From 3e657eb44c5c7152c138dfd8b15960a01c3fe3bc Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Fri, 21 Nov 2025 13:57:13 -0500 Subject: [PATCH] feat: need this workflow present to test --- .github/workflows/base-image-nightly.yml | 85 ++++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 .github/workflows/base-image-nightly.yml diff --git a/.github/workflows/base-image-nightly.yml b/.github/workflows/base-image-nightly.yml new file mode 100644 index 000000000..21654bb31 --- /dev/null +++ b/.github/workflows/base-image-nightly.yml @@ -0,0 +1,85 @@ +name: Build Base Image Nightly + +on: + #schedule: + # - cron: '0 2 * * *' # 2 AM UTC daily + workflow_dispatch: + inputs: + branch: + description: 'Branch to build from' + required: false + default: 'develop' + type: string + +permissions: + contents: read + id-token: write + +jobs: + build-base-image: + runs-on: blacksmith-4vcpu-ubuntu-2404-arm + timeout-minutes: 150 + + steps: + - name: Checkout Repo + uses: supabase/postgres/.github/actions/shared-checkout@HEAD + with: + ref: ${{ github.event.inputs.branch || 'develop' }} + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.DEV_AWS_ROLE }} + aws-region: "us-east-1" + output-credentials: true + role-duration-seconds: 7200 + + - name: Install nix + uses: cachix/install-nix-action@v27 + with: + install_url: https://releases.nixos.org/nix/nix-2.29.1/install + extra_nix_config: | + substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com + trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= + + - name: Set execution ID and timestamp + run: | + echo "EXECUTION_ID=${{ github.run_id }}-base-nightly" >> $GITHUB_ENV + echo "BUILD_TIMESTAMP=$(date -u +%Y%m%d-%H%M%S)" >> $GITHUB_ENV + + - name: Build base stage 1 AMI + env: + AWS_MAX_ATTEMPTS: 10 + AWS_RETRY_MODE: adaptive + run: | + GIT_SHA=${{ github.sha }} + nix run github:supabase/postgres/${GIT_SHA}#packer -- init amazon-arm64-nix.pkr.hcl + nix run github:supabase/postgres/${GIT_SHA}#packer -- build \ + -var "git-head-version=${GIT_SHA}" \ + -var "packer-execution-id=${EXECUTION_ID}" \ + -var-file="development-arm.vars.pkr.hcl" \ + -var "base-image-nightly=true" \ + -var "build-timestamp=${BUILD_TIMESTAMP}" \ + -var "region=us-east-1" \ + -var 'ami_regions=["us-east-1","ap-southeast-1"]' \ + amazon-arm64-nix.pkr.hcl + + - name: Slack Notification on Failure + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_WEBHOOK: ${{ secrets.SLACK_NOTIFICATIONS_WEBHOOK }} + SLACK_USERNAME: 'gha-failures-notifier' + SLACK_COLOR: 'danger' + SLACK_MESSAGE: 'Building base image nightly failed' + SLACK_FOOTER: '' + + - name: Cleanup resources after build + if: ${{ always() }} + run: | + aws ec2 --region us-east-1 describe-instances --filters "Name=tag:packerExecutionId,Values=${EXECUTION_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -r aws ec2 terminate-instances --region us-east-1 --instance-ids + + - name: Cleanup resources on build cancellation + if: ${{ cancelled() }} + run: | + aws ec2 --region us-east-1 describe-instances --filters "Name=tag:packerExecutionId,Values=${EXECUTION_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -r aws ec2 terminate-instances --region us-east-1 --instance-ids