diff --git a/.github/workflows/build-publish-develop-pr.yml b/.github/workflows/build-publish-develop-pr.yml deleted file mode 100644 index debcd03bd91..00000000000 --- a/.github/workflows/build-publish-develop-pr.yml +++ /dev/null @@ -1,166 +0,0 @@ -name: "Build and Publish GoReleaser" - -on: - pull_request: - # The default types are opened, synchronize, and reopened - # See https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request - # We add a label trigger too, since when the build-publish label is added to a PR, we want to build and publish - types: - - opened - - synchronize - - reopened - - labeled - push: - branches: - - develop - workflow_dispatch: - inputs: - git_ref: - description: "The git ref to check out" - required: true - build-publish: - description: "Whether to build and publish - defaults to just build" - required: false - default: "false" - -env: - GIT_REF: ${{ github.event.inputs.git_ref || github.ref }} - -jobs: - merge: - runs-on: ubuntu-latest - needs: [split, image-tag] - if: ${{ needs.image-tag.outputs.release-type == 'nightly' }} - permissions: - id-token: write - contents: read - steps: - - name: Checkout repository - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - with: - ref: ${{ env.GIT_REF }} - - - name: Configure aws credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - role-to-assume: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} - aws-region: ${{ secrets.AWS_REGION }} - mask-aws-account-id: true - role-session-name: "merge" - - - uses: actions/cache/restore@v4 - with: - path: dist/linux_amd64_v1 - key: chainlink-amd64-${{ github.sha }} - fail-on-cache-miss: true - - - uses: actions/cache/restore@v4 - with: - path: dist/linux_arm64 - key: chainlink-arm64-${{ github.sha }} - fail-on-cache-miss: true - - - name: Merge images for both architectures - uses: ./.github/actions/goreleaser-build-sign-publish - with: - docker-registry: ${{ secrets.AWS_SDLC_ECR_HOSTNAME }} - docker-image-tag: ${{ needs.image-tag.outputs.image-tag }} - goreleaser-release-type: "merge" - goreleaser-config: .goreleaser.develop.yaml - goreleaser-key: ${{ secrets.GORELEASER_KEY }} - - split: - name: "split-${{ matrix.goarch }}" - needs: image-tag - runs-on: ${{ matrix.runner }} - permissions: - id-token: write - contents: read - strategy: - fail-fast: false - matrix: - include: - - runner: ubuntu-latest - goarch: amd64 - dist_name: linux_amd64_v1 - - - runner: ubuntu-24.04-4cores-16GB-ARM - goarch: arm64 - dist_name: linux_arm64 - steps: - - name: Checkout repository - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - with: - ref: ${{ env.GIT_REF }} - fetch-depth: 0 - - - name: Configure aws credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - role-to-assume: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }} - aws-region: ${{ secrets.AWS_REGION }} - mask-aws-account-id: true - role-session-name: "split-${{ matrix.goarch }}" - - - id: cache - uses: actions/cache@v4 - with: - path: dist/${{ matrix.dist_name }} - key: chainlink-${{ matrix.goarch }}-${{ github.sha }} - - - name: Build images for ${{ matrix.goarch }} - uses: ./.github/actions/goreleaser-build-sign-publish - if: steps.cache.outputs.cache-hit != 'true' - with: - docker-registry: ${{ secrets.AWS_SDLC_ECR_HOSTNAME }} - docker-image-tag: ${{ needs.image-tag.outputs.image-tag }} - goreleaser-release-type: ${{ needs.image-tag.outputs.release-type }} - goreleaser-config: .goreleaser.develop.yaml - goreleaser-key: ${{ secrets.GORELEASER_KEY }} - - - name: Collect Metrics - if: always() - id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@d9da21a2747016b3e13de58c7d4115a3d5c97935 # v3.0.1 - with: - id: goreleaser-build-publish - org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} - basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} - hostname: ${{ secrets.GRAFANA_INTERNAL_HOST }} - this-job-name: "split-${{ matrix.goarch }}" - continue-on-error: true - - image-tag: - runs-on: ubuntu-latest - outputs: - image-tag: ${{ steps.get-image-tag.outputs.image-tag }} - release-type: ${{ steps.get-image-tag.outputs.release-type }} - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - ref: ${{ env.GIT_REF }} - - - name: Get image tag - id: get-image-tag - run: | - short_sha=$(git rev-parse --short HEAD) - echo "release-type=snapshot" | tee -a $GITHUB_OUTPUT - if [[ ${{ github.event_name }} == 'push' ]]; then - echo "image-tag=develop" | tee -a $GITHUB_OUTPUT - echo "release-type=nightly" | tee -a $GITHUB_OUTPUT - elif [[ ${{ github.event_name }} == 'workflow_dispatch' ]]; then - echo "image-tag=${short_sha}" | tee -a $GITHUB_OUTPUT - if [[ "${{ inputs.build-publish }}" == 'false' ]]; then - echo "release-type=snapshot" | tee -a $GITHUB_OUTPUT - else - echo "release-type=nightly" | tee -a $GITHUB_OUTPUT - fi - else - if [[ ${{ github.event_name }} == "pull_request" ]]; then - echo "image-tag=pr-${{ github.event.number }}-${short_sha}" | tee -a $GITHUB_OUTPUT - if [[ ${{ contains(github.event.pull_request.labels.*.name, 'build-publish') }} == "true" ]]; then - echo "release-type=nightly" | tee -a $GITHUB_OUTPUT - fi - fi - fi diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index a0b43e66cb5..4a477a0e14e 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -1,9 +1,12 @@ name: "Build Chainlink and Publish" on: + # Mimics old circleci behaviour push: tags: - "v*" + branches: + - "release/**" env: ECR_HOSTNAME: public.ecr.aws @@ -18,13 +21,14 @@ jobs: uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Check for VERSION file bump on tags # Avoids checking VERSION file bump on forks. - if: ${{ github.repository == 'smartcontractkit/chainlink' }} + if: ${{ github.repository == 'smartcontractkit/chainlink' && startsWith(github.ref, 'refs/tags/v') }} uses: ./.github/actions/version-file-bump with: github-token: ${{ secrets.GITHUB_TOKEN }} build-sign-publish-chainlink: needs: [checks] + if: ${{ ! startsWith(github.ref_name, 'release/') }} runs-on: ubuntu-20.04 environment: build-publish permissions: