Skip to content

Sprint 1.10

Sprint 1.10 #3785

name: "Build & Publish Docker Image"
concurrency:
group: "publish-${{ github.ref }}"
cancel-in-progress: true
on:
push:
branches: [ master,staging, sprint* ]
tags:
- '*'
pull_request:
workflow_dispatch:
env:
BLOBBER_REGISTRY: ${{ secrets.BLOBBER_REGISTRY }}
VALIDATOR_REGISTRY: ${{ secrets.VALIDATOR_REGISTRY }}
DOCKER_CLI_EXPERIMENTAL: enabled
BLOBBER_BUILDBASE: blobber_base
BLOBBER_BUILD_BASE_REGISTRY: ${{ secrets.BLOBBER_BUILD_BASE_REGISTRY }}
jobs:
blobber:
timeout-minutes: 25
runs-on: [self-hosted, arc-runner]
steps:
- name: Set docker image tag
run: |
if [[ "${{github.ref}}" == refs/pull/* ]]; then
tag=${GITHUB_REF/\/merge/}
echo "TAG=$(echo pr-${tag:10})" >> $GITHUB_ENV
else
echo "TAG=$(echo ${GITHUB_REF#refs/*/} | sed 's/\//-/g')" >> $GITHUB_ENV
fi
echo "BRANCH=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo ${GITHUB_REF#refs/*/} || echo $GITHUB_HEAD_REF)" >> $GITHUB_ENV
echo "SHA=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo $GITHUB_SHA || echo '${{ github.event.pull_request.head.sha }}')" >> $GITHUB_ENV
- name: Setup go
uses: actions/setup-go@v3
with:
go-version: ^1.20 # The Go version to download (if necessary) and use.
- name: Clone blobber
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up Docker Buildx
run: |
sudo apt-get update -y
sudo apt-get install wget
sudo apt-get install ca-certificates curl gnupg lsb-release -y
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update -y
sudo apt-get install docker-ce docker-ce-cli containerd.io -y
export DOCKER_CLI_EXPERIMENTAL=enabled
docker run --privileged --rm tonistiigi/binfmt --install all
docker context create blobber_buildx
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Get changed files using defaults
id: changed-files
uses: tj-actions/[email protected]
- name: Pull Build Base
run: |
docker pull $BLOBBER_BUILD_BASE_REGISTRY:staging
docker tag $BLOBBER_BUILD_BASE_REGISTRY:staging $BLOBBER_BUILDBASE
- name: Build Base image
if: contains(steps.changed-files.outputs.modified_files, 'docker.local/base.Dockerfile')
run: |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8)
./docker.local/bin/build.base.sh &&
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA
- name: Build blobber
run: |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8)
export DOCKER_IMAGE_BASE="${BLOBBER_REGISTRY}:base"
export DOCKER_IMAGE_SWAGGER="${BLOBBER_REGISTRY}:swagger_test"
export DOCKER_BUILD="buildx build --platform linux/amd64,linux/arm64 --push"
export DOCKER_IMAGE_BLOBBER="-t ${BLOBBER_REGISTRY}:${TAG} -t ${BLOBBER_REGISTRY}:${TAG}-${SHORT_SHA}"
docker buildx create --driver-opt network=host --use --buildkitd-flags '--allow-insecure-entitlement security.insecure' --use blobber_buildx
./docker.local/bin/build.blobber.sh
validator:
timeout-minutes: 20
runs-on: [self-hosted, arc-runner]
steps:
- name: Set docker image tag
run: |
if [[ "${{github.ref}}" == refs/pull/* ]]; then
tag=${GITHUB_REF/\/merge/}
echo "TAG=$(echo pr-${tag:10})" >> $GITHUB_ENV
else
echo "TAG=$(echo ${GITHUB_REF#refs/*/} | sed 's/\//-/g')" >> $GITHUB_ENV
fi
echo "BRANCH=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo ${GITHUB_REF#refs/*/} || echo $GITHUB_HEAD_REF)" >> $GITHUB_ENV
echo "SHA=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo $GITHUB_SHA || echo '${{ github.event.pull_request.head.sha }}')" >> $GITHUB_ENV
- name: Setup go
uses: actions/setup-go@v3
with:
go-version: ^1.20 # The Go version to download (if necessary) and use.
- name: Clone blobber
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up Docker Buildx
run: |
sudo apt-get update -y
sudo apt-get install wget
sudo apt-get install ca-certificates curl gnupg lsb-release -y
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update -y
sudo apt-get install docker-ce docker-ce-cli containerd.io -y
export DOCKER_CLI_EXPERIMENTAL=enabled
docker run --privileged --rm tonistiigi/binfmt --install all
docker context create blobber_buildx
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Get changed files using defaults
id: changed-files
uses: tj-actions/[email protected]
- name: Pull Build Base
run: |
docker pull $BLOBBER_BUILD_BASE_REGISTRY:staging
docker tag $BLOBBER_BUILD_BASE_REGISTRY:staging $BLOBBER_BUILDBASE
- name: Build Base image
if: contains(steps.changed-files.outputs.modified_files, 'docker.local/base.Dockerfile')
run: |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8)
./docker.local/bin/build.base.sh
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG
docker tag $BLOBBER_BUILDBASE $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG
docker push $BLOBBER_BUILD_BASE_REGISTRY:$TAG-$SHORT_SHA
- name: Build validator
run: |
SHORT_SHA=$(echo ${{ env.SHA }} | head -c 8)
export DOCKER_IMAGE_BASE="${VALIDATOR_REGISTRY}:base"
export DOCKER_BUILD="buildx build --platform linux/amd64,linux/arm64 --push"
export DOCKER_IMAGE_VALIDATOR="-t ${VALIDATOR_REGISTRY}:${TAG} -t ${VALIDATOR_REGISTRY}:${TAG}-${SHORT_SHA}"
docker buildx create --driver-opt network=host --use --buildkitd-flags '--allow-insecure-entitlement security.insecure' --use blobber_buildx
./docker.local/bin/build.validator.sh
system-tests:
if: github.event_name != 'workflow_dispatch'
needs: [blobber, validator]
runs-on: [ tests-suite ]
steps:
- name: "Get current PR"
uses: jwalton/gh-find-current-pr@v1
id: findPr
with:
github-token: ${{ github.token }}
- name: "Set PR status as pending"
uses: 0chain/actions/set-pr-status@master
if: steps.findPr.outputs.number
with:
pr_number: ${{ steps.findPr.outputs.pr }}
description: "System tests running with default config..."
state: "pending"
repository: ${{ github.repository }}
status_name: "0Chain System Tests"
target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
github_token: ${{ github.token }}
- name: "Setup"
run: |
if [[ "${{github.ref}}" == refs/pull/* ]]; then
tag=${GITHUB_REF/\/merge/}
echo "TAG=$(echo pr-${tag:10})" >> $GITHUB_ENV
else
echo "TAG=$(echo ${GITHUB_REF#refs/*/} | sed 's/\//-/g')" >> $GITHUB_ENV
fi
echo "BRANCH=$([ -z '${{ github.event.pull_request.head.sha }}' ] && echo ${GITHUB_REF#refs/*/} || echo $GITHUB_HEAD_REF)" >> $GITHUB_ENV
echo "SHORT_SHA=$(([ -z '${{ github.event.pull_request.head.sha }}' ] && echo $GITHUB_SHA || echo '${{ github.event.pull_request.head.sha }}') | head -c 8)" >> $GITHUB_ENV
echo "NETWORK_URL=$(echo dev-${RUNNER_NAME:(-1)}.devnet-0chain.net)" >> $GITHUB_ENV
echo "RUNNER_NUMBER=${RUNNER_NAME:(-1)}" >> $GITHUB_ENV
- name: "Deploy 0Chain"
uses: 0chain/actions/deploy-0chain@master
with:
repo_snapshots_branch: "<CURRENT BRANCH WITH FALLBACK TO CURRENT_SPRINT>"
kube_config: ${{ secrets[format('DEV{0}KC', env.RUNNER_NUMBER)] }}
teardown_condition: "TESTS_PASSED"
blobber_image: ${{ env.TAG }}-${{ env.SHORT_SHA }}
validator_image: ${{ env.TAG }}-${{ env.SHORT_SHA }}
SUBGRAPH_API_URL: ${{ secrets.SUBGRAPH_API_URL }}
TENDERLY_FORK_ID: ${{ secrets.TENDERLY_FORK_ID }}
graphnode_sc: ${{ secrets.GRAPHNODE_SC }}
graphnode_network: ${{ secrets.GRAPHNODE_NETWORK }}
graphnode_ethereum_node_url: https://rpc.tenderly.co/fork/${{ secrets.TENDERLY_FORK_ID }}
svc_account_secret: ${{ secrets.SVC_ACCOUNT_SECRET }}
- name: "Run System tests"
uses: 0chain/actions/run-system-tests@master
with:
repo_snapshots_branch: "<CURRENT BRANCH WITH FALLBACK TO CURRENT_SPRINT>"
network: ${{ env.NETWORK_URL }}
svc_account_secret: ${{ secrets.SVC_ACCOUNT_SECRET }}
deploy_report_page: false
archive_results: true
run_flaky_tests: false
retry_failures: true
run_smoke_tests: ${{ github.ref != 'refs/heads/staging' && github.base_ref != 'staging' && github.ref != 'refs/heads/master' && github.base_ref != 'master' }}
TENDERLY_FORK_ID: ${{ secrets.TENDERLY_FORK_ID }}
DEVOPS_CHANNEL_WEBHOOK_URL: ${{ secrets.DEVOPS_CHANNEL_WEBHOOK_URL }}
S3_ACCESS_KEY: ${{ secrets.S3_ACCESS_KEY }}
S3_SECRET_KEY: ${{ secrets.S3_SECRET_KEY }}
- name: "Set PR status as ${{ job.status }}"
if: ${{ (success() || failure()) && steps.findPr.outputs.number }}
uses: 0chain/actions/set-pr-status@master
with:
pr_number: ${{ steps.findPr.outputs.pr }}
description: "System tests with default config ${{ job.status }}"
state: ${{ job.status }}
repository: ${{ github.repository }}
status_name: "0Chain System Tests"
target_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
github_token: ${{ github.token }}