From 5f058151aba71887c1d577df2ce3fdddad33e171 Mon Sep 17 00:00:00 2001 From: chainchad <96362174+chainchad@users.noreply.github.com> Date: Mon, 2 Dec 2024 16:42:11 -0500 Subject: [PATCH 1/3] Support public CCIP releases from workflow --- .github/actions/version-file-bump/action.yml | 4 ++- .github/workflows/build-publish.yml | 34 ++++++++++++++++---- 2 files changed, 30 insertions(+), 8 deletions(-) diff --git a/.github/actions/version-file-bump/action.yml b/.github/actions/version-file-bump/action.yml index eb8d5c17426..29907beb160 100644 --- a/.github/actions/version-file-bump/action.yml +++ b/.github/actions/version-file-bump/action.yml @@ -1,5 +1,7 @@ name: version-file-bump -description: "Ensure that the VERSION file has been bumped since the last release." +# TODO: where does CCIP get its version from? +# CCIP current: https://github.com/smartcontractkit/ccip/blob/ccip-develop/package.json +description: "Ensure that the package.json version field has been bumped since the last release." inputs: github-token: description: "Github access token" diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 3d7e925dba0..d892bf176fd 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -7,18 +7,38 @@ on: env: ECR_HOSTNAME: public.ecr.aws - ECR_IMAGE_NAME: chainlink/chainlink jobs: checks: name: "Checks" runs-on: ubuntu-20.04 + outputs: + git-tag-type: ${{ steps.check-git-tag-type.outputs.git-tag-type }} + ecr-image-name: ${{ steps.check-git-tag-type.outputs.ecr-image-name }} steps: - name: Checkout repository uses: actions/checkout@v4.2.1 + - name: Check git tag type + id: check-git-tag-type + shell: bash + env: + GIT_TAG: ${{ github.ref_name}} + run: | + # Check if git tag is related to CCIP + # Should match: + # v1.0.0-ccip1.0.0-beta.1 + # v1.0.0-ccip1.0.0-rc.0 + # v1.0.0-ccip1.0.0 + if [[ $GIT_TAG =~ ^v[0-9]+\.[0-9]+\.[0-9]+-ccip[0-9]+\.[0-9]+\.[0-9]+(-((beta|rc)\.[0-9]+))?$ ]]; then + echo "git-tag-type=ccip" | tee -a "$GITHUB_OUTPUT" + echo "ecr-image-name=chainlink/ccip" | tee -a "$GITHUB_OUTPUT" + else + echo "git-tag-type=core" | tee -a "$GITHUB_OUTPUT" + echo "ecr-image-name=chainlink/chainlink" | tee -a "$GITHUB_OUTPUT" + fi - name: Check for VERSION file bump on tags - # Avoids checking VERSION file bump on forks. - if: ${{ github.repository == 'smartcontractkit/chainlink' }} + # Avoids checking VERSION file bump on forks or from CCIP releases. + if: ${{ github.repository == 'smartcontractkit/chainlink' && steps.check-git-tag-type.outputs.git-tag-type == 'core' }} uses: ./.github/actions/version-file-bump with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -47,7 +67,7 @@ jobs: aws-role-duration-seconds: ${{ secrets.AWS_ROLE_DURATION_SECONDS }} aws-region: ${{ secrets.AWS_REGION }} ecr-hostname: ${{ env.ECR_HOSTNAME }} - ecr-image-name: ${{ env.ECR_IMAGE_NAME }} + ecr-image-name: ${{ needs.checks.outputs.ecr-image-name }} dockerhub_username: ${{ secrets.DOCKERHUB_READONLY_USERNAME }} dockerhub_password: ${{ secrets.DOCKERHUB_READONLY_PASSWORD }} sign-images: true @@ -57,13 +77,13 @@ jobs: uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1.4.2 with: subject-digest: ${{ steps.build-sign-publish.outputs.docker-image-digest }} - subject-name: ${{ env.ECR_HOSTNAME }}/${{ env.ECR_IMAGE_NAME }} + subject-name: ${{ env.ECR_HOSTNAME }}/${{ needs.checks.outputs.ecr-image-name }} push-to-registry: true # Notify Slack channel for new git tags. slack-notify: if: github.ref_type == 'tag' - needs: [build-sign-publish-chainlink] + needs: [checks, build-sign-publish-chainlink] runs-on: ubuntu-24.04 environment: build-publish steps: @@ -91,7 +111,7 @@ jobs: format( '{0}/{1}:{2}', env.ECR_HOSTNAME, - env.ECR_IMAGE_NAME, + needs.checks.outputs.ecr-image-name, needs.build-sign-publish-chainlink.outputs.docker-image-tag ) || '' }} From fa5bfcf1e7f0f6015bc140327a9c4fdae933eb7f Mon Sep 17 00:00:00 2001 From: chainchad <96362174+chainchad@users.noreply.github.com> Date: Mon, 2 Dec 2024 16:51:19 -0500 Subject: [PATCH 2/3] Remove comment --- .github/actions/version-file-bump/action.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/actions/version-file-bump/action.yml b/.github/actions/version-file-bump/action.yml index 29907beb160..17bdc71a716 100644 --- a/.github/actions/version-file-bump/action.yml +++ b/.github/actions/version-file-bump/action.yml @@ -1,6 +1,4 @@ name: version-file-bump -# TODO: where does CCIP get its version from? -# CCIP current: https://github.com/smartcontractkit/ccip/blob/ccip-develop/package.json description: "Ensure that the package.json version field has been bumped since the last release." inputs: github-token: From e1743a83785d548e66f734b59ea251efad0f4644 Mon Sep 17 00:00:00 2001 From: chainchad <96362174+chainchad@users.noreply.github.com> Date: Mon, 2 Dec 2024 17:33:30 -0500 Subject: [PATCH 3/3] Add failing step if ccip release type does not have a matching package version --- .github/workflows/build-publish.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index d892bf176fd..2889ee5e5ea 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -36,6 +36,16 @@ jobs: echo "git-tag-type=core" | tee -a "$GITHUB_OUTPUT" echo "ecr-image-name=chainlink/chainlink" | tee -a "$GITHUB_OUTPUT" fi + - name: Fail if CCIP release has wrong version + if: ${{ steps.check-git-tag-type.outputs.git-tag-type == 'ccip' }} + run: | + version=$(jq -r '.version' ./package.json) + echo "Package version: $version" + echo "Git tag type: ${{ steps.check-git-tag-type.outputs.git-tag-type }}" + if [[ $version != *"-ccip"* ]]; then + echo "Error: Version '$version' does not match required CCIP format." + exit 1 + fi - name: Check for VERSION file bump on tags # Avoids checking VERSION file bump on forks or from CCIP releases. if: ${{ github.repository == 'smartcontractkit/chainlink' && steps.check-git-tag-type.outputs.git-tag-type == 'core' }}