Skip to content

feat(authority-claimer): implement AWS KMS sign #2183

feat(authority-claimer): implement AWS KMS sign

feat(authority-claimer): implement AWS KMS sign #2183

Workflow file for this run

# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Build and test
on:
pull_request:
push:
tags:
- v*
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
packages: write
id-token: write
contents: write
jobs:
build-ci-base:
runs-on: ubuntu-22.04
outputs:
output: ${{ steps.export_tag.outputs.image_tag }}
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v5
with:
images: |
name=ghcr.io/cartesi/rollups-node-ci
tags: |
type=semver,pattern={{version}}
type=ref,event=branch
type=ref,event=pr
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: depot/setup-action@v1
- name: Build and push docker image
id: docker_build
uses: depot/bake-action@v1
with:
files: |
./docker-bake.hcl
${{ steps.docker_meta.outputs.bake-file }}
./docker-bake.platforms.hcl
targets: rollups-node-ci
push: true
project: ${{ vars.DEPOT_PROJECT }}
workdir: build
- name: Export Image Tag
id : export_tag
run : echo "image_tag=${{steps.docker_meta.outputs.version}}" >> "$GITHUB_OUTPUT"
do-basic-checks:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Check conventional commit
uses: cocogitto/cocogitto-action@v3
id: conventional_commit_check
with:
check-latest-tag-only: true
- name: Check license header
uses: viperproject/check-license-header@v2
with:
path: ./
config: .github/license-check/config.json
- name: Lint Markdown docs
uses: DavidAnson/markdownlint-cli2-action@v16
with:
globs: |
*.md
docs/*.md
check-generated-files:
runs-on: ubuntu-22.04
container:
image: ghcr.io/cartesi/rollups-node-ci:${{needs.build-ci-base.outputs.output}}
needs:
- build-ci-base
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Fix VCS Issue
run : git config --global --add safe.directory /__w/rollups-node/rollups-node
- name: Install Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
- name: Check auto generated files
run: make check-generate
test-rust:
runs-on: ubuntu-22.04
env:
RUSTFLAGS: -D warnings -C debuginfo=0
defaults:
run:
working-directory: cmd/authority-claimer
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: depot/setup-action@v1
- name: Build dependency images
uses: depot/bake-action@v1
with:
files: |
./docker-bake.hcl
./docker-bake.override.hcl
./docker-bake.platforms.hcl
targets: |
rollups-node-snapshot
project: ${{ vars.DEPOT_PROJECT }}
workdir: build
load: true
- uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
./cmd/authority-claimer/target/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-cargo-
- name: Update Rust
run: rustup update
- name: Install cargo sweep
run: cargo install cargo-sweep
continue-on-error: true
- name: Install cargo cache
run: cargo install cargo-cache
continue-on-error: true
- name: Install cargo-machete
run: cargo install cargo-machete
continue-on-error: true
- name: Set sweep timestamp
run: cargo sweep -s
- name: Analyze dependencies
run: cargo machete .
- name: Check code format
run: cargo fmt --all -- --check
- name: Run linter
run: cargo clippy -- -A clippy::module_inception -A clippy::mixed_attributes_style
- name: Build binaries and tests
run: cargo build --all-targets
- name: Clean old build files
run: cargo sweep -f
- name: Clean dependencies source files
run: cargo cache --autoclean
- name: Run tests
run: cargo test
test-go:
runs-on: ubuntu-22.04
container:
image: ghcr.io/cartesi/rollups-node-ci:${{needs.build-ci-base.outputs.output}}
needs:
- build-ci-base
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: depot/setup-action@v1
- name: Build dependency images
uses: depot/bake-action@v1
with:
files: |
./docker-bake.hcl
./docker-bake.override.hcl
./docker-bake.platforms.hcl
targets: |
rollups-node-devnet
rollups-node-snapshot
project: ${{ vars.DEPOT_PROJECT }}
workdir: build
load: true
- name: Install Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
- name: Fix VCS Go Linter Issue
run : git config --global --add safe.directory /__w/rollups-node/rollups-node
- name: Run Go Linter
uses: golangci/golangci-lint-action@v6
with:
version: v1.58.2
- name: Run Go tests
env:
TESTCONTAINERS_RYUK_DISABLED: true
run: go test ./...
build-docker:
runs-on: ubuntu-22.04
needs:
- do-basic-checks
- test-rust
- test-go
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Docker meta
id: docker_meta
uses: docker/metadata-action@v5
with:
images: |
name=ghcr.io/cartesi/rollups-node
name=docker.io/cartesi/rollups-node,enable=${{ startsWith(github.ref, 'refs/tags/v') }}
tags: |
type=semver,pattern={{version}}
type=ref,event=branch
type=ref,event=pr
- name: Login to Docker Hub
uses: docker/login-action@v3
if: ${{ startsWith(github.ref, 'refs/tags/v') }}
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: depot/setup-action@v1
- name: Build and push docker image
id: docker_build
uses: depot/bake-action@v1
with:
files: |
./docker-bake.hcl
${{ steps.docker_meta.outputs.bake-file }}
./docker-bake.platforms.hcl
targets: rollups-node
set: rollups-node.args.ROLLUPS_NODE_VERSION=${{ steps.docker_meta.outputs.version }}
push: true
project: ${{ vars.DEPOT_PROJECT }}
workdir: build
release:
runs-on: ubuntu-22.04
needs:
- build-docker
if: startsWith(github.ref, 'refs/tags/v')
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Trim CHANGELOG.md
run: sed -e '0,/^##[^#]/d' -e '/^##[^#]/,$d' -i CHANGELOG.md
- name: Publish Github release
uses: softprops/action-gh-release@v2
with:
prerelease: true
body_path: CHANGELOG.md
files: api/graphql/reader.graphql