From bb47f4f34bc34ec73f556b1a793b09e649f304ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michalina=20Ciencia=C5=82a?= Date: Thu, 28 Jul 2022 09:56:44 +0200 Subject: [PATCH 1/6] Add job deploying contracts from `dapp-development` branch There are situations when team developing T Token Dashboard needs to locally test some functionalities using modified contracts, for example ones with shorter authorization decrease delay. We decided to create a `dapp-development` branch in each of the upstream modules of `threshold-network/token-dashboard` CI module, which would store the code of these modified contracts. In this PR we create a `contracts-dapp-development-deployment-testnet` job which deploys the contracts, creates an NPM package (with `dappdev` suffix an `dapp-development-` tag) and publishes it to the NPM registry. At the end, the job also starts similar deployment for a downstream module. The job gets triggered only as a result of `workflow_dispath` event from a `dapp-development` branch. Currently only `goerli` environment is supported. We don't run system and unit tests for `dapp-development` branch, as the tests are not configured to work with the modified contracts. Generally, the goal of the changes is to have the full set of dapp-development-friendly contracts deployed to the NPM registry, so that the dApp developers could quickly use them by upgrading the `token-dashboard` dependencies using `yarn upgrade @dapp-development-goerli`. If the workflow gets dispatched from a different branch than `dapp-development`, the deploy will behave as it used to, publishing package with deployed unmodified contracts to the NPM registry under `` tag. --- .github/workflows/contracts.yaml | 87 ++++++++++++++++++++++++++++++-- 1 file changed, 84 insertions(+), 3 deletions(-) diff --git a/.github/workflows/contracts.yaml b/.github/workflows/contracts.yaml index 15e563f0..54936052 100644 --- a/.github/workflows/contracts.yaml +++ b/.github/workflows/contracts.yaml @@ -7,10 +7,24 @@ on: branches: - main pull_request: + # We intend to use `workflow dispatch` in two different situations/paths: + # 1. If a workflow will be manually dspatched from branch named + # `dapp-development`, workflow will deploy the contracts on the selected + # testnet and publish them to NPM registry with `dappdev` + # suffix and `dapp-development-` tag. Such packages are meant + # to be used locally by the team developing Threshold Token dApp and may + # contain contracts that have different values from the ones used on + # mainnet. + # 2. If a workflow will be manually dspatched from a branch which name is not + # `dapp-development`, the workflow will deploy the contracts on the + # selected testnet and publish them to NPM registry with `` + # suffix and tag. Such packages will be used later to deploy public + # Threshold Token dApp on a testnet, with contracts resembling those used + # on mainnet. workflow_dispatch: inputs: environment: - description: "Environment for workflow execution" + description: "Environment (network) for workflow execution, e.g. `goerli`" required: false default: "dev" upstream_builds: @@ -56,11 +70,14 @@ jobs: run: yarn build - name: Run tests + if: github.ref != 'refs/heads/dapp-development' run: yarn test contracts-system-tests: needs: contracts-detect-changes - if: needs.contracts-detect-changes.outputs.system-tests == 'true' + if: | + needs.contracts-detect-changes.outputs.system-tests == 'true' + && github.ref != 'refs/heads/dapp-development' runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 @@ -99,7 +116,10 @@ jobs: contracts-deployment-testnet: needs: [contracts-build-and-test] - if: github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'goerli' + if: | + github.event_name == 'workflow_dispatch' + && github.event.inputs.environment == 'goerli' + && github.ref != 'refs/heads/dapp-development' runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 @@ -196,6 +216,67 @@ jobs: yarn run hardhat --network ${{ github.event.inputs.environment }} \ etherscan-verify --license GPL-3.0 --force-license + # This job is responsible for publishing packages from `dapp-development` + # branch, which are slightly modified to help with the process of testing some + # features on the Threshold Token dApp. The job starts only if workflow gets + # triggered by the `workflow_dispatch` event on the branch `dapp-development`. + contracts-dapp-development-deployment-testnet: + needs: [contracts-build-and-test] + if: | + github.event_name == 'workflow_dispatch' + && github.event.inputs.environment == 'goerli' + && github.ref == 'refs/heads/dapp-development' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - uses: actions/setup-node@v2 + with: + node-version: "14.x" + cache: "yarn" + registry-url: "https://registry.npmjs.org" + + - name: Install dependencies + run: yarn install --frozen-lockfile + + - name: Resolve latest contracts + run: yarn upgrade @keep-network/keep-core@${{ github.event.inputs.environment }} + + - name: Deploy contracts + env: + CHAIN_API_URL: ${{ secrets.GOERLI_ETH_HOSTNAME_HTTP }} + CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY }} + KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }} + run: yarn deploy --network ${{ github.event.inputs.environment }} + + - name: Bump up package version + id: npm-version-bump + uses: keep-network/npm-version-bump@v2 + with: + environment: dappdev${{ github.event.inputs.environment }} + branch: ${{ github.ref }} + commit: ${{ github.sha }} + + - name: Publish to npm + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + run: | + npm publish --access=public \ + --network=${{ github.event.inputs.environment }} \ + --tag dapp-development-${{ github.event.inputs.environment }} + + - name: Notify CI about completion of the workflow + uses: keep-network/ci/actions/notify-workflow-completed@v2 + env: + GITHUB_TOKEN: ${{ secrets.CI_GITHUB_TOKEN }} + with: + module: "github.com/threshold-network/solidity-contracts" + url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} + environment: ${{ github.event.inputs.environment }} + upstream_builds: ${{ github.event.inputs.upstream_builds }} + upstream_ref: dapp-development + version: ${{ steps.npm-version-bump.outputs.version }} + contracts-slither: runs-on: ubuntu-latest if: | From 7f4745495c5b5069b16d6f903b59a5e1702f73f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michalina=20Ciencia=C5=82a?= Date: Tue, 2 Aug 2022 16:34:34 +0200 Subject: [PATCH 2/6] Remove check of `environment` in deployment job Right now we only support `goerli` network and we expect that the workflow (when triggered manually) is always dispatched with this `environment`. Previously we introduced `github.event.inputs.environment == 'goerli'` condition to not run the deploy job if workflow gets accidentally run on a different environment. But even without this condition we don't risk publishing of a package with some invalid contracts - deploy will fail either due to unsupported `environment` or due to incorrect account being used. Actually, returning error instead of cleanly exiting the workflow may be a better idea in case wrong `environment` is provided - this will alarm the scheduler that something went wrong with the deployment. --- .github/workflows/contracts.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/contracts.yaml b/.github/workflows/contracts.yaml index 54936052..25347592 100644 --- a/.github/workflows/contracts.yaml +++ b/.github/workflows/contracts.yaml @@ -118,7 +118,6 @@ jobs: needs: [contracts-build-and-test] if: | github.event_name == 'workflow_dispatch' - && github.event.inputs.environment == 'goerli' && github.ref != 'refs/heads/dapp-development' runs-on: ubuntu-latest steps: @@ -224,7 +223,6 @@ jobs: needs: [contracts-build-and-test] if: | github.event_name == 'workflow_dispatch' - && github.event.inputs.environment == 'goerli' && github.ref == 'refs/heads/dapp-development' runs-on: ubuntu-latest steps: From 44b31b70e04c48da871573bd0be6aa772c624c58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michalina=20Ciencia=C5=82a?= Date: Wed, 3 Aug 2022 17:02:55 +0200 Subject: [PATCH 3/6] Use different accounts for deploying 'normal' and 'dapp-dev' contracts The contracts deployed in the `contracts-dapp-development-deployment-testnet` job will be used by dApp developers to build their local environments and deploy dApp previews. We want more flexibility there than on the public-facing testnet dApp and we want to use different deployer accounts for those two different types of testnet dApps. --- .github/workflows/contracts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/contracts.yaml b/.github/workflows/contracts.yaml index 25347592..e578e057 100644 --- a/.github/workflows/contracts.yaml +++ b/.github/workflows/contracts.yaml @@ -243,7 +243,7 @@ jobs: - name: Deploy contracts env: CHAIN_API_URL: ${{ secrets.GOERLI_ETH_HOSTNAME_HTTP }} - CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY }} + CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.DAPP_DEV_GOERLI_ETH_CONTRACT_OWNER_PRIVATE_KEY }} KEEP_CONTRACT_OWNER_ACCOUNT_PRIVATE_KEY: ${{ secrets.GOERLI_KEEP_ETH_CONTRACT_OWNER_PRIVATE_KEY }} run: yarn deploy --network ${{ github.event.inputs.environment }} From 7ab44fac7f39e322e7b6f65349fcf8e99197f5fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michalina=20Ciencia=C5=82a?= Date: Wed, 10 Aug 2022 09:08:41 +0200 Subject: [PATCH 4/6] Bump up the actions to the latest versions There are newer versions of some actions available. --- .github/workflows/contracts.yaml | 36 ++++++++++++++++---------------- .github/workflows/format.yaml | 4 ++-- .github/workflows/npm.yml | 4 ++-- 3 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/contracts.yaml b/.github/workflows/contracts.yaml index e578e057..87035c86 100644 --- a/.github/workflows/contracts.yaml +++ b/.github/workflows/contracts.yaml @@ -41,7 +41,7 @@ jobs: outputs: system-tests: ${{ steps.filter.outputs.system-tests }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 if: github.event_name == 'pull_request' - uses: dorny/paths-filter@v2 @@ -56,9 +56,9 @@ jobs: contracts-build-and-test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "14.x" cache: "yarn" @@ -80,9 +80,9 @@ jobs: && github.ref != 'refs/heads/dapp-development' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "14.x" cache: "yarn" @@ -101,9 +101,9 @@ jobs: contracts-deployment-dry-run: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "14.x" cache: "yarn" @@ -121,9 +121,9 @@ jobs: && github.ref != 'refs/heads/dapp-development' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "14.x" cache: "yarn" @@ -173,7 +173,7 @@ jobs: version: ${{ steps.npm-version-bump.outputs.version }} - name: Upload files needed for etherscan verification - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v3 with: name: Artifacts for etherscan verifcation path: | @@ -185,14 +185,14 @@ jobs: needs: [contracts-deployment-testnet] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Download files needed for etherscan verification - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 with: name: Artifacts for etherscan verifcation - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "14.x" cache: "yarn" @@ -226,9 +226,9 @@ jobs: && github.ref == 'refs/heads/dapp-development' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "14.x" cache: "yarn" @@ -281,14 +281,14 @@ jobs: github.event_name != 'workflow_dispatch' && github.event_name != 'schedule' steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "14" cache: "yarn" - - uses: actions/setup-python@v2 + - uses: actions/setup-python@v4 with: python-version: 3.8.5 diff --git a/.github/workflows/format.yaml b/.github/workflows/format.yaml index 905aee3e..75556a58 100644 --- a/.github/workflows/format.yaml +++ b/.github/workflows/format.yaml @@ -11,9 +11,9 @@ jobs: code-lint-and-format: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "14" cache: "yarn" diff --git a/.github/workflows/npm.yml b/.github/workflows/npm.yml index d252593f..b1c52576 100644 --- a/.github/workflows/npm.yml +++ b/.github/workflows/npm.yml @@ -16,9 +16,9 @@ jobs: npm-compile-publish-contracts: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "14.x" registry-url: "https://registry.npmjs.org" From 0e4e226b3a4d24fde8149047434c272bfb31b416 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michalina=20Ciencia=C5=82a?= Date: Wed, 17 Aug 2022 15:50:57 +0200 Subject: [PATCH 5/6] Remove the default value for `environment` input We don't want to fill the default value with value that is supported, to prevent from accidental dispatches of the workflow by people who don't fully understand how the inputs should be configured. Previously we used explicitely incorrect default value, but that may be too much and may be a bit confusing. Let's leave the input without default. --- .github/workflows/contracts.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/contracts.yaml b/.github/workflows/contracts.yaml index 87035c86..f59ddf83 100644 --- a/.github/workflows/contracts.yaml +++ b/.github/workflows/contracts.yaml @@ -26,7 +26,6 @@ on: environment: description: "Environment (network) for workflow execution, e.g. `goerli`" required: false - default: "dev" upstream_builds: description: "Upstream builds" required: false From 944d392512f9b2c3c78ee3885231b41cd17686a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michalina=20Ciencia=C5=82a?= Date: Wed, 17 Aug 2022 16:25:05 +0200 Subject: [PATCH 6/6] Change value of the package name's suffix Previously `-` was not supported as a value of `environment` property in the `npm-version-bump` action. Now action supports hyphens and we can change the suffix to more readible format. --- .github/workflows/contracts.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/contracts.yaml b/.github/workflows/contracts.yaml index f59ddf83..829ede66 100644 --- a/.github/workflows/contracts.yaml +++ b/.github/workflows/contracts.yaml @@ -10,7 +10,7 @@ on: # We intend to use `workflow dispatch` in two different situations/paths: # 1. If a workflow will be manually dspatched from branch named # `dapp-development`, workflow will deploy the contracts on the selected - # testnet and publish them to NPM registry with `dappdev` + # testnet and publish them to NPM registry with `dapp-dev-` # suffix and `dapp-development-` tag. Such packages are meant # to be used locally by the team developing Threshold Token dApp and may # contain contracts that have different values from the ones used on @@ -250,7 +250,7 @@ jobs: id: npm-version-bump uses: keep-network/npm-version-bump@v2 with: - environment: dappdev${{ github.event.inputs.environment }} + environment: dapp-dev-${{ github.event.inputs.environment }} branch: ${{ github.ref }} commit: ${{ github.sha }}