrites existing perms) after the ami build
97-
98129
- name: configure aws credentials - prod
99130
uses: aws-actions/configure-aws-credentials@v4
100131
with:
@@ -107,6 +138,7 @@ jobs:
107138
ansible-playbook -i localhost \
108139
-e "ami_release_version=${{ steps.process_release_version.outputs.version }}" \
109140
-e "internal_artifacts_bucket=${{ secrets.PROD_ARTIFACTS_BUCKET }}" \
141+
-e "postgres_major_version=${{ env.POSTGRES_MAJOR_VERSION }}" \
110142
manifest-playbook.yml
111143
112144
- name: Upload nix flake revision to s3 prod
@@ -130,12 +162,12 @@ jobs:
130162
SLACK_MESSAGE: 'Building Postgres AMI failed'
131163
SLACK_FOOTER: ''
132164

133-
- name: Cleanup resources on build cancellation
165+
- name: Cleanup resources after build
134166
if: ${{ always() }}
135167
run: |
136-
aws ec2 describe-instances --filters "Name=tag:packerExecutionId,Values=${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -n 1 -I {} aws ec2 terminate-instances --instance-ids {}
168+
aws ec2 describe-instances --filters "Name=tag:packerExecutionId,Values=${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -r aws ec2 terminate-instances --instance-ids
137169
138170
- name: Cleanup resources on build cancellation
139171
if: ${{ cancelled() }}
140172
run: |
141-
aws ec2 describe-instances --filters "Name=tag:packerExecutionId,Values=${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -n 1 -I {} aws ec2 terminate-instances --instance-ids {}
173+
aws ec2 describe-instances --filters "Name=tag:packerExecutionId,Values=${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -r aws ec2 terminate-instances --instance-ids

ansible/tasks/stage2-setup-postgres.yml

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
- name: Install Postgres from nix binary cache
77
become: yes
88
shell: |
9-
sudo -u postgres bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install github:supabase/postgres/{{ git_commit_sha }}#psql_15/bin"
9+
sudo -u postgres bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install github:supabase/postgres/{{ git_commit_sha }}#{{psql_version}}/bin"
1010
#TODO (samrose) switch pg_prove sourcing to develop branch once PR is merged
1111
when: stage2_nix
1212

@@ -22,6 +22,18 @@
2222
sudo -u postgres bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install github:supabase/postgres/{{ git_commit_sha }}#supabase-groonga"
2323
when: stage2_nix
2424

25+
- name: Install debug symbols for postgres version
26+
become: yes
27+
shell: |
28+
sudo -u postgres bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install github:supabase/postgres/{{ git_commit_sha }}#{{postgresql_version}}_debug"
29+
when: stage2_nix
30+
31+
- name: Install source files for postgresql version
32+
become: yes
33+
shell: |
34+
sudo -u postgres bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install github:supabase/postgres/{{ git_commit_sha }}#{{postgresql_version}}_src"
35+
when: stage2_nix
36+
2537
- name: Set ownership and permissions for /etc/ssl/private
2638
become: yes
2739
file:

ansible/vars.yml

Lines changed: 11 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,17 @@ supabase_internal: true
22
ebssurrogate_mode: true
33
async_mode: true
44

5-
postgresql_major: "15"
6-
postgresql_release: "15.1"
7-
postgresql_release_checksum: sha256:ea2cf059a85882654b989acd07edc121833164a30340faee0d3615cf7058e66c
5+
# postgresql_major: "15"
6+
# postgresql_release: "15.1"
7+
# postgresql_release_checksum: sha256:ea2cf059a85882654b989acd07edc121833164a30340faee0d3615cf7058e66c
8+
postgres_major:
9+
- "15"
10+
- "16"
11+
12+
# Full version strings for each major version
13+
postgres_release:
14+
postgres15: "15.8.1.003"
15+
postgres16: "16.2.0.001"
816

917
# Non Postgres Extensions
1018
pgbouncer_release: "1.19.0"

scripts/nix-provision.sh

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,11 +30,32 @@ function execute_stage2_playbook {
3030
callbacks_enabled = timer, profile_tasks, profile_roles
3131
EOF
3232
sed -i 's/- hosts: all/- hosts: localhost/' /tmp/ansible-playbook/ansible/playbook.yml
33+
34+
# Set psql_version and postgresql_version based on POSTGRES_MAJOR_VERSION
35+
case "${POSTGRES_MAJOR_VERSION}" in
36+
15)
37+
psql_version="psql_15"
38+
postgresql_version="postgresql15"
39+
;;
40+
16)
41+
psql_version="psql_16"
42+
postgresql_version="postgresql16"
43+
;;
44+
*)
45+
echo "Error: Unsupported POSTGRES_MAJOR_VERSION: ${POSTGRES_MAJOR_VERSION}"
46+
exit 1
47+
;;
48+
esac
49+
3350
# Run Ansible playbook
3451
export ANSIBLE_LOG_PATH=/tmp/ansible.log && export ANSIBLE_REMOTE_TEMP=/tmp
3552
ansible-playbook /tmp/ansible-playbook/ansible/playbook.yml \
3653
--extra-vars '{"nixpkg_mode": false, "stage2_nix": true, "debpkg_mode": false}' \
3754
--extra-vars "git_commit_sha=${GIT_SHA}" \
55+
--extra-vars "psql_version=${psql_version}" \
56+
--extra-vars "postgresql_version=${postgresql_version}" \
57+
--extra-vars "nix_secret_key=${NIX_SECRET_KEY}" \
58+
--extra-vars "postgres_major_version=${POSTGRES_MAJOR_VERSION}" \
3859
$ARGS
3960
}
4061

stage2-nix-psql.pkr.hcl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ packer {
5656
}
5757

5858
source "amazon-ebs" "ubuntu" {
59-
ami_name = "${var.ami_name}-${var.postgres-version}"
59+
ami_name = "${var.ami_name}-${var.postgres-version}-staging"
6060
instance_type = "c6g.4xlarge"
6161
region = "${var.region}"
6262
source_ami_filter {

0 commit comments

Comments
 (0)