Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check Active Networks for Missing Secrets | |
# - will read all "active" networks from config/networks.json | |
# - will check if for all of these networks a Github secret with a NODE_URI exists | |
# - This will make sure that the EmergencyPause action has RPC URLS for all networks | |
on: | |
push: | |
schedule: | |
# Run every day at midnight | |
- cron: '0 0 * * *' | |
jobs: | |
check-secrets: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repository | |
uses: actions/[email protected] | |
- name: Read Networks Configuration | |
id: read-networks | |
run: | | |
# Extract active networks from networks.json and save to temp file | |
jq -r 'to_entries[] | select(.value.status == "active") | .key' config/networks.json > active_networks.txt | |
echo "Extracted active networks:" | |
cat active_networks.txt | |
- name: Check for Missing Secrets | |
id: check-secrets | |
env: | |
GITHUB_TOKEN: ${{ secrets.GIT_ACTIONS_BOT_PAT_CLASSIC }} | |
run: | | |
MISSING_SECRETS="" | |
# Read networks from temp file | |
while read -r NETWORK; do | |
SECRET_NAME="ETH_NODE_URI_${NETWORK^^}" | |
echo "Checking for secret: $SECRET_NAME" | |
# Use GitHub API to check if secret exists | |
SECRET_CHECK=$(curl -s \ | |
-H "Authorization: Bearer $GITHUB_TOKEN" \ | |
-H "Accept: application/vnd.github.v3+json" \ | |
https://api.github.com/repos/${{ github.repository }}/actions/secrets/$SECRET_NAME) | |
if echo "$SECRET_CHECK" | grep -q "Not Found"; then | |
echo -e "\033[31mSecret $SECRET_NAME is missing!\033[0m" | |
MISSING_SECRETS="$MISSING_SECRETS\n$SECRET_NAME" | |
else | |
echo -e "\033[32mSecret $SECRET_NAME exists.\033[0m" | |
fi | |
done < active_networks.txt | |
if [ -n "$MISSING_SECRETS" ]; then | |
echo -e "\033[31mMissing secrets found: $MISSING_SECRETS\033[0m" | |
echo "MISSING_SECRETS=$MISSING_SECRETS" >> $GITHUB_ENV | |
else | |
echo -e "\033[32mFound a RPC URL for each active network. Check passed.\033[0m" | |
fi | |
- name: Send Discord message | |
if: env.MISSING_SECRETS != '' | |
uses: Ilshidur/[email protected] | |
with: | |
args: | | |
:warning: Missing GitHub Secrets for Networks: | |
${{ env.MISSING_SECRETS }} | |
env: | |
DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK_DEV_SMARTCONTRACTS }} |