Automated production image update #production-deploy #434

	# This workflow is triggered after a sync to production occurs. That means that
	# a new docker image has been published and the production branch has the
	# updated references.
	name: post-production-sync
	env:
	X_GITHUB_GRAPHQL_API: ${{ vars.X_GITHUB_GRAPHQL_API }}
	X_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	# This workflow only runs when we push to the production branch.
	on:
	# Allows you to run this workflow manually from the Actions tab
	push:
	branches:
	- production

	jobs:
	post-production-sync:
	name: post-production-sync
	environment: indexer
	runs-on: ubuntu-latest

	permissions:
	contents: 'read'
	id-token: 'write'

	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	with:
	fetch-depth: 1

	- name: Setup Python and UV
	uses: astral-sh/setup-uv@v5
	with:
	python-version: 3.12

	- name: Install dependencies
	run: uv sync --all-packages --all-extras

	- uses: 'google-github-actions/auth@v2'
	with:
	credentials_json: '${{ secrets.GOOGLE_CREDENTIALS_JSON }}'
	create_credentials_file: true

	- name: 'Set up Cloud SDK'
	uses: 'google-github-actions/setup-gcloud@v2'
	with:
	version: '>= 363.0.0'

	- uses: google-github-actions/get-gke-credentials@db150f2cc60d1716e61922b832eae71d2a45938f
	with:
	cluster_name: ${{ secrets.GKE_CLUSTER_NAME }}
	location: ${{ secrets.GKE_CLUSTER_REGION }}
	project_id: ${{ vars.GOOGLE_PROJECT_ID }}

	# If there's a push to production we need to run the migration for sqlmesh
	- name: Run sqlmesh migrate
	run: uv run oso production sqlmesh-migrate

Provide feedback