contract metric for monitoring (#63) #73
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: decentralized-feeder-master-pipeline | |
| on: | |
| push: | |
| branches: | |
| - master | |
| workflow_dispatch: # This allows manual triggering | |
| permissions: | |
| contents: read | |
| packages: write | |
| deployments: write # Only if deployments are required | |
| id-token: none # Disable unless specifically needed | |
| jobs: | |
| build_and_test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout the repository | |
| - uses: actions/checkout@v4 | |
| # Set up Go | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: '1.22' | |
| # Get dependencies | |
| - name: Get dependencies | |
| run: go mod tidy | |
| # Build the Go application | |
| - name: Build | |
| run: go build -v ./... | |
| # Test the Go application | |
| - name: Test | |
| run: go test -v ./... | |
| push_image_and_deploy: | |
| runs-on: ubuntu-latest | |
| needs: build_and_test | |
| steps: | |
| # Checkout the repository | |
| - uses: actions/checkout@v4 | |
| # Get Short Commit Hash for the latest commit in master | |
| - name: Get Short Commit Hash | |
| run: | | |
| COMMIT_HASH=$(git rev-parse --short HEAD) | |
| echo "COMMIT_HASH=$COMMIT_HASH" >> $GITHUB_ENV | |
| # Checkout the cluster-backend repository | |
| - name: Checkout cluster-backend repository | |
| env: | |
| TOKEN: ${{ secrets.PIPELINE_TOKEN }} | |
| run: | | |
| git clone -q https://[email protected]/diadata-org/cluster-backend cluster-backend | |
| # Install IBM Cloud CLI and Container Registry CLI | |
| - name: Install IBM Cloud CLI | |
| run: | | |
| curl -fsSL https://clis.cloud.ibm.com/install/linux | sh | |
| ibmcloud plugin install container-registry -f | |
| # Log in to IBM Cloud | |
| - name: Log in to IBM Cloud | |
| env: | |
| IBM_CLOUD_API_KEY: ${{ secrets.IBM_CLOUD_API_KEY }} | |
| run: | | |
| ibmcloud login --apikey $IBM_CLOUD_API_KEY --no-region | |
| ibmcloud target -r us-south | |
| ibmcloud target -g Default | |
| # Build and Tag the Docker image with the commit hash | |
| - name: Build and Tag Docker image | |
| run: | | |
| docker build -f build/Dockerfile-diaDecentralOracleService -t us.icr.io/dia-registry/oracles/diadecentraloracleservice:commit-hash-${{ env.COMMIT_HASH }} . | |
| # Push the Docker image to IBM Cloud Container Registry | |
| - name: Push Docker image | |
| run: | | |
| ibmcloud cr login | |
| docker push us.icr.io/dia-registry/oracles/diadecentraloracleservice:commit-hash-${{ env.COMMIT_HASH }} | |
| # Install kubectl | |
| - name: Install kubectl | |
| run: | | |
| curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" | |
| chmod +x ./kubectl | |
| sudo mv ./kubectl /usr/local/bin/kubectl | |
| - name: IBM Cluster kubectl config | |
| env: | |
| TOKEN: ${{ secrets.K8S_SERVICE_ACCOUNT_TOKEN_PROD }} | |
| CLUSTER_NAME: ${{ secrets.K8s_CLUSTER_NAME_IBM }} | |
| CONTEXT: ${{ secrets.K8s_CONTEXT_IBM }} | |
| API_SERVER: ${{ secrets.K8S_API_SERVER_IBM }} | |
| KUBE_CA_CERT_BASE64: ${{ secrets.KUBE_CA_CERT_BASE64_IBM }} | |
| SERVICE_ACCOUNT: ${{ secrets.K8S_SA }} | |
| run: | | |
| TOKEN=$(echo "$TOKEN" | tr -d '\n') | |
| echo "$KUBE_CA_CERT_BASE64" | base64 --decode > /tmp/ca.pem | |
| kubectl config set-cluster "$CLUSTER_NAME" \ | |
| --server="$API_SERVER" \ | |
| --certificate-authority=/tmp/ca.pem | |
| kubectl config set-credentials $SERVICE_ACCOUNT --token="$TOKEN" | |
| kubectl config set-context $CONTEXT --cluster="$CLUSTER_NAME" --user=$SERVICE_ACCOUNT | |
| kubectl config use-context $CONTEXT | |
| - name: Helm upgrade/install 02-06 conduit nodes to IBM Cluster | |
| run: | | |
| for i in $(seq -w 002 006); do | |
| echo "Deploying node $i" | |
| cd cluster-backend/helmcharts/oracles/conduit-test/$i | |
| helm upgrade --install -n dia-lumina --set repository.tag="commit-hash-${{ env.COMMIT_HASH }}" diaoracleservice-conduit-$i . | |
| cd - | |
| done | |
| cd | |
| # Clean up CA certificate immediately | |
| if [ -f /tmp/ca.pem ]; then shred -u /tmp/ca.pem; fi | |
| - name: Hetzner Cluster kubectl config | |
| env: | |
| TOKEN: ${{ secrets.K8S_SERVICE_ACCOUNT_TOKEN_HETZNER }} | |
| CLUSTER_NAME: ${{ secrets.K8s_CLUSTER_NAME_HETZNER }} | |
| CONTEXT: ${{ secrets.K8s_CONTEXT_HETZNER }} | |
| API_SERVER: ${{ secrets.K8S_API_SERVER_HETZNER }} | |
| KUBE_CA_CERT_BASE64: ${{ secrets.KUBE_CA_CERT_BASE64_HETZNER }} | |
| SERVICE_ACCOUNT: ${{ secrets.K8S_SA }} | |
| run: | | |
| TOKEN=$(echo "$TOKEN" | tr -d '\n') | |
| echo "$KUBE_CA_CERT_BASE64" | base64 --decode > /tmp/ca.pem | |
| kubectl config set-cluster "$CLUSTER_NAME" \ | |
| --server="$API_SERVER" \ | |
| --certificate-authority=/tmp/ca.pem | |
| kubectl config set-credentials $SERVICE_ACCOUNT --token="$TOKEN" | |
| kubectl config set-context $CONTEXT --cluster="$CLUSTER_NAME" --user=$SERVICE_ACCOUNT | |
| kubectl config use-context $CONTEXT | |
| - name: Helm upgrade/install 07-011 conduit nodes to IBM Cluster | |
| run: | | |
| for i in $(seq -w 007 011); do | |
| echo "Deploying node $i" | |
| cd cluster-backend/helmcharts/oracles/conduit-test/$i | |
| helm upgrade --install -n dia-lumina --set repository.tag="commit-hash-${{ env.COMMIT_HASH }}" diaoracleservice-conduit-$i . | |
| cd - | |
| done | |
| cd | |
| # Clean up CA certificate immediately | |
| if [ -f /tmp/ca.pem ]; then shred -u /tmp/ca.pem; fi | |
| - name: Civo Cluster kubectl config | |
| env: | |
| TOKEN: ${{ secrets.K8S_SERVICE_ACCOUNT_TOKEN_CIVO }} | |
| CLUSTER_NAME: ${{ secrets.K8s_CLUSTER_NAME_CIVO }} | |
| CONTEXT: ${{ secrets.K8s_CONTEXT_CIVO }} | |
| API_SERVER: ${{ secrets.K8S_API_SERVER_CIVO }} | |
| KUBE_CA_CERT_BASE64: ${{ secrets.KUBE_CA_CERT_BASE64_CIVO }} | |
| SERVICE_ACCOUNT: ${{ secrets.K8S_SA }} | |
| run: | | |
| TOKEN=$(echo "$TOKEN" | tr -d '\n') | |
| echo "$KUBE_CA_CERT_BASE64" | base64 --decode > /tmp/ca.pem | |
| kubectl config set-cluster "$CLUSTER_NAME" \ | |
| --server="$API_SERVER" \ | |
| --certificate-authority=/tmp/ca.pem | |
| kubectl config set-credentials $SERVICE_ACCOUNT --token="$TOKEN" | |
| kubectl config set-context $CONTEXT --cluster="$CLUSTER_NAME" --user=$SERVICE_ACCOUNT | |
| kubectl config use-context $CONTEXT | |
| - name: Helm upgrade/install conduit-node-012 and conduit-node-016 to Civo Cluster | |
| run: | | |
| for i in $(seq -w 012 016); do | |
| echo "Deploying node $i" | |
| cd cluster-backend/helmcharts/oracles/conduit-test/$i | |
| helm upgrade --install -n dia-lumina --set repository.tag="commit-hash-${{ env.COMMIT_HASH }}" diaoracleservice-conduit-$i . | |
| cd - | |
| done | |
| cd | |
| # Clean up CA certificate immediately | |
| if [ -f /tmp/ca.pem ]; then shred -u /tmp/ca.pem; fi | |
| # Cleanup the cloned repository | |
| - name: Cleanup cloned repository and logout from IBM | |
| run: | | |
| rm -rf cluster-backend | |
| if [ -f /tmp/ca.pem ]; then | |
| shred -u /tmp/ca.pem | |
| fi | |
| ibmcloud logout |