Deploy to Rill Cloud #9876
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow triggers deployment with Rill Cloud helm charts | |
| # Each merge to main branch is build with github sha tag and published to Rill Cloud. | |
| name: Deploy to Rill Cloud | |
| on: | |
| create: | |
| branches: | |
| - "release**" | |
| push: | |
| tags: | |
| - "v*" | |
| branches: | |
| - "main" | |
| - "release**" | |
| workflow_dispatch: | |
| env: | |
| RELEASE: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
| DEPLOY_CLOUD: 1 | |
| IMAGE: gcr.io/rilldata/rill-headless | |
| jobs: | |
| validate-sequential: | |
| if: github.event_name == 'workflow_dispatch' || github.event_name == 'push' || ( github.event_name == 'create' && startsWith(github.ref_name, 'release') ) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Check Admin Migrations | |
| run: | | |
| ./scripts/check_migrations.sh admin/database/postgres/migrations | |
| - name: Check Runtime Migrations | |
| run: | | |
| ./scripts/check_migrations.sh runtime/drivers/sqlite/migrations | |
| build: | |
| # https://github.com/orgs/community/discussions/54860 | |
| if: github.event_name == 'workflow_dispatch' || github.event_name == 'push' || ( github.event_name == 'create' && startsWith(github.ref_name, 'release') ) | |
| needs: validate-sequential | |
| name: Build Rill Headless CLI | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| include: | |
| - os: ubuntu-22.04 | |
| arch: amd64 | |
| - os: ubuntu-22.04-arm | |
| arch: arm64 | |
| fail-fast: false | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.ref }} | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.24 | |
| - name: Login to GCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: gcr.io | |
| username: _json_key | |
| password: ${{ secrets.RILL_BINARY_SA }} | |
| - name: Build & Publish Rill docker image | |
| run: |- | |
| if [ "$RELEASE" == "true" ] || [ "$GITHUB_REF_NAME" == "main" ]; then | |
| echo "DEPLOY_CLOUD=1" >> $GITHUB_ENV | |
| else | |
| echo "LATEST_BRANCH=$(git branch -r | grep release-0 | sort | tail -1)" | |
| echo "DEPLOY_CLOUD=$(git branch -r | grep release-0 | sort | tail -1 | grep -c $GITHUB_REF_NAME)" >> $GITHUB_ENV | |
| fi | |
| # Embed DuckDB extensions in the Rill binary | |
| go run scripts/embed_duckdb_ext/main.go | |
| if [ ${RELEASE} == "true" ]; then | |
| go build -o rill -mod=readonly -ldflags="-s -w -X main.Version=$(git describe --tags `git rev-list --tags --max-count=1`) -X main.Commit=${GITHUB_SHA} -X main.BuildDate=$(date +%FT%T)" cli/main.go | |
| else | |
| go build -o rill -mod=readonly -ldflags="-s -w -X main.Commit=${GITHUB_SHA} -X main.BuildDate=$(date +%FT%T)" cli/main.go | |
| fi | |
| docker build -t ${IMAGE}:${GITHUB_SHA}-${{ matrix.arch }} . | |
| docker push ${IMAGE}:${GITHUB_SHA}-${{ matrix.arch }} | |
| docker: | |
| runs-on: ubuntu-latest | |
| name: Create multi-arch Docker Image | |
| needs: build # wait until all build jobs finish | |
| steps: | |
| - name: Login to GCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: gcr.io | |
| username: _json_key | |
| password: ${{ secrets.RILL_BINARY_SA }} | |
| - name: Build multi-arch Rill docker image | |
| run: |- | |
| docker manifest create ${IMAGE}:${GITHUB_SHA} ${IMAGE}:${GITHUB_SHA}-amd64 ${IMAGE}:${GITHUB_SHA}-arm64 | |
| docker manifest annotate --arch amd64 ${IMAGE}:${GITHUB_SHA} ${IMAGE}:${GITHUB_SHA}-amd64 | |
| docker manifest annotate --arch arm64 ${IMAGE}:${GITHUB_SHA} ${IMAGE}:${GITHUB_SHA}-arm64 | |
| docker manifest push ${IMAGE}:${GITHUB_SHA} | |
| if [ ${RELEASE} == "true" ]; then | |
| docker buildx imagetools create -t ${IMAGE}:${GITHUB_REF_NAME} ${IMAGE}:${GITHUB_SHA} | |
| fi | |
| - name: Trigger Rill Cloud deployment | |
| if: env.DEPLOY_CLOUD == '1' | |
| run: |- | |
| set -e | |
| curl -X POST https://api.github.com/repos/rilldata/rill-helm-charts/dispatches \ | |
| -H "Accept: application/vnd.github.everest-preview+json" \ | |
| -H "Authorization: token ${{ secrets.GORELEASER_ACCESS_TOKEN }}" \ | |
| --data '{"event_type": "Deploying Tag: '"${GITHUB_REF_NAME}"'", "client_payload": { "github_sha": "'"${GITHUB_SHA}"'", "tag": "'"${GITHUB_REF_NAME}"'", "release": "${{ env.RELEASE }}"}}' | |
| - name: Notify Slack | |
| uses: ravsamhq/notify-slack-action@v2 | |
| if: always() | |
| with: | |
| status: ${{ job.status }} | |
| notification_title: "{workflow} has {status_message}" | |
| message_format: "{emoji} *{workflow}* {status_message} in <{repo_url}|{repo}>" | |
| footer: "Linked Repo <{repo_url}|{repo}>" | |
| notify_when: "failure" | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_ANNOUNCE_DD }} |