forked from matter-labs/zksync
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
256 changed files
with
7,458 additions
and
4,443 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
[net] | ||
git-fetch-with-cli = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -23,3 +23,4 @@ | |
!contracts/artifacts | ||
!infrastructure/zk | ||
!sdk/zksync-rs | ||
!cargo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
name: Build and Push Data-restore docker Image | ||
on: | ||
workflow_dispatch: | ||
inputs: | ||
ref: | ||
description: 'Ref to build from' | ||
required: true | ||
default: 'dev' | ||
|
||
jobs: | ||
build-push-image: | ||
runs-on: [matterlabs-ci-runner] | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: ${{ github.event.inputs.ref }} | ||
|
||
- name: Set outputs | ||
id: vars | ||
run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT | ||
|
||
- name: setup-env | ||
run: | | ||
echo ZKSYNC_HOME=$(pwd) >> $GITHUB_ENV | ||
echo CI=1 >> $GITHUB_ENV | ||
echo $(pwd)/bin >> $GITHUB_PATH | ||
- name: start-services | ||
run: | | ||
docker-compose -f docker-compose-runner.yml down | ||
docker-compose -f docker-compose-runner.yml up -d zk postgres | ||
- name: init | ||
run: | | ||
ci_run git config --global --add url."https://${{ secrets.ZKSYNC_ADMIN_BOT_ORG_REPO_WRITE }}:[email protected]/".insteadOf https://github.com/ | ||
ci_run git config --global --add safe.directory /usr/src/zksync | ||
ci_run git config --global --add safe.directory /usr/src/zksync/sdk/binaryen | ||
ci_run zk | ||
ci_run zk run yarn | ||
ci_run zk run verify-keys unpack | ||
ci_run zk contract build | ||
ci_run zk db basic-setup | ||
- name: update-images | ||
run: | | ||
ci_run docker login -u ${{ secrets.DOCKERHUB_USER }} -p ${{ secrets.DOCKERHUB_TOKEN }} | ||
ci_run gcloud auth configure-docker us-docker.pkg.dev -q | ||
ci_run zk docker push data-restore | ||
- name: docker-down | ||
if: always() | ||
run: | | ||
docker-compose -f docker-compose-runner.yml down |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
name: Deploy from tag | ||
|
||
on: | ||
workflow_dispatch: | ||
inputs: | ||
environment: | ||
description: "Environment to deploy." | ||
required: true | ||
type: choice | ||
options: | ||
- goerli | ||
- mainnet | ||
|
||
|
||
# Disable simultaneous deployments into a single environment | ||
concurrency: | ||
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | ||
cancel-in-progress: true | ||
|
||
jobs: | ||
setup: | ||
name: Setup | ||
uses: ./.github/workflows/setup.runtime.yml | ||
with: | ||
find-latest-config: true | ||
create-deployment: true | ||
environment: ${{ inputs.environment }} | ||
secrets: | ||
github-token: ${{ secrets.ZKSYNC_ADMIN_BOT_ORG_REPO_WRITE }} | ||
|
||
update-config-validation: | ||
runs-on: [matterlabs-deployer-stage] | ||
needs: setup | ||
outputs: | ||
skip: ${{ steps.validation.outputs.skip }} | ||
steps: | ||
- name: Validation | ||
id: validation | ||
run: | | ||
if [ ${{ needs.setup.outputs.config-tag }} = "" ]; then | ||
echo "skip=true" >> $GITHUB_OUTPUT | ||
else | ||
echo "skip=false" >> $GITHUB_OUTPUT | ||
fi | ||
update: | ||
name: Update | ||
uses: ./.github/workflows/server.update-config.yml | ||
needs: [setup, update-config-validation] | ||
with: | ||
skip-update: ${{ fromJson(needs.update-config-validation.outputs.skip) }} | ||
ref: ${{ needs.setup.outputs.config-tag }} | ||
cluster: ${{ needs.setup.outputs.cluster }} | ||
environment: ${{ needs.setup.outputs.environment }} | ||
namespace: ${{ needs.setup.outputs.release-namespace }} | ||
secrets: | ||
github-token: ${{ secrets.ZKSYNC_ADMIN_BOT_ORG_REPO_WRITE }} | ||
|
||
deploy: | ||
name: Deploy | ||
uses: ./.github/workflows/deploy.yml | ||
needs: [setup, update] | ||
with: | ||
cluster: ${{ needs.setup.outputs.cluster }} | ||
environment: ${{ needs.setup.outputs.environment }} | ||
release-environment: ${{ needs.setup.outputs.release-environment }} | ||
release-namespace: ${{ needs.setup.outputs.release-namespace }} | ||
deployment-id: ${{ needs.setup.outputs.deployment-id }} | ||
image-tag: ${{ needs.setup.outputs.sha-short }} | ||
secrets: | ||
github-token: ${{ secrets.ZKSYNC_ADMIN_BOT_ORG_REPO_WRITE }} | ||
|
||
# notify: | ||
# runs-on: ubuntu-latest | ||
# needs: [deploy] | ||
# if: always() && !cancelled() | ||
# steps: | ||
# - uses: technote-space/workflow-conclusion-action@482bb0dbebad067b3b26ca4f6222c4023cf51ccf # v2 | ||
# - | ||
# name: Notify to Mattermost (on incidents) | ||
# uses: tferreira/matterfy@releases/v1 | ||
# if: ${{ env.WORKFLOW_CONCLUSION == 'failure' }} | ||
# with: | ||
# type: failure | ||
# job_name: '*Deploy to `${{ needs.setup.outputs.environment }}` failed*' | ||
# icon_emoji: octocat | ||
# channel: 'ci-notifications' | ||
# url: ${{ secrets.MATTERMOST_WEBHOOK }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
name: Leaked Secrets Scan | ||
on: [pull_request] | ||
jobs: | ||
TruffleHog: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3 | ||
with: | ||
fetch-depth: 0 | ||
- name: TruffleHog OSS | ||
uses: trufflesecurity/trufflehog@0c66d30c1f4075cee1aada2e1ab46dabb1b0071a | ||
with: | ||
path: ./ | ||
base: ${{ github.event.repository.default_branch }} | ||
head: HEAD | ||
extra_args: --debug --only-verified |
Oops, something went wrong.