Skip to content

pipeline

pipeline #13800

Workflow file for this run

# SPDX-License-Identifier: MIT
#
# Copyright (c) 2024 Berachain Foundation
#
# Permission is hereby granted, free of charge, to any person
# obtaining a copy of this software and associated documentation
# files (the "Software"), to deal in the Software without
# restriction, including without limitation the rights to use,
# copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the
# Software is furnished to do so, subject to the following
# conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
# OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
# HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
name: pipeline
on:
push:
branches:
- main
tags:
- "v*"
pull_request:
merge_group:
concurrency:
group: ci-${{ github.ref }}-tests
# We don't want to cancel in progress on main. This is to allow
# us to debug main if a bad commit is pushed.
# Case 1: The base branch is main and the event triggered via merge group => we DO NOT want to cancel in progress
# Case 2: The reference branch is not main => we want to cancel in progress
cancel-in-progress: ${{ !(github.base_ref == 'refs/heads/main' && github.event_name == 'merge_group') || github.ref != 'refs/heads/main' }}
env:
GCP_ID_PROVIDER: "projects/341806074811/locations/global/workloadIdentityPools/oidc-apps-automation-st-01-pool/providers/gh-apps-oidc-provider"
GCP_SERVICE_ACCOUNT: "sa-apps-deployment@prj-berachain-automation-st-01.iam.gserviceaccount.com"
GCP_REGISTRY: northamerica-northeast1-docker.pkg.dev
GHCR_REGISTRY: ghcr.io
PUSH_DOCKER_IMAGE: ${{ (github.base_ref == github.head_ref && github.event_name == 'push') || github.ref == 'refs/tags/v*'}}
VERSION: ${{ github.ref_name }}
jobs:
# -------------------------------------------------------------------------- #
# Main Pipeline #
# -------------------------------------------------------------------------- #
ci:
strategy:
matrix:
args:
- "build"
- "lint"
- "slither"
- "gosec"
- "nilaway"
- "markdownlint"
- "generate-check"
- "tidy-sync-check"
- "test-unit-cover"
- "test-unit-bench"
- "test-unit-fuzz"
- "test-forge-cover"
- "test-forge-fuzz"
os:
- ubuntu-24.04-beacon-kit
name: ${{ matrix.args }}
runs-on:
labels: ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
if: ${{ matrix.args == 'lint' || matrix.args == 'generate-check' || matrix.args == 'test-forge-cover' || matrix.args == 'test-forge-fuzz' }}
- name: Setup Golang
uses: actions/setup-go@v5
with:
go-version: "1.23.4"
check-latest: true
cache-dependency-path: "**/*.sum"
if: ${{ !(matrix.args == 'test-forge-cover' || matrix.args == 'test-forge-fuzz') }}
- name: Run ${{ matrix.args }}
run: |
make ${{ matrix.args }}
env:
GOPATH: /home/runner/go
- name: Upload to Codecov
uses: codecov/codecov-action@v2
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./${{ matrix.args }}.txt
if: ${{ matrix.args == 'test-unit-cover' || matrix.args == 'test-forge-cover'}}
# -------------------------------------------------------------------------- #
# E2E Testing #
# -------------------------------------------------------------------------- #
ci-e2e:
strategy:
matrix:
args:
- "test-e2e"
os:
- ubuntu-24.04-e2e
name: ${{ matrix.args }}
runs-on:
labels: ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
registry: https://index.docker.io/v1/
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Setup Golang
uses: actions/setup-go@v5
with:
go-version: "stable"
check-latest: true
cache-dependency-path: "**/*.sum"
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Install Kurtosis
run: |
echo "deb [trusted=yes] https://apt.fury.io/kurtosis-tech/ /" | sudo tee /etc/apt/sources.list.d/kurtosis.list
sudo apt update
sudo apt install kurtosis-cli=$(go list -m -f '{{.Version}}' github.com/kurtosis-tech/kurtosis/api/golang | sed 's/^v//') -y
kurtosis engine start
if: ${{ matrix.args == 'test-e2e' }}
- name: Run ${{ matrix.args }}
run: |
make ${{ matrix.args }}
env:
GOPATH: /home/runner/go
# -------------------------------------------------------------------------- #
# Docker Container Build and Push #
# -------------------------------------------------------------------------- #
build-and-push-container:
runs-on:
labels: ubuntu-24.04-beacon-kit
permissions:
id-token: write
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Echo GitHub Context Variables
run: |
echo "GitHub Actor: ${{ github.actor }}"
echo "GitHub Repository: ${{ github.repository }}"
echo "GitHub Event Name: ${{ github.event_name }}"
echo "GitHub SHA: ${{ github.sha }}"
echo "GitHub Ref: ${{ github.ref }}"
echo "GitHub Workflow: ${{ github.workflow }}"
echo "GitHub Action: ${{ github.action }}"
echo "GitHub Run ID: ${{ github.run_id }}"
echo "GitHub Run Number: ${{ github.run_number }}"
echo "GitHub Job: ${{ github.job }}"
echo "GitHub Server URL: ${{ github.server_url }}"
echo "GitHub API URL: ${{ github.api_url }}"
echo "GitHub GraphQL URL: ${{ github.graphql_url }}"
echo "Github Ref: ${{ github.ref }}"
echo "GitHub Head Ref: ${{ github.head_ref }}"
echo "GitHub Base Ref: ${{ github.base_ref }}"
echo "PUSH_DOCKER_IMAGE: ${{ env.PUSH_DOCKER_IMAGE }}"
echo "VERSION: ${{ env.VERSION }}"
- name: Build Docker image
run: |
make build-docker
- if: ${{ env.PUSH_DOCKER_IMAGE == 'true' }}
name: Authenticate to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GH_TOKEN }}
- if: ${{ env.PUSH_DOCKER_IMAGE == 'true' }}
name: Authenticate to Google Cloud
id: "auth"
uses: "google-github-actions/auth@v2"
with:
workload_identity_provider: ${{ env.GCP_ID_PROVIDER }}
service_account: ${{ env.GCP_SERVICE_ACCOUNT }}
- if: ${{ env.PUSH_DOCKER_IMAGE == 'true' }}
name: "Set up Cloud SDK"
uses: "google-github-actions/setup-gcloud@v2"
- if: ${{ env.PUSH_DOCKER_IMAGE == 'true' }}
name: Setup Docker to use Google Cloud OIDC
run: |
gcloud auth configure-docker ${{ env.GCP_REGISTRY }} --quiet
- if: ${{ env.PUSH_DOCKER_IMAGE == 'true' }}
name: Push Docker image
run: |
make push-docker-gcp push-docker-github