Skip to content

Commit

Permalink
Update CI.yaml
Browse files Browse the repository at this point in the history
  • Loading branch information
Yasser Isa authored Feb 9, 2024
1 parent aea574e commit 0c2b241
Showing 1 changed file with 26 additions and 23 deletions.
49 changes: 26 additions & 23 deletions .github/workflows/CI.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,19 +27,19 @@ jobs:
export random=$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 4; echo;)
for i in $(gcloud compute os-login ssh-keys list --format="table[no-heading](value.fingerprint)"); do
echo $i;
for i in $(gcloud compute os-login ssh-keys list --format="table[no-heading](value.fingerprint)"); do
echo $i;
gcloud compute os-login ssh-keys remove --key $i || true;
done
gcloud compute instances create test-gitian-$random --image-family=debian-11 --image-project=debian-cloud --machine-type=c2-standard-16 --project=${{ secrets.GCP_PROJECT_ID_PROD }}' --zone=us-central1-a --no-address --network=vpc-${{ secrets.GCP_PROJECT_ID_PROD }}' --subnet=us-central1-zcash --tags=zcash --service-account=vm-iap@${{ secrets.GCP_PROJECT_ID_PROD }}'.iam.gserviceaccount.com --metadata=enable-oslogin=TRUE --scopes=cloud-platform --enable-nested-virtualization --boot-disk-size=200GB
gcloud compute instances create test-gitian-$random --image-family=debian-11 --image-project=debian-cloud --machine-type=c2-standard-16 --project=ecc-infra-prod --zone=us-central1-a --no-address --network=vpc-ecc-infra-prod --subnet=us-central1-zcash --tags=zcash --service-account=vm-iap@ecc-infra-prod.iam.gserviceaccount.com --metadata=enable-oslogin=TRUE --scopes=cloud-platform --enable-nested-virtualization --boot-disk-size=200GB
export counter=1
while [[ $(gcloud compute ssh --zone "us-central1-a" "test-gitian-$random" --tunnel-through-iap --project "${{ secrets.GCP_PROJECT_ID_PROD }}'" --command="ls -la" &>/dev/null || echo "re-try") == "re-try" && counter -lt 60 ]]
while [[ $(gcloud compute ssh --zone "us-central1-a" "test-gitian-$random" --tunnel-through-iap --project "ecc-infra-prod" --command="ls -la" &>/dev/null || echo "re-try") == "re-try" && counter -lt 60 ]]
do
echo "attemp number: $counter"
export counter=$((counter+1))
if [ $counter -eq 60 ]; then gcloud compute instances delete "test-gitian-$random" --project "${{ secrets.GCP_PROJECT_ID_PROD }}'" --zone "us-central1-a" --delete-disks=all; exit 1; fi
if [ $counter -eq 60 ]; then gcloud compute instances delete "test-gitian-$random" --project "ecc-infra-prod" --zone "us-central1-a" --delete-disks=all; exit 1; fi
sleep 5
done
Expand Down Expand Up @@ -87,7 +87,7 @@ jobs:
direnv allow;
direnv exec \$(pwd) vagrant up zcash-build;
vagrant ssh zcash-build -c "gpg --quick-generate-key --batch --passphrase '' \"Harry Potter (zcash gitian) <[email protected]>\" || echo ''"
vagrant ssh zcash-build -c "./gitian-parallel-build.sh || exit 1"
vagrant ssh zcash-build -c ./gitian-parallel-build.sh || exit 1
vagrant ssh zcash-build -c "head -n 8 gitian.sigs/\$VERSION*/hpotter/*.assert" > assert.txt
tr -d \$'\r' < assert.txt > assert2.txt
for i in \$(cat assert2.txt | grep -E "zcash-*" | grep -v git: | sed 's/ //g' | sed 's/ /-->/g'); do
Expand All @@ -102,9 +102,9 @@ jobs:
done
# get keys
gsutil rm -r gs://${{ secrets.GCP_PROJECT_ID_PROD }}'-apt-packages/127.0.0.1 || echo ""
gsutil cp gs://${{ secrets.GCP_PROJECT_ID_PROD }}'-apt-packages/encrypted_gpg.kms \$HOME/encrypted_gpg.kms
gsutil cp gs://${{ secrets.GCP_PROJECT_ID_PROD }}'-apt-packages/public.asc \$HOME/public.asc
gsutil rm -r gs://ecc-infra-prod-apt-packages/127.0.0.1 || echo ""
gsutil cp gs://ecc-infra-prod-apt-packages/encrypted_gpg.kms \$HOME/encrypted_gpg.kms
gsutil cp gs://ecc-infra-prod-apt-packages/public.asc \$HOME/public.asc
current_dir=\$(pwd)
cd \$HOME
gcloud kms decrypt \
Expand Down Expand Up @@ -151,21 +151,23 @@ jobs:
cd \$current_dir
done
export final_version=\$(cat assert2.txt | awk '{print \$2}' | grep "desc.yml" | head -n 1 | sed 's/-desc.yml//g')
gsutil -m rsync -r ./debs gs://${{ secrets.GCP_PROJECT_ID_PROD }}'-apt-packages/debs
gsutil -m rsync -r ./zcash-binaries gs://${{ secrets.GCP_PROJECT_ID_PROD }}'-apt-packages/zcash-binaries
gsutil -m rsync -r ./debs gs://ecc-infra-prod-apt-packages/debs
gsutil -m rsync -r ./zcash-binaries gs://ecc-infra-prod-apt-packages/zcash-binaries
apt install aptly -y
# generate apt
mkdir aptserver
cd aptserver
gsutil -m cp -r gs://${{ secrets.GCP_PROJECT_ID_PROD }}'-apt-server/pool/main/z/zcash/ .
gsutil -m cp -r gs://ecc-infra-prod-apt-server/pool/main/z/zcash/ .
cd zcash
cp -a ../../debs/buster/zcbuild/*.deb \$final_version-amd64-buster.deb
ls \$final_version-amd64-buster.deb || exit 1
cp -a ../../debs/bullseye/zcbuild/*.deb \$final_version-amd64-bullseye.deb
ls \$final_version-amd64-bullseye.deb || exit 1
cp -a ../../debs/bookworm/zcbuild/*.deb \$final_version-amd64-bookworm.deb
ls \$final_version-amd64-buster.deb || exit 1
ls \$final_version-amd64-bullseye.deb || exit 1
ls \$final_version-amd64-bookworm.deb || exit 1
aptly repo create --distribution buster --comment "" --component main zcash_buster_amd64_repo
aptly repo create --distribution bullseye --comment "" --component main zcash_bullseye_amd64_repo
aptly repo create --distribution bookworm --comment "" --component main zcash_bookworm_amd64_repo
Expand Down Expand Up @@ -214,26 +216,26 @@ jobs:
cp \$HOME/public.asc \$HOME/mirror/127.0.0.1/zcash.asc
cd \$HOME/mirror
gsutil -m rsync -r ./127.0.0.1 gs://${{ secrets.GCP_PROJECT_ID_PROD }}'-apt-packages/127.0.0.1
gsutil -m rsync -r ./127.0.0.1 gs://ecc-infra-prod-apt-packages/127.0.0.1
cd 127.0.0.1
if ! [[ ${array[2]} == *"-rc"* ]]; then
gsutil -m rsync -r ./ gs://${{ secrets.GCP_PROJECT_ID_PROD }}'-apt-server/
gsutil -m rsync -r ./ gs://ecc-infra-prod-apt-server/
fi
EOF
export FAIL=0
chmod +x ./script.sh || echo ""
gcloud compute scp ./script.sh --zone "us-central1-a" --tunnel-through-iap --project "${{ secrets.GCP_PROJECT_ID_PROD }}'" test-gitian-$random: || export FAIL=1
gcloud compute scp --recurse $(pwd) --zone "us-central1-a" --tunnel-through-iap --project "${{ secrets.GCP_PROJECT_ID_PROD }}'" test-gitian-$random:~/source || export FAIL=1
gcloud compute scp ./script.sh --zone "us-central1-a" --tunnel-through-iap --project "ecc-infra-prod" test-gitian-$random: || export FAIL=1
gcloud compute scp --recurse $(pwd) --zone "us-central1-a" --tunnel-through-iap --project "ecc-infra-prod" test-gitian-$random:~/source || export FAIL=1
gcloud compute ssh --zone "us-central1-a" "test-gitian-$random" --tunnel-through-iap --project "${{ secrets.GCP_PROJECT_ID_PROD }}'" --command="bash -i -c 'sudo -s ./script.sh'" -- -t || export FAIL=1
gcloud compute ssh --zone "us-central1-a" "test-gitian-$random" --tunnel-through-iap --project "ecc-infra-prod" --command="bash -i -c 'sudo -s ./script.sh'" -- -t || export FAIL=1
gcloud compute instances delete "test-gitian-$random" --project "${{ secrets.GCP_PROJECT_ID_PROD }}'" --zone "us-central1-a" --delete-disks=all
gcloud compute scp --recurse --zone "us-central1-a" --tunnel-through-iap --project "ecc-infra-prod" test-gitian-$random:/home/sa_*/source/gitian.sigs .
gcloud compute instances delete "test-gitian-$random" --project "ecc-infra-prod" --zone "us-central1-a" --delete-disks=all
if [ $FAIL -eq 1 ]; then exit 1; fi
gcloud compute scp --recurse --zone "us-central1-a" --tunnel-through-iap --project "${{ secrets.GCP_PROJECT_ID_PROD }}'" test-gitian-$random:/home/sa_*/source/gitian.sigs .
if [ $FAIL -eq 1 ]; then exit 1; fi
rm -rf gitian.sigs/.git
if ! [[ ${array[2]} == *"-rc"* ]]; then
Expand All @@ -246,6 +248,7 @@ jobs:
git commit -am "$(inputs.params.LABEL_NAME)"
git push
fi
curl --request POST --url https://api.bunny.net/pullzone/1432616/purgeCache --header 'content-type: application/json' --header 'AccessKey: ${{ secrets.BUNNY_API_KEY }}'
shell: bash

0 comments on commit 0c2b241

Please sign in to comment.