forked from hyperledger-iroha/iroha
-
Notifications
You must be signed in to change notification settings - Fork 0
200 lines (194 loc) · 6.91 KB
/
iroha2-dev.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
name: I2::Dev::Publish
on:
push:
branches: [main]
env:
CARGO_TERM_COLOR: always
DOCKER_COMPOSE_PATH: configs/swarm
jobs:
registry:
runs-on: [self-hosted, Linux, iroha2]
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
id: buildx
if: always()
uses: docker/setup-buildx-action@v3
with:
install: true
- name: Build and export to Docker iroha2:dev image
uses: docker/build-push-action@v5
if: always()
with:
context: .
load: true
file: Dockerfile
tags: |
hyperledger/iroha2:dev
docker.soramitsu.co.jp/iroha2/iroha2:dev
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Test docker-compose.single.yml before pushing
run: |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.single.yml up --wait || exit 1
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.single.yml down
- name: Test docker-compose.local.yml before pushing
run: |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.local.yml up --wait || exit 1
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.local.yml down
- name: Test docker-compose.yml before pushing
run: |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.yml up --wait || exit 1
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.yml down
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to Soramitsu Harbor
uses: docker/login-action@v3
with:
registry: docker.soramitsu.co.jp
username: ${{ secrets.HARBOR_USERNAME }}
password: ${{ secrets.HARBOR_TOKEN }}
- name: Push iroha2:dev image
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: |
hyperledger/iroha2:dev
docker.soramitsu.co.jp/iroha2/iroha2:dev
labels: commit=${{ github.sha }}
archive_binaries_and_schema:
runs-on: ubuntu-latest
container:
image: hyperledger/iroha2-ci:nightly-2024-01-12
steps:
- uses: actions/checkout@v4
- uses: Swatinem/rust-cache@v2
- name: Build
run: mold --run cargo build --release --verbose
- name: Archive iroha
uses: actions/upload-artifact@v3
with:
name: cargo-build-release
path: target/release/iroha
- name: Archive iroha_client_cli
uses: actions/upload-artifact@v3
with:
name: cargo-client-cli-build-release
path: target/release/iroha_client_cli
- name: Archive kagami
uses: actions/upload-artifact@v3
with:
name: cargo-crypto-cli-build-release
path: target/release/kagami
- name: Generate schema
run: |
mkdir -p target/schema
cargo run --bin kagami -- schema >target/schema/schema.json
- name: Archive schema
uses: actions/upload-artifact@v3
with:
name: schema
path: target/schema
telemetry:
# FIXME #2646
if: false
runs-on: ubuntu-latest
container:
image: hyperledger/iroha2-ci:nightly-2024-01-12
steps:
- uses: actions/checkout@v4
- uses: Swatinem/rust-cache@v2
- name: Run debug tests and save telemetry
env:
TELEMETRY_FILE: ../target/telemetry/debug.json.lz4
run: |
mkdir -p target/telemetry
mold --run cargo test -p iroha_client --all-features -- unstable_network || true
- name: Run release tests and save telemetry
env:
TELEMETRY_FILE: ../target/telemetry/release.json.lz4
run: mold --run cargo test -p iroha_client --all-features --release -- unstable_network || true
- name: Install script dependencies
run: |
apt-get update
apt-get install -y --no-install-recommends lz4 jq
- name: Print debug telemetry info
run: |
./scripts/analyze_telemetry.sh target/telemetry/debug.json.lz4 >target/telemetry/debug.md
- name: Print release telemetry info
run: ./scripts/analyze_telemetry.sh target/telemetry/release.json.lz4 >target/telemetry/release.md
- name: Print debug telemetry info
run: |
echo '## Debug build'
cat target/telemetry/debug.md
- name: Print release telemetry info
run: |
echo '## Release build'
cat target/telemetry/release.md
- name: Create telemetry comment
uses: actions-ecosystem/action-create-comment@v1
with:
body: |
\# Telemetry info
\## Debug build
${{ steps.debug-telemetry.outputs.body }}
\## Release build
${{ steps.release-telemetry.outputs.body }}
github_token: ${{ secrets.github_token }}
continue-on-error: true
- name: Archive telemetry
uses: actions/upload-artifact@v3
with:
name: telemetry
path: target/telemetry
sonarqube-defectdojo:
runs-on: ubuntu-latest
container:
image: hyperledger/iroha2-ci:nightly-2024-01-12
steps:
- uses: actions/checkout@v4
- name: Download clippy report artifact
uses: dawidd6/[email protected]
with:
workflow: iroha2-dev-pr-static.yml
name: clippy.json
search_artifacts: true
- name: Download lcov report artifact
uses: dawidd6/[email protected]
with:
workflow: iroha2-dev-pr.yml
name: lcov.info
search_artifacts: true
- name: SonarQube
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
with:
args: >
-Dcommunity.rust.clippy.reportPaths=clippy.json
-Dcommunity.rust.lcov.reportPaths=lcov.info
- name: DefectDojo
id: defectdojo
uses: C4tWithShell/[email protected]
with:
token: ${{ secrets.DEFECTOJO_TOKEN }}
defectdojo_url: ${{ secrets.DEFECTOJO_URL }}
product_type: iroha2
engagement: ${{ github.ref_name }}
tools: "SonarQube API Import,Github Vulnerability Scan"
sonar_projectKey: hyperledger:iroha
github_token: ${{ secrets.GITHUB_TOKEN }}
github_repository: ${{ github.repository }}
product: ${{ github.repository }}
environment: Test
reports: '{"Github Vulnerability Scan": "github.json"}'
- name: Show Defectdojo response
if: always()
run: |
set -e
printf '%s\n' '${{ steps.defectdojo.outputs.response }}'