feat: cicd.yml

Skylar Simoncelli · Skylar Simoncelli · commit 1b3c48763300 · 2024-09-16T18:37:27.000+03:00
diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
@@ -0,0 +1,343 @@
+name: Build, test, release and deploy 
+
+on:
+  workflow_dispatch:
+    inputs:
+      partner_chains_sha:
+        description: "partner-chains commit SHA or branch to build from"
+      partner-chains-tag:
+        description: "partner-chains release tag"
+        required: true
+
+jobs:
+  partner-chains-linux:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set filename variables
+        id: set-filenames
+        run: |
+          echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV
+          echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.partner_chains_sha }}
+
+      - name: Acquire AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN_SECRET }}
+          aws-region: ${{ env.AWS_REGION }}
+  
+      - name: Login to ECR
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.ECR_REGISTRY_SECRET }}
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y protobuf-compiler
+          curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
+          source $HOME/.cargo/env
+          rustup target add x86_64-unknown-linux-gnu
+
+      - name: Build partner-chains-node
+        run: |
+          rustup target add x86_64-unknown-linux-gnu
+          cargo build -p partner-chains-node --locked --release --target x86_64-unknown-linux-gnu
+          cp target/x86_64-unknown-linux-gnu/release/partner-chains-node $PARTNER_CHAINS_NODE_X86_64_LINUX
+          chmod +x $PARTNER_CHAINS_NODE_X86_64_LINUX
+
+      - name: Run tests
+        run: cargo test --locked --release --target x86_64-unknown-linux-gnu
+
+      - name: Generate Chain Specs
+        run: |
+          chmod +x ./partner-chains-node
+          source ./devnet/.envrc
+          ./partner-chains-node build-spec --chain local --disable-default-bootnode --raw > devnet_chain_spec.json
+          source ./staging/.envrc
+          ./partner-chains-node build-spec --chain staging --disable-default-bootnode --raw > staging_chain_spec.json
+
+      - name: Create and Configure Docker Container
+        id: create-container
+        run: |
+          container_id=$(docker run -d debian:bullseye-slim sleep infinity)
+          echo "container_id=$container_id" >> $GITHUB_ENV
+          docker exec $container_id useradd -m -u 1000 -U -s /bin/sh -d /substrate substrate
+          docker exec $container_id mkdir -p /data /substrate/.local/share/partner-chains-node
+          docker exec $container_id chown -R substrate:substrate /data /substrate
+          docker exec $container_id rm -rf /usr/bin/apt* /usr/bin/dpkg*
+          docker exec $container_id ln -s /data /substrate/.local/share/partner-chains-node
+          docker cp ./partner-chains-node $container_id:/usr/local/bin/partner-chains-node
+          docker commit --change='EXPOSE 30333 9615 9933 9944' --change='ENTRYPOINT ["/usr/local/bin/partner-chains-node"]' $container_id substrate-node:${{ github.sha }}
+  
+      - name: Cleanup Docker Container
+        if: always()
+        run: |
+          docker rm -f ${{ env.container_id }}
+
+      - name: Build partner-chains-cli
+        run: |
+          rustup target add x86_64-unknown-linux-gnu
+          cargo build -p partner-chains-cli --locked --release --target x86_64-unknown-linux-gnu
+          cp target/x86_64-unknown-linux-gnu/release/partner-chains-cli $PARTNER_CHAINS_CLI_X86_64_LINUX
+          chmod +x $PARTNER_CHAINS_CLI_X86_64_LINUX
+
+      - name: Push to ECR
+        run: |
+          docker tag substrate-node:${{ github.sha }} ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ github.sha }}
+          docker push ${{ secrets.ECR_REGISTRY_SECRET }}/substrate-node:${{ github.sha }}
+
+      - name: Upload partner-chains-cli-x86_64-linux
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}
+          path: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}
+
+      - name: Upload partner-chains-node-x86_64-linux
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}
+          path: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}
+
+      - name: Upload chain spec artifacts
+        uses: actions/upload-artifact@v4
+        if: ${{ github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'ci-off') }}
+        with:
+          name: chain-specs
+          path: |
+            ./devnet_chain_spec.json
+            ./staging_chain_spec.json
+
+  partner-chains-macos-x86_64:
+    runs-on: macos-latest
+    steps:
+      - name: Set filename variables
+        id: set-filenames
+        run: |
+          echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV
+          echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.partner_chains_sha }}
+
+      - name: Install protoc
+        run: |
+          curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v21.3/protoc-21.3-osx-x86_64.zip
+          unzip protoc-21.3-osx-x86_64.zip -d $HOME/protoc
+          sudo mv $HOME/protoc/bin/protoc /usr/local/bin/protoc
+
+      - name: Build partner-chains-node
+        run: |
+          rustup target add x86_64-apple-darwin
+          cargo build -p partner-chains-node --locked --release --target x86_64-apple-darwin
+          cp target/x86_64-apple-darwin/release/partner-chains-node $PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN
+          chmod +x $PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN
+
+      - name: Build partner-chains-cli
+        run: |
+          rustup target add x86_64-apple-darwin
+          cargo build -p partner-chains-cli --locked --release --target x86_64-apple-darwin
+          cp target/x86_64-apple-darwin/release/partner-chains-cli $PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN
+          chmod +x $PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN
+
+      - name: Upload partner-chains-cli-x86_64-apple-darwin
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}
+          path: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}
+
+      - name: Upload partner-chains-node-x86_64-apple-darwin
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}
+          path: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}
+
+  partner-chains-macos-arm64:
+    runs-on: macos-latest
+    steps:
+      - name: Set filename variables
+        id: set-filenames
+        run: |
+          echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV
+          echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.partner_chains_sha }}
+
+      - name: Install protoc
+        run: |
+          curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v21.3/protoc-21.3-osx-aarch_64.zip
+          unzip protoc-21.3-osx-aarch_64.zip -d $HOME/protoc
+          sudo mv $HOME/protoc/bin/protoc /usr/local/bin/protoc
+
+      - name: Build partner-chains-node
+        run: |
+          rustup target add aarch64-apple-darwin
+          cargo build -p partner-chains-node --locked --release --target aarch64-apple-darwin
+          cp target/aarch64-apple-darwin/release/partner-chains-node $PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN
+          chmod +x $PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN
+
+      - name: Build partner-chains-cli
+        run: |
+          rustup target add aarch64-apple-darwin
+          cargo build -p partner-chains-cli --locked --release --target aarch64-apple-darwin
+          cp target/aarch64-apple-darwin/release/partner-chains-cli $PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN
+          chmod +x $PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN
+
+      - name: Upload partner-chains-cli-aarch64-apple-darwin
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}
+          path: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}
+
+      - name: Upload partner-chains-node-aarch64-apple-darwin
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}
+          path: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}
+
+  partner-chains-smart-contracts-x86_64-linux:
+    runs-on: [self-hosted, nixos]
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.partner_chains_smart_contracts_sha }}
+
+      - name: Build
+        run: nix build ./#sidechain-release-bundle
+
+      - name: Upload Artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: partner-chains-smart-contracts-x86_64-linux
+          path: result/release.zip
+
+  partner-chains-smart-contracts-process:
+    runs-on: ubuntu-latest
+    needs: [partner-chains-smart-contracts-x86_64-linux]
+    steps:
+      - name: Download x86_64-linux artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: partner-chains-smart-contracts-x86_64-linux
+          path: ./x86_64-linux
+
+      - name: Unzip release.zip
+        run: |
+          mkdir -p ./x86_64-linux/unzipped
+          unzip ./x86_64-linux/release.zip -d ./x86_64-linux/unzipped
+
+  local-environment:          
+    runs-on: ubuntu-latest
+    needs: [partner-chains-linux, partner-chains-macos-x86_64, partner-chains-macos-arm64]
+    steps:
+
+
+
+  release:
+    runs-on: ubuntu-latest
+    needs: [local-environment]
+    steps:
+      - name: Set filename variables
+        id: set-filenames
+        run: |
+          echo "PARTNER_CHAINS_CLI_X86_64_LINUX=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV
+          echo "PARTNER_CHAINS_NODE_X86_64_LINUX=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-linux" >> $GITHUB_ENV
+          echo "PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV
+          echo "PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-x86_64-apple-darwin" >> $GITHUB_ENV
+          echo "PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN=partner-chains-cli-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV
+          echo "PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN=partner-chains-node-${{ github.event.inputs.partner-chains-tag }}-aarch64-apple-darwin" >> $GITHUB_ENV
+  
+      - name: Download Linux CLI artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}
+          path: artifact-linux/
+  
+      - name: Download Linux NODE artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}
+          path: artifact-linux/
+  
+      - name: Download macOS x86_64 CLI artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}
+          path: artifact-macos-x86_64/
+  
+      - name: Download macOS x86_64 NODE artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}
+          path: artifact-macos-x86_64/
+  
+      - name: Download macOS ARM64 CLI artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}
+          path: artifact-macos-arm64/
+  
+      - name: Download macOS ARM64 NODE artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}
+          path: artifact-macos-arm64/
+  
+      - name: Check if release already exists
+        id: check_release
+        run: |
+          tag="${{ github.event.inputs.partner-chains-tag }}"
+          release_response=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+                            "https://api.github.com/repos/${{ github.repository }}/releases/tags/$tag")
+          if echo "$release_response" | grep -q '"message": "Not Found"'; then
+            echo "release_exists=false" >> $GITHUB_ENV
+            echo "::set-output name=release_exists::false"
+          else
+            echo "release_exists=true" >> $GITHUB_ENV
+            echo "::set-output name=release_exists::true"
+            echo "release_id=$(echo $release_response | jq -r .id)" >> $GITHUB_ENV
+            echo "::set-output name=release_id::$(echo $release_response | jq -r .id)"
+          fi
+  
+      - name: Create draft release
+        id: create_release
+        if: ${{ steps.check_release.outputs.release_exists == 'false' }}
+        run: |
+          tag="${{ github.event.inputs.partner-chains-tag }}"
+          release_response=$(curl -s -X POST -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+                            -d '{"tag_name": "'$tag'", "name": "'$tag'", "body": "Draft release for '$tag'", "draft": true}' \
+                            "https://api.github.com/repos/${{ github.repository }}/releases")
+          echo "release_id=$(echo $release_response | jq -r .id)" >> $GITHUB_ENV
+          echo "::set-output name=release_id::$(echo $release_response | jq -r .id)"
+  
+      - name: Upload artifacts to release
+        if: ${{ steps.check_release.outputs.release_exists == 'true' || steps.create_release.outputs.release_id != '' }}
+        run: |
+          release_id="${{ steps.create_release.outputs.release_id }}"
+          if [ -z "$release_id" ]; then
+            release_id="${{ steps.check_release.outputs.release_id }}"
+          fi
+  
+          for artifact in "artifact-linux/${{ env.PARTNER_CHAINS_CLI_X86_64_LINUX }}" \
+                          "artifact-linux/${{ env.PARTNER_CHAINS_NODE_X86_64_LINUX }}" \
+                          "artifact-macos-x86_64/${{ env.PARTNER_CHAINS_CLI_X86_64_APPLE_DARWIN }}" \
+                          "artifact-macos-x86_64/${{ env.PARTNER_CHAINS_NODE_X86_64_APPLE_DARWIN }}" \
+                          "artifact-macos-arm64/${{ env.PARTNER_CHAINS_CLI_AARCH64_APPLE_DARWIN }}" \
+                          "artifact-macos-arm64/${{ env.PARTNER_CHAINS_NODE_AARCH64_APPLE_DARWIN }}"; do
+            chmod +x "$artifact"
+            curl -s -X POST \
+              -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+              -H "Content-Type: application/octet-stream" \
+              --data-binary @"$artifact" \
+              "https://uploads.github.com/repos/${{ github.repository }}/releases/$release_id/assets?name=$(basename $artifact)"
+          done
