diff --git a/.github/workflows/ci-run.yml b/.github/workflows/ci-run.yml new file mode 100644 index 0000000000..e01b1d208d --- /dev/null +++ b/.github/workflows/ci-run.yml @@ -0,0 +1,467 @@ +--- +name: ♻ CI Run +on: + pull_request: +env: + # ---------------------------------------------------------------------------- + # CI/CD + HOUSEKEEPER_NAME: "${{ vars.HOUSEKEEPER_NAME }}" + HOUSEKEEPER_EMAIL: "${{ secrets.HOUSEKEEPER_EMAIL }}" + HOUSEKEEPER_CI_TOKEN: "${{ secrets.HOUSEKEEPER_CI_TOKEN }}" + HOUSEKEEPER_GPG_KEY: "${{ secrets.HOUSEKEEPER_GPG_KEY }}" + HOUSEKEEPER_GPG_KEY_ID: "${{ secrets.HOUSEKEEPER_GPG_KEY_ID }}" + ARGOCD_URL: "${{ secrets.ARGOCD_URL }}" + ARGOCD_ACCESS_TOKEN: "${{ secrets.ARGOCD_ACCESS_TOKEN }}" + +jobs: + stop-e2e-env: + name: Stop E2E Env + needs: + - start-e2e-env + - run-e2e-tests + if: always() && (needs.start-e2e-env.result == 'success') + uses: ./.github/workflows/tpl-destroy-env.yml + secrets: inherit + with: + env-type: e2e + delete-env: true + pull-request-id: ${{ github.event.pull_request.number }} + workflow-id: ${{ github.run_id }} + + stop-api-env: + name: Stop APITest Env + needs: + - start-apitest-env + - run-api-tests + if: always() && (needs.start-apitest-env.result == 'success') + uses: ./.github/workflows/tpl-destroy-env.yml + secrets: inherit + with: + env-type: apitest + delete-env: true + pull-request-id: ${{ github.event.pull_request.number }} + workflow-id: ${{ github.run_id }} + + run-e2e-tests: + name: Run E2E Tests + needs: + - deploy-e2e-env + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/synpress-arch:5dc8b447 + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + env: + ENV_TYPE: e2e + CI_MERGE_REQUEST_IID: ${{ github.event.pull_request.number }} + CI_PIPELINE_ID: ${{ github.run_id }} + CYPRESS_DOCKER_RUN: true + CI: true + METAMASK_VERSION: 10.25.0 + SECRET_WORDS: test test test test test test test test test test test junk + steps: + - uses: actions/checkout@v4.1.0 + - uses: actions/cache/restore@v4 + with: + path: |- + ${{ matrix.SERVICE }}/.yarn + ${{ matrix.SERVICE }}/node-modules + key: "${{ github.sha }}-yarn-client" + - uses: actions/cache/restore@v4 + with: + path: |- + ${{ matrix.SERVICE }}/.yarn + ${{ matrix.SERVICE }}/node-modules + key: "${{ github.sha }}-yarn-root" + - name: Run E2E tests + run: | + set -ex + + exit 0 + + export CI_PROJECT_DIR="${GITHUB_WORKSPACE}" + source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE + + # Setup NVM to use Node version 16 + source /usr/share/nvm/init-nvm.sh + nvm install 16 + nvm use 16 + npm i -g yarn + + pushd client + yarn install --cache-folder .yarn --frozen-lockfile --prefer-offline --no-audit + + bash ${CI_PROJECT_DIR}/ci/argocd/wait_for_app.sh + export OCTANT_BASE_URL; OCTANT_BASE_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_web_client_url.sh) + + yarn synpress:run + shell: bash + - uses: actions/upload-artifact@v4.0.0 + if: failure() + with: + name: "${{ github.job }}" + retention-days: 3 + path: |- + client/cypress/videos + client/cypress/screenshots + + run-api-tests: + name: Run API Tests + needs: + - deploy-apitest-env + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179 + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + env: + ENV_TYPE: apitest + CI_MERGE_REQUEST_IID: ${{ github.event.pull_request.number }} + CI_PIPELINE_ID: ${{ github.run_id }} + steps: + - uses: actions/checkout@v4.1.0 + - uses: actions/cache/restore@v4 + with: + path: backend/.venv + key: "${{ github.sha }}-poetry-backend" + - uses: actions/download-artifact@v4 + with: + name: ${{ needs.deploy-apitest-env.outputs.contracts-env-artifact-id }} + - name: Run API tests + run: | + set -ex + + export CI_PROJECT_DIR="${GITHUB_WORKSPACE}" + export $(grep -v '^#' ${CI_PROJECT_DIR}/contracts.env | xargs) + + source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE + + pushd backend + + poetry config virtualenvs.in-project true + poetry install + + bash ${CI_PROJECT_DIR}/ci/argocd/wait_for_app.sh + export ETH_RPC_PROVIDER_URL; ETH_RPC_PROVIDER_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_rpc_url.sh) + export SUBGRAPH_ENDPOINT; SUBGRAPH_ENDPOINT=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_graph_url.sh)/subgraphs/name/octant + + poetry run pytest --onlyapi + shell: bash + + deploy-e2e-env: + name: Deploy E2E Env + needs: + - docker + - start-e2e-env + uses: ./.github/workflows/tpl-deploy-app.yml + with: + # --- + env-type: e2e + image-tag: ${{ github.sha }} + pull-request-id: ${{ github.event.pull_request.number }} + workflow-id: ${{ github.run_id }} + env-id: ${{ needs.start-e2e-env.outputs.env-id }} + deployment-id: ${{ needs.start-e2e-env.outputs.deployment-id }} + # --- + deploy-contracts: true + forward-first-epoch: true + chain-id: 1337 + network-name: local + chain-name: localhost + snapshotter-enabled: true + scheduler-enabled: true + glm-claim-enabled: true + vault-confirm-withdrawals-enabled: true + secrets: inherit + + deploy-apitest-env: + name: Deploy APITest Env + needs: + - docker + - start-apitest-env + uses: ./.github/workflows/tpl-deploy-app.yml + with: + # --- + env-type: apitest + image-tag: ${{ github.sha }} + pull-request-id: ${{ github.event.pull_request.number }} + workflow-id: ${{ github.run_id }} + env-id: ${{ needs.start-apitest-env.outputs.env-id }} + deployment-id: ${{ needs.start-apitest-env.outputs.deployment-id }} + # --- + deploy-contracts: true + chain-id: 1337 + network-name: local + chain-name: localhost + web-client-replicas: 0 + coin-prices-server-replicas: 0 + backend-server-replicas: 0 + secrets: inherit + + start-e2e-env: + name: Start E2E Env + uses: ./.github/workflows/tpl-start-env.yml + secrets: inherit + with: + env-type: e2e + git-ref: ${{ github.ref }} + pull-request-id: ${{ github.event.pull_request.number }} + workflow-id: ${{ github.run_id }} + + start-apitest-env: + name: Start APITest Env + uses: ./.github/workflows/tpl-start-env.yml + secrets: inherit + with: + env-type: apitest + git-ref: ${{ github.ref }} + pull-request-id: ${{ github.event.pull_request.number }} + workflow-id: ${{ github.run_id }} + + docker: + name: Docker + uses: ./.github/workflows/tpl-images.yml + secrets: inherit + with: + image-tag: ${{ github.sha }} + # +------------------------- + # | Tests: NodeJS + # +------------------------- + nodejs-tests: + name: NodeJS Tests + needs: + - lint-and-typecheck-yarn + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:bdda411c + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + strategy: + matrix: + SERVICE: + - contracts-v1 + - client + - coin-prices-server + - subgraph + steps: + - uses: actions/checkout@v4.1.0 + - uses: actions/cache/restore@v4 + with: + path: |- + node_modules + .yarn + key: "${{ github.sha }}-yarn-root" + - uses: actions/cache/restore@v4 + with: + path: |- + ${{ matrix.SERVICE }}/.yarn + ${{ matrix.SERVICE }}/node-modules + key: "${{ github.sha }}-yarn-${{ matrix.SERVICE }}" + - uses: actions/cache/restore@v4 + with: + path: |- + contracts-v1/artifacts + contracts-v1/typechain + key: "${{ github.sha }}-yarn-contracts-v1-extras" + - run: | + cd ${{ matrix.SERVICE }} + yarn install --cache-folder .yarn --non-interactive --frozen-lockfile + yarn test + shell: bash + # +------------------------- + # | Tests: Backend + # +------------------------- + backend-tests: + name: Backend Tests + needs: + - lint-and-typecheck-poetry + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179 + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + steps: + - uses: actions/checkout@v4.1.0 + - uses: actions/cache/restore@v4 + with: + path: backend/.venv + key: "${{ github.sha }}-poetry-backend" + - run: | + pushd backend + poetry config virtualenvs.in-project true + poetry install + poetry run pytest + shell: bash + # +------------------------- + # | Lint: poetry + # +------------------------- + lint-and-typecheck-poetry: + name: Lint and Typecheck Poetry + needs: + - build-backend + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179 + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + steps: + - uses: actions/checkout@v4.1.0 + - uses: actions/cache/restore@v4 + with: + path: backend/.venv + key: "${{ github.sha }}-poetry-backend" + - run: | + pushd backend + poetry config virtualenvs.in-project true + poetry install + poetry run black --check --extend-exclude .venv . + poetry run flake8 + shell: bash + # +------------------------- + # | Lint: yarn + # +------------------------- + lint-and-typecheck-yarn: + name: Lint and Typecheck Yarn + needs: + - build-contracts + - build-services + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:bdda411c + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + strategy: + matrix: + SERVICE: + - contracts-v1 + - client + - coin-prices-server + - subgraph + steps: + - uses: actions/checkout@v4.1.0 + - uses: actions/cache/restore@v4 + with: + path: |- + node_modules + .yarn + key: "${{ github.sha }}-yarn-root" + - uses: actions/cache/restore@v4 + with: + path: |- + ${{ matrix.SERVICE }}/.yarn + ${{ matrix.SERVICE }}/node-modules + key: "${{ github.sha }}-yarn-${{ matrix.SERVICE }}" + - uses: actions/cache/restore@v4 + with: + path: |- + contracts-v1/artifacts + contracts-v1/typechain + key: "${{ github.sha }}-yarn-contracts-v1-extras" + - run: | + pushd ${{ matrix.SERVICE }} + yarn install --cache-folder .yarn --non-interactive --frozen-lockfile + yarn eslint + yarn type-check + shell: bash + # +------------------------- + # | Build + # | client + # | cps + # | subgraph + # +------------------------- + build-services: + name: Build Services + needs: + - build-contracts + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:bdda411c + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + strategy: + matrix: + SERVICE: + - client + - coin-prices-server + - subgraph + steps: + - uses: actions/checkout@v4.1.0 + - uses: actions/cache/restore@v4 + with: + path: |- + node_modules + .yarn + key: "${{ github.sha }}-yarn-root" + - run: ci/build_${{ matrix.SERVICE }}.sh + - uses: actions/cache/save@v4 + with: + path: |- + ${{ matrix.SERVICE }}/.yarn + ${{ matrix.SERVICE }}/node-modules + key: "${{ github.sha }}-yarn-${{ matrix.SERVICE }}" + # +------------------------- + # | Build backend + # +------------------------- + build-backend: + name: Build Services + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179 + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + steps: + - uses: actions/checkout@v4.1.0 + - run: ci/build_backend.sh + - uses: actions/cache/save@v4 + with: + path: backend/.venv + key: "${{ github.sha }}-poetry-backend" + # +------------------------- + # | Build contracts + # +------------------------- + build-contracts: + name: Build Contracts + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:bdda411c + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + steps: + - uses: actions/checkout@v4.1.0 + - run: ci/build_contracts_v1.sh + - uses: actions/cache/save@v4 + with: + path: |- + node_modules + .yarn + key: "${{ github.sha }}-yarn-root" + - uses: actions/cache/save@v4 + with: + path: |- + contracts-v1/.yarn + contracts-v1/node_modules + key: "${{ github.sha }}-yarn-contracts-v1" + - uses: actions/cache/save@v4 + with: + path: |- + contracts-v1/artifacts + contracts-v1/typechain + key: "${{ github.sha }}-yarn-contracts-v1-extras" diff --git a/.github/workflows/deploy-master.yml b/.github/workflows/deploy-master.yml new file mode 100644 index 0000000000..d8b2932e6c --- /dev/null +++ b/.github/workflows/deploy-master.yml @@ -0,0 +1,41 @@ +--- +name: ▶️ Deploy Master +on: + workflow_dispatch: + +jobs: + build: + name: Build + uses: ./.github/workflows/tpl-images.yml + secrets: inherit + with: + image-tag: ${{ github.sha }} + run: + name: Run + uses: ./.github/workflows/tpl-start-env.yml + secrets: inherit + with: + git-ref: ${{ github.ref }} + env-type: master + workflow-id: ${{ github.run_id }} + deploy: + name: Deploy + needs: + - build + - run + uses: ./.github/workflows/tpl-deploy-app.yml + with: + env-type: master + env-id: ${{ needs.run.outputs.env-id }} + deployment-id: ${{ needs.run.outputs.deployment-id }} + image-tag: ${{ github.sha }} + workflow-id: ${{ github.run_id }} + # --- + chain-id: 11155111 + network-name: sepolia + chain-name: sepolia + snapshotter-enabled: true + scheduler-enabled: true + vault-confirm-withdrawals-enabled: true + glm-claim-enabled: true + secrets: inherit diff --git a/.github/workflows/deploy-pr.yml b/.github/workflows/deploy-pr.yml new file mode 100644 index 0000000000..3fd8df0353 --- /dev/null +++ b/.github/workflows/deploy-pr.yml @@ -0,0 +1,104 @@ +--- +name: ♻ PR Deployment +on: + issue_comment: + types: [created] + +jobs: + build: + name: Build + needs: + - run + uses: ./.github/workflows/tpl-images.yml + secrets: inherit + with: + image-tag: ${{ needs.run.outputs.sha }} + + deploy: + name: Deploy + needs: + - run + - build + uses: ./.github/workflows/tpl-deploy-app.yml + with: + # --- + env-type: pr + image-tag: ${{ needs.run.outputs.sha }} + pull-request-id: ${{ needs.run.outputs.pr_id }} + workflow-id: ${{ github.run_id }} + env-id: ${{ needs.run.outputs.env }} + deployment-id: ${{ needs.run.outputs.deployment }} + # --- + deploy-contracts: true + chain-id: 1337 + network-name: local + chain-name: localhost + snapshotter-enabled: true + scheduler-enabled: true + vault-confirm-withdrawals-enabled: true + glm-claim-enabled: true + secrets: inherit + + run: + name: Run + if: github.event.issue.pull_request && contains(github.event.comment.body, '/deploy') + runs-on: + - metal + outputs: + sha: ${{ steps.comment-branch.outputs.head_sha }} + ref: ${{ steps.comment-branch.outputs.head_ref }} + pr_id: ${{ steps.get-pr-number.outputs.result }} + env: ${{ steps.start-deployment.outputs.env }} + deployment: ${{ steps.start-deployment.outputs.deployment_id }} + steps: + - name: Get PR branch + uses: xt0rted/pull-request-comment-branch@v2 + id: comment-branch + + - uses: actions/github-script@v7 + id: get-pr-number + with: + result-encoding: string + script: | + return ( + await github.rest.repos.listPullRequestsAssociatedWithCommit({ + commit_sha: '${{ steps.comment-branch.outputs.head_sha }}', + owner: context.repo.owner, + repo: context.repo.repo, + }) + ).data[0].number; + + - uses: actions/checkout@v4.1.0 + with: + path: __local + ref: ${{ steps.comment-branch.outputs.head_ref }} + + - name: Get environment name + id: env-name + env: + CI_MERGE_REQUEST_IID: ${{ steps.get-pr-number.outputs.result }} + CI_PIPELINE_ID: ${{ github.run_id }} + run: | + set -ex + + export CI_PROJECT_DIR="${GITHUB_WORKSPACE}/__local" + + source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE + echo "DEPLOYMENT_ID=$DEPLOYMENT_ID" >> $GITHUB_OUTPUT + shell: bash + + - name: (debug) + run: | + echo ${{ steps.get-pr-number.outputs.result }} + echo ${{ steps.env-name.outputs.DEPLOYMENT_ID }} + echo ${{ github.run_id }} + + - name: start deployment + uses: bobheadxi/deployments@v1 + id: start-deployment + with: + step: start + token: ${{ secrets.GH_BOT_TOKEN }} + env: ${{ steps.env-name.outputs.DEPLOYMENT_ID }} + ref: ${{ steps.comment-branch.outputs.head_ref }} + override: true diff --git a/.github/workflows/deploy-rc.yml b/.github/workflows/deploy-rc.yml new file mode 100644 index 0000000000..203cf1b0dd --- /dev/null +++ b/.github/workflows/deploy-rc.yml @@ -0,0 +1,54 @@ +--- +name: ▶️ Deploy Release Candidate +on: + workflow_dispatch: + +env: + ARGO_REPOSITORY: "https://wildland-bot:${{ secrets.HOUSEKEEPER_CI_TOKEN }}@gitlab.com/golemfoundation/devops/iac/k8s/wildland-k8s-devops.git" + ARGO_REPOSITORY_BRANCH: "github/release-candidate" + IMAGE_TAG: "${{ github.sha }}" + HOUSEKEEPER_GPG_KEY: "${{ secrets.HOUSEKEEPER_GPG_KEY }}" + HOUSEKEEPER_GPG_KEY_ID: "${{ secrets.HOUSEKEEPER_GPG_KEY_ID }}" + HOUSEKEEPER_NAME: "${{ vars.HOUSEKEEPER_NAME }}" + HOUSEKEEPER_EMAIL: "${{ secrets.HOUSEKEEPER_EMAIL }}" + +jobs: + build: + name: Build + uses: ./.github/workflows/tpl-images.yml + secrets: inherit + with: + image-tag: ${{ github.sha }} + deploy: + name: Deploy + needs: + - build + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/gitops-builder:2ea6d57c + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + steps: + - uses: actions/checkout@v4.1.0 + - run : | + set -ex + + gpg --import <(echo $HOUSEKEEPER_GPG_KEY | base64 -d) + git config --global user.name "$HOUSEKEEPER_NAME" + git config --global user.email "$HOUSEKEEPER_EMAIL" + git config --global user.signingkey $HOUSEKEEPER_GPG_KEY_ID + + GIT_DIR=`mktemp -d` + git clone -b $ARGO_REPOSITORY_BRANCH $ARGO_REPOSITORY $GIT_DIR + + pushd $GIT_DIR + + yq -y -i -e ".[].value.value = \"$IMAGE_TAG\"" mainnet/octant-image.values.yaml + + git add mainnet/octant-image.values.yaml + git commit -S -m "Changed octant image tag to $IMAGE_TAG at $(date +%Y-%m-%d)" || true + + git push + shell: bash diff --git a/.github/workflows/deploy-uat.yml b/.github/workflows/deploy-uat.yml new file mode 100644 index 0000000000..c834f6b4be --- /dev/null +++ b/.github/workflows/deploy-uat.yml @@ -0,0 +1,41 @@ +--- +name: ▶️ Deploy UAT +on: + workflow_dispatch: + +jobs: + build: + name: Build + uses: ./.github/workflows/tpl-images.yml + secrets: inherit + with: + image-tag: ${{ github.sha }} + run: + name: Run + uses: ./.github/workflows/tpl-start-env.yml + secrets: inherit + with: + git-ref: ${{ github.ref }} + env-type: uat + workflow-id: ${{ github.run_id }} + deploy: + name: Deploy + needs: + - build + - run + uses: ./.github/workflows/tpl-deploy-app.yml + with: + env-type: uat + env-id: ${{ needs.run.outputs.env-id }} + deployment-id: ${{ needs.run.outputs.deployment-id }} + image-tag: ${{ github.sha }} + workflow-id: ${{ github.run_id }} + # --- + chain-id: 11155111 + network-name: sepolia + chain-name: sepolia + snapshotter-enabled: true + scheduler-enabled: true + vault-confirm-withdrawals-enabled: true + glm-claim-enabled: true + secrets: inherit diff --git a/.github/workflows/destroy-master.yml b/.github/workflows/destroy-master.yml new file mode 100644 index 0000000000..058c471668 --- /dev/null +++ b/.github/workflows/destroy-master.yml @@ -0,0 +1,12 @@ +--- +name: 🔻 Stop Master +on: + workflow_dispatch: + +jobs: + run: + name: Run + uses: ./.github/workflows/tpl-destroy-env.yml + secrets: inherit + with: + env-type: master diff --git a/.github/workflows/destroy-uat.yml b/.github/workflows/destroy-uat.yml new file mode 100644 index 0000000000..ec5540a469 --- /dev/null +++ b/.github/workflows/destroy-uat.yml @@ -0,0 +1,12 @@ +--- +name: 🔻 Stop UAT +on: + workflow_dispatch: + +jobs: + run: + name: Run + uses: ./.github/workflows/tpl-destroy-env.yml + secrets: inherit + with: + env-type: uat diff --git a/.github/workflows/tpl-deploy-app.yml b/.github/workflows/tpl-deploy-app.yml new file mode 100644 index 0000000000..2e4fb5c81e --- /dev/null +++ b/.github/workflows/tpl-deploy-app.yml @@ -0,0 +1,323 @@ +--- +name: 🔒 Deploy Application +on: + workflow_call: + outputs: + contracts-env-artifact-id: + value: ${{ inputs.env-type }}-contracts-env + inputs: + env-type: + required: true + type: string + image-tag: + required: true + type: string + pull-request-id: + required: false + type: string + env-id: + required: true + type: string + deployment-id: + required: true + type: string + workflow-id: + required: true + type: string + deploy-contracts: + required: false + default: false + type: boolean + chain-id: + required: true + type: number + chain-name: + required: true + type: string + network-name: + required: true + type: string + snapshotter-enabled: + required: false + default: false + type: boolean + scheduler-enabled: + required: false + default: false + type: boolean + glm-claim-enabled: + required: false + default: false + type: boolean + vault-confirm-withdrawals-enabled: + required: false + default: false + type: boolean + backend-server-pgsql: + required: false + default: true + type: boolean + forward-first-epoch: + required: false + default: false + type: boolean + skip-local-subgraph-update: + required: false + default: true + type: boolean + octant-env: + required: false + default: production + type: string + anvil-block-time: + required: false + default: 0 + type: number + decision-window: + required: false + default: 1209600 + type: number + epoch-duration: + required: false + default: 7776000 + type: number + web-client-replicas: + required: false + default: 1 + type: number + coin-prices-server-replicas: + required: false + default: 2 + type: number + backend-server-replicas: + required: false + default: 3 + type: number + +env: + ENV_TYPE: ${{ inputs.env-type }} + IMAGE_TAG: "${{ inputs.image-tag }}" + CI_MERGE_REQUEST_IID: "${{ inputs.pull-request-id }}" + CI_PIPELINE_ID: "${{ inputs.workflow-id }}" + # ---------------------------------------------------------------------------- + # BACKEND + CHAIN_ID: ${{ inputs.chain-id }} + CHAIN_NAME: ${{ inputs.chain-name }} + OCTANT_BACKEND_SECRET_KEY: some-random-key + SNAPSHOTTER_ENABLED: ${{ inputs.snapshotter-enabled }} + SCHEDULER_ENABLED: ${{ inputs.scheduler-enabled }} + GLM_CLAIM_ENABLED: ${{ inputs.glm-claim-enabled }} + VAULT_CONFIRM_WITHDRAWALS_ENABLED: ${{ inputs.vault-confirm-withdrawals-enabled }} + BACKEND_SERVER_PGSQL: ${{ inputs.backend-server-pgsql }} + WEB_CLIENT_REPLICAS: ${{ inputs.web-client-replicas }} + COIN_PRICES_SERVER_REPLICAS: ${{ inputs.coin-prices-server-replicas }} + BACKEND_SERVER_REPLICAS: ${{ inputs.backend-server-replicas }} + OCTANT_ENV: ${{ inputs.octant-env }} + GLM_SENDER_NONCE: ${{ vars.GLM_SENDER_NONCE }} + # ---------------------------------------------------------------------------- + # CONTRACTS / ANVIL / SUBGRAPH / SYNPRESS + NETWORK: ${{ inputs.chain-name }} + NETWORK_NAME: ${{ inputs.network-name }} + NETWORK_ID: ${{ inputs.chain-id }} + FORWARD_FIRST_EPOCH: ${{ inputs.forward-first-epoch }} + DECISION_WINDOW: ${{ inputs.decision-window }} + EPOCH_DURATION: ${{ inputs.epoch-duration }} + SKIP_LOCAL_SUBGRAPH_UPDATE: ${{ inputs.skip-local-subgraph-update }} + ANVIL_BLOCK_TIME: ${{ inputs.anvil-block-time }} + SECRET_WORDS: test test test test test test test test test test test junk + PROPOSALS_ADDRESSES: 0x1c01595f9534E33d411035AE99a4317faeC4f6Fe,0x02Cb3C150BEdca124d0aE8CcCb72fefbe705c953,0x6e8873085530406995170Da467010565968C7C62,0x7DAC9Fc15C1Db4379D75A6E3f330aE849dFfcE18,0xAb6D6a37c5110d1377832c451C33e4fA16A9BA05,0xcC7d34C76A9d08aa0109F7Bae35f29C1CE35355A,0xD165df4296C85e780509fa1eace0150d945d49Fd,0xde21F729137C5Af1b01d73aF1dC21eFfa2B8a0d6,0xF6CBDd6Ea6EC3C4359e33de0Ac823701Cc56C6c4,0x0B7246eF74Ca7b37Fdc3D15be4f0b49876622F95,0x2DCDF80f439843D7E0aD1fEF9E7a439B7917eAc9,0x4A9a27d614a74Ee5524909cA27bdBcBB7eD3b315,0x8c89a6bf53cCF63e7B4465Cc1b1330723B4BdcB7,0x78e084445C3F1006617e1f36794dd2261ecE4AE3,0x15c941a44a343B8c46a28F2BB9aFc7a54E255A4f,0x3455FbB4D34C6b47999B66c83aA7BD8FDDade638,0x9531C059098e3d194fF87FebB587aB07B30B1306,0xd1B8dB70Ded72dB850713b2ce7e1A4FfAfAD95d1,0x0cbF31Ef6545EE30f47651D1A991Bf0aeB03DF29,0x87fEEd6162CB7dFe6B62F64366742349bF4D1B05,0x576edCed7475D8F64a5e2D5227c93Ca57d7f5d20,0xB476Ee7D610DAe7B23B671EBC7Bd6112E9772969,0xE2f413190Bb5D6AAcB4A056F1B5E1fD5B8141045,0xe126b3E5d052f1F575828f61fEBA4f4f2603652a + PROPOSALS_CID: Qmds9N5y2vkMuPTD6M4EBxNXnf3bjTDmzWBGnCkQGsMMGe + TESTNET_DEPLOYER_PRIVATE_KEY: "${{ secrets.TESTNET_DEPLOYER_PRIVATE_KEY }}" + TESTNET_MULTISIG_PRIVATE_KEY: "${{ secrets.TESTNET_MULTISIG_PRIVATE_KEY }}" + TESTNET_RPC_URL: "${{ secrets.TESTNET_RPC_URL }}" + ETHERSCAN_API_KEY: "${{ secrets.ETHERSCAN_API_KEY }}" + VITE_ALCHEMY_ID: "${{ secrets.VITE_ALCHEMY_ID }}" + # ---------------------------------------------------------------------------- + # CI/CD + GCP_DOCKER_IMAGES_REGISTRY_SERVICE_ACCOUNT: "${{ secrets.GCP_DOCKER_IMAGES_REGISTRY_SERVICE_ACCOUNT }}" + KANIKO_CACHE_CONFIG: "${{ secrets.KANIKO_CACHE_CONFIG }}" + KANIKO_CACHE_REPO: "${{ secrets.KANIKO_CACHE_REPO }}" + HOUSEKEEPER_NAME: "${{ vars.HOUSEKEEPER_NAME }}" + HOUSEKEEPER_EMAIL: "${{ secrets.HOUSEKEEPER_EMAIL }}" + HOUSEKEEPER_CI_TOKEN: "${{ secrets.HOUSEKEEPER_CI_TOKEN }}" + HOUSEKEEPER_GPG_KEY: "${{ secrets.HOUSEKEEPER_GPG_KEY }}" + HOUSEKEEPER_GPG_KEY_ID: "${{ secrets.HOUSEKEEPER_GPG_KEY_ID }}" + ARGOCD_URL: "${{ secrets.ARGOCD_URL }}" + ARGOCD_ACCESS_TOKEN: "${{ secrets.ARGOCD_ACCESS_TOKEN }}" + +jobs: + start-anvil: + name: Start Anvil + if: ${{ inputs.deploy-contracts }} + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/gitops-builder:2ea6d57c + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + steps: + - uses: actions/checkout@v4.1.0 + + - name: (debug) + run: | + set -ex + + env + + echo ${{ inputs.env-type }} + echo ${{ inputs.image-tag }} + echo ${{ inputs.pull-request-id }} + echo ${{ inputs.workflow-id }} + shell: bash + + - name: Set up Gitops mutex + uses: ben-z/gh-action-mutex@v1.0-alpha-8 + with: + branch: gitops-mutex + + - name: Deploy Anvil Argo application + run: | + set -ex + + export CI_PROJECT_DIR="${GITHUB_WORKSPACE}" + + source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE + bash ${CI_PROJECT_DIR}/ci/argocd/application.sh create + shell: bash + + deploy-contracts: + name: Deploy Contracts + needs: + - start-anvil + if: ${{ inputs.deploy-contracts }} + runs-on: + - metal + container: + image: ${{ vars.GCP_DOCKER_IMAGE_REGISTRY }}/contracts-v1:${{ inputs.image-tag }} + credentials: + username: "_json_key_base64" + password: "${{ secrets.GCP_DOCKER_IMAGES_REGISTRY_SERVICE_ACCOUNT }}" + steps: + - uses: actions/checkout@v4.1.0 + - name: Deploy contracts + run: | + set -ex + + export CI_PROJECT_DIR="${GITHUB_WORKSPACE}" + export EPOCHS_START=$(date +%s) + + source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE + bash ${CI_PROJECT_DIR}/ci/argocd/wait_for_app.sh + + export LOCAL_RPC_URL; LOCAL_RPC_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_rpc_url.sh) + + /app/entrypoint.sh $NETWORK ${CI_PROJECT_DIR}/contracts.env + shell: bash + - uses: actions/upload-artifact@v4 + if: success() + with: + name: ${{ env.ENV_TYPE }}-contracts-env + retention-days: 1 + if-no-files-found: error + compression-level: 0 + overwrite: true + path: |- + contracts.env + + start-application-stack: + name: Start Application Stack + needs: + - deploy-contracts + runs-on: + - metal + if: always() + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/gitops-builder:2ea6d57c + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + steps: + - uses: actions/checkout@v4.1.0 + - uses: actions/download-artifact@v4 + if: ${{ inputs.deploy-contracts }} + with: + name: ${{ env.ENV_TYPE }}-contracts-env + - name: Set up Gitops mutex + uses: ben-z/gh-action-mutex@v1.0-alpha-8 + with: + branch: gitops-mutex + - name: Deploy Complete Argo application + run: | + set -ex + + export CI_PROJECT_DIR="${GITHUB_WORKSPACE}" + + if [[ "${{ inputs.deploy-contracts }}" == "true" ]]; then + export $(grep -v '^#' ${CI_PROJECT_DIR}/contracts.env | xargs) + fi + + source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE + bash ${CI_PROJECT_DIR}/ci/argocd/application.sh update + shell: bash + + wait-for-app: + name: Wait for Application Readiness + needs: + - start-application-stack + runs-on: + - metal + if: always() && (needs.start-application-stack.result == 'success') + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/gitops-builder:2ea6d57c + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + steps: + - name: Wait for application ready + id: app + run: | + set -ex + + export CI_PROJECT_DIR="${GITHUB_WORKSPACE}" + + source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE + bash ${CI_PROJECT_DIR}/ci/argocd/wait_for_app.sh + + export OCTANT_WEB_URL; OCTANT_WEB_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_web_client_url.sh) + + echo "OCTANT_WEB_URL=$OCTANT_WEB_URL" >> $GITHUB_OUTPUT + shell: bash + + update-deployment: + name: Set deployment status + needs: + # We need to explicitly set all jobs for `needs.*` array to have all workflow jobs + - start-anvil + - deploy-contracts + - start-application-stack + - wait-for-app + runs-on: + - metal + if: always() + steps: + - name: Compute workflow status + id: workflow-status + run: | + if [[ "${{ contains(join(needs.*.result, ' '), 'failure') }}" == "true" ]]; then + STATUS='failure' + else + STATUS='success' + fi + + echo "STATUS=$STATUS" >> $GITHUB_OUTPUT + + - name: Update deployment status + uses: bobheadxi/deployments@v1 + with: + step: finish + auto_inactive: true + status: ${{ steps.workflow-status.outputs.STATUS }} + token: ${{ secrets.GH_BOT_TOKEN }} + env: ${{ inputs.env-id }} + deployment_id: ${{ inputs.deployment-id }} diff --git a/.github/workflows/tpl-destroy-env.yml b/.github/workflows/tpl-destroy-env.yml new file mode 100644 index 0000000000..469ce12a8a --- /dev/null +++ b/.github/workflows/tpl-destroy-env.yml @@ -0,0 +1,85 @@ +--- +name: 🔒 Destroy Environment +on: + workflow_call: + inputs: + env-type: + required: true + type: string + pull-request-id: + required: false + type: string + workflow-id: + required: false + type: string + delete-env: + required: false + type: boolean + pull_request: + types: [ closed ] +env: + # ---------------------------------------------------------------------------- + # CI/CD + HOUSEKEEPER_NAME: "${{ vars.HOUSEKEEPER_NAME }}" + HOUSEKEEPER_EMAIL: "${{ secrets.HOUSEKEEPER_EMAIL }}" + HOUSEKEEPER_CI_TOKEN: "${{ secrets.HOUSEKEEPER_CI_TOKEN }}" + HOUSEKEEPER_GPG_KEY: "${{ secrets.HOUSEKEEPER_GPG_KEY }}" + HOUSEKEEPER_GPG_KEY_ID: "${{ secrets.HOUSEKEEPER_GPG_KEY_ID }}" + ARGOCD_URL: "${{ secrets.ARGOCD_URL }}" + ARGOCD_ACCESS_TOKEN: "${{ secrets.ARGOCD_ACCESS_TOKEN }}" + +jobs: + destroy: + name: Destroy Environment + runs-on: + - metal + container: + image: registry.gitlab.com/golemfoundation/devops/container-builder/gitops-builder:2ea6d57c + credentials: + username: "doesnt-matter" + password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" + steps: + - uses: actions/checkout@v4.1.0 + + - name: Set up Gitops mutex + uses: ben-z/gh-action-mutex@v1.0-alpha-8 + with: + branch: gitops-mutex + + - name: Destroy application + id: destroy-env + run: | + set -ex + + export CI_PROJECT_DIR="${GITHUB_WORKSPACE}" + export ENV_TYPE=${{ inputs.env-type }} + + if [[ "${{ github.event_name }}" == "pull_request" ]]; then + export CI_MERGE_REQUEST_IID=${{ github.event.number }} + export CI_PIPELINE_ID=${{ github.run_id }} + else + export CI_MERGE_REQUEST_IID=${{ inputs.pull-request-id }} + export CI_PIPELINE_ID=${{ inputs.workflow-id }} + fi + + source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE + bash ${CI_PROJECT_DIR}/ci/argocd/application.sh destroy + + echo "DEPLOYMENT_ID=$DEPLOYMENT_ID" >> $GITHUB_OUTPUT + shell: bash + + - name: Delete Environment + uses: bobheadxi/deployments@v1 + if: always() && ${{ inputs.delete-env }} + with: + step: delete-env + token: ${{ secrets.GH_BOT_TOKEN }} + env: ${{ steps.destroy-env.outputs.DEPLOYMENT_ID }} + + - name: Deactivate Environment + uses: bobheadxi/deployments@v1 + if: always() && ${{ !inputs.delete-env }} + with: + step: deactivate-env + token: ${{ secrets.GH_BOT_TOKEN }} + env: ${{ steps.destroy-env.outputs.DEPLOYMENT_ID }} diff --git a/.github/workflows/tpl-images.yml b/.github/workflows/tpl-images.yml new file mode 100644 index 0000000000..51195474e7 --- /dev/null +++ b/.github/workflows/tpl-images.yml @@ -0,0 +1,50 @@ +--- +name: 🔒 Docker Images +on: + workflow_call: + inputs: + image-tag: + required: true + type: string +concurrency: + group: "${{ github.ref }}-images" + cancel-in-progress: true + +jobs: + build-images: + name: Build Docker Image + runs-on: + - metal + strategy: + matrix: + SERVICE: + - contracts-v1 + - coin-prices-server + - client + - subgraph + - backend + steps: + - uses: actions/checkout@v4 + with: + # use some obscure path to checkout the code with service account perms + # this is possible as $GITHUB_WORKSPACE is owned by the same service + # account + # see: https://github.com/actions/checkout/issues/211 + path: __local + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker registry + uses: docker/login-action@v3 + with: + registry: europe-docker.pkg.dev + username: _json_key_base64 + password: ${{ secrets.GCP_DOCKER_IMAGES_REGISTRY_SERVICE_ACCOUNT }} + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: __local/${{ matrix.SERVICE }} + file: __local/ci/Dockerfile.${{ matrix.SERVICE }} + push: true + tags: ${{ vars.GCP_DOCKER_IMAGE_REGISTRY }}/${{ matrix.SERVICE }}:${{ inputs.image-tag }} + # cache-from: type=local,src=/mnt/storage/kaniko-cache + # cache-to: type=local,dest=/mnt/storage/kaniko-cache diff --git a/.github/workflows/tpl-start-env.yml b/.github/workflows/tpl-start-env.yml new file mode 100644 index 0000000000..7d5cd4cfbf --- /dev/null +++ b/.github/workflows/tpl-start-env.yml @@ -0,0 +1,74 @@ +--- +name: 🔒 Start Environment +on: + workflow_call: + inputs: + git-ref: + required: true + type: string + env-type: + required: true + type: string + pull-request-id: + required: false + type: string + workflow-id: + required: true + type: string + outputs: + env-id: + value: ${{ jobs.start.outputs.env }} + deployment-id: + value: ${{ jobs.start.outputs.deployment }} +env: + ENV_TYPE: ${{ inputs.env-type }} + CI_MERGE_REQUEST_IID: "${{ inputs.pull-request-id }}" + CI_PIPELINE_ID: "${{ inputs.workflow-id }}" + # ---------------------------------------------------------------------------- + # CI/CD + HOUSEKEEPER_NAME: "${{ vars.HOUSEKEEPER_NAME }}" + HOUSEKEEPER_EMAIL: "${{ secrets.HOUSEKEEPER_EMAIL }}" + HOUSEKEEPER_CI_TOKEN: "${{ secrets.HOUSEKEEPER_CI_TOKEN }}" + HOUSEKEEPER_GPG_KEY: "${{ secrets.HOUSEKEEPER_GPG_KEY }}" + HOUSEKEEPER_GPG_KEY_ID: "${{ secrets.HOUSEKEEPER_GPG_KEY_ID }}" + ARGOCD_URL: "${{ secrets.ARGOCD_URL }}" + ARGOCD_ACCESS_TOKEN: "${{ secrets.ARGOCD_ACCESS_TOKEN }}" + +jobs: + start: + name: Start GitHub Environment + runs-on: + - metal + outputs: + env: ${{ steps.start-deployment.outputs.env }} + deployment: ${{ steps.start-deployment.outputs.deployment_id }} + steps: + - uses: actions/checkout@v4.1.0 + with: + path: __local + ref: ${{ inputs.git-ref }} + + - name: Get environment name + id: env-name + run: | + set -ex + + export CI_PROJECT_DIR="${GITHUB_WORKSPACE}/__local" + + source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE + echo "DEPLOYMENT_ID=$DEPLOYMENT_ID" >> $GITHUB_OUTPUT + shell: bash + + - name: (debug) + run: | + echo ${{ steps.env-name.outputs.DEPLOYMENT_ID }} + + - name: start deployment + uses: bobheadxi/deployments@v1 + id: start-deployment + with: + step: start + token: ${{ secrets.GH_BOT_TOKEN }} + env: ${{ steps.env-name.outputs.DEPLOYMENT_ID }} + ref: ${{ inputs.git-ref }} + override: true diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7cbbd84ba4..582bb9fece 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -303,7 +303,7 @@ Build images: GOOGLE_APPLICATION_CREDENTIALS: /kaniko/config.json script: - echo $KANIKO_CACHE_CONFIG > /kaniko/.docker/config.json - - echo "$GCP_REGISTRY_PUSHER_SERVICE_ACCOUNT" | base64 -d > /kaniko/config.json + - echo "$GCP_DOCKER_IMAGES_REGISTRY_SERVICE_ACCOUNT" | base64 -d > /kaniko/config.json - chmod 400 /kaniko/config.json - /kaniko/executor --context "$CI_PROJECT_DIR/$SERVICE" diff --git a/ci/Dockerfile.backend b/ci/Dockerfile.backend index cc1916ad88..9951b2cdd3 100644 --- a/ci/Dockerfile.backend +++ b/ci/Dockerfile.backend @@ -1,4 +1,4 @@ -FROM local-docker-registry.wildland.dev/acidrain/python-poetry:3.11-slim-1.5.1 +FROM acidrain/python-poetry:3.11-slim-1.5.1 WORKDIR /app diff --git a/ci/Dockerfile.client b/ci/Dockerfile.client index 6e9129cb26..484b2a954d 100644 --- a/ci/Dockerfile.client +++ b/ci/Dockerfile.client @@ -1,4 +1,4 @@ -FROM local-docker-registry.wildland.dev/library/node:16-alpine +FROM node:16-alpine WORKDIR /app COPY package.json yarn.lock ./ RUN yarn install --ignore-scripts --frozen-lockfile && yarn cache clean diff --git a/ci/Dockerfile.coin-prices-server b/ci/Dockerfile.coin-prices-server index 782ac58a1d..46da6a2a86 100644 --- a/ci/Dockerfile.coin-prices-server +++ b/ci/Dockerfile.coin-prices-server @@ -1,4 +1,4 @@ -FROM local-docker-registry.wildland.dev/library/node:16-alpine AS root +FROM node:16-alpine AS root WORKDIR /app COPY package.json yarn.lock ./ diff --git a/ci/Dockerfile.contracts-v1 b/ci/Dockerfile.contracts-v1 index 73c9a0f753..74539d8ae2 100644 --- a/ci/Dockerfile.contracts-v1 +++ b/ci/Dockerfile.contracts-v1 @@ -1,4 +1,4 @@ -FROM local-docker-registry.wildland.dev/library/node:16-alpine AS root +FROM node:16-alpine AS root WORKDIR /app FROM root AS build diff --git a/ci/Dockerfile.subgraph b/ci/Dockerfile.subgraph index 032b1b0354..064fe454cc 100644 --- a/ci/Dockerfile.subgraph +++ b/ci/Dockerfile.subgraph @@ -1,4 +1,4 @@ -FROM local-docker-registry.wildland.dev/library/node:16-alpine AS root +FROM node:16-alpine AS root WORKDIR /app FROM root AS build diff --git a/ci/argocd/application.sh b/ci/argocd/application.sh index 34d8a842df..7faf849c9d 100644 --- a/ci/argocd/application.sh +++ b/ci/argocd/application.sh @@ -64,7 +64,7 @@ if [[ "$ACTION" == "create" ]]; then elif [[ "$ACTION" == "update" ]]; then if [[ "$NETWORK_NAME" == "local" || "$NETWORK_NAME" == "localhost" ]]; then - export FRONTEND_RPC_URL=https://$(bash $CI_PROJECT_DIR/ci/argocd/get_rpc_url.sh) + export FRONTEND_RPC_URL; FRONTEND_RPC_URL=https://$(bash $CI_PROJECT_DIR/ci/argocd/get_rpc_url.sh) export BACKEND_RPC_URL=http://anvil:8545 else # This will make webclient use default (wagmi) endpoint diff --git a/ci/argocd/get_graph_url.sh b/ci/argocd/get_graph_url.sh index 0d978d2c09..c50eaa0390 100644 --- a/ci/argocd/get_graph_url.sh +++ b/ci/argocd/get_graph_url.sh @@ -8,7 +8,7 @@ URL=$(curl -s -H "Authorization: Bearer ${ARGOCD_ACCESS_TOKEN}" \ "${ARGOCD_URL}/api/v1/applications/${DEPLOYMENT_ID}/resource?namespace=${DEPLOYMENT_ID}&resourceName=graph-node-fake&version=v1&kind=Ingress&group=networking.k8s.io" \ | jq -r .manifest | jq -r '.spec.rules[0].host') -timeout --foreground -s TERM 180 bash -c \ +timeout --foreground -s TERM 300 bash -c \ 'until [[ "$(dig +short -t A ${0}.)" != "" ]]; do\ >&2 echo "[-] Waiting for ${0} nslookup" && sleep 10;\ done' $URL diff --git a/ci/argocd/get_rpc_url.sh b/ci/argocd/get_rpc_url.sh index 262659d756..27c87fcc0f 100644 --- a/ci/argocd/get_rpc_url.sh +++ b/ci/argocd/get_rpc_url.sh @@ -8,7 +8,7 @@ URL=$(curl -s -H "Authorization: Bearer ${ARGOCD_ACCESS_TOKEN}" \ "${ARGOCD_URL}/api/v1/applications/${DEPLOYMENT_ID}/resource?namespace=${DEPLOYMENT_ID}&resourceName=anvil-fake&version=v1&kind=Ingress&group=networking.k8s.io" \ | jq -r .manifest | jq -r '.spec.rules[0].host') -timeout --foreground -s TERM 180 bash -c \ +timeout --foreground -s TERM 300 bash -c \ 'until [[ "$(dig +short -t A ${0}.)" != "" ]]; do\ >&2 echo "[-] Waiting for ${0} nslookup" && sleep 10;\ done' $URL diff --git a/ci/argocd/get_web_client_url.sh b/ci/argocd/get_web_client_url.sh index 6a15fc8514..10ee1b9ae3 100644 --- a/ci/argocd/get_web_client_url.sh +++ b/ci/argocd/get_web_client_url.sh @@ -8,7 +8,7 @@ URL=$(curl -s -H "Authorization: Bearer ${ARGOCD_ACCESS_TOKEN}" \ "${ARGOCD_URL}/api/v1/applications/${DEPLOYMENT_ID}/resource?namespace=${DEPLOYMENT_ID}&resourceName=web-client-fake&version=v1&kind=Ingress&group=networking.k8s.io" \ | jq -r .manifest | jq -r '.spec.rules[0].host') -timeout --foreground -s TERM 180 bash -c \ +timeout --foreground -s TERM 300 bash -c \ 'until [[ "$(dig +short -t A ${0}.)" != "" ]]; do\ >&2 echo "[-] Waiting for ${0} nslookup" && sleep 10;\ done' $URL diff --git a/ci/argocd/resolve_env.sh b/ci/argocd/resolve_env.sh index c9754867b0..df33ec6b63 100644 --- a/ci/argocd/resolve_env.sh +++ b/ci/argocd/resolve_env.sh @@ -5,9 +5,9 @@ set -ex TYPE=$1 if [[ $CI_MERGE_REQUEST_IID ]]; then - CI_PREFIX="mr-${CI_MERGE_REQUEST_IID}" + APP_PREFIX="pr-${CI_MERGE_REQUEST_IID}" else - CI_PREFIX="app-${CI_PIPELINE_ID}" + APP_PREFIX="app-${CI_PIPELINE_ID}" fi export DEPLOYMENT_TYPE=$TYPE @@ -15,15 +15,15 @@ export DEPLOYMENT_TYPE=$TYPE if [[ "$TYPE" =~ ^(e2e|apitest)$ ]]; then ## E2E tests deployment ## the environment will be removed when after E2E tests are finished - export DEPLOYMENT_ID="${CI_PREFIX}-${TYPE}-${CI_PIPELINE_ID}" + export DEPLOYMENT_ID="${APP_PREFIX}-${TYPE}-${CI_PIPELINE_ID}" elif [[ "$TYPE" =~ ^(uat|master)$ ]]; then ## MASTER/UAT/other-persistent-envs ## contracts are never taken from a pre-defined, manually deployed set export DEPLOYMENT_ID="${TYPE}" export ENV_FILE="${TYPE}.env" -else # (assume mr/app) +else # (assume pr/app) ## Regular app deployment - ## the environment will be removed when MR is closed - ## the app- (non-mr) deployment may linger around if job fails to complete. - export DEPLOYMENT_ID="${CI_PREFIX}" + ## the environment will be removed when PR is closed + ## the app- (non-pr) deployment may linger around if job fails to complete. + export DEPLOYMENT_ID="${APP_PREFIX}" fi diff --git a/yarn.lock b/yarn.lock index 2b546a1595..ac93bf6c4f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2143,9 +2143,9 @@ yallist@^4.0.0: integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A== yaml@^2.2.1: - version "2.2.1" - resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.2.1.tgz#3014bf0482dcd15147aa8e56109ce8632cd60ce4" - integrity sha512-e0WHiYql7+9wr4cWMx3TVQrNwejKaEe7/rHNmQmqRjazfOP5W8PB6Jpebb5o6fIapbz9o9+2ipcaTM2ZwDI6lw== + version "2.3.4" + resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.3.4.tgz#53fc1d514be80aabf386dc6001eb29bf3b7523b2" + integrity sha512-8aAvwVUSHpfEqTQ4w/KMlf3HcRdt50E5ODIQJBw1fQ5RL34xabzxtUlzTXVqc4rkZsPbvrXKWnABCD7kWSmocA== yocto-queue@^0.1.0: version "0.1.0"