diff --git a/.github/workflows/build-publish-develop-pr.yml b/.github/workflows/build-publish-develop-pr.yml index caf46c1a3ed..8cffcb08901 100644 --- a/.github/workflows/build-publish-develop-pr.yml +++ b/.github/workflows/build-publish-develop-pr.yml @@ -152,3 +152,112 @@ jobs: fi fi fi + + crib-integration-test: + runs-on: ubuntu-latest + environment: integration + needs: [merge, image-tag] + permissions: + id-token: write + contents: read + actions: read + steps: + - name: Checkout repository + uses: actions/checkout@v4.2.1 + + - uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 + with: + nix_path: nixpkgs=channel:nixos-unstable + + - name: setup-gap crib + uses: smartcontractkit/.github/actions/setup-gap@00b58566e0ee2761e56d9db0ea72b783fdb89b8d # setup-gap@0.4.0 + with: + aws-role-duration-seconds: 3600 # 1 hour + aws-role-arn: ${{ secrets.AWS_OIDC_CRIB_ROLE_ARN_STAGE }} + api-gateway-host: ${{ secrets.AWS_API_GW_HOST_CRIB_STAGE }} + aws-region: ${{ secrets.AWS_REGION }} + ecr-private-registry: ${{ secrets.AWS_ACCOUNT_ID_PROD }} + k8s-cluster-name: ${{ secrets.AWS_K8S_CLUSTER_NAME_STAGE }} + gap-name: crib + use-private-ecr-registry: true + use-tls: true + proxy-port: 8080 + metrics-job-name: "test" + gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} + gc-host: ${{ secrets.GRAFANA_INTERNAL_HOST }} + gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} + + - name: setup-gap k8s + uses: smartcontractkit/.github/actions/setup-gap@00b58566e0ee2761e56d9db0ea72b783fdb89b8d # setup-gap@0.4.0 + with: + aws-role-duration-seconds: 3600 # 1 hour + aws-role-arn: ${{ secrets.AWS_OIDC_CRIB_ROLE_ARN_STAGE }} + api-gateway-host: ${{ secrets.AWS_API_GW_HOST_K8S_STAGE }} + aws-region: ${{ secrets.AWS_REGION }} + ecr-private-registry: ${{ secrets.AWS_ACCOUNT_ID_PROD }} + k8s-cluster-name: ${{ secrets.AWS_K8S_CLUSTER_NAME_STAGE }} + gap-name: k8s + use-private-ecr-registry: true + use-k8s: true + proxy-port: 8443 + metrics-job-name: "test" + gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} + gc-host: ${{ secrets.GRAFANA_INTERNAL_HOST }} + gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} + + - name: Setup GitHub token using GATI + id: token + uses: smartcontractkit/.github/actions/setup-github-token@c0b38e6c40d72d01b8d2f24f92623a2538b3dedb # main + with: + aws-role-arn: ${{ secrets.AWS_OIDC_GLOBAL_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} + aws-lambda-url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} + aws-region: ${{ secrets.AWS_REGION }} + aws-role-duration-seconds: "1800" + - name: Debug workspace dir + shell: bash + run: | + echo ${{ github.workspace }} + echo $GITHUB_WORKSPACE + + - name: Deploy and validate CRIB Environment for Core + uses: smartcontractkit/.github/actions/crib-deploy-environment@a4058228b4b9b6e30bb0e2b883e3b4f0cd447970 # crib-deploy-environment@2.1.0 + id: deploy-crib + with: + github-token: ${{ steps.token.outputs.access-token }} + api-gateway-host: ${{ secrets.AWS_API_GW_HOST_K8S_STAGE }} + aws-region: ${{ secrets.AWS_REGION }} + aws-role-arn: ${{ secrets.AWS_OIDC_CRIB_ROLE_ARN_STAGE }} + ecr-private-registry: ${{ secrets.AWS_ACCOUNT_ID_PROD }} + ingress-base-domain: ${{ secrets.INGRESS_BASE_DOMAIN_STAGE }} + k8s-cluster-name: ${{ secrets.AWS_K8S_CLUSTER_NAME_STAGE }} + command: "core-dev-simulated-core-ocr1" + crib-alert-slack-webhook: ${{ secrets.CRIB_ALERT_SLACK_WEBHOOK }} + send-alerts: ${{ github.event_name == 'pull_request' && 'false' || 'true' }} + product-image: ${{ secrets.AWS_SDLC_ECR_HOSTNAME }}/chainlink + product-image-tag: ${{ needs.image-tag.outputs.image-tag }} + - uses: actions/checkout@v4.2.1 + - name: Set up Go + uses: ./.github/actions/setup-go + with: + go-version-file: 'go.mod' + - name: Run CRIB integration test + working-directory: integration-tests/crib + env: + K8S_STAGING_INGRESS_SUFFIX: ${{ secrets.K8S_STAGING_INGRESS_SUFFIX }} + CRIB_NAMESPACE: ${{ steps.deploy-crib.outputs.devspace-namespace }} + CRIB_NETWORK: geth + CRIB_NODES: 5 + GAP_URL: ${{ secrets.GAP_URL }} + SETH_LOG_LEVEL: info + # RESTY_DEBUG: true + TEST_PERSISTENCE: true + E2E_TEST_CHAINLINK_IMAGE: public.ecr.aws/chainlink/chainlink + E2E_TEST_CHAINLINK_VERSION: latest + run: |- + go test -v -run TestCRIBChaos + - name: Destroy CRIB Environment + id: destroy + if: always() && steps.deploy-crib.outputs.devspace-namespace != '' + uses: smartcontractkit/.github/actions/crib-purge-environment@c0b38e6c40d72d01b8d2f24f92623a2538b3dedb # crib-purge-environment@0.1.0 + with: + namespace: ${{ steps.deploy-crib.outputs.devspace-namespace }} \ No newline at end of file diff --git a/.github/workflows/crib-integration-test.yml b/.github/workflows/crib-integration-test.yml deleted file mode 100644 index 7caa1432297..00000000000 --- a/.github/workflows/crib-integration-test.yml +++ /dev/null @@ -1,118 +0,0 @@ -name: CRIB Integration Tests -on: - pull_request: - paths: - - ".github/workflows/crib-integration-test.yml" - schedule: - - cron: "0 1 * * *" - workflow_call: -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true -jobs: - test: - runs-on: ubuntu-latest - environment: integration - permissions: - id-token: write - contents: read - actions: read - steps: - - name: Checkout repository - uses: actions/checkout@v4.2.1 - - - uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27 - with: - nix_path: nixpkgs=channel:nixos-unstable - - - name: setup-gap crib - uses: smartcontractkit/.github/actions/setup-gap@00b58566e0ee2761e56d9db0ea72b783fdb89b8d # setup-gap@0.4.0 - with: - aws-role-duration-seconds: 3600 # 1 hour - aws-role-arn: ${{ secrets.AWS_OIDC_CRIB_ROLE_ARN_STAGE }} - api-gateway-host: ${{ secrets.AWS_API_GW_HOST_CRIB_STAGE }} - aws-region: ${{ secrets.AWS_REGION }} - ecr-private-registry: ${{ secrets.AWS_ACCOUNT_ID_PROD }} - k8s-cluster-name: ${{ secrets.AWS_K8S_CLUSTER_NAME_STAGE }} - gap-name: crib - use-private-ecr-registry: true - use-tls: true - proxy-port: 8080 - metrics-job-name: "test" - gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} - gc-host: ${{ secrets.GRAFANA_INTERNAL_HOST }} - gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} - - - name: setup-gap k8s - uses: smartcontractkit/.github/actions/setup-gap@00b58566e0ee2761e56d9db0ea72b783fdb89b8d # setup-gap@0.4.0 - with: - aws-role-duration-seconds: 3600 # 1 hour - aws-role-arn: ${{ secrets.AWS_OIDC_CRIB_ROLE_ARN_STAGE }} - api-gateway-host: ${{ secrets.AWS_API_GW_HOST_K8S_STAGE }} - aws-region: ${{ secrets.AWS_REGION }} - ecr-private-registry: ${{ secrets.AWS_ACCOUNT_ID_PROD }} - k8s-cluster-name: ${{ secrets.AWS_K8S_CLUSTER_NAME_STAGE }} - gap-name: k8s - use-private-ecr-registry: true - use-k8s: true - proxy-port: 8443 - metrics-job-name: "test" - gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} - gc-host: ${{ secrets.GRAFANA_INTERNAL_HOST }} - gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} - - - name: Setup GitHub token using GATI - id: token - uses: smartcontractkit/.github/actions/setup-github-token@c0b38e6c40d72d01b8d2f24f92623a2538b3dedb # main - with: - aws-role-arn: ${{ secrets.AWS_OIDC_GLOBAL_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} - aws-lambda-url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} - aws-region: ${{ secrets.AWS_REGION }} - aws-role-duration-seconds: "1800" - - name: Debug workspace dir - shell: bash - run: | - echo ${{ github.workspace }} - echo $GITHUB_WORKSPACE - - - name: Deploy and validate CRIB Environment for Core - uses: smartcontractkit/.github/actions/crib-deploy-environment@a4058228b4b9b6e30bb0e2b883e3b4f0cd447970 # crib-deploy-environment@2.1.0 - id: deploy-crib - with: - github-token: ${{ steps.token.outputs.access-token }} - api-gateway-host: ${{ secrets.AWS_API_GW_HOST_K8S_STAGE }} - aws-region: ${{ secrets.AWS_REGION }} - aws-role-arn: ${{ secrets.AWS_OIDC_CRIB_ROLE_ARN_STAGE }} - ecr-private-registry: ${{ secrets.AWS_ACCOUNT_ID_PROD }} - ingress-base-domain: ${{ secrets.INGRESS_BASE_DOMAIN_STAGE }} - k8s-cluster-name: ${{ secrets.AWS_K8S_CLUSTER_NAME_STAGE }} - command: "core-dev-simulated-core-ocr1" - crib-alert-slack-webhook: ${{ secrets.CRIB_ALERT_SLACK_WEBHOOK }} - product-image: ${{ secrets.AWS_SDLC_ECR_HOSTNAME }}/chainlink - product-image-tag: develop - - uses: actions/checkout@v4.2.1 - - name: Set up Go - uses: ./.github/actions/setup-go - with: - go-version-file: 'go.mod' - - name: Run CRIB integration test - working-directory: integration-tests/crib - env: - K8S_STAGING_INGRESS_SUFFIX: ${{ secrets.K8S_STAGING_INGRESS_SUFFIX }} - CRIB_NAMESPACE: ${{ steps.deploy-crib.outputs.devspace-namespace }} - CRIB_NETWORK: geth - CRIB_NODES: 5 - GAP_URL: ${{ secrets.GAP_URL }} - SETH_LOG_LEVEL: info - # RESTY_DEBUG: true - TEST_PERSISTENCE: true - E2E_TEST_CHAINLINK_IMAGE: public.ecr.aws/chainlink/chainlink - E2E_TEST_CHAINLINK_VERSION: latest - run: |- - go test -v -run TestCRIBChaos - - name: Destroy CRIB Environment - id: destroy - if: always() && steps.deploy-crib.outputs.devspace-namespace != '' - uses: smartcontractkit/.github/actions/crib-purge-environment@c0b38e6c40d72d01b8d2f24f92623a2538b3dedb # crib-purge-environment@0.1.0 - with: - namespace: ${{ steps.deploy-crib.outputs.devspace-namespace }}