diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000000..07151a4486 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,32 @@ +--- +name: Build +on: # yamllint disable-line rule:truthy + workflow_dispatch: + workflow_call: + +jobs: + go_build: + name: Polygon Edge + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Setup Go environment + uses: actions/setup-go@v3.3.0 + with: + go-version: 1.18.x + + - name: Build Polygon Edge + run: go build -ldflags="-s -w -linkmode external -extldflags "-static" -X \"github.com/0xPolygon/polygon-edge/versioning.Version=${GITHUB_REF_NAME}\" -X \"github.com/0xPolygon/polygon-edge/versioning.Commit=${GITHUB_SHA}\"" && tar -czvf polygon-edge.tar.gz polygon-edge + env: + CC: gcc + CXX: g++ + GOARC: amd64 + GOOS: linux + + - name: 'Upload Artifact' + uses: actions/upload-artifact@v3 + with: + name: polygon-edge + path: polygon-edge.tar.gz + retention-days: 3 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000000..d26aa34955 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,32 @@ +--- +name: Pull Request CI +on: # yamllint disable-line rule:truthy + workflow_dispatch: {} + pull_request: + branches: + - 'develop' + paths: + - '**.go' + +jobs: + build: + name: Build + uses: 0xpolygon/polygon-edge/.github/workflows/build.yml@develop + + test: + name: Test + uses: 0xpolygon/polygon-edge/.github/workflows/test.yml@develop + needs: build + + gosec: + name: Gosec + runs-on: ubuntu-latest + env: + GO111MODULE: on # yamllint disable-line rule:truthy + steps: + - name: Checkout Source + uses: actions/checkout@v2 + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: ./... diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 8b8f3fc953..1a3e412870 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -1,9 +1,14 @@ +--- name: "CLA Assistant" -on: +on: # yamllint disable-line rule:truthy issue_comment: - types: [created] + types: + - created pull_request_target: - types: [opened,closed,synchronize] + types: + - opened + - closed + - synchronize jobs: CLAssistant: @@ -16,7 +21,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # the below token should have repo scope and must be manually added by you in the repository's secret - PERSONAL_ACCESS_TOKEN : ${{ secrets.PERSONAL_ACCESS_TOKEN }} + PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} with: path-to-signatures: 'cla.json' path-to-document: 'https://github.com/0xPolygon/polygon-edge/blob/develop/CLA.md' diff --git a/.github/workflows/deploy.devnet.yml b/.github/workflows/deploy.devnet.yml new file mode 100644 index 0000000000..47d07434ef --- /dev/null +++ b/.github/workflows/deploy.devnet.yml @@ -0,0 +1,164 @@ +--- +name: DevNet Workflow + +on: # yamllint disable-line rule:truthy + workflow_dispatch: + push: + branches: + - develop + +permissions: + id-token: write + contents: read + security-events: write + +jobs: + gosec: + name: Gosec and Publish + uses: 0xpolygon/polygon-edge/.github/workflows/security.yml@develop + + build: + name: Build + uses: 0xpolygon/polygon-edge/.github/workflows/build.yml@develop + + test: + name: Test + uses: 0xpolygon/polygon-edge/.github/workflows/test.yml@develop + needs: build + + deploy_devnet: + name: Deploy DevNet + needs: build + concurrency: deploy_devnet + environment: + name: devnet + url: https://rpc.us-east-1.testing.psdk.io/ + runs-on: ubuntu-latest + steps: + - name: Download Polygon Edge Artifact + uses: actions/download-artifact@v3 + with: + name: polygon-edge + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: Notify Slack + uses: slackapi/slack-github-action@v1.22.0 + if: false + continue-on-error: true + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_DEPLOYMENT_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + with: + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "Devnet Deployment - Started" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Devnet Deployment Status: ${{ job.status }}\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Job Status>" + } + } + ] + } + + - name: Publish Binary package to S3 + run: | + aws s3 cp ./polygon-edge.tar.gz s3://${{ secrets.POLYGON_EDGE_ARTIFACT_BUCKET }} --metadata "{\"commit_sha\":\"${GITHUB_SHA}\"}" + + - name: Deploy DevNet + continue-on-error: true + env: + VALIDATOR_ASGS: ${{ secrets.VALIDATOR_ASGS }} + run: | + # Parallel deploy all nodes, relying on ALB Health Checks + echo "Deploying new Devnet" + echo "--------------------" + + # Should finish relatively fast. Can add a check to guard against pre-mature cycle + echo "Cleaning up the data directories and stopping Polygon-Edge Devnet service..." + aws ssm send-command --document-name polygon-edge-validators-maintenance-clean-data --targets Key=tag:aws:autoscaling:groupName,Values=$VALIDATOR_ASGS >> /dev/null + + for vasg in ${VALIDATOR_ASGS//,/ } + do + instance_id=$(aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names $vasg --query 'AutoScalingGroups[0].Instances[0].InstanceId' --output text) + echo "Draining $instance_id in $vasg" + irid=$(aws autoscaling start-instance-refresh --auto-scaling-group-name $vasg --query InstanceRefreshId --output text) + done + + echo "Waiting for instance to clear health check..." + pending=true + + until [ $pending != true ] + do + pending=false + sleep 10 + for vasg in ${VALIDATOR_ASGS//,/ } + do + refresh_status=$(aws autoscaling describe-instance-refreshes --auto-scaling-group-name $vasg --query 'InstanceRefreshes[0].Status' --output text) + echo "ASG: $vasg" + echo "Status: $refresh_status" + + if [ "$refresh_status" == "Successful" ] + then + VALIDATOR_ASGS=${VALIDATOR_ASGS//$vasg/} + instance_id=$(aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names $vasg --query 'AutoScalingGroups[0].Instances[0].InstanceId' --output text) + + echo "-------------------------------------------------" + echo "New validator: $instance_id successfully deployed" + echo "-------------------------------------------------" + fi + pending=true + done + echo "" + done + echo "Devnet Deployment Complete" + + - name: Notify Slack - Failures + uses: slackapi/slack-github-action@v1.22.0 + if: ${{ job.status != 'success' }} + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_DEPLOYMENT_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + with: + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "Devnet Deployment - Failed" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Job Status>" + } + }, + { + "type": "divider" + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Commit SHA: <${{ github.server_url }}/${{ github.repository }}/tree/${{ github.sha }}|${{ github.sha }}>\nBranch: <${{ github.server_url }}/${{ github.repository }}/tree/${{ github.ref_name }}|${{ github.ref_name}}>" + } + } + ] + } diff --git a/.github/workflows/deploy.testnet.yml b/.github/workflows/deploy.testnet.yml new file mode 100644 index 0000000000..5ac046dc76 --- /dev/null +++ b/.github/workflows/deploy.testnet.yml @@ -0,0 +1,186 @@ +--- +name: TestNet Workflow +on: # yamllint disable-line rule:truthy + workflow_dispatch: + push: + branches: + - 'release/**' + +permissions: + id-token: write + contents: read + security-events: write + +jobs: + gosec: + name: Gosec and Publish + uses: 0xpolygon/polygon-edge/.github/workflows/security.yml@develop + + build: + uses: 0xpolygon/polygon-edge/.github/workflows/build.yml@develop + name: Build + + test: + uses: 0xpolygon/polygon-edge/.github/workflows/test.yml@develop + name: Test + needs: build + + deploy_testnet: + name: Update TestNet + needs: build + concurrency: deploy_testnet + environment: + name: testnet + url: https://rpc.us-east-1.tn.testing.psdk.io/ + runs-on: ubuntu-latest + steps: + - name: Download Polygon Edge Artifact + uses: actions/download-artifact@v3 + with: + name: polygon-edge + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + aws-region: ${{ secrets.AWS_REGION }} + + - name: Notify Slack + uses: slackapi/slack-github-action@v1.22.0 + continue-on-error: true + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_DEPLOYMENT_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + with: + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "Testnet Deployment - Started" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Testnet Deployment Status: ${{ job.status }}\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Job Status>" + } + } + ] + } + + - name: Publish Binary package to S3 + run: | + aws s3 cp ./polygon-edge.tar.gz s3://${{ secrets.POLYGON_EDGE_ARTIFACT_BUCKET }} --metadata "{\"commit_sha\":\"${GITHUB_SHA}\"}" + - name: Deploy to Testnet + continue-on-error: true + env: + VALIDATOR_ASGS: ${{ secrets.VALIDATOR_ASGS }} + run: | + echo "Deploying new TestNet..." + for vasg in ${VALIDATOR_ASGS//,/ } + do + instance_id=$(aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names $vasg --query 'AutoScalingGroups[0].Instances[0].InstanceId' --output text) + + echo "Draining $instance_id in $vasg" + irid=$(aws autoscaling start-instance-refresh --auto-scaling-group-name $vasg --query InstanceRefreshId --output text) + + echo "Waiting for instance to clear health check..." + refresh_status=Pending + until [ $refresh_status != "InProgress" ] && [ $refresh_status != "Pending" ] + do + sleep 10 + refresh_status=$(aws autoscaling describe-instance-refreshes --instance-refresh-ids $irid --auto-scaling-group-name $vasg --query 'InstanceRefreshes[0].Status' --output text) + + echo "ASG: $vasg" + echo "Status: $refresh_status" + done + + if [ "$refresh_status" != "Successful" ] + then + echo "instance refresh failed." + echo "autoscaling group: $vasg" + echo "instance refresh id: $irid" + exit 1 + fi + + instance_id=$(aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names $vasg --query 'AutoScalingGroups[0].Instances[0].InstanceId' --output text) + echo "-------------------------------------------------" + echo "New validator: $instance_id successfully deployed" + echo "-------------------------------------------------" + + done + echo "Testnet Deployment Complete" + + - name: Notify Slack + uses: slackapi/slack-github-action@v1.22.0 + continue-on-error: true + if: ${{ job.status != 'success' }} + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_DEPLOYMENT_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + with: + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "Testnet Deployment - Failed" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Job Status>" + } + }, + { + "type": "divider" + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Commit SHA: <${{ github.server_url }}/${{ github.repository }}/tree/${{ github.sha }}|${{ github.sha }}>\nPre-release: <${{ github.server_url }}/${{ github.repository }}/tree/${{ github.ref_name }}|${{ github.ref_name}}>" + } + } + ] + } + + pandoras_box: + uses: 0xpolygon/polygon-edge/.github/workflows/pandoras_box.yml@develop + name: Pandora's Box + needs: deploy_testnet + secrets: + SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + PANDORAS_TARGET: ${{ secrets.PANDORAS_TARGET }} + PANDORAS_MNEMONIC: ${{ secrets.PANDORAS_MNEMONIC }} + with: + runner: testnet + environment: testnet + transaction_batch: '200' + transaction_count: '10000' + + loadbot: + uses: 0xpolygon/polygon-edge/.github/workflows/loadbot.yml@develop + name: Loadbot + needs: deploy_testnet + secrets: + SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + LOADBOT_JSONRPC_URL: ${{ secrets.LOADBOT_JSONRPC_URL }} + LOADBOT_SENDER_ADDRESS: ${{ secrets.LOADBOT_SENDER_ADDRESS }} + LOADBOT_GRPC_ADDRESS: ${{ secrets.LOADBOT_GRPC_ADDRESS }} + LOADBOT_0x1AB8C3df809b85012a009c0264eb92dB04eD6EFa: ${{ secrets.LOADBOT_0x1AB8C3df809b85012a009c0264eb92dB04eD6EFa }} + with: + runner: testnet + environment: testnet + chain_id: '750' + transaction_value: '100' + transaction_count: '10000' + transactions_per_second: '100' diff --git a/.github/workflows/deploy_edgenet.yaml b/.github/workflows/deploy_edgenet.yaml index 53d5e242c5..64df993c4e 100644 --- a/.github/workflows/deploy_edgenet.yaml +++ b/.github/workflows/deploy_edgenet.yaml @@ -1,6 +1,7 @@ -on: +--- +on: # yamllint disable-line rule:truthy release: - types: + types: - published jobs: @@ -13,7 +14,7 @@ jobs: wget https://github.com/Trapesys/aws-commander/releases/download/v0.2.0/aws-commander_0.2.0_Linux_x86_64.tar.gz tar -xf aws-commander_0.2.0_Linux_x86_64.tar.gz sudo mv aws-commander /usr/local/bin - + - name: Checkout code uses: actions/checkout@v3 @@ -22,8 +23,8 @@ jobs: AWS_ACCESS_KEY_ID: ${{ secrets.EDGENET_AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.EDGENET_AWS_SECRET_ACCESS_KEY }} run: > - /usr/local/bin/aws-commander - -instances i-039f7c0b3328a00f8,i-035b9f2d78cfb8ea9,i-00a6c7cb3a213f21f,i-03ac2f42ddcba6120 - -mode ansible - -playbook .github/workflows/ansible/update_edgenet.yaml + /usr/local/bin/aws-commander + -instances i-039f7c0b3328a00f8,i-035b9f2d78cfb8ea9,i-00a6c7cb3a213f21f,i-03ac2f42ddcba6120 + -mode ansible + -playbook .github/workflows/ansible/update_edgenet.yaml -aws-zone us-west-2 diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 3b3b459b81..c17a7eaaca 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -1,5 +1,6 @@ +--- name: E2E tests -on: +on: # yamllint disable-line rule:truthy push: branches: - main diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000000..9a1c351f25 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,28 @@ +--- +name: Lint +on: # yamllint disable-line rule:truthy + push: + branches-ignore: + - 'develop' + - 'release/**' + tags-ignore: + - 'v*' + paths: + - '**.go' + workflow_call: {} + workflow_dispatch: {} + +jobs: + golangci_lint: + runs-on: ubuntu-latest + steps: + - name: Install Go + uses: actions/setup-go@v3 + with: + go-version: 1.18.x + + - name: Checkout code + uses: actions/checkout@v3 + + - name: Lint + uses: golangci/golangci-lint-action@v3 diff --git a/.github/workflows/loadbot.yml b/.github/workflows/loadbot.yml new file mode 100644 index 0000000000..1941049c66 --- /dev/null +++ b/.github/workflows/loadbot.yml @@ -0,0 +1,155 @@ +--- + +name: Loadbot +on: # yamllint disable-line rule:truthy + workflow_dispatch: + inputs: + runner: + description: 'The runner to execute on' + default: 'ubuntu-latest' + type: choice + options: + - ubuntu-latest + - devnet + - testnet + environment: + description: 'The environment to run against' + required: false + type: environment + chain_id: + default: '750' + description: The chain ID of the network to test + type: string + transaction_count: + default: '10000' + description: The number of transactions to send + type: string + transactions_per_second: + default: '100' + description: The amount of transactions per second to send + type: string + transaction_value: + default: '100' + description: The value per transactions to send + type: string + workflow_call: + inputs: + chain_id: + description: The chain ID of the network to test + type: string + transaction_count: + description: The number of transactions to send + type: string + transactions_per_second: + description: The amount of transactions per second to send + type: string + transaction_value: + description: The value per transactions to send + type: string + runner: + required: true + type: string + description: The runner label to use + environment: + required: true + description: 'The environment to run against' + type: string + secrets: + SLACK_PERFORMANCE_WEBHOOK_URL: + required: true + LOADBOT_SENDER_ADDRESS: + required: true + LOADBOT_GRPC_ADDRESS: + required: true + LOADBOT_JSONRPC_URL: + required: true + LOADBOT_0x1AB8C3df809b85012a009c0264eb92dB04eD6EFa: + required: true +jobs: + run_loadbot: + name: Run Loadbot + concurrency: ${{ inputs.environment }}_performance + environment: ${{ inputs.environment }} + runs-on: ${{ inputs.runner }} + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Setup Go environment + uses: actions/setup-go@v3.3.0 + with: + go-version: 1.18.x + - name: Install JQ + run: | + mkdir -p $HOME/.local/bin + curl -sLo $HOME/.local/bin/jq https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64 && chmod +x $HOME/.local/bin/jq + echo "$HOME/.local/bin" >> $GITHUB_PATH + - id: loadbot + name: Run Loadbot + continue-on-error: true + run: | + go run . loadbot --jsonrpc ${{ secrets.LOADBOT_JSONRPC_URL }} --grpc-address ${{ secrets.LOADBOT_GRPC_ADDRESS }} --sender ${{ secrets.LOADBOT_SENDER_ADDRESS }} --count ${{ inputs.transaction_count}} --value ${{ inputs.transaction_value }} --tps ${{ inputs.transactions_per_second }} --chain-id ${{ inputs.chain_id }} --detailed --json > loadbotOutput.json + cat loadbotOutput.json + echo "::set-output name=tps::$(cat loadbotOutput.json | jq -r '.approx_tps')" + echo "::set-output name=totalTx::$(cat loadbotOutput.json | jq -r '.count_data.total')" + echo "::set-output name=failedTx::$(cat loadbotOutput.json | jq -r '.count_data.failed')" + env: + LOADBOT_0x1AB8C3df809b85012a009c0264eb92dB04eD6EFa: ${{ secrets.LOADBOT_0x1AB8C3df809b85012a009c0264eb92dB04eD6EFa }} + - name: Notify Slack + uses: slackapi/slack-github-action@v1.22.0 + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + with: + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "Loadbot Results" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Approximate TPS: `${{ steps.loadbot.outputs.tps }}`" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Total Transactions: `${{ steps.loadbot.outputs.totalTx }}`" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Failed Transactions: `${{ steps.loadbot.outputs.failedTx }}`" + } + }, + { + "type": "divider" + }, + { + "type": "context", + "elements": [ + { + "type": "mrkdwn", + "text": "Environment: `${{ inputs.environment }}`" + }, + { + "type": "mrkdwn", + "text": "JSON-RPC Endpoint: ${{ secrets.LOADBOT_JSONRPC_URL }}" + }, + { + "type": "mrkdwn", + "text": "Workflow: <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Results>" + } + ] + } + ] + } diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml deleted file mode 100644 index 8fdb9284c1..0000000000 --- a/.github/workflows/main.yml +++ /dev/null @@ -1,74 +0,0 @@ -on: - push: - branches: - - main - - develop - pull_request: - -jobs: - lint: - runs-on: ubuntu-latest - steps: - - name: Install Go - uses: actions/setup-go@v3 - with: - go-version: 1.18.x - - - name: Checkout code - uses: actions/checkout@v3 - - - name: Lint - uses: golangci/golangci-lint-action@v3 - - test: - runs-on: ubuntu-latest - steps: - - name: Install Go - uses: actions/setup-go@v3 - with: - go-version: 1.18.x - - - name: Checkout code - uses: actions/checkout@v3 - with: - submodules: recursive - - - name: Go test - run: go test -coverprofile coverage.out -timeout 20m `go list ./... | grep -v e2e` - - - name: Upload coverage file to Codecov - uses: codecov/codecov-action@v3 - with: - files: coverage.out - - - name: Go build without race - run: CGO_ENABLED=0 GOOS=linux go build -a -o artifacts/polygon-edge . - - - name: Extract branch name - if: github.event_name != 'pull_request' - shell: bash - run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" - id: extract_branch - - - name: Prepare artifact for Deployer - if: github.event_name != 'pull_request' - uses: actions/upload-artifact@v2 - with: - name: polygon-edge_${{ github.sha }}_${{ steps.extract_branch.outputs.branch }} - path: artifacts/ - - notify-deployer: - needs: test - runs-on: ubuntu-latest - if: github.event_name != 'pull_request' - steps: - - name: Extract branch name - shell: bash - run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" - id: extract_branch - - name: Notify Deployer - env: - ARTIFACT_NAME: polygon-edge_${{ github.sha }}_${{ steps.extract_branch.outputs.branch }} - COMMITER: ${{ github.actor }} - run: | - curl -X POST ${{ secrets.DEPLOYER_API }} -H 'Accept: application/vnd.github.everest-preview+json' -u ${{ secrets.DEPLOYER_ACCESS_TOKEN }} --data '{"event_type": "new_artefact", "client_payload": { "commiter":"'"$COMMITER"'","commit":"'"$GITHUB_SHA"'","branch":"'"$GITHUB_REF"'","repository": "'"$GITHUB_REPOSITORY"'","artefact_name":"'"$ARTIFACT_NAME"'" }}' diff --git a/.github/workflows/pandoras_box.yml b/.github/workflows/pandoras_box.yml new file mode 100644 index 0000000000..2a91497981 --- /dev/null +++ b/.github/workflows/pandoras_box.yml @@ -0,0 +1,158 @@ +--- +name: Pandora's Box +on: # yamllint disable-line rule:truthy + workflow_dispatch: + inputs: + runner: + description: 'The runner to execute on' + default: 'ubuntu-latest' + type: choice + options: + - ubuntu-latest + - devnet + - testnet + environment: + description: 'The environment to run against' + required: false + type: environment + transaction_count: + default: '10000' + description: The number of transactions to send + type: string + transaction_batch: + default: '100' + description: The transaction batch size + type: string + workflow_call: + inputs: + transaction_count: + required: true + description: The number of transactions to send + type: string + transaction_batch: + required: true + description: The transaction batch size + type: string + environment: + description: 'The environment to run against' + type: string + required: true + runner: + required: true + type: string + description: The runner label to use + secrets: + SLACK_PERFORMANCE_WEBHOOK_URL: + required: true + PANDORAS_TARGET: + required: true + PANDORAS_MNEMONIC: + required: true + +jobs: + open_pandoras_box: + name: Open Pandora's Box + concurrency: ${{ inputs.environment }}_performance + environment: ${{ inputs.environment }} + runs-on: ${{ inputs.runner }} + steps: + - name: Checkout Pandora's Box Repository + uses: actions/checkout@v3 + with: + repository: trapesys/pandoras-box + - uses: actions/setup-node@v3 + with: + node-version: 16 + cache: 'npm' + - name: Prepare Pandora's Box + run: | + npm install -g yarn + yarn install && yarn build && yarn link + echo "$HOME/.yarn/bin" >> $GITHUB_PATH + - name: Notify Slack + if: false + uses: slackapi/slack-github-action@v1.22.0 + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + with: + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "GitHub Action - Pandora's Box - Starting" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Status>" + } + } + ] + } + - name: Install JQ + run: | + mkdir -p $HOME/.local/bin + curl -sLo $HOME/.local/bin/jq https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64 && chmod +x $HOME/.local/bin/jq + echo "$HOME/.local/bin" >> $GITHUB_PATH + - id: pandora + name: Open Pandora's Box + run: | + pandoras-box -url ${{ secrets.PANDORAS_TARGET }} -m "${{ secrets.PANDORAS_MNEMONIC }}" -b ${{ inputs.transaction_batch }} -t ${{ inputs.transaction_count }} -o pandorasConsequences.json + echo "::set-output name=tps::$(cat pandorasConsequences.json | jq -r '.averageTPS')" + - name: Archive Pandora's Consequences + continue-on-error: true + uses: actions/upload-artifact@v3 + with: + name: pandoras-consequences-report + path: pandorasConsequences.json + - name: Notify Slack + uses: slackapi/slack-github-action@v1.22.0 + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + with: + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "Pandora's Box Results" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Approximate TPS: `${{ steps.pandora.outputs.tps }}`" + } + }, + { + "type": "divider" + }, + { + "type": "context", + "elements": [ + { + "type": "mrkdwn", + "text": "Environment: `${{ inputs.environment }}`" + }, + { + "type": "mrkdwn", + "text": "JSON-RPC Endpoint: ${{ secrets.PANDORAS_TARGET }}" + }, + { + "type": "mrkdwn", + "text": "Workflow: <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Results>" + } + ] + } + ] + } diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1d06663181..4dd16c9d30 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,6 +1,6 @@ +--- name: Release - -on: +on: # yamllint disable-line rule:truthy push: branches-ignore: - '**' diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000000..be9dd0fa21 --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,26 @@ +--- +name: Security Scan +on: # yamllint disable-line rule:truthy + workflow_call: {} + workflow_dispatch: {} + schedule: + - cron: '0 0 * * 0' + +jobs: + gosec: + name: Gosec and Publish + runs-on: ubuntu-latest + continue-on-error: true + env: + GO111MODULE: on # yamllint disable-line rule:truthy + steps: + - name: Checkout Source + uses: actions/checkout@v2 + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: '-no-fail -fmt sarif -out results.sarif ./...' + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: results.sarif diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000000..7f00e43063 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,28 @@ +--- +name: Test +on: # yamllint disable-line rule:truthy + workflow_dispatch: + workflow_call: + +jobs: + go_test: + name: Polygon Edge + runs-on: ubuntu-latest + steps: + - name: Setup Go + uses: actions/setup-go@v3 + with: + go-version: 1.18.x + + - name: Checkout Code + uses: actions/checkout@v3 + with: + submodules: recursive + + - name: Run Go Test + run: go test -coverprofile coverage.out -timeout 20m `go list ./... | grep -v e2e` + + - name: Upload coverage file to Codecov + uses: codecov/codecov-action@v3 + with: + files: coverage.out