feat: use keys on AWS's KMS to sign eth txs #232
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
release: | |
types: [published] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
env: | |
DASEL_VERSION: https://github.com/TomWright/dasel/releases/download/v1.24.3/dasel_linux_amd64 | |
RUST_VERSION: 1.79 | |
FUEL_CORE_VERSION: 0.31.0 | |
IMAGE_NAME: ${{ github.repository }} | |
jobs: | |
verify-rust-version: | |
runs-on: buildjet-4vcpu-ubuntu-2204 | |
steps: | |
- uses: actions/checkout@v3 | |
# Ensure CI is using the same minimum toolchain specified in fuels Cargo.toml | |
- run: | | |
curl -sSLf "$DASEL_VERSION" -L -o dasel && chmod +x dasel | |
mv ./dasel /usr/local/bin/dasel | |
MIN_VERSION=$(cat Cargo.toml | dasel -r toml 'workspace.package.rust-version') | |
RUST_VERSION="${{ env.RUST_VERSION }}" | |
echo "Comparing minimum supported toolchain ($MIN_VERSION) with ci toolchain (RUST_VERSION)" | |
test "$MIN_VERSION" == "$RUST_VERSION" | |
verify-helm-chart: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: alexellis/setup-arkade@v1 | |
- uses: alexellis/arkade-get@master | |
with: | |
helm: latest | |
- name: Lint helm chart | |
run: helm lint deployment/charts | |
- name: Verify helm chart version matches crate | |
run: | | |
./.github/scripts/verify_chart_version.sh | |
cargo-verifications: | |
needs: | |
- verify-rust-version | |
runs-on: buildjet-4vcpu-ubuntu-2204 | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Check for typos | |
uses: crate-ci/[email protected] | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ env.RUST_VERSION }} | |
components: clippy,rustfmt | |
- name: Install Foundry | |
uses: foundry-rs/foundry-toolchain@v1 | |
- name: Run cargo check with all features | |
run: cargo check --all-features | |
- name: Run cargo fmt --check | |
run: cargo fmt --all --verbose -- --check | |
- name: Run cargo clippy | |
run: cargo clippy --all-targets | |
- name: Install Fuel Core | |
run: | | |
curl -sSLf https://github.com/FuelLabs/fuel-core/releases/download/v${{ env.FUEL_CORE_VERSION }}/fuel-core-${{ env.FUEL_CORE_VERSION }}-x86_64-unknown-linux-gnu.tar.gz -L -o fuel-core.tar.gz | |
tar -xvf fuel-core.tar.gz | |
chmod +x fuel-core-${{ env.FUEL_CORE_VERSION }}-x86_64-unknown-linux-gnu/fuel-core | |
mv fuel-core-${{ env.FUEL_CORE_VERSION }}-x86_64-unknown-linux-gnu/fuel-core /usr/local/bin/fuel-core | |
- name: Run tests | |
run: ./run_tests.sh | |
publish-crates-check: | |
runs-on: buildjet-4vcpu-ubuntu-2204 | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ env.RUST_VERSION }} | |
- name: Publish crate check | |
uses: katyo/publish-crates@v2 | |
with: | |
dry-run: true | |
check-repo: false | |
ignore-unpublished-changes: true | |
publish-crates: | |
needs: | |
- cargo-verifications | |
- publish-crates-check | |
# Only do this job if publishing a release | |
if: github.event_name == 'release' && github.event.action == 'published' | |
runs-on: buildjet-4vcpu-ubuntu-2204 | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ env.RUST_VERSION }} | |
- name: Verify tag version | |
run: | | |
curl -sSLf "$DASEL_VERSION" -L -o dasel && chmod +x dasel | |
mv ./dasel /usr/local/bin/dasel | |
./.github/workflows/scripts/verify_tag.sh ${{ github.ref_name }} Cargo.toml | |
- name: Publish crate | |
uses: katyo/publish-crates@v2 | |
with: | |
publish-delay: 30000 | |
registry-token: ${{ secrets.CARGO_REGISTRY_TOKEN }} | |
publish-docker-image: | |
needs: | |
- cargo-verifications | |
runs-on: buildjet-4vcpu-ubuntu-2204 | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Publish Docker image | |
uses: ./.github/actions/docker-publish | |
with: | |
image_name: ${{ env.IMAGE_NAME }} | |
docker_username: ${{ github.repository_owner }} | |
docker_password: ${{ secrets.GITHUB_TOKEN }} | |
docker_platforms: linux/amd64,linux/arm64 | |
- uses: FuelLabs/.github/.github/actions/slack-notify-template@master | |
if: always() && (github.ref == 'refs/heads/master' || github.ref_type == 'tag') | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
slack_webhook: ${{ secrets.SLACK_WEBHOOK_NOTIFY_BUILD }} |