Skip to content

v0.9.8

v0.9.8 #102

Workflow file for this run

name: Release to Prod
on:
release:
types: [released, prereleased]
jobs:
go:
name: Go
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup
id: setup
uses: ./.github/actions/setup
- name: Validate and test Go code
id: go
uses: ./.github/actions/go
with:
COVERAGE_THRESHOLD: ${{ vars.COVERAGE_THRESHOLD }}
e2e:
name: E2E Test
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup
id: setup
uses: ./.github/actions/setup
with:
cache: "false"
- name: E2E Test
id: e2e
uses: ./.github/actions/e2e
containers:
name: Build and push containers
needs: [go, e2e]
runs-on: ubuntu-20.04
environment: prod
outputs:
node-image-ref: ${{ steps.write-output.outputs.node-image-ref }}
node-release-cid: ${{ steps.write-output.outputs.node-release-cid }}
strategy:
matrix:
image-name: ["node"]
steps:
- name: Clear artifacts
uses: kolpav/purge-artifacts-action@v1
continue-on-error: true
with:
token: ${{ secrets.GITHUB_TOKEN }}
expire-in: 7days
- name: Checkout
uses: actions/checkout@v2
- name: Build and push container
id: build-and-push
uses: ./.github/actions/build-push
with:
registry: disco.forta.network
name: ${{ matrix.image-name }}
version: ${{ github.ref_name }}
aws_access_key: ${{ secrets.PROD_RELEASE_AWS_ACCESS_KEY }}
aws_secret_key: ${{ secrets.PROD_RELEASE_AWS_SECRET_KEY }}
release_artifacts_bucket_name: prod-forta-releases
- name: Write image reference as output
id: write-output
run: |
echo "::set-output name=${{ matrix.image-name }}-release-cid::${{ steps.build-and-push.outputs.release-cid }}"
echo "::set-output name=${{ matrix.image-name }}-image-ref::${{ steps.build-and-push.outputs.image-reference }}"
propose:
name: Propose Upgrade
needs: containers
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Propose Upgrade
id: propose
uses: ./.github/actions/propose
with:
api-key: ${{ secrets.DEFENDER_PROPOSAL_API_KEY }}
api-secret: ${{ secrets.DEFENDER_PROPOSAL_API_SECRET }}
scanner-version-contract: "0x4720c872425876B6f4b4E9130CDef667aDE553b2"
network: "matic"
multisig: "0xd1d4FaFd400fCD643132bb7eAF7682eE97E09C3e"
version: ${{ github.ref_name }}
release-cid: ${{ needs.containers.outputs.node-release-cid }}
is-release: ${{ github.event.action == 'released' }}
- name: Release Proposal Url
run: echo "Proposal ${{ steps.propose.outputs.release-proposal-url }}"
- name: Prerelease Proposal Url
run: echo "Proposal ${{ steps.propose.outputs.prerelease-proposal-url }}"
build:
if: ${{ github.event.action == 'released' }}
name: Build
needs: [containers]
runs-on: ubuntu-20.04
environment: prod
steps:
- name: Echo Image References
run: |
echo "node=${{ needs.containers.outputs.node-image-ref }}"
- name: Clear artifacts
uses: kolpav/purge-artifacts-action@v1
continue-on-error: true
with:
token: ${{ secrets.GITHUB_TOKEN }}
expire-in: 7days
- name: Checkout
uses: actions/checkout@v2
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.19
- name: Create build for revision
run: |
./scripts/build.sh ${{ needs.containers.outputs.node-image-ref }} \
'remote' ${{ needs.containers.outputs.node-release-cid }} ${{ github.sha }} ${{ github.ref_name }}
chmod 755 forta
- name: Configure AWS credentials (build artifact -> S3)
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.PROD_RELEASE_AWS_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.PROD_RELEASE_AWS_SECRET_KEY }}
aws-region: us-east-1
- name: Copy build to build artifacts bucket
env:
BUCKET_NAME: ${{ secrets.PROD_BUILD_ARTIFACTS_BUCKET_NAME }}
REVISION: ${{ github.sha }}
run: |
aws s3 cp forta "s3://$BUCKET_NAME/forta-$REVISION"
release:
if: ${{ github.event.action == 'released' }}
name: Release to prod
needs: [build]
runs-on: ubuntu-20.04
environment: prod
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Release
id: release
uses: ./.github/actions/release
with:
version: ${{ github.ref_name }}
revision: ${{ github.sha }}
aws_access_key: ${{ secrets.PROD_RELEASE_AWS_ACCESS_KEY }}
aws_secret_key: ${{ secrets.PROD_RELEASE_AWS_SECRET_KEY }}
build_artifacts_bucket_name: prod-forta-build-artifacts
release_artifacts_bucket_name: prod-forta-releases
release_artifacts_url: https://dist.forta.network/artifacts
dist_base_url: https://dist.forta.network
pgp_key_name: ${{ secrets.PROD_PGP_KEY_NAME }}
pgp_private_key: ${{ secrets.PROD_PGP_PRIVATE_KEY }}
pgp_public_key: ${{ secrets.PROD_PGP_PUBLIC_KEY }}
pgp_passphrase: ${{ secrets.PROD_PGP_PASSPHRASE }}