Publish Release #89
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish Release | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: 'Version for Release.' | |
required: false | |
default: '' | |
skip_checks: | |
type: boolean | |
required: false | |
default: false | |
description: 'Use this to skip: gosec, gosec-cosmos, check-changelog, check-upgrade-uandler-updated, build-test, smoke-test and go straight to approval step.' | |
skip_release: | |
type: boolean | |
required: false | |
default: false | |
description: 'If this is true it will simply execute all the steps for a release prior to actually cutting the release, then stop' | |
concurrency: | |
group: publish-release | |
cancel-in-progress: false | |
jobs: | |
check_branch: | |
if: ${{ (startsWith(github.ref, 'refs/heads/release/v') || startsWith(github.ref, 'refs/heads/hotfix/v')) }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Branch | |
run: | | |
echo "${{ github.ref }}" | |
gosec: | |
needs: | |
- check_branch | |
runs-on: ubuntu-latest | |
env: | |
GO111MODULE: on | |
steps: | |
- name: Checkout Source | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up Go | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/setup-go@v3 | |
with: | |
go-version: '1.20' | |
- name: Run Gosec Security Scanner | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: securego/gosec@master | |
with: | |
args: ./... | |
- name: Mark Job Complete Skipped | |
if: ${{ github.event.inputs.skip_checks == 'true' }} | |
shell: bash | |
run: | | |
echo "continue" | |
gosec-cosmos: | |
needs: | |
- check_branch | |
runs-on: ubuntu-latest | |
env: | |
GO111MODULE: on | |
steps: | |
- name: Checkout Source | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up Go | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/setup-go@v3 | |
with: | |
go-version: '1.20' | |
- name: Run Cosmos Gosec Security Scanner | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
run: make lint-cosmos-gosec | |
- name: Mark Job Complete Skipped | |
if: ${{ github.event.inputs.skip_checks == 'true' }} | |
shell: bash | |
run: | | |
echo "continue" | |
lint: | |
needs: | |
- check_branch | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
env: | |
GO111MODULE: on | |
steps: | |
- name: Checkout Source | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Set up Go | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/setup-go@v3 | |
with: | |
go-version: '1.20' | |
- name: Run golangci-lint | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: golangci/golangci-lint-action@v3 | |
with: | |
version: v1.54 | |
skip-cache: true | |
args: --out-format=json | |
- name: Mark Job Complete Skipped | |
if: ${{ github.event.inputs.skip_checks == 'true' }} | |
shell: bash | |
run: | | |
echo "continue" | |
check-changelog: | |
needs: | |
- check_branch | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Get latest commit SHA of Develop & Current Branch | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
id: get-develop-sha | |
run: | | |
SHA=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ | |
https://api.github.com/repos/${{ github.repository }}/git/ref/heads/develop | jq -r '.object.sha') | |
echo "DEVELOP_SHA=${SHA}" >> ${GITHUB_ENV} | |
echo "CURRENT_BRANCH_SHA=${{ github.sha }}" >> ${GITHUB_ENV} | |
- name: Check for CHANGELOG.md changes | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
run: | | |
echo "Check the changelog has actually been updated from whats in develop" | |
echo "DEVELOP BRANCH SHA: ${DEVELOP_SHA}" | |
echo "CURRENT BRANCH SHA: ${CURRENT_BRANCH_SHA}" | |
CHANGELOG_DIFF=$(git diff ${DEVELOP_SHA}..${CURRENT_BRANCH_SHA} -- changelog.md) | |
echo "${CHANGELOG_DIFF}" | |
if [ -z "$CHANGELOG_DIFF" ]; then | |
echo "ERROR: No changes detected in CHANGELOG.md. Please update the changelog." | |
exit 1 | |
else | |
echo "CHANGELOG.md has been updated." | |
fi | |
- name: Mark Job Complete Skipped | |
if: ${{ github.event.inputs.skip_checks == 'true' }} | |
shell: bash | |
run: | | |
echo "continue" | |
check-upgrade-handler-updated: | |
needs: | |
- check_branch | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
steps: | |
- uses: actions/checkout@v3 | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
with: | |
fetch-depth: 0 | |
- name: Major Version in Upgrade Handler Must Match Tag | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
run: | | |
UPGRADE_HANDLER_MAJOR_VERSION=$(cat app/setup_handlers.go | grep "const releaseVersion" | cut -d ' ' -f4 | tr -d '"' | cut -d '.' -f 1 | tr -d '\n') | |
USER_INPUT_VERSION=$(echo "${{ github.event.inputs.version }}" | cut -d '.' -f 1 | tr -d '\n') | |
echo "Upgrade Handler Major Version: ${UPGRADE_HANDLER_MAJOR_VERSION}" | |
echo "User Inputted Release Version: ${USER_INPUT_VERSION}" | |
if [ ${USER_INPUT_VERSION} != $UPGRADE_HANDLER_MAJOR_VERSION ]; then | |
echo "ERROR: The input version doesn't match the release handler for the branch selected. Please ensure the upgrade handler of the branch you selected when you ran the pipeline matches the input version." | |
echo "Did you forget to update the 'releaseVersion' in app/setup_handlers.go?" | |
exit 1 | |
fi | |
echo "The major version found in 'releaseVersion' in app/setup_handlers.go matches this tagged release - Moving Forward!" | |
- name: Mark Job Complete Skipped | |
if: ${{ github.event.inputs.skip_checks == 'true' }} | |
shell: bash | |
run: | | |
echo "continue" | |
build-test: | |
needs: | |
- check_branch | |
runs-on: buildjet-4vcpu-ubuntu-2004 | |
timeout-minutes: 15 | |
concurrency: | |
group: "build-test" | |
steps: | |
- name: "Checkout Code" | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/checkout@v3 | |
- name: Set CPU Architecture | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
shell: bash | |
run: | | |
if [ "$(uname -m)" == "aarch64" ]; then | |
echo "CPU_ARCH=arm64" >> $GITHUB_ENV | |
elif [ "$(uname -m)" == "x86_64" ]; then | |
echo "CPU_ARCH=amd64" >> $GITHUB_ENV | |
else | |
echo "Unsupported architecture" >&2 | |
exit 1 | |
fi | |
- name: Install Pipeline Dependencies | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: ./.github/actions/install-dependencies | |
timeout-minutes: 8 | |
with: | |
cpu_architecture: ${{ env.CPU_ARCH }} | |
skip_python: "true" | |
skip_aws_cli: "true" | |
skip_docker_compose: "false" | |
- name: Test | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: nick-fields/retry@v2 | |
with: | |
timeout_minutes: 20 | |
max_attempts: 2 | |
retry_on: error | |
command: | | |
echo "Running Build Tests" | |
make clean | |
make test-coverage | |
- name: Upload coverage reports to Codecov | |
uses: codecov/[email protected] | |
with: | |
file: coverage.out | |
token: ${{ secrets.CODECOV_TOKEN }} | |
slug: zeta-chain/node | |
- name: Build zetacored and zetaclientd | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
env: | |
CGO_ENABLED: 1 | |
GOOS: linux | |
GOARCH: ${{ env.CPU_ARCH }} | |
run: | | |
make install | |
cp "$HOME"/go/bin/* ./ | |
chmod a+x ./zetacored | |
./zetacored version | |
- name: Clean Up Workspace | |
if: always() | |
shell: bash | |
run: rm -rf * | |
- name: Mark Job Complete Skipped | |
if: ${{ github.event.inputs.skip_checks == 'true' }} | |
shell: bash | |
run: | | |
echo "continue" | |
smoke-test: | |
needs: | |
- check_branch | |
runs-on: buildjet-4vcpu-ubuntu-2204 | |
timeout-minutes: 25 | |
steps: | |
- name: "Checkout Code" | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/checkout@v3 | |
- name: Set CPU Architecture | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
shell: bash | |
run: | | |
if [ "$(uname -m)" == "aarch64" ]; then | |
echo "CPU_ARCH=arm64" >> $GITHUB_ENV | |
elif [ "$(uname -m)" == "x86_64" ]; then | |
echo "CPU_ARCH=amd64" >> $GITHUB_ENV | |
else | |
echo "Unsupported architecture" >&2 | |
exit 1 | |
fi | |
- name: Install Pipeline Dependencies | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: ./.github/actions/install-dependencies | |
timeout-minutes: 8 | |
with: | |
cpu_architecture: ${{ env.CPU_ARCH }} | |
skip_python: "false" | |
skip_aws_cli: "true" | |
skip_docker_compose: "false" | |
- name: Login to Docker Hub | |
uses: docker/login-action@v2 | |
if: ${{ github.event.repository.full_name == 'zetachain-chain/node' && github.event.inputs.skip_checks != 'true' }} | |
with: | |
username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
password: ${{ secrets.DOCKER_HUB_READ_ONLY }} | |
- name: Build zetanode | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
run: | | |
make zetanode | |
- name: Start Private Network | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
run: | | |
cd contrib/localnet/ | |
docker compose up -d zetacore0 zetacore1 zetaclient0 zetaclient1 eth bitcoin | |
- name: Run Smoke Test | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
run: | | |
cd contrib/localnet | |
docker-compose up orchestrator --exit-code-from orchestrator | |
if [ $? -ne 0 ]; then | |
echo "Smoke Test Failed" | |
exit 1 | |
fi | |
- name: Stop Private Network | |
if: ${{ always() && github.event.inputs.skip_checks != 'true' }} | |
run: | | |
cd contrib/localnet/ | |
docker compose down | |
- name: Clean Up Workspace | |
if: always() | |
shell: bash | |
run: sudo rm -rf * | |
- name: Mark Job Complete Skipped | |
if: ${{ github.event.inputs.skip_checks == 'true' }} | |
shell: bash | |
run: | | |
echo "continue" | |
e2e-admin-tests: | |
needs: | |
- check_branch | |
runs-on: buildjet-4vcpu-ubuntu-2204 | |
timeout-minutes: 120 | |
steps: | |
- name: "Checkout Code" | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/checkout@v3 | |
- name: Execute e2e-admin-tests | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
shell: bash | |
run: | | |
make start-e2e-admin-test | |
- name: Mark Job Complete Skipped | |
if: ${{ github.event.inputs.skip_checks == 'true' }} | |
shell: bash | |
run: | | |
echo "continue" | |
e2e-upgrade-test: | |
needs: | |
- check_branch | |
runs-on: buildjet-4vcpu-ubuntu-2204 | |
timeout-minutes: 120 | |
steps: | |
- name: "Checkout Code" | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
uses: actions/checkout@v3 | |
- name: Execute upgrade-test | |
if: ${{ github.event.inputs.skip_checks != 'true' }} | |
shell: bash | |
run: | | |
make start-e2e-import-mainnet-test | |
container_id=$(docker ps --filter "ancestor=orchestrator:latest" --format "{{.ID}}") | |
if [ -z "$container_id" ]; then | |
echo "Orchestrator container is not currently running. Exiting..." | |
exit 1 | |
fi | |
echo "Monitoring Orchestrator container with ID: $container_id" | |
while true; do | |
current_status=$(docker ps -q | grep $container_id || echo "docker-ps-error") | |
if [ "$current_status" == "docker-ps-error" ]; then | |
echo "***********************************" | |
echo "* *" | |
echo "* *" | |
echo "* TESTING COMPLETE *" | |
echo "* *" | |
echo "* *" | |
echo "***********************************" | |
docker_logs=$(docker logs $container_id || echo "no logs") | |
docker_logs_check=$(echo "${docker_logs}" | grep "e2e tests completed" | grep -v grep) | |
if [ ! -z "${docker_logs_check}" ]; then | |
docker logs $container_id || echo "no logs" | |
echo "${docker_logs_check}" | |
echo "Testing Succeeded." | |
exit 0 | |
else | |
docker logs $container_id || echo "no logs" | |
echo "${docker_logs_check}" | |
echo "Testing failed, didn't find th completed message in the logs." | |
exit 1 | |
fi | |
else | |
echo "Testing in progress still...." | |
if [ "${{ github.event.inputs.debug }}" == "true" ]; then | |
docker logs $container_id || echo "no logs" | |
fi | |
fi | |
sleep 5 | |
done | |
- name: Mark Job Complete Skipped | |
if: ${{ github.event.inputs.skip_checks == 'true' }} | |
shell: bash | |
run: | | |
echo "continue" | |
publish-release: | |
if: ${{ github.event.inputs.skip_release == 'false' }} | |
needs: | |
- gosec | |
- gosec-cosmos | |
- lint | |
- check-changelog | |
- check-upgrade-handler-updated | |
- smoke-test | |
- build-test | |
- e2e-admin-tests | |
- e2e-upgrade-test | |
- check_branch | |
runs-on: buildjet-4vcpu-ubuntu-2004 | |
timeout-minutes: 60 | |
environment: release | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install Pipeline Dependencies | |
uses: ./.github/actions/install-dependencies | |
timeout-minutes: 8 | |
with: | |
cpu_architecture: ${{ env.CPU_ARCH }} | |
skip_python: "true" | |
skip_aws_cli: "true" | |
skip_docker_compose: "true" | |
- name: Change Log Release Notes. | |
id: release_notes | |
run: | | |
cat changelog.md > ${{ github.workspace }}-CHANGELOG.txt | |
cat ${{ github.workspace }}-CHANGELOG.txt | |
- name: Set Version | |
run: | | |
echo "GITHUB_TAG_MAJOR_VERSION=${{ github.event.inputs.version }}" >> ${GITHUB_ENV} | |
- name: Set CPU Architecture | |
shell: bash | |
run: | | |
if [ "$(uname -m)" == "aarch64" ]; then | |
echo "CPU_ARCH=arm64" >> $GITHUB_ENV | |
elif [ "$(uname -m)" == "x86_64" ]; then | |
echo "CPU_ARCH=amd64" >> $GITHUB_ENV | |
else | |
echo "Unsupported architecture" >&2 | |
exit 1 | |
fi | |
- name: Create Release Tag | |
shell: bash | |
run: | | |
git tag ${GITHUB_TAG_MAJOR_VERSION} | |
create_tag=$(git push --tags || echo "tag exists") | |
if [[ $create_tag == "tag exists" ]]; then | |
echo "Delete existing tag to re-create" | |
git tag -d ${GITHUB_TAG_MAJOR_VERSION} | |
git push --delete origin ${GITHUB_TAG_MAJOR_VERSION} | |
echo "sleep for 5 seconds to let github catch up." | |
sleep 5 | |
echo "Re-Create Tag." | |
git tag ${GITHUB_TAG_MAJOR_VERSION} | |
git push --tags | |
fi | |
- name: Create GitHub Release | |
uses: softprops/action-gh-release@v1 | |
with: | |
prerelease: true | |
token: ${{ secrets.PAT_GITHUB_SERVICE_ACCT }} | |
body_path: ${{ github.workspace }}-CHANGELOG.txt | |
tag_name: ${{ env.GITHUB_TAG_MAJOR_VERSION }} | |
- name: Publish Release Files | |
env: | |
GITHUB_TOKEN: ${{ secrets.PAT_GITHUB_SERVICE_ACCT }} | |
GORELEASER_CURRENT_TAG: ${{ env.GITHUB_TAG_MAJOR_VERSION }} | |
run: | | |
touch .release-env | |
make release | |
- name: Clean Up Workspace | |
if: always() | |
shell: bash | |
run: sudo rm -rf * || echo "failed to cleanup workspace please investigate" |