-
Notifications
You must be signed in to change notification settings - Fork 3
287 lines (266 loc) · 10.5 KB
/
pull-request-main.yml
File metadata and controls
287 lines (266 loc) · 10.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
name: pull-request-main
on:
merge_group:
pull_request:
branches:
- main
jobs:
changes:
name: Detect changed files
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: read
outputs:
operations_gen: ${{ steps.filter.outputs.operations_gen }}
steps:
- uses: actions/checkout@v6
- uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
id: filter
with:
filters: |
operations_gen:
- 'tools/operations-gen/**'
ci-lint:
name: Lint
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Linting Go
uses: smartcontractkit/.github/actions/ci-lint-go@ci-lint-go/v2 # ci-lint-go@2.0.0
with:
only-new-issues: "false"
golangci-lint-version: v2.8.0
ci-lint-operations-gen:
name: Lint operations-gen
needs: [changes]
if: needs.changes.outputs.operations_gen == 'true'
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Linting operations-gen
uses: smartcontractkit/.github/actions/ci-lint-go@ci-lint-go/v2 # ci-lint-go@2.0.0
with:
only-new-issues: "false"
golangci-lint-version: v2.8.0
go-directory: tools/operations-gen
ci-lint-misc:
name: Lint GH Actions and scripts
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Linting Misc (yaml + sh files)
uses: smartcontractkit/.github/actions/ci-lint-misc@eeb76b5870e3c17856d5a60fd064a053c023b5f5 # ci-lint-misc@1.0.0
ci-test-operations-gen:
name: Tests operations-gen
needs: [changes]
if: needs.changes.outputs.operations_gen == 'true'
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test operations-gen
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
go-test-cmd: cd tools/operations-gen && go test -race ./...
use-go-cache: true
artifact-name: unit-tests-operations-gen
ci-test:
name: Tests
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
# disable the checkptr runtime check due a false positive in github.com/xssnick/tonutils-go
# causing tests in ci to fail "fatal error: checkptr: pointer arithmetic result points to invalid allocation"
# https://github.com/xssnick/tonutils-go/issues/310
# Exclude provider packages which use Docker containers and remote catalog tests
go-test-cmd: go test -race -gcflags=all=-d=checkptr=0 -coverprofile=coverage.txt $(go list ./... | grep -v '/provider' | grep -v '/catalog/remote')
use-go-cache: true
artifact-name: unit-tests
ci-test-provider-aptos:
name: Provider Tests - Aptos
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test aptos provider packages
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
go-test-cmd: go test -race -coverprofile=coverage.txt ./chain/aptos/provider/...
use-go-cache: true
artifact-name: provider-tests-aptos
ci-test-provider-canton:
name: Provider Tests - Canton
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test canton provider packages
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
go-test-cmd: go test -race -coverprofile=coverage.txt ./chain/canton/provider/...
use-go-cache: true
artifact-name: provider-tests-canton
ci-test-provider-ton:
name: Provider Tests - TON
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test ton provider packages
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
# disable the checkptr runtime check due a false positive in github.com/xssnick/tonutils-go
# causing tests in ci to fail "fatal error: checkptr: pointer arithmetic result points to invalid allocation"
# https://github.com/xssnick/tonutils-go/issues/310
go-test-cmd: go test -race -gcflags=all=-d=checkptr=0 -coverprofile=coverage.txt ./chain/ton/provider/...
use-go-cache: true
artifact-name: provider-tests-ton
ci-test-provider-tron:
name: Provider Tests - TRON
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test tron provider packages
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
go-test-cmd: go test -race -coverprofile=coverage.txt ./chain/tron/provider/...
use-go-cache: true
artifact-name: provider-tests-tron
ci-test-provider-stellar:
name: Provider Tests - Stellar
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test stellar provider packages
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
go-test-cmd: go test -race -coverprofile=coverage.txt ./chain/stellar/provider/...
use-go-cache: true
artifact-name: provider-tests-stellar
ci-test-provider-fast:
name: Provider Tests - Others
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test provider packages
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
# -p 2 -parallel 3 = 2 packages, 3 tests max = 6 containers max
# Run all provider tests EXCEPT slow ones (aptos, canton, ton, tron, stellar) which have dedicated jobs
go-test-cmd: go test -race -p 2 -parallel 3 -coverprofile=coverage.txt $(go list ./... | grep '/provider' | grep -E -v '/(aptos|canton|ton|tron|stellar)/provider')
use-go-cache: true
artifact-name: provider-tests-others
ci-test-catalog-remote:
name: Catalog Remote Tests
runs-on: ubuntu-latest
timeout-minutes: 15
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Configure AWS credentials for ECR
uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 # v6.0.0
with:
role-to-assume: ${{ secrets.ECR_READ_ROLE_ARN }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Get latest catalog service tag from ECR
id: get-catalog-tag
run: |
# Fetch the latest semantic version tag from ECR
# Sort images by push date (latest first) and find the first semver tag
LATEST_TAG=$(aws ecr describe-images \
--repository-name op-catalog-service \
--region ${{ secrets.AWS_REGION }} \
--registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \
--query 'reverse(sort_by(imageDetails,& imagePushedAt))' \
--output json | \
jq -r '
[.[] |
select(.imageTags != null) |
.imageTags[] |
select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$"))
] | first
')
if [[ -z "${LATEST_TAG}" ]] || [[ "${LATEST_TAG}" == "null" ]]; then
echo "::error::Could not find a valid semantic version tag in ECR"
exit 1
fi
echo "Latest catalog service tag from ECR: ${LATEST_TAG}"
echo "tag=${LATEST_TAG}" >> "${GITHUB_OUTPUT}"
- name: Pull Catalog Service ECR Image
uses: smartcontractkit/.github/actions/pull-private-ecr-image@2f8f0baf38e46140c6a119eb551a56eaaabcc09e # pull-private-ecr-image@1.0.0
with:
aws-account-number: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}
aws-region: ${{ secrets.AWS_REGION }}
aws-role-arn: ${{ secrets.ECR_READ_ROLE_ARN }}
ecr-repository: "op-catalog-service"
image-tag: ${{ steps.get-catalog-tag.outputs.tag }}
- name: Run Catalog Remote Integration Tests
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
# Must cd into datastore/catalog/remote because TestMain only runs from package directory
go-test-cmd: cd datastore/catalog/remote && go test -v -race -timeout 10m -gcflags=all=-d=checkptr=0 -coverprofile=../../../coverage.txt
use-go-cache: true
artifact-name: catalog-remote-tests
env:
CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:${{ steps.get-catalog-tag.outputs.tag }}
sonarqube:
name: Sonar Scan
if: |
always() &&
github.event_name == 'pull_request' &&
!contains(needs.*.result, 'failure') &&
!contains(needs.*.result, 'cancelled')
runs-on: ubuntu-24.04
needs: [ci-test, ci-test-operations-gen, ci-test-provider-aptos, ci-test-provider-canton, ci-test-provider-ton, ci-test-provider-tron, ci-test-provider-stellar, ci-test-provider-fast, ci-test-catalog-remote, ci-lint-misc, ci-lint, ci-lint-operations-gen]
permissions:
contents: read
actions: read
steps:
- name: Scan with Sonarqube
uses: smartcontractkit/.github/actions/ci-sonarqube-go@01d931b0455a754d12e7143cc54a5a3521a8f6f6 # ci-sonarqube-go@0.3.1
with:
sonar-token: ${{ secrets.SONAR_TOKEN }}
sonar-host-url: ${{ secrets.SONAR_HOST_URL }}