diff --git a/.github/actions/yamllint/action.yml b/.github/actions/yamllint/action.yml index 0051d56..8ebe309 100644 --- a/.github/actions/yamllint/action.yml +++ b/.github/actions/yamllint/action.yml @@ -6,7 +6,7 @@ description: "Lint yaml code with yamllint" runs: using: "composite" steps: - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: "3.x" architecture: x64 diff --git a/.github/workflows/reusable_create_release_tracking_epic.yml b/.github/workflows/reusable_create_release_tracking_epic.yml new file mode 100644 index 0000000..2b98b76 --- /dev/null +++ b/.github/workflows/reusable_create_release_tracking_epic.yml @@ -0,0 +1,117 @@ +name: Create Release Tracking Epic + +# This workflow creates an EPIC for tracking the deployment of a release to +# testnets and mainnet. +# +# Example workflow to be used in repository calling this workflow. +# This would trigger on published releases +# +# name: Release Trigger Issue +# on: +# release: +# types: [published] +# jobs: +# trigger_issue: +# uses: celestiaorg/.github/.github/workflows/reusable_release_tracking_epic.yml +# secrets: inherit +# with: +# release-repo: ${{ github.repository }} +# release-version: ${{ github.event.release.tag_name }} +# + +on: + # workflow_dispatch is used to manually test this workflow + workflow_dispatch: + inputs: + release-repo: + required: true + type: string + description: "Which repo is triggering this release?" + release-version: + required: true + type: string + description: "What is the version triggering this release?" + # workflow_call is the primary trigger to be used for this workflow + workflow_call: + inputs: + release-repo: + required: true + type: string + description: "Which repo is triggering this release?" + release-version: + required: true + type: string + description: "What is the version triggering this release?" + +jobs: + create_issue: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - uses: dacbd/create-issue-action@v2 + id: create-issue + with: + # This is an org level secret. No changes needed at the repo level + token: ${{ secrets.CREATE_RELEASE_EPIC }} + owner: celestiaorg + # Create the tracking issue in devops as devops is responsible for + # updating the networks + repo: devops + # Currently unable to assign a group to an issue, so assigning MSevey + # as issue owner. + assignees: MSevey + # Title and body and free to change based on the team's needs + title: ${{inputs.release-repo}} ${{inputs.release-version}} Release Deployment Tracking + body: | + ## Release Checklist + ```[tasklist] + ### Pre-work + - [ ] Confirm release tested on Robusta + - [ ] App and Node compatibility confirmed (protocol team) + - [ ] Release notes reviewed + ``` + ```[tasklist] + ### Stage 1: Arabica + - [ ] Prepare deployment to Arabica + - [ ] Prepare announcement for Arabica + - [ ] Deploy to Arabica + - [ ] Verify release on Arabica (protocol team) + - [ ] Docs updated for release for Arabica + - [ ] Announce release for Arabica + ``` + ```[tasklist] + ### Stage 2: Mocha + - [ ] Prepare deployment to Mocha + - [ ] Prepare announcement for Mocha + - [ ] Deploy to Mocha + - [ ] Verify release on Mocha (protocol team) + - [ ] Docs updated for release for Mocha + - [ ] Announce release for Mocha + ``` + ```[tasklist] + ### Stage 3: Mainnet + - [ ] Prepare deployment for mainnet + - [ ] Prepare announcement for mainnet + - [ ] Deploy to mainnet + - [ ] Verify release on mainnet (protocol team) + - [ ] Docs updated for release for mainnet + - [ ] Announce release for mainnet + ``` + cc @celestiaorg/devops + + - uses: ravsamhq/notify-slack-action@v2 + with: + status: ${{ job.status }} + token: ${{ secrets.GITHUB_TOKEN }} + notification_title: "New Release for Deployment" + message_format: "{emoji} *{workflow}* {status_message} in <{repo_url}|{repo}>" + footer: "Linked Issue <${{steps.create-issue.outputs.html_url}}>" + # This is the devops user group + mention_groups: "S04MZ965WQZ" + env: + # This is an org level secret and is currently set to #releases in + # slack + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_RELEASE_CHANNEL }} diff --git a/.github/workflows/reusable_dockerfile_pipeline.yml b/.github/workflows/reusable_dockerfile_pipeline.yml index ef8823a..8f7fcee 100644 --- a/.github/workflows/reusable_dockerfile_pipeline.yml +++ b/.github/workflows/reusable_dockerfile_pipeline.yml @@ -12,6 +12,15 @@ on: required: false type: string description: "You can specify a different package name." + dockerContext: + required: false + type: string + description: "The docker context" + default: "." + checkout_ref: + required: false + type: string + description: "Specific checkout reference" env: GITHUB_REG: ghcr.io @@ -31,6 +40,8 @@ jobs: steps: - name: Checkout uses: "actions/checkout@v4" + with: + ref: ${{ inputs.checkout_ref }} - name: Add vars to ENV id: setting_env @@ -143,6 +154,8 @@ jobs: steps: - name: Checkout uses: "actions/checkout@v4" + with: + ref: ${{ inputs.checkout_ref }} - name: Build uses: docker/build-push-action@v5 @@ -150,7 +163,7 @@ jobs: OUTPUT_SHORT_SHA: ${{ needs.prepare-env.outputs.output_short_sha }} OUTPUT_IMAGE_NAME: ${{ needs.prepare-env.outputs.output_image_name }} with: - context: . + context: ${{ inputs.dockerContext}} push: false platforms: linux/amd64 # we're building the container before the scan, use the short sha tag @@ -222,6 +235,8 @@ jobs: - name: Checkout if: ${{ steps.run_check.outputs.run == 'true'}} uses: "actions/checkout@v4" + with: + ref: ${{ inputs.checkout_ref }} - name: Login to ${{ matrix.registry.name }} if: ${{ steps.run_check.outputs.run == 'true'}} @@ -276,7 +291,7 @@ jobs: OUTPUT_SHORT_SHA: ${{ needs.prepare-env.outputs.output_short_sha }} OUTPUT_IMAGE_NAME: ${{ needs.prepare-env.outputs.output_image_name }} with: - context: . + context: ${{ inputs.dockerContext}} platforms: linux/arm64,linux/amd64 provenance: false push: true @@ -296,7 +311,7 @@ jobs: OUTPUT_SHORT_SHA: ${{ needs.prepare-env.outputs.output_short_sha }} OUTPUT_IMAGE_NAME: ${{ needs.prepare-env.outputs.output_image_name }} with: - context: . + context: ${{ inputs.dockerContext}} platforms: linux/amd64 provenance: false # Only push if the head and base repos match, meaning it is not a fork diff --git a/.github/workflows/reusable_housekeeping.yml b/.github/workflows/reusable_housekeeping.yml index 58d6117..80d6e52 100644 --- a/.github/workflows/reusable_housekeeping.yml +++ b/.github/workflows/reusable_housekeeping.yml @@ -82,7 +82,7 @@ jobs: if: ${{ inputs.run-projects }} runs-on: ubuntu-latest steps: - - uses: actions/add-to-project@v0.5.0 + - uses: actions/add-to-project@v1.0.2 with: project-url: ${{ inputs.project-url }} # There is a celestiaorg level ADD_TO_PROJECT_PAT secret that belongs diff --git a/pull_request_template.md b/pull_request_template.md index 68665bd..ddb2b84 100644 --- a/pull_request_template.md +++ b/pull_request_template.md @@ -12,18 +12,3 @@ Please provide an explanation of the PR, including the appropriate context, background, goal, and rationale. If there is an issue with this information, please provide a tl;dr and link the issue. --> - -## Checklist - - - -- [ ] New and updated code has appropriate documentation -- [ ] New and updated code has new and/or updated testing -- [ ] Required CI checks are passing -- [ ] Visual proof for any user facing features like CLI or documentation updates -- [ ] Linked issues closed with keywords