From 9f3db0fcb5a0146b8664c07221fb03499f4ce316 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:09:55 -0700 Subject: [PATCH 01/16] refactor: deprecates Earthly cloud support and adds remote satellite support --- .github/workflows/ci.yml | 24 +-- .github/workflows/deploy.yml | 8 +- .github/workflows/docs.yml | 8 +- .github/workflows/release.yml | 8 +- .github/workflows/run.yml | 8 +- actions/setup/action.yml | 37 +--- blueprint.cue | 8 +- cli/cmd/cmds/configure_satellite.go | 62 ++++++ cli/cmd/main.go | 19 +- cli/pkg/earthly/earthly_test.go | 9 - cli/pkg/earthly/options.go | 17 +- cli/pkg/earthly/project.go | 7 +- cli/pkg/earthly/satellite/satellite.go | 192 ++++++++++++++++++ lib/project/providers/earthly.go | 52 +++++ .../global/providers/cue_types_gen.go | 17 +- .../blueprint/global/providers/earthly.cue | 21 +- 16 files changed, 392 insertions(+), 105 deletions(-) create mode 100644 cli/cmd/cmds/configure_satellite.go create mode 100644 cli/pkg/earthly/satellite/satellite.go create mode 100644 lib/project/providers/earthly.go diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9a75b361..87052ac4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -47,12 +47,12 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@master + uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge - uses: input-output-hk/catalyst-forge/actions/install-local@master + uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -67,14 +67,14 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@master + uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud with: skip_docker: 'true' skip_github: 'true' skip_earthly: ${{ steps.local.outputs.skip }} - name: Discovery id: discovery - uses: input-output-hk/catalyst-forge/actions/discovery@master + uses: input-output-hk/catalyst-forge/actions/discovery@deprecate-earthly-cloud with: filters: | ${{ env.FORGE_REGEX_CHECK }} @@ -86,7 +86,7 @@ jobs: ${{ env.FORGE_REGEX_PUBLISH }} ${{ env.FORGE_REGEX_NIGHTLY }} check: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud needs: [discover] if: (fromJson(needs.discover.outputs.earthfiles)['^check(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -98,7 +98,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} build: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud needs: [discover, check] if: (fromJson(needs.discover.outputs.earthfiles)['^build(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -110,7 +110,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} package: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud needs: [discover, check, build] if: (fromJson(needs.discover.outputs.earthfiles)['^package(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -122,7 +122,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} test: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud needs: [discover, check, build, package] if: (fromJson(needs.discover.outputs.earthfiles)['^test(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -134,7 +134,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} nightly: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud needs: [discover, check, build, package] if: (fromJson(needs.discover.outputs.earthfiles)['^nightly(-.*)?$'] != null) && !failure() && !cancelled() && inputs.nightly == true with: @@ -146,7 +146,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} docs: - uses: input-output-hk/catalyst-forge/.github/workflows/docs.yml@master + uses: input-output-hk/catalyst-forge/.github/workflows/docs.yml@deprecate-earthly-cloud needs: [discover, check, build, test] if: (fromJson(needs.discover.outputs.earthfiles)['^docs(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -156,7 +156,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} release: - uses: input-output-hk/catalyst-forge/.github/workflows/release.yml@master + uses: input-output-hk/catalyst-forge/.github/workflows/release.yml@deprecate-earthly-cloud needs: [discover, check, build, test] if: (fromJson(needs.discover.outputs.releases)[0] != null) && !failure() && !cancelled() with: @@ -168,7 +168,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} deploy: - uses: input-output-hk/catalyst-forge/.github/workflows/deploy.yml@master + uses: input-output-hk/catalyst-forge/.github/workflows/deploy.yml@deprecate-earthly-cloud needs: [discover, check, build, test, release] if: (fromJson(needs.discover.outputs.deployments)[0] != null) && !failure() && !cancelled() with: diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index a938df72..ab164135 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -42,12 +42,12 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@master + uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge - uses: input-output-hk/catalyst-forge/actions/install-local@master + uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -62,11 +62,11 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@master + uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud with: skip_earthly: ${{ steps.local.outputs.skip }} - name: Deploy - uses: input-output-hk/catalyst-forge/actions/run@master + uses: input-output-hk/catalyst-forge/actions/run@deprecate-earthly-cloud with: command: mod deploy args: ${{ matrix.deployment }} diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 80361cee..06c10f30 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -44,12 +44,12 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@master + uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge - uses: input-output-hk/catalyst-forge/actions/install-local@master + uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -64,11 +64,11 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@master + uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud with: skip_earthly: ${{ steps.local.outputs.skip }} - name: Run - uses: input-output-hk/catalyst-forge/actions/run@master + uses: input-output-hk/catalyst-forge/actions/run@deprecate-earthly-cloud with: command: run args: --artifact ${{ env.OUTPUT }} ${{ matrix.earthfile }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 68f50458..0730e868 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -45,12 +45,12 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@master + uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge - uses: input-output-hk/catalyst-forge/actions/install-local@master + uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -65,11 +65,11 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@master + uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud with: skip_earthly: ${{ steps.local.outputs.skip }} - name: Release - uses: input-output-hk/catalyst-forge/actions/run@master + uses: input-output-hk/catalyst-forge/actions/run@deprecate-earthly-cloud with: command: release args: ${{ matrix.release.project }} ${{ matrix.release.name }} diff --git a/.github/workflows/run.yml b/.github/workflows/run.yml index 2556a60c..16c84f64 100644 --- a/.github/workflows/run.yml +++ b/.github/workflows/run.yml @@ -42,12 +42,12 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@master + uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge - uses: input-output-hk/catalyst-forge/actions/install-local@master + uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -62,11 +62,11 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@master + uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud with: skip_earthly: ${{ steps.local.outputs.skip }} - name: Run - uses: input-output-hk/catalyst-forge/actions/run@master + uses: input-output-hk/catalyst-forge/actions/run@deprecate-earthly-cloud with: command: run args: ${{ matrix.earthfile }} diff --git a/actions/setup/action.yml b/actions/setup/action.yml index 01e8589d..dc2db8a6 100644 --- a/actions/setup/action.yml +++ b/actions/setup/action.yml @@ -144,30 +144,20 @@ runs: EARTHLY=$(echo "$BP" | jq -r .global.ci.providers.earthly) if [[ "$EARTHLY" != "null" ]]; then - ORG=$(echo "$BP" | jq -r .global.ci.providers.earthly.org) VERSION=$(echo "$BP" | jq -r .global.ci.providers.earthly.version) - echo "org=$ORG" >> $GITHUB_OUTPUT - - EARTHLY_CREDS=$(echo "$BP" | jq -r .global.ci.providers.earthly.credentials) - if [[ "$EARTHLY_CREDS" != "null" ]]; then - SECRET=$(forge secret get --project . global.ci.providers.earthly.credentials) - TOKEN=$(echo "$SECRET" | jq -r .token) - - if [[ "$TOKEN" == "null" ]]; then - echo "Error: the earthly provider secret must map the secret value to 'token'" - exit 1 - fi - - echo "::add-mask::$TOKEN" - echo "token=$TOKEN" >> $GITHUB_OUTPUT + SATELLITE_CREDS=$(echo "$BP" | jq -r .global.ci.providers.earthly.satellite.creds) + if [[ "$SATELLITE_CREDS" != "null" ]]; then + CONFIG_SAT="true" else - echo "No configuration found for Earthly Cloud provider" + CONFIG_SAT="false" + echo "No configuration found for remote Earthly satellite" fi else - echo "No configuration found for Earthly Cloud provider" + echo "No configuration found for Earthly provider" fi + echo "sat=$CONFIG_SAT" >> GITHUB_OUTPUT echo "version=$VERSION" >> $GITHUB_OUTPUT - name: Cache Earthly binary id: cache-binary @@ -188,16 +178,11 @@ runs: chmod +x /usr/local/bin/earthly /usr/local/bin/earthly bootstrap - - name: Login to Earthly Cloud - if: steps.earthly.outputs.token != '' && steps.earthly.conclusion == 'success' - shell: bash - run: | - earthly account login --token "${{ steps.earthly.outputs.token }}" - - name: Set Earthly organization - if: steps.earthly.outputs.token != '' && steps.earthly.conclusion == 'success' + - name: Configure Earthly satellite credentials + if: inputs.skip_earthly == 'false' && steps.earthly.outputs.sat == 'true' && steps.earthly.conclusion == 'success' shell: bash run: | - earthly org select "${{ steps.earthly.outputs.org }}" + forge configure-satellite -vvv --ci # Timoni Provider - name: Get Timoni provider configuration @@ -284,4 +269,4 @@ runs: if: steps.kcl.outputs.install && steps.kcl.conclusion == 'success' shell: bash run: | - kcl version \ No newline at end of file + kcl version diff --git a/blueprint.cue b/blueprint.cue index 1705c5cc..8062009b 100644 --- a/blueprint.cue +++ b/blueprint.cue @@ -33,13 +33,11 @@ global: { } earthly: { - credentials: { + satellite: credentials: { provider: "aws" - path: "global/ci/earthly" + path: "global/ci/ci-tls" } - org: "Catalyst" - satellite: "ci" - version: "0.8.15" + version: "0.8.15" } git: credentials: { diff --git a/cli/cmd/cmds/configure_satellite.go b/cli/cmd/cmds/configure_satellite.go new file mode 100644 index 00000000..37f19147 --- /dev/null +++ b/cli/cmd/cmds/configure_satellite.go @@ -0,0 +1,62 @@ +package cmds + +import ( + "fmt" + "os" + "path/filepath" + + "github.com/input-output-hk/catalyst-forge/cli/pkg/earthly/satellite" + "github.com/input-output-hk/catalyst-forge/cli/pkg/run" + "github.com/input-output-hk/catalyst-forge/lib/tools/fs/billy" + "github.com/input-output-hk/catalyst-forge/lib/tools/git" + "github.com/input-output-hk/catalyst-forge/lib/tools/walker" +) + +type ConfigureSatelliteCmd struct { + Path string `short:"p" help:"Path to place the Earthly config and certificates."` +} + +func (c *ConfigureSatelliteCmd) Run(ctx run.RunContext) error { + fs := billy.NewBaseOsFS() + cwd, err := os.Getwd() + if err != nil { + return fmt.Errorf("failed to get current working directory: %w", err) + } + + ctx.Logger.Debug("Finding git root", "path", cwd) + w := walker.NewCustomReverseFSWalker(fs, ctx.Logger) + gitRoot, err := git.FindGitRoot(cwd, &w) + if err != nil { + return fmt.Errorf("failed to find git root: %w", err) + } + ctx.Logger.Debug("Git root found", "path", gitRoot) + + ctx.Logger.Debug("Loading project", "path", gitRoot) + project, err := ctx.ProjectLoader.Load(gitRoot) + if err != nil { + return err + } + + if c.Path == "" { + home, err := os.UserHomeDir() + if err != nil { + return fmt.Errorf("failed to get user's home directory: %w", err) + } + + c.Path = filepath.Join(home, ".earthly") + } + + ctx.Logger.Info("Configuring satellite", "path", c.Path) + satellite := satellite.NewEarthlySatellite( + &project, + c.Path, + ctx.Logger, + satellite.WithSecretStore(ctx.SecretStore), + satellite.WithCI(ctx.CI), + ) + if err := satellite.Configure(); err != nil { + return fmt.Errorf("failed to configure satellite: %w", err) + } + + return nil +} diff --git a/cli/cmd/main.go b/cli/cmd/main.go index 55540a29..a99ac0e6 100644 --- a/cli/cmd/main.go +++ b/cli/cmd/main.go @@ -32,15 +32,16 @@ type GlobalArgs struct { var cli struct { GlobalArgs - Dump cmds.DumpCmd `cmd:"" help:"Dumps a project's blueprint to JSON."` - CI cmds.CICmd `cmd:"" help:"Simulate a CI run."` - Mod module.ModuleCmd `kong:"cmd" help:"Commands for working with deployment modules."` - Release cmds.ReleaseCmd `cmd:"" help:"Release a project."` - Run cmds.RunCmd `cmd:"" help:"Run an Earthly target."` - Scan cmds.ScanCmd `cmd:"" help:"Scan for Earthfiles."` - Secret cmds.SecretCmd `cmd:"" help:"Manage secrets."` - Validate cmds.ValidateCmd `cmd:"" help:"Validates a project."` - Version VersionCmd `cmd:"" help:"Print the version."` + Dump cmds.DumpCmd `cmd:"" help:"Dumps a project's blueprint to JSON."` + CI cmds.CICmd `cmd:"" help:"Simulate a CI run."` + ConfigureSatellite cmds.ConfigureSatelliteCmd `cmd:"" help:"Configure the local system to use a remote Earthly Satellite."` + Mod module.ModuleCmd `kong:"cmd" help:"Commands for working with deployment modules."` + Release cmds.ReleaseCmd `cmd:"" help:"Release a project."` + Run cmds.RunCmd `cmd:"" help:"Run an Earthly target."` + Scan cmds.ScanCmd `cmd:"" help:"Scan for Earthfiles."` + Secret cmds.SecretCmd `cmd:"" help:"Manage secrets."` + Validate cmds.ValidateCmd `cmd:"" help:"Validates a project."` + Version VersionCmd `cmd:"" help:"Print the version."` InstallCompletions kongplete.InstallCompletions `cmd:"" help:"install shell completions"` } diff --git a/cli/pkg/earthly/earthly_test.go b/cli/pkg/earthly/earthly_test.go index e6823412..40ba97d3 100644 --- a/cli/pkg/earthly/earthly_test.go +++ b/cli/pkg/earthly/earthly_test.go @@ -164,15 +164,6 @@ func TestEarthlyExecutor_buildArguments(t *testing.T) { platform: GetBuildPlatform(), expect: []string{"--platform", GetBuildPlatform(), "--allow-privileged", "/test/dir+foo"}, }, - { - name: "with satellite", - e: NewEarthlyExecutor("/test/dir", "foo", nil, secrets.SecretStore{}, - testutils.NewNoopLogger(), - WithSatellite("satellite"), - ), - platform: GetBuildPlatform(), - expect: []string{"--platform", GetBuildPlatform(), "--sat", "satellite", "/test/dir+foo"}, - }, } for _, tt := range tests { diff --git a/cli/pkg/earthly/options.go b/cli/pkg/earthly/options.go index 5c173596..95135f1e 100644 --- a/cli/pkg/earthly/options.go +++ b/cli/pkg/earthly/options.go @@ -18,12 +18,21 @@ func WithArtifact(path string) EarthlyExecutorOption { } } +// WithCI is an option for configuring an EarthlyExecutor to run the CI func WithCI() EarthlyExecutorOption { return func(e *EarthlyExecutor) { e.opts.ci = true } } +// WithConfig is an option for configuring an EarthlyExecutor to use the given +// Earthly config file. +func WithConfig(config string) EarthlyExecutorOption { + return func(e *EarthlyExecutor) { + e.earthlyArgs = append(e.earthlyArgs, "--config", config) + } +} + // WithPlatforms is an option for configuring an EarthlyExecutor to run the // Earthly target against the given platforms. func WithPlatforms(platforms ...string) EarthlyExecutorOption { @@ -48,14 +57,6 @@ func WithRetries(retries int) EarthlyExecutorOption { } } -// WithSatellite is an option for configuring an EarthlyExecutor with the -// remote satellite to use. -func WithSatellite(s string) EarthlyExecutorOption { - return func(e *EarthlyExecutor) { - e.earthlyArgs = append(e.earthlyArgs, "--sat", s) - } -} - // WithSecrets is an option for configuring an EarthlyExecutor with secrets to // be passed to the Earthly target. func WithSecrets(secrets []sc.Secret) EarthlyExecutorOption { diff --git a/cli/pkg/earthly/project.go b/cli/pkg/earthly/project.go index 70652b96..3c46f297 100644 --- a/cli/pkg/earthly/project.go +++ b/cli/pkg/earthly/project.go @@ -93,8 +93,11 @@ func (p *DefaultProjectRunner) generateOpts(target string) ([]EarthlyExecutorOpt } if schema.HasEarthlyProviderDefined(p.project.Blueprint) { - if p.project.Blueprint.Global.Ci.Providers.Earthly.Satellite != "" && !p.ctx.Local { - opts = append(opts, WithSatellite(p.project.Blueprint.Global.Ci.Providers.Earthly.Satellite)) + if p.project.Blueprint.Global.Ci.Providers.Earthly.Satellite != nil && p.ctx.Local { + // This is a hacky way to prevent Earthly from using the satellite + // from the Earthly configuration file as there is no native way to + // disable it. + opts = append(opts, WithConfig("")) } } diff --git a/cli/pkg/earthly/satellite/satellite.go b/cli/pkg/earthly/satellite/satellite.go new file mode 100644 index 00000000..574dff61 --- /dev/null +++ b/cli/pkg/earthly/satellite/satellite.go @@ -0,0 +1,192 @@ +package satellite + +import ( + "encoding/base64" + "fmt" + "log/slog" + "path/filepath" + + "github.com/input-output-hk/catalyst-forge/lib/project/project" + "github.com/input-output-hk/catalyst-forge/lib/project/providers" + "github.com/input-output-hk/catalyst-forge/lib/project/secrets" + "github.com/input-output-hk/catalyst-forge/lib/tools/fs" + "github.com/input-output-hk/catalyst-forge/lib/tools/fs/billy" + "gopkg.in/yaml.v3" +) + +// EarthlySatellite is used to configure the local system to use a remote Earthly Satellite. +type EarthlySatellite struct { + ci bool + creds providers.EarthlyProviderCreds + fs fs.Filesystem + logger *slog.Logger + path string + project *project.Project + secretStore secrets.SecretStore +} + +// EarthlyConfig is the configuration for Earthly. +type EarthlyConfig struct { + Global EarthlyGlobalConfig `yaml:"global"` +} + +// EarthlyGlobalConfig is the global configuration for Earthly. +type EarthlyGlobalConfig struct { + BuildkitHost string `yaml:"buildkit_host"` + TLSCA string `yaml:"tlsca"` + TLSCert string `yaml:"tlscert"` + TLSKey string `yaml:"tlskey"` +} + +// EarthlySatelliteOption is an option for configuring an EarthlySatellite. +type EarthlySatelliteOption func(*EarthlySatellite) + +// WithCI sets the CI flag for the EarthlySatellite. +func WithCI(ci bool) EarthlySatelliteOption { + return func(s *EarthlySatellite) { + s.ci = ci + } +} + +// WithFs sets the filesystem for the EarthlySatellite. +func WithFs(fs fs.Filesystem) EarthlySatelliteOption { + return func(s *EarthlySatellite) { + s.fs = fs + } +} + +// WithSecretStore sets the secret store for the EarthlySatellite. +func WithSecretStore(secretStore secrets.SecretStore) EarthlySatelliteOption { + return func(s *EarthlySatellite) { + s.secretStore = secretStore + } +} + +// Configure configures the local system to use a remote Earthly Satellite. +func (s *EarthlySatellite) Configure() error { + s.logger.Info("Loading Earthly satellite credentials") + err := s.loadCredentials() + if err != nil { + return fmt.Errorf("failed to load credentials: %w", err) + } + + s.logger.Info("Writing certificates") + err = s.writeCerts() + if err != nil { + return fmt.Errorf("failed to write certificates: %w", err) + } + + s.logger.Info("Generating Earthly config") + cfg, err := s.generateConfig() + if err != nil { + return fmt.Errorf("failed to generate config: %w", err) + } + + s.logger.Info("Writing Earthly config") + err = s.fs.WriteFile(filepath.Join(s.path, "config.yml"), cfg, 0644) + if err != nil { + return fmt.Errorf("failed to write config: %w", err) + } + + // Mask the host if we're running in CI. + if s.ci { + fmt.Printf("::add-mask::%s\n", s.creds.Host) + } + + return nil +} + +// loadCredentials loads the credentials for the EarthlySatellite. +func (s *EarthlySatellite) loadCredentials() error { + if s.project.Blueprint.Global.Ci.Providers.Earthly == nil || + s.project.Blueprint.Global.Ci.Providers.Earthly.Satellite == nil || + s.project.Blueprint.Global.Ci.Providers.Earthly.Satellite.Credentials == nil { + return fmt.Errorf("no satellite credentials found") + } + + creds, err := providers.GetEarthlyProviderCreds( + s.project.Blueprint.Global.Ci.Providers.Earthly.Satellite.Credentials, + &s.secretStore, + s.logger, + ) + if err != nil { + return fmt.Errorf("failed to get Earthly provider credentials: %w", err) + } + + s.creds = creds + return nil +} + +// writeCerts writes the certificates to the filesystem. +func (s *EarthlySatellite) writeCerts() error { + ca, err := base64.StdEncoding.DecodeString(s.creds.Ca) + if err != nil { + return fmt.Errorf("failed to decode ca.pem: %w", err) + } + + s.logger.Debug("Writing ca.pem", "path", filepath.Join(s.path, "ca.pem")) + err = s.fs.WriteFile(filepath.Join(s.path, "ca.pem"), ca, 0644) + if err != nil { + return fmt.Errorf("failed to write ca.pem: %w", err) + } + + privateKey, err := base64.StdEncoding.DecodeString(s.creds.PrivateKey) + if err != nil { + return fmt.Errorf("failed to decode private key: %w", err) + } + + s.logger.Debug("Writing key.pem", "path", filepath.Join(s.path, "key.pem")) + err = s.fs.WriteFile(filepath.Join(s.path, "key.pem"), privateKey, 0600) + if err != nil { + return fmt.Errorf("failed to write private key: %w", err) + } + + cert, err := base64.StdEncoding.DecodeString(s.creds.Certificate) + if err != nil { + return fmt.Errorf("failed to decode certificate: %w", err) + } + + s.logger.Debug("Writing cert.pem", "path", filepath.Join(s.path, "cert.pem")) + err = s.fs.WriteFile(filepath.Join(s.path, "cert.pem"), cert, 0644) + if err != nil { + return fmt.Errorf("failed to write certificate: %w", err) + } + + return nil +} + +// generateConfig generates the Earthly config file. +func (s *EarthlySatellite) generateConfig() ([]byte, error) { + cfg := EarthlyConfig{ + Global: EarthlyGlobalConfig{ + BuildkitHost: s.creds.Host, + TLSCA: "ca.pem", + TLSCert: "cert.pem", + TLSKey: "key.pem", + }, + } + + cfgBytes, err := yaml.Marshal(cfg) + if err != nil { + return nil, fmt.Errorf("failed to marshal Earthly config: %w", err) + } + + return cfgBytes, nil +} + +// NewEarthlySatellite creates a new EarthlySatellite. +func NewEarthlySatellite(p *project.Project, configPath string, logger *slog.Logger, opts ...EarthlySatelliteOption) *EarthlySatellite { + s := &EarthlySatellite{ + project: p, + path: configPath, + fs: billy.NewBaseOsFS(), + logger: logger, + secretStore: secrets.NewDefaultSecretStore(), + } + + for _, opt := range opts { + opt(s) + } + + return s +} diff --git a/lib/project/providers/earthly.go b/lib/project/providers/earthly.go new file mode 100644 index 00000000..79153c1f --- /dev/null +++ b/lib/project/providers/earthly.go @@ -0,0 +1,52 @@ +package providers + +import ( + "fmt" + "log/slog" + + "github.com/input-output-hk/catalyst-forge/lib/project/secrets" + "github.com/input-output-hk/catalyst-forge/lib/schema/blueprint/common" +) + +// EarthlyProviderCreds is the struct that holds the credentials for the Earthly provider. +type EarthlyProviderCreds struct { + Host string + PrivateKey string + Certificate string + Ca string +} + +// GetEarthlyProviderCreds loads the Earthly provider credentials from the given secret. +func GetEarthlyProviderCreds(s *common.Secret, store *secrets.SecretStore, logger *slog.Logger) (EarthlyProviderCreds, error) { + m, err := secrets.GetSecretMap(s, store, logger) + if err != nil { + return EarthlyProviderCreds{}, fmt.Errorf("could not get secret: %w", err) + } + + host, ok := m["host"] + if !ok { + return EarthlyProviderCreds{}, fmt.Errorf("host is missing in secret") + } + + privateKey, ok := m["private_key"] + if !ok { + return EarthlyProviderCreds{}, fmt.Errorf("private key is missing in secret") + } + + certificate, ok := m["certificate"] + if !ok { + return EarthlyProviderCreds{}, fmt.Errorf("certificate is missing in secret") + } + + ca, ok := m["ca_certificate"] + if !ok { + return EarthlyProviderCreds{}, fmt.Errorf("ca is missing in secret") + } + + return EarthlyProviderCreds{ + Host: host, + PrivateKey: privateKey, + Certificate: certificate, + Ca: ca, + }, nil +} diff --git a/lib/schema/blueprint/global/providers/cue_types_gen.go b/lib/schema/blueprint/global/providers/cue_types_gen.go index a64abe47..51806fb9 100644 --- a/lib/schema/blueprint/global/providers/cue_types_gen.go +++ b/lib/schema/blueprint/global/providers/cue_types_gen.go @@ -45,19 +45,20 @@ type Docker struct { } type Earthly struct { - // Credentials contains the credentials to use for Earthly Cloud - Credentials *common.Secret `json:"credentials,omitempty"` - - // Org specifies the Earthly Cloud organization to use. - Org string `json:"org,omitempty"` - - // Satellite contains the satellite to use for caching. - Satellite string `json:"satellite,omitempty"` + // Satellite contains the configuration for a remote Earthly Satellite. + Satellite *EarthlySatellite `json:"satellite,omitempty"` // Version contains the version of Earthly to install in CI. Version string `json:"version,omitempty"` } +// EarthlySatellite contains the configuration for a remote Earthly Satellite. +type EarthlySatellite struct { + // Credentials contains the credentials to use for connecting to a remote + // Earthly Satellite. + Credentials *common.Secret `json:"credentials,omitempty"` +} + type Git struct { // Credentials contains the credentials to use for interacting with private repositories. Credentials common.Secret `json:"credentials"` diff --git a/lib/schema/blueprint/global/providers/earthly.cue b/lib/schema/blueprint/global/providers/earthly.cue index 587e3085..24943b39 100644 --- a/lib/schema/blueprint/global/providers/earthly.cue +++ b/lib/schema/blueprint/global/providers/earthly.cue @@ -3,15 +3,16 @@ package providers import "github.com/input-output-hk/catalyst-forge/lib/schema/blueprint/common" #Earthly: { - // Credentials contains the credentials to use for Earthly Cloud - credentials?: common.#Secret + // Satellite contains the configuration for a remote Earthly Satellite. + satellite?: #EarthlySatellite - // Org specifies the Earthly Cloud organization to use. - org?: string + // Version contains the version of Earthly to install in CI. + version?: string +} - // Satellite contains the satellite to use for caching. - satellite?: string - - // Version contains the version of Earthly to install in CI. - version?: string -} \ No newline at end of file +// EarthlySatellite contains the configuration for a remote Earthly Satellite. +#EarthlySatellite: { + // Credentials contains the credentials to use for connecting to a remote + // Earthly Satellite. + credentials?: common.#Secret +} From d0d5b22b88539ba7a8b45c63ffd283c184f5edde Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:23:29 -0700 Subject: [PATCH 02/16] chore: updates install-local workflow --- .github/workflows/ci.yml | 2 -- actions/install-local/action.yml | 26 +++++++++++++++++--------- 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 87052ac4..8492ac3c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,8 +54,6 @@ jobs: - name: Install Local Forge uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud if: ${{ inputs.forge_version == 'local' }} - with: - earthly_token: ${{ secrets.earthly_token }} - name: Check forge version id: local run: | diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index 53f08d54..a16a8189 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -1,9 +1,5 @@ name: Install local forge CLI description: Installs a local version of the forge CLI -inputs: - earthly_token: - description: Earthly token used to login to Earthly cloud for local build - required: true runs: using: composite @@ -23,12 +19,24 @@ runs: wget -q https://github.com/earthly/earthly/releases/latest/download/earthly-linux-amd64 -O /usr/local/bin/earthly chmod +x /usr/local/bin/earthly /usr/local/bin/earthly bootstrap - - name: Login to Earthly Cloud + - name: Configure Earthly satellite credentials if: steps.cache-binary.outputs.cache-hit == false shell: bash run: | - earthly account login --token ${{ inputs.earthly_token }} - earthly org select Catalyst + mkdir -p ~/.earthly + + SECRET=$(forge secret get --project . global.ci.providers.earthly.satellite.credentials) + echo "$SECRET" | jq -r .SecretString | jq -r .ca_certificate | base64 -d > ~/.earthly/ca.pem + echo "$SECRET" | jq -r .SecretString | jq -r .certificate | base64 -d > ~/.earthly/cert.pem + echo "$SECRET" | jq -r .SecretString | jq -r .private_key | base64 -d > ~/.earthly/key.pem + + cat < "~/.earthly/config.yml" + global: + buildkit_host: $(echo "$SECRET" | jq -r .SecretString | jq -r .host) + tlsca: ca.pem + tlscert: cert.pem + tlskey: key.pem + EOF - name: Cache binary id: cache-binary uses: actions/cache@v4 @@ -40,5 +48,5 @@ runs: shell: bash run: | echo "::group::Forge CLI Earthly Build" - earthly --sat ci --artifact ./cli+build/forge /usr/local/bin/forge - echo "::endgroup::" \ No newline at end of file + earthly --artifact ./cli+build/forge /usr/local/bin/forge + echo "::endgroup::" From 46231dbd982d505c9d93436325dc681ecb8217c6 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:29:43 -0700 Subject: [PATCH 03/16] wip: fix --- actions/install-local/action.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index a16a8189..8d3a92d3 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -19,13 +19,21 @@ runs: wget -q https://github.com/earthly/earthly/releases/latest/download/earthly-linux-amd64 -O /usr/local/bin/earthly chmod +x /usr/local/bin/earthly /usr/local/bin/earthly bootstrap + - name: Install CUE + uses: cue-lang/setup-cue@v1.0.0 + if: steps.cache-binary.outputs.cache-hit == false + with: + version: latest - name: Configure Earthly satellite credentials if: steps.cache-binary.outputs.cache-hit == false shell: bash run: | mkdir -p ~/.earthly - SECRET=$(forge secret get --project . global.ci.providers.earthly.satellite.credentials) + EARTHLY=$(cue export -e global.ci.providers.earthly.satellite.credentials ./blueprint.cue) + SECRET_ID=$(echo "$EARTHLY" | jq .path) + + SECRET=$(aws secretsmanager get-secret-value --secret-id "$SECRET_ID") echo "$SECRET" | jq -r .SecretString | jq -r .ca_certificate | base64 -d > ~/.earthly/ca.pem echo "$SECRET" | jq -r .SecretString | jq -r .certificate | base64 -d > ~/.earthly/cert.pem echo "$SECRET" | jq -r .SecretString | jq -r .private_key | base64 -d > ~/.earthly/key.pem From 27dc424d6f2e2ccdeb78369e65167e695ae08059 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:31:08 -0700 Subject: [PATCH 04/16] wip: fix --- actions/install-local/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index 8d3a92d3..94483802 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -33,7 +33,7 @@ runs: EARTHLY=$(cue export -e global.ci.providers.earthly.satellite.credentials ./blueprint.cue) SECRET_ID=$(echo "$EARTHLY" | jq .path) - SECRET=$(aws secretsmanager get-secret-value --secret-id "$SECRET_ID") + SECRET=$(aws secretsmanager get-secret-value --region eu-central-1 --secret-id "$SECRET_ID") echo "$SECRET" | jq -r .SecretString | jq -r .ca_certificate | base64 -d > ~/.earthly/ca.pem echo "$SECRET" | jq -r .SecretString | jq -r .certificate | base64 -d > ~/.earthly/cert.pem echo "$SECRET" | jq -r .SecretString | jq -r .private_key | base64 -d > ~/.earthly/key.pem From 0f7dfbb74db98eb7de5e624cc71a3d20a6ac8575 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:34:13 -0700 Subject: [PATCH 05/16] wip: fix --- actions/install-local/action.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index 94483802..b02614a4 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -1,5 +1,10 @@ name: Install local forge CLI description: Installs a local version of the forge CLI +inputs: + aws_region: + description: The AWS region to use when fetching secrets + required: false + default: "eu-central-1" runs: using: composite @@ -33,7 +38,7 @@ runs: EARTHLY=$(cue export -e global.ci.providers.earthly.satellite.credentials ./blueprint.cue) SECRET_ID=$(echo "$EARTHLY" | jq .path) - SECRET=$(aws secretsmanager get-secret-value --region eu-central-1 --secret-id "$SECRET_ID") + SECRET=$(aws secretsmanager get-secret-value --region "${{ inputs.aws_region }}" --secret-id "$SECRET_ID") echo "$SECRET" | jq -r .SecretString | jq -r .ca_certificate | base64 -d > ~/.earthly/ca.pem echo "$SECRET" | jq -r .SecretString | jq -r .certificate | base64 -d > ~/.earthly/cert.pem echo "$SECRET" | jq -r .SecretString | jq -r .private_key | base64 -d > ~/.earthly/key.pem From 1b0d9ceb5ff8ac6e5e243fbebd0376673ef21567 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:39:01 -0700 Subject: [PATCH 06/16] wip: configure AWS --- actions/install-local/action.yml | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index b02614a4..c500bdaf 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -1,10 +1,5 @@ name: Install local forge CLI description: Installs a local version of the forge CLI -inputs: - aws_region: - description: The AWS region to use when fetching secrets - required: false - default: "eu-central-1" runs: using: composite @@ -29,6 +24,23 @@ runs: if: steps.cache-binary.outputs.cache-hit == false with: version: latest + - name: Get AWS configuration + id: aws + if: steps.cache-binary.outputs.cache-hit == false + shell: bash + run: | + AWS=$(cue export -e global.ci.providers.aws ./blueprint.cue) + REGION=$(echo "$AWS" | jq -r .region) + ROLE=$(echo "$AWS" | jq -r .role) + + echo "region=$REGION" >> $GITHUB_OUTPUT + echo "role=$ROLE" >> $GITHUB_OUTPUT + - name: Login to AWS + uses: aws-actions/configure-aws-credentials@v4 + if: steps.cache-binary.outputs.cache-hit == false + with: + aws-region: ${{ steps.aws.outputs.region }} + role-to-assume: ${{ steps.aws.outputs.role }} - name: Configure Earthly satellite credentials if: steps.cache-binary.outputs.cache-hit == false shell: bash @@ -36,9 +48,9 @@ runs: mkdir -p ~/.earthly EARTHLY=$(cue export -e global.ci.providers.earthly.satellite.credentials ./blueprint.cue) - SECRET_ID=$(echo "$EARTHLY" | jq .path) + SECRET_ID=$(echo "$EARTHLY" | jq -r .path) - SECRET=$(aws secretsmanager get-secret-value --region "${{ inputs.aws_region }}" --secret-id "$SECRET_ID") + SECRET=$(aws secretsmanager get-secret-value --secret-id "$SECRET_ID") echo "$SECRET" | jq -r .SecretString | jq -r .ca_certificate | base64 -d > ~/.earthly/ca.pem echo "$SECRET" | jq -r .SecretString | jq -r .certificate | base64 -d > ~/.earthly/cert.pem echo "$SECRET" | jq -r .SecretString | jq -r .private_key | base64 -d > ~/.earthly/key.pem From 03fba9e586c30b978cbef02eb4e4d9c1d484c90b Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:43:35 -0700 Subject: [PATCH 07/16] wip: fix --- actions/install-local/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index c500bdaf..2d98bcff 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -45,7 +45,7 @@ runs: if: steps.cache-binary.outputs.cache-hit == false shell: bash run: | - mkdir -p ~/.earthly + mkdir -p "$HOME/.earthly" EARTHLY=$(cue export -e global.ci.providers.earthly.satellite.credentials ./blueprint.cue) SECRET_ID=$(echo "$EARTHLY" | jq -r .path) @@ -55,7 +55,7 @@ runs: echo "$SECRET" | jq -r .SecretString | jq -r .certificate | base64 -d > ~/.earthly/cert.pem echo "$SECRET" | jq -r .SecretString | jq -r .private_key | base64 -d > ~/.earthly/key.pem - cat < "~/.earthly/config.yml" + cat < "$HOME/config.yml" global: buildkit_host: $(echo "$SECRET" | jq -r .SecretString | jq -r .host) tlsca: ca.pem From ca3410cf3d1b519831063b5d98208dd8bfeaba7c Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:46:58 -0700 Subject: [PATCH 08/16] wip: fix --- actions/install-local/action.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index 2d98bcff..284f982c 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -55,7 +55,7 @@ runs: echo "$SECRET" | jq -r .SecretString | jq -r .certificate | base64 -d > ~/.earthly/cert.pem echo "$SECRET" | jq -r .SecretString | jq -r .private_key | base64 -d > ~/.earthly/key.pem - cat < "$HOME/config.yml" + cat < "$HOME/.earthly/config.yml" global: buildkit_host: $(echo "$SECRET" | jq -r .SecretString | jq -r .host) tlsca: ca.pem @@ -72,6 +72,4 @@ runs: if: steps.cache-binary.outputs.cache-hit == false shell: bash run: | - echo "::group::Forge CLI Earthly Build" earthly --artifact ./cli+build/forge /usr/local/bin/forge - echo "::endgroup::" From 43ed908f758278ceae0e0c36038fa7e6d465df33 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:49:11 -0700 Subject: [PATCH 09/16] wip: fix --- actions/install-local/action.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index 284f982c..a70ce2bc 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -62,6 +62,8 @@ runs: tlscert: cert.pem tlskey: key.pem EOF + + echo "::add-mask::$(echo "$SECRET" | jq -r .SecretString | jq -r .host)" - name: Cache binary id: cache-binary uses: actions/cache@v4 From 65fe726f0e956df8ab48f5a2155913e02828237c Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 19:57:23 -0700 Subject: [PATCH 10/16] wip: test --- .github/workflows/ci.yml | 6 +----- .github/workflows/dogfood.yml | 4 +--- cli/pkg/earthly/project_test.go | 4 ---- 3 files changed, 2 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8492ac3c..f81024bf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,10 +22,6 @@ on: required: false type: boolean default: false - secrets: - earthly_token: - description: Optional Earthly token used to login to Earthly cloud during local builds of Forge CLI - required: false env: FORGE_REGEX_CHECK: ^check(-.*)?$ @@ -69,7 +65,7 @@ jobs: with: skip_docker: 'true' skip_github: 'true' - skip_earthly: ${{ steps.local.outputs.skip }} + #skip_earthly: ${{ steps.local.outputs.skip }} - name: Discovery id: discovery uses: input-output-hk/catalyst-forge/actions/discovery@deprecate-earthly-cloud diff --git a/.github/workflows/dogfood.yml b/.github/workflows/dogfood.yml index 8971309e..b2c9900b 100644 --- a/.github/workflows/dogfood.yml +++ b/.github/workflows/dogfood.yml @@ -17,6 +17,4 @@ jobs: with: forge_version: local verbosity: debug - nightly: true - secrets: - earthly_token: ${{ secrets.EARTHLY_TOKEN }} \ No newline at end of file + nightly: true \ No newline at end of file diff --git a/cli/pkg/earthly/project_test.go b/cli/pkg/earthly/project_test.go index b508bbb4..3b71b032 100644 --- a/cli/pkg/earthly/project_test.go +++ b/cli/pkg/earthly/project_test.go @@ -33,7 +33,6 @@ func Test_generateOpts(t *testing.T) { src: ` { global: ci: { - providers: earthly: satellite: "sat" secrets: [ { name: "bar" @@ -77,9 +76,6 @@ func Test_generateOpts(t *testing.T) { assert.Contains(t, ee.earthlyArgs, "--allow-privileged") assert.Equal(t, 3, ee.opts.retries) assert.Len(t, ee.secrets, 2) - - assert.Contains(t, ee.earthlyArgs, "--sat") - assert.Contains(t, ee.earthlyArgs, "sat") }, }, { From 1d287991607e4bc0645a8eb2323f1ddab23cb7b2 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 20:04:22 -0700 Subject: [PATCH 11/16] wip: fix --- .github/workflows/ci.yml | 2 +- actions/install-local/action.yml | 12 ++++++------ actions/setup/action.yml | 17 +++++++++++------ 3 files changed, 18 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f81024bf..4c3e76bc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -65,7 +65,7 @@ jobs: with: skip_docker: 'true' skip_github: 'true' - #skip_earthly: ${{ steps.local.outputs.skip }} + skip_earthly_install: ${{ steps.local.outputs.skip }} - name: Discovery id: discovery uses: input-output-hk/catalyst-forge/actions/discovery@deprecate-earthly-cloud diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index a70ce2bc..7eec16ec 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -19,6 +19,12 @@ runs: wget -q https://github.com/earthly/earthly/releases/latest/download/earthly-linux-amd64 -O /usr/local/bin/earthly chmod +x /usr/local/bin/earthly /usr/local/bin/earthly bootstrap + - name: Cache binary + id: cache-binary + uses: actions/cache@v4 + with: + path: /usr/local/bin/forge + key: ${{ runner.os }}-${{ github.sha }} - name: Install CUE uses: cue-lang/setup-cue@v1.0.0 if: steps.cache-binary.outputs.cache-hit == false @@ -64,12 +70,6 @@ runs: EOF echo "::add-mask::$(echo "$SECRET" | jq -r .SecretString | jq -r .host)" - - name: Cache binary - id: cache-binary - uses: actions/cache@v4 - with: - path: /usr/local/bin/forge - key: ${{ runner.os }}-${{ github.sha }} - name: Build Forge CLI if: steps.cache-binary.outputs.cache-hit == false shell: bash diff --git a/actions/setup/action.yml b/actions/setup/action.yml index dc2db8a6..d254eb94 100644 --- a/actions/setup/action.yml +++ b/actions/setup/action.yml @@ -17,8 +17,12 @@ inputs: description: If true, skip authenticating to DockerHub required: false default: "false" - skip_earthly: - description: If true, skip installing Earthly and authenticating to Earthly Cloud + skip_earthly_install: + description: If true, skip installing Earthly + required: false + default: "false" + skip_earthly_satellite: + description: If true, skip adding authentication for the remote Earthly satellite required: false default: "false" skip_github: @@ -133,7 +137,7 @@ runs: # Earthly Provider - name: Get Earthly provider configuration - if: inputs.skip_earthly == 'false' + if: inputs.skip_earthly_install == 'false' && inputs.skip_earthly_satellite == 'false' id: earthly shell: bash run: | @@ -162,12 +166,12 @@ runs: - name: Cache Earthly binary id: cache-binary uses: actions/cache@v4 - if: inputs.skip_earthly == 'false' + if: inputs.skip_earthly_install == 'false' with: path: /usr/local/bin/earthly key: ${{ runner.os }}-${{ steps.earthly.outputs.version }} - name: Install Earthly - if: inputs.skip_earthly == 'false' && steps.cache-binary.outputs.cache-hit == false + if: inputs.skip_earthly_install == 'false' && steps.cache-binary.outputs.cache-hit == false shell: bash run: | if [[ "${{ steps.earthly.outputs.version }}" == "latest" ]]; then @@ -179,9 +183,10 @@ runs: chmod +x /usr/local/bin/earthly /usr/local/bin/earthly bootstrap - name: Configure Earthly satellite credentials - if: inputs.skip_earthly == 'false' && steps.earthly.outputs.sat == 'true' && steps.earthly.conclusion == 'success' + if: inputs.skip_earthly_satellite == 'false' && steps.earthly.outputs.sat == 'true' && steps.earthly.conclusion == 'success' shell: bash run: | + rm -rf "$HOME/.earthly" forge configure-satellite -vvv --ci # Timoni Provider From 7cd329e4960cd6ceea4ca777638c9f1758e5c5f4 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 20:08:47 -0700 Subject: [PATCH 12/16] wip: fix --- actions/setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/setup/action.yml b/actions/setup/action.yml index d254eb94..5686b5aa 100644 --- a/actions/setup/action.yml +++ b/actions/setup/action.yml @@ -150,7 +150,7 @@ runs: if [[ "$EARTHLY" != "null" ]]; then VERSION=$(echo "$BP" | jq -r .global.ci.providers.earthly.version) - SATELLITE_CREDS=$(echo "$BP" | jq -r .global.ci.providers.earthly.satellite.creds) + SATELLITE_CREDS=$(echo "$BP" | jq -r .global.ci.providers.earthly.satellite.credentials) if [[ "$SATELLITE_CREDS" != "null" ]]; then CONFIG_SAT="true" else From c9acd623e3136bdef45b5daf14bd2c94312bdf91 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 20:11:54 -0700 Subject: [PATCH 13/16] wip: fix --- actions/setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/setup/action.yml b/actions/setup/action.yml index 5686b5aa..5e9a280c 100644 --- a/actions/setup/action.yml +++ b/actions/setup/action.yml @@ -183,7 +183,7 @@ runs: chmod +x /usr/local/bin/earthly /usr/local/bin/earthly bootstrap - name: Configure Earthly satellite credentials - if: inputs.skip_earthly_satellite == 'false' && steps.earthly.outputs.sat == 'true' && steps.earthly.conclusion == 'success' + if: inputs.skip_earthly_satellite == 'false' && steps.earthly.conclusion == 'success' shell: bash run: | rm -rf "$HOME/.earthly" From 08bbf94f892e0c63f66c15bfd9d1164dc459b66c Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 20:23:51 -0700 Subject: [PATCH 14/16] wip: fix --- .github/workflows/ci.yml | 4 +++- .github/workflows/run.yml | 4 +++- actions/install-local/action.yml | 24 +++++++++++++++++------- 3 files changed, 23 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4c3e76bc..57149fc8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -48,6 +48,7 @@ jobs: with: version: ${{ inputs.forge_version }} - name: Install Local Forge + id: install-local uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud if: ${{ inputs.forge_version == 'local' }} - name: Check forge version @@ -65,7 +66,8 @@ jobs: with: skip_docker: 'true' skip_github: 'true' - skip_earthly_install: ${{ steps.local.outputs.skip }} + skip_earthly_install: ${{ steps.install-local.outputs.cache-hit == false }} + skip_earthly_satellite: ${{ steps.install-local.outputs.cache-hit == false }} - name: Discovery id: discovery uses: input-output-hk/catalyst-forge/actions/discovery@deprecate-earthly-cloud diff --git a/.github/workflows/run.yml b/.github/workflows/run.yml index 16c84f64..64a1e82a 100644 --- a/.github/workflows/run.yml +++ b/.github/workflows/run.yml @@ -47,6 +47,7 @@ jobs: with: version: ${{ inputs.forge_version }} - name: Install Local Forge + id: install-local uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud if: ${{ inputs.forge_version == 'local' }} with: @@ -64,7 +65,8 @@ jobs: - name: Setup CI uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud with: - skip_earthly: ${{ steps.local.outputs.skip }} + skip_earthly_install: ${{ steps.install-local.outputs.cache-hit == false }} + skip_earthly_satellite: ${{ steps.install-local.outputs.cache-hit == false }} - name: Run uses: input-output-hk/catalyst-forge/actions/run@deprecate-earthly-cloud with: diff --git a/actions/install-local/action.yml b/actions/install-local/action.yml index 7eec16ec..47c8f74b 100644 --- a/actions/install-local/action.yml +++ b/actions/install-local/action.yml @@ -4,27 +4,29 @@ description: Installs a local version of the forge CLI runs: using: composite steps: + - name: Cache binary + id: cache-binary + uses: actions/cache@v4 + with: + path: /usr/local/bin/forge + key: ${{ runner.os }}-${{ github.sha }} - shell: bash + if: steps.cache-binary.outputs.cache-hit == false run: echo "Building Forge CLI locally..." - name: Cache Earthly binary id: cache-earthly + if: steps.cache-binary.outputs.cache-hit == false uses: actions/cache@v4 with: path: /usr/local/bin/earthly key: ${{ runner.os }} - name: Install Earthly - if: steps.cache-earthly.outputs.cache-hit == false + if: steps.cache-earthly.outputs.cache-hit == false && steps.cache-binary.outputs.cache-hit == false shell: bash run: | wget -q https://github.com/earthly/earthly/releases/latest/download/earthly-linux-amd64 -O /usr/local/bin/earthly chmod +x /usr/local/bin/earthly /usr/local/bin/earthly bootstrap - - name: Cache binary - id: cache-binary - uses: actions/cache@v4 - with: - path: /usr/local/bin/forge - key: ${{ runner.os }}-${{ github.sha }} - name: Install CUE uses: cue-lang/setup-cue@v1.0.0 if: steps.cache-binary.outputs.cache-hit == false @@ -75,3 +77,11 @@ runs: shell: bash run: | earthly --artifact ./cli+build/forge /usr/local/bin/forge + - name: Set output cache-hit + shell: bash + run: echo "cache-hit=${{ steps.cache-binary.outputs.cache-hit }}" >> $GITHUB_OUTPUT + +outputs: + cache-hit: + description: "Whether the forge binary was restored from cache" + value: ${{ steps.cache-binary.outputs.cache-hit }} From 87ee8b9ced312e01c9e6cb11f285b7a23a1bb986 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 20:51:56 -0700 Subject: [PATCH 15/16] chore: adds test --- cli/pkg/earthly/satellite/satellite_test.go | 137 ++++++++++++++++++++ 1 file changed, 137 insertions(+) create mode 100644 cli/pkg/earthly/satellite/satellite_test.go diff --git a/cli/pkg/earthly/satellite/satellite_test.go b/cli/pkg/earthly/satellite/satellite_test.go new file mode 100644 index 00000000..9a0173fb --- /dev/null +++ b/cli/pkg/earthly/satellite/satellite_test.go @@ -0,0 +1,137 @@ +package satellite + +import ( + "encoding/base64" + "encoding/json" + "log/slog" + "testing" + + "github.com/input-output-hk/catalyst-forge/cli/internal/testutils" + "github.com/input-output-hk/catalyst-forge/lib/project/project" + "github.com/input-output-hk/catalyst-forge/lib/project/secrets" + smocks "github.com/input-output-hk/catalyst-forge/lib/project/secrets/mocks" + sb "github.com/input-output-hk/catalyst-forge/lib/schema/blueprint" + sc "github.com/input-output-hk/catalyst-forge/lib/schema/blueprint/common" + sg "github.com/input-output-hk/catalyst-forge/lib/schema/blueprint/global" + sp "github.com/input-output-hk/catalyst-forge/lib/schema/blueprint/global/providers" + "github.com/input-output-hk/catalyst-forge/lib/tools/fs" + "github.com/input-output-hk/catalyst-forge/lib/tools/fs/billy" + "github.com/stretchr/testify/require" +) + +func TestEarthlySatelliteConfigure(t *testing.T) { + type earthlySecret struct { + Host string `json:"host"` + Ca string `json:"ca_certificate"` + Cert string `json:"certificate"` + Key string `json:"private_key"` + } + tests := []struct { + name string + path string + secret earthlySecret + validate func(t *testing.T, fs fs.Filesystem, err error) + }{ + { + name: "success", + path: "/tmp/earthly", + secret: earthlySecret{ + Host: "tcp://localhost:1234", + Ca: "ca", + Cert: "cert", + Key: "key", + }, + validate: func(t *testing.T, fs fs.Filesystem, err error) { + require.NoError(t, err) + exists, err := fs.Exists("/tmp/earthly/config.yml") + require.NoError(t, err) + require.True(t, exists) + + content, err := fs.ReadFile("/tmp/earthly/config.yml") + require.NoError(t, err) + require.Equal(t, `global: + buildkit_host: tcp://localhost:1234 + tlsca: ca.pem + tlscert: cert.pem + tlskey: key.pem +`, string(content)) + + exists, err = fs.Exists("/tmp/earthly/ca.pem") + require.NoError(t, err) + require.True(t, exists) + + exists, err = fs.Exists("/tmp/earthly/cert.pem") + require.NoError(t, err) + require.True(t, exists) + + exists, err = fs.Exists("/tmp/earthly/key.pem") + require.NoError(t, err) + require.True(t, exists) + + ca, err := fs.ReadFile("/tmp/earthly/ca.pem") + require.NoError(t, err) + require.Equal(t, "ca", string(ca)) + + cert, err := fs.ReadFile("/tmp/earthly/cert.pem") + require.NoError(t, err) + require.Equal(t, "cert", string(cert)) + + key, err := fs.ReadFile("/tmp/earthly/key.pem") + require.NoError(t, err) + require.Equal(t, "key", string(key)) + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + fs := billy.NewInMemoryFs() + + tt.secret.Ca = base64.StdEncoding.EncodeToString([]byte(tt.secret.Ca)) + tt.secret.Cert = base64.StdEncoding.EncodeToString([]byte(tt.secret.Cert)) + tt.secret.Key = base64.StdEncoding.EncodeToString([]byte(tt.secret.Key)) + + secret, err := json.Marshal(tt.secret) + require.NoError(t, err) + + ss := &smocks.SecretProviderMock{ + GetFunc: func(path string) (string, error) { + return string(secret), nil + }, + } + store := secrets.NewSecretStore(map[secrets.Provider]func(*slog.Logger) (secrets.SecretProvider, error){ + secrets.Provider("mock"): func(logger *slog.Logger) (secrets.SecretProvider, error) { + return ss, nil + }, + }) + + sat := EarthlySatellite{ + ci: false, + fs: fs, + logger: testutils.NewNoopLogger(), + path: tt.path, + project: &project.Project{ + Blueprint: sb.Blueprint{ + Global: &sg.Global{ + Ci: &sg.CI{ + Providers: &sp.Providers{ + Earthly: &sp.Earthly{ + Satellite: &sp.EarthlySatellite{ + Credentials: &sc.Secret{ + Provider: "mock", + Path: "foo/bar", + }, + }, + }, + }, + }, + }, + }, + }, + secretStore: store, + } + + tt.validate(t, fs, sat.Configure()) + }) + } +} From bf3c0aa4f218322d6f614b5f93afbc5495e42988 Mon Sep 17 00:00:00 2001 From: Joshua Gilman Date: Mon, 21 Jul 2025 21:01:13 -0700 Subject: [PATCH 16/16] wip: cleanup --- .github/workflows/ci.yml | 24 ++++++++++++------------ .github/workflows/deploy.yml | 8 ++++---- .github/workflows/docs.yml | 8 ++++---- .github/workflows/release.yml | 8 ++++---- .github/workflows/run.yml | 8 ++++---- 5 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 57149fc8..9af8108f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,13 +43,13 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install@master if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge id: install-local - uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install-local@master if: ${{ inputs.forge_version == 'local' }} - name: Check forge version id: local @@ -62,7 +62,7 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/setup@master with: skip_docker: 'true' skip_github: 'true' @@ -70,7 +70,7 @@ jobs: skip_earthly_satellite: ${{ steps.install-local.outputs.cache-hit == false }} - name: Discovery id: discovery - uses: input-output-hk/catalyst-forge/actions/discovery@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/discovery@master with: filters: | ${{ env.FORGE_REGEX_CHECK }} @@ -82,7 +82,7 @@ jobs: ${{ env.FORGE_REGEX_PUBLISH }} ${{ env.FORGE_REGEX_NIGHTLY }} check: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master needs: [discover] if: (fromJson(needs.discover.outputs.earthfiles)['^check(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -94,7 +94,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} build: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master needs: [discover, check] if: (fromJson(needs.discover.outputs.earthfiles)['^build(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -106,7 +106,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} package: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master needs: [discover, check, build] if: (fromJson(needs.discover.outputs.earthfiles)['^package(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -118,7 +118,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} test: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master needs: [discover, check, build, package] if: (fromJson(needs.discover.outputs.earthfiles)['^test(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -130,7 +130,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} nightly: - uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/.github/workflows/run.yml@master needs: [discover, check, build, package] if: (fromJson(needs.discover.outputs.earthfiles)['^nightly(-.*)?$'] != null) && !failure() && !cancelled() && inputs.nightly == true with: @@ -142,7 +142,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} docs: - uses: input-output-hk/catalyst-forge/.github/workflows/docs.yml@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/.github/workflows/docs.yml@master needs: [discover, check, build, test] if: (fromJson(needs.discover.outputs.earthfiles)['^docs(-.*)?$'] != null) && !failure() && !cancelled() with: @@ -152,7 +152,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} release: - uses: input-output-hk/catalyst-forge/.github/workflows/release.yml@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/.github/workflows/release.yml@master needs: [discover, check, build, test] if: (fromJson(needs.discover.outputs.releases)[0] != null) && !failure() && !cancelled() with: @@ -164,7 +164,7 @@ jobs: earthly_token: ${{ secrets.earthly_token }} deploy: - uses: input-output-hk/catalyst-forge/.github/workflows/deploy.yml@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/.github/workflows/deploy.yml@master needs: [discover, check, build, test, release] if: (fromJson(needs.discover.outputs.deployments)[0] != null) && !failure() && !cancelled() with: diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index ab164135..a938df72 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -42,12 +42,12 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install@master if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge - uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install-local@master if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -62,11 +62,11 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/setup@master with: skip_earthly: ${{ steps.local.outputs.skip }} - name: Deploy - uses: input-output-hk/catalyst-forge/actions/run@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/run@master with: command: mod deploy args: ${{ matrix.deployment }} diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 06c10f30..80361cee 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -44,12 +44,12 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install@master if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge - uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install-local@master if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -64,11 +64,11 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/setup@master with: skip_earthly: ${{ steps.local.outputs.skip }} - name: Run - uses: input-output-hk/catalyst-forge/actions/run@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/run@master with: command: run args: --artifact ${{ env.OUTPUT }} ${{ matrix.earthfile }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0730e868..68f50458 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -45,12 +45,12 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install@master if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge - uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install-local@master if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -65,11 +65,11 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/setup@master with: skip_earthly: ${{ steps.local.outputs.skip }} - name: Release - uses: input-output-hk/catalyst-forge/actions/run@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/run@master with: command: release args: ${{ matrix.release.project }} ${{ matrix.release.name }} diff --git a/.github/workflows/run.yml b/.github/workflows/run.yml index 64a1e82a..1fad010a 100644 --- a/.github/workflows/run.yml +++ b/.github/workflows/run.yml @@ -42,13 +42,13 @@ jobs: steps: - uses: actions/checkout@v4 - name: Install Forge - uses: input-output-hk/catalyst-forge/actions/install@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install@master if: ${{ inputs.forge_version != 'local' }} with: version: ${{ inputs.forge_version }} - name: Install Local Forge id: install-local - uses: input-output-hk/catalyst-forge/actions/install-local@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/install-local@master if: ${{ inputs.forge_version == 'local' }} with: earthly_token: ${{ secrets.earthly_token }} @@ -63,12 +63,12 @@ jobs: echo "skip=false" >> $GITHUB_OUTPUT fi - name: Setup CI - uses: input-output-hk/catalyst-forge/actions/setup@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/setup@master with: skip_earthly_install: ${{ steps.install-local.outputs.cache-hit == false }} skip_earthly_satellite: ${{ steps.install-local.outputs.cache-hit == false }} - name: Run - uses: input-output-hk/catalyst-forge/actions/run@deprecate-earthly-cloud + uses: input-output-hk/catalyst-forge/actions/run@master with: command: run args: ${{ matrix.earthfile }}