-
Notifications
You must be signed in to change notification settings - Fork 4
176 lines (150 loc) · 5.36 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
# Very basic GitHub Action workflow, goes in ~/.github/workflows/deploy.yaml
name: CI
# Controls when the workflow will run
on:
# Triggers the workflow on any branch or tag commit
push:
paths:
- '.github/workflows/*'
- 'admin/*'
- 'privileges/*'
- 'users_and_roles/*'
- 'databases/*'
branches:
- "main"
- "dev"
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
# This workflow contains a single job called "deploy"
deploy:
runs-on: ubuntu-latest
env:
SNOWSQL_PWD: ${{ secrets.SNOWSQL_PWD }}
SNOWSQL_ACCOUNT: ${{ secrets.SNOWSQL_ACCOUNT }}
SNOWSQL_USER: ${{ secrets.SNOWSQL_USER }}
# SNOWSQL_DATABASE: ${{ secrets.SNOWFLAKE_DATABASE }}
# SNOWSQL_SCHEMA: ${{ secrets.SNOWFLAKE_SCHEMA }}
# SNOWSQL_ROLE: ${{ secrets.SNOWFLAKE_ROLE }}
SNOWSQL_WAREHOUSE: ${{ secrets.SNOWSQL_WAREHOUSE }}
saml2_x509_cert: ${{ secrets.SAML2_X509_CERT }}
saml2_sso_url: ${{ secrets.SAML2_SSO_URL }}
saml2_issuer: ${{ secrets.SAML2_ISSUER }}
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v4
- name: Install SnowSQL
run: |
curl -O https://sfc-repo.snowflakecomputing.com/snowsql/bootstrap/1.2/linux_x86_64/snowsql-1.2.9-linux_x86_64.bash
SNOWSQL_DEST=~/bin SNOWSQL_LOGIN_SHELL=~/.profile bash snowsql-1.2.9-linux_x86_64.bash
- name: Create users
run: |
~/bin/snowsql -f users_and_roles/users.sql
- name: Create roles
run: |
~/bin/snowsql -f users_and_roles/roles.sql
- name: Create warehouses
run: |
~/bin/snowsql -f admin/warehouses.sql
- name: Create databases
run: |
~/bin/snowsql -f admin/databases.sql
- name: Create integration
run: |
~/bin/snowsql -f admin/integrations.sql --variable saml2_issuer=$saml2_issuer --variable saml2_sso_url=$saml2_sso_url --variable saml2_x509_cert=$saml2_x509_cert
# - name: Governance
# run: |
# ~/bin/snowsql -f admin/policies.sql
- name: Grant privileges
run: |
~/bin/snowsql -f privileges/grants.sql
schemachange_admin:
runs-on: ubuntu-latest
env:
SNOWFLAKE_PASSWORD: ${{ secrets.SNOWSQL_PWD }}
SNOWFLAKE_ACCOUNT: ${{ secrets.SNOWSQL_ACCOUNT }}
SNOWFLAKE_USER: ${{ secrets.SNOWSQL_USER }}
# SNOWSQL_DATABASE: ${{ secrets.SNOWFLAKE_DATABASE }}
# SNOWSQL_SCHEMA: ${{ secrets.SNOWFLAKE_SCHEMA }}
SNOWFLAKE_WAREHOUSE: ${{ secrets.SNOWSQL_WAREHOUSE }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: install-py-dependencies
shell: bash
run: |
pip install schemachange
- name: deploy warehouses
shell: bash
run: |
schemachange \
-f databases \
-a $SNOWFLAKE_ACCOUNT \
-u $SNOWFLAKE_USER \
-r SYSADMIN \
-w compute_xsmall \
-d METADATA
schemachange_synapse_data_warehouse_dev:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/dev'
environment: dev
env:
SNOWFLAKE_PASSWORD: ${{ secrets.SNOWSQL_PWD }}
SNOWFLAKE_ACCOUNT: ${{ secrets.SNOWSQL_ACCOUNT }}
SNOWFLAKE_USER: ${{ secrets.SNOWSQL_USER }}
# SNOWSQL_DATABASE: ${{ secrets.SNOWFLAKE_DATABASE }}
# SNOWSQL_SCHEMA: ${{ secrets.SNOWFLAKE_SCHEMA }}
SNOWFLAKE_SYNAPSE_DATA_WAREHOUSE_DATABASE: ${{ vars.SNOWFLAKE_SYNAPSE_DATA_WAREHOUSE_DATABASE }}
SNOWFLAKE_WAREHOUSE: ${{ secrets.SNOWSQL_WAREHOUSE }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: install-py-dependencies
shell: bash
run: |
pip install schemachange
- name: deploy synapse_data_warehouse
shell: bash
run: |
schemachange \
-f synapse_data_warehouse \
-a $SNOWFLAKE_ACCOUNT \
-u $SNOWFLAKE_USER \
-r SYSADMIN \
-w compute_xsmall \
--config-folder synapse_data_warehouse
schemachange_synapse_data_warehouse_prod:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
environment: prod
env:
SNOWFLAKE_PASSWORD: ${{ secrets.SNOWSQL_PWD }}
SNOWFLAKE_ACCOUNT: ${{ secrets.SNOWSQL_ACCOUNT }}
SNOWFLAKE_USER: ${{ secrets.SNOWSQL_USER }}
# SNOWSQL_DATABASE: ${{ secrets.SNOWFLAKE_DATABASE }}
# SNOWSQL_SCHEMA: ${{ secrets.SNOWFLAKE_SCHEMA }}
SNOWFLAKE_SYNAPSE_DATA_WAREHOUSE_DATABASE: ${{ vars.SNOWFLAKE_SYNAPSE_DATA_WAREHOUSE_DATABASE }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: install-py-dependencies
shell: bash
run: |
pip install schemachange
- name: deploy synapse_data_warehouse
shell: bash
run: |
schemachange \
-f synapse_data_warehouse
-a $SNOWFLAKE_ACCOUNT \
-u $SNOWFLAKE_USER \
-r SYSADMIN \
-w compute_xsmall \
--config-folder synapse_data_warehouse