Reusable CI actions #4
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: pull-request-master | |
| on: | |
| merge_group: | |
| pull_request: | |
| branches: | |
| - master | |
| # Only run 1 of this workflow at a time per PR | |
| concurrency: | |
| group: chainlink-feeds-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| PACKAGES: "median" | |
| jobs: | |
| init: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix_packages: ${{ steps.set-matrix-packages.outputs.matrix_packages }} | |
| lint_args_packages: ${{ steps.set-matrix-packages.outputs.lint_args_packages }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set matrix packages | |
| id: set-matrix-packages | |
| shell: bash | |
| env: | |
| PACKAGES: ${{ env.PACKAGES }} | |
| run: | | |
| matrix_packages=$(echo "${PACKAGES}" | jq -R 'split(",")' | tr -d "\n\t") | |
| echo "matrix_packages=${matrix_packages}" | tee -a "${GITHUB_OUTPUT}" | |
| - name: Set lint args packages | |
| id: set-lint-args-packages | |
| shell: bash | |
| env: | |
| PACKAGES: ${{ env.PACKAGES }} | |
| # Convert "producer,reports_consumer" to "./producer/... ./reports_consumer/..." | |
| run: echo "lint_args_packages=$(echo "./$(echo $PACKAGES | sed 's/,/\/... .\//g;s/$/\/.../')")" | tee -a "${GITHUB_OUTPUT}" | |
| ci-lint: | |
| runs-on: ubuntu-latest | |
| needs: [init] | |
| permissions: | |
| id-token: write | |
| contents: read | |
| actions: read | |
| steps: | |
| - name: ci-lint | |
| uses: smartcontractkit/.github/actions/ci-lint-go@main | |
| with: | |
| # grafana inputs | |
| metrics-job-name: ci-lint | |
| gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | |
| gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | |
| # aws inputs | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| # gati inputs | |
| use-gati: "true" | |
| aws-role-arn-gati: ${{ secrets.AWS_OIDC_IAM_ROLE_ARN_GATI }} | |
| aws-lambda-url-gati: ${{ secrets.AWS_LAMBDA_URL_GATI }} | |
| # env inputs | |
| use-env-files: "true" | |
| env-files: ./tools/env/ci.env | |
| # go inputs | |
| use-go-cache: true | |
| go-cache-dep-path: "**/go.sum" | |
| go-version-file: go.work | |
| golangci-lint-version: "v1.53.2" | |
| golangci-lint-args: --out-format checkstyle:golangci-lint-report.xml ${{ needs.init.outputs.lint_args_packages }} | |
| ci-lint-charts: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: ci-lint-charts | |
| uses: smartcontractkit/.github/actions/ci-lint-charts@main | |
| with: | |
| # chart testing inputs | |
| chart-testing-extra-args: "--lint-conf=lintconf.yaml" | |
| # grafana inputs | |
| metrics-job-name: ci-lint-charts | |
| gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | |
| gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | |
| ci-lint-misc: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: ci-lint-misc | |
| uses: smartcontractkit/.github/actions/ci-lint-misc@main | |
| with: | |
| # grafana inputs | |
| metrics-job-name: ci-lint-misc | |
| gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | |
| gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | |
| ci-test: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| actions: read | |
| steps: | |
| - name: ci-test | |
| uses: smartcontractkit/.github/actions/ci-test-go@main | |
| with: | |
| # grafana inputs | |
| metrics-job-name: ci-test | |
| gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | |
| gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | |
| # aws inputs | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| # gati inputs | |
| use-gati: "true" | |
| aws-role-arn-gati: ${{ secrets.AWS_OIDC_IAM_ROLE_ARN_GATI }} | |
| aws-lambda-url-gati: ${{ secrets.AWS_LAMBDA_URL_GATI }} | |
| # docker inputs | |
| use-docker-compose: "true" | |
| docker-compose-workdir: ./tools/docker/setup-postgres | |
| # env inputs | |
| use-env-files: "true" | |
| env-files: ./tools/env/ci.env | |
| # go inputs | |
| use-go-cache: "true" | |
| go-cache-dep-path: "**/go.sum" | |
| go-version-file: go.work | |
| go-test-cmd: make test-ci | |
| ci-build-artifacts-matrix: | |
| needs: [init] | |
| runs-on: ubuntu20.04-16cores-64GB | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| package: ${{ fromJson(needs.init.outputs.matrix_packages) }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| actions: read | |
| steps: | |
| - name: ci-build-artifacts-matrix (${{ matrix.package }}) | |
| uses: smartcontractkit/.github/actions/cicd-build-publish-artifacts-go@main | |
| with: | |
| # general inputs | |
| app-name: mercury-pipeline-${{ matrix.package }} | |
| publish: "true" | |
| # grafana inputs | |
| metrics-job-name: ci-build-artifacts-matrix (${{ matrix.package }}) | |
| gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | |
| gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | |
| # aws inputs | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| aws-role-arn: ${{ secrets.AWS_OIDC_IAM_ROLE_ARN }} | |
| aws-account-number: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} | |
| # gati inputs | |
| use-gati: "true" | |
| aws-role-arn-gati: ${{ secrets.AWS_OIDC_IAM_ROLE_ARN_GATI }} | |
| aws-lambda-url-gati: ${{ secrets.AWS_LAMBDA_URL_GATI }} | |
| # golang inputs | |
| go-version-file: go.work | |
| # goreleaser inputs | |
| goreleaser-args: "--nightly --config ./${{ matrix.package }}/.goreleaser.ci.yaml" | |
| goreleaser-dist: goreleaser-pro | |
| goreleaser-key: ${{ secrets.GORELEASER_KEY }} | |
| # zig inputs | |
| use-zig: "true" | |
| zig-version: "0.11.0" | |
| # docker inputs | |
| docker-registry: aws | |
| docker-image-tag: devel | |
| - name: Save GoReleaser artifacts/metadata | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: goreleaser_${{ matrix.package }} | |
| path: | | |
| dist/artifacts.json | |
| dist/metadata.json | |
| ci-build-artifacts: | |
| runs-on: ubuntu-latest | |
| needs: [ci-build-artifacts-matrix] | |
| if: always() | |
| steps: | |
| - name: Check results | |
| if: needs.ci-build-artifacts-matrix.result != 'success' | |
| run: exit 1 | |
| - name: Collect metrics | |
| if: always() | |
| id: collect-gha-metrics | |
| uses: smartcontractkit/push-gha-metrics-action@d1618b772a97fd87e6505de97b872ee0b1f1729a # v2.0.2 | |
| with: | |
| basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | |
| hostname: ${{ secrets.GRAFANA_CLOUD_HOST }} | |
| this-job-name: ci-build-artifacts | |
| continue-on-error: true | |
| ci-build-charts: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: ci-build-charts | |
| uses: smartcontractkit/.github/actions/cicd-build-publish-charts@main | |
| with: | |
| # general inputs | |
| charts-dir: helm | |
| # grafana inputs | |
| metrics-job-name: ci-build-charts | |
| gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | |
| gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | |
| ci-sonarqube: | |
| needs: [ci-lint, ci-test] | |
| if: ${{ always() }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: ci-sonarqube | |
| uses: smartcontractkit/.github/actions/ci-sonarqube@main | |
| with: | |
| # grafana inputs | |
| metrics-job-name: ci-sonarqube | |
| gc-basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }} | |
| gc-host: ${{ secrets.GRAFANA_CLOUD_HOST }} | |
| # sonarqube inputs | |
| sonar-token: ${{ secrets.SONAR_TOKEN }} | |
| sonar-host-url: ${{ secrets.SONAR_HOST_URL }} |