Add helm network policies back (#11940) #2418
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Build publish Chainlink develop on private ECR" | |
on: | |
push: | |
branches: | |
- develop | |
jobs: | |
push-chainlink-develop-goreleaser: | |
runs-on: | |
labels: ubuntu20.04-16cores-64GB | |
outputs: | |
goreleaser-metadata: ${{ steps.build-sign-publish.outputs.goreleaser-metadata }} | |
goreleaser-artifacts: ${{ steps.build-sign-publish.outputs.goreleaser-artifacts }} | |
environment: build-develop | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
- name: Configure aws credentials | |
uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 | |
with: | |
role-to-assume: ${{ secrets.AWS_OIDC_IAM_ROLE_ARN }} | |
role-duration-seconds: ${{ secrets.AWS_ROLE_DURATION_SECONDS }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Build, sign, and publish image | |
id: build-sign-publish | |
uses: ./.github/actions/goreleaser-build-sign-publish | |
with: | |
enable-docker-publish: "true" | |
docker-registry: ${{ secrets.AWS_DEVELOP_ECR_HOSTNAME }} | |
enable-goreleaser-snapshot: "true" | |
goreleaser-exec: ./tools/bin/goreleaser_wrapper | |
goreleaser-config: .goreleaser.develop.yaml | |
# ISSUE: https://github.com/golang/go/issues/52690 | |
zig-version: 0.11.0-dev.3380+7e0a02ee2 # TODO: update action to v0.11.x once released | |
- name: Collect Metrics | |
if: always() | |
id: collect-gha-metrics | |
uses: smartcontractkit/push-gha-metrics-action@0281b09807758be1dcc41651e44e62b353808c47 # v2.1.0 | |
with: | |
org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} | |
basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} | |
hostname: ${{ secrets.GRAFANA_INTERNAL_HOST }} | |
this-job-name: push-chainlink-develop-goreleaser | |
continue-on-error: true | |
mercury-e2e-tests: | |
needs: [push-chainlink-develop-goreleaser] | |
runs-on: | |
labels: ubuntu-latest | |
environment: build-develop | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
- name: Configure aws credentials | |
uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 | |
with: | |
role-to-assume: ${{ secrets.AWS_ROLE_ARN_GATI }} | |
role-duration-seconds: ${{ secrets.AWS_ROLE_DURATION_SECONDS }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- name: Get Github Token | |
id: get-gh-token | |
uses: smartcontractkit/chainlink-github-actions/github-app-token-issuer@main | |
with: | |
url: ${{ secrets.GATI_LAMBDA_FUNCTION_URL }} | |
- name: 'Dispatch Workflow: E2E Functional Tests' | |
id: dispatch-workflow-e2e-functional-tests | |
shell: bash | |
run: | | |
image_build_metadata=$(jq -n \ | |
--arg commit_sha "$GITHUB_SHA" \ | |
--arg run_url "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ | |
'{ | |
commit_sha: $commit_sha, | |
originating_run_url: $run_url | |
}') | |
gh workflow run "e2e-functional-tests.yml" \ | |
--repo ${{ secrets.MERCURY_SERVER_REPO }} \ | |
--ref "main" \ | |
--field chainlink-ecr-repo-account="sdlc" \ | |
--field chainlink-image-build-metadata="${image_build_metadata}" \ | |
--field chainlink-image-tag="develop" | |
env: | |
GH_TOKEN: ${{ steps.get-gh-token.outputs.access-token }} |