Add rate limiter for RPC requests #605
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
################################################################################# | |
# Pipeline triggered on every merged pull request to: | |
# 1. Cleanup the pull request cache | |
# 2. Update the latest docker tag and the release docker tag if it is part of a release | |
# 3. Deploy the pull request in rotsee network | |
# 4. Create the github release with changelog if it is labeled with 'release'. Close the associated milestone. | |
# 5. Create the new release pull request | |
################################################################################# | |
name: Merge | |
on: | |
pull_request: | |
types: | |
- closed | |
# - synchronize | |
concurrency: | |
group: merge | |
cancel-in-progress: false | |
permissions: | |
contents: write | |
jobs: | |
cleanup-actions: | |
name: Cleanup Actions | |
runs-on: self-hosted-hoprnet-small | |
steps: | |
- name: Checkout hoprnet repository | |
uses: actions/checkout@v4 | |
- name: Cleanup | |
run: | | |
gh extension install actions/gh-actions-cache | |
REPO=${{ github.repository }} | |
BRANCH="refs/pull/${{ github.event.pull_request.number }}/merge" | |
echo "Fetching list of cache key" | |
cacheKeysForPR=$(gh actions-cache list -R $REPO -B $BRANCH | cut -f 1 ) | |
## Setting this to not fail the workflow while deleting cache keys. | |
set +e | |
echo "Deleting caches..." | |
for cacheKey in $cacheKeysForPR | |
do | |
gh actions-cache delete $cacheKey -R $REPO -B $BRANCH --confirm | |
done | |
echo "Done" | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
tag: | |
name: Tag images | |
runs-on: self-hosted-hoprnet-small | |
if: github.event.pull_request.merged == true && (github.event.pull_request.base.ref == 'master' || contains(github.event.pull_request.base.ref,'release/')) | |
steps: | |
- name: Checkout hoprnet repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up Google Cloud Credentials | |
id: auth | |
uses: google-github-actions/auth@v2 | |
with: | |
token_format: "access_token" | |
credentials_json: ${{ secrets.GOOGLE_HOPRASSOCIATION_CREDENTIALS_REGISTRY }} | |
- name: Set up Google Cloud SDK | |
uses: google-github-actions/setup-gcloud@v1 | |
with: | |
project_id: ${{ secrets.GOOGLE_HOPRASSOCIATION_PROJECT }} | |
install_components: beta | |
- name: Login Google Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: europe-west3-docker.pkg.dev | |
username: oauth2accesstoken | |
password: ${{ steps.auth.outputs.access_token }} | |
- name: Tag docker images | |
run: | | |
docker_registry="europe-west3-docker.pkg.dev/${{ secrets.GOOGLE_HOPRASSOCIATION_PROJECT }}/docker-images" | |
# Set docker PR tag | |
if ${{ contains(github.event.pull_request.labels.*.name, 'release') }}; then | |
docker_pr_tag=$(./scripts/get-current-version.sh docker) | |
else | |
docker_pr_tag=$(./scripts/get-next-version.sh Build | sed 's/+.*/-pr.'${{ github.event.pull_request.number }}'/') | |
fi | |
# Set docker release latest tag | |
declare base_branch=${{ github.event.pull_request.base.ref }} | |
if [ "${base_branch}" == "master" ]; then | |
docker_release_latest_tag=${{ vars.BRANCH_MASTER_RELEASE_NAME }}-latest | |
else | |
docker_release_latest_tag=${base_branch/release\//}-latest | |
fi | |
# Tag images | |
images=(hopli hoprd) | |
for image in ${images[@]}; do | |
echo "Tagging ${image}:${docker_release_latest_tag}" | |
gcloud artifacts docker tags add ${docker_registry}/${image}:${docker_pr_tag} ${docker_registry}/${image}:${docker_release_latest_tag} | |
if [ "${base_branch}" == "master" ]; then | |
echo "Tagging ${image}:latest" | |
gcloud artifacts docker tags add ${docker_registry}/${image}:${docker_pr_tag} ${docker_registry}/${image}:latest | |
fi | |
done | |
deploy_nodes: | |
name: Deploy nodes | |
runs-on: self-hosted-hoprnet-small | |
if: needs.tag.result == 'success' | |
needs: | |
- tag | |
steps: | |
- name: Checkout hoprnet repository | |
uses: actions/checkout@v4 | |
with: | |
repository: hoprnet/hoprnet-ci | |
- name: Set up Google Cloud Credentials | |
id: auth | |
uses: google-github-actions/auth@v1 | |
with: | |
token_format: "access_token" | |
credentials_json: ${{ secrets.GCP_SA_TERRAFORM_JSON }} | |
- name: Set up Google Cloud SDK | |
uses: google-github-actions/setup-gcloud@v1 | |
with: | |
project_id: hopr-staging | |
install_components: beta | |
- name: Get credentials | |
uses: google-github-actions/get-gke-credentials@v2 | |
with: | |
cluster_name: cluster-staging | |
location: europe-west3 | |
project_id: hopr-staging | |
- name: "Restart deployments" | |
run: | | |
base_branch="${{ github.event.pull_request.base.ref }}" | |
# Identify parameters depending on branch | |
if [[ "${base_branch}" == "master" ]]; then | |
identity_pool=hoprd-core-rotsee | |
elif [[ "${base_branch}" =~ ^"release" ]]; then | |
identity_pool=hoprd-core-dufour | |
else | |
echo "Skipping deployment" | |
exit 0 | |
fi | |
namespace=core-team | |
echo "[INFO] Restarting deployments on ${namespace} from pr-${{ github.event.pull_request.number }}" | |
# Get list of deployments to restart | |
export deployments=($(kubectl get deployments -n ${namespace} -l app.kubernetes.io/name=hoprd-operator,hoprds.hoprnet.org/identitypool=${identity_pool} -o jsonpath="{.items[*].metadata.name}")) | |
for deployment in "${deployments[@]}"; do | |
echo "[INFO] Restarting hoprd node ${namespace}/${deployments}" | |
kubectl rollout restart deployments -n ${namespace} $deployment; | |
done | |
create_release: | |
name: Create Release | |
runs-on: self-hosted-hoprnet-small | |
if: contains(github.event.pull_request.labels.*.name, 'release') | |
needs: | |
- tag | |
steps: | |
- name: Checkout hoprnet repository | |
uses: actions/checkout@v4 | |
- name: Set up Google Cloud Credentials | |
id: auth | |
uses: google-github-actions/auth@v2 | |
with: | |
credentials_json: ${{ secrets.GOOGLE_HOPRASSOCIATION_CREDENTIALS_REGISTRY }} | |
- name: Set up Google Cloud SDK | |
uses: google-github-actions/setup-gcloud@v1 | |
with: | |
project_id: ${{ secrets.GOOGLE_HOPRASSOCIATION_PROJECT }} | |
install_components: beta | |
- name: Setup variables | |
id: setup | |
run: | | |
current_version=$(./scripts/get-current-version.sh semver) | |
echo "current_version=${current_version}" >> $GITHUB_OUTPUT | |
if [[ $current_version == *"-rc."* ]]; then | |
echo "prerelease=true" >> $GITHUB_OUTPUT | |
else | |
echo "prerelease=false" >> $GITHUB_OUTPUT | |
fi | |
- name: Tag repository | |
id: tag | |
run: | | |
# Tag semver | |
git tag v${{ steps.setup.outputs.current_version }} | |
git push origin v${{ steps.setup.outputs.current_version }} | |
declare base_branch=${{ github.event.pull_request.base.ref }} | |
# Tag release name | |
if [[ "${base_branch}" == "master" ]]; then | |
release_name=${{ vars.BRANCH_MASTER_RELEASE_NAME }} | |
elif [[ "${base_branch}" =~ ^"release" ]]; then | |
release_name=${{ vars.BRANCH_RELEASE_RELEASE_NAME }} | |
fi | |
git tag --force ${release_name} | |
git push --force origin ${release_name} | |
echo "release_name=${release_name}" >> $GITHUB_OUTPUT | |
- name: Generate Changelog | |
id: changelog | |
run: | | |
milestone_number=$(gh api repos/${{ github.repository }}/milestones | jq -r --arg version "${{ steps.setup.outputs.current_version }}" ' to_entries[] | select(.value.title | test($version)).value.number') | |
./scripts/generate-changelog.sh ${milestone_number} | tee docs/changelog/changelog.md | |
echo "milestone_number=${milestone_number}" >> $GITHUB_OUTPUT | |
env: | |
GH_TOKEN: ${{ github.token }} | |
- name: Tag docker images with release name | |
run: | | |
docker_registry="europe-west3-docker.pkg.dev/${{ secrets.GOOGLE_HOPRASSOCIATION_PROJECT }}/docker-images" | |
images=(hopli hoprd) | |
for image in ${images[@]}; | |
do | |
echo "Tagging ${image}:${{ steps.tag.outputs.release_name }}" | |
gcloud artifacts docker tags add ${docker_registry}/${image}:${{ steps.setup.outputs.current_version }} ${docker_registry}/${image}:${{ steps.tag.outputs.release_name }} | |
done | |
- name: Create Release | |
uses: softprops/action-gh-release@v2 | |
with: | |
body_path: docs/changelog/changelog.md | |
prerelease: ${{ steps.setup.outputs.prerelease }} | |
name: HOPR - v${{ steps.setup.outputs.current_version }} | |
tag_name: v${{ steps.setup.outputs.current_version }} | |
- name: Close Milestone | |
run: | | |
gh api --method PATCH -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /repos/${{ github.repository }}/milestones/${{ steps.changelog.outputs.milestone_number }} -f state='closed' | |
env: | |
GH_TOKEN: ${{ secrets.GH_RUNNER_TOKEN }} | |
# - name: Notify release on Element channel | |
# run: | | |
# messageHeader="<h3>⚡ New Hoprd Release</h3><br><p>A new hoprd release has been launched. The tag <b>${{ steps.setup.outputs.current_version }}</b> is now available to be downloaded and use it</p>" | |
# messageTagNumber="<code>docker pull europe-west3-docker.pkg.dev/hoprassociation/docker-images/hoprd:${{ steps.setup.outputs.current_version }}</code>" | |
# messageTagName="<code>docker pull europe-west3-docker.pkg.dev/hoprassociation/docker-images/hoprd:${{ steps.tag.outputs.release_name }}</code>" | |
# messageChangeLog="<p>Have a look at the <a href='https://github.com/hoprnet/hoprnet/releases/tag/v${{ steps.setup.outputs.current_version }}'>Changelog</a> to see what you are missing</p>" | |
# message="${messageHeader}${messageTagNumber}<br>${messageTagName}<br><br>${messageChangeLog}<br>" | |
# ./scripts/notify-matrix.sh "${{ secrets.MATRIX_ROOM_RELEASES }}" "${message}" | |
# env: | |
# MATRIX_SERVER: ${{ secrets.MATRIX_SERVER }} | |
# MATRIX_ACCESS_TOKEN: ${{ secrets.MATRIX_ACCESS_TOKEN }} | |
new_release: | |
name: Open new release | |
if: contains(github.event.pull_request.labels.*.name, 'release') | |
needs: | |
- create_release | |
uses: ./.github/workflows/open-release.yaml | |
with: | |
release_type: ${{ vars.NEXT_RELEASE_TYPE }} | |
base_branch: ${{ github.event.pull_request.base.ref }} | |
secrets: inherit | |
build_dappnode: | |
name: Build dappNode | |
if: contains(github.event.pull_request.labels.*.name, 'release') | |
needs: | |
- create_release | |
uses: ./.github/workflows/build-dappnode.yaml | |
with: | |
base_branch: ${{ github.event.pull_request.base.ref }} | |
secrets: inherit | |
generate_sdk: | |
name: Generate SDK | |
if: contains(github.event.pull_request.labels.*.name, 'release') | |
needs: | |
- create_release | |
uses: ./.github/workflows/generate-sdk.yaml | |
with: | |
base_branch: ${{ github.event.pull_request.base.ref }} | |
secrets: inherit |