OCT-1825: Initial passthrough FastAPI server #2057
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: ♻ CI Run | |
| on: | |
| pull_request: | |
| env: | |
| # ---------------------------------------------------------------------------- | |
| # CI/CD | |
| ARGOCD_URL: "${{ secrets.ARGOCD_URL }}" | |
| ARGOCD_ACCESS_TOKEN: "${{ secrets.ARGOCD_ACCESS_TOKEN }}" | |
| GITLAB_PAT_OCTANT_K8S_DEVOPS_REPOSITORY_WRITE: "${{ secrets.GITLAB_PAT_OCTANT_K8S_DEVOPS_REPOSITORY_WRITE }}" | |
| jobs: | |
| stop-api-env: | |
| name: Stop APITest Env | |
| needs: | |
| - start-apitest-env | |
| - run-api-tests | |
| if: always() && (needs.start-apitest-env.result == 'success') | |
| uses: ./.github/workflows/tpl-destroy-env.yml | |
| secrets: inherit | |
| with: | |
| env-type: apitest | |
| pull-request-id: ${{ github.event.pull_request.number }} | |
| workflow-id: ${{ github.run_id }} | |
| run-api-tests: | |
| name: Run API Tests | |
| needs: | |
| - deploy-apitest-env | |
| runs-on: | |
| - general | |
| container: | |
| image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179 | |
| credentials: | |
| username: "doesnt-matter" | |
| password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" | |
| env: | |
| ENV_TYPE: apitest | |
| CI_MERGE_REQUEST_IID: ${{ github.event.pull_request.number }} | |
| CI_PIPELINE_ID: ${{ github.run_id }} | |
| OCTANT_ENV: dev | |
| CHAIN_ID: 1337 | |
| CHAIN_NAME: localhost | |
| GC_PASSPORT_SCORER_ID: "${{ secrets.GITCOIN_SCORER_ID }}" | |
| GC_PASSPORT_SCORER_API_KEY: "${{ secrets.GITCOIN_SCORER_API_KEY }}" | |
| DELEGATION_SALT: "${{ secrets.DELEGATION_SALT }}" | |
| DELEGATION_SALT_PRIMARY: "${{ secrets.DELEGATION_SALT_PRIMARY }}" | |
| steps: | |
| - uses: actions/checkout@v4.1.0 | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: backend/.venv | |
| key: "${{ github.sha }}-poetry-backend" | |
| - name: Run API tests | |
| run: | | |
| set -ex | |
| export CI_PROJECT_DIR="${GITHUB_WORKSPACE}" | |
| source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE | |
| pushd backend | |
| poetry config virtualenvs.in-project true | |
| poetry install --no-interaction --no-ansi -v --with prod --with dev | |
| bash ${CI_PROJECT_DIR}/ci/argocd/wait_for_app.sh | |
| export CONTRACTS_DEPLOYER_URL; CONTRACTS_DEPLOYER_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_multideployer_url.sh) | |
| export ETH_RPC_PROVIDER_URL; ETH_RPC_PROVIDER_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_rpc_url.sh) | |
| export SUBGRAPH_URL; SUBGRAPH_URL=https://$(bash ${CI_PROJECT_DIR}/ci/argocd/get_graph_url.sh) | |
| poetry run pytest -s --onlyapi | |
| shell: bash | |
| deploy-apitest-env: | |
| name: Deploy APITest Env | |
| needs: | |
| - docker | |
| - start-apitest-env | |
| uses: ./.github/workflows/tpl-deploy-app.yml | |
| with: | |
| # --- | |
| env-type: apitest | |
| branch-head-ref: ${{ github.ref }} | |
| image-tag: ${{ github.sha }} | |
| pull-request-id: ${{ github.event.pull_request.number }} | |
| workflow-id: ${{ github.run_id }} | |
| env-id: ${{ needs.start-apitest-env.outputs.env-id }} | |
| deployment-id: ${{ needs.start-apitest-env.outputs.deployment-id }} | |
| # --- | |
| deploy-contracts: false | |
| chain-id: 1337 | |
| network-name: localhost | |
| chain-name: localhost | |
| snapshotter-enabled: false | |
| multisigger-enabled: false | |
| web-client-replicas: 0 | |
| coin-prices-server-replicas: 0 | |
| backend-server-replicas: 0 | |
| multideployer-enabled: true | |
| subgraph-deploy: false | |
| graph-healtchecker-enabled: false | |
| secrets: inherit | |
| start-apitest-env: | |
| name: Start APITest Env | |
| needs: | |
| - permissions-check | |
| uses: ./.github/workflows/tpl-start-env.yml | |
| secrets: inherit | |
| with: | |
| env-type: apitest | |
| git-ref: ${{ github.ref }} | |
| pull-request-id: ${{ github.event.pull_request.number }} | |
| workflow-id: ${{ github.run_id }} | |
| docker: | |
| name: Docker | |
| needs: | |
| - permissions-check | |
| uses: ./.github/workflows/tpl-images.yml | |
| secrets: inherit | |
| with: | |
| image-tag: ${{ github.sha }} | |
| git-ref: ${{ github.ref }} | |
| # +------------------------- | |
| # | Tests: NodeJS | |
| # +------------------------- | |
| nodejs-tests: | |
| name: NodeJS Tests | |
| needs: | |
| - lint-and-typecheck-yarn | |
| runs-on: | |
| - general | |
| container: | |
| image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:aa8eeade | |
| credentials: | |
| username: "doesnt-matter" | |
| password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" | |
| strategy: | |
| matrix: | |
| SERVICE: | |
| - contracts-v1 | |
| - client | |
| - coin-prices-server | |
| - subgraph | |
| steps: | |
| - uses: actions/checkout@v4.1.0 | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: |- | |
| node_modules | |
| .yarn | |
| key: "${{ github.sha }}-yarn-root" | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: |- | |
| ${{ matrix.SERVICE }}/.yarn | |
| ${{ matrix.SERVICE }}/node-modules | |
| key: "${{ github.sha }}-yarn-${{ matrix.SERVICE }}" | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: |- | |
| contracts-v1/artifacts | |
| contracts-v1/typechain | |
| key: "${{ github.sha }}-yarn-contracts-v1-extras" | |
| - run: | | |
| cd ${{ matrix.SERVICE }} | |
| yarn install --cache-folder .yarn --non-interactive --frozen-lockfile | |
| yarn test | |
| shell: bash | |
| # +------------------------- | |
| # | Tests: Backend | |
| # +------------------------- | |
| backend-tests: | |
| name: Backend Tests | |
| needs: | |
| - lint-and-typecheck-poetry | |
| runs-on: | |
| - general | |
| container: | |
| image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179 | |
| credentials: | |
| username: "doesnt-matter" | |
| password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" | |
| steps: | |
| - uses: actions/checkout@v4.1.0 | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: backend/.venv | |
| key: "${{ github.sha }}-poetry-backend" | |
| - run: | | |
| pushd backend | |
| poetry config virtualenvs.in-project true | |
| poetry install | |
| poetry run pytest | |
| shell: bash | |
| # +------------------------- | |
| # | Lint: poetry | |
| # +------------------------- | |
| lint-and-typecheck-poetry: | |
| name: Lint and Typecheck Poetry | |
| needs: | |
| - build-backend | |
| runs-on: | |
| - general | |
| container: | |
| image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179 | |
| credentials: | |
| username: "doesnt-matter" | |
| password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" | |
| steps: | |
| - uses: actions/checkout@v4.1.0 | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: backend/.venv | |
| key: "${{ github.sha }}-poetry-backend" | |
| - run: | | |
| pushd backend | |
| poetry config virtualenvs.in-project true | |
| poetry install | |
| poetry run black --check --extend-exclude .venv . | |
| poetry run flake8 | |
| shell: bash | |
| # +------------------------- | |
| # | Lint: yarn | |
| # +------------------------- | |
| lint-and-typecheck-yarn: | |
| name: Lint and Typecheck Yarn | |
| needs: | |
| - build-contracts | |
| - build-services | |
| runs-on: | |
| - general | |
| container: | |
| image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:aa8eeade | |
| credentials: | |
| username: "doesnt-matter" | |
| password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" | |
| strategy: | |
| matrix: | |
| SERVICE: | |
| - contracts-v1 | |
| - client | |
| - coin-prices-server | |
| - subgraph | |
| steps: | |
| - uses: actions/checkout@v4.1.0 | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: |- | |
| node_modules | |
| .yarn | |
| key: "${{ github.sha }}-yarn-root" | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: |- | |
| ${{ matrix.SERVICE }}/.yarn | |
| ${{ matrix.SERVICE }}/node-modules | |
| key: "${{ github.sha }}-yarn-${{ matrix.SERVICE }}" | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: |- | |
| contracts-v1/artifacts | |
| contracts-v1/typechain | |
| key: "${{ github.sha }}-yarn-contracts-v1-extras" | |
| - run: | | |
| pushd ${{ matrix.SERVICE }} | |
| yarn install --cache-folder .yarn --non-interactive --frozen-lockfile | |
| yarn eslint | |
| yarn type-check | |
| shell: bash | |
| # +------------------------- | |
| # | Build | |
| # | client | |
| # | cps | |
| # | subgraph | |
| # +------------------------- | |
| build-services: | |
| name: Build Services | |
| needs: | |
| - build-contracts | |
| runs-on: | |
| - general | |
| container: | |
| image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:aa8eeade | |
| credentials: | |
| username: "doesnt-matter" | |
| password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" | |
| strategy: | |
| matrix: | |
| SERVICE: | |
| - client | |
| - coin-prices-server | |
| - subgraph | |
| steps: | |
| - uses: actions/checkout@v4.1.0 | |
| - uses: actions/cache/restore@v4 | |
| with: | |
| path: |- | |
| node_modules | |
| .yarn | |
| key: "${{ github.sha }}-yarn-root" | |
| - run: ci/build_${{ matrix.SERVICE }}.sh | |
| - uses: actions/cache/save@v4 | |
| with: | |
| path: |- | |
| ${{ matrix.SERVICE }}/.yarn | |
| ${{ matrix.SERVICE }}/node-modules | |
| key: "${{ github.sha }}-yarn-${{ matrix.SERVICE }}" | |
| # +------------------------- | |
| # | Build backend | |
| # +------------------------- | |
| build-backend: | |
| name: Build Services | |
| runs-on: | |
| - general | |
| needs: | |
| - permissions-check | |
| container: | |
| image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/python-poetry-ext:ad1d9179 | |
| credentials: | |
| username: "doesnt-matter" | |
| password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" | |
| steps: | |
| - uses: actions/checkout@v4.1.0 | |
| - run: ci/build_backend.sh | |
| - uses: actions/cache/save@v4 | |
| with: | |
| path: backend/.venv | |
| key: "${{ github.sha }}-poetry-backend" | |
| # +------------------------- | |
| # | Build contracts | |
| # +------------------------- | |
| build-contracts: | |
| name: Build Contracts | |
| runs-on: | |
| - general | |
| needs: | |
| - permissions-check | |
| container: | |
| image: registry.gitlab.com/golemfoundation/devops/container-builder/octant/node-extended:aa8eeade | |
| credentials: | |
| username: "doesnt-matter" | |
| password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}" | |
| steps: | |
| - uses: actions/checkout@v4.1.0 | |
| - run: ci/build_contracts_v1.sh | |
| - uses: actions/cache/save@v4 | |
| with: | |
| path: |- | |
| node_modules | |
| .yarn | |
| key: "${{ github.sha }}-yarn-root" | |
| - uses: actions/cache/save@v4 | |
| with: | |
| path: |- | |
| contracts-v1/.yarn | |
| contracts-v1/node_modules | |
| key: "${{ github.sha }}-yarn-contracts-v1" | |
| - uses: actions/cache/save@v4 | |
| with: | |
| path: |- | |
| contracts-v1/artifacts | |
| contracts-v1/typechain | |
| key: "${{ github.sha }}-yarn-contracts-v1-extras" | |
| permissions-check: | |
| name: Permissions check | |
| runs-on: | |
| - general | |
| steps: | |
| - name: Check if user is an org member | |
| uses: actions/github-script@v7 | |
| id: is-organization-member-pr | |
| with: | |
| result-encoding: string | |
| github-token: ${{ secrets.GH_BOT_TOKEN }} | |
| script: | | |
| return ( | |
| await github.rest.orgs.listMembers({ | |
| org: 'golemfoundation' | |
| }) | |
| ).data.map(({login}) => login).includes('${{ github.event.pull_request.user.login }}').toString() | |
| # - name: Check if user is an org member | |
| # uses: actions/github-script@v7 | |
| # id: is-organization-member-review | |
| # with: | |
| # result-encoding: string | |
| # script: | | |
| # return ( | |
| # await github.rest.orgs.listMembers({ | |
| # org: 'golemfoundation' | |
| # }) | |
| # ).data.map(({login}) => login).includes('${{ github.event.pull_request_review.sender.login }}').toString() | |
| - name: Validate CI run checks | |
| run: | | |
| if [[ "${{ github.event_name }}" == "pull_request" && "${{ steps.is-organization-member-pr.outputs.result }}" == "false" ]]; then | |
| echo 'Not an org member' | |
| exit 1 | |
| fi | |
| # if [[ "${{ github.event_name }}" == "pull_request_review" && "${{ steps.is-organization-member-review.outputs.result }}" == "false" && "${{ github.event.review.state }}" == "approved" ]]; then | |
| # echo 'Not an org member' | |
| # exit 2 | |
| # fi | |
| shell: bash |