Merge pull request #1501 from 0chain/fix/refpath-lock #5448
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Build & Publish Docker Image" | |
concurrency: | |
group: "publish-${{ github.ref }}" | |
cancel-in-progress: true | |
on: | |
push: | |
branches: [ master,staging, sprint* ] | |
tags: | |
- '*' | |
pull_request: | |
workflow_dispatch: | |
env: | |
BLOBBER_REGISTRY: ${{ secrets.BLOBBER_REGISTRY }} | |
VALIDATOR_REGISTRY: ${{ secrets.VALIDATOR_REGISTRY }} | |
DOCKER_CLI_EXPERIMENTAL: enabled | |
BLOBBER_BUILDBASE: blobber_base | |
BLOBBER_BUILD_BASE_REGISTRY: ${{ secrets.BLOBBER_BUILD_BASE_REGISTRY }} | |
jobs: | |
blobber: | |
timeout-minutes: 30 | |
runs-on: [blobber-runner] | |
steps: | |
- name: Cleanup before restarting conductor tests. | |
run: | | |
echo 'y' | docker system prune -a || true | |
cd /tmp | |
sudo rm -rf ./* | |
- name: Set docker image tag | |
run: | | |
if [[ "${{github.ref}}" == refs/pull/* ]]; then | |
tag=${GITHUB_REF/\/merge/} | |
echo "TAG=$(echo pr-${tag:10})" >> $GITHUB_ENV | |
else | |
echo "TAG=$(echo ${GITHUB_REF#refs/*/} | sed 's/\//-/g')" >> $GITHUB_ENV | |
fi | |
echo "BRANCH=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo ${GITHUB_REF#refs/*/} || echo $GITHUB_HEAD_REF)" >> $GITHUB_ENV | |
echo "SHA=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo $GITHUB_SHA || echo '${{ github.event.pull_request.head.sha }}')" >> $GITHUB_ENV | |
# - name: Setup go | |
# uses: actions/setup-go@v4 | |
# with: | |
# go-version: ^1.21 # The Go version to download (if necessary) and use. | |
- name: Clone blobber | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
# - name: Login to Docker Hub | |
# uses: docker/login-action@v1 | |
# with: | |
# username: ${{ secrets.DOCKERHUB_USERNAME }} | |
# password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
# - name: Get changed files using defaults | |
# id: changed-files | |
# uses: tj-actions/changed-files@v18.4 | |
- name: Pull Build Base | |
env: | |
DOCKER_CONFIG: /tmp/docker-config-${{ github.run_id }} | |
run: | | |
docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_PASSWORD }} | |
docker pull $BLOBBER_BUILD_BASE_REGISTRY:staging | |
docker tag $BLOBBER_BUILD_BASE_REGISTRY:staging $BLOBBER_BUILDBASE | |
- name: Build Base image | |
# if: contains(steps.changed-files.outputs.modified_files, 'docker.local/base.Dockerfile') | |
env: | |
DOCKER_CONFIG: /tmp/docker-config-${{ github.run_id }} | |
run: | | |
docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_PASSWORD }} | |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8) | |
./docker.local/bin/build.base.sh && | |
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG | |
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA | |
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG | |
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA | |
- name: Build blobber | |
env: | |
DOCKER_CONFIG: /tmp/docker-config-${{ github.run_id }} | |
run: | | |
docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_PASSWORD }} | |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8) | |
export DOCKER_IMAGE_BASE="$BLOBBER_BUILD_BASE_REGISTRY:$TAG" | |
export DOCKER_IMAGE_SWAGGER="${BLOBBER_REGISTRY}:swagger_test" | |
# export DOCKER_BUILD="buildx build --platform linux/amd64,linux/arm64 --push" | |
export DOCKER_BUILD="build --push" | |
export DOCKER_IMAGE_BLOBBER="-t ${BLOBBER_REGISTRY}:${TAG}" | |
export CONTEXT_NAME="$RUNNER_NAME" && (docker context inspect "$CONTEXT_NAME" >/dev/null 2>&1 || docker context create "$CONTEXT_NAME") | |
docker buildx inspect "blobber-$RUNNER_NAME" || docker buildx create --name "blobber-$RUNNER_NAME" --driver-opt network=host --buildkitd-flags '--allow-insecure-entitlement security.insecure' "$CONTEXT_NAME" | |
docker buildx use "blobber-$RUNNER_NAME" | |
./docker.local/bin/build.blobber.sh | |
docker tag ${BLOBBER_REGISTRY}:${TAG} ${BLOBBER_REGISTRY}:${TAG}-${SHORT_SHA} | |
docker push ${BLOBBER_REGISTRY}:${TAG}-${SHORT_SHA} | |
validator: | |
timeout-minutes: 30 | |
runs-on: [blobber-runner] | |
steps: | |
- name: Cleanup before restarting conductor tests. | |
run: | | |
echo 'y' | docker system prune -a || true | |
cd /tmp | |
sudo rm -rf ./* | |
- name: Set docker image tag | |
run: | | |
if [[ "${{github.ref}}" == refs/pull/* ]]; then | |
tag=${GITHUB_REF/\/merge/} | |
echo "TAG=$(echo pr-${tag:10})" >> $GITHUB_ENV | |
else | |
echo "TAG=$(echo ${GITHUB_REF#refs/*/} | sed 's/\//-/g')" >> $GITHUB_ENV | |
fi | |
echo "BRANCH=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo ${GITHUB_REF#refs/*/} || echo $GITHUB_HEAD_REF)" >> $GITHUB_ENV | |
echo "SHA=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo $GITHUB_SHA || echo '${{ github.event.pull_request.head.sha }}')" >> $GITHUB_ENV | |
# - name: Setup go | |
# uses: actions/setup-go@v4 | |
# with: | |
# go-version: ^1.21 # The Go version to download (if necessary) and use. | |
# - name: Login to Docker Hub | |
# uses: docker/login-action@v1 | |
# with: | |
# username: ${{ secrets.DOCKERHUB_USERNAME }} | |
# password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Clone blobber | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
# - name: Get changed files using defaults | |
# id: changed-files | |
# uses: tj-actions/changed-files@v18.4 | |
# with: | |
# fetch-depth: 0 | |
- name: Pull Build Base | |
env: | |
DOCKER_CONFIG: /tmp/docker-config-${{ github.run_id }} | |
run: | | |
docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_PASSWORD }} | |
docker pull $BLOBBER_BUILD_BASE_REGISTRY:staging | |
docker tag $BLOBBER_BUILD_BASE_REGISTRY:staging $BLOBBER_BUILDBASE | |
- name: Build Base image | |
# if: contains(steps.changed-files.outputs.modified_files, 'docker.local/base.Dockerfile') | |
env: | |
DOCKER_CONFIG: /tmp/docker-config-${{ github.run_id }} | |
run: | | |
docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_PASSWORD }} | |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8) | |
./docker.local/bin/build.base.sh | |
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG | |
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA | |
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG | |
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA | |
- name: Build validator | |
env: | |
DOCKER_CONFIG: /tmp/docker-config-${{ github.run_id }} | |
run: | | |
docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_PASSWORD }} | |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8) | |
export DOCKER_IMAGE_BASE="$BLOBBER_BUILD_BASE_REGISTRY:$TAG" | |
# export DOCKER_BUILD="buildx build --platform linux/amd64,linux/arm64 --push" | |
export DOCKER_BUILD="build --push" | |
export DOCKER_IMAGE_VALIDATOR="-t ${VALIDATOR_REGISTRY}:${TAG}" | |
export CONTEXT_NAME="$RUNNER_NAME" && (docker context inspect "$CONTEXT_NAME" >/dev/null 2>&1 || docker context create "$CONTEXT_NAME") | |
docker buildx inspect "validator-$RUNNER_NAME" || docker buildx create --name "validator-$RUNNER_NAME" --driver-opt network=host --buildkitd-flags '--allow-insecure-entitlement security.insecure' "$CONTEXT_NAME" | |
docker buildx use "validator-$RUNNER_NAME" | |
./docker.local/bin/build.validator.sh | |
docker tag ${VALIDATOR_REGISTRY}:${TAG} ${VALIDATOR_REGISTRY}:${TAG}-${SHORT_SHA} | |
docker push ${VALIDATOR_REGISTRY}:${TAG}-${SHORT_SHA} | |
system-tests: | |
if: github.event_name != 'workflow_dispatch' | |
needs: [blobber, validator] | |
runs-on: [ tests-suite ] | |
steps: | |
- name: "Get current PR" | |
uses: jwalton/gh-find-current-pr@v1 | |
id: findPr | |
with: | |
github-token: ${{ github.token }} | |
- name: "Set PR status as pending" | |
uses: 0chain/actions/set-pr-status@master | |
if: steps.findPr.outputs.number | |
with: | |
pr_number: ${{ steps.findPr.outputs.pr }} | |
description: "System tests running with default config..." | |
state: "pending" | |
repository: ${{ github.repository }} | |
status_name: "0Chain System Tests" | |
target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
github_token: ${{ github.token }} | |
- name: "Setup" | |
run: | | |
if [[ "${{github.ref}}" == refs/pull/* ]]; then | |
tag=${GITHUB_REF/\/merge/} | |
echo "TAG=$(echo pr-${tag:10})" >> $GITHUB_ENV | |
else | |
echo "TAG=$(echo ${GITHUB_REF#refs/*/} | sed 's/\//-/g')" >> $GITHUB_ENV | |
fi | |
echo "BRANCH=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo ${GITHUB_REF#refs/*/} || echo $GITHUB_HEAD_REF)" >> $GITHUB_ENV | |
echo "SHORT_SHA=$(([ -z '${{ github.event.pull_request.head.sha }}' ] && echo $GITHUB_SHA || echo '${{ github.event.pull_request.head.sha }}') | head -c 8)" >> $GITHUB_ENV | |
echo "NETWORK_URL=$(echo dev-${RUNNER_NAME:(-1)}.devnet-0chain.net)" >> $GITHUB_ENV | |
echo "RUNNER_NUMBER=${RUNNER_NAME:(-1)}" >> $GITHUB_ENV | |
- name: 'Setup jq' | |
uses: dcarbone/install-jq-action@v2.1.0 | |
with: | |
version: '1.7' | |
force: 'false' | |
- name: "Create Tenderly virtual testnet" | |
run: | | |
echo "TENDERLY_CREATION_INFO=$(curl -X POST \ | |
-H "x-access-key: ${{ secrets.TENDERLY_SECRET }}" \ | |
-H "Content-Type: application/json" \ | |
-d '{"slug":"mainnet-dev-${{ env.RUNNER_NUMBER }}-${{ github.run_id }}","displayName":"mainnet-dev-${{ env.RUNNER_NUMBER }}-${{ github.run_id }}","description":"","visibility":"TEAM","tags":{"purpose":"development"},"networkConfig":{"networkId":"1","blockNumber":"18512782","chainConfig":{"chainId":"1"},"baseFeePerGas":"1"},"explorerConfig":{"enabled":false,"verificationVisibility":"bytecode"},"syncState":false}' \ | |
https://api.tenderly.co/api/v1/account/zus_network/project/project/testnet/container)" >> $GITHUB_ENV | |
- name: "Parse Tenderly virtual testnet creation transaction result" | |
run: | | |
echo "TENDERLY_VIRTUAL_TESTNET_ID=$(echo '${{ env.TENDERLY_CREATION_INFO }}' | jq -r '.container.id')" >> $GITHUB_ENV | |
echo "TENDERLY_VIRTUAL_TESTNET_RPC_ID=$(echo '${{ env.TENDERLY_CREATION_INFO }}' | jq -r '.container.connectivityConfig.endpoints[0].id')" >> $GITHUB_ENV | |
- name: "Deploy 0Chain" | |
uses: 0chain/actions/deploy-0chain@master | |
with: | |
repo_snapshots_branch: "<CURRENT BRANCH WITH FALLBACK TO CURRENT_SPRINT>" | |
kube_config: ${{ secrets[format('DEV{0}KC', env.RUNNER_NUMBER)] }} | |
teardown_condition: "TESTS_PASSED" | |
blobber_image: ${{ env.TAG }}-${{ env.SHORT_SHA }} | |
validator_image: ${{ env.TAG }}-${{ env.SHORT_SHA }} | |
SUBGRAPH_API_URL: ${{ secrets.SUBGRAPH_API_URL }} | |
TENDERLY_VIRTUAL_TESTNET_RPC_ID: ${{ env.TENDERLY_VIRTUAL_TESTNET_RPC_ID }} | |
graphnode_sc: ${{ secrets.GRAPHNODE_SC }} | |
graphnode_network: ${{ secrets.GRAPHNODE_NETWORK }} | |
graphnode_ethereum_node_url: https://virtual.mainnet.rpc.tenderly.co/${{ env.TENDERLY_VIRTUAL_TESTNET_RPC_ID }} | |
svc_account_secret: ${{ secrets.SVC_ACCOUNT_SECRET }} | |
- name: "Run System tests" | |
uses: 0chain/actions/run-system-tests@master | |
with: | |
repo_snapshots_branch: "<CURRENT BRANCH WITH FALLBACK TO CURRENT_SPRINT>" | |
network: ${{ env.NETWORK_URL }} | |
svc_account_secret: ${{ secrets.SVC_ACCOUNT_SECRET }} | |
deploy_report_page: false | |
archive_results: true | |
run_flaky_tests: false | |
retry_failures: true | |
run_smoke_tests: ${{ github.ref != 'refs/heads/staging' && github.base_ref != 'staging' && github.ref != 'refs/heads/master' && github.base_ref != 'master' }} | |
TENDERLY_VIRTUAL_TESTNET_RPC_ID: ${{ env.TENDERLY_VIRTUAL_TESTNET_RPC_ID }} | |
DEVOPS_CHANNEL_WEBHOOK_URL: ${{ secrets.DEVOPS_CHANNEL_WEBHOOK_URL }} | |
S3_ACCESS_KEY: ${{ secrets.S3_ACCESS_KEY }} | |
S3_SECRET_KEY: ${{ secrets.S3_SECRET_KEY }} | |
- name: "Remove Tenderly virtual testnet" | |
if: always() | |
run: | | |
curl -X DELETE \ | |
-H "x-access-key: ${{ secrets.TENDERLY_SECRET }}" \ | |
-H "Content-Type: application/json" \ | |
https://api.tenderly.co/api/v1/account/zus_network/project/project/testnet/container/${{ env.TENDERLY_VIRTUAL_TESTNET_ID }} | |
- name: "Set PR status as ${{ job.status }}" | |
if: ${{ (success() || failure()) && steps.findPr.outputs.number }} | |
uses: 0chain/actions/set-pr-status@master | |
with: | |
pr_number: ${{ steps.findPr.outputs.pr }} | |
description: "System tests with default config ${{ job.status }}" | |
state: ${{ job.status }} | |
repository: ${{ github.repository }} | |
status_name: "0Chain System Tests" | |
target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
github_token: ${{ github.token }} |