Build Base Image Nightly #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Base Image Nightly | |
| on: | |
| #schedule: | |
| # - cron: '0 2 * * *' # 2 AM UTC daily | |
| workflow_dispatch: | |
| inputs: | |
| branch: | |
| description: 'Branch to build from' | |
| required: false | |
| default: 'develop' | |
| type: string | |
| permissions: | |
| contents: read | |
| id-token: write | |
| jobs: | |
| build-base-image: | |
| runs-on: blacksmith-4vcpu-ubuntu-2404-arm | |
| timeout-minutes: 150 | |
| steps: | |
| - name: Checkout Repo | |
| uses: supabase/postgres/.github/actions/shared-checkout@HEAD | |
| with: | |
| ref: ${{ github.event.inputs.branch || 'develop' }} | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: ${{ secrets.DEV_AWS_ROLE }} | |
| aws-region: "us-east-1" | |
| output-credentials: true | |
| role-duration-seconds: 7200 | |
| - name: Install nix | |
| uses: cachix/install-nix-action@v27 | |
| with: | |
| install_url: https://releases.nixos.org/nix/nix-2.29.1/install | |
| extra_nix_config: | | |
| substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com | |
| trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= | |
| - name: Set execution ID and timestamp | |
| run: | | |
| echo "EXECUTION_ID=${{ github.run_id }}-base-nightly" >> $GITHUB_ENV | |
| echo "BUILD_TIMESTAMP=$(date -u +%Y%m%d-%H%M%S)" >> $GITHUB_ENV | |
| - name: Build base stage 1 AMI | |
| env: | |
| AWS_MAX_ATTEMPTS: 10 | |
| AWS_RETRY_MODE: adaptive | |
| run: | | |
| GIT_SHA=${{ github.sha }} | |
| nix run github:supabase/postgres/${GIT_SHA}#packer -- init amazon-arm64-nix.pkr.hcl | |
| nix run github:supabase/postgres/${GIT_SHA}#packer -- build \ | |
| -var "git-head-version=${GIT_SHA}" \ | |
| -var "packer-execution-id=${EXECUTION_ID}" \ | |
| -var-file="development-arm.vars.pkr.hcl" \ | |
| -var "base-image-nightly=true" \ | |
| -var "build-timestamp=${BUILD_TIMESTAMP}" \ | |
| -var "region=us-east-1" \ | |
| -var 'ami_regions=["us-east-1","ap-southeast-1"]' \ | |
| amazon-arm64-nix.pkr.hcl | |
| - name: Slack Notification on Failure | |
| if: ${{ failure() }} | |
| uses: rtCamp/action-slack-notify@v2 | |
| env: | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_NOTIFICATIONS_WEBHOOK }} | |
| SLACK_USERNAME: 'gha-failures-notifier' | |
| SLACK_COLOR: 'danger' | |
| SLACK_MESSAGE: 'Building base image nightly failed' | |
| SLACK_FOOTER: '' | |
| - name: Cleanup resources after build | |
| if: ${{ always() }} | |
| run: | | |
| aws ec2 --region us-east-1 describe-instances --filters "Name=tag:packerExecutionId,Values=${EXECUTION_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -r aws ec2 terminate-instances --region us-east-1 --instance-ids | |
| - name: Cleanup resources on build cancellation | |
| if: ${{ cancelled() }} | |
| run: | | |
| aws ec2 --region us-east-1 describe-instances --filters "Name=tag:packerExecutionId,Values=${EXECUTION_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -r aws ec2 terminate-instances --region us-east-1 --instance-ids |