diff --git a/.github/workflows/River_node_docker.yml b/.github/workflows/River_node_docker.yml index ff15ff15b..af1aa1ebc 100644 --- a/.github/workflows/River_node_docker.yml +++ b/.github/workflows/River_node_docker.yml @@ -8,13 +8,13 @@ on: - main workflow_dispatch: # A build was manually requested - inputs: - release_version: - description: 'The release version to use for the image (optional)' - required: false # This is no longer required, so that we can promote existing images to `mainnet`, `testnet`, `stable` etc. - additional_tags_csv: - description: 'Comma separated list of tags to apply to the image (optional)' - required: false + inputs: + release_version: + description: 'The release version to use for the image (optional)' + required: false # This is no longer required, so that we can promote existing images to `mainnet`, `testnet`, `stable` etc. + additional_tags_csv: + description: 'Comma separated list of tags to apply to the image (optional)' + required: false env: DOCKER_NAMESPACE: herenotthere @@ -39,96 +39,96 @@ jobs: - name: Setup AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 - name: Login to Amazon ECR id: login-aws-ecr uses: aws-actions/amazon-ecr-login@v2 with: - registry-type: 'public' + registry-type: 'public' - name: Build and push image to Amazon ECR id: build-image env: - ECR_REGISTRY: ${{ steps.login-aws-ecr.outputs.registry }} - #This can be custom alias once requested to aws and approved for public repo - REGISTRY_ALIAS: h5v6m2x1 - ECR_REPOSITORY: river - RELEASE_VERSION: ${{ inputs.release_version }} - ADDITIONAL_TAGS: ${{ inputs.additional_tags_csv }} + ECR_REGISTRY: ${{ steps.login-aws-ecr.outputs.registry }} + #This can be custom alias once requested to aws and approved for public repo + REGISTRY_ALIAS: h5v6m2x1 + ECR_REPOSITORY: river + RELEASE_VERSION: ${{ inputs.release_version }} + ADDITIONAL_TAGS: ${{ inputs.additional_tags_csv }} working-directory: ./core run: | - COMMIT_HASH=$(git describe --tags --always --dirty) - BRANCH=$(git rev-parse --abbrev-ref HEAD) - TAGS=($COMMIT_HASH) - - # if release version is not provided, we set it to "river" - if [ -z "$RELEASE_VERSION" ]; then - RELEASE_VERSION="river" - else - # If this is a release, we also tag the image with the release version. - TAGS+=($RELEASE_VERSION) - fi - - # If this is a push to main, we also tag the image as dev, - # But RELEASE_VERSION remains untouched, as `dev` is not a version, but just a tag. - if [ "$BRANCH" == "main" ] && [ "${{ github.event_name }}" == "push" ]; then - TAGS+=(dev) - fi - - # Add additional tags if provided - if [ -n "$ADDITIONAL_TAGS" ]; then - IFS=',' read -ra ADDITIONAL_TAGS_ARRAY <<< "$ADDITIONAL_TAGS" - for tag in "${ADDITIONAL_TAGS_ARRAY[@]}"; do - TAGS+=($tag) - done - fi - - echo "Building image with the following tags: ${TAGS[@]}" - echo "Commit hash: $COMMIT_HASH" - echo "Branch: $BRANCH" - echo "Release version: $RELEASE_VERSION" - - docker build \ - --build-arg GIT_SHA=${{ github.sha }} \ - --build-arg VER_VERSION=$RELEASE_VERSION \ - --build-arg VER_BRANCH=$BRANCH \ - --build-arg VER_COMMIT=$COMMIT_HASH \ - -t river:local-latest \ - . - - echo "::set-output name=tag_valid::false" - for tag in "${TAGS[@]}"; do - if [ "$tag" == "mainnet" ] || [ "$tag" == "testnet" ]; then - echo "::set-output name=tag_valid::true" - echo "::set-output name=tag_value::$tag" + COMMIT_HASH=$(git describe --tags --always --dirty) + BRANCH=$(git rev-parse --abbrev-ref HEAD) + TAGS=($COMMIT_HASH) + + # if release version is not provided, we set it to "river" + if [ -z "$RELEASE_VERSION" ]; then + RELEASE_VERSION="river" + else + # If this is a release, we also tag the image with the release version. + TAGS+=($RELEASE_VERSION) + fi + + # If this is a push to main, we also tag the image as dev, + # But RELEASE_VERSION remains untouched, as `dev` is not a version, but just a tag. + if [ "$BRANCH" == "main" ] && [ "${{ github.event_name }}" == "push" ]; then + TAGS+=(dev) fi - docker tag river:local-latest $ECR_REGISTRY/$REGISTRY_ALIAS/$ECR_REPOSITORY:$tag - docker push $ECR_REGISTRY/$REGISTRY_ALIAS/$ECR_REPOSITORY:$tag - done + + # Add additional tags if provided + if [ -n "$ADDITIONAL_TAGS" ]; then + IFS=',' read -ra ADDITIONAL_TAGS_ARRAY <<< "$ADDITIONAL_TAGS" + for tag in "${ADDITIONAL_TAGS_ARRAY[@]}"; do + TAGS+=($tag) + done + fi + + echo "Building image with the following tags: ${TAGS[@]}" + echo "Commit hash: $COMMIT_HASH" + echo "Branch: $BRANCH" + echo "Release version: $RELEASE_VERSION" + + docker build \ + --build-arg GIT_SHA=${{ github.sha }} \ + --build-arg VER_VERSION=$RELEASE_VERSION \ + --build-arg VER_BRANCH=$BRANCH \ + --build-arg VER_COMMIT=$COMMIT_HASH \ + -t river:local-latest \ + . + + echo "::set-output name=tag_valid::false" + for tag in "${TAGS[@]}"; do + if [ "$tag" == "mainnet" ] || [ "$tag" == "testnet" ]; then + echo "::set-output name=tag_valid::true" + echo "::set-output name=tag_value::$tag" + fi + docker tag river:local-latest $ECR_REGISTRY/$REGISTRY_ALIAS/$ECR_REPOSITORY:$tag + docker push $ECR_REGISTRY/$REGISTRY_ALIAS/$ECR_REPOSITORY:$tag + done - name: Create new release tag if: ${{ success() && steps.build-image.outputs.tag_valid == 'true' }} id: create-tag run: | - new_tag=$(./scripts/create-new-release-tag.sh ${{ steps.build-image.outputs.tag_value }}) - echo "::set-output name=new_tag::$new_tag" + new_tag=$(./scripts/create-new-release-tag.sh ${{ steps.build-image.outputs.tag_value }}) + echo "::set-output name=new_tag::$new_tag" - name: Push tag if: ${{ success() && steps.build-image.outputs.tag_valid == 'true' }} uses: actions/github-script@v4 with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const response = await github.git.createRef({ - owner: context.repo.owner, - repo: context.repo.repo, - ref: 'refs/tags/' + '${{ steps.create-tag.outputs.new_tag }}', - sha: context.sha - }) - console.log(response) + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + const response = await github.git.createRef({ + owner: context.repo.owner, + repo: context.repo.repo, + ref: 'refs/tags/' + '${{ steps.create-tag.outputs.new_tag }}', + sha: context.sha + }) + console.log(response) # If action failed, we send a slack notification - name: Slack notification @@ -143,4 +143,4 @@ jobs: "url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "commit": "${{ github.sha }}", "actor": "${{ github.actor }}" - } \ No newline at end of file + } diff --git a/.github/workflows/Stress_test_node_docker.yml b/.github/workflows/Stress_test_node_docker.yml index 48d519ea9..498525011 100644 --- a/.github/workflows/Stress_test_node_docker.yml +++ b/.github/workflows/Stress_test_node_docker.yml @@ -30,25 +30,25 @@ jobs: - name: Setup AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 - name: Login to Amazon ECR id: login-aws-ecr uses: aws-actions/amazon-ecr-login@v2 with: - registry-type: 'public' + registry-type: 'public' - name: Build and push docker image to Amazon ECR env: - ECR_REGISTRY: ${{ steps.login-aws-ecr.outputs.registry }} - #This can be custom alias once requested to aws and approved for public repo - REGISTRY_ALIAS: h5v6m2x1 - ECR_REPOSITORY: river-stress-test-node + ECR_REGISTRY: ${{ steps.login-aws-ecr.outputs.registry }} + #This can be custom alias once requested to aws and approved for public repo + REGISTRY_ALIAS: h5v6m2x1 + ECR_REPOSITORY: river-stress-test-node run: | - docker build -t $ECR_REGISTRY/$REGISTRY_ALIAS/$ECR_REPOSITORY:latest . -f ./packages/stress-testing/Dockerfile - docker push $ECR_REGISTRY/$REGISTRY_ALIAS/$ECR_REPOSITORY:latest + docker build -t $ECR_REGISTRY/$REGISTRY_ALIAS/$ECR_REPOSITORY:latest . -f ./packages/stress-testing/Dockerfile + docker push $ECR_REGISTRY/$REGISTRY_ALIAS/$ECR_REPOSITORY:latest # If action failed, we send a slack notification - name: Slack notification diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c4ffbc2e0..7df1c08a9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -85,7 +85,7 @@ jobs: - name: Print versions run: ./scripts/print-versions.sh - + # Start an ssh session with tmate if the PR has the 'ssh' label - name: Setup tmate session uses: mxschmitt/action-tmate@v3 @@ -135,9 +135,9 @@ jobs: - name: Staticcheck River Node uses: dominikh/staticcheck-action@v1 with: - version: latest - working-directory: core/node - install-go: false + version: latest + working-directory: core/node + install-go: false # - name: Terraform Lint # run: make lint @@ -225,7 +225,7 @@ jobs: - name: Print versions run: ./scripts/print-versions.sh - + # Start an ssh session with tmate if the PR has the 'ssh' label - name: Setup tmate session uses: mxschmitt/action-tmate@v3 @@ -258,17 +258,17 @@ jobs: - name: Check SSL directories and environment variables run: | - echo "Listing /etc/ssl/certs..." - ls -l /etc/ssl/certs || echo "/etc/ssl/certs not found" + echo "Listing /etc/ssl/certs..." + ls -l /etc/ssl/certs || echo "/etc/ssl/certs not found" - echo "Listing /system/etc/security/cacerts..." - ls -l /system/etc/security/cacerts || echo "/system/etc/security/cacerts not found" + echo "Listing /system/etc/security/cacerts..." + ls -l /system/etc/security/cacerts || echo "/system/etc/security/cacerts not found" - echo "Checking SSL_CERT_FILE environment variable..." - echo "SSL_CERT_FILE=$SSL_CERT_FILE" + echo "Checking SSL_CERT_FILE environment variable..." + echo "SSL_CERT_FILE=$SSL_CERT_FILE" - echo "Checking SSL_CERT_DIR environment variable..." - echo "SSL_CERT_DIR=$SSL_CERT_DIR" + echo "Checking SSL_CERT_DIR environment variable..." + echo "SSL_CERT_DIR=$SSL_CERT_DIR" - name: Run node (without entitlements) run: ./core/node/run_single.sh --de & @@ -370,7 +370,7 @@ jobs: - name: Print versions run: ./scripts/print-versions.sh - + # Start an ssh session with tmate if the PR has the 'ssh' label - name: Setup tmate session uses: mxschmitt/action-tmate@v3 @@ -403,7 +403,7 @@ jobs: - name: Set up Custom CA Certificate for Node.js run: | - echo "NODE_EXTRA_CA_CERTS=$HOME/river-ca-cert.pem" >> $GITHUB_ENV + echo "NODE_EXTRA_CA_CERTS=$HOME/river-ca-cert.pem" >> $GITHUB_ENV - name: Run multiple nodes run: | @@ -664,14 +664,13 @@ jobs: POSTGRES_PASSWORD: postgres PGPASSWORD: postgres - - name: Setup River CA for testing certificates run: ./scripts/register-ca.sh working-directory: core - name: Set up Custom CA Certificate for Node.js run: | - echo "NODE_EXTRA_CA_CERTS=$HOME/river-ca-cert.pem" >> $GITHUB_ENV + echo "NODE_EXTRA_CA_CERTS=$HOME/river-ca-cert.pem" >> $GITHUB_ENV - name: Run multiple nodes run: | @@ -682,7 +681,7 @@ jobs: - name: Start xchain node with entitlements run: (RUN_ENV=multi ./core/xchain/launch_multi.sh &) && sleep 10 - + - name: Build & Test (with entitlements) run: yarn csb:turbo-no-sdk @@ -887,48 +886,48 @@ jobs: if: github.event_name != 'workflow_dispatch' || !inputs.skip_client_noentitlements runs-on: ubuntu-latest-8-cores timeout-minutes: 30 - + steps: - name: Cancel previous runs if: github.event_name != 'schedule' uses: styfle/cancel-workflow-action@0.12.1 with: access_token: ${{ github.token }} - + - name: Checkout code uses: actions/checkout@v4 - + - name: Git submodules run: git submodule update --init --recursive - + - name: Setup Go uses: actions/setup-go@v5 with: go-version-file: 'go.work' cache-dependency-path: '**/*.sum' - + - name: Install Foundry uses: foundry-rs/foundry-toolchain@v1 with: version: ${{ env.FOUNDRY_VERSION }} - + - uses: actions/setup-node@v4 with: node-version: '20' cache: 'yarn' - + - name: Install node dependencies run: yarn install --immutable - + - name: Print versions run: ./scripts/print-versions.sh - + - name: Start Local Basechain run: ./scripts/start-local-basechain.sh & - + - name: Print Yarn package versions run: yarn info --name-only --all - + - name: Maintain Turbo cache uses: actions/cache@v4 with: @@ -943,7 +942,16 @@ jobs: Slack_Notification: # NOTE: We should make sure that new jobs get added here - needs: [Common_CI, Client_NoEntitlements, Multinode, Client_Entitlements, Multinode_Ent, Node, XChain_Node] + needs: + [ + Common_CI, + Client_NoEntitlements, + Multinode, + Client_Entitlements, + Multinode_Ent, + Node, + XChain_Node, + ] if: failure() runs-on: ubuntu-latest steps: @@ -951,10 +959,10 @@ jobs: if: (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') uses: rtCamp/action-slack-notify@v2 env: - SLACK_WEBHOOK: ${{ secrets.SLACK_CI_CHANNEL_WEBHOOK_URL }} - SLACK_TITLE: 'Failure' - SLACK_USERNAME: 'CI' - SLACK_ICON_EMOJI: ':boom:' - SLACK_COLOR: '#FF0000' - SLACK_MESSAGE: 'CI Failure on ${{ github.repository }} ${{ vars.GOALIE_SLACK_GROUP_ID}}' - SLACK_LINK_NAMES: true + SLACK_WEBHOOK: ${{ secrets.SLACK_CI_CHANNEL_WEBHOOK_URL }} + SLACK_TITLE: 'Failure' + SLACK_USERNAME: 'CI' + SLACK_ICON_EMOJI: ':boom:' + SLACK_COLOR: '#FF0000' + SLACK_MESSAGE: 'CI Failure on ${{ github.repository }} ${{ vars.GOALIE_SLACK_GROUP_ID}}' + SLACK_LINK_NAMES: true diff --git a/.prettierignore b/.prettierignore index bd1f43bf1..33a2e992f 100644 --- a/.prettierignore +++ b/.prettierignore @@ -1,4 +1,3 @@ -.github dev-dist dist node_modules