-
Notifications
You must be signed in to change notification settings - Fork 1
140 lines (132 loc) · 4.81 KB
/
push-master.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
name: push-master
on:
push:
branches:
- master
env:
PACKAGES: "median"
jobs:
init:
runs-on: ubuntu-latest
outputs:
matrix_packages: ${{ steps.set-matrix-packages.outputs.matrix_packages }}
lint_args_packages: ${{ steps.set-matrix-packages.outputs.lint_args_packages }}
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set matrix packages
id: set-matrix-packages
shell: bash
env:
PACKAGES: ${{ env.PACKAGES }}
run: |
matrix_packages=$(echo "${PACKAGES}" | jq -R 'split(",")' | tr -d "\n\t")
echo "matrix_packages=${matrix_packages}" | tee -a "${GITHUB_OUTPUT}"
- name: Set lint args packages
id: set-lint-args-packages
shell: bash
env:
PACKAGES: ${{ env.PACKAGES }}
# Convert "producer,reports_consumer" to "./producer/... ./reports_consumer/..."
run: echo "lint_args_packages=$(echo "./$(echo $PACKAGES | sed 's/,/\/... .\//g;s/$/\/.../')")" | tee -a "${GITHUB_OUTPUT}"
ci-lint:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
actions: read
steps:
- name: ci-lint
uses: smartcontractkit/.github/actions/ci-lint-go@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # [email protected]
with:
# grafana inputs
metrics-job-name: ci-lint
gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }}
gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }}
# env inputs
use-env-files: "true"
env-files: ./tools/env/ci.env
# go inputs
use-go-cache: true
go-cache-dep-path: "**/go.sum"
go-version-file: go.mod
golangci-lint-version: "v1.55.2"
golangci-lint-args: --out-format colored-line-number,checkstyle:golangci-lint-report.xml
ci-test:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
actions: read
steps:
- name: ci-test
uses: smartcontractkit/.github/actions/ci-test-go@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # [email protected]
with:
# grafana inputs
metrics-job-name: ci-test
gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }}
gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }}
# docker inputs
use-docker-compose: "true"
docker-compose-workdir: ./tools/docker/setup-postgres
# env inputs
use-env-files: "true"
env-files: ./tools/env/ci.env
# go inputs
use-go-cache: "true"
go-cache-dep-path: "**/go.sum"
go-version-file: go.mod
go-test-cmd: make test-ci
ci-sonarqube:
needs: [ci-lint, ci-test]
if: ${{ always() }}
runs-on: ubuntu-latest
steps:
- name: ci-sonarqube
uses: smartcontractkit/.github/actions/ci-sonarqube@cc4cbbd6d39a8e84915b356379a4ef6a16dceaf9 # [email protected]
with:
# grafana inputs
metrics-job-name: ci-sonarqube
gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }}
gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }}
# sonarqube inputs
sonar-token: ${{ secrets.SONAR_TOKEN }}
sonar-host-url: ${{ secrets.SONAR_HOST_URL }}
cd-release:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
outputs:
changesets_published: ${{ steps.cd-release.outputs.published }}
changesets_publishedPackages: ${{ steps.cd-release.outputs.publishedPackages }}
steps:
- name: cd-release
id: cd-release
uses: smartcontractkit/.github/actions/cicd-changesets@c5b65fcfe12a5a14b60b03605748af0b0c6cfbea # [email protected]
with:
# general inputs
git-user: app-token-issuer-foundations[bot]
git-email: app-token-issuer-foundations[bot]@users.noreply.github.com
pnpm-use-cache: false
# aws inputs
aws-region: ${{ secrets.AWS_REGION }}
aws-role-arn: ${{ secrets.AWS_OIDC_CHAINLINK_FEEDS_CI_CHANGESET_TOKEN_ISSUER_ROLE_ARN }}
aws-lambda-url: ${{ secrets.AWS_FOUNDATIONS_GATI_URL }}
cicd-build-publish-artifacts-release:
# Call push-tag-release for [email protected]
name: Call push-tag-release for ${{ matrix.package.name }}@${{ matrix.package.version }}
if: needs.cd-release.outputs.changesets_published == 'true'
strategy:
fail-fast: false
matrix:
package: ${{ fromJson(needs.cd-release.outputs.changesets_publishedPackages) }}
permissions:
id-token: write
contents: write
actions: read
needs: [cd-release]
uses: ./.github/workflows/push-tag-release.yml
secrets: inherit
with:
tag: "${{ matrix.package.name }}@${{ matrix.package.version }}"