Bump actions/setup-python from 1 to 5 (#4464) #1190
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: I2::Dev::Publish | |
on: | |
push: | |
branches: [main] | |
env: | |
CARGO_TERM_COLOR: always | |
DOCKER_COMPOSE_PATH: configs/swarm | |
jobs: | |
registry: | |
runs-on: [self-hosted, Linux, iroha2] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
id: buildx | |
if: always() | |
uses: docker/setup-buildx-action@v3 | |
with: | |
install: true | |
- name: Build and export to Docker iroha2:dev image | |
uses: docker/build-push-action@v5 | |
if: always() | |
with: | |
context: . | |
load: true | |
file: Dockerfile | |
tags: | | |
hyperledger/iroha2:dev | |
docker.soramitsu.co.jp/iroha2/iroha2:dev | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Test docker-compose.single.yml before pushing | |
run: | | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.single.yml up --wait || exit 1 | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.single.yml down | |
- name: Test docker-compose.local.yml before pushing | |
run: | | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.local.yml up --wait || exit 1 | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.local.yml down | |
- name: Test docker-compose.yml before pushing | |
run: | | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.yml up --wait || exit 1 | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.yml down | |
- name: Login to DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Login to Soramitsu Harbor | |
uses: docker/login-action@v3 | |
with: | |
registry: docker.soramitsu.co.jp | |
username: ${{ secrets.HARBOR_USERNAME }} | |
password: ${{ secrets.HARBOR_TOKEN }} | |
- name: Push iroha2:dev image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
push: true | |
tags: | | |
hyperledger/iroha2:dev | |
docker.soramitsu.co.jp/iroha2/iroha2:dev | |
labels: commit=${{ github.sha }} | |
archive_binaries_and_schema: | |
runs-on: ubuntu-latest | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-01-12 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: Swatinem/rust-cache@v2 | |
- name: Build | |
run: mold --run cargo build --release --verbose | |
- name: Archive iroha | |
uses: actions/upload-artifact@v3 | |
with: | |
name: cargo-build-release | |
path: target/release/iroha | |
- name: Archive iroha_client_cli | |
uses: actions/upload-artifact@v3 | |
with: | |
name: cargo-client-cli-build-release | |
path: target/release/iroha_client_cli | |
- name: Archive kagami | |
uses: actions/upload-artifact@v3 | |
with: | |
name: cargo-crypto-cli-build-release | |
path: target/release/kagami | |
- name: Generate schema | |
run: | | |
mkdir -p target/schema | |
cargo run --bin kagami -- schema >target/schema/schema.json | |
- name: Archive schema | |
uses: actions/upload-artifact@v3 | |
with: | |
name: schema | |
path: target/schema | |
telemetry: | |
# FIXME #2646 | |
if: false | |
runs-on: ubuntu-latest | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-01-12 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: Swatinem/rust-cache@v2 | |
- name: Run debug tests and save telemetry | |
env: | |
TELEMETRY_FILE: ../target/telemetry/debug.json.lz4 | |
run: | | |
mkdir -p target/telemetry | |
mold --run cargo test -p iroha_client --all-features -- unstable_network || true | |
- name: Run release tests and save telemetry | |
env: | |
TELEMETRY_FILE: ../target/telemetry/release.json.lz4 | |
run: mold --run cargo test -p iroha_client --all-features --release -- unstable_network || true | |
- name: Install script dependencies | |
run: | | |
apt-get update | |
apt-get install -y --no-install-recommends lz4 jq | |
- name: Print debug telemetry info | |
run: | | |
./scripts/analyze_telemetry.sh target/telemetry/debug.json.lz4 >target/telemetry/debug.md | |
- name: Print release telemetry info | |
run: ./scripts/analyze_telemetry.sh target/telemetry/release.json.lz4 >target/telemetry/release.md | |
- name: Print debug telemetry info | |
run: | | |
echo '## Debug build' | |
cat target/telemetry/debug.md | |
- name: Print release telemetry info | |
run: | | |
echo '## Release build' | |
cat target/telemetry/release.md | |
- name: Create telemetry comment | |
uses: actions-ecosystem/action-create-comment@v1 | |
with: | |
body: | | |
\# Telemetry info | |
\## Debug build | |
${{ steps.debug-telemetry.outputs.body }} | |
\## Release build | |
${{ steps.release-telemetry.outputs.body }} | |
github_token: ${{ secrets.github_token }} | |
continue-on-error: true | |
- name: Archive telemetry | |
uses: actions/upload-artifact@v3 | |
with: | |
name: telemetry | |
path: target/telemetry | |
sonarqube-defectdojo: | |
runs-on: ubuntu-latest | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-01-12 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Download clippy report artifact | |
uses: dawidd6/[email protected] | |
with: | |
workflow: iroha2-dev-pr-static.yml | |
name: clippy.json | |
search_artifacts: true | |
- name: Download lcov report artifact | |
uses: dawidd6/[email protected] | |
with: | |
workflow: iroha2-dev-pr.yml | |
name: lcov.info | |
search_artifacts: true | |
- name: SonarQube | |
uses: sonarsource/sonarqube-scan-action@master | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
with: | |
args: > | |
-Dcommunity.rust.clippy.reportPaths=clippy.json | |
-Dcommunity.rust.lcov.reportPaths=lcov.info | |
- name: DefectDojo | |
id: defectdojo | |
uses: C4tWithShell/[email protected] | |
with: | |
token: ${{ secrets.DEFECTOJO_TOKEN }} | |
defectdojo_url: ${{ secrets.DEFECTOJO_URL }} | |
product_type: iroha2 | |
engagement: ${{ github.ref_name }} | |
tools: "SonarQube API Import,Github Vulnerability Scan" | |
sonar_projectKey: hyperledger:iroha | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
github_repository: ${{ github.repository }} | |
product: ${{ github.repository }} | |
environment: Test | |
reports: '{"Github Vulnerability Scan": "github.json"}' | |
- name: Show Defectdojo response | |
if: always() | |
run: | | |
set -e | |
printf '%s\n' '${{ steps.defectdojo.outputs.response }}' |