-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add changeset and cd-release workflow
- Loading branch information
1 parent
9a85999
commit a23a1f1
Showing
8 changed files
with
2,211 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -98,3 +98,45 @@ jobs: | |
# sonarqube inputs | ||
sonar-token: ${{ secrets.SONAR_TOKEN }} | ||
sonar-host-url: ${{ secrets.SONAR_HOST_URL }} | ||
|
||
cd-release: | ||
runs-on: ubuntu-latest | ||
permissions: | ||
id-token: write | ||
contents: read | ||
outputs: | ||
changesets_published: ${{ steps.cd-release.outputs.published }} | ||
changesets_publishedPackages: ${{ steps.cd-release.outputs.publishedPackages }} | ||
steps: | ||
- name: cd-release | ||
id: cd-release | ||
uses: smartcontractkit/.github/actions/cicd-changesets@c5b65fcfe12a5a14b60b03605748af0b0c6cfbea # [email protected] | ||
with: | ||
# general inputs | ||
# TODO update the name | ||
git-user: app-token-issuer-plugins[bot] | ||
git-email: app-token-issuer-plugins[bot]@users.noreply.github.com | ||
pnpm-use-cache: false | ||
# aws inputs | ||
# TODO create GATI and secrets | ||
aws-region: ${{ secrets.AWS_REGION }} | ||
aws-role-arn: ${{ secrets.AWS_ROLE_ARN_GATI_CHANGESETS }} | ||
aws-lambda-url: ${{ secrets.AWS_LAMBDA_URL_GATI }} | ||
|
||
cicd-build-publish-artifacts-release: | ||
# Call push-tag-release for [email protected] | ||
name: Call push-tag-release for ${{ matrix.package.name }}@${{ matrix.package.version }} | ||
if: needs.cd-release.outputs.changesets_published == 'true' | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
package: ${{ fromJson(needs.cd-release.outputs.changesets_publishedPackages) }} | ||
permissions: | ||
id-token: write | ||
contents: write | ||
actions: read | ||
needs: [cd-release] | ||
uses: ./.github/workflows/push-tag-release.yml | ||
secrets: inherit | ||
with: | ||
tag: "${{ matrix.package.name }}@${{ matrix.package.version }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,179 @@ | ||
name: push-tag-release | ||
|
||
on: | ||
# This is _ONLY_ for manually creating an image | ||
# for a tag that already exists. You would do this if | ||
# for some reason CD fails, and you need to try to | ||
# manually rebuild and publish the image. | ||
workflow_dispatch: | ||
inputs: | ||
tag: | ||
description: "Tag to build and publish" | ||
required: true | ||
type: string | ||
|
||
# This trigger is called from "push-main", and is _ONLY_ for | ||
# creating docker images for newly tagged releases. | ||
workflow_call: | ||
inputs: | ||
tag: | ||
required: true | ||
type: string | ||
|
||
# This trigger is _ONLY_ for helm chart publishing and deployment. | ||
# See jobs ci-lint-charts, cicd-build-publish-charts, cd-deploy-testnet | ||
push: | ||
tags: | ||
# Root tag versions (e.g. v1.0.0) to kick off the helm chart publish and deploy. | ||
- "v*.*.*" | ||
|
||
jobs: | ||
check-tags: | ||
name: Parse and validate ${{ inputs.tag || github.ref_name }} tag | ||
runs-on: ubuntu-latest | ||
outputs: | ||
tag-name: ${{ steps.tag-parse.outputs.name }} | ||
tag-version: ${{ steps.tag-parse.outputs.version }} | ||
release: ${{ steps.tag-parse.outputs.release }} | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
fetch-depth: 0 | ||
ref: ${{ inputs.tag }} # This will evaluate to "" in the case of a tag push | ||
# which is what we want. Since the tag will exist on the default branch. | ||
# - name: Fail if git tag is not from allowed branches | ||
# if: startsWith(github.ref, 'refs/tags/') | ||
# uses: smartcontractkit/.github/actions/guard-tag-from-branch@main | ||
# with: | ||
# tag: ${{ github.ref_name }} | ||
# branch-regex: '^(main|release\/.*)' | ||
- name: Validate and Parse Tag | ||
id: tag-parse | ||
uses: smartcontractkit/.github/actions/check-git-tag-for-monorepo@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # [email protected] | ||
with: | ||
tag-ref: ${{ inputs.tag || github.ref_name }} | ||
|
||
cicd-build-publish-artifacts-release: | ||
# Publish Producer:0.9.13 Image | ||
name: Publish ${{ needs.check-tags.outputs.tag-name }}:${{ needs.check-tags.outputs.tag-version }} Image | ||
runs-on: ubuntu-latest | ||
needs: [check-tags] | ||
if: needs.check-tags.outputs.release == 'true' | ||
permissions: | ||
id-token: write | ||
contents: write | ||
actions: read | ||
steps: | ||
- name: cicd-build-publish-artifacts-release | ||
uses: smartcontractkit/.github/actions/cicd-build-publish-artifacts-go@25645c21796ebb5554693fcc0d312dc88330fbe0 # [email protected] | ||
with: | ||
# general inputs | ||
app-name: mercury-pipeline-${{ needs.check-tags.outputs.tag-name }} | ||
publish: "true" | ||
# if ref is empty do to a tag push, it will be an empty string that will checkout the HEAD | ||
checkout-ref: ${{ inputs.tag }} | ||
# grafana inputs | ||
metrics-job-name: cicd-build-publish-artifacts-release | ||
gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | ||
gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | ||
# aws inputs | ||
aws-region: ${{ secrets.AWS_REGION }} | ||
aws-role-arn: ${{ secrets.AWS_OIDC_IAM_ROLE_ARN }} | ||
aws-account-number: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} | ||
# gati inputs | ||
use-gati: "true" | ||
aws-role-arn-gati: ${{ secrets.AWS_OIDC_IAM_ROLE_ARN_GATI }} | ||
aws-lambda-url-gati: ${{ secrets.AWS_LAMBDA_URL_GATI }} | ||
# golang inputs | ||
go-version-file: go.work | ||
# goreleaser inputs | ||
goreleaser-args: "--config ./${{ needs.check-tags.outputs.tag-name }}/.goreleaser.ci.yaml" | ||
goreleaser-dist: goreleaser-pro | ||
goreleaser-key: ${{ secrets.GORELEASER_KEY }} | ||
# zig inputs | ||
use-zig: "true" | ||
zig-version: "0.11.0" | ||
# docker inputs | ||
docker-registry: aws | ||
docker-image-tag: devel | ||
|
||
ci-lint-charts: | ||
runs-on: ubuntu-latest | ||
if: startsWith(github.ref, 'refs/tags/v') | ||
permissions: | ||
id-token: write | ||
contents: read | ||
actions: read | ||
steps: | ||
- name: ci-lint-charts | ||
uses: smartcontractkit/.github/actions/ci-lint-charts@9fd15fe8e698a5e28bfd06b3a91471c56568dcb3 # [email protected] | ||
with: | ||
# chart testing inputs | ||
chart-testing-extra-args: "--lint-conf=lintconf.yaml" | ||
# grafana inputs | ||
metrics-job-name: ci-lint-charts | ||
gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | ||
gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | ||
|
||
cicd-build-publish-charts: | ||
runs-on: ubuntu-latest | ||
if: startsWith(github.ref, 'refs/tags/v') | ||
permissions: | ||
id-token: write | ||
contents: read | ||
actions: read | ||
steps: | ||
- name: cicd-build-publish-charts | ||
uses: smartcontractkit/.github/actions/cicd-build-publish-charts@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # [email protected] | ||
with: | ||
# general inputs | ||
charts-dir: helm | ||
publish: "true" | ||
# grafana inputs | ||
metrics-job-name: cicd-build-publish-charts | ||
gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | ||
gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | ||
# aws inputs | ||
aws-region: ${{ secrets.AWS_REGION }} | ||
aws-role-arn: ${{ secrets.AWS_OIDC_IAM_ROLE_PUBLISH_CHART_PROD_ARN }} | ||
aws-account-number: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} | ||
|
||
cd-deploy-testnet: | ||
name: Deploy Testnet (staging/production) | ||
needs: [cicd-build-publish-charts] | ||
runs-on: ubuntu-latest | ||
if: startsWith(github.ref, 'refs/tags/v') | ||
permissions: | ||
contents: read | ||
id-token: write | ||
steps: | ||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
- name: Get helm chart version | ||
id: helm-chart-version | ||
shell: bash | ||
run: | | ||
version=$(yq '.version' helm/mercury-pipeline/Chart.yaml) | ||
echo "version=${version}" | tee -a "${GITHUB_OUTPUT}" | ||
- name: Setup GitHub Token | ||
id: setup-github-token | ||
uses: smartcontractkit/.github/actions/setup-github-token@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # [email protected] | ||
with: | ||
aws-role-arn: ${{ secrets.AWS_OIDC_IAM_ROLE_INVOKE_WORKFLOWS_PROD_ARN }} | ||
aws-lambda-url: ${{ secrets.GATI_LAMBDA_FUNCTION_URL }} | ||
aws-region: ${{ secrets.AWS_REGION }} | ||
aws-role-duration-seconds: "1800" | ||
- name: Bump helm chart version and create PR | ||
uses: smartcontractkit/.github/actions/helm-version-bump-sender@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # [email protected] | ||
with: | ||
app-file-path-pattern: "projects/mercury/apps/mercury-pipeline-testnet.yaml" | ||
app-release-name: mercury-pipeline | ||
github-token: ${{ steps.setup-github-token.outputs.access-token }} | ||
helm-chart-repo: ${{ secrets.AWS_ACCOUNT_ID_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/infra-charts | ||
helm-chart-repo-update: false | ||
helm-chart-version: ${{ steps.helm-chart-version.outputs.version }} | ||
pr-draft: false | ||
pr-labels: preview-stage,project-mercury | ||
release-type: testnet | ||
repo-destination-name: smartcontractkit/infra-k8s | ||
workflow-file-name: helm-version-bump-receiver.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,5 @@ | ||
.idea | ||
coverage.txt | ||
output.txt | ||
|
||
node_modules |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
golang 1.21.3 | ||
golangci-lint 1.55.2 # keep in sync with .github/workflows/ci.yml | ||
nodejs 20.11.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
{ | ||
"name": "median", | ||
"version": "0.1.0", | ||
"description": "", | ||
"main": "index.js", | ||
"dependencies": { | ||
"libs": "workspace:*" | ||
}, | ||
"author": "", | ||
"license": "UNLICENSED" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
{ | ||
"name": "chainlink-feeds", | ||
"version": "0.1.0", | ||
"description": "Chainlink feeds plugins", | ||
"main": "index.js", | ||
"scripts": { | ||
"ci:changeset:publish": "pnpm changeset publish", | ||
"ci:changeset:version": "pnpm changeset version && pnpm version patch --no-git-tag" | ||
}, | ||
"repository": { | ||
"type": "git", | ||
"url": "git+ssh://[email protected]/smartcontractkit/chainlink-feeds.git" | ||
}, | ||
"author": "", | ||
"license": "UNLICENSED", | ||
"bugs": { | ||
"url": "https://github.com/smartcontractkit/chainlink-feeds/issues" | ||
}, | ||
"homepage": "https://github.com/smartcontractkit/chainlink-feeds#readme", | ||
"dependencies": { | ||
"median": "workspace:*", | ||
}, | ||
"devDependencies": { | ||
"@changesets/changelog-github": "^0.4.8", | ||
"@changesets/cli": "~2.26.2", | ||
"semver": "^7.5.4" | ||
} | ||
} |
Oops, something went wrong.