feat: Add missing NodeOperator node feature and update offboarding for sygnum zh5 #3789
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and test | |
on: | |
push: | |
branches: | |
- "main" | |
tags: | |
- "v*" | |
paths-ignore: | |
- "release-index.yaml" | |
- "replica-releases/**" | |
- "node-labels/**" | |
pull_request: | |
paths-ignore: | |
- "release-index.yaml" | |
- "replica-releases/**" | |
- "node-labels/**" | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
bazel: | |
runs-on: | |
labels: dre-runner-custom | |
# This image is based on ubuntu:20.04 | |
container: ghcr.io/dfinity/dre/actions-runner:3dd4f38f076cad73fdcc68ad37fd29bed4fa3e4d | |
permissions: | |
contents: write | |
packages: write | |
pages: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 2 | |
# The GitHub App token is necessary for pushing changed files back to the repository | |
# If regular secrets.GITHUB_TOKEN is used instead, the push will not trigger any actions | |
# https://github.com/orgs/community/discussions/25702 | |
- name: Create GitHub App Token | |
uses: actions/create-github-app-token@v1 | |
id: app-token | |
with: | |
app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} | |
private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} | |
- name: "☁️ Setup runner" | |
uses: ./.github/workflows/manage-runner-pre | |
######################################## | |
# Build and test | |
# Will run test as a local subprocess because for some tests | |
# create status files on certain locations (like $HOME) | |
######################################## | |
- name: "🚀 Building" | |
uses: ./.github/workflows/build | |
with: | |
# See above where the token is generated: we can't use regular secrets.GITHUB_TOKEN | |
# since the push needs to trigger actions again | |
GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}" | |
- name: "🚀 Testing" | |
env: | |
STAGING_PRIVATE_KEY_PEM: "${{ secrets.STAGING_PRIVATE_KEY_PEM }}" | |
run: | | |
mkdir -p ~/.config/dfx/identity/bootstrap-super-leader/ | |
echo $STAGING_PRIVATE_KEY_PEM > ~/.config/dfx/identity/bootstrap-super-leader/identity.pem | |
bazel test ... --spawn_strategy=local --test_env=HOME=/home/runner | |
# We don't need the linear-jira build and test step for now | |
# - name: "🚀 Build and Test Linear-Jira with Bazel" | |
# shell: bash | |
# run: | | |
# set -euxo pipefail | |
# cd linear-jira | |
# bazel build --config=ci ... | |
# bazel test --config=ci ... || true | |
# bazel query --noshow_progress 'kind("oci_push", ...)' | xargs -P $(nproc) -I_target bazel run _target -- --tag ${{ github.sha }} | |
######################################## | |
# Upload test artifacts | |
######################################## | |
- name: "🧪 Upload test artifacts" | |
if: ${{ github.ref == 'refs/heads/main' }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: test-artifacts | |
path: bazel-out/k8-opt/bin/rs/ic-observability/multiservice-discovery/multiservice-discovery | |
######################################## | |
# Prepare release | |
######################################## | |
- name: "🚢 Prepare release" | |
if: ${{ startsWith(github.ref, 'refs/tags/v') }} | |
uses: ./.github/workflows/prepare-release | |
with: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
######################################## | |
# Upload container images | |
######################################## | |
- name: "🔧 Login to GitHub Container Registry" | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: "📦 Push images to GitHub Container Registry" | |
if: ${{ startsWith(github.ref, 'refs/tags/v') || startsWith(github.head_ref, 'container') || startsWith(github.ref, 'refs/heads/container') || (github.ref == 'refs/heads/main') }} | |
run: bazel query --noshow_progress 'kind("oci_push", ...)' | xargs -I_target bazel run _target -- --tag ${GITHUB_SHA} | |
######################################## | |
# Check if dashboard/* changed to see if | |
# it also needs to be updated in k8s | |
######################################## | |
- name: "❓ Check if dashboard/* changed in last commit" | |
id: check | |
uses: ./.github/workflows/check-modified-files-as-step | |
with: | |
path: dashboard/* | |
- name: "💲 Setting correct paths to update" | |
id: paths | |
shell: bash | |
run: | | |
files=( | |
bases/apps/ic-release-controller/controller/controller.yaml | |
bases/apps/ic-release-controller/commit-annotator/commit-annotator.yaml | |
bases/apps/mainnet-dashboard/backend/base/deployment.yaml | |
bases/apps/mainnet-dashboard/statefulset-slack.yaml | |
bases/apps/service-discovery/service-discovery.yaml | |
.github/workflows/dre-vector-configs.yaml | |
) | |
if [[ $changed == "true" ]]; then | |
echo "Adding frontend to list of files" | |
files+=( bases/apps/mainnet-dashboard/frontend/deployment.yaml ) | |
else | |
echo "Skipping adding of frontend to list of files" | |
fi | |
echo "Output of this step:" | |
echo ${files[@]} | |
echo "files=${files[@]}" >> $GITHUB_ENV | |
######################################## | |
# Deploy to github pages | |
######################################## | |
- name: "🚢 Deploy to GitHub Pages" | |
if: ${{ github.ref == 'refs/heads/main' }} | |
run: | | |
git config --global user.email "actions@github.com" | |
git config --global user.name "GitHub Actions" | |
bazel run "//:mkdocs" -- gh-deploy --force | |
######################################## | |
# Update k8s deployments | |
######################################## | |
- name: "🤖 Update k8s deployments" | |
if: ${{ github.ref == 'refs/heads/main' }} | |
uses: ./.github/workflows/update-k8s-deployments | |
with: | |
github_api_token: ${{ secrets.K8S_API_TOKEN }} | |
######################################## | |
# Clean up runner | |
######################################## | |
- uses: ./.github/workflows/manage-runner-post | |
name: "🪓 Tear down runner" | |
if: ${{ !startsWith(runner.name, 'dre-runner-custom') }} | |
with: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |