resolve conflicts

.github/actions/build-chainlink-image/action.yml

@@ -0,0 +1,48 @@
+name: Build Chainlink Image
+description: A composite action that allows building and publishing the Chainlink image for integration testing
+
+inputs:
+  tag_suffix:
+    description: The suffix to append to the image tag (usually blank or "-plugins")
+    default: ""
+  dockerfile:
+    description: The path to the Dockerfile to use (usually core/chainlink.Dockerfile or plugins/chainlink.Dockerfile)
+    default: core/chainlink.Dockerfile
+  git_commit_sha:
+    description: The git commit sha to use for the image tag
+    default: ${{ github.sha }}
+  GRAFANA_CLOUD_BASIC_AUTH:
+    description: "grafana cloud basic auth"
+  GRAFANA_CLOUD_HOST:
+    description: "grafana cloud hostname"
+  AWS_REGION:
+    description: "AWS region to use for ECR"
+  AWS_ROLE_TO_ASSUME:
+    description: "AWS role to assume for ECR"
+
+runs:
+  using: composite
+  steps:
+    - name: Check if image exists
+      id: check-image
+      uses: smartcontractkit/chainlink-github-actions/docker/image-exists@eccde1970eca69f079d3efb3409938a72ade8497 # v2.2.13
+      with:
+        repository: chainlink
+        tag: ${{ inputs.git_commit_sha }}${{ inputs.tag_suffix }}
+        AWS_REGION: ${{ inputs.AWS_REGION }}
+        AWS_ROLE_TO_ASSUME: ${{ inputs.AWS_ROLE_TO_ASSUME }}
+    - name: Build Image
+      if: steps.check-image.outputs.exists == 'false'
+      uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/build-image@eccde1970eca69f079d3efb3409938a72ade8497 # v2.2.13
+      with:
+        cl_repo: smartcontractkit/chainlink
+        cl_ref: ${{ inputs.git_commit_sha }}
+        cl_dockerfile: ${{ inputs.dockerfile }}
+        push_tag: ${{ env.CHAINLINK_IMAGE }}:${{ inputs.git_commit_sha }}${{ inputs.tag_suffix }}
+        QA_AWS_REGION: ${{ inputs.AWS_REGION }}
+        QA_AWS_ROLE_TO_ASSUME: ${{ inputs.AWS_ROLE_TO_ASSUME }}
+    - name: Print Chainlink Image Built
+      shell: sh
+      run: |
+        echo "### Chainlink node image tag used for this test run :link:" >>$GITHUB_STEP_SUMMARY
+        echo "\`${GITHUB_SHA}\`" >>$GITHUB_STEP_SUMMARY

.github/actions/build-sign-publish-chainlink/action.yml

@@ -13,6 +13,12 @@ inputs:
     description: Path to the Dockerfile (relative to the repo root)
     default: core/chainlink.Dockerfile
     required: false
+  dockerhub_username:
+    description: Username for Docker Hub to avoid rate limits when pulling public images
+    required: false
+  dockerhub_password:
+    description: Password for Docker Hub to avoid rate limits when pulling public images
+    required: false
   ecr-hostname:
     description: The ECR registry scope
     default: public.ecr.aws
@@ -126,6 +132,14 @@ runs:
           type=semver,pattern={{version}},suffix=${{ inputs.ecr-tag-suffix }}-root
           type=sha,format=short,suffix=${{ inputs.ecr-tag-suffix }}-root
 
+    # To avoid rate limiting from Docker Hub, we login with a paid user account.
+    - name: Login to Docker Hub
+      if: inputs.dockerhub_username && inputs.dockerhub_password
+      uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
+      with:
+        username: ${{ inputs.dockerhub_username }}
+        password: ${{ inputs.dockerhub_password }}
+
     - name: Build and push root docker image
       id: buildpush-root
       uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
@@ -159,6 +173,14 @@ runs:
         images: ${{ env.shared-images }}
         tags: ${{ env.shared-tag-list }}
 
+    # To avoid rate limiting from Docker Hub, we login with a paid user account.
+    - name: Login to Docker Hub
+      if: inputs.dockerhub_username && inputs.dockerhub_password
+      uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
+      with:
+        username: ${{ inputs.dockerhub_username }}
+        password: ${{ inputs.dockerhub_password }}
+
     - name: Build and push non-root docker image
       id: buildpush-nonroot
       uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
@@ -201,7 +223,7 @@ runs:
 
     - if: inputs.sign-images == 'true'
       name: Install cosign
-      uses: sigstore/cosign-installer@581838fbedd492d2350a9ecd427a95d6de1e5d01 # v2.1.0
+      uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19 # v3.1.2
       with:
         cosign-release: "v1.6.0"
 

.github/actions/build-test-image/action.yml

@@ -30,6 +30,13 @@ inputs:
 runs:
   using: composite
   steps:
+    - name: Get CTF Version
+      id: version
+      uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/mod-version@e865e376b8c2d594028c8d645dd6c47169b72974 # v2.2.16
+      with:
+        go-project-path: ./integration-tests
+        module-name: github.com/smartcontractkit/chainlink-testing-framework
+        enforce-semantic-tag: "true" # it has to be in the form of v1.2.3 or the image won't exist
     - name: Check if image exists
       id: check-image
       uses: smartcontractkit/chainlink-github-actions/docker/image-exists@00c6214deb10a3f374c6d3430c32c5202015d463 # v2.2.12
@@ -48,7 +55,7 @@ runs:
         file: ./integration-tests/test.Dockerfile
         build-args: |
           BASE_IMAGE=${{ inputs.QA_AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ inputs.QA_AWS_REGION }}.amazonaws.com/test-base-image
-          IMAGE_VERSION=v0.38.2
+          IMAGE_VERSION=${{ steps.version.outputs.version }}
           SUITES="${{ inputs.suites }}"
         AWS_REGION: ${{ inputs.QA_AWS_REGION }}
         AWS_ROLE_TO_ASSUME: ${{ inputs.QA_AWS_ROLE_TO_ASSUME }}

.github/actions/golangci-lint/action.yml

@@ -53,7 +53,7 @@ runs:
     - name: golangci-lint
       uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0
       with:
-        version: v1.55.0
+        version: v1.55.2
         # We already cache these directories in setup-go
         skip-pkg-cache: true
         skip-build-cache: true

.github/actions/goreleaser-build-sign-publish/action.yml

@@ -84,7 +84,7 @@ runs:
         version: ${{ inputs.zig-version }}
     - name: Setup cosign
       if: inputs.enable-cosign == 'true'
-      uses: sigstore/cosign-installer@581838fbedd492d2350a9ecd427a95d6de1e5d01 # v2.1.0
+      uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19 # v3.1.2
       with:
         cosign-release: ${{ inputs.cosign-version }}
     - name: Login to docker registry

.github/workflows/automation-benchmark-tests.yml

@@ -24,6 +24,8 @@ on:
           - OPTIMISM_GOERLI
           - MUMBAI
           - SEPOLIA
+          - BASE_GOERLI
+          - ARBITRUM_SEPOLIA
       TestInputs:
         description: TestInputs
         required: false
@@ -55,7 +57,7 @@ jobs:
       id-token: write
       contents: read
     name: ${{ inputs.network }} Automation Benchmark Test
-    runs-on: ubuntu-latest
+    runs-on: ubuntu20.04-16cores-64GB
     env:
       SELECTED_NETWORKS: ${{ inputs.network }}
       SLACK_API_KEY: ${{ secrets.QA_SLACK_API_KEY }}
@@ -107,7 +109,7 @@ jobs:
           QA_AWS_REGION: ${{ secrets.QA_AWS_REGION }}
           QA_AWS_ACCOUNT_NUMBER: ${{ secrets.QA_AWS_ACCOUNT_NUMBER }}
       - name: Run Tests
-        uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@eccde1970eca69f079d3efb3409938a72ade8497 # v2.2.13
+        uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@7d541cbbca52d45b8a718257af86d9cf49774d1f # v2.2.15
         env:
           DETACH_RUNNER: true
           TEST_SUITE: benchmark

.github/workflows/automation-ondemand-tests.yml

@@ -172,7 +172,7 @@ jobs:
             echo "version=${{ inputs.chainlinkVersionUpdate }}" >>$GITHUB_OUTPUT
           fi
       - name: Run Tests
-        uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@eccde1970eca69f079d3efb3409938a72ade8497 # v2.2.13
+        uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@7d541cbbca52d45b8a718257af86d9cf49774d1f # v2.2.15
         env:
           PYROSCOPE_SERVER: ${{ matrix.tests.pyroscope_env == '' && '' || !startsWith(github.ref, 'refs/tags/') && '' || secrets.QA_PYROSCOPE_INSTANCE }} # Avoid sending blank envs https://github.com/orgs/community/discussions/25725
           PYROSCOPE_ENVIRONMENT: ${{ matrix.tests.pyroscope_env }}
@@ -182,7 +182,7 @@ jobs:
           UPGRADE_VERSION: ${{ steps.determine-build.outputs.upgrade_version }}
           UPGRADE_IMAGE: ${{ steps.determine-build.outputs.upgrade_image }}
         with:
-          test_command_to_run: make test_need_operator_assets && cd ./integration-tests && go test -timeout 60m -count=1 -json -test.parallel=${{ matrix.tests.nodes }} ${{ matrix.tests.command }} 2>&1 | tee /tmp/gotest.log | gotestfmt
+          test_command_to_run: cd ./integration-tests && go test -timeout 60m -count=1 -json -test.parallel=${{ matrix.tests.nodes }} ${{ matrix.tests.command }} 2>&1 | tee /tmp/gotest.log | gotestfmt
           test_download_vendor_packages_command: cd ./integration-tests && go mod download
           cl_repo: ${{ steps.determine-build.outputs.image }}
           cl_image_tag: ${{ steps.determine-build.outputs.version }}

.github/workflows/build-publish-develop.yml

@@ -52,6 +52,8 @@ jobs:
           ecr-image-name: chainlink
           ecr-tag-suffix: ${{ matrix.image.tag-suffix }}
           dockerfile: ${{ matrix.image.dockerfile }}
+          dockerhub_username: ${{ secrets.DOCKERHUB_READONLY_USERNAME }}
+          dockerhub_password: ${{ secrets.DOCKERHUB_READONLY_PASSWORD }}
           git-commit-sha: ${{ steps.git-ref.outputs.checked-out || github.sha }}
       - name: Collect Metrics
         if: always()

.github/workflows/build-publish.yml

@@ -1,17 +1,17 @@
-name: 'Build Chainlink and Publish'
+name: "Build Chainlink and Publish"
 
 on:
   # Mimics old circleci behaviour
   push:
     tags:
-      - 'v*'
+      - "v*"
     branches:
       - master
-      - 'release/**'
+      - "release/**"
 
 jobs:
   checks:
-    name: 'Checks'
+    name: "Checks"
     runs-on: ubuntu-20.04
     steps:
       - name: Checkout repository
@@ -42,10 +42,12 @@ jobs:
           aws-role-duration-seconds: ${{ secrets.AWS_ROLE_DURATION_SECONDS }}
           aws-region: ${{ secrets.AWS_REGION }}
           sign-images: true
-          sign-method: 'keypair'
+          sign-method: "keypair"
           cosign-private-key: ${{ secrets.COSIGN_PRIVATE_KEY }}
           cosign-public-key: ${{ secrets.COSIGN_PUBLIC_KEY }}
           cosign-password: ${{ secrets.COSIGN_PASSWORD }}
+          dockerhub_username: ${{ secrets.DOCKERHUB_READONLY_USERNAME }}
+          dockerhub_password: ${{ secrets.DOCKERHUB_READONLY_PASSWORD }}
           verify-signature: true
       - name: Collect Metrics
         if: always()

.github/workflows/build.yml

@@ -1,4 +1,4 @@
-name: 'Build Chainlink'
+name: "Build Chainlink"
 
 on:
   pull_request:
@@ -7,7 +7,6 @@ on:
       - master
 
 jobs:
-
   build-chainlink:
     runs-on: ubuntu-20.04
     steps:
@@ -17,6 +16,8 @@ jobs:
       - name: Build chainlink image
         uses: ./.github/actions/build-sign-publish-chainlink
         with:
+          dockerhub_username: ${{ secrets.DOCKERHUB_READONLY_USERNAME }}
+          dockerhub_password: ${{ secrets.DOCKERHUB_READONLY_PASSWORD }}
           publish: false
           sign-images: false
       - name: Collect Metrics

.github/workflows/ci-core.yml

@@ -166,13 +166,15 @@ jobs:
           GITHUB_EVENT_PATH: ${{ github.event_path }}
           GITHUB_EVENT_NAME: ${{ github.event_name }}
           GITHUB_REPO: ${{ github.repository }}
+          GITHUB_RUN_ID: ${{ github.run_id }}
         run: |
           ./runner \
             -grafana_auth=$GRAFANA_CLOUD_BASIC_AUTH \
             -grafana_host=$GRAFANA_CLOUD_HOST \
             -gh_sha=$GITHUB_SHA \
             -gh_event_path=$GITHUB_EVENT_PATH \
             -gh_event_name=$GITHUB_EVENT_NAME \
+            -gh_run_id=$GITHUB_RUN_ID \
             -gh_repo=$GITHUB_REPO \
             -command=./tools/bin/go_core_tests \
             `ls -R ./artifacts/go_core_tests*/output.txt`

.github/workflows/integration-chaos-tests.yml

@@ -109,9 +109,9 @@ jobs:
       - name: Checkout the repo
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Run Tests
-        uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@eccde1970eca69f079d3efb3409938a72ade8497 # v2.2.13
+        uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@7d541cbbca52d45b8a718257af86d9cf49774d1f # v2.2.15
         with:
-          test_command_to_run: make test_need_operator_assets && cd integration-tests && go test -timeout 1h -count=1 -json -test.parallel 11 ./chaos 2>&1 | tee /tmp/gotest.log | gotestfmt
+          test_command_to_run: cd integration-tests && go test -timeout 1h -count=1 -json -test.parallel 11 ./chaos 2>&1 | tee /tmp/gotest.log | gotestfmt
           test_download_vendor_packages_command: cd ./integration-tests && go mod download
           cl_repo: ${{ env.CHAINLINK_IMAGE }}
           cl_image_tag: ${{ github.sha }}

.github/workflows/integration-tests-publish.yml

@@ -37,3 +37,11 @@ jobs:
           QA_AWS_ROLE_TO_ASSUME: ${{ secrets.QA_AWS_ROLE_TO_ASSUME }}
           QA_AWS_REGION: ${{ secrets.QA_AWS_REGION }}
           QA_AWS_ACCOUNT_NUMBER: ${{ secrets.QA_AWS_ACCOUNT_NUMBER }}
+      - name: Notify Slack
+        if: failure()
+        uses: slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0
+        env:
+          SLACK_BOT_TOKEN: ${{ secrets.QA_SLACK_API_KEY }}
+        with:
+          channel-id: "#team-test-tooling-internal"
+          slack-message: ":x: :mild-panic-intensifies: Publish Integration Test Image failed: ${{ job.html_url }}\n${{ format('https://github.com/smartcontractkit/chainlink/actions/runs/{0}', github.run_id) }}"