Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ci] Move ci from gitlab to github #3072

Merged
merged 23 commits into from
Nov 7, 2024
Merged
Show file tree
Hide file tree
Changes from 18 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
244 changes: 244 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,244 @@
name: CI

on:
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened, ready_for_review]

concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true

# common variable is defined in the workflow
# repo env variable doesn't work for PR from forks
env:
CI_IMAGE: "paritytech/ci-unified:bullseye-1.81.0-2024-09-11-v202409111034"

jobs:
set-variables:
# This workaround sets the container image for each job using 'set-variables' job output.
# env variables don't work for PR from forks, so we need to use outputs.
runs-on: ubuntu-latest
outputs:
CI_IMAGE: ${{ steps.set_image.outputs.CI_IMAGE }}
VERSION: ${{ steps.version.outputs.VERSION }}
steps:
- name: Set image
id: set_image
run: echo "CI_IMAGE=${{ env.CI_IMAGE }}" >> $GITHUB_OUTPUT
- name: Define version
id: version
run: |
export COMMIT_SHA=${{ github.sha }}
export COMMIT_SHA_SHORT=${COMMIT_SHA:0:8}
export REF_NAME=${{ github.ref_name }}
export REF_SLUG=${REF_NAME//\//_}
if [[ ${REF_SLUG} == "master" ]]
then
VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT}
echo "VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT}" >> $GITHUB_OUTPUT
else
VERSION=${REF_SLUG}
echo "VERSION=${REF_SLUG}" >> $GITHUB_OUTPUT
fi
echo "set VERSION=${VERSION}"

fmt:
name: Cargo fmt
runs-on: ubuntu-latest
needs: [set-variables]
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
steps:
- name: Checkout sources
uses: actions/checkout@v4

- name: Cargo fmt
run: cargo +nightly fmt --all -- --check

# todo: fixme
clippy:
name: Clippy
runs-on: ubuntu-latest
needs: [set-variables]
continue-on-error: true
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
steps:
- name: Checkout sources
uses: actions/checkout@v4

# disabled until the jobs is fixed
# - name: Rust Cache
# uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
# with:
# cache-on-failure: true
# cache-all-crates: true

- name: Clippy
run: SKIP_WASM_BUILD=1 cargo clippy --all-targets --locked --workspace

spellcheck:
name: Spellcheck
runs-on: ubuntu-latest
needs: [set-variables]
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
steps:
- name: Checkout sources
uses: actions/checkout@v4

- name: Spellcheck
run: cargo spellcheck check --cfg=.config/spellcheck.toml --checkers hunspell -m 1 $(find . -type f -name '*.rs' ! -path "./target/*" ! -name 'codegen_runtime.rs' ! -name 'weights.rs')

# todo: fixme
check:
name: Check
runs-on: ubuntu-latest
needs: [set-variables]
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
steps:
- name: Checkout sources
uses: actions/checkout@v4

# disabled until the jobs is fixed
# - name: Rust Cache
# uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
# with:
# cache-on-failure: true
# cache-all-crates: true

- name: Check
run: SKIP_WASM_BUILD=1 time cargo check --locked --workspace

test:
name: Test
runs-on: parity-large
needs: [set-variables]
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
steps:
- name: Checkout sources
uses: actions/checkout@v4

- name: Rust Cache
uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
with:
cache-on-failure: true
cache-all-crates: true

- name: Test
run: |
cargo fetch
CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --workspace

# do we really need this check?
deny:
name: Deny
runs-on: ubuntu-latest
needs: [set-variables]
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
# this job is allowed to fail, only licenses check is important
continue-on-error: true
steps:
- name: Checkout sources
uses: actions/checkout@v4

- name: Deny
run: |
cargo deny check advisories --hide-inclusion-graph
cargo deny check bans sources --hide-inclusion-graph

deny-licenses:
name: Deny License
runs-on: ubuntu-latest
needs: [set-variables]
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
steps:
- name: Checkout sources
uses: actions/checkout@v4

- name: Deny License
run: cargo deny check licenses --hide-inclusion-graph

check-rustdocs:
name: Check Rustdocs
runs-on: ubuntu-latest
needs: [set-variables]
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
steps:
- name: Checkout sources
uses: actions/checkout@v4

- name: Rust Cache
uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
with:
cache-on-failure: true
cache-all-crates: true

- name: Check Rustdocs
run: cargo doc --no-deps --all --workspace --document-private-items

build:
name: Build
runs-on: parity-large
needs: [set-variables]
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
steps:
- name: Checkout sources
uses: actions/checkout@v4

- name: Rust Cache
uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5
with:
cache-on-failure: true
cache-all-crates: true

- name: Build and pack artifact
run: |
cargo fetch
CARGO_NET_OFFLINE=true time cargo build --release --workspace
mkdir -p ./artifacts
strip ./target/release/substrate-relay
mv -v ./target/release/substrate-relay ./artifacts/
mv -v ./deployments/local-scripts/bridge-entrypoint.sh ./artifacts/
mv -v ./ci.Dockerfile ./artifacts/

- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: build
path: ./artifacts
retention-days: 2

build_docker:
name: Build docker image
runs-on: ubuntu-latest
needs: [set-variables, build]
env:
VERSION: ${{ needs.set-variables.outputs.VERSION }}
steps:
- name: Download artifacts
uses: actions/download-artifact@v3
with:
name: build
- name: Make scripts executable
run: |
chmod +x bridge-entrypoint.sh
chmod +x substrate-relay
- name: Build Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ./ci.Dockerfile
push: false
tags: |
docker.io/paritytech/substrate-relay:${{ env.VERSION }}
docker.io/paritytech/bridges-common-relay:${{ env.VERSION }}
129 changes: 129 additions & 0 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
name: Deploy

on:
push:
tags:
- v*

concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true

# common variable is defined in the workflow
# repo env variable doesn't work for PR from forks
env:
CI_IMAGE: "paritytech/ci-unified:bullseye-1.81.0-2024-09-11-v202409111034"

#to use reusable workflow
permissions:
id-token: write
contents: read

jobs:
set-variables:
# This workaround sets the container image for each job using 'set-variables' job output.
# env variables don't work for PR from forks, so we need to use outputs.
runs-on: ubuntu-latest
outputs:
CI_IMAGE: ${{ steps.set_image.outputs.CI_IMAGE }}
VERSION: ${{ steps.version.outputs.VERSION }}
steps:
- name: Set image
id: set_image
run: echo "CI_IMAGE=${{ env.CI_IMAGE }}" >> $GITHUB_OUTPUT
- name: Define version
id: version
run: |
export COMMIT_SHA=${{ github.sha }}
export COMMIT_SHA_SHORT=${COMMIT_SHA:0:8}
export REF_NAME=${{ github.ref_name }}
export REF_SLUG=${REF_NAME//\//_}
if [[ ${REF_SLUG} == "master" ]]
then
VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT}
echo "VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT}" >> $GITHUB_OUTPUT
else
VERSION=${REF_SLUG}
echo "VERSION=${REF_SLUG}" >> $GITHUB_OUTPUT
fi
echo "set VERSION=${VERSION}"

build:
name: Build
runs-on: parity-large
needs: [set-variables]
container:
image: ${{ needs.set-variables.outputs.CI_IMAGE }}
steps:
- name: Checkout sources
uses: actions/checkout@v4

- name: Build and pack artifact
run: |
cargo fetch
CARGO_NET_OFFLINE=true time cargo build --release --workspace
mkdir -p ./artifacts
strip ./target/release/substrate-relay
mv -v ./target/release/substrate-relay ./artifacts/
mv -v ./deployments/local-scripts/bridge-entrypoint.sh ./artifacts/
mv -v ./ci.Dockerfile ./artifacts/

- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: build
path: ./artifacts
retention-days: 2

build_push_docker:
name: Build docker image
runs-on: ubuntu-latest
environment: tags
needs: [set-variables, build]
env:
VERSION: ${{ needs.set-variables.outputs.VERSION }}
steps:
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}

- name: Download artifacts
uses: actions/download-artifact@v3
with:
name: build
- name: Make scripts executable
run: |
chmod +x bridge-entrypoint.sh
chmod +x substrate-relay
- name: Build Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ./ci.Dockerfile
push: true
tags: |
docker.io/paritytech/substrate-relay:${{ env.VERSION }}
docker.io/paritytech/bridges-common-relay:${{ env.VERSION }}

deploy-westend:
name: Deploy Westend
runs-on: ubuntu-latest
environment: parity-testnet
needs: [set-variables, build_push_docker]
env:
VERSION: ${{ needs.set-variables.outputs.VERSION }}
ARGOCD_SERVER: "westend-argocd.teleport.parity.io"
steps:
- name: Deploy to ArgoCD
uses: paritytech/argocd-deployment-action@main
with:
environment: "parity-testnet"
tag: "${{ env.VERSION }}"
app_name: "bridges-common-relay"
app_packages: "headers-a,headers-b,parachains-a,parachains-b,messages-a,messages-b"
argocd_server: ${{ env.ARGOCD_SERVER }}
teleport_token: ${{ env.APP }}
teleport_app_name: "argocd-testnet"
alvicsam marked this conversation as resolved.
Show resolved Hide resolved
argocd_auth_token: ${{ secrets.ARGOCD_AUTH_TOKEN }}
Loading
Loading