Client #7823
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Client | |
on: | |
schedule: | |
- cron: "0 0 * * *" | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- "docs-v1/**" | |
- "docs/**" | |
- "infrastructure/**" | |
- "scripts/**" | |
- "solidity-v1/**" | |
- "token-stakedrop/**" | |
pull_request: | |
workflow_dispatch: | |
inputs: | |
environment: | |
description: "Environment for workflow execution" | |
required: false | |
default: "dev" | |
upstream_builds: | |
description: "Upstream builds" | |
required: false | |
upstream_ref: | |
description: "Git reference to checkout (e.g. branch name)" | |
required: false | |
default: "main" | |
# TODO: Implement automatic releases creation on tags push with https://github.com/softprops/action-gh-release | |
jobs: | |
client-detect-changes: | |
runs-on: ubuntu-latest | |
outputs: | |
path-filter: ${{ steps.filter.outputs.path-filter }} | |
steps: | |
- uses: actions/checkout@v3 | |
if: github.event_name == 'pull_request' | |
- uses: dorny/paths-filter@v2 | |
if: github.event_name == 'pull_request' | |
id: filter | |
with: | |
filters: | | |
path-filter: | |
- './!((docs-v1|docs|infrastructure|scripts|solidity-v1|token-stakedrop)/**)' | |
electrum-integration-detect-changes: | |
runs-on: ubuntu-latest | |
outputs: | |
path-filter: ${{ steps.filter.outputs.path-filter }} | |
steps: | |
- uses: actions/checkout@v3 | |
if: github.event_name == 'pull_request' | |
- uses: dorny/paths-filter@v2 | |
if: github.event_name == 'pull_request' | |
id: filter | |
with: | |
filters: | | |
path-filter: | |
- './config/_electrum_urls/**' | |
- './pkg/bitcoin/electrum/**' | |
client-build-test-publish: | |
needs: client-detect-changes | |
if: | | |
github.event_name != 'pull_request' | |
|| needs.client-detect-changes.outputs.path-filter == 'true' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
# Fetch the whole history for the `git describe` command to work. | |
fetch-depth: 0 | |
- name: Resolve versions | |
run: | | |
echo "version=$(git describe --tags --match "v[0-9]*" HEAD)" >> $GITHUB_ENV | |
echo "revision=$(git rev-parse --short HEAD)" >> $GITHUB_ENV | |
- name: Load environment variables | |
uses: keep-network/ci/actions/load-env-variables@v2 | |
if: github.event_name == 'workflow_dispatch' | |
with: | |
environment: ${{ github.event.inputs.environment }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Cache Docker layers | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Build Docker Build Image | |
uses: docker/build-push-action@v3 | |
with: | |
target: build-docker | |
tags: go-build-env | |
build-args: | | |
VERSION=${{ env.version }} | |
REVISION=${{ env.revision }} | |
load: true # load image to local registry to use it in next steps | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache-new | |
context: . | |
# Since build-push-action doesn't support outputing an image to multiple outputs | |
# we need to save it in a separate step. See: https://github.com/moby/buildkit/issues/1555 | |
# Once multiple outputs are supported we can replace this step with | |
# `outputs` property configured in `Build Docker Build Image`: | |
# outputs: | | |
# type=image | |
# type=docker,dest=/tmp/go-build-env-image.tar | |
- name: Save Docker Build Image | |
run: | | |
docker save --output /tmp/go-build-env-image.tar go-build-env | |
- name: Upload Docker Build Image | |
uses: actions/upload-artifact@v3 | |
with: | |
name: go-build-env-image | |
path: /tmp/go-build-env-image.tar | |
- name: Run Go tests | |
run: | | |
docker run \ | |
--workdir /go/src/github.com/keep-network/keep-core \ | |
go-build-env \ | |
gotestsum | |
- name: Build Docker Runtime Image | |
if: github.event_name != 'workflow_dispatch' | |
uses: docker/build-push-action@v3 | |
with: | |
target: runtime-docker | |
labels: | | |
version=${{ env.version }} | |
revision=${{ env.revision }} | |
push: false | |
context: . | |
- name: Login to Google Container Registry | |
if: github.event_name == 'workflow_dispatch' | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.GCR_REGISTRY_URL }} | |
username: _json_key | |
password: ${{ secrets.KEEP_TEST_GCR_JSON_KEY }} | |
- name: Build and publish Docker Runtime Image | |
if: github.event_name == 'workflow_dispatch' | |
uses: docker/build-push-action@v3 | |
env: | |
IMAGE_NAME: "keep-client" | |
with: | |
target: runtime-docker | |
tags: | | |
${{ env.GCR_REGISTRY_URL }}/${{ env.GOOGLE_PROJECT_ID }}/${{ env.IMAGE_NAME }} | |
${{ env.GCR_REGISTRY_URL }}/${{ env.GOOGLE_PROJECT_ID }}/${{ env.IMAGE_NAME }}:${{ env.version }} | |
${{ env.GCR_REGISTRY_URL }}/${{ env.GOOGLE_PROJECT_ID }}/${{ env.IMAGE_NAME }}:${{ github.event.inputs.environment }} | |
${{ env.GCR_REGISTRY_URL }}/${{ env.GOOGLE_PROJECT_ID }}/${{ env.IMAGE_NAME }}:${{ env.version }}-${{ github.event.inputs.environment }} | |
labels: | | |
version=${{ env.version }} | |
revision=${{ env.revision }} | |
build-args: | | |
ENVIRONMENT=${{ github.event.inputs.environment }} | |
VERSION=${{ env.version }} | |
REVISION=${{ env.revision }} | |
push: true | |
context: . | |
- name: Build Client Binaries | |
uses: docker/build-push-action@v3 | |
with: | |
target: output-bins | |
outputs: type=local,dest=./out/bin/ | |
build-args: | | |
ENVIRONMENT=${{ github.event.inputs.environment }} | |
VERSION=${{ env.version }} | |
REVISION=${{ env.revision }} | |
push: false | |
context: . | |
- name: Archive Client Binaries | |
uses: actions/upload-artifact@v3 | |
with: | |
name: binaries | |
path: | | |
out/bin/*.tar.gz | |
out/bin/*.md5 | |
out/bin/*.sha256 | |
- name: Publish Client Binaries | |
if: github.event_name == 'workflow_dispatch' | |
uses: thesis/gcp-storage-bucket-action@v3.1.0 | |
with: | |
service-key: ${{ secrets.KEEP_TEST_CLIENT_BINARIES_UPLOADER_SERVICE_KEY_JSON_BASE64 }} | |
# TODO: Change to keep-prd-210b once mainnet setup is done and we are sure we want to publish mainnet builds automatically. | |
project: keep-test-f3e0 | |
bucket-name: keep-test-client-binaries | |
bucket-path: ${{ github.event.inputs.environment }}/${{ env.version }} | |
build-folder: out/bin | |
- name: Notify CI about completion of the workflow | |
if: github.event_name == 'workflow_dispatch' | |
uses: keep-network/ci/actions/notify-workflow-completed@v2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} | |
with: | |
module: "github.com/keep-network/keep-core/client" | |
url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
environment: ${{ github.event.inputs.environment }} | |
upstream_builds: ${{ github.event.inputs.upstream_builds }} | |
upstream_ref: ${{ github.event.inputs.upstream_ref }} | |
version: ${{ env.version }} | |
- # Temp fix - move cache instead of copying (added below step and | |
# modified value of `cache-to`). | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
# Without the change some jobs were failing with `no space left on device` | |
name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
client-scan: | |
needs: client-detect-changes | |
if: | | |
github.event_name == 'push' | |
|| needs.client-detect-changes.outputs.path-filter == 'true' | |
runs-on: ubuntu-latest | |
env: | |
GO111MODULE: on | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: securego/gosec@master | |
with: | |
args: | | |
-exclude-dir=pkg/chain/ethereum/beacon/gen | |
-exclude-dir=pkg/chain/ethereum/ecdsa/gen | |
-exclude-dir=pkg/chain/ethereum/threshold/gen | |
-exclude-dir=pkg/chain/ethereum/tbtc/gen | |
./... | |
client-format: | |
needs: client-detect-changes | |
if: | | |
github.event_name == 'push' | |
|| needs.client-detect-changes.outputs.path-filter == 'true' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version-file: "go.mod" | |
- name: gofmt | |
run: | | |
if [ $(gofmt -l . | wc -l) -gt 0 ]; then | |
gofmt -d -e . | |
exit 1 | |
fi | |
client-vet: | |
needs: client-detect-changes | |
if: | | |
github.event_name == 'push' | |
|| needs.client-detect-changes.outputs.path-filter == 'true' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version-file: "go.mod" | |
- run: go vet | |
client-lint: | |
needs: client-detect-changes | |
if: | | |
github.event_name == 'push' | |
|| needs.client-detect-changes.outputs.path-filter == 'true' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version-file: "go.mod" | |
- name: Staticcheck | |
uses: dominikh/staticcheck-action@v1.3.0 | |
with: | |
version: "2023.1.6" | |
install-go: false | |
client-integration-test: | |
needs: [electrum-integration-detect-changes, client-build-test-publish] | |
if: | | |
github.event_name != 'pull_request' | |
|| needs.electrum-integration-detect-changes.outputs.path-filter == 'true' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Download Docker Build Image | |
uses: actions/download-artifact@v3 | |
with: | |
name: go-build-env-image | |
path: /tmp | |
- name: Load Docker Build Image | |
run: | | |
docker load --input /tmp/go-build-env-image.tar | |
- name: Run Go Integration Tests | |
run: | | |
docker run \ | |
--workdir /go/src/github.com/keep-network/keep-core \ | |
go-build-env \ | |
gotestsum -- -timeout 20m -tags=integration ./... |