Skip to content

feat: local-environment module #15

feat: local-environment module

feat: local-environment module #15

Workflow file for this run

name: Build, test, release and deploy
on:
workflow_dispatch:
inputs:
partner-chains-sha:
description: "partner-chains commit SHA or branch to build from"
partner-chains-tag:
description: "partner-chains release tag"
required: true
env:
AWS_REGION: "eu-central-1"
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
jobs:

Check failure on line 16 in .github/workflows/cicd.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/cicd.yml

Invalid workflow file

You have an error in your yaml syntax on line 16
partner-chains-linux:
runs-on: ubuntu-latest
steps:
- name: Set filename variables
id: set-filenames
run: |
echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ inputs.tag }}-x86_64-linux" >> $GITHUB_ENV
echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ inputs.tag }}-x86_64-linux" >> $GITHUB_ENV
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ inputs.sha }}
- name: Acquire AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRET }}
aws-region: ${{ env.AWS_REGION }}
- name: Login to ECR
uses: docker/login-action@v3
with:
registry: ${{ secrets.ECR_REGISTRY_SECRET }}
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y protobuf-compiler
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
source $HOME/.cargo/env
rustup target add x86_64-unknown-linux-gnu
- name: Build partner-chains-node
run: |
rustup target add x86_64-unknown-linux-gnu
cargo build -p partner-chains-node --locked --release --target x86_64-unknown-linux-gnu
cp target/x86_64-unknown-linux-gnu/release/partner-chains-node $PARTNER_CHAINS_NODE_X86_64_LINUX
chmod +x $PARTNER_CHAINS_NODE_X86_64_LINUX
- name: Run tests
run: cargo test --locked --release --target x86_64-unknown-linux-gnu
- name: Create and Configure Docker Container
id: create-container
run: |
container_id=$(docker run -d debian:bullseye-slim sleep infinity)
echo "container_id=$container_id" >> $GITHUB_ENV
docker exec $container_id useradd -m -u 1000 -U -s /bin/sh -d /substrate substrate
docker exec $container_id mkdir -p /data /substrate/.local/share/partner-chains-node
docker exec $container_id chown -R substrate:substrate /data /substrate
docker exec $container_id rm -rf /usr/bin/apt* /usr/bin/dpkg*
docker exec $container_id ln -s /data /substrate/.local/share/partner-chains-node
docker cp ./partner-chains-node $container_id:/usr/local/bin/partner-chains-node
docker commit --change='EXPOSE 30333 9615 9933 9944' --change='ENTRYPOINT ["/usr/local/bin/partner-chains-node"]' $container_id substrate-node:${{ inputs.sha }}
- name: Cleanup Docker Container
if: always()
run: |
docker rm -f ${{ env.container_id }}
- name: Build partner-chains-cli
run: |
rustup target add x86_64-unknown-linux-gnu
cargo build -p partner-chains-cli --locked --release --target x86_64-unknown-linux-gnu
cp target/x86_64-unknown-linux-gnu/release/partner-chains-cli $PARTNER_CHAINS_CLI_X86_64_LINUX
chmod +x $PARTNER_CHAINS_CLI_X86_64_LINUX
- name: Push to ECR
run: |
docker tag substrate-node:${{ inputs.sha }} ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.sha }}
docker push ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.sha }}
- name: Upload partner-chains-cli-x86_64-linux
uses: actions/upload-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}
path: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}
- name: Upload partner-chains-node-x86_64-linux
uses: actions/upload-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}
path: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}
partner-chains-macos-x86_64:
runs-on: macos-latest
steps:
- name: Set filename variables
id: set-filenames
run: |
echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ inputs.tag }}-x86_64-apple-darwin" >> $GITHUB_ENV
echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ inputs.tag }}-x86_64-apple-darwin" >> $GITHUB_ENV
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ inputs.sha }}
- name: Install protoc
run: |
curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v21.3/protoc-21.3-osx-x86_64.zip
unzip protoc-21.3-osx-x86_64.zip -d $HOME/protoc
sudo mv $HOME/protoc/bin/protoc /usr/local/bin/protoc
- name: Build partner-chains-node
run: |
rustup target add x86_64-apple-darwin
cargo build -p partner-chains-node --locked --release --target x86_64-apple-darwin
cp target/x86_64-apple-darwin/release/partner-chains-node $PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN
chmod +x $PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN
- name: Build partner-chains-cli
run: |
rustup target add x86_64-apple-darwin
cargo build -p partner-chains-cli --locked --release --target x86_64-apple-darwin
cp target/x86_64-apple-darwin/release/partner-chains-cli $PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN
chmod +x $PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN
- name: Upload partner-chains-cli-x86_64-apple-darwin
uses: actions/upload-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}
path: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}
- name: Upload partner-chains-node-x86_64-apple-darwin
uses: actions/upload-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}
path: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}
partner-chains-macos-arm64:
runs-on: macos-latest
steps:
- name: Set filename variables
id: set-filenames
run: |
echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ inputs.tag }}-aarch64-apple-darwin" >> $GITHUB_ENV
echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ inputs.tag }}-aarch64-apple-darwin" >> $GITHUB_ENV
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ inputs.sha }}
- name: Install protoc
run: |
curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v21.3/protoc-21.3-osx-aarch_64.zip
unzip protoc-21.3-osx-aarch_64.zip -d $HOME/protoc
sudo mv $HOME/protoc/bin/protoc /usr/local/bin/protoc
- name: Build partner-chains-node
run: |
rustup target add aarch64-apple-darwin
cargo build -p partner-chains-node --locked --release --target aarch64-apple-darwin
cp target/aarch64-apple-darwin/release/partner-chains-node $PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN
chmod +x $PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN
- name: Build partner-chains-cli
run: |
rustup target add aarch64-apple-darwin
cargo build -p partner-chains-cli --locked --release --target aarch64-apple-darwin
cp target/aarch64-apple-darwin/release/partner-chains-cli $PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN
chmod +x $PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN
- name: Upload partner-chains-cli-aarch64-apple-darwin
uses: actions/upload-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}
path: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}
- name: Upload partner-chains-node-aarch64-apple-darwin
uses: actions/upload-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}
path: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}
partner-chains-smart-contracts-x86_64-linux:
runs-on: [self-hosted, nixos]
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ inputs.partner_chains_smart_contracts_sha }}
- name: Build
run: nix build ./#sidechain-release-bundle
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: partner-chains-smart-contracts-x86_64-linux
path: result/release.zip
partner-chains-smart-contracts-process:
runs-on: ubuntu-latest
needs: [partner-chains-smart-contracts-x86_64-linux]
steps:
- name: Download x86_64-linux artifact
uses: actions/download-artifact@v4
with:
name: partner-chains-smart-contracts-x86_64-linux
path: ./x86_64-linux
- name: Unzip release.zip
run: |
mkdir -p ./x86_64-linux/unzipped
unzip ./x86_64-linux/release.zip -d ./x86_64-linux/unzipped
local-environment-tests:
needs: [partner-chains-linux, partner-chains-smart-contracts-process]
uses: ./.github/workflows/modules/local-environment-tests.yml
with:
sha: ${{ inputs.sha }}
tag: ${{ inputs.tag }}
image: ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.sha }}
pre-release-candidate:
runs-on: ubuntu-latest
needs: [local-environment]
steps:
- name: Set filename variables
id: set-filenames
run: |
echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ inputs.tag }}-x86_64-linux" >> $GITHUB_ENV
echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ inputs.tag }}-x86_64-linux" >> $GITHUB_ENV
echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ inputs.tag }}-x86_64-apple-darwin" >> $GITHUB_ENV
echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ inputs.tag }}-x86_64-apple-darwin" >> $GITHUB_ENV
echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ inputs.tag }}-aarch64-apple-darwin" >> $GITHUB_ENV
echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ inputs.tag }}-aarch64-apple-darwin" >> $GITHUB_ENV
- name: Download Linux CLI artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}
path: artifact-linux/
- name: Download Linux NODE artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}
path: artifact-linux/
- name: Download macOS x86_64 CLI artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}
path: artifact-macos-x86_64/
- name: Download macOS x86_64 NODE artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}
path: artifact-macos-x86_64/
- name: Download macOS ARM64 CLI artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}
path: artifact-macos-arm64/
- name: Download macOS ARM64 NODE artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}
path: artifact-macos-arm64/
- name: Check if release already exists
id: check_release
run: |
tag="${{ inputs.tag }}"
release_response=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
"https://api.github.com/repos/${{ github.repository }}/releases/tags/$tag")
if echo "$release_response" | grep -q '"message": "Not Found"'; then
echo "release_exists=false" >> $GITHUB_ENV
echo "::set-output name=release_exists::false"
else
echo "release_exists=true" >> $GITHUB_ENV
echo "::set-output name=release_exists::true"
echo "release_id=$(echo $release_response | jq -r .id)" >> $GITHUB_ENV
echo "::set-output name=release_id::$(echo $release_response | jq -r .id)"
fi
- name: Create draft release
id: create_release
if: ${{ steps.check_release.outputs.release_exists == 'false' }}
run: |
tag="${{ inputs.tag }}"
release_response=$(curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-d '{"tag_name": "'$tag'", "name": "'$tag'", "body": "Draft release for '$tag'", "draft": true}' \
"https://api.github.com/repos/${{ github.repository }}/releases")
echo "release_id=$(echo $release_response | jq -r .id)" >> $GITHUB_ENV
echo "::set-output name=release_id::$(echo $release_response | jq -r .id)"
- name: Upload artifacts to release
if: ${{ steps.check_release.outputs.release_exists == 'true' || steps.create_release.outputs.release_id != '' }}
run: |
release_id="${{ steps.create_release.outputs.release_id }}"
if [ -z "$release_id" ]; then
release_id="${{ steps.check_release.outputs.release_id }}"
fi
for artifact in "artifact-linux/${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}" \
"artifact-linux/${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}" \
"artifact-macos-x86_64/${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}" \
"artifact-macos-x86_64/${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}" \
"artifact-macos-arm64/${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}" \
"artifact-macos-arm64/${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}"; do
chmod +x "$artifact"
curl -s -X POST \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/octet-stream" \
--data-binary @"$artifact" \
"https://uploads.github.com/repos/${{ github.repository }}/releases/$release_id/assets?name=$(basename $artifact)"
done
chain-specs:
needs: partner-chains-linux
uses: ./.github/workflows/modules/chain-specs.yml
with:
sha: ${{ inputs.sha }}
tag: ${{ inputs.tag }}
deploy-staging-preview:
needs: chain-specs
uses: ./.github/workflows/modules/staging-preview-deploy.yml
with:
image: ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.sha }}
chain-spec-secret: staging-chain-spec-${{ inputs.sha }}
publish-ghcr-image:
uses: ./.github/workflows/modules/build-and-publish-ghcr-image.yml
with:
commit_sha: ${{ inputs.sha }}
ghcr_tag: ${{ inputs.tag }}
publish_to_ghcr: true