Soloseng/Governance-L2-test #675
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Protocol Devchain Anvil | |
on: | |
push: | |
branches: | |
- master | |
- 'release/**' | |
tags: | |
- core-contracts.v* | |
pull_request: | |
branches: [release/core-contracts/*, master] | |
paths: | |
- 'packages/protocol/**' | |
workflow_dispatch: | |
inputs: | |
npm_tag: | |
description: 'NPM TAG e.g. alpha, pre-merge (default: canary) ' | |
required: true | |
type: string | |
env: | |
# Increment these to force cache rebuilding | |
FOUNDRY_CACHE_KEY: 1 | |
# Supported Foundry version defined at celo-org (GitHub organisation) level, for consistency across workflows. | |
SUPPORTED_FOUNDRY_VERSION: ${{ vars.SUPPORTED_FOUNDRY_VERSION }} | |
jobs: | |
build: | |
defaults: | |
run: | |
working-directory: packages/protocol | |
name: Generate anvil | |
runs-on: ['self-hosted', 'org', 'npm-publish'] | |
permissions: | |
contents: read | |
pull-requests: read | |
id-token: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Fail if there are test with wrong extension | |
run: | | |
if tree test-sol | grep -i ".sol" | grep -v ".sol"; then | |
echo "There are tests with wrong extensions" | |
tree test-sol | grep -i ".sol" | grep -v ".sol" | |
exit 1 | |
fi | |
- name: Foundry cache | |
id: foundry-cache | |
uses: actions/cache@v4 | |
with: | |
path: ./cache | |
key: ${{ runner.os }}-foundry-cache-${{ env.FOUNDRY_CACHE_KEY }} | |
- name: Foundry out | |
id: foundry-out | |
uses: actions/cache@v4 | |
with: | |
path: ./out | |
key: ${{ runner.os }}-foundry-out-${{ env.FOUNDRY_CACHE_KEY }} | |
- name: Display SHA | |
run: | | |
echo "SHA: ${{ github.sha }}" | |
- name: Get Pull Request data | |
id: get_pr_data | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
const result = ( | |
await github.rest.repos.listPullRequestsAssociatedWithCommit({ | |
commit_sha: context.sha, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
}) | |
).data[0]; | |
core.setOutput("number", result ? result.number : ""); | |
- name: Set PR Number | |
id: set_pr_number | |
run: | | |
if [ -z "${{ steps.get_pr_data.outputs.number }}" ]; then | |
echo "PR_NUMBER=${{ github.event.pull_request.number }}" >> $GITHUB_ENV | |
else | |
echo "PR_NUMBER=${{ steps.get_pr_data.outputs.number }}" >> $GITHUB_ENV | |
fi | |
- name: Display PR Number | |
run: | | |
echo "Pull Request Number: ${{ env.PR_NUMBER }}" | |
- name: Install Foundry | |
uses: foundry-rs/foundry-toolchain@v1 | |
with: | |
version: 'nightly-fa0e0c2ca3ae75895dd19173a02faf88509c0608' | |
- name: Install forge dependencies | |
run: forge install | |
- name: Get current date | |
id: date | |
run: echo "::set-output name=date::$(date +'%Y-%m-%d')" | |
- name: Akeyless Get Secrets | |
id: get_auth_token | |
uses: docker://us-west1-docker.pkg.dev/devopsre/akeyless-public/akeyless-action:latest | |
with: | |
api-url: https://api.gateway.akeyless.celo-networks-dev.org | |
access-id: p-kf9vjzruht6l | |
static-secrets: '{"/static-secrets/NPM/npm-publish-token":"NPM_TOKEN"}' | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: '18.x' | |
registry-url: 'https://registry.npmjs.org' | |
- name: 'Setup yarn' | |
shell: bash | |
run: | | |
npm install --global yarn | |
source ~/.bashrc | |
- name: 'Install packages' | |
shell: bash | |
run: yarn | |
# Starting L1 from scratch instead of JSON state to circumvent this Anvil bug https://github.com/foundry-rs/foundry/issues/7502 | |
# Install `lsof` dependency, because it's not readily available on CI, but is required by | |
# `create_and_migrate_anvil_l2_devchain.sh`, because it uses `stop_anvil.sh` to kill | |
# existing anvil servers. | |
- name: Generate L1 migrations and run migration tests against L1 devchain | |
if: success() || failure() | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y lsof | |
source ./scripts/foundry/constants.sh | |
echo "Starting L1 from scratch to circumvent Anvil bug" | |
source ./scripts/foundry/create_and_migrate_anvil_devchain.sh | |
FOUNDRY_PROFILE=devchain forge test -vvv \ | |
--match-path "test-sol/devchain/migration/*" \ | |
--fork-url $ANVIL_RPC_URL | |
./scripts/foundry/stop_anvil.sh | |
- name: Generate L2 migration | |
if: success() || failure() | |
run: ./scripts/foundry/create_and_migrate_anvil_l2_devchain.sh | |
- name: Sanitize ref name | |
id: sanitize-ref-name | |
run: | | |
sanitized_ref_name=$(echo "${{ github.ref_name }}" | tr -cd '[:alnum:]-_') | |
echo "sanitized_ref_name=${sanitized_ref_name}" >> $GITHUB_ENV | |
- name: | |
Determine release type and version (or dry run) | |
# This is what sets the RELEASE_TYPE and RELEASE_VERSION env variables | |
run: yarn --silent determine-release-version >> "$GITHUB_ENV" | |
working-directory: packages/protocol | |
env: | |
GITHUB_TAG: ${{ github.ref_name }} | |
NPM_PACKAGE: '@celo/devchain-anvil' | |
NPM_TAG: ${{ inputs.npm_tag }} | |
- name: Prepare package for publishing | |
run: yarn prepare_devchain_anvil_publishing | |
working-directory: packages/protocol | |
env: | |
RELEASE_TYPE: ${{ env.RELEASE_TYPE }} | |
RELEASE_VERSION: ${{ env.RELEASE_VERSION }} | |
- name: Upload devchain as artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: devchain-${{ env.PR_NUMBER }}-${{ steps.date.outputs.date }} | |
path: packages/protocol/.tmp | |
# Max retention time is 90 days for public repos | |
# https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration#artifact-and-log-retention-policy | |
retention-days: 90 | |
- name: Publish @celo/devchain-anvil | |
run: | | |
cat package.json | |
npm publish $RELEASE_TYPE $DRY_RUN --access public | |
working-directory: packages/protocol/.tmp | |
env: | |
RELEASE_TYPE: --tag ${{ env.RELEASE_TYPE != '' && env.RELEASE_TYPE || 'canary' }} | |
RELEASE_VERSION: ${{ env.RELEASE_VERSION }} | |
NODE_AUTH_TOKEN: ${{ env.NPM_TOKEN }} | |
DRY_RUN: ${{ env.RELEASE_VERSION == '' && '--dry-run' || '' }} |