ci/cd refactor: on-pr workflow #24
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Placeholder for the PR workflow. | |
| name: on-pr | |
| on: | |
| pull_request: {} | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| pull-requests: write | |
| contents: read | |
| env: | |
| ARTIFACT_NAME: placeholder | |
| CONSENSUS_ENCLAVE_CSS: /tmp/consensus-enclave.css | |
| GH_SHORT_SHA: placeholder | |
| INGEST_ENCLAVE_CSS: /tmp/ingest-enclave.css | |
| RUST_BACKTRACE: full | |
| RUST_BIN_PATH: placeholder | |
| jobs: | |
| lint-actions: | |
| runs-on: mco-dev-small-x64 | |
| steps: | |
| - name: Lint GitHub Actions | |
| uses: mobilecoinofficial/gh-actions/lint-actions@27a8d66eb4dcb10910cc8560563391e64238634a | |
| # CBB: Need to clean up repo shell scripts to pass shellcheck | |
| # lint-shell: | |
| # runs-on: mco-dev-small-x64 | |
| # steps: | |
| # - name: Lint shell with Shellcheck | |
| # uses: mobilecoinofficial/gh-actions/lint-shell@27a8d66eb4dcb10910cc8560563391e64238634a | |
| lint-helm: | |
| runs-on: mco-dev-small-x64 | |
| steps: | |
| - name: Lint Helm Charts | |
| uses: mobilecoinofficial/gh-actions/lint-helm@6b12f401e2129f99617464ebd06bd3cb79686bed | |
| lint-docker: | |
| runs-on: mco-dev-small-x64 | |
| steps: | |
| - name: Lint Dockerfiles with Hadolint | |
| uses: mobilecoinofficial/gh-actions/lint-docker@27a8d66eb4dcb10910cc8560563391e64238634a | |
| # lint-rust: | |
| # runs-on: mco-dev-large-x64 | |
| # container: | |
| # image: mobilecoin/rust-sgx-base:v0.0.36 | |
| # env: | |
| # SGX_MODE: SW | |
| # steps: | |
| # - name: Checkout | |
| # uses: mobilecoinofficial/gh-actions/checkout@v0 | |
| # - name: Consensus SigStruct | |
| # uses: ./.github/actions/download-sigstruct | |
| # with: | |
| # sigstruct: consensus | |
| # network: test | |
| # download_path: ${{ env.CONSENSUS_ENCLAVE_CSS }} | |
| # - name: Ingest SigStruct | |
| # uses: ./.github/actions/download-sigstruct | |
| # with: | |
| # sigstruct: ingest | |
| # network: test | |
| # download_path: ${{ env.INGEST_ENCLAVE_CSS }} | |
| # - name: Cargo sort | |
| # shell: bash | |
| # run: | | |
| # cargo install cargo-sort --force | |
| # cargo sort --workspace --grouped --check | |
| # - name: Cargo fmt | |
| # shell: bash | |
| # run: | | |
| # cargo fmt -- --unstable-features --check | |
| # - name: Cargo Clippy | |
| # shell: bash | |
| # run: | | |
| # cargo clippy --all --all-features | |
| # test-rust: | |
| # runs-on: mco-dev-large-x64 | |
| # container: | |
| # image: mobilecoin/rust-sgx-base:v0.0.36 | |
| # env: | |
| # SGX_MODE: SW | |
| # steps: | |
| # - name: Checkout | |
| # uses: mobilecoinofficial/gh-actions/checkout@v0 | |
| # - name: Consensus SigStruct | |
| # uses: ./.github/actions/download-sigstruct | |
| # with: | |
| # sigstruct: consensus | |
| # network: test | |
| # download_path: ${{ env.CONSENSUS_ENCLAVE_CSS }} | |
| # - name: Ingest SigStruct | |
| # uses: ./.github/actions/download-sigstruct | |
| # with: | |
| # sigstruct: ingest | |
| # network: test | |
| # download_path: ${{ env.INGEST_ENCLAVE_CSS }} | |
| # - name: Cargo Test | |
| # shell: bash | |
| # env: | |
| # CARGO_INCREMENTAL: "0" | |
| # RUSTFLAGS: "-Zprofile -Ccodegen-units=1 -Cinline-threshold=0 -Clink-dead-code -Coverflow-checks=off -Cpanic=abort -Zpanic_abort_tests" | |
| # RUSTDOCFLAGS: "-Zprofile -Ccodegen-units=1 -Cinline-threshold=0 -Clink-dead-code -Coverflow-checks=off -Cpanic=abort -Zpanic_abort_tests" | |
| # run: | | |
| # cargo test | |
| # skip coverage for now, old actions-rs/grcov is deprecated | |
| # need to learn how to generate .xml reports for codecov below | |
| # - name: grcov | |
| # shell: bash | |
| # run: | | |
| # cargo install grcov | |
| # - name: Codecov | |
| # uses: codecov/codecov-action@v3.1.4 | |
| # with: | |
| # files: ${{ steps.coverage.outputs.report }} | |
| # verbose: true | |
| # fail_ci_if_error: true | |
| # env: | |
| # CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| # build-rust-linux: | |
| # strategy: | |
| # matrix: | |
| # runner: | |
| # - mco-dev-large-x64 | |
| # network: | |
| # - main | |
| # - test | |
| # runs-on: ${{ matrix.runner }} | |
| # container: | |
| # image: mobilecoin/rust-sgx-base:v0.0.36 | |
| # steps: | |
| # - name: Checkout | |
| # uses: mobilecoinofficial/gh-actions/checkout@v0 | |
| # - name: Build Rust | |
| # uses: ./.github/actions/build-rust | |
| # with: | |
| # network: ${{ matrix.network }} | |
| # build-rust-macos: | |
| # strategy: | |
| # fail-fast: false | |
| # matrix: | |
| # runner: | |
| # - [self-hosted, macOS, X64] | |
| # - [self-hosted, macOS, ARM64] | |
| # network: | |
| # - main | |
| # - test | |
| # runs-on: ${{ matrix.runner }} | |
| # steps: | |
| # - name: Checkout | |
| # uses: mobilecoinofficial/gh-actions/checkout@v0 | |
| # - name: Bootstrap macOS | |
| # shell: bash | |
| # run: | | |
| # echo "-- install brew dependencies" | |
| # rm -rf "$(brew --prefix)/var/homebrew/locks" | |
| # brew bundle --quiet | |
| # echo "-- install rust toolchain" | |
| # rm -rf /Users/runner/.cargo | |
| # rm -rf /Users/runner/.rustup | |
| # rustup toolchain install "$(cat rust-toolchain)" | |
| # echo "-- add cargo to path" | |
| # rustup_cargo=$(rustup which cargo) | |
| # echo "CARGO_HOME=${HOME}/.cargo" >> "${GITHUB_ENV}" | |
| # echo "RUSTUP_HOME=${HOME}/.rustup" >> "${GITHUB_ENV}" | |
| # echo "${HOME}/.cargo/bin" >> "${GITHUB_PATH}" | |
| # echo "$(dirname "${rustup_cargo}")" >> "${GITHUB_PATH}" | |
| # - name: Build Rust | |
| # uses: ./.github/actions/build-rust | |
| # with: | |
| # network: ${{ matrix.network }} | |
| # build-publish-containers: | |
| # needs: | |
| # - build-rust-linux | |
| # strategy: | |
| # matrix: | |
| # runner: | |
| # - mco-dev-small-x64 | |
| # network: | |
| # - chain_id: main | |
| # peer: mc://node1.prod.mobilecoinww.com/,mc://node2.prod.mobilecoinww.com/ | |
| # tx_source_url: https://ledger.mobilecoinww.com/node1.prod.mobilecoinww.com/,https://ledger.mobilecoinww.com/node2.prod.mobilecoinww.com | |
| # - chain_id: test | |
| # peer: mc://node1.test.mobilecoin.com/,mc://node2.test.mobilecoin.com/ | |
| # tx_source_url: https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.test.mobilecoin.com/,https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.test.mobilecoin.com/ | |
| # runs-on: ${{ matrix.runner }} | |
| # steps: | |
| # - name: Checkout | |
| # uses: mobilecoinofficial/gh-actions/checkout@v0 | |
| # - name: Setup Env | |
| # shell: bash | |
| # run: | | |
| # set -e -o pipefail | |
| # # Set vars so we can use them in this step | |
| # GH_SHORT_SHA="sha-$(echo "${GITHUB_SHA}" | cut -c1-7)" | |
| # ARTIFACT_NAME="full-service-${{ matrix.network.chain_id }}net-${{ runner.os }}-${{ runner.arch }}-${GH_SHORT_SHA}" | |
| # echo "GH_SHORT_SHA=${GH_SHORT_SHA}" >> "${GITHUB_ENV}" | |
| # echo "ARTIFACT_NAME=${ARTIFACT_NAME}" >> "${GITHUB_ENV}" | |
| # echo "RUST_BIN_PATH=build-artifacts/${ARTIFACT_NAME}" >> "${GITHUB_ENV}" | |
| # # CBB: Move this to gh-actions | |
| # - name: Restore Artifacts | |
| # uses: actions/download-artifact@v4 | |
| # with: | |
| # name: ${{ env.ARTIFACT_NAME }} | |
| # path: build-artifacts | |
| # - name: check artifacts | |
| # shell: bash | |
| # run: | | |
| # ls -alR build-artifacts | |
| # # fix mirror binaries path | |
| # cp ${RUST_BIN_PATH}/mirror/* ${RUST_BIN_PATH} | |
| # - name: Docker - build and publish full-service | |
| # uses: mobilecoinofficial/gh-actions/docker@v0 | |
| # with: | |
| # dockerfile: .internal-ci/docker/Dockerfile.full-service | |
| # images: mobilecoin/full-service | |
| # build_args: | | |
| # RUST_BIN_PATH=${{ env.RUST_BIN_PATH }} | |
| # MC_CHAIN_ID=${{ matrix.network.chain_id }} | |
| # MC_PEER=${{ matrix.network.peer }} | |
| # MC_TX_SOURCE_URL=${{ matrix.network.tx_source_url }} | |
| # flavor: | | |
| # latest=false | |
| # tags: | | |
| # v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net | |
| # password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| # username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| # build-publish-charts: | |
| # needs: | |
| # - build-rust-linux | |
| # strategy: | |
| # matrix: | |
| # network: | |
| # - chain_id: main | |
| # - chain_id: test | |
| # runs-on: mco-dev-small-x64 | |
| # env: | |
| # CHART_REPO: https://harbor.mobilecoin.com/chartrepo/mobilecoinofficial-public | |
| # steps: | |
| # - name: Checkout | |
| # uses: mobilecoinofficial/gh-actions/checkout@v0 | |
| # - name: Setup Env | |
| # shell: bash | |
| # run: | | |
| # set -e -o pipefail | |
| # echo "GH_SHORT_SHA=sha-$(echo "${GITHUB_SHA}" | cut -c1-7)" >> "${GITHUB_ENV}" | |
| # - name: Publish helm chart full-service | |
| # uses: mobilecoinofficial/gha-k8s-toolbox@v1 | |
| # with: | |
| # action: helm-publish | |
| # chart_app_version: v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net | |
| # chart_path: .internal-ci/helm/full-service | |
| # chart_repo: ${{ env.CHART_REPO }} | |
| # chart_repo_password: ${{ secrets.HARBOR_PASSWORD }} | |
| # chart_repo_username: ${{ secrets.HARBOR_USERNAME }} | |
| # chart_version: v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net | |
| # - name: Publish helm chart full-service-mirror | |
| # uses: mobilecoinofficial/gha-k8s-toolbox@v1 | |
| # with: | |
| # action: helm-publish | |
| # chart_app_version: v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net | |
| # chart_path: .internal-ci/helm/full-service-mirror | |
| # chart_repo: ${{ env.CHART_REPO }} | |
| # chart_repo_password: ${{ secrets.HARBOR_PASSWORD }} | |
| # chart_repo_username: ${{ secrets.HARBOR_USERNAME }} | |
| # chart_version: v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net | |
| # build binaries: | |
| # testnet, mainnet | |
| # linux amd64 arm64 | |
| # macos intel, apple | |
| # containers: | |
| # linux arm64, amd64 | |
| # test: | |
| # lint | |
| # docker (hadolint) | |
| # shellcheck | |
| # actionlint | |
| # helm lint | |
| # rust/cargo fmt | |
| # rust/cargo clippy | |
| # rust/cargo sort | |
| # unit | |
| # integration - testnet, mainnet |