Skip to content
Not earthly ci

fix: install cargo-chef unconditionally - ETCM-7736 #82

Sign in to view logs

fix: install cargo-chef unconditionally - ETCM-7736

fix: install cargo-chef unconditionally - ETCM-7736 #82

Workflow file for this run

.github/workflows/not-earthly.yml at a5917f5
name: Not earthly ci
on:
pull_request:
types: [opened, synchronize, reopened, closed]
branches:
- master
workflow_dispatch:
inputs:
upload:
description: "Upload the container to our registry"
default: false
type: boolean
env:
AWS_REGION: "eu-central-1"
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
jobs:
build-and-push-without-earthly:
# runs-on: [self-hosted, ubuntu]
runs-on: ubuntu-latest
if: github.event.action != 'closed' || github.event.pull_request.merged == true
concurrency:
group: pr-${{ github.event.pull_request.number }}-author-${{ github.event.pull_request.user.login }}
cancel-in-progress: true
permissions:
id-token: write
contents: write
steps:
- name: Checkout partner-chains
uses: actions/checkout@v4
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y protobuf-compiler
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
source $HOME/.cargo/env
rustup target add x86_64-unknown-linux-gnu
- name: Build partner-chains-node
run: |
cargo build -p partner-chains-node --locked --release --target x86_64-unknown-linux-gnu
cp target/x86_64-unknown-linux-gnu/release/partner-chains-node partner-chains-node
- name: Generate Chain Specs
run: |
chmod +x ./partner-chains-node
source ./devnet/.envrc
./partner-chains-node build-spec --chain local --disable-default-bootnode --raw > devnet_chain_spec.json
source ./staging/.envrc
./partner-chains-node build-spec --chain staging --disable-default-bootnode --raw > staging_chain_spec.json
- name: Create and Configure Docker Container
id: create-container
run: |
container_id=$(docker run -d debian:bullseye-slim sleep infinity)
echo "container_id=$container_id" >> $GITHUB_ENV
docker exec $container_id useradd -m -u 1000 -U -s /bin/sh -d /substrate substrate
docker exec $container_id mkdir -p /data /substrate/.local/share/partner-chains-node
docker exec $container_id chown -R substrate:substrate /data /substrate
docker exec $container_id rm -rf /usr/bin/apt* /usr/bin/dpkg*
docker exec $container_id ln -s /data /substrate/.local/share/partner-chains-node
- name: Copy Binary to Docker Container
run: |
docker cp ./partner-chains-node ${{ env.container_id }}:/usr/local/bin/partner-chains-node
- name: Finalize Docker Image
run: |
docker commit --change='EXPOSE 30333 9615 9933 9944' --change='ENTRYPOINT ["/usr/local/bin/partner-chains-node"]' ${{ env.container_id }} substrate/node:${{ github.sha }}
- name: Acquire AWS credentials
uses: aws-actions/configure-aws-credentials@v4
if: ${{ github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'ci-off') }}
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRET }}
aws-region: ${{ env.AWS_REGION }}
- name: Login to ECR
uses: docker/login-action@v3
if: ${{ github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'ci-off') }}
with:
registry: ${{ secrets.ECR_REGISTRY_SECRET }}
- name: Push to Docker Registry
if: ${{ github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'ci-off') }}
run: |
docker push substrate/node:${{ github.sha }}
- name: Cleanup Docker Container
if: always()
run: |
docker rm -f ${{ env.container_id }}
- name: Upload chain spec artifacts
uses: actions/upload-artifact@v4
if: ${{ github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'ci-off') }}
with:
name: chain-specs
path: |
./devnet_chain_spec.json
./staging_chain_spec.json
generate-manifest:
needs: build-and-push-without-earthly
if: ${{ github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'ci-off') }}
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Create and Push Manifest
env:
GH_TOKEN: ${{ secrets.ACTIONS_PAT }}
run: |
cd .github/workflows/argocd
bash generate-manifest.sh ${{ github.sha }}
- name: Wait for 12 minutes (ArgoCD refresh interval is 3 minutes + 1 minute to build + 8 minutes for node to start producing blocks)
run: sleep 720s
run-e2e-tests:
needs: generate-manifest
uses: ./.github/workflows/e2e.yml
with:
node-host: sha-${{ github.sha }}-service.integration-testing.svc.cluster.local
node-port: 9933
secrets: inherit
teardown:
runs-on: ubuntu-latest
needs: [build-and-push-without-earthly, generate-manifest, run-e2e-tests]
if: always() && needs.generate-manifest.result == 'success'
steps:
- name: Checkout ArgoCD Repository
uses: actions/checkout@v4
with:
repository: input-output-hk/sidechains-argocd
token: ${{ secrets.ACTIONS_PAT }}
path: sidechains-argocd
- name: Delete Ephemeral Environment Files
uses: actions/github-script@v7
with:
github-token: ${{ secrets.ACTIONS_PAT }}
script: |
const fs = require('fs');
const path = require('path');
const directory = 'sidechains-argocd/integration-testing';
const files = fs.readdirSync(directory);
for (const file of files) {
if (file.startsWith('manifest-sha-')) {
console.log(`Deleting file: ${file}`);
// Fetch the SHA of the file
const shaResponse = await github.rest.repos.getContent({
owner: 'input-output-hk',
repo: 'sidechains-argocd',
path: `integration-testing/${file}`,
});
const sha = shaResponse.data.sha;
// GitHub API request to delete the file
await github.rest.repos.deleteFile({
owner: 'input-output-hk',
repo: 'sidechains-argocd',
path: `integration-testing/${file}`,
message: `ci: Tear down integration-testing environment for SHA #${file.split('-').pop().split('.')[0]}`,
sha: sha,
branch: 'main'
});
}
}
chain-specs:
runs-on: [self-hosted, eks]
needs: [build-and-push-without-earthly]
if: github.ref_name == 'master' || inputs.upload == true
permissions:
id-token: write
contents: write
steps:
- name: Install kubectl and awscli
run: |
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
sudo apt update && sudo apt install -y awscli
- name: Configure kubectl
run: |
echo "${{ secrets.kubeconfig_base64 }}" | base64 --decode > ${{ runner.temp }}/kubeconfig.yaml
kubectl config set-cluster my-cluster --server=${{ secrets.K8S_SERVER }} --insecure-skip-tls-verify=true
kubectl config set-credentials github-actions --token=${{ secrets.K8S_SA_TOKEN }}
kubectl config set-context my-context --cluster=my-cluster --user=github-actions --namespace=default
kubectl config use-context my-context
- name: Download chain spec artifacts
uses: actions/download-artifact@v4
with:
name: chain-specs
path: ./artifacts
- name: Update Kubernetes secret for devnet chain spec
run: |
TIMESTAMP=$(date +%Y%m%d%H%M)
SHA=${{ github.sha }}
kubectl create secret generic "devnet-chain-spec-${TIMESTAMP}-${SHA}" --from-file=devnet_chain_spec.json=./artifacts/devnet_chain_spec.json --namespace=sc
- name: Update Kubernetes secret for staging chain spec
run: |
TIMESTAMP=$(date +%Y%m%d%H%M)
SHA=${{ github.sha }}
kubectl create secret generic "staging-chain-spec-${TIMESTAMP}-${SHA}" --from-file=staging_chain_spec.json=./artifacts/staging_chain_spec.json --namespace=staging