From 42aed1d95be2fe2baf14db67ff6fb103768be2de Mon Sep 17 00:00:00 2001 From: Diego Date: Thu, 7 Nov 2024 12:43:42 -0500 Subject: [PATCH] fix yaml file --- .github/workflows/ci.yml | 5 +- .github/workflows/validate.yml | 191 +++++++++++++++++++++++++++++++-- 2 files changed, 186 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 791bbf10c81cd..51b069ef1cc5c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,12 +10,11 @@ on: push: branches: - main - - develop - - test/github-actions + - celestia-develop pull_request: branches: - main - - develop + - celestia-develop types: [opened, synchronize, reopened] workflow_dispatch: diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 3097017640519..273811a6113bd 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -1,15 +1,192 @@ -name: Validate Workflows +name: Release on: - pull_request: - paths: - - ".github/workflows/**" + workflow_dispatch: + push: + tags: + - "da-server/v*" + - "ci-builder*/v*" + - "proofs-tools/v*" + - "cannon/v*" + - "ufm-*/v*" + - "op-*/v*" + +env: + REGISTRY: ghcr.io + REPO: ${{ github.repository_owner }} jobs: - validate: + approve-release: + if: github.event_name == 'workflow_dispatch' + runs-on: ubuntu-latest + environment: release-approval + steps: + - run: echo "Release approved" + + docker-release-standard: + needs: [approve-release] + if: always() && (needs.approve-release.result == 'success' || needs.approve-release.result == 'skipped') runs-on: ubuntu-latest + permissions: + contents: read + packages: write + strategy: + matrix: + component: + - op-node + - op-batcher + - op-proposer + - op-challenger + - op-dispute-mon + - op-conductor + - da-server + - op-ufm + - op-supervisor + - op-deployer + - cannon steps: - uses: actions/checkout@v4 - - name: Validate workflows - uses: docker://rhysd/actionlint:latest + - name: Generate Docker Tags + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.REPO }}/${{ matrix.component }} + tags: | + type=sha,format=short + type=ref,event=tag + type=raw,value=latest,enable={{is_default_branch}} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: . + push: true + platforms: linux/amd64,linux/arm64 + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + docker-release-amd64: + needs: [approve-release] + if: always() && (needs.approve-release.result == 'success' || needs.approve-release.result == 'skipped') + runs-on: ubuntu-latest-16-cores + permissions: + contents: read + packages: write + strategy: + matrix: + component: + - ci-builder + - ci-builder-rust + - proofs-tools + steps: + - uses: actions/checkout@v4 + + - name: Generate Docker Tags + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.REPO }}/${{ matrix.component }} + tags: | + type=sha,format=short + type=ref,event=tag + type=raw,value=latest,enable={{is_default_branch}} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: . + push: true + platforms: linux/amd64 + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + verify-release: + needs: [docker-release-standard] + runs-on: ubuntu-latest + strategy: + matrix: + component: + [ + op-node, + op-batcher, + op-proposer, + op-challenger, + op-dispute-mon, + op-conductor, + da-server, + op-ufm, + op-supervisor, + op-deployer, + cannon, + ] + steps: + - name: Verify Multi-platform Support + shell: bash + run: | + IMAGE_NAME="${REGISTRY}/${REPO}/${{ matrix.component }}:sha-${GITHUB_SHA}" + + echo "Verifying image: ${IMAGE_NAME}" + + # Check for ARM64 support + echo "Checking ARM64 support..." + docker manifest inspect "${IMAGE_NAME}" | jq -e '.manifests[] | select(.platform.architecture == "arm64")' + + # Check for AMD64 support + echo "Checking AMD64 support..." + docker manifest inspect "${IMAGE_NAME}" | jq -e '.manifests[] | select(.platform.architecture == "amd64")' + + - name: Test Image + shell: bash + run: | + IMAGE_NAME="${REGISTRY}/${REPO}/${{ matrix.component }}:sha-${GITHUB_SHA}" + docker pull "${IMAGE_NAME}" + docker run --rm "${IMAGE_NAME}" "${{ matrix.component }}" --version + + notify-release: + needs: [verify-release] + runs-on: ubuntu-latest + if: always() + steps: + - name: Check workflow status + id: check + run: | + if [ "${{ needs.verify-release.result }}" = "success" ]; then + echo "status=✅ Release successful" >> "$GITHUB_OUTPUT" + else + echo "status=❌ Release failed" >> "$GITHUB_OUTPUT" + fi + + - name: Create Release Summary + run: | + { + echo "### Release Status: ${{ steps.check.outputs.status }}" + echo "* Release Tag: ${{ github.ref_name }}" + } >> "$GITHUB_STEP_SUMMARY"