CI/CD pipeline #224

Workflow file for this run

.github/workflows/ci-cd-pipeline.yml at 0fb6752

	name: CI/CD pipeline

	env:
	DOCKER_REGISTRY: nethermind.jfrog.io

	REPO_DEV: nubia-oci-local-dev
	REPO_STAGING: nubia-oci-local-staging
	REPO_PROD: nubia-oci-local-prod


	on:
	push:
	branches: [main]
	tags: ["v*"]
	workflow_dispatch:

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	permissions:
	id-token: write
	contents: write

	jobs:
	build_docker_image:
	runs-on: ubuntu-latest
	outputs:
	DOCKER_IMAGE_TAG: ${{ steps.set_tag.outputs.DOCKER_IMAGE_TAG }}

	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Login to registry
	run: \|
	docker login ${{ env.DOCKER_REGISTRY }} -u ${{ secrets.ARTIFACTORY_NUBIA_USERNAME }} -p ${{ secrets.ARTIFACTORY_NUBIA_TOKEN_DEVELOPER }}

	- name: Define image tag
	id: set_tag
	run: \|
	export DOCKER_IMAGE_TAG=$(git describe --tags)

	# This one is to be able to use the image tag in the next steps in this job
	echo "DOCKER_IMAGE_TAG=$DOCKER_IMAGE_TAG" >> $GITHUB_ENV

	# This one is to be able to use the image tag in the next jobs
	echo "DOCKER_IMAGE_TAG=$DOCKER_IMAGE_TAG" >> $GITHUB_OUTPUT

	- name: Setup Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to registry
	run: \|
	docker login ${{ env.DOCKER_REGISTRY }} -u ${{ secrets.ARTIFACTORY_NUBIA_USERNAME }} -p ${{ secrets.ARTIFACTORY_NUBIA_TOKEN_DEVELOPER }}

	- name: Build and Push
	uses: docker/build-push-action@v6
	with:
	context: .
	platforms: "linux/amd64"
	push: true
	tags: \|
	${{ env.DOCKER_REGISTRY }}/${{ env.REPO_DEV }}/juno:${{ env.DOCKER_IMAGE_TAG }}
	${{ env.DOCKER_REGISTRY }}/${{ env.REPO_DEV }}/juno:latest


	validate_dev:
	permissions:
	id-token: write
	contents: write
	needs: [build_docker_image]
	runs-on: ubuntu-latest
	environment:
	name: Development
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Verify Deployment Version (Dev)
	run: \|
	bash .github/workflow-scripts/verify_deployment.sh ${{ secrets.DEV_SEPOLIA_URL }} ${{ needs.build_docker_image.outputs.DOCKER_IMAGE_TAG }}

	# dev-starknet-rs-tests:
	# needs: [validate_dev]
	# uses: ./.github/workflows/starknet-rs-tests.yml
	# secrets:
	# STARKNET_RPC: ${{ secrets.DEV_SEPOLIA_URL }}/v0_6

	# dev-starknet-js-tests:
	# needs: [validate_dev]
	# uses: ./.github/workflows/starknet-js-tests.yml
	# secrets:
	# TEST_RPC_URL: ${{ secrets.DEV_SEPOLIA_URL }}/v0_7
	# TEST_ACCOUNT_ADDRESS: ${{ secrets.TEST_ACCOUNT_ADDRESS }}
	# TEST_ACCOUNT_PRIVATE_KEY: ${{ secrets.TEST_ACCOUNT_PRIVATE_KEY }}

	promote_to_staging:
	needs: [build_docker_image, validate_dev]
	runs-on: ubuntu-latest
	environment:
	name: Staging
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to registry
	run: \|
	docker login ${{ env.DOCKER_REGISTRY }} -u ${{ secrets.ARTIFACTORY_NUBIA_USERNAME }} -p ${{ secrets.ARTIFACTORY_NUBIA_TOKEN_DEVELOPER }}

	- name: Promote to Staging
	run: \|
	OLD_TAG=${{ env.DOCKER_REGISTRY }}/${{ env.REPO_DEV }}/juno:${{ needs.build_docker_image.outputs.DOCKER_IMAGE_TAG }}
	NEW_TAG=${{ env.DOCKER_REGISTRY }}/${{ env.REPO_STAGING }}/juno:${{ needs.build_docker_image.outputs.DOCKER_IMAGE_TAG }}
	LATEST_TAG=${{ env.DOCKER_REGISTRY }}/${{ env.REPO_STAGING }}/juno:latest

	docker buildx imagetools create -t $NEW_TAG -t $LATEST_TAG $OLD_TAG
	- name: Verify Deployment Version (Staging)
	run: \|
	bash .github/workflow-scripts/verify_deployment.sh ${{ secrets.STAGING_SEPOLIA_URL }} ${{ needs.build_docker_image.outputs.DOCKER_IMAGE_TAG }}

	# staging-starknet-rs-tests:
	# needs: [promote_to_staging]
	# uses: ./.github/workflows/starknet-rs-tests.yml
	# secrets:
	# STARKNET_RPC: ${{ secrets.STAGING_SEPOLIA_URL }}/v0_6

	# staging-starknet-js-tests:
	# needs: [promote_to_staging]
	# uses: ./.github/workflows/starknet-js-tests.yml
	# secrets:
	# TEST_RPC_URL: ${{ secrets.STAGING_SEPOLIA_URL }}/v0_7
	# TEST_ACCOUNT_ADDRESS: ${{ secrets.TEST_ACCOUNT_ADDRESS }}
	# TEST_ACCOUNT_PRIVATE_KEY: ${{ secrets.TEST_ACCOUNT_PRIVATE_KEY }}

	promote_to_production:
	needs: [build_docker_image, promote_to_staging]
	runs-on: ubuntu-latest
	environment:
	name: Production
	steps:
	- name: Setup Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to registry
	run: \|
	docker login ${{ env.DOCKER_REGISTRY }} -u ${{ secrets.ARTIFACTORY_NUBIA_USERNAME }} -p ${{ secrets.ARTIFACTORY_NUBIA_TOKEN_DEVELOPER }}

	- name: Promote to Production
	run: \|
	OLD_TAG=${{ env.DOCKER_REGISTRY }}/${{ env.REPO_STAGING }}/juno:${{ needs.build_docker_image.outputs.DOCKER_IMAGE_TAG }}
	NEW_TAG=${{ env.DOCKER_REGISTRY }}/${{ env.REPO_PROD }}/juno:${{ needs.build_docker_image.outputs.DOCKER_IMAGE_TAG }}

	docker buildx imagetools create -t $NEW_TAG -t $LATEST_TAG $OLD_TAG

	# test_in_production:
	# needs: [promote_to_production]
	# runs-on: ubuntu-latest
	# environment:
	# name: ProductionTests # Artificial gate to enforce manual approval
	# steps:
	# - name: Starting production tests
	# run: \|
	# echo "Tests in production will start shortly."

	# prod-starknet-rs-tests:
	# needs: [test_in_production]
	# uses: ./.github/workflows/starknet-rs-tests.yml
	# secrets:
	# STARKNET_RPC: ${{ secrets.PROD_SEPOLIA_URL }}/v0_6

	# prod-starknet-js-tests:
	# needs: [test_in_production]
	# uses: ./.github/workflows/starknet-js-tests.yml
	# secrets:
	# TEST_RPC_URL: ${{ secrets.PROD_SEPOLIA_URL }}/v0_7
	# TEST_ACCOUNT_ADDRESS: ${{ secrets.TEST_ACCOUNT_ADDRESS }}
	# TEST_ACCOUNT_PRIVATE_KEY: ${{ secrets.TEST_ACCOUNT_PRIVATE_KEY }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CI/CD pipeline #224

Workflow file

CI/CD pipeline #224

Jobs

Run details

Workflow file for this run