Skip to content

Add content write permissions for automated release #1814

Add content write permissions for automated release

Add content write permissions for automated release #1814

name: Integration tests
on:
push:
branches:
- main
tags:
- 'v*.*.*'
pull_request:
env:
CARGO_TERM_COLOR: always
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
rust-build:
runs-on: ubuntu-20.04
steps:
- name: Checkout branch
uses: actions/checkout@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
id: docker-cache
with:
path: /tmp/.buildx-cache
# Key is named differently to avoid collision
key: ${{ runner.os }}-multi-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-multi-buildx
- name: Container service login
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker metadata
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-orchestrator
- name: Build and push Docker image
uses: docker/build-push-action@v2
with:
context: ./orchestrator
builder: ${{ steps.buildx.outputs.name }}
file: orchestrator/Dockerfile
push: true
platforms: linux/amd64, linux/arm64/v8
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
- name: Move Docker cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
go-build:
permissions:
contents: read
packages: write
runs-on: ubuntu-20.04
steps:
- name: Set up Go 1.19
uses: actions/setup-go@v2
with:
go-version: 1.19
- name: checkout
uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
id: docker-cache
with:
path: /tmp/.buildx-cache
# Key is named differently to avoid collision
key: ${{ runner.os }}-multi-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-multi-buildx
- name: container-login
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: labels
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-gravity
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern=v{{version}}
- name: build-and-push
uses: docker/build-push-action@v2
with:
context: ./module
file: module/Dockerfile
push: true
platforms: linux/amd64, linux/arm64/v8
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
- name: Move Docker cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
solidity-build:
permissions:
contents: read
packages: write
runs-on: ubuntu-20.04
steps:
- name: checkout
uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
id: docker-cache
with:
path: /tmp/.buildx-cache
# Key is named differently to avoid collision
key: ${{ runner.os }}-multi-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-multi-buildx
- name: container-login
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: labels
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-solidity
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern=v{{version}}
- name: build-and-push
uses: docker/build-push-action@v2
with:
context: ./solidity
file: solidity/Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
- name: Move Docker cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
hardhat-build:
permissions:
contents: read
packages: write
runs-on: ubuntu-20.04
steps:
- name: checkout
uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v2
id: docker-cache
with:
path: /tmp/.buildx-cache
# Key is named differently to avoid collision
key: ${{ runner.os }}-multi-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-multi-buildx
- name: container-login
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: labels
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-hardhat
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern=v{{version}}
- name: build-and-push
uses: docker/build-push-action@v2
with:
context: integration_tests/ethereum
file: integration_tests/ethereum/Dockerfile
push: true
platforms: linux/amd64, linux/arm64/v8
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
- name: Move Docker cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
integration-tests:
environment: CI
runs-on: ubuntu-20.04
needs: [ rust-build, go-build, hardhat-build ]
strategy:
fail-fast: false
matrix:
test_type: [
"HappyPath",
"ValsetUpdate",
"ValidatorOut",
"TransactionStress",
]
steps:
- name: Set up Go 1.19
uses: actions/setup-go@v2
with:
go-version: 1.19
- name: checkout
uses: actions/checkout@v2
- name: go-cache
uses: actions/cache@v2
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('module/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: container-login
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: docker gravity metadata
id: meta-gravity
uses: docker/metadata-action@v3
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-gravity
- name: docker orchestrator metadata
id: meta-orchestrator
uses: docker/metadata-action@v3
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-orchestrator
- name: docker hardhat metadata
id: meta-hardhat
uses: docker/metadata-action@v3
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-hardhat
- name: pull gravity image
run: docker pull ${{ steps.meta-gravity.outputs.tags }}
- name: rename gravity image
run: docker tag ${{ steps.meta-gravity.outputs.tags }} gravity:prebuilt
- name: pull orchestrator image
run: docker pull ${{ steps.meta-orchestrator.outputs.tags }}
- name: rename orchestrator image
run: docker tag ${{ steps.meta-orchestrator.outputs.tags }} orchestrator:prebuilt
- name: pull hardhat image
run: docker pull ${{ steps.meta-hardhat.outputs.tags }}
- name: rename hardhat image
run: docker tag ${{ steps.meta-hardhat.outputs.tags }} ethereum:prebuilt
- name: clean slate
run: make e2e_clean_slate
- name: build go test binary
run: cd integration_tests && go test -c
- name: Run all up ci test
run: ./integration_tests/integration-tests.test -test.failfast -test.v -test.run IntegrationTestSuite -testify.m Test${{ matrix.test_type }}
env:
E2E_SKIP_CLEANUP: true
ARCHIVE_NODE_URL: https://eth-mainnet.alchemyapi.io/v2/${{ secrets.ALCHEMY_ID }}
- name: Clean up docker images
run: ./clean_slate.sh
- name: Remove testnet tempdir
run: sudo rm -rf gravity-bridge-e2e-testnet*