forked from aptos-labs/aptos-core
-
Notifications
You must be signed in to change notification settings - Fork 1
150 lines (129 loc) · 7.9 KB
/
sdk-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
## IMPORTANT NOTE TO EDITORS OF THIS FILE ##
## If you are trying to change how this CI works, you MUST go read the important
## note at the top of docker-build-test.yaml. In short, to test this, you must temporarily
## change docker-build-test to use the pull_request trigger instead of pull_request_target.
## Make sure to add the CICD:CICD:build-images and CICD:run-e2e-tests labels to test
## this within an in-review PR.
## If the above approach is too slow (since you have to wait for the rust images
## to build), you can cut the iteration time dramatically by adding a push trigger
## and replacing inputs.GITHUB_SHA with a specific commit from the main branch for
## which you know the rust images step has completed. So to be clear:
## - Replace ${{ inputs.GIT_SHA }} for the checkout step with ${{ github.sha }}
## - Replace all other instances of ${{ inputs.GIT_SHA }} with the said specific commit.
name: "API + TS SDK CI"
on:
# This is called from within the build-images.yaml workflow since we depend
# on the images having been built before this workflow runs.
workflow_call:
inputs:
GIT_SHA:
required: true
type: string
description: Use this to override the git SHA1, branch name (e.g. devnet) or tag to release the SDK from
jobs:
# Confirm that the generated client within the TS SDK has been re-generated
# if there are any changes that would affect it within the PR / commit. If
# everything is checked in, run tests, build the SDK, and upload it to npmjs.
test-sdk-confirm-client-generated-publish:
runs-on: high-perf-docker
permissions:
contents: read
id-token: write
env:
APTOS_NODE_URL: http://127.0.0.1:8080/v1
APTOS_FAUCET_URL: http://127.0.0.1:8081
FAUCET_AUTH_TOKEN: ${{ secrets.DEVNET_TAP_AUTH_TOKEN }}
steps:
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # pin@v3
with:
ref: ${{ inputs.GIT_SHA }}
- uses: aptos-labs/aptos-core/.github/actions/docker-setup@main
with:
GCP_WORKLOAD_IDENTITY_PROVIDER: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
GCP_SERVICE_ACCOUNT_EMAIL: ${{ secrets.GCP_SERVICE_ACCOUNT_EMAIL }}
GCP_DOCKER_ARTIFACT_REPO: ${{ secrets.GCP_DOCKER_ARTIFACT_REPO }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DOCKER_ARTIFACT_REPO: ${{ secrets.AWS_DOCKER_ARTIFACT_REPO }}
GIT_CREDENTIALS: ${{ secrets.GIT_CREDENTIALS }}
- uses: actions/setup-node@969bd2663942d722d85b6a8626225850c2f7be4b # pin@v3
with:
node-version-file: .node-version
registry-url: "https://registry.npmjs.org"
# Self hosted runners don't have pnpm preinstalled.
# https://github.com/actions/setup-node/issues/182
- uses: pnpm/action-setup@v2
with:
version: 7.14.2
# When using high-perf-docker, the CI is actually run with two containers
# in a k8s pod, one for docker commands run in the CI steps (docker), and
# one for everything else (runner). These containers share some volume
# mounts, ${{ runner.temp }} is one of them. Writing the specs here ensures
# the docker run step writes to a same place that the runner can read from.
- run: mkdir -p ${{ runner.temp }}/specs
# Build the API specs.
- uses: nick-fields/retry@7f8f3d9f0f62fe5925341be21c2e8314fd4f7c7c # pin@v2
name: generate-yaml-spec
with:
max_attempts: 3
timeout_minutes: 20
command: docker run --rm --mount=type=bind,source=${{ runner.temp }}/specs,target=/specs ${{ secrets.GCP_DOCKER_ARTIFACT_REPO }}/tools:${{ inputs.GIT_SHA }} aptos-openapi-spec-generator -f yaml -o /specs/spec.yaml
- uses: nick-fields/retry@7f8f3d9f0f62fe5925341be21c2e8314fd4f7c7c # pin@v2
name: generate-json-spec
with:
max_attempts: 3
timeout_minutes: 20
command: docker run --rm --mount=type=bind,source=${{ runner.temp }}/specs,target=/specs ${{ secrets.GCP_DOCKER_ARTIFACT_REPO }}/tools:${{ inputs.GIT_SHA }} aptos-openapi-spec-generator -f json -o /specs/spec.json
# Confirm that the specs we built here are the same as those checked in.
- run: echo "If this step fails, run the following commands locally to fix it:"
- run: echo "cargo run -p aptos-openapi-spec-generator -- -f yaml -o api/doc/spec.yaml"
- run: echo "cargo run -p aptos-openapi-spec-generator -- -f json -o api/doc/spec.json"
- run: git diff --no-index --ignore-space-at-eol --ignore-blank-lines ${{ runner.temp }}/specs/spec.yaml api/doc/spec.yaml
- run: git diff --no-index --ignore-space-at-eol --ignore-blank-lines ${{ runner.temp }}/specs/spec.json api/doc/spec.json
# Set up dotenv file for tests (jest doesn't read env vars properly).
- run: echo 'APTOS_NODE_URL="http://127.0.0.1:8080/v1"' >> ./ecosystem/typescript/sdk/.env
- run: echo 'APTOS_FAUCET_URL="http://127.0.0.1:8081"' >> ./ecosystem/typescript/sdk/.env
- run: echo "FAUCET_AUTH_TOKEN=$FAUCET_AUTH_TOKEN" >> ./ecosystem/typescript/sdk/.env
- run: cp ./ecosystem/typescript/sdk/.env ./ecosystem/typescript/sdk/examples/typescript/.env
- run: cp ./ecosystem/typescript/sdk/.env ./ecosystem/typescript/sdk/examples/javascript/.env
# Run package install. If install fails, it probably means the lockfile
# was not included in the commit.
- run: cd ./ecosystem/typescript/sdk && pnpm install --frozen-lockfile
# Ensure any changes to the generated client were checked in.
- run: cd ./ecosystem/typescript/sdk && pnpm generate-client -o /tmp/generated_client
- run: echo "If this step fails, run the following command locally to fix it:"
- run: echo "cd ecosystem/typescript/sdk && pnpm generate-client"
- run: git diff --no-index --ignore-space-at-eol --ignore-blank-lines ./ecosystem/typescript/sdk/src/generated/ /tmp/generated_client/
# Run a local testnet built from the same commit.
- run: docker run -p 8080:8080 -p 8081:8081 --name=local-testnet --detach ${{ secrets.GCP_DOCKER_ARTIFACT_REPO }}/tools:${{ inputs.GIT_SHA }} aptos node run-local-testnet --with-faucet
# Wait for the API and faucet to startup.
- run: npm install -g wait-on
- run: wait-on -t 60000 --httpTimeout 60000 http-get://127.0.0.1:8080/v1
- run: wait-on -t 60000 --httpTimeout 60000 http-get://127.0.0.1:8081/health
# Confirm the Rust API client examples pass.
- uses: aptos-labs/aptos-core/.github/actions/rust-setup@main
- run: cargo run -p aptos-rest-client --example account -- --api-url http://127.0.01:8080
# Test and build.
- uses: nick-fields/retry@7f8f3d9f0f62fe5925341be21c2e8314fd4f7c7c # pin@v2
name: sdk-pnpm-test
with:
max_attempts: 3
timeout_minutes: 15
command: cd ./ecosystem/typescript/sdk && pnpm test
- run: cd ./ecosystem/typescript/sdk && pnpm build
# Ensure the version, changelog, etc. are valid.
- run: cd ./ecosystem/typescript/sdk && ./check.sh
if: github.event_name == 'push' && github.ref_name == 'devnet'
# Finally, if this is a push and the version in package.json is different,
# publish a new version of the package to npm.js. For more details on how
# this works, see ecosystem/typescript/sdk/checked_publish.sh. The package
# we publish to npmjs is meant to work with devnet, so we only release
# from that branch. See ecosystem/typescript/sdk/README.md for more.
- run: cd ./ecosystem/typescript/sdk && pnpm checked-publish
if: github.event_name == 'push' && github.ref_name == 'devnet'
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_JS_AUTH_TOKEN }}
- name: Print docker-compose testnet logs on failure
if: ${{ failure() }}
working-directory: docker/compose/validator-testnet
run: docker logs local-testnet