Skip to content

feat: use keys on AWS's KMS to sign eth txs #227

feat: use keys on AWS's KMS to sign eth txs

feat: use keys on AWS's KMS to sign eth txs #227

Workflow file for this run

name: CI
on:
push:
branches:
- master
pull_request:
release:
types: [published]
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
DASEL_VERSION: https://github.com/TomWright/dasel/releases/download/v1.24.3/dasel_linux_amd64
RUST_VERSION: 1.79
FUEL_CORE_VERSION: 0.31.0
IMAGE_NAME: ${{ github.repository }}
jobs:
verify-rust-version:
runs-on: buildjet-4vcpu-ubuntu-2204
steps:
- uses: actions/checkout@v3
# Ensure CI is using the same minimum toolchain specified in fuels Cargo.toml
- run: |
curl -sSLf "$DASEL_VERSION" -L -o dasel && chmod +x dasel
mv ./dasel /usr/local/bin/dasel
MIN_VERSION=$(cat Cargo.toml | dasel -r toml 'workspace.package.rust-version')
RUST_VERSION="${{ env.RUST_VERSION }}"
echo "Comparing minimum supported toolchain ($MIN_VERSION) with ci toolchain (RUST_VERSION)"
test "$MIN_VERSION" == "$RUST_VERSION"
verify-helm-chart:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: alexellis/setup-arkade@v1
- uses: alexellis/arkade-get@master
with:
helm: latest
- name: Lint helm chart
run: helm lint deployment/charts
- name: Verify helm chart version matches crate
run: |
./.github/scripts/verify_chart_version.sh
cargo-verifications:
needs:
- verify-rust-version
runs-on: buildjet-4vcpu-ubuntu-2204
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Check for typos
uses: crate-ci/[email protected]
- uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUST_VERSION }}
components: clippy,rustfmt
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
- name: Run cargo check with all features
run: cargo check --all-features
- name: Run cargo fmt --check
run: cargo fmt --all --verbose -- --check
- name: Run cargo clippy
run: cargo clippy --all-targets
- name: Install Fuel Core
run: |
curl -sSLf https://github.com/FuelLabs/fuel-core/releases/download/v${{ env.FUEL_CORE_VERSION }}/fuel-core-${{ env.FUEL_CORE_VERSION }}-x86_64-unknown-linux-gnu.tar.gz -L -o fuel-core.tar.gz
tar -xvf fuel-core.tar.gz
chmod +x fuel-core-${{ env.FUEL_CORE_VERSION }}-x86_64-unknown-linux-gnu/fuel-core
mv fuel-core-${{ env.FUEL_CORE_VERSION }}-x86_64-unknown-linux-gnu/fuel-core /usr/local/bin/fuel-core
- name: Run tests
run: ./run_tests.sh
publish-crates-check:
runs-on: buildjet-4vcpu-ubuntu-2204
steps:
- name: Checkout repository
uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUST_VERSION }}
- name: Publish crate check
uses: katyo/publish-crates@v2
with:
dry-run: true
check-repo: false
ignore-unpublished-changes: true
publish-crates:
needs:
- cargo-verifications
- publish-crates-check
# Only do this job if publishing a release
if: github.event_name == 'release' && github.event.action == 'published'
runs-on: buildjet-4vcpu-ubuntu-2204
steps:
- name: Checkout repository
uses: actions/checkout@v3
- uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ env.RUST_VERSION }}
- name: Verify tag version
run: |
curl -sSLf "$DASEL_VERSION" -L -o dasel && chmod +x dasel
mv ./dasel /usr/local/bin/dasel
./.github/workflows/scripts/verify_tag.sh ${{ github.ref_name }} Cargo.toml
- name: Publish crate
uses: katyo/publish-crates@v2
with:
publish-delay: 30000
registry-token: ${{ secrets.CARGO_REGISTRY_TOKEN }}
publish-docker-image:
needs:
- cargo-verifications
runs-on: buildjet-4vcpu-ubuntu-2204
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Publish Docker image
uses: ./.github/actions/docker-publish
with:
image_name: ${{ env.IMAGE_NAME }}
docker_username: ${{ github.repository_owner }}
docker_password: ${{ secrets.GITHUB_TOKEN }}
docker_platforms: linux/amd64,linux/arm64
- uses: FuelLabs/.github/.github/actions/slack-notify-template@master
if: always() && (github.ref == 'refs/heads/master' || github.ref_type == 'tag')
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
slack_webhook: ${{ secrets.SLACK_WEBHOOK_NOTIFY_BUILD }}