[PAN-1887] fix: check and generate the signare key correctly #25
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
jobs: | |
shared: | |
uses: pantos-io/ci-workflows/.github/workflows/python-ci.yml@v1 | |
secrets: inherit | |
docker-build: | |
name: Build Docker images | |
runs-on: ubuntu-latest | |
steps: | |
- uses: step-security/harden-runner@v2 | |
with: | |
disable-sudo: false | |
egress-policy: audit | |
- uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
id: buildx | |
- name: Cache Docker layers | |
uses: actions/cache@v3 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-v1.0-service-node-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx-v1.0-service-node- | |
- name: Build and load | |
run: | | |
docker buildx bake \ | |
--set "*.cache-from=type=local,src=/tmp/.buildx-cache" \ | |
--set "*.cache-to=type=local,dest=/tmp/.buildx-cache-new" \ | |
--set "*.platform=linux/amd64" \ | |
--builder ${{ steps.buildx.outputs.name }} \ | |
-f docker-compose.yml \ | |
--load | |
- name: Create local keystore | |
run: | | |
echo "1234" >> password.keystore | |
mkdir keystore_folder | |
docker run --rm -v=.:/local ethereum/client-go account new --keystore /local/keystore_folder --password /local/password.keystore | |
sudo chmod -R 777 keystore_folder | |
mv keystore_folder/UTC* ./keystore | |
- name: Create local signer_key | |
run: | | |
echo "1234" >> password.key | |
python3 -m venv .venv | |
source .venv/bin/activate | |
pip3 install pycryptodome==3.18.0 | |
chmod +x scripts/generate-signer-key.py | |
cat password.key | ./scripts/generate-signer-key.py | |
mv signer-key*.pem signer_key.pem | |
# - name: Test image | |
# run: | | |
# docker compose up -d | |
- name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
build: | |
needs: [shared] | |
uses: ./.github/workflows/build.yml |