Sprint 1.10 #3785
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Build & Publish Docker Image" | |
concurrency: | |
group: "publish-${{ github.ref }}" | |
cancel-in-progress: true | |
on: | |
push: | |
branches: [ master,staging, sprint* ] | |
tags: | |
- '*' | |
pull_request: | |
workflow_dispatch: | |
env: | |
BLOBBER_REGISTRY: ${{ secrets.BLOBBER_REGISTRY }} | |
VALIDATOR_REGISTRY: ${{ secrets.VALIDATOR_REGISTRY }} | |
DOCKER_CLI_EXPERIMENTAL: enabled | |
BLOBBER_BUILDBASE: blobber_base | |
BLOBBER_BUILD_BASE_REGISTRY: ${{ secrets.BLOBBER_BUILD_BASE_REGISTRY }} | |
jobs: | |
blobber: | |
timeout-minutes: 25 | |
runs-on: [self-hosted, arc-runner] | |
steps: | |
- name: Set docker image tag | |
run: | | |
if [[ "${{github.ref}}" == refs/pull/* ]]; then | |
tag=${GITHUB_REF/\/merge/} | |
echo "TAG=$(echo pr-${tag:10})" >> $GITHUB_ENV | |
else | |
echo "TAG=$(echo ${GITHUB_REF#refs/*/} | sed 's/\//-/g')" >> $GITHUB_ENV | |
fi | |
echo "BRANCH=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo ${GITHUB_REF#refs/*/} || echo $GITHUB_HEAD_REF)" >> $GITHUB_ENV | |
echo "SHA=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo $GITHUB_SHA || echo '${{ github.event.pull_request.head.sha }}')" >> $GITHUB_ENV | |
- name: Setup go | |
uses: actions/setup-go@v3 | |
with: | |
go-version: ^1.20 # The Go version to download (if necessary) and use. | |
- name: Clone blobber | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Docker Buildx | |
run: | | |
sudo apt-get update -y | |
sudo apt-get install wget | |
sudo apt-get install ca-certificates curl gnupg lsb-release -y | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg | |
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null | |
sudo apt-get update -y | |
sudo apt-get install docker-ce docker-ce-cli containerd.io -y | |
export DOCKER_CLI_EXPERIMENTAL=enabled | |
docker run --privileged --rm tonistiigi/binfmt --install all | |
docker context create blobber_buildx | |
- name: Login to Docker Hub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Get changed files using defaults | |
id: changed-files | |
uses: tj-actions/[email protected] | |
- name: Pull Build Base | |
run: | | |
docker pull $BLOBBER_BUILD_BASE_REGISTRY:staging | |
docker tag $BLOBBER_BUILD_BASE_REGISTRY:staging $BLOBBER_BUILDBASE | |
- name: Build Base image | |
if: contains(steps.changed-files.outputs.modified_files, 'docker.local/base.Dockerfile') | |
run: | | |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8) | |
./docker.local/bin/build.base.sh && | |
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG | |
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA | |
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG | |
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA | |
- name: Build blobber | |
run: | | |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8) | |
export DOCKER_IMAGE_BASE="${BLOBBER_REGISTRY}:base" | |
export DOCKER_IMAGE_SWAGGER="${BLOBBER_REGISTRY}:swagger_test" | |
export DOCKER_BUILD="buildx build --platform linux/amd64,linux/arm64 --push" | |
export DOCKER_IMAGE_BLOBBER="-t ${BLOBBER_REGISTRY}:${TAG} -t ${BLOBBER_REGISTRY}:${TAG}-${SHORT_SHA}" | |
docker buildx create --driver-opt network=host --use --buildkitd-flags '--allow-insecure-entitlement security.insecure' --use blobber_buildx | |
./docker.local/bin/build.blobber.sh | |
validator: | |
timeout-minutes: 20 | |
runs-on: [self-hosted, arc-runner] | |
steps: | |
- name: Set docker image tag | |
run: | | |
if [[ "${{github.ref}}" == refs/pull/* ]]; then | |
tag=${GITHUB_REF/\/merge/} | |
echo "TAG=$(echo pr-${tag:10})" >> $GITHUB_ENV | |
else | |
echo "TAG=$(echo ${GITHUB_REF#refs/*/} | sed 's/\//-/g')" >> $GITHUB_ENV | |
fi | |
echo "BRANCH=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo ${GITHUB_REF#refs/*/} || echo $GITHUB_HEAD_REF)" >> $GITHUB_ENV | |
echo "SHA=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo $GITHUB_SHA || echo '${{ github.event.pull_request.head.sha }}')" >> $GITHUB_ENV | |
- name: Setup go | |
uses: actions/setup-go@v3 | |
with: | |
go-version: ^1.20 # The Go version to download (if necessary) and use. | |
- name: Clone blobber | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Set up Docker Buildx | |
run: | | |
sudo apt-get update -y | |
sudo apt-get install wget | |
sudo apt-get install ca-certificates curl gnupg lsb-release -y | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg | |
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null | |
sudo apt-get update -y | |
sudo apt-get install docker-ce docker-ce-cli containerd.io -y | |
export DOCKER_CLI_EXPERIMENTAL=enabled | |
docker run --privileged --rm tonistiigi/binfmt --install all | |
docker context create blobber_buildx | |
- name: Login to Docker Hub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Get changed files using defaults | |
id: changed-files | |
uses: tj-actions/[email protected] | |
- name: Pull Build Base | |
run: | | |
docker pull $BLOBBER_BUILD_BASE_REGISTRY:staging | |
docker tag $BLOBBER_BUILD_BASE_REGISTRY:staging $BLOBBER_BUILDBASE | |
- name: Build Base image | |
if: contains(steps.changed-files.outputs.modified_files, 'docker.local/base.Dockerfile') | |
run: | | |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8) | |
./docker.local/bin/build.base.sh | |
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG | |
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA | |
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG | |
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA | |
- name: Build validator | |
run: | | |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8) | |
export DOCKER_IMAGE_BASE="${VALIDATOR_REGISTRY}:base" | |
export DOCKER_BUILD="buildx build --platform linux/amd64,linux/arm64 --push" | |
export DOCKER_IMAGE_VALIDATOR="-t ${VALIDATOR_REGISTRY}:${TAG} -t ${VALIDATOR_REGISTRY}:${TAG}-${SHORT_SHA}" | |
docker buildx create --driver-opt network=host --use --buildkitd-flags '--allow-insecure-entitlement security.insecure' --use blobber_buildx | |
./docker.local/bin/build.validator.sh | |
system-tests: | |
if: github.event_name != 'workflow_dispatch' | |
needs: [blobber, validator] | |
runs-on: [ tests-suite ] | |
steps: | |
- name: "Get current PR" | |
uses: jwalton/gh-find-current-pr@v1 | |
id: findPr | |
with: | |
github-token: ${{ github.token }} | |
- name: "Set PR status as pending" | |
uses: 0chain/actions/set-pr-status@master | |
if: steps.findPr.outputs.number | |
with: | |
pr_number: ${{ steps.findPr.outputs.pr }} | |
description: "System tests running with default config..." | |
state: "pending" | |
repository: ${{ github.repository }} | |
status_name: "0Chain System Tests" | |
target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
github_token: ${{ github.token }} | |
- name: "Setup" | |
run: | | |
if [[ "${{github.ref}}" == refs/pull/* ]]; then | |
tag=${GITHUB_REF/\/merge/} | |
echo "TAG=$(echo pr-${tag:10})" >> $GITHUB_ENV | |
else | |
echo "TAG=$(echo ${GITHUB_REF#refs/*/} | sed 's/\//-/g')" >> $GITHUB_ENV | |
fi | |
echo "BRANCH=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo ${GITHUB_REF#refs/*/} || echo $GITHUB_HEAD_REF)" >> $GITHUB_ENV | |
echo "SHORT_SHA=$(([ -z '${{ github.event.pull_request.head.sha }}' ] && echo $GITHUB_SHA || echo '${{ github.event.pull_request.head.sha }}') | head -c 8)" >> $GITHUB_ENV | |
echo "NETWORK_URL=$(echo dev-${RUNNER_NAME:(-1)}.devnet-0chain.net)" >> $GITHUB_ENV | |
echo "RUNNER_NUMBER=${RUNNER_NAME:(-1)}" >> $GITHUB_ENV | |
- name: "Deploy 0Chain" | |
uses: 0chain/actions/deploy-0chain@master | |
with: | |
repo_snapshots_branch: "<CURRENT BRANCH WITH FALLBACK TO CURRENT_SPRINT>" | |
kube_config: ${{ secrets[format('DEV{0}KC', env.RUNNER_NUMBER)] }} | |
teardown_condition: "TESTS_PASSED" | |
blobber_image: ${{ env.TAG }}-${{ env.SHORT_SHA }} | |
validator_image: ${{ env.TAG }}-${{ env.SHORT_SHA }} | |
SUBGRAPH_API_URL: ${{ secrets.SUBGRAPH_API_URL }} | |
TENDERLY_FORK_ID: ${{ secrets.TENDERLY_FORK_ID }} | |
graphnode_sc: ${{ secrets.GRAPHNODE_SC }} | |
graphnode_network: ${{ secrets.GRAPHNODE_NETWORK }} | |
graphnode_ethereum_node_url: https://rpc.tenderly.co/fork/${{ secrets.TENDERLY_FORK_ID }} | |
svc_account_secret: ${{ secrets.SVC_ACCOUNT_SECRET }} | |
- name: "Run System tests" | |
uses: 0chain/actions/run-system-tests@master | |
with: | |
repo_snapshots_branch: "<CURRENT BRANCH WITH FALLBACK TO CURRENT_SPRINT>" | |
network: ${{ env.NETWORK_URL }} | |
svc_account_secret: ${{ secrets.SVC_ACCOUNT_SECRET }} | |
deploy_report_page: false | |
archive_results: true | |
run_flaky_tests: false | |
retry_failures: true | |
run_smoke_tests: ${{ github.ref != 'refs/heads/staging' && github.base_ref != 'staging' && github.ref != 'refs/heads/master' && github.base_ref != 'master' }} | |
TENDERLY_FORK_ID: ${{ secrets.TENDERLY_FORK_ID }} | |
DEVOPS_CHANNEL_WEBHOOK_URL: ${{ secrets.DEVOPS_CHANNEL_WEBHOOK_URL }} | |
S3_ACCESS_KEY: ${{ secrets.S3_ACCESS_KEY }} | |
S3_SECRET_KEY: ${{ secrets.S3_SECRET_KEY }} | |
- name: "Set PR status as ${{ job.status }}" | |
if: ${{ (success() || failure()) && steps.findPr.outputs.number }} | |
uses: 0chain/actions/set-pr-status@master | |
with: | |
pr_number: ${{ steps.findPr.outputs.pr }} | |
description: "System tests with default config ${{ job.status }}" | |
state: ${{ job.status }} | |
repository: ${{ github.repository }} | |
status_name: "0Chain System Tests" | |
target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
github_token: ${{ github.token }} |