use mobilecoinofficial/gh-actions where possible

mobilecoinfoundation · Jan 12, 2024 · 4a909d9 · 4a909d9
1 parent cd70ff3
commit 4a909d9
Show file tree

Hide file tree

Showing 7 changed files with 41 additions and 101 deletions.
diff --git a/.github/workflows/android-bindings-dispatch.yml b/.github/workflows/android-bindings-dispatch.yml
@@ -10,7 +10,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Build and Publish Bindings
         env:
           MAVEN_USER: ${{ secrets.MAVEN_USER }}

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -28,7 +28,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Rust
         uses: ./.github/actions/setup-rust
       - name: Cargo build (SW)
@@ -45,7 +45,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Rust
         uses: ./.github/actions/setup-rust
       - name: Cargo build (HW)
@@ -64,7 +64,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - uses: actions/setup-node@v4
         with:
           node-version: 18
@@ -81,7 +81,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Rust
         uses: ./.github/actions/setup-rust
         with:
@@ -98,7 +98,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
@@ -131,7 +131,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Rust
         uses: ./.github/actions/setup-rust
       - name: Generate docs
@@ -160,7 +160,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Rust
         uses: ./.github/actions/setup-rust
       - name: List packages to test
@@ -203,7 +203,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Rust
         uses: ./.github/actions/setup-rust
       - name: List packages to test
@@ -248,7 +248,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Rust
         uses: ./.github/actions/setup-rust
       - name: List packages to test
@@ -297,7 +297,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Rust
         uses: ./.github/actions/setup-rust
       - name: Run tests
@@ -330,7 +330,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Python
         uses: actions/setup-python@v5
         with:
@@ -381,7 +381,7 @@ jobs:
 
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: mobilecoinofficial/gh-actions/checkout@v0
       - name: Setup Python
         uses: actions/setup-python@v5
         with:

diff --git a/.github/workflows/mobilecoin-dev-cd.yaml b/.github/workflows/mobilecoin-dev-cd.yaml
@@ -49,7 +49,7 @@ jobs:
 
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
     - name: Generate version metadata
       id: meta
@@ -81,11 +81,9 @@ jobs:
       MINTING_TRUST_ROOT_PUBLIC_KEY_PEM: ${{ github.workspace }}/.tmp/minting_trust_root.public.pem
     steps:
     - name: Checkout
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
     - name: Write environment values
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
       env:
         ENCLAVE_SIGNING_KEY: ${{ secrets.DEV_ENCLAVE_SIGNING_KEY }}
         MINTING_TRUST_ROOT_PUBLIC: ${{ secrets.DEV_MINTING_TRUST_ROOT_PUBLIC }}
@@ -95,25 +93,20 @@ jobs:
         echo "${MINTING_TRUST_ROOT_PUBLIC}" > "${MINTING_TRUST_ROOT_PUBLIC_KEY_PEM}"
 
     - name: Cache rust build binaries
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
       id: rust_artifact_cache
       uses: ./.github/actions/mobilecoin-cache-rust-binaries
       with:
         cache_buster: ${{ secrets.CACHE_BUSTER }}
 
     - name: Cache cargo packages
       # We don't need cargo packages if we already have binaries.
-      if: |
-        steps.rust_artifact_cache.outputs.cache-hit != 'true' &&
-        ! contains(github.event.head_commit.message, '[skip build]')
+      if: steps.rust_artifact_cache.outputs.cache-hit != 'true'
       uses: ./.github/actions/mobilecoin-cache-cargo-package
       with:
         cache_buster: ${{ secrets.CACHE_BUSTER }}
 
     - name: Build rust hardware projects
-      if: |
-        steps.rust_artifact_cache.outputs.cache-hit != 'true' &&
-        ! contains(github.event.head_commit.message, '[skip build]')
+      if: steps.rust_artifact_cache.outputs.cache-hit != 'true'
       env:
         SGX_MODE: HW
         RUST_BACKTRACE: full
@@ -152,18 +145,14 @@ jobs:
           -p mc-watcher
 
     - name: Copy artifacts to cache
-      if: |
-        steps.rust_artifact_cache.outputs.cache-hit != 'true' &&
-        ! contains(github.event.head_commit.message, '[skip build]')
+      if: steps.rust_artifact_cache.outputs.cache-hit != 'true'
       run: |
         mkdir -p rust_build_artifacts
         find target/release -maxdepth 1 -executable -type f -exec cp "{}" rust_build_artifacts/ \;
         find target/release -maxdepth 1 -name "*.signed.so" -exec cp "{}" rust_build_artifacts/ \;
 
     - name: Create css measurements
-      if: |
-        steps.rust_artifact_cache.outputs.cache-hit != 'true' &&
-        ! contains(github.event.head_commit.message, '[skip build]')
+      if: steps.rust_artifact_cache.outputs.cache-hit != 'true'
       shell: bash
       run: |
         cd rust_build_artifacts
@@ -174,12 +163,10 @@ jobs:
         done
 
     - name: Check artifacts
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
       run: |
         ls -alR rust_build_artifacts
 
     - name: Upload artifacts
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
       uses: actions/upload-artifact@v4
       with:
         name: rust-binaries
@@ -193,26 +180,21 @@ jobs:
       image: golang:1.18.5
     steps:
     - name: Checkout
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
     - name: Add protobuf-compiler
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
       run: |
         apt update
         apt install -y protobuf-compiler zstd
 
     - name: Cache go build binaries
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
       id: go_artifact_cache
       uses: ./.github/actions/mobilecoin-cache-go-binaries
       with:
         cache_buster: ${{ secrets.CACHE_BUSTER }}
 
     - name: Build go-grpc-gateway
-      if: |
-        steps.go_artifact_cache.outputs.cache-hit != 'true' &&
-        ! contains(github.event.head_commit.message, '[skip build]')
+      if: steps.go_artifact_cache.outputs.cache-hit != 'true'
       run: |
         cd go-grpc-gateway
         ./install_tools.sh
@@ -221,12 +203,10 @@ jobs:
         cp go-grpc-gateway ../go_build_artifacts/
 
     - name: check artifacts
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
       run: |
         ls -alR go_build_artifacts
 
     - name: Upload Artifacts
-      if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }}
       uses: actions/upload-artifact@v4
       with:
         name: go-binaries
@@ -241,39 +221,19 @@ jobs:
     - generate-metadata
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
-    - name: Generate Docker Tags
-      id: docker_meta
-      uses: docker/metadata-action@v5
+    - name: Docker
+      uses: mobilecoinofficial/gh-actions/docker@v0
       with:
+        dockerfile: .internal-ci/docker/Dockerfile.dcap-runtime-base
+        flavor: latest=true
         images: ${{ env.DOCKER_ORG }}/dcap-runtime-base
-        flavor: |
-          latest=true
         tags: |
           type=sha
-
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Login to DockerHub
-      uses: docker/login-action@v3
-      with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-    - name: Publish to DockerHub
-      id: docker_publish_dockerhub
-      uses: docker/build-push-action@v5
-      with:
-        build-args: |
-          REPO_ORG=${{ env.DOCKER_ORG }}
-        context: .
-        file: .internal-ci/docker/Dockerfile.dcap-runtime-base
-        labels: ${{ steps.docker_meta.outputs.labels }}
-        push: true
-        tags: ${{ steps.docker_meta.outputs.tags }}
-
 #########################################
 # Build/Publish public artifacts
 #########################################
@@ -299,7 +259,7 @@ jobs:
         - watcher
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
     - name: Cache rust build binaries
       id: rust_artifact_cache
@@ -313,41 +273,23 @@ jobs:
       with:
         cache_buster: ${{ secrets.CACHE_BUSTER }}
 
-    - name: Generate Docker Tags
-      id: docker_meta
-      uses: docker/metadata-action@v5
-      with:
-        images: ${{ env.DOCKER_ORG }}/${{ matrix.image }}
-        tags: ${{ needs.generate-metadata.outputs.docker_tag }}
-
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Login to DockerHub
-      uses: docker/login-action@v3
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
-
     - name: Get short SHA
       run: echo "GH_SHORT_SHA=sha-$(echo "${GITHUB_SHA}" | cut -c1-7)" >> "${GITHUB_ENV}"
 
-    - name: Publish to DockerHub
-      id: docker_publish_dockerhub
-      uses: docker/build-push-action@v5
+    - name: Docker
+      uses: mobilecoinofficial/gh-actions/docker@v0
       with:
-        build-args: |
+        build_args: |
           REPO_ORG=${{ env.DOCKER_ORG }}
           BASE_TAG=${{ env.GH_SHORT_SHA }}
           RUST_BIN_PATH=rust_build_artifacts
           GO_BIN_PATH=go_build_artifacts
-        cache-from: type=registry,ref=${{ env.DOCKER_ORG }}/${{ matrix.image }}:buildcache-${{ needs.generate-metadata.outputs.namespace }}
-        cache-to: type=registry,ref=${{ env.DOCKER_ORG }}/${{ matrix.image }}:buildcache-${{ needs.generate-metadata.outputs.namespace }}
-        context: .
-        file: .internal-ci/docker/Dockerfile.${{ matrix.image }}
-        labels: ${{ steps.docker_meta.outputs.labels }}
-        push: true
-        tags: ${{ steps.docker_meta.outputs.tags }}
+        dockerfile: .internal-ci/docker/Dockerfile.${{ matrix.image }}
+        flavor: latest=true
+        images: ${{ env.DOCKER_ORG }}/${{ matrix.image }}
+        tags: ${{ needs.generate-metadata.outputs.docker_tag }}
+        username: ${{ secrets.DOCKERHUB_USERNAME }}
+        password: ${{ secrets.DOCKERHUB_TOKEN }}
 
   charts:
     runs-on: mcf-dev-small-x64
@@ -370,11 +312,9 @@ jobs:
         - fog-ledger
     steps:
     - name: Checkout
-      if: ${{ ! contains(github.event.head_commit.message, '[skip charts]') }}
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
     - name: Package and publish chart
-      if: ${{ ! contains(github.event.head_commit.message, '[skip charts]') }}
       uses: mobilecoinofficial/gha-k8s-toolbox@v1
       with:
         action: helm-publish

diff --git a/.github/workflows/mobilecoin-dev-delete.yaml b/.github/workflows/mobilecoin-dev-delete.yaml
@@ -15,7 +15,7 @@ jobs:
 
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
     - name: Generate version metadata
       id: meta

diff --git a/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml b/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml
@@ -56,7 +56,7 @@ jobs:
     runs-on: mcf-dev-small-x64
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
     - name: 👾 Print Environment Details 👾
       env:

diff --git a/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml b/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml
@@ -134,7 +134,7 @@ jobs:
     runs-on: mcf-dev-small-x64
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
     - name: Create namespace
       uses: mobilecoinofficial/gha-k8s-toolbox@v1

diff --git a/.github/workflows/mobilecoin-workflow-dev-test.yaml b/.github/workflows/mobilecoin-workflow-dev-test.yaml
@@ -103,7 +103,7 @@ jobs:
       END_KEYS: '499'
     steps:
     - name: Checkout
-      uses: actions/checkout@v4
+      uses: mobilecoinofficial/gh-actions/checkout@v0
 
     - name: Delete existing keys
       uses: mobilecoinofficial/gha-k8s-toolbox@v1