CD #62

Workflow file for this run

	name: CD

	on:
	workflow_dispatch:
	inputs:
	sha:
	description: "partner-chains commit SHA to build from"
	required: true
	type: string
	tag:
	description: "partner-chains release tag"
	required: true
	type: string

	permissions:
	id-token: write
	contents: write
	packages: write

	env:
	AWS_REGION: "eu-central-1"
	SSH_AUTH_SOCK: /tmp/ssh_agent.sock
	STAGING_PREVIEW_SERVICES_HOST: staging-preview-services-service.staging-preview.svc.cluster.local
	STAGING_PREVIEW_VALIDATOR_1_HOST: staging-preview-validator-1-service.staging-preview.svc.cluster.local
	STAGING_PREVIEW_VALIDATOR_1_PORT: 9933

	jobs:
	# build-linux:
	# permissions:
	# id-token: write
	# contents: write
	# runs-on: ubuntu-latest
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# with:
	# ref: ${{ inputs.sha }}
	# - name: Build and Upload for Linux
	# uses: ./.github/actions/artifacts/build-pc-artifacts
	# with:
	# tag: ${{ inputs.tag }}
	# os: linux

	# build-macos-x86_64:
	# permissions:
	# id-token: write
	# contents: write
	# runs-on: macos-latest
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# with:
	# ref: ${{ inputs.sha }}
	# - name: Build and Upload for macOS x86_64
	# uses: ./.github/actions/artifacts/build-pc-artifacts
	# with:
	# tag: ${{ inputs.tag }}
	# os: macos-x86_64

	# build-macos-arm64:
	# permissions:
	# id-token: write
	# contents: write
	# runs-on: macos-latest
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# with:
	# ref: ${{ inputs.sha }}
	# - name: Build and Upload for macOS arm64
	# uses: ./.github/actions/artifacts/build-pc-artifacts
	# with:
	# tag: ${{ inputs.tag }}
	# os: macos-arm64

	# build-and-publish-ecr:
	# permissions:
	# id-token: write
	# contents: write
	# needs: build-linux
	# runs-on: ubuntu-latest
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# - name: Build and Publish to ECR
	# uses: ./.github/actions/images/build-and-publish-ecr
	# with:
	# sha: ${{ inputs.sha }}
	# tag: ${{ inputs.tag }}
	# env:
	# AWS_REGION: "eu-central-1"
	# ECR_REGISTRY_SECRET: ${{ secrets.ECR_REGISTRY_SECRET }}
	# AWS_ROLE_ARN_SECRET: ${{ secrets.AWS_ROLE_ARN_SECRET }}
	# SSH_KEY: ${{ secrets.SUBSTRATE_REPO_SSH_KEY }}

	# create-draft-release:
	# permissions:
	# id-token: write
	# contents: write
	# needs: [build-linux, build-macos-x86_64, build-macos-arm64]
	# runs-on: ubuntu-latest
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# - name: Create Draft Release
	# uses: ./.github/actions/release/create-draft-release
	# with:
	# tag: ${{ inputs.tag }}
	# env:
	# GITHUB_TOKEN: ${{ github.token }}

	# generate-chain-specs:
	# permissions:
	# id-token: write
	# contents: write
	# needs: build-linux
	# runs-on: ubuntu-latest
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# - name: Generate Chain Specs
	# uses: ./.github/actions/artifacts/generate-chain-specs
	# with:
	# tag: ${{ inputs.tag }}

	# upload-chain-specs:
	# permissions:
	# id-token: write
	# contents: write
	# needs: generate-chain-specs
	# runs-on: [self-hosted, eks]
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# - name: Upload chain spec artifacts to Kubernetes
	# uses: ./.github/actions/deploy/upload-chain-specs
	# with:
	# sha: ${{ github.sha }}
	# env:
	# kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	# K8S_SERVER: ${{ secrets.K8S_SERVER }}
	# K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}

	# deploy-staging-preview:
	# permissions:
	# id-token: write
	# contents: write
	# needs: [build-and-publish-ecr, upload-chain-specs]
	# runs-on: [self-hosted, eks]
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# - name: Deploy staging-preview
	# uses: ./.github/actions/deploy/deploy-staging-preview
	# with:
	# image: ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.sha }}
	# sha: ${{ github.sha }}
	# env:
	# AWS_REGION: "eu-central-1"
	# SSH_AUTH_SOCK: /tmp/ssh_agent.sock
	# ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }}
	# AWS_ROLE_ARN_SECRET: ${{ secrets.AWS_ROLE_ARN_SECRET }}
	# ECR_REGISTRY_SECRET: ${{ secrets.ECR_REGISTRY_SECRET }}
	# kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	# K8S_SERVER: ${{ secrets.K8S_SERVER }}
	# K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}

	deploy-staging-preview:
	runs-on: [self-hosted, eks]
	steps:
	- name: Deploy
	run: \|
	echo "Deploying staging-preview... 🚀"
	echo "Done! 🎉"
	shell: bash

	partner-chain-ready:
	runs-on: [self-hosted, eks]
	needs: deploy-staging-preview
	outputs:
	deployment_mc_epoch: ${{ steps.mc-epoch.outputs.deployment_mc_epoch }}
	steps:
	- name: Set deployment main chain epoch
	id: mc-epoch
	run: echo "deployment_mc_epoch=$(curl -s http://$STAGING_PREVIEW_SERVICES_HOST:1337/health \| jq .currentEpoch)" >> $GITHUB_OUTPUT
	shell: bash
	- name: Check Finalization Status
	run: \|
	FINALIZED_NUMBER=$(
	curl -s -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","method":"chain_getFinalizedHead","params":[],"id":"1"}' http://$STAGING_PREVIEW_VALIDATOR_1_HOST:$STAGING_PREVIEW_VALIDATOR_1_PORT \|
	jq -r ".result" \|
	xargs -I {} curl -s -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","method":"chain_getHeader","params":["{}"],"id":"1"}' http://$STAGING_PREVIEW_VALIDATOR_1_HOST:$STAGING_PREVIEW_VALIDATOR_1_PORT \|
	jq -r ".result.number" \| xargs printf "%d"
	)
	if [ "$FINALIZED_NUMBER" -gt 0 ]; then
	echo "Blocks are being finalized. Finalized Block Number: $FINALIZED_NUMBER"
	else
	echo "No blocks are being finalized. Finalized Block Number: $FINALIZED_NUMBER"
	exit 1
	fi
	shell: bash

	run-smoke-tests:
	permissions:
	id-token: write
	contents: read
	needs: partner-chain-ready
	runs-on: [self-hosted, eks]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup tests
	uses: ./.github/actions/tests/setup-python
	env:
	ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }}
	kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	K8S_SERVER: ${{ secrets.K8S_SERVER }}
	K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}
	- name: Run smoke tests
	uses: ./.github/actions/tests/run-e2e-tests
	with:
	blockchain: substrate
	env: staging
	decrypt: true
	markers: "not active_flow and not passive_flow and (CD or rpc)"

	run-all-tests:
	permissions:
	id-token: write
	contents: read
	needs: run-smoke-tests
	runs-on: [self-hosted, eks]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup tests
	uses: ./.github/actions/tests/setup-python
	env:
	ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }}
	kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	K8S_SERVER: ${{ secrets.K8S_SERVER }}
	K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}
	- name: Run all tests (some skipped due to new deployment)
	uses: ./.github/actions/tests/run-e2e-tests
	env:
	DEPLOYMENT_MC_EPOCH: ${{needs.partner-chain-ready.outputs.deployment_mc_epoch}}
	with:
	blockchain: substrate
	env: staging
	decrypt: true
	markers: "not active_flow and not passive_flow"
	deployment_mc_epoch: $DEPLOYMENT_MC_EPOCH

	wait-for-n1-epoch:
	permissions:
	id-token: write
	contents: read
	needs: partner-chain-ready
	runs-on: [self-hosted, eks]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Configure kubectl
	uses: ./.github/actions/tests/configure-kubectl
	env:
	kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	K8S_SERVER: ${{ secrets.K8S_SERVER }}
	K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}
	- name: Set MC epoch to wait for
	id: increment-epoch
	env:
	DEPLOYMENT_MC_EPOCH: ${{needs.partner-chain-ready.outputs.deployment_mc_epoch}}
	run: \|
	echo "Current epoch: $DEPLOYMENT_MC_EPOCH"
	incremented_epoch=$((DEPLOYMENT_MC_EPOCH + 1))
	echo "Incremented epoch: $incremented_epoch"
	echo "mc_epoch_to_wait_for=$incremented_epoch" >> $GITHUB_OUTPUT
	- name: Wait for next MC epoch
	uses: ./.github/actions/tests/wait-for-epoch
	with:
	epoch: ${{ steps.increment-epoch.outputs.mc_epoch_to_wait_for }}
	deployment: kubernetes
	node: staging-preview-validator-1
	environment: staging-preview

	run-all-tests-on-n1-epoch:
	permissions:
	id-token: write
	contents: read
	needs: wait-for-n1-epoch
	runs-on: [self-hosted, eks]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup tests
	uses: ./.github/actions/tests/setup-python
	env:
	ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }}
	kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	K8S_SERVER: ${{ secrets.K8S_SERVER }}
	K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}
	- name: Run all tests (some skipped due to new deployment)
	uses: ./.github/actions/tests/run-e2e-tests
	env:
	DEPLOYMENT_MC_EPOCH: ${{needs.partner-chain-ready.outputs.deployment_mc_epoch}}
	with:
	blockchain: substrate
	env: staging
	decrypt: true
	latest_mc_epoch: true
	markers: "not active_flow and not passive_flow"
	deployment_mc_epoch: $DEPLOYMENT_MC_EPOCH

	wait-for-n2-epoch:
	permissions:
	id-token: write
	contents: read
	needs: wait-for-n1-epoch
	runs-on: [self-hosted, eks]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Configure kubectl
	uses: ./.github/actions/tests/configure-kubectl
	env:
	kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	K8S_SERVER: ${{ secrets.K8S_SERVER }}
	K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}
	- name: Set MC epoch to wait for
	id: increment-epoch
	env:
	DEPLOYMENT_MC_EPOCH: ${{needs.partner-chain-ready.outputs.deployment_mc_epoch}}
	run: \|
	echo "Current epoch: $DEPLOYMENT_MC_EPOCH"
	incremented_epoch=$((DEPLOYMENT_MC_EPOCH + 2))
	echo "Incremented epoch: $incremented_epoch"
	echo "mc_epoch_to_wait_for=$incremented_epoch" >> $GITHUB_OUTPUT
	- name: Wait for next MC epoch
	uses: ./.github/actions/tests/wait-for-epoch
	with:
	epoch: ${{ steps.increment-epoch.outputs.mc_epoch_to_wait_for }}
	deployment: kubernetes
	node: staging-preview-validator-1
	environment: staging-preview

	run-all-tests-on-n2-epoch:
	permissions:
	id-token: write
	contents: read
	needs: wait-for-n1-epoch
	runs-on: [self-hosted, eks]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup tests
	uses: ./.github/actions/tests/setup-python
	env:
	ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }}
	kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	K8S_SERVER: ${{ secrets.K8S_SERVER }}
	K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}
	- name: Run all tests (no skipped tests)
	uses: ./.github/actions/tests/run-e2e-tests
	env:
	DEPLOYMENT_MC_EPOCH: ${{needs.partner-chain-ready.outputs.deployment_mc_epoch}}
	with:
	blockchain: substrate
	env: staging
	decrypt: true
	latest_mc_epoch: true
	markers: "not active_flow and not passive_flow"
	deployment_mc_epoch: $DEPLOYMENT_MC_EPOCH

	# build-and-publish-ghcr:
	# permissions:
	# id-token: write
	# contents: write
	# packages: write
	# needs: staging-preview-tests
	# runs-on: ubuntu-latest
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# - name: Build and Publish to GHCR
	# uses: ./.github/actions/images/build-and-publish-ghcr
	# with:
	# sha: ${{ inputs.sha }}
	# tag: ${{ inputs.tag }}
	# env:
	# GITHUB_ACTOR: ${{ github.actor }}
	# GITHUB_TOKEN: ${{ github.token }}
	#
	# publish-release:
	# permissions:
	# id-token: write
	# contents: write
	# packages: write
	# needs: staging-preview-tests
	# runs-on: ubuntu-latest
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# - name: Publish Release
	# uses: ./.github/actions/release/publish-draft-release
	# with:
	# tag: ${{ inputs.tag }}
	# env:
	# GITHUB_TOKEN: ${{ github.token }}
	#
	# deploy-staging-preprod:
	# permissions:
	# id-token: write
	# contents: write
	# needs: staging-preview-tests
	# runs-on: [self-hosted, eks]
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# - name: Deploy staging-preprod
	# uses: ./.github/actions/deploy-staging-preprod
	# with:
	# image: ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ inputs.sha }}
	# chain-spec-secret: ${{ inputs.chain-spec-secret }}
	# env:
	# AWS_REGION: "eu-central-1"
	# SSH_AUTH_SOCK: /tmp/ssh_agent.sock
	# ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }}
	# AWS_ROLE_ARN_SECRET: ${{ secrets.AWS_ROLE_ARN_SECRET }}
	# ECR_REGISTRY_SECRET: ${{ secrets.ECR_REGISTRY_SECRET }}
	# kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	# K8S_SERVER: ${{ secrets.K8S_SERVER }}
	# K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}
	#
	# staging-preprod-tests:
	# permissions:
	# id-token: write
	# contents: write
	# needs: deploy-staging-preprod
	# runs-on: [self-hosted, eks]
	# steps:
	# - name: Checkout
	# uses: actions/checkout@v4
	# - name: Run Tests
	# uses: ./.github/actions/tests/staging-preprod-tests
	# with:
	# node-host: staging-preprod-validator-1.staging-preprod.svc.cluster.local
	# node-port: 9933
	# env:
	# SSH_AUTH_SOCK: /tmp/ssh_agent.sock
	# AWS_ROLE_ARN_: ${{ secrets.AWS_ROLE_ARN_ }}
	# SSH_KEY_BINARY_HOST: ${{ secrets.SSH_KEY_BINARY_HOST }}
	# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
	# JIRA_URL: ${{ secrets.JIRA_URL }}
	# ACTIONS_PAT: ${{ secrets.ACTIONS_PAT }}
	# kubeconfig_base64: ${{ secrets.kubeconfig_base64 }}
	# K8S_SERVER: ${{ secrets.K8S_SERVER }}
	# K8S_SA_TOKEN: ${{ secrets.K8S_SA_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CD #62

Workflow file

CD #62

Jobs

Run details

Workflow file for this run