CD #53
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| sha: | |
| description: "partner-chains commit SHA to build from" | |
| required: true | |
| type: string | |
| tag: | |
| description: "partner-chains release tag" | |
| required: true | |
| type: string | |
| permissions: | |
| id-token: write | |
| contents: write | |
| packages: write | |
| env: | |
| AWS_REGION: "eu-central-1" | |
| SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| jobs: | |
| # build-linux: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # ref: ${{ inputs.sha }} | |
| # - name: Build and Upload for Linux | |
| # uses: ./.github/actions/artifacts/build-pc-artifacts | |
| # with: | |
| # tag: ${{ inputs.tag }} | |
| # os: linux | |
| # build-macos-x86_64: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # runs-on: macos-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # ref: ${{ inputs.sha }} | |
| # - name: Build and Upload for macOS x86_64 | |
| # uses: ./.github/actions/artifacts/build-pc-artifacts | |
| # with: | |
| # tag: ${{ inputs.tag }} | |
| # os: macos-x86_64 | |
| # build-macos-arm64: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # runs-on: macos-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # ref: ${{ inputs.sha }} | |
| # - name: Build and Upload for macOS arm64 | |
| # uses: ./.github/actions/artifacts/build-pc-artifacts | |
| # with: | |
| # tag: ${{ inputs.tag }} | |
| # os: macos-arm64 | |
| # build-and-publish-ecr: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # needs: build-linux | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Build and Publish to ECR | |
| # uses: ./.github/actions/images/build-and-publish-ecr | |
| # with: | |
| # sha: ${{ inputs.sha }} | |
| # tag: ${{ inputs.tag }} | |
| # env: | |
| # AWS_REGION: "eu-central-1" | |
| # ECR_REGISTRY_SECRET: ${{ secrets.ECR_REGISTRY_SECRET }} | |
| # AWS_ROLE_ARN_SECRET: ${{ secrets.AWS_ROLE_ARN_SECRET }} | |
| # SSH_KEY: ${{ secrets.SUBSTRATE_REPO_SSH_KEY }} | |
| # create-draft-release: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # needs: [build-linux, build-macos-x86_64, build-macos-arm64] | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Create Draft Release | |
| # uses: ./.github/actions/release/create-draft-release | |
| # with: | |
| # tag: ${{ inputs.tag }} | |
| # env: | |
| # GITHUB_TOKEN: ${{ github.token }} | |
| # generate-chain-specs: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # needs: build-linux | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Generate Chain Specs | |
| # uses: ./.github/actions/artifacts/generate-chain-specs | |
| # with: | |
| # tag: ${{ inputs.tag }} | |
| # upload-chain-specs: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # needs: generate-chain-specs | |
| # runs-on: [self-hosted, eks] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Upload chain spec artifacts to Kubernetes | |
| # uses: ./.github/actions/deploy/upload-chain-specs | |
| # with: | |
| # sha: ${{ github.sha }} | |
| # env: | |
| # kubeconfig_base64: ${{ secrets.kubeconfig_base64 }} | |
| # K8S_SERVER: ${{ secrets.K8S_SERVER }} | |
| # K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }} | |
| # deploy-staging-preview: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # needs: [build-and-publish-ecr, upload-chain-specs] | |
| # runs-on: [self-hosted, eks] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Deploy staging-preview | |
| # uses: ./.github/actions/deploy/deploy-staging-preview | |
| # with: | |
| # image: ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.sha }} | |
| # sha: ${{ github.sha }} | |
| # env: | |
| # AWS_REGION: "eu-central-1" | |
| # SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| # ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }} | |
| # AWS_ROLE_ARN_SECRET: ${{ secrets.AWS_ROLE_ARN_SECRET }} | |
| # ECR_REGISTRY_SECRET: ${{ secrets.ECR_REGISTRY_SECRET }} | |
| # kubeconfig_base64: ${{ secrets.kubeconfig_base64 }} | |
| # K8S_SERVER: ${{ secrets.K8S_SERVER }} | |
| # K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }} | |
| staging-preview-tests: | |
| permissions: | |
| id-token: write | |
| contents: write | |
| # needs: deploy-staging-preview | |
| runs-on: [self-hosted, eks] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Health check | |
| uses: ./.github/actions/tests/staging-preview-tests | |
| with: | |
| node-host: staging-preview-validator-1-service.staging-preview.svc.cluster.local | |
| node-port: 9933 | |
| env: | |
| SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| AWS_ROLE_ARN_: ${{ secrets.AWS_ROLE_ARN_ }} | |
| SSH_KEY_BINARY_HOST: ${{ secrets.SSH_KEY_BINARY_HOST }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| JIRA_URL: ${{ secrets.JIRA_URL }} | |
| ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }} | |
| kubeconfig_base64: ${{ secrets.kubeconfig_base64 }} | |
| K8S_SERVER: ${{ secrets.K8S_SERVER }} | |
| K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }} | |
| - name: Setup tests | |
| uses: ./.github/actions/tests/setup-python | |
| env: | |
| ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }} | |
| - name: Run smoke tests | |
| uses: ./.github/actions/tests/run-e2e-tests | |
| with: | |
| blockchain: substrate | |
| env: staging | |
| decrypt: true | |
| markers: "not active_flow and not passive_flow and (CD or rpc)" | |
| - name: Save deployment main chain epoch | |
| run: | | |
| echo "DEPLOYMENT_MC_EPOCH=$(curl -s http://staging-preview-services-service.staging-preview.svc.cluster.local:1337/health | jq .currentEpoch)" >> $GITHUB_ENV | |
| shell: bash | |
| - name: Run all tests (some skipped due to new deployment) | |
| uses: ./.github/actions/tests/run-e2e-tests | |
| with: | |
| blockchain: substrate | |
| env: staging | |
| decrypt: true | |
| markers: "not active_flow and not passive_flow" | |
| deployment_mc_epoch: ${{ env.DEPLOYMENT_MC_EPOCH }} | |
| # build-and-publish-ghcr: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # packages: write | |
| # needs: staging-preview-tests | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Build and Publish to GHCR | |
| # uses: ./.github/actions/images/build-and-publish-ghcr | |
| # with: | |
| # sha: ${{ inputs.sha }} | |
| # tag: ${{ inputs.tag }} | |
| # env: | |
| # GITHUB_ACTOR: ${{ github.actor }} | |
| # GITHUB_TOKEN: ${{ github.token }} | |
| # | |
| # publish-release: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # packages: write | |
| # needs: staging-preview-tests | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Publish Release | |
| # uses: ./.github/actions/release/publish-draft-release | |
| # with: | |
| # tag: ${{ inputs.tag }} | |
| # env: | |
| # GITHUB_TOKEN: ${{ github.token }} | |
| # | |
| # deploy-staging-preprod: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # needs: staging-preview-tests | |
| # runs-on: [self-hosted, eks] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Deploy staging-preprod | |
| # uses: ./.github/actions/deploy-staging-preprod | |
| # with: | |
| # image: ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.sha }} | |
| # chain-spec-secret: ${{ inputs.chain-spec-secret }} | |
| # env: | |
| # AWS_REGION: "eu-central-1" | |
| # SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| # ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }} | |
| # AWS_ROLE_ARN_SECRET: ${{ secrets.AWS_ROLE_ARN_SECRET }} | |
| # ECR_REGISTRY_SECRET: ${{ secrets.ECR_REGISTRY_SECRET }} | |
| # kubeconfig_base64: ${{ secrets.kubeconfig_base64 }} | |
| # K8S_SERVER: ${{ secrets.K8S_SERVER }} | |
| # K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }} | |
| # | |
| # staging-preprod-tests: | |
| # permissions: | |
| # id-token: write | |
| # contents: write | |
| # needs: deploy-staging-preprod | |
| # runs-on: [self-hosted, eks] | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Run Tests | |
| # uses: ./.github/actions/tests/staging-preprod-tests | |
| # with: | |
| # node-host: staging-preprod-validator-1.staging-preprod.svc.cluster.local | |
| # node-port: 9933 | |
| # env: | |
| # SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| # AWS_ROLE_ARN_: ${{ secrets.AWS_ROLE_ARN_ }} | |
| # SSH_KEY_BINARY_HOST: ${{ secrets.SSH_KEY_BINARY_HOST }} | |
| # SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| # JIRA_URL: ${{ secrets.JIRA_URL }} | |
| # ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }} | |
| # kubeconfig_base64: ${{ secrets.kubeconfig_base64 }} | |
| # K8S_SERVER: ${{ secrets.K8S_SERVER }} | |
| # K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }} |