diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b4c6bbd1..e5e8491e 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -22,6 +22,18 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # This step will only execute if the necessary secrets are available, preventing failures + # on pull requests from forked repositories. + if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }} + env: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Install Kurtosis CDK tools uses: ./.github/actions/setup-kurtosis-cdk @@ -81,6 +93,18 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # This step will only execute if the necessary secrets are available, preventing failures + # on pull requests from forked repositories. + if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }} + env: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Install Kurtosis CDK tools uses: ./.github/actions/setup-kurtosis-cdk @@ -149,6 +173,18 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # This step will only execute if the necessary secrets are available, preventing failures + # on pull requests from forked repositories. + if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }} + env: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Install Kurtosis CDK tools uses: ./.github/actions/setup-kurtosis-cdk @@ -240,6 +276,18 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # This step will only execute if the necessary secrets are available, preventing failures + # on pull requests from forked repositories. + if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }} + env: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Install Kurtosis CDK tools uses: ./.github/actions/setup-kurtosis-cdk @@ -297,6 +345,18 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # This step will only execute if the necessary secrets are available, preventing failures + # on pull requests from forked repositories. + if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }} + env: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Install Kurtosis CDK tools uses: ./.github/actions/setup-kurtosis-cdk diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 84502fdc..eda80c3a 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -16,12 +16,23 @@ env: jobs: # Deploy a standalone zkevm permisionless node against Cardona Sepolia Tesnet. cardona-sepolia-testnet-pless-zkevm-node: - #if: github.repository == '0xPolygon/kurtosis-cdk' # Prevent this job to run on forks. runs-on: ubuntu-latest timeout-minutes: 20 steps: - uses: actions/checkout@v4 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # This step will only execute if the necessary secrets are available, preventing failures + # on pull requests from forked repositories. + if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }} + env: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Install Kurtosis CDK tools uses: ./.github/actions/setup-kurtosis-cdk @@ -29,6 +40,11 @@ jobs: run: | yq -Y --in-place '.args.l1_rpc_url = "${{ secrets.ALCHEMY_SEPOLIA_RPC_URL }}"' ./.github/tests/pless-zkevm-node/cardona-sepolia-testnet-pless-zkevm-node.yml kurtosis run --enclave=${{ env.ENCLAVE_NAME }} --args-file=./.github/tests/pless-zkevm-node/cardona-sepolia-testnet-pless-zkevm-node.yml --show-enclave-inspect=false . + # This step will only execute if the necessary secrets are available, preventing failures + # on pull requests from forked repositories. + if: ${{ env.ALCHEMY_SEPOLIA_RPC_URL}} + env: + ALCHEMY_SEPOLIA_RPC_URL: ${{ secrets.ALCHEMY_SEPOLIA_RPC_URL }} - name: Inspect enclave run: kurtosis enclave inspect ${{ env.ENCLAVE_NAME }} diff --git a/.github/workflows/security-build.yml b/.github/workflows/security-build.yml index 0a9c8298..7edc5250 100644 --- a/.github/workflows/security-build.yml +++ b/.github/workflows/security-build.yml @@ -10,7 +10,6 @@ jobs: sonarcloud: runs-on: ubuntu-latest timeout-minutes: 5 - if: github.repository == '0xPolygon/kurtosis-cdk' # Prevent this job to run on forks. steps: - uses: actions/checkout@v4 with: @@ -21,3 +20,8 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + # This step will only execute if the necessary secrets are available, preventing failures + # on pull requests from forked repositories. + if: ${{ env.SONAR_TOKEN}} + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}