Skip to content

Make @chainlink/contracts-ccip its own NPM package #13813

Make @chainlink/contracts-ccip its own NPM package

Make @chainlink/contracts-ccip its own NPM package #13813

name: "Build and Publish GoReleaser"
on:
pull_request:
# The default types are opened, synchronize, and reopened
# See https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request
# We add a label trigger too, since when the build-publish label is added to a PR, we want to build and publish
types:
- opened
- synchronize
- reopened
- labeled
push:
branches:
- develop
workflow_dispatch:
inputs:
git_ref:
description: "The git ref to check out"
required: true
build-publish:
description: "Whether to build and publish - defaults to just build"
required: false
default: "false"
env:
# Use github.sha here otherwise a race condition exists if
# a commit is pushed to develop before merge is run.
CHECKOUT_REF: ${{ github.event.inputs.git_ref || github.sha }}
jobs:
image-tag:
runs-on: ubuntu-latest
outputs:
image-tag: ${{ steps.get-image-tag.outputs.image-tag }}
release-type: ${{ steps.get-image-tag.outputs.release-type }}
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ env.CHECKOUT_REF }}
- name: Get image tag
id: get-image-tag
env:
GH_EVENT_NAME: ${{ github.event_name }}
GH_EVENT_NUMBER: ${{ github.event.number }}
GH_INPUTS_BUILD_PUBLISH: ${{ inputs.build-publish }}
LABEL_HAS_BUILD_PUBLISH: ${{ contains(github.event.pull_request.labels.*.name, 'build-publish') }}
run: |
short_sha=$(git rev-parse --short HEAD)
echo "release-type=snapshot" | tee -a $GITHUB_OUTPUT
if [[ $GH_EVENT_NAME == 'push' ]]; then
echo "image-tag=develop" | tee -a $GITHUB_OUTPUT
echo "release-type=nightly" | tee -a $GITHUB_OUTPUT
elif [[ $GH_EVENT_NAME == 'workflow_dispatch' ]]; then
echo "image-tag=${short_sha}" | tee -a $GITHUB_OUTPUT
if [[ "$GH_INPUTS_BUILD_PUBLISH" == 'false' ]]; then
echo "release-type=snapshot" | tee -a $GITHUB_OUTPUT
else
echo "release-type=nightly" | tee -a $GITHUB_OUTPUT
fi
else
if [[ $GH_EVENT_NAME == "pull_request" ]]; then
echo "image-tag=pr-${GH_EVENT_NUMBER}-${short_sha}" | tee -a $GITHUB_OUTPUT
if [[ $LABEL_HAS_BUILD_PUBLISH == "true" ]]; then
echo "release-type=nightly" | tee -a $GITHUB_OUTPUT
fi
fi
fi
split:
name: "split-${{ matrix.goarch }}"
needs: image-tag
runs-on: ${{ matrix.runner }}
permissions:
id-token: write
contents: read
strategy:
fail-fast: false
matrix:
include:
- runner: ubuntu-latest
goarch: amd64
dist_name: linux_amd64
- runner: ubuntu-24.04-4cores-16GB-ARM
goarch: arm64
dist_name: linux_arm64
steps:
- name: Checkout chainlink repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ env.CHECKOUT_REF }}
fetch-depth: 0
- name: Setup Github Token
id: token
uses: smartcontractkit/.github/actions/setup-github-token@ef78fa97bf3c77de6563db1175422703e9e6674f # [email protected]
with:
aws-role-arn: ${{ secrets.AWS_OIDC_GLOBAL_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }}
aws-lambda-url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Checkout capabilities repository
uses: actions/[email protected]
with:
repository: smartcontractkit/capabilities
token: ${{ steps.token.outputs.access-token }}
path: capabilities
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }}
aws-region: ${{ secrets.AWS_REGION }}
mask-aws-account-id: true
role-session-name: "split-${{ matrix.goarch }}"
- id: cache
uses: actions/cache@v4
with:
path: ./dist/${{ matrix.dist_name }}
key: chainlink-${{ matrix.goarch }}-${{ github.sha }}
- name: Build images for ${{ matrix.goarch }}
uses: ./.github/actions/goreleaser-build-sign-publish
if: github.event_name == 'workflow_dispatch' || steps.cache.outputs.cache-hit != 'true'
with:
docker-registry: ${{ secrets.AWS_SDLC_ECR_HOSTNAME }}
docker-image-tag: ${{ needs.image-tag.outputs.image-tag }}
goreleaser-release-type: ${{ needs.image-tag.outputs.release-type }}
goreleaser-config: .goreleaser.develop.yaml
goreleaser-key: ${{ secrets.GORELEASER_KEY }}
merge:
runs-on: ubuntu-latest
needs: [split, image-tag]
if: ${{ needs.image-tag.outputs.release-type == 'nightly' }}
permissions:
id-token: write
contents: read
steps:
- name: Checkout repository
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ env.CHECKOUT_REF }}
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ secrets.AWS_OIDC_IAM_ROLE_BUILD_PUBLISH_DEVELOP_PR }}
aws-region: ${{ secrets.AWS_REGION }}
mask-aws-account-id: true
role-session-name: "merge"
- uses: actions/cache/restore@v4
with:
path: ./dist/linux_amd64
key: chainlink-amd64-${{ github.sha }}
fail-on-cache-miss: true
- uses: actions/cache/restore@v4
with:
path: ./dist/linux_arm64
key: chainlink-arm64-${{ github.sha }}
fail-on-cache-miss: true
- name: Merge images for both architectures
uses: ./.github/actions/goreleaser-build-sign-publish
with:
docker-registry: ${{ secrets.AWS_SDLC_ECR_HOSTNAME }}
docker-image-tag: ${{ needs.image-tag.outputs.image-tag }}
goreleaser-release-type: "merge"
goreleaser-config: .goreleaser.develop.yaml
goreleaser-key: ${{ secrets.GORELEASER_KEY }}