Skip to content

feat(governance): 🧊 test that community pool spend proposals can be d… #2237

feat(governance): 🧊 test that community pool spend proposals can be d…

feat(governance): 🧊 test that community pool spend proposals can be d… #2237

---
# Deploys the latest changes on 'main' branch, via a container
# image tagged with 'main', to testnet-preview.penumbra.zone.
name: Deploy testnet-preview.penumbra.zone
on:
workflow_dispatch:
inputs:
image_tag:
description: 'Docker image tag to deploy'
# The container tag "main" comes from the name of the main branch.
# It's important we deploy this tag for preview, rather than "latest",
# as "latest" maps to the most recent tag (i.e. weekly testnet).
default: "main"
required: true
push:
branches:
- main
# Cancel any pending preview deploys, in favor of a newer PR
# that was just merged.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
# Don't cancel mid-run, as an interrupted `helmfile sync` can create broken release
# states in the kube API server that require manual cleanup.
cancel-in-progress: false
jobs:
build-container:
name: Build container for preview
uses: ./.github/workflows/containers.yml
secrets: inherit
deploy:
name: Deploy preview to cluster
permissions:
contents: 'read'
id-token: 'write'
needs:
- build-container
runs-on: ubuntu-latest
timeout-minutes: 30
environment: testnet-preview
steps:
- name: checkout
uses: actions/checkout@v4
- id: gcloudauth
uses: google-github-actions/auth@v2
with:
workload_identity_provider: 'projects/1006847873719/locations/global/workloadIdentityPools/gh-runner-pool/providers/my-provider'
service_account: '[email protected]'
- name: get gke credentials
uses: google-github-actions/get-gke-credentials@v2
with:
cluster_name: testnet
project_id: penumbra-sl-testnet
location: us-central1
- name: install helmfile
uses: mamezou-tech/[email protected]
with:
helmfile-version: "v0.157.0"
- name: deploy
run: |-
export PATH="$HOME/bin:$PATH"
cd deployments/
export PENUMBRA_VERSION='main'
export HELM_RELEASE='penumbra-preview'
./ci.sh
- name: bounce metrics
run: kubectl rollout restart deployment penumbra-preview-metrics
- name: bounce grpcui
run: kubectl rollout restart deployment grpcui-preview
# Deploys a standalone instance of pd,
# specifically to exercise the auto-https direct-serve logic.
standalone:
name: deploy standalone pd node, preview
permissions:
contents: 'read'
id-token: 'write'
needs:
- deploy
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: configure ssh identity
run: |-
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "$SSH_PRIVKEY" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
echo "$SSH_HOSTKEYS" > ~/.ssh/known_hosts
env:
# In order to generate the hostkey material:
#
# echo > hostkeys.txt
# ssh-keyscan -H solo-pd.testnet-preview.plinfra.net | tee -a hostkeys.txt
# ssh-keyscan -H solo-pd.testnet.plinfra.net | tee -a hostkeys.txt
#
# Then paste the contents of that file into `secrets.CI_RUNNER_SSH_HOSTKEYS`,
# so it's consumable via this step.
SSH_PRIVKEY: ${{ secrets.CI_RUNNER_SSH_PRIVKEY }}
SSH_HOSTKEYS: ${{ secrets.CI_RUNNER_SSH_HOSTKEYS }}
- name: deploy
shell: bash
run: |-
export PENUMBRA_VERSION="main"
export PENUMBRA_ENVIRONMENT="penumbra-preview"
./deployments/scripts/redeploy-ci-fullnode-via-runner