Bump urllib3 from 1.26.18 to 1.26.19 #1509
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "CICD staging" | |
on: | |
# Test run before merging | |
pull_request: | |
branches: | |
- main | |
# On merged | |
push: | |
branches: | |
- main | |
jobs: | |
build-docker: | |
permissions: | |
id-token: write | |
contents: write | |
runs-on: ubuntu-22.04 | |
if: github.actor != 'dependabot[bot]' && github.ref_name == 'main' | |
name: "Deploy image" | |
strategy: | |
fail-fast: false | |
matrix: | |
application: | |
[ | |
devex-apollo, | |
dev-wallet, | |
faucet-service, | |
governance-api, | |
governance-snapshot, | |
multisig, | |
neo-savant, | |
scilla-server, | |
zillion, | |
zilliqa-bridge-validator, | |
] | |
include: | |
- application: devex-apollo | |
image_name: devex-apollo | |
path: products/devex-apollo | |
tag_length: 8 | |
tag_latest: false | |
- application: dev-wallet | |
image_name: dev-wallet | |
path: products/dev-wallet | |
tag_length: 8 | |
tag_latest: false | |
- application: faucet-service | |
image_name: faucet-service | |
path: products/faucet-service | |
tag_length: 8 | |
tag_latest: false | |
- application: multisig | |
image_name: multisig | |
path: products/multisig | |
tag_length: 8 | |
tag_latest: false | |
- application: neo-savant | |
image_name: neo-savant | |
path: products/neo-savant | |
tag_length: 8 | |
tag_latest: false | |
- application: governance-api | |
image_name: governance-api | |
path: products/governance-api | |
tag_length: 8 | |
tag_latest: false | |
- application: governance-snapshot | |
image_name: governance-snapshot | |
path: products/governance-snapshot | |
tag_length: 8 | |
tag_latest: false | |
- application: pdt | |
image_name: pdt | |
path: products/pdt | |
tag_length: 8 | |
tag_latest: false | |
- application: scilla-server | |
image_name: scilla-server | |
path: products/scilla-server | |
tag_length: 8 | |
tag_latest: false | |
- application: zillion | |
image_name: zillion | |
path: products/zillion | |
tag_length: 8 | |
tag_latest: false | |
- application: zilliqa-bridge-validator | |
image_name: zilliqa-bridge-validator | |
path: products/bridge/bridge-validators | |
tag_length: 8 | |
tag_latest: false | |
env: | |
DOCKER_DOMAIN: asia-docker.pkg.dev | |
REGISTRY: asia-docker.pkg.dev/prj-d-devops-services-4dgwlsse/zilliqa-public | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
with: | |
submodules: "true" | |
ref: ${{ github.event.pull_request.head.ref }} | |
repository: ${{ github.event.pull_request.head.repo.full_name }} | |
fetch-depth: 0 | |
- name: Docker build and push - staging | |
uses: Zilliqa/gh-actions-workflows/actions/ci-dockerized-app-build-push@v2 | |
with: | |
context: ${{ matrix.path }} | |
push: ${{ github.ref_name == github.event.repository.default_branch }} | |
tag: asia-docker.pkg.dev/prj-d-devops-services-4dgwlsse/zilliqa-public/${{ matrix.image_name }} | |
tag-length: ${{ matrix.tag_length }} | |
tag-latest: ${{ matrix.tag_latest }} | |
registry: asia-docker.pkg.dev | |
workload-identity-provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}" | |
service-account: "${{ secrets.GCP_STG_GITHUB_SA_DOCKER_REGISTRY }}" | |
cache-key: ${{ env.REGISTRY }}/${{ matrix.image_name }}-cache | |
build-args: | | |
DEPLOY_ENV=stg | |
build-makefile: | |
permissions: | |
id-token: write | |
contents: write | |
runs-on: ubuntu-22.04 | |
# To test deployments, remove the github.ref_name clause: see devops/docs/z2-testing-apps.md - rrw 2024-04-12 | |
# && github.ref_name == 'main' | |
if: github.actor != 'dependabot[bot]' | |
name: "Build image with Makefile" | |
strategy: | |
fail-fast: false | |
matrix: | |
application: | |
[devex, zilliqa-isolated-server, zilliqa-bridge-web] | |
include: | |
- application: devex | |
image_name: devex | |
path: products/devex | |
tag_length: 8 | |
tag_latest: false | |
- application: zilliqa-isolated-server | |
image_name: zilliqa-isolated-server | |
path: products/zilliqa-isolated-server | |
tag_length: 8 | |
tag_latest: true | |
- application: zilliqa-bridge-web | |
image_name: zilliqa-bridge-web | |
path: products/bridge/bridge-web | |
tag_length: 8 | |
tag_latest: false | |
env: | |
DOCKER_DOMAIN: asia-docker.pkg.dev | |
REGISTRY: asia-docker.pkg.dev/prj-d-devops-services-4dgwlsse/zilliqa-public | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
ref: ${{ github.event.pull_request.head.ref }} | |
repository: ${{ github.event.pull_request.head.repo.full_name }} | |
fetch-depth: 0 | |
- name: "Authenticate to Google Cloud - staging" | |
id: google-auth | |
uses: "google-github-actions/auth@v1" | |
with: | |
token_format: "access_token" | |
workload_identity_provider: "${{ secrets.GCP_PRD_GITHUB_WIF }}" | |
service_account: "${{ secrets.GCP_STG_GITHUB_SA_DOCKER_REGISTRY }}" | |
create_credentials_file: true | |
- name: Login to the registry - staging | |
uses: docker/login-action@v2 | |
with: | |
registry: ${{ env.DOCKER_DOMAIN }} | |
username: "oauth2accesstoken" | |
password: "${{ steps.google-auth.outputs.access_token }}" | |
- name: Get tag version - staging | |
id: set-tag | |
uses: Zilliqa/gh-actions-workflows/actions/generate-tag@v1 | |
with: | |
tag: ${{ env.REGISTRY }}/${{ matrix.image_name }} | |
length: ${{ matrix.tag_length }} | |
- name: "Build and push ${{ matrix.application }} - staging" | |
env: | |
ENVIRONMENT: stg | |
IMAGE_TAG: ${{ steps.set-tag.outputs.tags }} | |
ENV_FILES_DECRYPTER_NONPRD: ${{ secrets.ENV_FILES_DECRYPTER_NONPRD }} | |
ENV_FILES_DECRYPTER_PRD: ${{ secrets.ENV_FILES_DECRYPTER_PRD }} | |
run: | | |
cd ${{ matrix.path }} | |
make image/build-and-push | |
- name: "Build and push ${{ matrix.application }} tag latest - staging" | |
if: ${{ matrix.tag_latest == true }} | |
env: | |
ENVIRONMENT: stg | |
IMAGE_TAG: "${{ env.REGISTRY }}/${{ matrix.image_name }}:latest" | |
ENV_FILES_DECRYPTER_NONPRD: ${{ secrets.ENV_FILES_DECRYPTER_NONPRD }} | |
ENV_FILES_DECRYPTER_PRD: ${{ secrets.ENV_FILES_DECRYPTER_PRD }} | |
run: | | |
cd ${{ matrix.path }} | |
make image/build-and-push |