Skip to content
name: Check Active Networks for Missing Secrets
# - will read all "active" networks from config/networks.json
# - will check if for all of these networks a Github secret with a NODE_URI exists
# - This will make sure that the EmergencyPause action has RPC URLS for all networks
on:
push:
schedule:
# Run every day at midnight
- cron: '0 0 * * *'
jobs:
check-secrets:
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/[email protected]
- name: Read Networks Configuration
id: read-networks
run: |
# Extract active networks from networks.json and save to temp file
jq -r 'to_entries[] | select(.value.status == "active") | .key' config/networks.json > active_networks.txt
echo "Extracted active networks:"
cat active_networks.txt
- name: Check for Missing Secrets
id: check-secrets
env:
GITHUB_TOKEN: ${{ secrets.GIT_ACTIONS_BOT_PAT_CLASSIC }}
run: |
MISSING_SECRETS=""
# Read networks from temp file
while read -r NETWORK; do
SECRET_NAME="ETH_NODE_URI_${NETWORK^^}"
echo "Checking for secret: $SECRET_NAME"
# Use GitHub API to check if secret exists
SECRET_CHECK=$(curl -s \
-H "Authorization: Bearer $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/${{ github.repository }}/actions/secrets/$SECRET_NAME)
if echo "$SECRET_CHECK" | grep -q "Not Found"; then
echo -e "\033[31mSecret $SECRET_NAME is missing!\033[0m"
MISSING_SECRETS="$MISSING_SECRETS\n$SECRET_NAME"
else
echo -e "\033[32mSecret $SECRET_NAME exists.\033[0m"
fi
done < active_networks.txt
if [ -n "$MISSING_SECRETS" ]; then
echo -e "\033[31mMissing secrets found: $MISSING_SECRETS\033[0m"
echo "MISSING_SECRETS=$MISSING_SECRETS" >> $GITHUB_ENV
else
echo -e "\033[32mFound a RPC URL for each active network. Check passed.\033[0m"
fi
- name: Send Discord message
if: env.MISSING_SECRETS != ''
uses: Ilshidur/[email protected]
with:
args: |
:warning: Missing GitHub Secrets for Networks:
${{ env.MISSING_SECRETS }}
env:
DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK_DEV_SMARTCONTRACTS }}