Skip to content

[RELEASE] 0.12.0

[RELEASE] 0.12.0 #2609

Workflow file for this run

---
name: ♻ CI Run
on:
pull_request:
env:
# ----------------------------------------------------------------------------
# CI/CD
ARGOCD_URL: "${{ secrets.ARGOCD_URL }}"
ARGOCD_ACCESS_TOKEN: "${{ secrets.ARGOCD_ACCESS_TOKEN }}"
GITLAB_PAT_OCTANT_K8S_DEVOPS_REPOSITORY_WRITE: "${{ secrets.GITLAB_PAT_OCTANT_K8S_DEVOPS_REPOSITORY_WRITE }}"
jobs:
stop-api-env:
name: Stop APITest Env
needs:
- start-apitest-env
- run-api-tests
if: always() && (needs.start-apitest-env.result == 'success')
uses: ./.github/workflows/tpl-destroy-env.yml
secrets: inherit
with:
env-type: apitest
pull-request-id: ${{ github.event.pull_request.number }}
workflow-id: ${{ github.run_id }}
run-api-tests:
name: Run API Tests
needs:
- deploy-apitest-env
runs-on:
- general
container:
image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179
credentials:
username: "doesnt-matter"
password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}"
env:
ENV_TYPE: apitest
CI_MERGE_REQUEST_IID: ${{ github.event.pull_request.number }}
CI_PIPELINE_ID: ${{ github.run_id }}
OCTANT_ENV: dev
CHAIN_ID: 1337
CHAIN_NAME: localhost
GC_PASSPORT_SCORER_ID: "${{ secrets.GITCOIN_SCORER_ID }}"
GC_PASSPORT_SCORER_API_KEY: "${{ secrets.GITCOIN_SCORER_API_KEY }}"
DELEGATION_SALT: "${{ secrets.DELEGATION_SALT }}"
DELEGATION_SALT_PRIMARY: "${{ secrets.DELEGATION_SALT_PRIMARY }}"
SABLIER_SEPOLIA_SUBGRAPH_URL: "${{ secrets.SABLIER_SEPOLIA_SUBGRAPH_URL }}"
SABLIER_SENDER_ADDRESS: "0x4BEbdb9792ed50eBB00611083ba384F05791a9FB"
steps:
- uses: actions/[email protected]
- uses: actions/cache/restore@v4
with:
path: backend/.venv
key: "${{ github.sha }}-poetry-backend"
- name: Run API tests
run: |
set -ex
export CI_PROJECT_DIR="${GITHUB_WORKSPACE}"
source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE
pushd backend
poetry config virtualenvs.in-project true
poetry install --no-interaction --no-ansi -v --with prod --with dev
bash ${CI_PROJECT_DIR}/ci/argocd/wait_for_app.sh
export CONTRACTS_DEPLOYER_URL; CONTRACTS_DEPLOYER_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_multideployer_url.sh)
export ETH_RPC_PROVIDER_URL; ETH_RPC_PROVIDER_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_rpc_url.sh)
export SUBGRAPH_URL; SUBGRAPH_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_graph_url.sh)
poetry run pytest -s --onlyapi
shell: bash
deploy-apitest-env:
name: Deploy APITest Env
needs:
- docker
- start-apitest-env
uses: ./.github/workflows/tpl-deploy-app.yml
with:
# ---
env-type: apitest
branch-head-ref: ${{ github.ref }}
image-tag: ${{ github.sha }}
pull-request-id: ${{ github.event.pull_request.number }}
workflow-id: ${{ github.run_id }}
env-id: ${{ needs.start-apitest-env.outputs.env-id }}
deployment-id: ${{ needs.start-apitest-env.outputs.deployment-id }}
# ---
deploy-contracts: false
chain-id: 1337
network-name: localhost
chain-name: localhost
snapshotter-enabled: false
multisigger-enabled: false
web-client-replicas: 0
coin-prices-server-replicas: 0
backend-server-replicas: 0
multideployer-enabled: true
subgraph-deploy: false
graph-healtchecker-enabled: false
secrets: inherit
start-apitest-env:
name: Start APITest Env
needs:
- permissions-check
uses: ./.github/workflows/tpl-start-env.yml
secrets: inherit
with:
env-type: apitest
git-ref: ${{ github.ref }}
pull-request-id: ${{ github.event.pull_request.number }}
workflow-id: ${{ github.run_id }}
docker:
name: Docker
needs:
- permissions-check
uses: ./.github/workflows/tpl-images.yml
secrets: inherit
with:
image-tag: ${{ github.sha }}
git-ref: ${{ github.ref }}
# +-------------------------
# | Tests: NodeJS
# +-------------------------
nodejs-tests:
name: NodeJS Tests
needs:
- lint-and-typecheck-yarn
runs-on:
- general
container:
image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:aa8eeade
credentials:
username: "doesnt-matter"
password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}"
strategy:
matrix:
SERVICE:
- contracts-v1
- client
- coin-prices-server
- subgraph
steps:
- uses: actions/[email protected]
- uses: actions/cache/restore@v4
with:
path: |-
node_modules
.yarn
key: "${{ github.sha }}-yarn-root"
- uses: actions/cache/restore@v4
with:
path: |-
${{ matrix.SERVICE }}/.yarn
${{ matrix.SERVICE }}/node-modules
key: "${{ github.sha }}-yarn-${{ matrix.SERVICE }}"
- uses: actions/cache/restore@v4
with:
path: |-
contracts-v1/artifacts
contracts-v1/typechain
key: "${{ github.sha }}-yarn-contracts-v1-extras"
- run: |
cd ${{ matrix.SERVICE }}
yarn install --cache-folder .yarn --non-interactive --frozen-lockfile
yarn test
shell: bash
# +-------------------------
# | Tests: Backend
# +-------------------------
backend-tests:
name: Backend Tests
needs:
- lint-and-typecheck-poetry
runs-on:
- general
container:
image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179
credentials:
username: "doesnt-matter"
password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}"
steps:
- uses: actions/[email protected]
- uses: actions/cache/restore@v4
with:
path: backend/.venv
key: "${{ github.sha }}-poetry-backend"
- run: |
pushd backend
poetry config virtualenvs.in-project true
poetry install
poetry run pytest
shell: bash
# +-------------------------
# | Lint: poetry
# +-------------------------
lint-and-typecheck-poetry:
name: Lint and Typecheck Poetry
needs:
- build-backend
runs-on:
- general
container:
image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179
credentials:
username: "doesnt-matter"
password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}"
steps:
- uses: actions/[email protected]
- uses: actions/cache/restore@v4
with:
path: backend/.venv
key: "${{ github.sha }}-poetry-backend"
- run: |
pushd backend
poetry config virtualenvs.in-project true
poetry install
poetry run black --check --extend-exclude .venv .
poetry run flake8
shell: bash
# +-------------------------
# | Lint: yarn
# +-------------------------
lint-and-typecheck-yarn:
name: Lint and Typecheck Yarn
needs:
- build-contracts
- build-services
runs-on:
- general
container:
image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:aa8eeade
credentials:
username: "doesnt-matter"
password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}"
strategy:
matrix:
SERVICE:
- contracts-v1
- client
- coin-prices-server
- subgraph
steps:
- uses: actions/[email protected]
- uses: actions/cache/restore@v4
with:
path: |-
node_modules
.yarn
key: "${{ github.sha }}-yarn-root"
- uses: actions/cache/restore@v4
with:
path: |-
${{ matrix.SERVICE }}/.yarn
${{ matrix.SERVICE }}/node-modules
key: "${{ github.sha }}-yarn-${{ matrix.SERVICE }}"
- uses: actions/cache/restore@v4
with:
path: |-
contracts-v1/artifacts
contracts-v1/typechain
key: "${{ github.sha }}-yarn-contracts-v1-extras"
- run: |
pushd ${{ matrix.SERVICE }}
yarn install --cache-folder .yarn --non-interactive --frozen-lockfile
yarn eslint
yarn type-check
shell: bash
# +-------------------------
# | Build
# | client
# | cps
# | subgraph
# +-------------------------
build-services:
name: Build Services
needs:
- build-contracts
runs-on:
- general
container:
image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:aa8eeade
credentials:
username: "doesnt-matter"
password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}"
strategy:
matrix:
SERVICE:
- client
- coin-prices-server
- subgraph
steps:
- uses: actions/[email protected]
- uses: actions/cache/restore@v4
with:
path: |-
node_modules
.yarn
key: "${{ github.sha }}-yarn-root"
- run: ci/build_${{ matrix.SERVICE }}.sh
- uses: actions/cache/save@v4
with:
path: |-
${{ matrix.SERVICE }}/.yarn
${{ matrix.SERVICE }}/node-modules
key: "${{ github.sha }}-yarn-${{ matrix.SERVICE }}"
# +-------------------------
# | Build backend
# +-------------------------
build-backend:
name: Build Services
runs-on:
- general
needs:
- permissions-check
container:
image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179
credentials:
username: "doesnt-matter"
password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}"
steps:
- uses: actions/[email protected]
- run: ci/build_backend.sh
- uses: actions/cache/save@v4
with:
path: backend/.venv
key: "${{ github.sha }}-poetry-backend"
# +-------------------------
# | Build contracts
# +-------------------------
build-contracts:
name: Build Contracts
runs-on:
- general
needs:
- permissions-check
container:
image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:aa8eeade
credentials:
username: "doesnt-matter"
password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}"
steps:
- uses: actions/[email protected]
- run: ci/build_contracts_v1.sh
- uses: actions/cache/save@v4
with:
path: |-
node_modules
.yarn
key: "${{ github.sha }}-yarn-root"
- uses: actions/cache/save@v4
with:
path: |-
contracts-v1/.yarn
contracts-v1/node_modules
key: "${{ github.sha }}-yarn-contracts-v1"
- uses: actions/cache/save@v4
with:
path: |-
contracts-v1/artifacts
contracts-v1/typechain
key: "${{ github.sha }}-yarn-contracts-v1-extras"
permissions-check:
name: Permissions check
runs-on:
- general
steps:
- name: Check if user is an org member
uses: actions/github-script@v7
id: is-organization-member-pr
with:
result-encoding: string
github-token: ${{ secrets.GH_BOT_TOKEN }}
script: |
return (
await github.rest.orgs.listMembers({
org: 'golemfoundation'
})
).data.map(({login}) => login).includes('${{ github.event.pull_request.user.login }}').toString()
# - name: Check if user is an org member
# uses: actions/github-script@v7
# id: is-organization-member-review
# with:
# result-encoding: string
# script: |
# return (
# await github.rest.orgs.listMembers({
# org: 'golemfoundation'
# })
# ).data.map(({login}) => login).includes('${{ github.event.pull_request_review.sender.login }}').toString()
- name: Validate CI run checks
run: |
if [[ "${{ github.event_name }}" == "pull_request" && "${{ steps.is-organization-member-pr.outputs.result }}" == "false" ]]; then
echo 'Not an org member'
exit 1
fi
# if [[ "${{ github.event_name }}" == "pull_request_review" && "${{ steps.is-organization-member-review.outputs.result }}" == "false" && "${{ github.event.review.state }}" == "approved" ]]; then
# echo 'Not an org member'
# exit 2
# fi
shell: bash