Merge pull request #50 from radixdlt/DO-2477-fix-logs-redirect #257

Workflow file for this run

.github/workflows/artifacts.yml at 4690e83

	on:
	push:
	branches:
	- main
	pull_request:
	release:
	types: [ created ]


	name: Build artifacts

	env:
	BABYLON_NODECLI_VERSION: 2.1.2

	permissions:
	id-token: write
	pull-requests: write
	packages: write
	contents: write

	jobs:

	upload-release:
	if: ${{ github.event_name == 'release' }}
	name: Upload nginx configuration artifacts
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: RDXWorks-actions/checkout@main
	- name: Generate artifacts
	run: \|
	bash generate_artifact.sh
	- name: Upload Full Node Release Asset
	uses: RDXWorks-actions/action-gh-release@master
	with:
	files: \|
	babylon-nginx-fullnode-conf.zip

	build-push-container-private:
	if: github.event_name == 'pull_request'
	name: Private
	uses: radixdlt/public-iac-resuable-artifacts/.github/workflows/docker-build.yml@main
	with:
	# image information
	image_registry: "docker.io"
	image_organization: "radixdlt"
	image_name: "private-babylon-nginx"
	tags: \|
	${{ github.head_ref }}
	development-latest
	# build information
	restore_artifact: "false"
	context: "."
	dockerfile: "./Dockerfile.alpine"
	platforms: "linux/amd64,linux/arm64"
	# optimizations
	cache_tag_suffix: "pr"
	scan_image: true
	snyk_target_ref: ${{ github.ref_name }}

	build-push-container-docker:
	name: Dockerhub
	if: github.event_name == 'release'
	uses: radixdlt/public-iac-resuable-artifacts/.github/workflows/docker-build.yml@main
	with:
	# image information
	image_registry: "docker.io"
	image_organization: "radixdlt"
	image_name: "babylon-nginx"
	tags: \|
	${{ github.event.release.tag_name }}
	development-latest
	# build information
	restore_artifact: "false"
	context: "."
	dockerfile: "./Dockerfile.alpine"
	platforms: "linux/amd64,linux/arm64"
	# optimizations
	cache_tag_suffix: "release"
	enable_dockerhub: "true"
	scan_image: true
	snyk_target_ref: ${{ github.ref_name }}
	secrets:
	role_to_assume: ${{ secrets.DOCKERHUB_RELEASER_ROLE }}

	test-userflow-docker-core-gateway-same-host:
	needs:
	- build-push-container-private
	runs-on: gh-ephemeral-nodecli-docker-runner
	steps:
	- name: Checkout
	uses: RDXWorks-actions/checkout@main
	with:
	fetch-depth: 0
	- name: "Configure AWS credentials (Private)"
	uses: RDXWorks-actions/configure-aws-credentials@main
	with:
	role-to-assume: arn:aws:iam::${{secrets.SECRETS_ACCOUNT_ID}}:role/gh-common-secrets-read-access
	aws-region: eu-west-2
	- name: Read secrets from AWS Secrets Manager into environment variables (Private)
	uses: RDXWorks-actions/aws-secretsmanager-get-secrets@main
	with:
	secret-ids: \|
	DOCKERHUB_PRIVATE, github-actions/common/dockerhub-credentials
	parse-json-secrets: true
	- name: Login to Docker Hub (Private)
	uses: RDXWorks-actions/login-action@master
	with:
	username: ${{env.DOCKERHUB_PRIVATE_USERNAME}}
	password: ${{env.DOCKERHUB_PRIVATE_TOKEN}}
	- name: Download packaged cli
	run: \|
	wget -O babylonnode https://github.com/radixdlt/babylon-nodecli/releases/download/${{env.BABYLON_NODECLI_VERSION}}/babylonnode-ubuntu-22.04
	chmod +x babylonnode
	- name: Get dependencies
	run: \|
	chmod +x ./babylonnode
	sudo apt-get update
	sudo apt-get install -y postgresql-client jq docker-compose
	./babylonnode docker dependencies
	- name: "Execute User Flow: Install Core, Gateway and Monitoring on the same host"
	run: \|
	wget https://raw.githubusercontent.com/radixdlt/babylon-nodecli/main/node-runner-cli/tests/userflows/install-docker-all-same-host.sh -O install-docker-all-same-host.sh
	chmod +x ./install-docker-all-same-host.sh
	./install-docker-all-same-host.sh
	env:
	NGINX_ADMIN_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	NGINX_METRICS_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	NGINX_GATEWAY_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	POSTGRES_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	KEYSTORE_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	SEED_NODE: ${{ vars.SEED_NODE }}
	NETWORK_ID: ${{ vars.NETWORK_ID }}
	NETWORK_NAME: ${{ vars.NETWORK_NAME }}
	NGINX_DOCKER_REPO_OVERRIDE: radixdlt/private-babylon-nginx
	RADIXDLT_NGINX_VERSION_OVERRIDE: ${{ github.head_ref }}
	NGINX_BINARY_OVERIDE: "https://github.com/radixdlt/babylon-nginx/releases/download/${{ github.event.release.tag_name }}/babylon-nginx-fullnode-conf.zip"

	test-userflow-systemd-simple:
	runs-on: gh-ephemeral-nodecli-systemd-runner
	steps:
	- name: Checkout
	uses: RDXWorks-actions/checkout@main
	with:
	fetch-depth: 0
	- name: Download packaged cli
	run: \|
	wget -O babylonnode https://github.com/radixdlt/babylon-nodecli/releases/download/${{env.BABYLON_NODECLI_VERSION}}/babylonnode-ubuntu-22.04
	chmod +x babylonnode
	- name: Get dependencies
	run: \|
	sudo apt-get update
	sudo apt-get install -y jq zip
	chmod +x ./babylonnode
	- name: Serve Files
	uses: RDXWorks-actions/http-server-action@master
	with:
	directory: ${{ github.workspace }}
	port: 9999
	- name: "Generate artifact"
	run: \|
	echo "generating artifact"
	bash generate_artifact.sh
	- name: "Execute User Flow: Install Core, Gateway and Monitoring on the same host"
	run: \|
	export DOCKER_COMPOSE_LOCATION="/usr/local/bin/docker-compose"
	wget https://raw.githubusercontent.com/radixdlt/babylon-nodecli/main/node-runner-cli/tests/userflows/install-systemd-simple.sh -O install-systemd-simple.sh
	chmod +x ./install-systemd-simple.sh
	./install-systemd-simple.sh
	env:
	NGINX_ADMIN_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	NGINX_METRICS_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	NGINX_GATEWAY_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	POSTGRES_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	KEYSTORE_PASSWORD: ${{ secrets.RANDOM_TEST_PASSWORD }}
	SEED_NODE: ${{ vars.SEED_NODE }}
	NETWORK_ID: ${{ vars.NETWORK_ID }}
	NETWORK_NAME: ${{ vars.NETWORK_NAME }}
	RADIXDLT_NGINX_VERSION_OVERRIDE: ${{ github.head_ref }}
	NGINX_BINARY_OVERIDE: http://127.0.0.1:9999/babylon-nginx-fullnode-conf.zip
	# NGINX_BINARY_OVERIDE: "https://github.com/radixdlt/babylon-nginx/releases/download/${{ github.event.release.tag_name }}/babylon-nginx-fullnode-conf.zip"

	snyk-monitor-devops:
	if: always()
	runs-on: ubuntu-latest
	needs:
	- build-push-container-docker
	- build-push-container-private
	permissions:
	id-token: write
	pull-requests: read
	contents: read
	deployments: write
	steps:
	- if: github.event_name == 'pull_request'
	uses: radixdlt/public-iac-resuable-artifacts/snyk-container-monitor@main
	with:
	role_name: ${{ secrets.AWS_ROLE_NAME_SNYK_SECRET }}
	app_name: 'babylon-nginx'
	dockerhub_secret_name: ${{ secrets.AWS_SECRET_NAME_DOCKERHUB }}
	snyk_secret_name: ${{ secrets.AWS_SECRET_NAME_SNYK }}
	snyk_org_id: ${{ secrets.SNYK_DEVOPS_ORG_ID }}
	image: docker.io/radixdlt/private-babylon-nginx:${{ needs.build-push-container-private.outputs.default_tag }}
	target_ref: ${{ github.ref_name }}
	- if: github.event_name == 'release'
	uses: radixdlt/public-iac-resuable-artifacts/snyk-container-monitor@main
	with:
	role_name: ${{ secrets.AWS_ROLE_NAME_SNYK_SECRET }}
	app_name: 'babylon-nginx'
	dockerhub_secret_name: ${{ secrets.AWS_SECRET_NAME_DOCKERHUB }}
	snyk_secret_name: ${{ secrets.AWS_SECRET_NAME_SNYK }}
	snyk_org_id: ${{ secrets.SNYK_DEVOPS_ORG_ID }}
	image: docker.io/radixdlt/babylon-nginx:${{ needs.build-push-container-docker.outputs.default_tag }}
	target_ref: ${{ github.ref_name }}

	snyk-monitor-network:
	if: always()
	runs-on: ubuntu-latest
	needs:
	- build-push-container-docker
	- build-push-container-private
	permissions:
	id-token: write
	pull-requests: read
	contents: read
	deployments: write
	steps:
	- if: github.event_name == 'pull_request'
	uses: radixdlt/public-iac-resuable-artifacts/snyk-container-monitor@main
	with:
	role_name: ${{ secrets.AWS_ROLE_NAME_SNYK_SECRET }}
	app_name: 'babylon-nginx'
	dockerhub_secret_name: ${{ secrets.AWS_SECRET_NAME_DOCKERHUB }}
	snyk_secret_name: ${{ secrets.AWS_SECRET_NAME_SNYK }}
	snyk_org_id: ${{ secrets.SNYK_NETWORK_ORG_ID }}
	image: docker.io/radixdlt/private-babylon-nginx:${{ needs.build-push-container-private.outputs.default_tag }}
	target_ref: ${{ github.ref_name }}
	- if: github.event_name == 'release'
	uses: radixdlt/public-iac-resuable-artifacts/snyk-container-monitor@main
	with:
	role_name: ${{ secrets.AWS_ROLE_NAME_SNYK_SECRET }}
	app_name: 'babylon-nginx'
	dockerhub_secret_name: ${{ secrets.AWS_SECRET_NAME_DOCKERHUB }}
	snyk_secret_name: ${{ secrets.AWS_SECRET_NAME_SNYK }}
	snyk_org_id: ${{ secrets.SNYK_NETWORK_ORG_ID }}
	image: docker.io/radixdlt/babylon-nginx:${{ needs.build-push-container-docker.outputs.default_tag }}
	target_ref: ${{ github.ref_name }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #50 from radixdlt/DO-2477-fix-logs-redirect #257

Workflow file

Merge pull request #50 from radixdlt/DO-2477-fix-logs-redirect #257

Jobs

Run details

Workflow file for this run