-
Notifications
You must be signed in to change notification settings - Fork 27
188 lines (171 loc) · 7.49 KB
/
dashboard-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
name: Token Dashboard / CI
on:
schedule:
- cron: "0 0 * * *"
push:
branches:
- main
pull_request:
workflow_dispatch:
inputs:
environment:
description: "Environment (network) for workflow execution, e.g. `sepolia`"
required: false
upstream_builds:
description: "Upstream builds"
required: false
upstream_ref:
description: "Git reference to checkout (e.g. branch name)"
required: false
default: "main"
jobs:
format:
name: Check code format
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: "18"
cache: "yarn"
# This step forces Git to download dependencies using `https://` protocol,
# even if `yarn.json` refers to some package via `git://`. Using `git://`
# is no longer supported by GH. One of the dashboard dependencies by
# default uses `git://` and we needed to manually remove it every time
# it re-appeared in the lock file. Now even if it does re-appear, the
# `yarn install --frozen-lockfile` will not fail.
- name: Configure git to don't use unauthenticated protocol
run: git config --global url."https://".insteadOf git://
- name: Install dependencies
run: yarn install --ignore-scripts --frozen-lockfile
- name: Run token-dashboard post-install script
run: yarn run postinstall
- name: Check formatting
run: yarn format
build-and-test:
name: Build and test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: "18"
cache: "yarn"
# We need this step because the `@keep-network/tbtc` which we update in
# next step has a dependency to `@summa-tx/[email protected]` package, which
# downloads one of its sub-dependencies via unathenticated `git://`
# protocol. That protocol is no longer supported. Thanks to this step
# `https://` is used instead of `git://`.
- name: Configure git to don't use unauthenticated protocol
run: git config --global url."https://".insteadOf git://
- name: Resolve latest contracts
run: |
yarn upgrade \
@threshold-network/solidity-contracts \
@keep-network/keep-core \
@keep-network/keep-ecdsa \
@keep-network/tbtc \
@keep-network/random-beacon --ignore-scripts
- name: Run postinstall script
# `yarn upgrade` doesn't trigger the `postinstall` script.
run: yarn run postinstall
- name: Build
run: yarn build
env:
PUBLIC_URL: /${{ github.head_ref }}
CHAIN_ID: 11155111
ETH_HOSTNAME_HTTP: ${{ secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
ETH_HOSTNAME_WS: ${{ secrets.SEPOLIA_ETH_HOSTNAME_WS }}
NODE_OPTIONS: --max_old_space_size=4096
ELECTRUM_PROTOCOL: ${{ secrets.TESTNET_ELECTRUMX_PROTOCOL }}
ELECTRUM_HOST: ${{ secrets.TESTNET_ELECTRUMX_HOST }}
ELECTRUM_PORT: ${{ secrets.TESTNET_ELECTRUMX_PORT }}
WALLET_CONNECT_PROJECT_ID: ${{ secrets.WALLET_CONNECT_PROJECT_ID }}
# FIXME: Tests are missing, will this step be needed?
# - name: Test
# run: yarn test
# This job will be triggered for PR updates. It will build the dashboard
# using `dapp-development-sepolia`-taggeed packages which contain contracts
# with values modified to help with the testing of dashboard. The code will be
# published to
# https://preview.dashboard.test.threshold.network/${{ github.head_ref }}/index.html
# and link to the deployment will be posted as a comment in the PR.
build-and-deploy-testnet-preview:
name: Deploy preview to testnet
needs: build-and-test
if: github.event_name == 'pull_request'
uses: ./.github/workflows/reusable-build-and-publish.yml
with:
environment: sepolia
useUpstreamBuilds: false
# We use `dapp-development-sepolia`-taggeed packages with modified
# contracts. They contain modifications that help with the testing of
# dashboard features.
dependentPackagesTag: dapp-development-sepolia
gcpBucketName: preview.dashboard.test.threshold.network
gcpBucketPath: ${{ github.head_ref }}
preview: true
secrets:
ethUrlHttp: ${{ secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
ethUrlWS: ${{ secrets.SEPOLIA_ETH_HOSTNAME_WS }}
gcpServiceKey: ${{ secrets.KEEP_TEST_CI_UPLOAD_DAPP_JSON_KEY_BASE64 }}
electrumProtocol: ${{ secrets.TESTNET_ELECTRUMX_PROTOCOL }}
electrumHost: ${{ secrets.TESTNET_ELECTRUMX_HOST }}
electrumPort: ${{ secrets.TESTNET_ELECTRUMX_PORT }}
sentryDsn: ${{ secrets.TESTNET_SENTRY_DSN }}
walletConnectProjectId: ${{ secrets.WALLET_CONNECT_PROJECT_ID }}
# This job will be triggered via the `workflow_dispatch` event, as part of the
# CI flow, which gets triggered manually after changes in the contracts,
# client code, etc. As after such changes the manual rotation of the client
# pods is needed, we configure the job to use the protected `testnet`
# environment. Thanks to this, the job won't start until somebody approves it
# in GH Actions.
# The code will be published to https://dashboard.test.threshold.network/index.html.
build-and-deploy-testnet-on-dispatch:
name: Deploy to testnet
needs: build-and-test
if: |
github.event_name == 'workflow_dispatch'
&& github.ref == 'refs/heads/main'
uses: ./.github/workflows/reusable-build-and-publish.yml
with:
requireApproval: true
environment: sepolia
useUpstreamBuilds: true
upstreamBuilds: ${{ github.event.inputs.upstream_builds }}
gcpBucketName: dashboard.test.threshold.network
preview: false
secrets:
ethUrlHttp: ${{ secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
ethUrlWS: ${{ secrets.SEPOLIA_ETH_HOSTNAME_WS }}
gcpServiceKey: ${{ secrets.KEEP_TEST_CI_UPLOAD_DAPP_JSON_KEY_BASE64 }}
electrumProtocol: ${{ secrets.TESTNET_ELECTRUMX_PROTOCOL }}
electrumHost: ${{ secrets.TESTNET_ELECTRUMX_HOST }}
electrumPort: ${{ secrets.TESTNET_ELECTRUMX_PORT }}
sentryDsn: ${{ secrets.TESTNET_SENTRY_DSN }}
walletConnectProjectId: ${{ secrets.WALLET_CONNECT_PROJECT_ID }}
# This job will be triggered after merges of PRs to the `main` branch. As the
# triggering is not related to the changes in the contracts / client code, we
# don't need to rotate the pods and hence don't need to wait with the
# execution of workflow for the manual approval.
# The code will be published to https://dashboard.test.threshold.network/index.html.
build-and-deploy-testnet-on-push:
name: Deploy to testnet
needs: build-and-test
if: github.event_name == 'push'
uses: ./.github/workflows/reusable-build-and-publish.yml
with:
environment: sepolia
useUpstreamBuilds: false
dependentPackagesTag: sepolia
gcpBucketName: dashboard.test.threshold.network
preview: false
secrets:
ethUrlHttp: ${{ secrets.SEPOLIA_ETH_HOSTNAME_HTTP }}
ethUrlWS: ${{ secrets.SEPOLIA_ETH_HOSTNAME_WS }}
gcpServiceKey: ${{ secrets.KEEP_TEST_CI_UPLOAD_DAPP_JSON_KEY_BASE64 }}
electrumProtocol: ${{ secrets.TESTNET_ELECTRUMX_PROTOCOL }}
electrumHost: ${{ secrets.TESTNET_ELECTRUMX_HOST }}
electrumPort: ${{ secrets.TESTNET_ELECTRUMX_PORT }}
sentryDsn: ${{ secrets.TESTNET_SENTRY_DSN }}
walletConnectProjectId: ${{ secrets.WALLET_CONNECT_PROJECT_ID }}