-
Notifications
You must be signed in to change notification settings - Fork 2.2k
153 lines (136 loc) · 5.6 KB
/
kms-connector-tests.yml
File metadata and controls
153 lines (136 loc) · 5.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
# Workflow running the tests of the KMS Connector components.
name: kms-connector-tests
on:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
permissions: {}
jobs:
# Initial job that determines which components have changed
# Used by subsequent jobs to decide whether they need to run
check-changes:
name: kms-connector-tests/check-changes
permissions:
actions: 'read' # Required to read workflow run information
contents: 'read' # Required to checkout repository code
packages: 'read' # Required to read GitHub packages/container registry
pull-requests: 'read' # Required to read pull request information
runs-on: ubuntu-latest
outputs:
# Each output indicates if files in a specific component were modified
changes-connector: ${{ steps.filter.outputs.connector }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: 'false'
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: filter
with:
# Define paths that trigger specific component workflows
# Changes to conf-trace affect multiple components
filters: |
connector:
- .github/workflows/kms-connector-tests.yml
- kms-connector/connector-db/**
- kms-connector/crates/**
- kms-connector/Cargo.*
- gateway-contracts/rust_bindings/**
- host-contracts/rust_bindings/**
start-runner:
name: kms-connector-tests/start-runner
needs: check-changes
if: ${{ needs.check-changes.outputs.changes-connector == 'true' }}
permissions:
actions: 'read' # Required to read workflow run information
contents: 'read' # Required to checkout repository code
packages: 'read' # Required to read GitHub packages/container registry
pull-requests: 'read' # Required to read pull request information
runs-on: ubuntu-latest
outputs:
label: ${{ steps.start-ec2-runner.outputs.label }}
steps:
- name: Start EC2 runner
id: start-ec2-runner
uses: zama-ai/slab-github-runner@79939325c3c429837c10d6041e4fd8589d328bac # v1.4.1
with:
mode: start
github-token: ${{ secrets.SLAB_ACTION_TOKEN }}
slab-url: ${{ secrets.SLAB_BASE_URL }}
job-secret: ${{ secrets.JOB_SECRET }}
backend: aws
profile: big-instance
test-connector:
name: kms-connector-tests/test-connector (bpr)
needs: start-runner
timeout-minutes: 50
permissions:
actions: 'read' # Required to read workflow run information
contents: 'read' # Required to checkout repository code
packages: 'read' # Required to read GitHub packages/container registry
pull-requests: 'read' # Required to read pull request information
runs-on: ${{ needs.start-runner.outputs.label }}
defaults:
run:
shell: bash
working-directory: './kms-connector'
steps:
- name: Checkout Project
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: true
token: ${{ secrets.BLOCKCHAIN_ACTIONS_TOKEN }}
persist-credentials: 'false'
- name: Setup common environment variables
run: |
echo "HOME=/home/ubuntu" >> "${GITHUB_ENV}"
echo "CARGO_NET_GIT_FETCH_WITH_CLI=true" >> "${GITHUB_ENV}"
- name: Login to GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GHCR_READ_TOKEN }}
- name: Setup Rust
uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b
with:
toolchain: stable
components: rustfmt, clippy
- name: Install Protoc
uses: arduino/setup-protoc@c65c819552d16ad3c9b72d9dfd5ba5237b9c906b # v3.0.0
with:
version: "26.x"
- name: Install Docker
uses: docker/setup-docker-action@efe9e3891a4f7307e689f2100b33a155b900a608 # v4.5.0
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@82dee4ba654bd2146511f85f0d013af94670c4de # v1.4.0
- name: Formatting
run: cargo fmt -- --check
- name: Linting
run: cargo clippy --all-targets --all-features -- -D warnings
- name: Run Tests
env:
BLOCKCHAIN_ACTIONS_TOKEN: ${{ secrets.BLOCKCHAIN_ACTIONS_TOKEN }}
run: |
RUST_BACKTRACE=full cargo test
stop-runner:
name: kms-connector-tests/stop-runner
needs:
- start-runner
- test-connector
permissions:
actions: 'read' # Required to read workflow run information
contents: 'read' # Required to checkout repository code
packages: 'read' # Required to read GitHub packages/container registry
pull-requests: 'read' # Required to read pull request information
runs-on: ubuntu-latest
if: ${{ always() && needs.start-runner.result != 'skipped' }} # required to stop the runner even if the error happened in the previous jobs, but only if start-runner was not skipped
steps:
- name: Stop EC2 runner
uses: zama-ai/slab-github-runner@79939325c3c429837c10d6041e4fd8589d328bac # v1.4.1
with:
mode: stop
github-token: ${{ secrets.SLAB_ACTION_TOKEN }}
slab-url: ${{ secrets.SLAB_BASE_URL }}
job-secret: ${{ secrets.JOB_SECRET }}
label: ${{ needs.start-runner.outputs.label }}