Skip to content

ivorysql compatible with documentdb #4

ivorysql compatible with documentdb

ivorysql compatible with documentdb #4

Workflow file for this run

name: Build deb packages and prebuild images
concurrency:
group: build-packages-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
on:
workflow_dispatch:
push:
branches:
- 'main'
paths-ignore:
- 'docs/**'
- '.devcontainer/**'
- '*.md'
pull_request:
types: [opened, reopened, synchronize]
paths-ignore:
- 'docs/**'
- '.devcontainer/**'
- '*.md'
permissions:
packages: write
contents: read
id-token: write
jobs:
build-deb-packages:
runs-on: ${{ matrix.runner }}
name: Deb packages for ${{ matrix.os }}-${{ matrix.arch }}-pg${{ matrix.pg_version }}
strategy:
fail-fast: false
matrix:
os: [ubuntu22.04]
arch: [amd64, arm64]
include:
- arch: amd64
runner: ubuntu-24.04
- arch: arm64
runner: ubuntu-24.04-arm
ivory_version:
- 4
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Extract and Format Default Version
id: extract_version
run: |
DOCUMENTDB_VERSION=$(grep -E "^default_version" pg_documentdb_core/documentdb_core.control | sed -E "s/.*'([0-9]+\.[0-9]+-[0-9]+)'.*/\1/")
DOCUMENTDB_VERSION=$(echo $DOCUMENTDB_VERSION | sed "s/-/./g")
echo "Extracted Version: $DOCUMENTDB_VERSION"
echo "DOCUMENTDB_VERSION=$DOCUMENTDB_VERSION" >> $GITHUB_ENV
- name: Build Debian Package
run: |
./packaging/build_packages.sh --os ${{ matrix.os }} --ivy ${{ matrix.ivory_version }} --version ${{ env.DOCUMENTDB_VERSION }}
- name: Upload Debian Package as Artifact
uses: actions/upload-artifact@v4
with:
name: archive-${{ matrix.os }}-${{ matrix.arch }}-pg${{ matrix.ivory_version }}-documentdb-${{ env.DOCUMENTDB_VERSION }}
path: |
packaging/*.deb
retention-days: 7
if-no-files-found: error
compression-level: 0
- name: Login to GHCR
if: startsWith(github.ref, 'refs/tags/')
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up QEMU
if: startsWith(github.ref, 'refs/tags/')
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
if: startsWith(github.ref, 'refs/tags/')
uses: docker/setup-buildx-action@v3
- name: Extract image build metadata
if: startsWith(github.ref, 'refs/tags/')
id: image_metadata
run: |
PACKAGE_NAME=$(ls packaging/*.deb | grep -v dbgsym | head -n1)
echo "PACKAGE NAME: $PACKAGE_NAME"
echo "PACKAGE_NAME=$PACKAGE_NAME" >> $GITHUB_ENV
case ${{ matrix.os }} in
deb11)
BASE_IMAGE="debian:bullseye"
;;
deb12)
BASE_IMAGE="debian:bookworm"
;;
ubuntu22.04)
BASE_IMAGE="ubuntu:22.04"
;;
ubuntu24.04)
BASE_IMAGE="ubuntu:24.04"
;;
esac
echo "BASE_IMAGE NAME: $BASE_IMAGE"
echo "BASE_IMAGE=$BASE_IMAGE" >> $GITHUB_ENV
- name: Build and Push Docker Image
if: startsWith(github.ref, 'refs/tags/')
uses: docker/build-push-action@v6.18.0
env:
DOCKER_BUILD_SUMMARY: false
with:
provenance: false # Disable provenance to avoid unknown/unknown
sbom: false # Disable provenance to avoid unknown/unknown
context: .
push: true
platforms: linux/${{ matrix.arch }}
file: .github/containers/Build-Ubuntu/Dockerfile_prebuild
tags: ghcr.io/${{ github.repository }}/documentdb-oss:PG${{ matrix.ivory_version }}-${{ matrix.arch }}-${{ env.DOCUMENTDB_VERSION }}
build-args: |
BASE_IMAGE=${{ env.BASE_IMAGE }}
IVORY_VERSION=${{ matrix.ivory_version }}
DEB_PACKAGE_REL_PATH=${{ env.PACKAGE_NAME }}
labels: |
org.opencontainers.image.source=https://github.com/microsoft/documentdb
org.opencontainers.image.description=Documentdb prebuild image
org.opencontainers.image.licenses=MIT
- name: Install cosign
if: startsWith(github.ref, 'refs/tags/')
uses: sigstore/cosign-installer@main
- name: Sign manifest (keyless)
if: startsWith(github.ref, 'refs/tags/')
run: |
cosign sign ghcr.io/${{ github.repository }}/documentdb-oss:PG${{ matrix.ivory_version }}-${{ matrix.arch }}-${{ env.DOCUMENTDB_VERSION }} -y
- name: Verify manifest signature (keyless)
if: startsWith(github.ref, 'refs/tags/')
run: |
run: |
cosign verify \
--certificate-identity-regexp "https://github.com/${{ github.repository }}/.github/workflows/build_packages.yml@refs/(heads|tags)/${{ github.ref_name }}" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
ghcr.io/${{ github.repository }}/documentdb-oss:PG${{ matrix.ivory_version }}-${{ matrix.arch }}-${{ env.DOCUMENTDB_VERSION }}