Bump Cardinal-Cryptography/github-actions from 2 to 3 #682

Workflow file for this run

.github/workflows/contracts-deploy.yml at ca685e7

	---
	name: contracts-e2e-tests-and-deploy

	on:
	pull_request:
	types: [labeled]
	workflow_call:

	# DO NOT TOUCH THIS !
	# cancelling workflow when contracts deployment is in progress
	# will leave the environment in a bad state
	concurrency:
	group: ${{ github.workflow }}
	cancel-in-progress: false

	env:
	CACHE_KEY: the-button
	CONTRACTS_ENVFILE: devnet
	NODE_VERSION: 18
	CI_S3BUCKET_NAME: ${{ secrets.CI_DEVNET_S3BUCKET_NAME }}
	S3BUCKET_PATH: contracts/devnet-button
	CONTRACTS: (access_control button game_token marketplace simple_dex ticket_token wrapped_azero)

	jobs:
	check-vars-and-secrets:
	name: Check vars and secrets
	if: >
	(needs.changes.outputs.button == 'true' &&
	github.event_name == 'push' &&
	github.ref_name == 'main') \|\|
	(github.event_name == 'pull_request' &&
	github.event.action == 'labeled' &&
	github.event.label.name == '[AZERO] DEPLOY-CONTRACTS')
	uses: ./.github/workflows/_check-vars-and-secrets.yml
	secrets: inherit

	detect-contracts-changes:
	needs: [check-vars-and-secrets]
	name: Detect changes
	if: >
	(needs.changes.outputs.button == 'true' &&
	github.event_name == 'push' &&
	github.ref_name == 'main') \|\|
	(github.event_name == 'pull_request' &&
	github.event.action == 'labeled' &&
	github.event.label.name == '[AZERO] DEPLOY-CONTRACTS')
	runs-on: ubuntu-20.04
	permissions:
	pull-requests: read
	outputs:
	button: ${{ steps.filter.outputs.button }}
	steps:
	- name: Checkout repo
	uses: actions/checkout@v4
	- uses: dorny/paths-filter@v2
	id: filter
	with:
	filters: \|
	button:
	- 'contracts/access_control/**'
	- 'contracts/button/**'
	- 'contracts/game_token/**'
	- 'contracts/marketplace/**'
	- 'contracts/simple_dex/**'
	- 'contracts/ticket_token/**'
	- 'contracts/wrapped_azero/**'
	- '.github/workflows/contracts-deploy.yml'

	build-and-deploy-contracts:
	# TODO: e2e test are flaky AF
	# and they block the deployment
	# which in turns stalls development
	# as frontend developers rely heavily on the devnet environment.
	# Therefore we made an executive decision to deploy to the devnet
	# regardless of the contracts e2e tests status.
	# Once fixed this dependency can be brough back
	# needs: [detect-contracts-changes]
	name: Deploy contracts on devnet
	if: >
	(needs.changes.outputs.button == 'true' &&
	github.event_name == 'push' &&
	github.ref_name == 'main') \|\|
	(github.event_name == 'pull_request' &&
	github.event.action == 'labeled' &&
	github.event.label.name == '[AZERO] DEPLOY-CONTRACTS')
	runs-on: [self-hosted, Linux, X64, large]
	steps:
	- name: Checkout repo
	uses: actions/checkout@v4

	- name: Check if environment is reachable
	shell: bash
	run: \|
	source contracts/env/${{ env.CONTRACTS_ENVFILE }} && \
	HOSTPORT=${NODE/wss:\/\//} && nc -zvw5 ${HOSTPORT/:/} ${HOSTPORT/:/}

	- name: Call action get-ref-properties
	id: get-ref-properties
	# yamllint disable-line rule:line-length
	uses: Cardinal-Cryptography/github-actions/get-ref-properties@v3

	- name: Install jq
	shell: bash
	run: \|
	sudo apt-get install -y jq

	- name: Install node
	uses: actions/setup-node@v3
	with:
	node-version: ${{ env.NODE_VERSION }}

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	env:
	AWS_REGION: us-east-1
	with:
	aws-access-key-id: ${{ secrets.AWS_DEVNET_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_DEVNET_SECRET_ACCESS_KEY }}
	aws-region: ${{ env.AWS_REGION }}

	- name: Copy ABI artifacts and addresses.json file from the S3 bucket
	shell: bash
	run: \|
	contracts=${{ env.CONTRACTS }}
	for C in "${contracts[@]}"; do
	mkdir -p contracts/$C/target/ink;
	aws s3 cp s3://${{ env.CI_S3BUCKET_NAME }}/${{ env.S3BUCKET_PATH }}/$C/$C.json \
	contracts/$C/target/ink/$C.json
	done

	aws s3 cp s3://${{ env.CI_S3BUCKET_NAME }}/${{ env.S3BUCKET_PATH }}/addresses.json \
	contracts/addresses.json

	- name: Run clean.sh script
	shell: bash
	run: \|
	source contracts/env/${{ env.CONTRACTS_ENVFILE }} && ./contracts/scripts/clean.sh

	- name: Run deploy.sh script
	shell: bash
	run: \|
	source contracts/env/${{ env.CONTRACTS_ENVFILE }} && ./contracts/scripts/deploy.sh

	- name: Update ABI arifacts and addresses.json file in the S3 bucket
	shell: bash
	run: \|
	contracts=${{ env.CONTRACTS }}
	for C in "${contracts[@]}"; do
	aws s3 cp contracts/$C/target/ink/$C.json \
	s3://${{ env.CI_S3BUCKET_NAME }}/${{ env.S3BUCKET_PATH }}/$C/$C.json
	done

	aws s3 cp contracts/addresses.json \
	s3://${{ env.CI_S3BUCKET_NAME }}/${{ env.S3BUCKET_PATH }}/addresses.json

	echo -n "${{ steps.get-ref-properties.outputs.sha }}" > commit_sha.txt

	aws s3 cp commit_sha.txt \
	s3://${{ env.CI_S3BUCKET_NAME }}/${{ env.S3BUCKET_PATH }}/commit_sha.txt

	- name: Remove deploy label if present
	uses: actions-ecosystem/[email protected]
	if: >
	github.event_name == 'pull_request' &&
	contains( github.event.pull_request.labels.*.name, '[AZERO] DEPLOY-CONTRACTS')
	with:
	labels: '[AZERO] DEPLOY-CONTRACTS'
	github_token: ${{ secrets.CI_GH_TOKEN }}

	- name: Add label to mark that contracts have been deployed
	if: github.event_name == 'pull_request'
	uses: actions-ecosystem/[email protected]
	with:
	labels: 'DEPLOYED-CONTRACTS'
	github_token: ${{ secrets.CI_GH_TOKEN }}

	- name: GIT \| Checkout argocd apps repo
	uses: actions/checkout@master
	with:
	repository: Cardinal-Cryptography/${{ secrets.REPO_ARGOCD_APPS_NAME }}
	token: ${{ secrets.CI_GH_TOKEN }}
	path: ${{ secrets.REPO_ARGOCD_APPS_NAME }}
	ref: main

	- name: KUSTOMIZE \| Init kustomize
	uses: imranismail/setup-kustomize@v2
	with:
	kustomize-version: ${{ vars.KUSTOMIZE_VERSION }}

	- name: KUBECTL \| Setup kubectl
	uses: azure/[email protected]
	with:
	version: 'v1.23.6'

	- name: INDEXER \| Destroy archive and squid apps
	shell: bash
	run: \|
	aws eks --region eu-central-1 update-kubeconfig --name alephzero-devnet-eu-central-1-eks
	kubectl delete -n indexer-squid --ignore-not-found=true deploy squid-api
	kubectl delete -n indexer-squid --ignore-not-found=true deploy squid-processor
	kubectl delete -n indexer-archive --ignore-not-found=true deploy archive-gateway
	kubectl delete -n indexer-archive --ignore-not-found=true deploy archive-ingest

	- name: INDEXER \| Create archive db and archive apps
	shell: bash
	run: \|
	kubectl rollout restart statefulset archive-db -n indexer-archive
	kubectl rollout status --watch --timeout=600s -n indexer-archive statefulset/archive-db
	cd ${{ secrets.REPO_ARGOCD_APPS_NAME }}/indexer/archive/overlays/devnet/eu-central-1
	kustomize build . \| kubectl apply -f -
	sleep 3
	kubectl rollout status --watch --timeout=600s -n indexer-archive deploy/archive-ingest
	kubectl rollout status --watch --timeout=600s -n indexer-archive deploy/archive-gateway

	- name: INDEXER \| Create squid db and squid apps
	shell: bash
	run: \|
	kubectl rollout restart statefulset squid-db -n indexer-squid
	kubectl rollout status --watch --timeout=600s -n indexer-squid statefulset/squid-db
	cd ${{ secrets.REPO_ARGOCD_APPS_NAME }}/indexer/squid/overlays/devnet/eu-central-1
	kustomize build . \| kubectl apply -f -
	sleep 3
	kubectl rollout status --watch --timeout=600s -n indexer-squid deploy/squid-processor
	kubectl rollout status --watch --timeout=600s -n indexer-squid deploy/squid-api

	- name: BUTTON \| Restart the-button deployment
	shell: bash
	run: \|
	kubectl rollout restart deployment the-button -n the-button
	kubectl rollout status --watch --timeout=600s -n the-button deploy/the-button

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump Cardinal-Cryptography/github-actions from 2 to 3 #682

Workflow file

Bump Cardinal-Cryptography/github-actions from 2 to 3 #682

Jobs

Run details

Workflow file for this run