From 4a909d999d17347174c4752b6b41aef48309f00b Mon Sep 17 00:00:00 2001 From: Jason Greathouse Date: Fri, 12 Jan 2024 11:07:56 -0600 Subject: [PATCH] use mobilecoinofficial/gh-actions where possible --- .../workflows/android-bindings-dispatch.yml | 2 +- .github/workflows/ci.yml | 24 ++-- .github/workflows/mobilecoin-dev-cd.yaml | 108 ++++-------------- .github/workflows/mobilecoin-dev-delete.yaml | 2 +- .../mobilecoin-dispatch-dev-deploy.yaml | 2 +- ...lecoin-workflow-dev-setup-environment.yaml | 2 +- .../mobilecoin-workflow-dev-test.yaml | 2 +- 7 files changed, 41 insertions(+), 101 deletions(-) diff --git a/.github/workflows/android-bindings-dispatch.yml b/.github/workflows/android-bindings-dispatch.yml index dc63d6f0d7..3746598595 100644 --- a/.github/workflows/android-bindings-dispatch.yml +++ b/.github/workflows/android-bindings-dispatch.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Build and Publish Bindings env: MAVEN_USER: ${{ secrets.MAVEN_USER }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 046f6fc936..8b432d5454 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: Cargo build (SW) @@ -45,7 +45,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: Cargo build (HW) @@ -64,7 +64,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - uses: actions/setup-node@v4 with: node-version: 18 @@ -81,7 +81,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust with: @@ -98,7 +98,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Set up Go uses: actions/setup-go@v5 with: @@ -131,7 +131,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: Generate docs @@ -160,7 +160,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: List packages to test @@ -203,7 +203,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: List packages to test @@ -248,7 +248,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: List packages to test @@ -297,7 +297,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Rust uses: ./.github/actions/setup-rust - name: Run tests @@ -330,7 +330,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Python uses: actions/setup-python@v5 with: @@ -381,7 +381,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Setup Python uses: actions/setup-python@v5 with: diff --git a/.github/workflows/mobilecoin-dev-cd.yaml b/.github/workflows/mobilecoin-dev-cd.yaml index a565999ae3..ad095c4d51 100644 --- a/.github/workflows/mobilecoin-dev-cd.yaml +++ b/.github/workflows/mobilecoin-dev-cd.yaml @@ -49,7 +49,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Generate version metadata id: meta @@ -81,11 +81,9 @@ jobs: MINTING_TRUST_ROOT_PUBLIC_KEY_PEM: ${{ github.workspace }}/.tmp/minting_trust_root.public.pem steps: - name: Checkout - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Write environment values - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} env: ENCLAVE_SIGNING_KEY: ${{ secrets.DEV_ENCLAVE_SIGNING_KEY }} MINTING_TRUST_ROOT_PUBLIC: ${{ secrets.DEV_MINTING_TRUST_ROOT_PUBLIC }} @@ -95,7 +93,6 @@ jobs: echo "${MINTING_TRUST_ROOT_PUBLIC}" > "${MINTING_TRUST_ROOT_PUBLIC_KEY_PEM}" - name: Cache rust build binaries - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} id: rust_artifact_cache uses: ./.github/actions/mobilecoin-cache-rust-binaries with: @@ -103,17 +100,13 @@ jobs: - name: Cache cargo packages # We don't need cargo packages if we already have binaries. - if: | - steps.rust_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') + if: steps.rust_artifact_cache.outputs.cache-hit != 'true' uses: ./.github/actions/mobilecoin-cache-cargo-package with: cache_buster: ${{ secrets.CACHE_BUSTER }} - name: Build rust hardware projects - if: | - steps.rust_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') + if: steps.rust_artifact_cache.outputs.cache-hit != 'true' env: SGX_MODE: HW RUST_BACKTRACE: full @@ -152,18 +145,14 @@ jobs: -p mc-watcher - name: Copy artifacts to cache - if: | - steps.rust_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') + if: steps.rust_artifact_cache.outputs.cache-hit != 'true' run: | mkdir -p rust_build_artifacts find target/release -maxdepth 1 -executable -type f -exec cp "{}" rust_build_artifacts/ \; find target/release -maxdepth 1 -name "*.signed.so" -exec cp "{}" rust_build_artifacts/ \; - name: Create css measurements - if: | - steps.rust_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') + if: steps.rust_artifact_cache.outputs.cache-hit != 'true' shell: bash run: | cd rust_build_artifacts @@ -174,12 +163,10 @@ jobs: done - name: Check artifacts - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} run: | ls -alR rust_build_artifacts - name: Upload artifacts - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} uses: actions/upload-artifact@v4 with: name: rust-binaries @@ -193,26 +180,21 @@ jobs: image: golang:1.18.5 steps: - name: Checkout - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Add protobuf-compiler - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} run: | apt update apt install -y protobuf-compiler zstd - name: Cache go build binaries - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} id: go_artifact_cache uses: ./.github/actions/mobilecoin-cache-go-binaries with: cache_buster: ${{ secrets.CACHE_BUSTER }} - name: Build go-grpc-gateway - if: | - steps.go_artifact_cache.outputs.cache-hit != 'true' && - ! contains(github.event.head_commit.message, '[skip build]') + if: steps.go_artifact_cache.outputs.cache-hit != 'true' run: | cd go-grpc-gateway ./install_tools.sh @@ -221,12 +203,10 @@ jobs: cp go-grpc-gateway ../go_build_artifacts/ - name: check artifacts - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} run: | ls -alR go_build_artifacts - name: Upload Artifacts - if: ${{ ! contains(github.event.head_commit.message, '[skip build]') }} uses: actions/upload-artifact@v4 with: name: go-binaries @@ -241,39 +221,19 @@ jobs: - generate-metadata steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - - name: Generate Docker Tags - id: docker_meta - uses: docker/metadata-action@v5 + - name: Docker + uses: mobilecoinofficial/gh-actions/docker@v0 with: + dockerfile: .internal-ci/docker/Dockerfile.dcap-runtime-base + flavor: latest=true images: ${{ env.DOCKER_ORG }}/dcap-runtime-base - flavor: | - latest=true tags: | type=sha - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to DockerHub - uses: docker/login-action@v3 - with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Publish to DockerHub - id: docker_publish_dockerhub - uses: docker/build-push-action@v5 - with: - build-args: | - REPO_ORG=${{ env.DOCKER_ORG }} - context: . - file: .internal-ci/docker/Dockerfile.dcap-runtime-base - labels: ${{ steps.docker_meta.outputs.labels }} - push: true - tags: ${{ steps.docker_meta.outputs.tags }} - ######################################### # Build/Publish public artifacts ######################################### @@ -299,7 +259,7 @@ jobs: - watcher steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Cache rust build binaries id: rust_artifact_cache @@ -313,41 +273,23 @@ jobs: with: cache_buster: ${{ secrets.CACHE_BUSTER }} - - name: Generate Docker Tags - id: docker_meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.DOCKER_ORG }}/${{ matrix.image }} - tags: ${{ needs.generate-metadata.outputs.docker_tag }} - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to DockerHub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Get short SHA run: echo "GH_SHORT_SHA=sha-$(echo "${GITHUB_SHA}" | cut -c1-7)" >> "${GITHUB_ENV}" - - name: Publish to DockerHub - id: docker_publish_dockerhub - uses: docker/build-push-action@v5 + - name: Docker + uses: mobilecoinofficial/gh-actions/docker@v0 with: - build-args: | + build_args: | REPO_ORG=${{ env.DOCKER_ORG }} BASE_TAG=${{ env.GH_SHORT_SHA }} RUST_BIN_PATH=rust_build_artifacts GO_BIN_PATH=go_build_artifacts - cache-from: type=registry,ref=${{ env.DOCKER_ORG }}/${{ matrix.image }}:buildcache-${{ needs.generate-metadata.outputs.namespace }} - cache-to: type=registry,ref=${{ env.DOCKER_ORG }}/${{ matrix.image }}:buildcache-${{ needs.generate-metadata.outputs.namespace }} - context: . - file: .internal-ci/docker/Dockerfile.${{ matrix.image }} - labels: ${{ steps.docker_meta.outputs.labels }} - push: true - tags: ${{ steps.docker_meta.outputs.tags }} + dockerfile: .internal-ci/docker/Dockerfile.${{ matrix.image }} + flavor: latest=true + images: ${{ env.DOCKER_ORG }}/${{ matrix.image }} + tags: ${{ needs.generate-metadata.outputs.docker_tag }} + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} charts: runs-on: mcf-dev-small-x64 @@ -370,11 +312,9 @@ jobs: - fog-ledger steps: - name: Checkout - if: ${{ ! contains(github.event.head_commit.message, '[skip charts]') }} - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Package and publish chart - if: ${{ ! contains(github.event.head_commit.message, '[skip charts]') }} uses: mobilecoinofficial/gha-k8s-toolbox@v1 with: action: helm-publish diff --git a/.github/workflows/mobilecoin-dev-delete.yaml b/.github/workflows/mobilecoin-dev-delete.yaml index a7bcd1f413..3129270c72 100644 --- a/.github/workflows/mobilecoin-dev-delete.yaml +++ b/.github/workflows/mobilecoin-dev-delete.yaml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Generate version metadata id: meta diff --git a/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml b/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml index e0f4216f26..32ec1986ba 100644 --- a/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml +++ b/.github/workflows/mobilecoin-dispatch-dev-deploy.yaml @@ -56,7 +56,7 @@ jobs: runs-on: mcf-dev-small-x64 steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: 👾 Print Environment Details 👾 env: diff --git a/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml b/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml index 7161680e29..297728611c 100644 --- a/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml +++ b/.github/workflows/mobilecoin-workflow-dev-setup-environment.yaml @@ -134,7 +134,7 @@ jobs: runs-on: mcf-dev-small-x64 steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Create namespace uses: mobilecoinofficial/gha-k8s-toolbox@v1 diff --git a/.github/workflows/mobilecoin-workflow-dev-test.yaml b/.github/workflows/mobilecoin-workflow-dev-test.yaml index 184ff98d8b..90664fb353 100644 --- a/.github/workflows/mobilecoin-workflow-dev-test.yaml +++ b/.github/workflows/mobilecoin-workflow-dev-test.yaml @@ -103,7 +103,7 @@ jobs: END_KEYS: '499' steps: - name: Checkout - uses: actions/checkout@v4 + uses: mobilecoinofficial/gh-actions/checkout@v0 - name: Delete existing keys uses: mobilecoinofficial/gha-k8s-toolbox@v1