From 05445f703c0610e5d18cb12b83f8208201d27cf7 Mon Sep 17 00:00:00 2001
From: Oak <5263301+d-roak@users.noreply.github.com>
Date: Fri, 2 Feb 2024 16:53:24 +0000
Subject: [PATCH] ci: added release workflow (#933)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This change is [
](https://reviewable.io/reviews/kkrt-labs/kakarot/933)
---------
Co-authored-by: Elias Tazartes
---
.github/workflows/deployments.yml | 24 +--------------------
.github/workflows/release.yml | 36 +++++++++++++++++++++++++++++++
docker/deployer/Dockerfile | 18 ++++++++++++++--
3 files changed, 53 insertions(+), 25 deletions(-)
create mode 100644 .github/workflows/release.yml
diff --git a/.github/workflows/deployments.yml b/.github/workflows/deployments.yml
index d21283065..7c4250d2c 100644
--- a/.github/workflows/deployments.yml
+++ b/.github/workflows/deployments.yml
@@ -16,6 +16,7 @@ jobs:
matrix:
network: [testnet]
env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ACCOUNT_ADDRESS: ${{ secrets.ACCOUNT_ADDRESS }}
PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
INFURA_KEY: ${{ secrets.INFURA_KEY }}
@@ -55,26 +56,3 @@ jobs:
with:
path: ./deployments/
name: deployments
-
- build_and_push_deployer:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v3
- - name: Set up QEMU
- uses: docker/setup-qemu-action@v2
- - name: Set up Docker Buildx
- uses: docker/setup-buildx-action@v2
- - name: Login to GitHub Container Registry
- uses: docker/login-action@v2
- with:
- registry: ghcr.io
- username: ${{ github.actor }}
- password: ${{ secrets.GITHUB_TOKEN }}
- - name: Build and push
- uses: docker/build-push-action@v4
- with:
- push: true
- tags: ghcr.io/kkrt-labs/kakarot/deployer:latest
- context: .
- file: ./docker/deployer/Dockerfile
- platforms: linux/amd64,linux/arm64
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 000000000..0dac3e3e8
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,36 @@
+# trunk-ignore-all(checkov/CKV2_GHA_1)
+name: Release
+
+on:
+ release:
+ types: [published]
+
+env:
+ REGISTRY_IMAGE: ghcr.io/${{ github.repository }}/deployer
+
+jobs:
+ build_and_push_deployer:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v3
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v2
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v2
+ - name: Login to GitHub Container Registry
+ uses: docker/login-action@v2
+ with:
+ registry: ghcr.io
+ username: ${{ github.actor }}
+ password: ${{ secrets.GITHUB_TOKEN }}
+ - name: Build and push
+ uses: docker/build-push-action@v4
+ with:
+ push: true
+ tags:
+ ${{ env.REGISTRY_IMAGE }}:${{ github.ref_name }}, ${{
+ env.REGISTRY_IMAGE }}:latest
+ context: .
+ file: ./docker/deployer/Dockerfile
+ platforms: linux/amd64,linux/arm64
+ build-args: GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
diff --git a/docker/deployer/Dockerfile b/docker/deployer/Dockerfile
index dcef1ee5c..2fa682737 100644
--- a/docker/deployer/Dockerfile
+++ b/docker/deployer/Dockerfile
@@ -5,6 +5,21 @@ FROM python:3.9.13
HEALTHCHECK NONE
+# trunk-ignore(terrascan/AC_DOCKER_0002)
+# trunk-ignore(hadolint/DL3008)
+RUN apt-get update && apt-get install -y --no-install-recommends \
+ curl \
+ apt-transport-https \
+ ca-certificates \
+ wget \
+ tar \
+ unzip \
+ jq \
+ && rm -rf /var/lib/apt/lists/*
+
+ARG GITHUB_TOKEN
+ENV GITHUB_TOKEN=${GITHUB_TOKEN}
+
# install poetry
RUN curl -sSL https://install.python-poetry.org | python3 -
ENV PATH="$PATH:/root/.local/bin"
@@ -20,8 +35,7 @@ COPY tests ./tests
RUN poetry install
# split install in two steps to leverage docker cache
COPY . .
-RUN poetry install \
- && python scripts/compile_kakarot.py
+RUN make setup && make build
# Deploy kakarot
CMD ["python", "scripts/deploy_kakarot.py"]