Skip to content

doc: roadmap update (#2217) #1214

doc: roadmap update (#2217)

doc: roadmap update (#2217) #1214

Workflow file for this run

name: release
on:
push:
tags:
- 'v*'
branches:
- main
- dev-release*
defaults:
run:
shell: bash
jobs:
build-go-binaries:
runs-on: ubuntu-20.04
if: github.repository == 'numaproj/numaflow'
name: Build binaries
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: '1.23'
- name: Build binaries
run: |
make build
chmod -R +x dist
- name: Make checksums
run: make checksums
- name: store artifacts
uses: actions/upload-artifact@v3
with:
name: binaries
path: dist
build-rust-amd64:
runs-on: ubuntu-24.04
defaults:
run:
working-directory: ./rust
steps:
- uses: actions/checkout@v4
- name: Setup Rust toolchain
uses: actions-rust-lang/[email protected]
with:
rustflags: ''
- name: Install dependencies
run: sudo apt-get install -y protobuf-compiler
- name: Build binary
run: RUSTFLAGS='-C target-feature=+crt-static' cargo build --release --target x86_64-unknown-linux-gnu
- name: Rename binary
run: cp -pv target/x86_64-unknown-linux-gnu/release/numaflow numaflow-rs-linux-amd64
- name: Upload numaflow binary
uses: actions/upload-artifact@v3
with:
name: numaflow-rs-linux-amd64
path: rust/numaflow-rs-linux-amd64
build-rust-arm64:
runs-on: ubuntu-24.04
defaults:
run:
working-directory: ./rust
steps:
- uses: actions/checkout@v4
- name: Update Rust Toolchain Target
run: |
echo "targets = ['aarch64-unknown-linux-gnu']" >> rust-toolchain.toml
- name: Setup Rust toolchain
uses: actions-rust-lang/[email protected]
with:
rustflags: ''
- name: Install dependenices
run: sudo apt-get install -y gcc-aarch64-linux-gnu protobuf-compiler
- name: Build binary
run: RUSTFLAGS='-C target-feature=+crt-static -C linker=aarch64-linux-gnu-gcc' cargo build --release --target aarch64-unknown-linux-gnu
- name: Rename binary
run: cp -pv target/aarch64-unknown-linux-gnu/release/numaflow numaflow-rs-linux-arm64
- name: Upload numaflow binary
uses: actions/upload-artifact@v3
with:
name: numaflow-rs-linux-arm64
path: rust/numaflow-rs-linux-arm64
build-push-linux-multi:
name: Build & push linux/amd64 and linux/arm64
needs: [ build-go-binaries, build-rust-amd64, build-rust-arm64]
runs-on: ubuntu-20.04
if: github.repository == 'numaproj/numaflow'
strategy:
matrix:
target: [ numaflow ]
steps:
- uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: "20"
- name: Setup Node-Cache
uses: actions/cache@v4
with:
path: ui/node_modules
key: ${{ runner.os }}-node-dep-v1-${{ hashFiles('**/yarn.lock') }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Download Go binaries
uses: actions/download-artifact@v3
with:
name: binaries
path: dist/
- name: Download Rust amd64 binaries
uses: actions/download-artifact@v3
with:
name: numaflow-rs-linux-amd64
path: dist/
- name: Download Rust arm64 binaries
uses: actions/download-artifact@v3
with:
name: numaflow-rs-linux-arm64
path: dist/
- name: Registry Login
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAYIO_USERNAME }}
password: ${{ secrets.QUAYIO_PASSWORD }}
- name: Set Version
id: version
run: |
tag=$(basename $GITHUB_REF)
if [ $tag = "main" ]; then
tag="latest"
fi
echo "VERSION=$tag" >> $GITHUB_OUTPUT
- name: Container build and push with arm64/amd64
run: |
IMAGE_NAMESPACE=${{ secrets.QUAYIO_ORG }} VERSION=${{ steps.version.outputs.VERSION }} DOCKER_PUSH=true make image-multi
Bom:
runs-on: ubuntu-latest
if: github.repository == 'numaproj/numaflow'
needs: [ build-push-linux-multi ]
steps:
# https://stackoverflow.com/questions/58033366/how-to-get-current-branch-within-github-actions
- run: |
if [ ${GITHUB_REF##*/} = main ]; then
echo "VERSION=latest" >> $GITHUB_ENV
else
echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV
fi
- uses: actions/setup-go@v5
with:
go-version: '1.23'
- uses: actions/checkout@v4
- run: go install sigs.k8s.io/bom/cmd/[email protected]
- run: go install github.com/spdx/spdx-sbom-generator/cmd/[email protected]
- run: mkdir -p dist
- run: generator -o /tmp -p .
- run: bom generate --image quay.io/numaproj/numaflow:$VERSION -o /tmp/numaflow.spdx
# pack the boms into one file to make it easy to download
- run: cd /tmp && tar -zcf sbom.tar.gz *.spdx
- uses: actions/upload-artifact@v3
with:
name: sbom.tar.gz
path: /tmp/sbom.tar.gz
Release:
runs-on: ubuntu-latest
if: github.repository == 'numaproj/numaflow'
needs: [ build-push-linux-multi, bom ]
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set Version
run: |
if [ ${GITHUB_REF##*/} = main ]; then
echo "VERSION=latest" >> $GITHUB_ENV
else
echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV
fi
- name: Download binaries
uses: actions/download-artifact@v3
with:
name: binaries
path: dist/
- uses: actions/download-artifact@v3
with:
name: sbom.tar.gz
path: /tmp
- name: Registry Login
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAYIO_USERNAME }}
password: ${{ secrets.QUAYIO_PASSWORD }}
- name: Install cosign
uses: sigstore/[email protected]
with:
cosign-release: 'v1.13.1'
- name: Install crane to get digest of image
uses: imjasonh/[email protected]
- name: Get digests of container images
run: |
echo "IMAGE_DIGEST=$(crane digest quay.io/numaproj/numaflow:$VERSION)" >> $GITHUB_ENV
- name: Sign Numaflow container images and assets
run: |
cosign sign --key env://COSIGN_PRIVATE_KEY quay.io/numaproj/numaflow@${{ env.IMAGE_DIGEST }}
cosign sign-blob --key env://COSIGN_PRIVATE_KEY ./dist/numaflow-checksums.txt > ./dist/numaflow-checksums.sig
cosign sign-blob --key env://COSIGN_PRIVATE_KEY /tmp/sbom.tar.gz > /tmp/sbom.tar.gz.sig
# Retrieves the public key to release as an asset
cosign public-key --key env://COSIGN_PRIVATE_KEY > ./dist/numaflow-cosign.pub
env:
COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
- name: Release binaries
uses: softprops/action-gh-release@v1
if: startsWith(github.ref, 'refs/tags/')
with:
files: |
dist/*.gz
dist/numaflow-checksums.txt
dist/numaflow-checksums.sig
dist/numaflow-cosign.pub
config/*.yaml
/tmp/sbom.tar.gz
/tmp/sbom.tar.gz.sig
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}