Skip to content
Docker Build Scan

Set ownership of proxy contracts on deployment #362

Sign in to view logs

Set ownership of proxy contracts on deployment

Set ownership of proxy contracts on deployment #362

Workflow file for this run

.github/workflows/docker-build-scan.yaml at dda276b
name: Docker Build Scan
on:
pull_request:
branches:
- 'master'
- 'celo*'
push:
branches:
- 'master'
- 'celo*'
workflow_dispatch:
jobs:
detect-files-changed:
runs-on: ubuntu-latest
outputs:
files-changed: ${{ steps.detect-files-changed.outputs.all_changed_files }}
steps:
- uses: actions/checkout@v4
- name: Detect files changed
id: detect-files-changed
uses: tj-actions/changed-files@v44
with:
separator: ','
build-cel2-migration-tool:
runs-on: ubuntu-latest
env:
GIT_COMMIT: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
needs: detect-files-changed
if: |
contains(needs.detect-files-changed.outputs.files-changed, 'go.sum') ||
contains(needs.detect-files-changed.outputs.files-changed, 'op-chain-ops/cmd/celo-migrate') ||
contains(needs.detect-files-changed.outputs.files-changed, 'op-chain-ops/Dockerfile') ||
contains(needs.detect-files-changed.outputs.files-changed, '.github/workflows/docker-build-scan.yaml') ||
github.event_name == 'workflow_dispatch' ||
true
permissions:
contents: read
id-token: write
security-events: write
steps:
- uses: actions/checkout@v4
- name: Login at GCP Artifact Registry
uses: celo-org/reusable-workflows/.github/actions/[email protected]
with:
workload-id-provider: 'projects/1094498259535/locations/global/workloadIdentityPools/gh-optimism/providers/github-by-repos'
service-account: '[email protected]'
docker-gcp-registries: us-west1-docker.pkg.dev
- name: Build and push container
uses: celo-org/reusable-workflows/.github/actions/[email protected]
with:
platforms: linux/amd64
registry: us-west1-docker.pkg.dev/devopsre/dev-images/cel2-migration-tool
tags: ${{ env.GIT_COMMIT }}
context: ./
dockerfile: ./op-chain-ops/Dockerfile
push: true
trivy: false
# Build op-node op-batcher op-proposer using docker-bake
build-op-stack:
runs-on: ubuntu-latest
needs: detect-files-changed
if: |
contains(needs.detect-files-changed.outputs.files-changed, 'go.sum') ||
contains(needs.detect-files-changed.outputs.files-changed, 'ops/docker') ||
contains(needs.detect-files-changed.outputs.files-changed, 'op-node/') ||
contains(needs.detect-files-changed.outputs.files-changed, 'op-batcher/') ||
contains(needs.detect-files-changed.outputs.files-changed, 'op-proposer/') ||
contains(needs.detect-files-changed.outputs.files-changed, 'op-service/') ||
contains(needs.detect-files-changed.outputs.files-changed, '.github/workflows/docker-build-scan.yaml') ||
github.event_name == 'workflow_dispatch' ||
true
permissions:
contents: read
id-token: write
security-events: write
env:
GIT_COMMIT: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
GIT_DATE: ${{ github.event.head_commit.timestamp }}
IMAGE_TAGS: ${{ (github.event_name == 'push' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/celo')) && 'latest,' || '') }}${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
REGISTRY: us-west1-docker.pkg.dev
REPOSITORY: blockchaintestsglobaltestnet/dev-images
steps:
- uses: actions/checkout@v4
- name: Login at GCP Artifact Registry
uses: celo-org/reusable-workflows/.github/actions/[email protected]
with:
workload-id-provider: 'projects/1094498259535/locations/global/workloadIdentityPools/gh-optimism/providers/github-by-repos'
service-account: '[email protected]'
docker-gcp-registries: us-west1-docker.pkg.dev
# We need a custom steps as it's using docker bake
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push
uses: docker/bake-action@v5
with:
push: true
source: .
files: docker-bake.hcl
targets: op-node,op-batcher,op-proposer