forked from aptos-labs/aptos-core
-
Notifications
You must be signed in to change notification settings - Fork 1
178 lines (153 loc) · 9.39 KB
/
sdk-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
## IMPORTANT NOTE TO EDITORS OF THIS FILE ##
## If you are trying to change how this CI works, you MUST go read the important
## note at the top of docker-build-test.yaml. In short, to test this, you must temporarily
## change docker-build-test to use the pull_request trigger instead of pull_request_target.
## Make sure to add the CICD:CICD:build-images and CICD:run-e2e-tests labels to test
## this within an in-review PR.
## If the above approach is too slow (since you have to wait for the rust images
## to build), you can cut the iteration time dramatically by changing the envs
## - Replace env.IMAGE_TAG for a known image tag
## - env.GIT_SHA will resolve to that of your PR branch
name: "API + TS SDK CI"
on:
# This is called from within the docker-build-test.yaml workflow since we depend
# on the images having been built before this workflow runs.
workflow_call:
inputs:
GIT_SHA:
required: true
type: string
description: Use this to override the git SHA1, branch name (e.g. devnet) or tag to release the SDK from
pull_request:
paths:
- .github/workflows/sdk-release.yaml
env:
# This is the docker image tag that will be used for the SDK release.
# It is also used to pull the docker images for the CI.
IMAGE_TAG: ${{ inputs.GIT_SHA || 'devnet' }} # default to "devnet" tag when not running on workflow_call
GIT_SHA: ${{ inputs.GIT_SHA || github.event.pull_request.head.sha || github.sha }} # default to PR branch sha when not running on workflow_call
jobs:
# Confirm that the generated client within the TS SDK has been re-generated
# if there are any changes that would affect it within the PR / commit. If
# everything is checked in, run tests, build the SDK, and upload it to npmjs.
test-sdk-confirm-client-generated-publish:
runs-on: high-perf-docker
permissions:
contents: read
id-token: write
env:
APTOS_NODE_URL: http://127.0.0.1:8080/v1
APTOS_FAUCET_URL: http://127.0.0.1:8081
FAUCET_AUTH_TOKEN: ${{ secrets.DEVNET_TAP_AUTH_TOKEN }}
ANS_TEST_ACCOUNT_PRIVATE_KEY: "0x37368b46ce665362562c6d1d4ec01a08c8644c488690df5a17e13ba163e20221"
ANS_TEST_ACCOUNT_ADDRESS: "585fc9f0f0c54183b039ffc770ca282ebd87307916c215a3e692f2f8e4305e82"
steps:
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # pin@v3
with:
ref: ${{ env.GIT_SHA }}
- uses: aptos-labs/aptos-core/.github/actions/docker-setup@main
with:
GCP_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
GCP_SERVICE_ACCOUNT_EMAIL: ${{ secrets.GCP_SERVICE_ACCOUNT_EMAIL }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DOCKER_ARTIFACT_REPO: ${{ secrets.AWS_DOCKER_ARTIFACT_REPO }}
GIT_CREDENTIALS: ${{ secrets.GIT_CREDENTIALS }}
- uses: actions/setup-node@969bd2663942d722d85b6a8626225850c2f7be4b # pin@v3
with:
node-version-file: .node-version
registry-url: "https://registry.npmjs.org"
# Self hosted runners don't have pnpm preinstalled.
# https://github.com/actions/setup-node/issues/182
- uses: pnpm/action-setup@537643d491d20c2712d11533497cb47b2d0eb9d5 # pin https://github.com/pnpm/action-setup/releases/tag/v2.2.3
# When using high-perf-docker, the CI is actually run with two containers
# in a k8s pod, one for docker commands run in the CI steps (docker), and
# one for everything else (runner). These containers share some volume
# mounts, ${{ runner.temp }} is one of them. Writing the specs here ensures
# the docker run step writes to a same place that the runner can read from.
- run: mkdir -p ${{ runner.temp }}/specs
# Build the API specs.
- uses: nick-fields/retry@7f8f3d9f0f62fe5925341be21c2e8314fd4f7c7c # pin@v2
name: generate-yaml-spec
with:
max_attempts: 3
timeout_minutes: 20
command: docker run --rm --mount=type=bind,source=${{ runner.temp }}/specs,target=/specs ${{ secrets.GCP_DOCKER_ARTIFACT_REPO }}/tools:${IMAGE_TAG} aptos-openapi-spec-generator -f yaml -o /specs/spec.yaml
- uses: nick-fields/retry@7f8f3d9f0f62fe5925341be21c2e8314fd4f7c7c # pin@v2
name: generate-json-spec
with:
max_attempts: 3
timeout_minutes: 20
command: docker run --rm --mount=type=bind,source=${{ runner.temp }}/specs,target=/specs ${{ secrets.GCP_DOCKER_ARTIFACT_REPO }}/tools:${IMAGE_TAG} aptos-openapi-spec-generator -f json -o /specs/spec.json
# Confirm that the specs we built here are the same as those checked in.
- run: echo "If this step fails, run the following commands locally to fix it:"
- run: echo "cargo run -p aptos-openapi-spec-generator -- -f yaml -o api/doc/spec.yaml"
- run: echo "cargo run -p aptos-openapi-spec-generator -- -f json -o api/doc/spec.json"
- run: git diff --no-index --ignore-space-at-eol --ignore-blank-lines ${{ runner.temp }}/specs/spec.yaml api/doc/spec.yaml
- run: git diff --no-index --ignore-space-at-eol --ignore-blank-lines ${{ runner.temp }}/specs/spec.json api/doc/spec.json
# Set up dotenv file for tests (jest doesn't read env vars properly).
- run: echo "APTOS_NODE_URL=$APTOS_NODE_URL" >> ./ecosystem/typescript/sdk/.env
- run: echo "APTOS_FAUCET_URL=$APTOS_FAUCET_URL" >> ./ecosystem/typescript/sdk/.env
- run: echo "FAUCET_AUTH_TOKEN=$FAUCET_AUTH_TOKEN" >> ./ecosystem/typescript/sdk/.env
- run: echo "ANS_TEST_ACCOUNT_PRIVATE_KEY=$ANS_TEST_ACCOUNT_PRIVATE_KEY" >> ./ecosystem/typescript/sdk/.env
- run: echo "ANS_TEST_ACCOUNT_ADDRESS=$ANS_TEST_ACCOUNT_ADDRESS" >> ./ecosystem/typescript/sdk/.env
# These two have to be defined here and not in the env section because the runner
# context is only available here.
- run: echo "APTOS_INVOCATION='docker run -v ${{ runner.temp }}/ans:/tmp/ans --network host ${{ secrets.GCP_DOCKER_ARTIFACT_REPO }}/tools:${IMAGE_TAG} aptos'" >> ./ecosystem/typescript/sdk/.env
- run: echo "ANS_REPO_LOCATION=${{ runner.temp }}/ans" >> ./ecosystem/typescript/sdk/.env
- run: cp ./ecosystem/typescript/sdk/.env ./ecosystem/typescript/sdk/examples/typescript/.env
- run: cp ./ecosystem/typescript/sdk/.env ./ecosystem/typescript/sdk/examples/javascript/.env
# Run package install. If install fails, it probably means the lockfile
# was not included in the commit.
- run: cd ./ecosystem/typescript/sdk && pnpm install --frozen-lockfile
# Ensure any changes to the generated client were checked in.
- run: cd ./ecosystem/typescript/sdk && pnpm generate-client -o /tmp/generated_client
- run: echo "If this step fails, run the following command locally to fix it:"
- run: echo "cd ecosystem/typescript/sdk && pnpm generate-client"
- run: git diff --no-index --ignore-space-at-eol --ignore-blank-lines ./ecosystem/typescript/sdk/src/generated/ /tmp/generated_client/
# Run a local testnet built from the same commit.
- run: docker run -p 8080:8080 -p 8081:8081 --name=local-testnet --detach ${{ secrets.GCP_DOCKER_ARTIFACT_REPO }}/tools:${IMAGE_TAG} aptos node run-local-testnet --with-faucet
# Wait for the API and faucet to startup.
- run: npm install -g wait-on
- run: wait-on -t 60000 --httpTimeout 60000 http-get://127.0.0.1:8080/v1
- run: wait-on -t 60000 --httpTimeout 60000 http-get://127.0.0.1:8081
# Run the TS SDK tests and confirm the build works.
- uses: nick-fields/retry@7f8f3d9f0f62fe5925341be21c2e8314fd4f7c7c # pin@v2
name: sdk-pnpm-test
with:
max_attempts: 3
timeout_minutes: 20
command: cd ./ecosystem/typescript/sdk && pnpm run test:ci
- run: cd ./ecosystem/typescript/sdk && pnpm build
# Confirm the Rust API client examples pass.
- uses: aptos-labs/aptos-core/.github/actions/rust-setup@main
- run: cargo run -p aptos-rest-client --example account -- --api-url http://127.0.01:8080
- name: Print docker-compose testnet logs on failure
if: ${{ failure() }}
working-directory: docker/compose/validator-testnet
run: docker logs local-testnet
# Run the TS SDK indexer tests. Note: indexer service can be flaky and we
# dont want those tests to be land blocking for any PR on the aptos repo.
# This is why we run those tests separate from
# test-sdk-confirm-client-generated-publish.
run-indexer-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # pin@v3
with:
ref: ${{ env.GIT_SHA }}
- uses: actions/setup-node@969bd2663942d722d85b6a8626225850c2f7be4b # pin@v3
with:
node-version-file: .node-version
registry-url: "https://registry.npmjs.org"
- uses: pnpm/action-setup@537643d491d20c2712d11533497cb47b2d0eb9d5 # pin https://github.com/pnpm/action-setup/releases/tag/v2.2.3
# Run package install. If install fails, it probably means the lockfile
# was not included in the commit.
- run: cd ./ecosystem/typescript/sdk && pnpm install --frozen-lockfile
# Run indexer tests.
- uses: nick-fields/retry@7f8f3d9f0f62fe5925341be21c2e8314fd4f7c7c # pin@v2
name: ts-sdk-indexer-test
with:
max_attempts: 3
timeout_minutes: 20
command: cd ./ecosystem/typescript/sdk && pnpm run test:indexer