Skip to content

Build proxy docker image #2797

Build proxy docker image

Build proxy docker image #2797

Workflow file for this run

name: Build proxy docker image
on:
workflow_dispatch:
inputs:
full_test_suite:
default: "false"
required: true
description: "Run full test suite"
evm_sha_tag:
required: false
description: "Neon EVM commit"
evm_tag:
required: false
description: "Neon EVM branch image tag"
evm_pr_version_branch:
required: false
description: "Neon EVM base branch for PR to version branch"
initial_pr:
required: false
description: "Initial PR"
pull_request:
types: [opened, reopened, synchronize, labeled, unlabeled, ready_for_review]
push:
branches:
- master
- develop
- '[vt][0-9].[0-9]+.[0-9x]+*'
tags:
- "*"
env:
DEFAULT_NEON_EVM_TAG: "latest"
DEFAULT_FAUCET_TAG: "latest"
AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
AWS_DEFAULT_REGION: ${{secrets.AWS_DEFAULT_REGION}}
AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}}
DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}}
BUILD_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
NEON_TEST_IMAGE: ${{vars.DOCKERHUB_ORG_NAME}}/neon_tests
TF_VAR_run_number: ${{ github.run_number }}
TF_VAR_ci_pp_solana_url: ${{secrets.DEVNET_INTERNAL_RPC}}
TF_VAR_neon_evm_commit: "latest"
TF_VAR_faucet_model_commit: ${{vars.FAUCET_COMMIT}}
TV_VAR_dockerhub_org_name: ${{vars.DOCKERHUB_ORG_NAME}}
TF_VAR_proxy_image_name: "neon-proxy.py"
HCLOUD_TOKEN: ${{secrets.HCLOUD_TOKEN}}
DOCKERHUB_ORG_NAME: ${{vars.DOCKERHUB_ORG_NAME}}
PROXY_IMAGE_NAME: "neon-proxy.py"
NEON_TESTS_IMAGE: "neon_tests"
FAUCET_COMMIT: ${{vars.FAUCET_COMMIT}}
GH_ORG_NAME: ${{vars.GH_ORG_NAME}}
IMAGE_NAME: ${{vars.IMAGE_NAME}}
NEON_TEST_INVOKE_PROGRAM_IMAGE: ${{vars.NEON_TEST_INVOKE_PROGRAM_IMAGE}}
NEON_TEST_RUN_LINK: ${{vars.NEON_TEST_RUN_LINK}}
NEON_TESTS_ENDPOINT: ${{vars.NEON_TESTS_ENDPOINT}}
TFSTATE_BUCKET: ${{vars.TFSTATE_BUCKET}}
TFSTATE_KEY_PREFIX: ${{vars.TFSTATE_KEY_PREFIX}}
TFSTATE_REGION: ${{vars.TFSTATE_REGION}}
GITHUB_RUN_NUMBER: ${{ github.run_number }}
TEST_RESULTS_DB_HOST: ${{ secrets.TEST_RESULTS_DB_HOST }}
TEST_RESULTS_DB_PORT: ${{ secrets.TEST_RESULTS_DB_PORT }}
TEST_RESULTS_DB_NAME: ${{ secrets.TEST_RESULTS_DB_NAME }}
TEST_RESULTS_DB_USER: ${{ secrets.TEST_RESULTS_DB_USER }}
TEST_RESULTS_DB_PASSWORD: ${{ secrets.TEST_RESULTS_DB_PASSWORD }}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}${{ github.event.inputs.evm_sha_tag }}
cancel-in-progress: true
jobs:
build-image:
runs-on: build-runner
outputs:
proxy_tag: ${{ steps.tags.outputs.proxy_tag }}
proxy_sha_tag: ${{ steps.tags.outputs.proxy_sha_tag }}
proxy_pr_version_branch: ${{ steps.tags.outputs.proxy_pr_version_branch }}
is_proxy_release: ${{ steps.tags.outputs.is_proxy_release }}
evm_tag: ${{ steps.tags.outputs.evm_tag }}
evm_sha_tag: ${{ steps.tags.outputs.evm_sha_tag }}
evm_pr_version_branch: ${{ steps.tags.outputs.evm_pr_version_branch }}
faucet_tag: ${{ steps.tags.outputs.faucet_tag }}
neon_test_tag: ${{ steps.tags.outputs.neon_test_tag }}
full_test_suite: ${{ steps.full_test_suite.outputs.value }}
dapps_list: ${{ steps.dapps_list.outputs.dapps_list }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: output branches name
run: |
echo "neon_evm_tag/branch = ${{ github.event.inputs.evm_tag }}"
echo "proxy_branch = ${{ github.ref }}"
- name: Specify image tags
run: |
python3 ./.github/workflows/deploy.py specify_image_tags \
--git_sha=${{ github.sha }} \
--git_ref=${{ github.ref }} \
--git_head_ref=${{ github.head_ref }} \
--git_base_ref=${{ github.base_ref }} \
--evm_sha_tag=${{ github.event.inputs.evm_sha_tag }} \
--evm_tag=${{ github.event.inputs.evm_tag }} \
--default_evm_tag=${DEFAULT_NEON_EVM_TAG} \
--default_faucet_tag=${DEFAULT_FAUCET_TAG}
- name: Set outputs
id: tags
run: |
echo "proxy_tag=${{ env.PROXY_TAG }}" >> "$GITHUB_OUTPUT"
echo "proxy_sha_tag=${{ env.PROXY_SHA_TAG }}" >> "$GITHUB_OUTPUT"
echo "proxy_pr_version_branch=${{ env.PROXY_PR_VERSION_BRANCH }}" >> "$GITHUB_OUTPUT"
echo "is_proxy_release=${{ env.IS_PROXY_RELEASE }}" >> "$GITHUB_OUTPUT"
echo "evm_tag=${{ env.EVM_TAG }}" >> "$GITHUB_OUTPUT"
echo "evm_sha_tag=${{ env.EVM_SHA_TAG }}" >> "$GITHUB_OUTPUT"
echo "evm_pr_version_branch=${{ github.event.inputs.evm_pr_version_branch }}" >> "$GITHUB_OUTPUT"
echo "faucet_tag=${{ env.FAUCET_TAG }}" >> "$GITHUB_OUTPUT"
echo "neon_test_tag=${{ env.NEON_TEST_TAG }}" >> "$GITHUB_OUTPUT"
- name: Define test set
id: full_test_suite
run: |
if [[ "${{ contains(github.event.pull_request.labels.*.name, 'fullTestSuite') }}" == "true" || "${{ github.event.inputs.full_test_suite }}" == "true" ||
("${{ github.ref_name }}" == 'develop' && "${{github.event.inputs.evm_sha_tag }}" == "") ||
"${{ steps.tags.outputs.is_proxy_release }}" == "True" || "${{ steps.tags.outputs.proxy_pr_version_branch }}" != "" ]]; then
value=true
else
value=false
fi;
echo "value=${value}"
echo "value=${value}" >> $GITHUB_OUTPUT
- name: Define dapps tests list
id: dapps_list
run: |
default="aave-v2,saddle,uniswap-v3"
extended=",uniswap-v2,yearn,compound,robonomics,curve,saddle,pancake"
result=$( (${{ steps.full_test_suite.outputs.value }} && echo "${default}${extended}") || echo "${default}" )
echo "dapps_list=$result" >> $GITHUB_OUTPUT
echo "dapps_list=$result"
- name: Build docker image
run: |
python3 ./.github/workflows/deploy.py build_docker_image \
--evm_tag=${{ steps.tags.outputs.evm_sha_tag || steps.tags.outputs.evm_tag }} \
--proxy_tag=${{ steps.tags.outputs.proxy_sha_tag }}
- name: Publish image
run: |
python3 ./.github/workflows/deploy.py publish_image \
--proxy_sha_tag=${{ steps.tags.outputs.proxy_sha_tag }} \
--proxy_tag=${{ steps.tags.outputs.proxy_tag }}
deploy-check:
needs:
- build-image
runs-on: test-runner
steps:
- uses: actions/checkout@v4
- name: deploy_check
timeout-minutes: 60
run: |
python3 ./.github/workflows/deploy.py deploy_check \
--proxy_tag=${{ needs.build-image.outputs.proxy_sha_tag }}
- name: canceling the build if job failed
if: "failure()"
uses: "andymckay/[email protected]"
prepare-infrastructure:
needs:
- build-image
timeout-minutes: 15
runs-on: test-runner
steps:
- uses: actions/checkout@v4
- name: Add private key
run: |
echo "${{ secrets.CI_STANDS_KEY_HCLOUD }}" > ${HOME}/.ssh/ci-stands
chmod 600 ${HOME}/.ssh/ci-stands
- name: Remove known_host
run: rm -f ${HOME}/.ssh/known_hosts
- name: Terraform build infrastructure
id: terraform
run: |
python3 ./.github/workflows/deploy.py terraform_infrastructure \
--proxy_tag=${{ needs.build-image.outputs.proxy_sha_tag }} \
--evm_tag=${{ needs.build-image.outputs.evm_sha_tag || needs.build-image.outputs.evm_tag }} \
--faucet_tag=${{ needs.build-image.outputs.faucet_tag }} \
--run_number=${{ env.GITHUB_RUN_NUMBER }}
- name: Set outputs
id: share
env:
SOLANA_IP: ${{ env.SOLANA_IP }}
PROXY_IP: ${{ env.PROXY_IP }}
run: |
echo "solana_ip=${{ env.SOLANA_IP }}" >> $GITHUB_OUTPUT
echo "proxy_ip=${{ env.PROXY_IP }}" >> $GITHUB_OUTPUT
- uses: actions/upload-artifact@v4
if: always()
with:
name: Terraform infrastructure logs
path: ./terraform.log
outputs:
solana_ip: ${{ steps.share.outputs.solana_ip }}
proxy_ip: ${{ steps.share.outputs.proxy_ip }}
openzeppelin-tests:
if: needs.build-image.outputs.full_test_suite=='true'
needs:
- prepare-infrastructure
- build-image
runs-on: test-runner
env:
SOLANA_IP: ${{ needs.prepare-infrastructure.outputs.solana_ip }}
PROXY_IP: ${{ needs.prepare-infrastructure.outputs.proxy_ip }}
CONTAINER: oz-${{ github.run_id }}
NETWORK: terraform
steps:
- name: Pull docker image
run: docker pull ${{ env.NEON_TEST_IMAGE }}:${{ needs.build-image.outputs.neon_test_tag }}
- name: Run docker container
run: |
docker run -i -e PROXY_IP=${{env.PROXY_IP}} \
-e SOLANA_IP=${{env.SOLANA_IP}} \
-e NETWORK=${{env.NETWORK}} \
-d --name=${{ env.CONTAINER }} ${{ env.NEON_TEST_IMAGE }}:${{ needs.build-image.outputs.neon_test_tag }} /bin/bash
- name: Run OpenZeppelin tests
run: |
docker exec -i -e PROXY_IP=${{env.PROXY_IP}} \
-e SOLANA_IP=${{env.SOLANA_IP}} \
-e NETWORK=${{env.NETWORK}} \
${{ env.CONTAINER }} python3 ./clickfile.py run oz \
--network ${{ env.NETWORK }} \
--jobs 8 \
--users 10
- name: Print OpenZeppelin report
run: |
docker exec -i ${{ env.CONTAINER }} python3 ./clickfile.py oz report
- name: Analyze tests results
run: |
docker exec -i ${{ env.CONTAINER }} python3 ./clickfile.py oz analyze
- name: "Archive report"
if: always()
run: |
docker exec -i ${{ env.CONTAINER }} tar -czvf ./allure-results.tar.gz /opt/neon-tests/allure-results
docker cp ${{ env.CONTAINER }}:/opt/neon-tests/allure-results.tar.gz ./
- uses: actions/upload-artifact@v4
if: always()
with:
name: FTS allure report
path: allure-results.tar.gz
- name: Remove docker container
if: always()
run: docker rm -f ${{ env.CONTAINER }}
- name: canceling the build if job failed
if: "failure()"
uses: "andymckay/[email protected]"
basic-tests:
needs:
- prepare-infrastructure
- build-image
runs-on: test-runner
env:
SOLANA_IP: ${{ needs.prepare-infrastructure.outputs.solana_ip }}
PROXY_IP: ${{ needs.prepare-infrastructure.outputs.proxy_ip }}
NUMPROCESSES: 12
CONTAINER: basic-${{ github.run_id }}
NETWORK: terraform
steps:
- name: Determine Cost Report Generation
run: |
echo "GENERATE_COST_REPORT=true" >> $GITHUB_ENV
- name: Run docker container
run: |
image="${{ env.NEON_TEST_IMAGE }}:${{ needs.build-image.outputs.neon_test_tag }}"
docker pull $image
docker run -i -d -e PROXY_IP=${{ env.PROXY_IP }} -e SOLANA_IP=${{ env.SOLANA_IP }} \
--name=${{ env.CONTAINER }} $image /bin/bash
- name: Run basic tests
run: |
CMD="python3 ./clickfile.py run basic --network ${{ env.NETWORK }} --numprocesses ${{ env.NUMPROCESSES }}"
if [[ "${{ env.GENERATE_COST_REPORT }}" == "true" ]]; then
CMD="$CMD --cost_reports_dir reports/cost_reports"
fi
docker exec -i ${{ env.CONTAINER }} $CMD
- name: Copy cost reports from container
if: ${{ env.GENERATE_COST_REPORT == 'true' }}
run: |
mkdir -p ./reports/cost_reports/ && \
docker cp ${{ env.CONTAINER }}:/opt/neon-tests/reports/cost_reports/. ./reports/cost_reports/
- name: Upload cost reports as artifacts
if: ${{ env.GENERATE_COST_REPORT == 'true' }}
uses: actions/upload-artifact@v4
with:
name: cost-reports
path: reports/cost_reports/**.json
- name: Swap Cost Reports and echo to Summary
if: ${{ env.GENERATE_COST_REPORT == 'true' }}
run: |
docker exec -i -e NETWORK=${{ env.NETWORK }} ${{ env.CONTAINER }} \
python3 ./clickfile.py dapps save_dapps_cost_report_to_md \
--directory reports/cost_reports && \
docker exec -i ${{ env.CONTAINER }} cat cost_reports.md >> $GITHUB_STEP_SUMMARY
- name: "Save Cost Report to DB"
id: save-cost-report-to-db
if: ${{ env.GENERATE_COST_REPORT == 'true' }}
run: |
docker exec -i \
-e NETWORK=${{ env.NETWORK }} \
-e TEST_RESULTS_DB_HOST=${{ env.TEST_RESULTS_DB_HOST }} \
-e TEST_RESULTS_DB_PORT=${{ env.TEST_RESULTS_DB_PORT }} \
-e TEST_RESULTS_DB_NAME=${{ env.TEST_RESULTS_DB_NAME }} \
-e TEST_RESULTS_DB_USER=${{ env.TEST_RESULTS_DB_USER }} \
-e TEST_RESULTS_DB_PASSWORD=${{ env.TEST_RESULTS_DB_PASSWORD }} \
${{ env.CONTAINER }} \
python3 ./clickfile.py dapps save_dapps_cost_report_to_db \
--directory="reports/cost_reports" \
--repo="${{ needs.build-image.outputs.evm_sha_tag == '' && 'proxy' || 'evm' }}" \
--evm_tag="${{ needs.build-image.outputs.evm_tag }}" \
--proxy_tag="${{ needs.build-image.outputs.proxy_tag }}" \
--evm_commit_sha="${{ needs.build-image.outputs.evm_sha_tag }}" \
--proxy_commit_sha="${{ needs.build-image.outputs.proxy_sha_tag }}"
- name: Remove docker container
if: always()
run: docker rm -f ${{ env.CONTAINER }}
- name: canceling the build if job failed
if: "failure()"
uses: "andymckay/[email protected]"
dapps-tests:
needs:
- prepare-infrastructure
- build-image
uses: neonlabsorg/neon-tests/.github/workflows/dapps_reusable.yml@develop
secrets: inherit
with:
network: custom
dapps: ${{ needs.build-image.outputs.dapps_list }}
proxy_url: "http://${{ needs.prepare-infrastructure.outputs.proxy_ip }}:9090/solana"
solana_url: "http://${{ needs.prepare-infrastructure.outputs.solana_ip }}:8899/"
faucet_url: "http://${{ needs.prepare-infrastructure.outputs.proxy_ip }}:3333/"
network_id: "111"
pr_url_for_report: ${{ github.event.inputs.initial_pr }}
proxy_ip: ${{ needs.prepare-infrastructure.outputs.proxy_ip }}
solana_ip: ${{ needs.prepare-infrastructure.outputs.solana_ip }}
external_call: true
repo: ${{ needs.build-image.outputs.evm_sha_tag == '' && 'proxy' || 'evm' }}
evm_tag: ${{ needs.build-image.outputs.evm_tag }}
evm_sha_tag: ${{ needs.build-image.outputs.evm_sha_tag }}
proxy_tag: ${{ needs.build-image.outputs.proxy_tag }}
proxy_sha_tag: ${{ needs.build-image.outputs.proxy_sha_tag }}
proxy_pr_version_branch: ${{ needs.build-image.outputs.proxy_pr_version_branch }}
evm_pr_version_branch: ${{ needs.build-image.outputs.evm_pr_version_branch }}
requests-report:
needs:
- prepare-infrastructure
- basic-tests
- build-image
- dapps-tests
- openzeppelin-tests
if: |
always() &&
contains(fromJSON('["success", "skipped"]'), needs.openzeppelin-tests.result) &&
contains(fromJSON('["success", "skipped"]'), needs.dapps-tests.result)
runs-on: test-runner
env:
SOLANA_IP: ${{ needs.prepare-infrastructure.outputs.solana_ip }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Request report
id: request_report
run: |
stats=$(python3 ./.github/workflows/deploy.py parse_logs --solana_ip=${{ env.SOLANA_IP }})
echo "stats<<EOF" >> $GITHUB_OUTPUT
echo "$stats" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
echo "stats=$stats"
if [[ "${{ github.event.inputs.initial_pr }}" != "" ]]; then
echo "pull_request=${{ github.event.inputs.initial_pr }}" >> $GITHUB_OUTPUT
else
echo "pull_request=${{ github.event.pull_request.issue_url }}/comments" >> $GITHUB_OUTPUT
fi;
- name: "Post a comment with the report"
run: |
python3 ./.github/workflows/deploy.py post_comment --message="${{ steps.request_report.outputs.stats }}" \
--pull_request="${{ steps.request_report.outputs.pull_request }}" \
--token=${{ secrets.GHTOKEN }}
destroy-terraform:
needs:
- prepare-infrastructure
- openzeppelin-tests
- basic-tests
- requests-report
- dapps-tests
- build-image
runs-on: test-runner
if: always()
env:
SOLANA_IP: ${{ needs.prepare-infrastructure.outputs.solana_ip }}
PROXY_IP: ${{ needs.prepare-infrastructure.outputs.proxy_ip }}
steps:
- uses: actions/checkout@v4
- name: Add private key
run: |
echo "${{ secrets.CI_STANDS_KEY_HCLOUD }}" > ${HOME}/.ssh/ci-stands
chmod 644 ${HOME}/.ssh/ci-stands
- name: Get container logs
if: always()
run: python3 ./.github/workflows/deploy.py get_container_logs
- uses: actions/upload-artifact@v4
if: always()
with:
name: FTS docker logs
path: ./logs/*
- name: Set output
id: vars
run: echo "bname=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
- name: Destroy terraform infrastructure
if: ${{always() && needs.prepare-infrastructure.result != 'skipped'}}
run: |
python3 ./.github/workflows/deploy.py destroy_terraform \
--run_number=${{env.GITHUB_RUN_NUMBER}} \
--proxy_tag=${{ needs.build-image.outputs.proxy_sha_tag }}
finalize-image:
runs-on: build-runner
needs:
- build-image
- openzeppelin-tests
- basic-tests
- dapps-tests
- deploy-check
if: |
always() &&
needs.deploy-check.result == 'success' &&
needs.basic-tests.result == 'success' &&
needs.dapps-tests.result == 'success' &&
contains(fromJSON('["success", "skipped"]'), needs.openzeppelin-tests.result)
steps:
- uses: actions/checkout@v4
- name: Tag published image if tag is latest or version
run: |
python3 ./.github/workflows/deploy.py finalize_image \
--proxy_sha_tag=${{ needs.build-image.outputs.proxy_sha_tag }} \
--proxy_tag=${{ needs.build-image.outputs.proxy_tag }}
notification:
runs-on: build-runner
needs:
- finalize-image
- openzeppelin-tests
- basic-tests
- dapps-tests
- deploy-check
- build-image
if: |
failure() && needs.build-image.outputs.full_test_suite == 'true'
steps:
- uses: actions/checkout@v4
- name: Send notification to slack
run: |
python3 ./.github/workflows/deploy.py send_notification \
--url=${{secrets.SLACK_PROXY_CHANNEL_URL}} \
--build_url=${BUILD_URL}