asd

sad
asd
2025-09-26 14:52:50 +02:00 · 2025-09-26 14:50:26 +02:00 · 2025-09-26 14:16:53 +02:00 · 2025-09-26 14:08:09 +02:00 · 2025-09-26 14:06:37 +02:00 · 2025-09-26 14:04:54 +02:00
6 changed files with 160 additions and 10 deletions
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -7,7 +7,7 @@ updates:
      interval: "daily"
      time: "04:00"
    commit-message:
-      prefix: "chore"
+      prefix: "chore(ci)"
    labels:
      - "dependencies"
      - "github_actions"
--- a/.github/workflows/ci_release.yaml
+++ b/.github/workflows/ci_release.yaml
@@ -38,7 +38,6 @@ jobs:
    if: needs.extract-project.outputs.project == 'cli'
    uses: ./.github/workflows/cli_release.yaml
    with:
-      NAME: dashboard
      GIT_REF: ${{ github.sha }}
      VERSION: ${{ needs.extract-project.outputs.version }}
    secrets:
@@ -54,7 +53,6 @@ jobs:
    if: needs.extract-project.outputs.project == '@nhost/dashboard'
    uses: ./.github/workflows/dashboard_release.yaml
    with:
-      NAME: dashboard
      GIT_REF: ${{ github.sha }}
      VERSION: ${{ needs.extract-project.outputs.version }}
    secrets:
@@ -83,3 +81,17 @@ jobs:
      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
      NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
      DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK_PRODUCTION }}
+
+  storage:
+    needs: extract-project
+    if: needs.extract-project.outputs.project == 'storage'
+    uses: ./.github/workflows/storage_release.yaml
+    with:
+      GIT_REF: ${{ github.sha }}
+      VERSION: ${{ needs.extract-project.outputs.version }}
+    secrets:
+      AWS_ACCOUNT_ID: ${{ secrets.AWS_PRODUCTION_CORE_ACCOUNT_ID }}
+      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
+      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
--- a/.github/workflows/cli_release.yaml
+++ b/.github/workflows/cli_release.yaml
@@ -3,9 +3,6 @@ name: "cli: release"
 on:
  workflow_call:
    inputs:
-      NAME:
-        required: true
-        type: string
      GIT_REF:
        required: true
        type: string
@@ -79,7 +76,7 @@ jobs:
    - name: Setup Nix with Cache
      uses: ./.github/actions/setup-nix
      with:
-        NAME: ${{ inputs.NAME }}
+        NAME: cli
        NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

--- a/.github/workflows/dashboard_release.yaml
+++ b/.github/workflows/dashboard_release.yaml
@@ -4,9 +4,6 @@ name: 'dashboard: release'
 on:
  workflow_call:
    inputs:
-      NAME:
-        required: true
-        type: string
      GIT_REF:
        required: true
        type: string
--- a/.github/workflows/storage_release.yaml
+++ b/.github/workflows/storage_release.yaml
@@ -0,0 +1,60 @@
+---
+name: "storage: release"
+on:
+  workflow_call:
+    inputs:
+      GIT_REF:
+        required: true
+        type: string
+      VERSION:
+        required: true
+        type: string
+    secrets:
+      AWS_ACCOUNT_ID:
+        required: true
+      NIX_CACHE_PUB_KEY:
+        required: true
+      NIX_CACHE_PRIV_KEY:
+        required: true
+      DOCKER_USERNAME:
+        required: true
+      DOCKER_PASSWORD:
+        required: true
+
+jobs:
+  build_artifacts:
+    uses: ./.github/workflows/wf_build_artifacts.yaml
+    with:
+      NAME: storage
+      PATH: services/storage
+      GIT_REF: ${{ inputs.GIT_REF }}
+      VERSION: ${{ inputs.VERSION }}
+      DOCKER: true
+    secrets:
+      AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
+      NIX_CACHE_PUB_KEY: ${{ secrets.NIX_CACHE_PUB_KEY }}
+      NIX_CACHE_PRIV_KEY: ${{ secrets.NIX_CACHE_PRIV_KEY }}
+
+  push-docker-hub:
+    uses: ./.github/workflows/wf_docker_push_image.yaml
+    needs:
+      - build_artifacts
+    with:
+      NAME: storage
+      PATH: services/storage
+      VERSION: ${{ inputs.VERSION }}
+    secrets:
+      DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+      DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+
+  push-docker-ecr:
+    uses: ./.github/workflows/wf_docker_push_image_ecr.yaml
+    needs:
+      - build_artifacts
+    with:
+      NAME: storage
+      PATH: services/storage
+      VERSION: ${{ inputs.VERSION }}
+    secrets:
+      AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
+      CONTAINER_REGISTRY: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.eu-central-1.amazonaws.com
--- a/.github/workflows/wf_docker_push_image_ecr.yaml
+++ b/.github/workflows/wf_docker_push_image_ecr.yaml
@@ -0,0 +1,84 @@
+---
+on:
+  workflow_call:
+    inputs:
+      NAME:
+        type: string
+        required: true
+      PATH:
+        type: string
+        required: true
+      VERSION:
+        type: string
+        required: true
+
+    secrets:
+      AWS_ACCOUNT_ID:
+        required: true
+      CONTAINER_REGISTRY:
+        required: true
+
+jobs:
+  push-to-registry:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    permissions:
+      id-token: write
+      contents: write
+
+    defaults:
+      run:
+        working-directory: ${{ inputs.PATH }}
+
+    steps:
+      - name: "Check out repository"
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          submodules: true
+
+      - name: Configure aws
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github-actions-nhost-${{ github.event.repository.name }}
+          aws-region: eu-central-1
+
+      - name: "Login to Amazon ECR"
+        uses: aws-actions/amazon-ecr-login@v2
+        with:
+          mask-password: 'true'
+
+      - name: "Compute common env vars"
+        id: vars
+        run: |
+          echo "VERSION=$(make get-version VER=${{ inputs.VERSION }})" >> $GITHUB_OUTPUT
+
+      - name: "Get artifacts"
+        uses: actions/download-artifact@v5
+        with:
+          path: ~/artifacts
+
+      - name: "Inspect artifacts"
+        run: find ~/artifacts
+
+      - name: "Push docker image to docker hub"
+        run: |
+          export NAME=${{ inputs.NAME }}
+          export VERSION=${{ steps.vars.outputs.VERSION }}
+          export CONTAINER_REGISTRY=${{ secrets.CONTAINER_REGISTRY }}
+          export CONTAINER_NAME=$CONTAINER_REGISTRY/$NAME
+
+          for ARCH in "x86_64" "aarch64"; do
+            skopeo copy --insecure-policy \
+              dir:/home/runner/artifacts/${{ inputs.NAME }}-docker-image-$ARCH-$VERSION \
+              docker-daemon:$CONTAINER_NAME:$VERSION-$ARCH
+            docker push $CONTAINER_NAME:$VERSION-$ARCH
+          done
+
+          docker manifest create \
+            $CONTAINER_NAME:$VERSION \
+            --amend $CONTAINER_NAME:$VERSION-x86_64 \
+            --amend $CONTAINER_NAME:$VERSION-aarch64
+
+          docker manifest push $CONTAINER_NAME:$VERSION
Author	SHA1	Message	Date
David Barroso	438355bff0	asd	2025-09-26 14:52:50 +02:00
David Barroso	62b97838fe	sad	2025-09-26 14:50:26 +02:00
David Barroso	d287191f7a	asd	2025-09-26 14:16:53 +02:00
David Barroso	b8d2127b06	sad	2025-09-26 14:08:09 +02:00
David Barroso	28cec232c8	asd	2025-09-26 14:06:37 +02:00
David Barroso	fe853da133	asd	2025-09-26 14:04:54 +02:00
David Barroso	c4445135bf	asd	2025-09-26 13:50:21 +02:00
David Barroso	db7366dfc7	Merge branch 'main' of github.com:nhost/nhost into storage-releases	2025-09-26 13:49:59 +02:00
David Barroso	31c503e458	asd	2025-09-26 13:46:58 +02:00
David Barroso	187d35412e	chore(ci): prepare storage releases	2025-09-26 13:46:48 +02:00