From 0494d22d7e72ef80fcefa0a73e6579d2d45a287e Mon Sep 17 00:00:00 2001 From: Skylar Simoncelli Date: Tue, 17 Sep 2024 16:59:36 +0300 Subject: [PATCH] feat: more modules --- .github/workflows/cicd.yml | 80 +++--- .../modules/build-and-publish-ghcr-image.yml | 57 ++-- .../workflows/modules/build-pc-artifact.yml | 162 ++++++++++++ .../workflows/modules/build-pcsc-artifact.yml | 54 ++++ .../modules/create-draft-release.yml | 250 ++++++++++++++++++ .../workflows/modules/release-pc-artifact.yml | 126 +++++++++ .../workflows/modules/upload-chain-specs.yml | 58 ++++ 7 files changed, 720 insertions(+), 67 deletions(-) create mode 100644 .github/workflows/modules/build-pc-artifact.yml create mode 100644 .github/workflows/modules/build-pcsc-artifact.yml create mode 100644 .github/workflows/modules/create-draft-release.yml create mode 100644 .github/workflows/modules/release-pc-artifact.yml create mode 100644 .github/workflows/modules/upload-chain-specs.yml diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index f497e7148..15bc24722 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -9,6 +9,10 @@ on: description: "partner-chains release tag" required: true +env: + AWS_REGION: "eu-central-1" + SSH_AUTH_SOCK: /tmp/ssh_agent.sock + jobs: partner-chains-linux: runs-on: ubuntu-latest @@ -16,13 +20,13 @@ jobs: - name: Set filename variables id: set-filenames run: | - echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV - echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV - name: Checkout code uses: actions/checkout@v4 with: - ref: ${{ github.event.inputs.partner-chains-sha }} + ref: ${{ inputs.partner-chains-sha }} - name: Acquire AWS credentials uses: aws-actions/configure-aws-credentials@v4 @@ -72,7 +76,7 @@ jobs: docker exec $container_id rm -rf /usr/bin/apt* /usr/bin/dpkg* docker exec $container_id ln -s /data /substrate/.local/share/partner-chains-node docker cp ./partner-chains-node $container_id:/usr/local/bin/partner-chains-node - docker commit --change='EXPOSE 30333 9615 9933 9944' --change='ENTRYPOINT ["/usr/local/bin/partner-chains-node"]' $container_id substrate-node:${{ github.sha }} + docker commit --change='EXPOSE 30333 9615 9933 9944' --change='ENTRYPOINT ["/usr/local/bin/partner-chains-node"]' $container_id substrate-node:${{ inputs.partner-chains-sha }} - name: Cleanup Docker Container if: always() @@ -88,8 +92,8 @@ jobs: - name: Push to ECR run: | - docker tag substrate-node:${{ github.sha }} ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ github.sha }} - docker push ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ github.sha }} + docker tag substrate-node:${{ inputs.partner-chains-sha }} ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.partner-chains-sha }} + docker push ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.partner-chains-sha }} - name: Upload partner-chains-cli-x86_64-linux uses: actions/upload-artifact@v4 @@ -109,28 +113,22 @@ jobs: with: name: chain-specs path: | + ./devnet_chain_spec.json ./staging_chain_spec.json - - name: Update Kubernetes secret for staging-preview chain spec - run: | - TIMESTAMP=$(date +%Y%m%d%H%M) - SHA=${{ github.sha }} - kubectl delete secret "staging-preview-chain-spec" --namespace=staging || true - kubectl create secret generic "staging-preview-chain-spec" --from-file=staging_chain_spec.json=./staging_chain_spec.json --namespace=staging - partner-chains-macos-x86_64: runs-on: macos-latest steps: - name: Set filename variables id: set-filenames run: | - echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV - echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV - name: Checkout code uses: actions/checkout@v4 with: - ref: ${{ github.event.inputs.partner-chains-sha }} + ref: ${{ inputs.partner-chains-sha }} - name: Install protoc run: | @@ -170,13 +168,13 @@ jobs: - name: Set filename variables id: set-filenames run: | - echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV - echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV - name: Checkout code uses: actions/checkout@v4 with: - ref: ${{ github.event.inputs.partner-chains-sha }} + ref: ${{ inputs.partner-chains-sha }} - name: Install protoc run: | @@ -216,7 +214,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 with: - ref: ${{ github.event.inputs.partner_chains_smart_contracts_sha }} + ref: ${{ inputs.partner_chains_smart_contracts_sha }} - name: Build run: nix build ./#sidechain-release-bundle @@ -244,7 +242,7 @@ jobs: local-environment: runs-on: ubuntu-latest - needs: [partner-chains-linux, partner-chains-macos-x86_64, partner-chains-macos-arm64, partner-chains-smart-contracts-process] + needs: [partner-chains-linux, partner-chains-smart-contracts-process] steps: - name: Checkout master uses: actions/checkout@v4 @@ -254,14 +252,14 @@ jobs: - name: Set filename variables id: set-filenames run: | - echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV - echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV - name: Deploy local environment with overrides run: | cp -r ./partner-chains-cli-* ./partner-chains-master/dev/local-environment/configurations/partner-chains-cli/overrides/partner-chains-cli cp -r ./partner-chains-node-* ./partner-chains-master/dev/local-environment/configurations/partner-chains-cli/overrides/partner-chains-node - cp -r ./x86_64-linux/unzipped/* ./partner-chains-master/dev/local-environment/configurations/sidechain-release-bundle/overrides/ + cp -r ./partner-chains-smart-contracts/* ./partner-chains-master/dev/local-environment/configurations/sidechain-release-bundle/overrides/ cd ./partner-chains-master/dev/local-environment bash setup.sh --non-interactive --overrides --postgres-password=postgres docker compose up -d @@ -279,12 +277,12 @@ jobs: - name: Set filename variables id: set-filenames run: | - echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV - echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV - echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV - echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV - echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV - echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV - name: Download Linux CLI artifact uses: actions/download-artifact@v4 @@ -325,7 +323,7 @@ jobs: - name: Check if release already exists id: check_release run: | - tag="${{ github.event.inputs.partner-chains-tag }}" + tag="${{ inputs.partner-chains-tag }}" release_response=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ "https://api.github.com/repos/${{ github.repository }}/releases/tags/$tag") if echo "$release_response" | grep -q '"message": "Not Found"'; then @@ -342,7 +340,7 @@ jobs: id: create_release if: ${{ steps.check_release.outputs.release_exists == 'false' }} run: | - tag="${{ github.event.inputs.partner-chains-tag }}" + tag="${{ inputs.partner-chains-tag }}" release_response=$(curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ -d '{"tag_name": "'$tag'", "name": "'$tag'", "body": "Draft release for '$tag'", "draft": true}' \ "https://api.github.com/repos/${{ github.repository }}/releases") @@ -371,6 +369,12 @@ jobs: "https://uploads.github.com/repos/${{ github.repository }}/releases/$release_id/assets?name=$(basename $artifact)" done + upload-chain-specs: + needs: partner-chains-linux + uses: ./.github/workflows/modules/upload-chain-specs.yml + with: + sha: ${{ inputs.partner-chains-sha }} + deploy-staging-preview: runs-on: [self-hosted, eks] permissions: @@ -437,10 +441,10 @@ jobs: - name: Deploy with chain-spec and image override run: | cd sidechains-infra-priv/src/kube/substrate-poc/environments/helm/substrate-node-stack-chart/ - helm upgrade --install validator-1 . -f values/chains/staging.yaml -f values/nodes/staging/validator/validator-1 --set images.substrateNode="${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ github.sha }}" --set chain.chainspec_secretName="staging-preview-chain-spec" - helm upgrade --install validator-2 . -f values/chains/staging.yaml -f values/nodes/staging/validator/validator-2 --set images.substrateNode="${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ github.sha }}" --set chain.chainspec_secretName="staging-preview-chain-spec" - helm upgrade --install validator-3 . -f values/chains/staging.yaml -f values/nodes/staging/validator/validator-3 --set images.substrateNode="${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ github.sha }}" --set chain.chainspec_secretName="staging-preview-chain-spec" - helm upgrade --install validator-4 . -f values/chains/staging.yaml -f values/nodes/staging/validator/validator-4 --set images.substrateNode="${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ github.sha }}" --set chain.chainspec_secretName="staging-preview-chain-spec" + helm upgrade --install validator-1 . -f values/chains/staging.yaml -f values/nodes/staging/validator/validator-1 --set images.substrateNode="${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.partner-chains-sha }}" --set chain.chainspec_secretName="staging-preview-chain-spec" + helm upgrade --install validator-2 . -f values/chains/staging.yaml -f values/nodes/staging/validator/validator-2 --set images.substrateNode="${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.partner-chains-sha }}" --set chain.chainspec_secretName="staging-preview-chain-spec" + helm upgrade --install validator-3 . -f values/chains/staging.yaml -f values/nodes/staging/validator/validator-3 --set images.substrateNode="${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.partner-chains-sha }}" --set chain.chainspec_secretName="staging-preview-chain-spec" + helm upgrade --install validator-4 . -f values/chains/staging.yaml -f values/nodes/staging/validator/validator-4 --set images.substrateNode="${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.partner-chains-sha }}" --set chain.chainspec_secretName="staging-preview-chain-spec" - name: Wait run: | @@ -469,6 +473,6 @@ jobs: publish-ghcr-image: uses: ./.github/workflows/modules/build-and-publish-ghcr-image.yml with: - commit_sha: ${{ github.event.inputs.partner-chains-sha }} - ghcr_tag: ${{ github.event.inputs.partner-chains-tag }} + commit_sha: ${{ inputs.partner-chains-sha }} + ghcr_tag: ${{ inputs.partner-chains-tag }} publish_to_ghcr: true \ No newline at end of file diff --git a/.github/workflows/modules/build-and-publish-ghcr-image.yml b/.github/workflows/modules/build-and-publish-ghcr-image.yml index 250c80e3b..605f14cc3 100644 --- a/.github/workflows/modules/build-and-publish-ghcr-image.yml +++ b/.github/workflows/modules/build-and-publish-ghcr-image.yml @@ -1,35 +1,34 @@ name: Build and Publish to GHCR on: - workflow_call: - inputs: - commit_sha: - description: 'Commit SHA to build from' - required: true - type: string - ghcr_tag: - description: "Tag for GHCR image" - required: true - type: string - publish_to_ghcr: - description: "Publish to GitHub Container Registry" - default: true - type: boolean - - workflow_dispatch: - inputs: - commit_sha: - description: 'Commit SHA to build from' - required: true - type: string - ghcr_tag: - description: "Tag for GHCR image" - required: true - type: string - publish_to_ghcr: - description: "Publish to GitHub Container Registry" - default: true - type: boolean + workflow_call: + inputs: + commit_sha: + description: 'Commit SHA to build from' + required: true + type: string + ghcr_tag: + description: "Tag for GHCR image" + required: true + type: string + publish_to_ghcr: + description: "Publish to GitHub Container Registry" + default: true + type: boolean + workflow_dispatch: + inputs: + commit_sha: + description: 'Commit SHA to build from' + required: true + type: string + ghcr_tag: + description: "Tag for GHCR image" + required: true + type: string + publish_to_ghcr: + description: "Publish to GitHub Container Registry" + default: true + type: boolean env: SSH_AUTH_SOCK: /tmp/ssh_agent.sock diff --git a/.github/workflows/modules/build-pc-artifact.yml b/.github/workflows/modules/build-pc-artifact.yml new file mode 100644 index 000000000..8bd45308d --- /dev/null +++ b/.github/workflows/modules/build-pc-artifact.yml @@ -0,0 +1,162 @@ +name: Build and Upload PC Artifacts + +on: + workflow_call: + inputs: + partner_chains_sha: + description: "partner-chains commit SHA or branch to build from" + partner-chains-tag: + description: "partner-chains release tag to append to artifact name" + required: true + create_draft_release_page: + description: "Create a draft release page" + required: false + default: "false" + workflow_dispatch: + inputs: + partner_chains_sha: + description: "partner-chains commit SHA or branch to build from" + partner-chains-tag: + description: "partner-chains release tag to append to artifact name" + required: true + create_draft_release_page: + description: "Create a draft release page" + required: false + default: "false" + +jobs: + partner-chains-linux: + runs-on: ubuntu-latest + steps: + - name: Set filename variables + id: set-filenames + run: | + echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.partner_chains_sha }} + + - name: Install protoc + run: sudo apt-get install -y protobuf-compiler + + - name: Build partner-chains-node + run: | + rustup target add x86_64-unknown-linux-gnu + cargo build -p partner-chains-node --locked --release --target x86_64-unknown-linux-gnu + cp target/x86_64-unknown-linux-gnu/release/partner-chains-node $PARTNER_CHAINS_NODE_X86_64_LINUX + chmod +x $PARTNER_CHAINS_NODE_X86_64_LINUX + + - name: Build partner-chains-cli + run: | + rustup target add x86_64-unknown-linux-gnu + cargo build -p partner-chains-cli --locked --release --target x86_64-unknown-linux-gnu + cp target/x86_64-unknown-linux-gnu/release/partner-chains-cli $PARTNER_CHAINS_CLI_X86_64_LINUX + chmod +x $PARTNER_CHAINS_CLI_X86_64_LINUX + + - name: Upload partner-chains-cli-x86_64-linux + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }} + path: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }} + + - name: Upload partner-chains-node-x86_64-linux + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }} + path: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }} + + partner-chains-macos-x86_64: + runs-on: macos-latest + steps: + - name: Set filename variables + id: set-filenames + run: | + echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.partner_chains_sha }} + + - name: Install protoc + run: | + curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v21.3/protoc-21.3-osx-x86_64.zip + unzip protoc-21.3-osx-x86_64.zip -d $HOME/protoc + sudo mv $HOME/protoc/bin/protoc /usr/local/bin/protoc + + - name: Build partner-chains-node + run: | + rustup target add x86_64-apple-darwin + cargo build -p partner-chains-node --locked --release --target x86_64-apple-darwin + cp target/x86_64-apple-darwin/release/partner-chains-node $PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN + chmod +x $PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN + + - name: Build partner-chains-cli + run: | + rustup target add x86_64-apple-darwin + cargo build -p partner-chains-cli --locked --release --target x86_64-apple-darwin + cp target/x86_64-apple-darwin/release/partner-chains-cli $PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN + chmod +x $PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN + + - name: Upload partner-chains-cli-x86_64-apple-darwin + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }} + path: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }} + + - name: Upload partner-chains-node-x86_64-apple-darwin + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }} + path: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }} + + partner-chains-macos-arm64: + runs-on: macos-latest + steps: + - name: Set filename variables + id: set-filenames + run: | + echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.partner_chains_sha }} + + - name: Install protoc + run: | + curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v21.3/protoc-21.3-osx-aarch_64.zip + unzip protoc-21.3-osx-aarch_64.zip -d $HOME/protoc + sudo mv $HOME/protoc/bin/protoc /usr/local/bin/protoc + + - name: Build partner-chains-node + run: | + rustup target add aarch64-apple-darwin + cargo build -p partner-chains-node --locked --release --target aarch64-apple-darwin + cp target/aarch64-apple-darwin/release/partner-chains-node $PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN + chmod +x $PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN + + - name: Build partner-chains-cli + run: | + rustup target add aarch64-apple-darwin + cargo build -p partner-chains-cli --locked --release --target aarch64-apple-darwin + cp target/aarch64-apple-darwin/release/partner-chains-cli $PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN + chmod +x $PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN + + - name: Upload partner-chains-cli-aarch64-apple-darwin + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }} + path: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }} + + - name: Upload partner-chains-node-aarch64-apple-darwin + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }} + path: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }} + \ No newline at end of file diff --git a/.github/workflows/modules/build-pcsc-artifact.yml b/.github/workflows/modules/build-pcsc-artifact.yml new file mode 100644 index 000000000..980d1ffda --- /dev/null +++ b/.github/workflows/modules/build-pcsc-artifact.yml @@ -0,0 +1,54 @@ +name: Build and Upload PCSC Artifact (Linux Only) + +on: + workflow_call: + inputs: + partner_chains_smart_contracts_sha: + description: "partner-chains-smart-contracts commit SHA or branch to build from" + workflow_dispatch: + inputs: + partner_chains_smart_contracts_sha: + description: "partner-chains-smart-contracts commit SHA or branch to build from" + +jobs: + partner-chains-smart-contracts-x86_64-linux: + runs-on: [self-hosted, nixos] + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.partner_chains_smart_contracts_sha }} + + - name: Build + run: nix build ./#sidechain-release-bundle + + - name: Upload Artifact + uses: actions/upload-artifact@v4 + with: + name: partner-chains-smart-contracts-x86_64-linux + path: result/release.zip + + partner-chains-smart-contracts-process: + runs-on: ubuntu-latest + needs: [partner-chains-smart-contracts-x86_64-linux] + steps: + - name: Download x86_64-linux artifact + uses: actions/download-artifact@v4 + with: + name: partner-chains-smart-contracts-x86_64-linux + path: ./x86_64-linux + + - uses: geekyeggo/delete-artifact@v5 + with: + name: partner-chains-smart-contracts-x86_64-linux + + - name: Unzip release.zip + run: | + mkdir -p ./x86_64-linux/unzipped + unzip ./x86_64-linux/release.zip -d ./partner-chains-smart-contracts + + - name: Upload Artifact + uses: actions/upload-artifact@v4 + with: + name: partner-chains-smart-contracts-x86_64-linux + path: ./partner-chains-smart-contracts \ No newline at end of file diff --git a/.github/workflows/modules/create-draft-release.yml b/.github/workflows/modules/create-draft-release.yml new file mode 100644 index 000000000..490b4d127 --- /dev/null +++ b/.github/workflows/modules/create-draft-release.yml @@ -0,0 +1,250 @@ +name: Build and Upload Artifacts + +on: + workflow_dispatch: + inputs: + partner_chains_sha: + description: "partner-chains commit SHA or branch to build from" + partner-chains-tag: + description: "partner-chains release tag to append to artifact name" + required: true + create_draft_release_page: + description: "Create a draft release page" + required: false + default: "false" + +jobs: + partner-chains-linux: + runs-on: ubuntu-latest + steps: + - name: Set filename variables + id: set-filenames + run: | + echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.partner_chains_sha }} + + - name: Install protoc + run: sudo apt-get install -y protobuf-compiler + + - name: Build partner-chains-node + run: | + rustup target add x86_64-unknown-linux-gnu + cargo build -p partner-chains-node --locked --release --target x86_64-unknown-linux-gnu + cp target/x86_64-unknown-linux-gnu/release/partner-chains-node $PARTNER_CHAINS_NODE_X86_64_LINUX + chmod +x $PARTNER_CHAINS_NODE_X86_64_LINUX + + - name: Build partner-chains-cli + run: | + rustup target add x86_64-unknown-linux-gnu + cargo build -p partner-chains-cli --locked --release --target x86_64-unknown-linux-gnu + cp target/x86_64-unknown-linux-gnu/release/partner-chains-cli $PARTNER_CHAINS_CLI_X86_64_LINUX + chmod +x $PARTNER_CHAINS_CLI_X86_64_LINUX + + - name: Upload partner-chains-cli-x86_64-linux + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }} + path: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }} + + - name: Upload partner-chains-node-x86_64-linux + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }} + path: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }} + + partner-chains-macos-x86_64: + runs-on: macos-latest + steps: + - name: Set filename variables + id: set-filenames + run: | + echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.partner_chains_sha }} + + - name: Install protoc + run: | + curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v21.3/protoc-21.3-osx-x86_64.zip + unzip protoc-21.3-osx-x86_64.zip -d $HOME/protoc + sudo mv $HOME/protoc/bin/protoc /usr/local/bin/protoc + + - name: Build partner-chains-node + run: | + rustup target add x86_64-apple-darwin + cargo build -p partner-chains-node --locked --release --target x86_64-apple-darwin + cp target/x86_64-apple-darwin/release/partner-chains-node $PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN + chmod +x $PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN + + - name: Build partner-chains-cli + run: | + rustup target add x86_64-apple-darwin + cargo build -p partner-chains-cli --locked --release --target x86_64-apple-darwin + cp target/x86_64-apple-darwin/release/partner-chains-cli $PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN + chmod +x $PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN + + - name: Upload partner-chains-cli-x86_64-apple-darwin + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }} + path: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }} + + - name: Upload partner-chains-node-x86_64-apple-darwin + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }} + path: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }} + + partner-chains-macos-arm64: + runs-on: macos-latest + steps: + - name: Set filename variables + id: set-filenames + run: | + echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.partner_chains_sha }} + + - name: Install protoc + run: | + curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v21.3/protoc-21.3-osx-aarch_64.zip + unzip protoc-21.3-osx-aarch_64.zip -d $HOME/protoc + sudo mv $HOME/protoc/bin/protoc /usr/local/bin/protoc + + - name: Build partner-chains-node + run: | + rustup target add aarch64-apple-darwin + cargo build -p partner-chains-node --locked --release --target aarch64-apple-darwin + cp target/aarch64-apple-darwin/release/partner-chains-node $PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN + chmod +x $PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN + + - name: Build partner-chains-cli + run: | + rustup target add aarch64-apple-darwin + cargo build -p partner-chains-cli --locked --release --target aarch64-apple-darwin + cp target/aarch64-apple-darwin/release/partner-chains-cli $PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN + chmod +x $PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN + + - name: Upload partner-chains-cli-aarch64-apple-darwin + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }} + path: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }} + + - name: Upload partner-chains-node-aarch64-apple-darwin + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }} + path: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }} + + release: + runs-on: ubuntu-latest + needs: [partner-chains-linux, partner-chains-macos-x86_64, partner-chains-macos-arm64] + if: ${{ github.event.inputs.create_draft_release_page == 'true' }} + steps: + - name: Set filename variables + id: set-filenames + run: | + echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + + - name: Download Linux CLI artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }} + path: artifact-linux/ + + - name: Download Linux NODE artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }} + path: artifact-linux/ + + - name: Download macOS x86_64 CLI artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }} + path: artifact-macos-x86_64/ + + - name: Download macOS x86_64 NODE artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }} + path: artifact-macos-x86_64/ + + - name: Download macOS ARM64 CLI artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }} + path: artifact-macos-arm64/ + + - name: Download macOS ARM64 NODE artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }} + path: artifact-macos-arm64/ + + - name: Check if release already exists + id: check_release + run: | + tag="${{ github.event.inputs.partner-chains-tag }}" + release_response=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ + "https://api.github.com/repos/${{ github.repository }}/releases/tags/$tag") + if echo "$release_response" | grep -q '"message": "Not Found"'; then + echo "release_exists=false" >> $GITHUB_ENV + echo "::set-output name=release_exists::false" + else + echo "release_exists=true" >> $GITHUB_ENV + echo "::set-output name=release_exists::true" + echo "release_id=$(echo $release_response | jq -r .id)" >> $GITHUB_ENV + echo "::set-output name=release_id::$(echo $release_response | jq -r .id)" + fi + + - name: Create draft release + id: create_release + if: ${{ steps.check_release.outputs.release_exists == 'false' }} + run: | + tag="${{ github.event.inputs.partner-chains-tag }}" + release_response=$(curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ + -d '{"tag_name": "'$tag'", "name": "'$tag'", "body": "Draft release for '$tag'", "draft": true}' \ + "https://api.github.com/repos/${{ github.repository }}/releases") + echo "release_id=$(echo $release_response | jq -r .id)" >> $GITHUB_ENV + echo "::set-output name=release_id::$(echo $release_response | jq -r .id)" + + - name: Upload artifacts to release + if: ${{ steps.check_release.outputs.release_exists == 'true' || steps.create_release.outputs.release_id != '' }} + run: | + release_id="${{ steps.create_release.outputs.release_id }}" + if [ -z "$release_id" ]; then + release_id="${{ steps.check_release.outputs.release_id }}" + fi + + for artifact in "artifact-linux/${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}" \ + "artifact-linux/${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}" \ + "artifact-macos-x86_64/${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}" \ + "artifact-macos-x86_64/${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}" \ + "artifact-macos-arm64/${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}" \ + "artifact-macos-arm64/${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}"; do + chmod +x "$artifact" + curl -s -X POST \ + -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ + -H "Content-Type: application/octet-stream" \ + --data-binary @"$artifact" \ + "https://uploads.github.com/repos/${{ github.repository }}/releases/$release_id/assets?name=$(basename $artifact)" + done diff --git a/.github/workflows/modules/release-pc-artifact.yml b/.github/workflows/modules/release-pc-artifact.yml new file mode 100644 index 000000000..4255ff75e --- /dev/null +++ b/.github/workflows/modules/release-pc-artifact.yml @@ -0,0 +1,126 @@ +name: Create Draft PC Release + +on: + workflow_call: + inputs: + partner_chains_sha: + description: "partner-chains commit SHA or branch to build from" + partner-chains-tag: + description: "partner-chains release tag to append to artifact name" + required: true + create_draft_release_page: + description: "Create a draft release page" + required: false + default: "false" + workflow_dispatch: + inputs: + partner_chains_sha: + description: "partner-chains commit SHA or branch to build from" + partner-chains-tag: + description: "partner-chains release tag to append to artifact name" + required: true + create_draft_release_page: + description: "Create a draft release page" + required: false + default: "false" + +jobs: + release: + runs-on: ubuntu-latest + needs: [partner-chains-linux, partner-chains-macos-x86_64, partner-chains-macos-arm64] + if: ${{ github.event.inputs.create_draft_release_page == 'true' }} + steps: + - name: Set filename variables + id: set-filenames + run: | + echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV + + - name: Download Linux CLI artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }} + path: artifact-linux/ + + - name: Download Linux NODE artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }} + path: artifact-linux/ + + - name: Download macOS x86_64 CLI artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }} + path: artifact-macos-x86_64/ + + - name: Download macOS x86_64 NODE artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }} + path: artifact-macos-x86_64/ + + - name: Download macOS ARM64 CLI artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }} + path: artifact-macos-arm64/ + + - name: Download macOS ARM64 NODE artifact + uses: actions/download-artifact@v4 + with: + name: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }} + path: artifact-macos-arm64/ + + - name: Check if release already exists + id: check_release + run: | + tag="${{ github.event.inputs.partner-chains-tag }}" + release_response=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ + "https://api.github.com/repos/${{ github.repository }}/releases/tags/$tag") + if echo "$release_response" | grep -q '"message": "Not Found"'; then + echo "release_exists=false" >> $GITHUB_ENV + echo "::set-output name=release_exists::false" + else + echo "release_exists=true" >> $GITHUB_ENV + echo "::set-output name=release_exists::true" + echo "release_id=$(echo $release_response | jq -r .id)" >> $GITHUB_ENV + echo "::set-output name=release_id::$(echo $release_response | jq -r .id)" + fi + + - name: Create draft release + id: create_release + if: ${{ steps.check_release.outputs.release_exists == 'false' }} + run: | + tag="${{ github.event.inputs.partner-chains-tag }}" + release_response=$(curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ + -d '{"tag_name": "'$tag'", "name": "'$tag'", "body": "Draft release for '$tag'", "draft": true}' \ + "https://api.github.com/repos/${{ github.repository }}/releases") + echo "release_id=$(echo $release_response | jq -r .id)" >> $GITHUB_ENV + echo "::set-output name=release_id::$(echo $release_response | jq -r .id)" + + - name: Upload artifacts to release + if: ${{ steps.check_release.outputs.release_exists == 'true' || steps.create_release.outputs.release_id != '' }} + run: | + release_id="${{ steps.create_release.outputs.release_id }}" + if [ -z "$release_id" ]; then + release_id="${{ steps.check_release.outputs.release_id }}" + fi + + for artifact in "artifact-linux/${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}" \ + "artifact-linux/${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}" \ + "artifact-macos-x86_64/${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}" \ + "artifact-macos-x86_64/${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}" \ + "artifact-macos-arm64/${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}" \ + "artifact-macos-arm64/${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}"; do + chmod +x "$artifact" + curl -s -X POST \ + -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ + -H "Content-Type: application/octet-stream" \ + --data-binary @"$artifact" \ + "https://uploads.github.com/repos/${{ github.repository }}/releases/$release_id/assets?name=$(basename $artifact)" + done diff --git a/.github/workflows/modules/upload-chain-specs.yml b/.github/workflows/modules/upload-chain-specs.yml new file mode 100644 index 000000000..f8a2e27ab --- /dev/null +++ b/.github/workflows/modules/upload-chain-specs.yml @@ -0,0 +1,58 @@ +name: Upload chain spec artifacts to Kubernetes + +on: + workflow_call: + inputs: + sha: + description: 'Commit SHA to append to chain spec secret name' + required: true + type: string + +jobs: + chain-specs: + runs-on: [self-hosted, eks] + permissions: + id-token: write + contents: write + steps: + - name: Install kubectl and awscli + run: | + curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + chmod +x ./kubectl + sudo mv ./kubectl /usr/local/bin/kubectl + sudo apt update && sudo apt install -y awscli + + - name: Configure kubectl + run: | + echo "${{ secrets.kubeconfig_base64 }}" | base64 --decode > ${{ runner.temp }}/kubeconfig.yaml + kubectl config set-cluster my-cluster --server=${{ secrets.K8S_SERVER }} --insecure-skip-tls-verify=true + kubectl config set-credentials github-actions --token=${{ secrets.K8S_SA_TOKEN }} + kubectl config set-context my-context --cluster=my-cluster --user=github-actions --namespace=default + kubectl config use-context my-context + + - name: Download chain spec artifacts + uses: actions/download-artifact@v4 + with: + name: chain-specs + path: ./artifacts + + - name: Update Kubernetes secret for devnet chain spec + run: | + SHA=${{ inputs.sha }} + SECRET_NAME="devnet-chain-spec-${SHA}" + + kubectl delete secret "$SECRET_NAME" --namespace=sc --ignore-not-found + kubectl create secret generic "$SECRET_NAME" \ + --from-file=devnet_chain_spec.json=./artifacts/devnet_chain_spec.json \ + --namespace=sc + + - name: Update Kubernetes secret for staging chain spec + run: | + SHA=${{ inputs.sha }} + SECRET_NAME="staging-chain-spec-${SHA}" + + kubectl delete secret "$SECRET_NAME" --namespace=staging --ignore-not-found + kubectl create secret generic "$SECRET_NAME" \ + --from-file=staging_chain_spec.json=./artifacts/staging_chain_spec.json \ + --namespace=staging + \ No newline at end of file