fix(infra): wrap safe.ts fetch calls with retrySafeApi (#8156) #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Push Node Services Images to GCR | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| paths: | |
| - 'typescript/rebalancer/**' | |
| - 'typescript/warp-monitor/**' | |
| - 'typescript/ccip-server/**' | |
| - 'typescript/keyfunder/**' | |
| - 'typescript/relayer/**' | |
| - 'typescript/Dockerfile.node-service' | |
| - 'pnpm-lock.yaml' | |
| - '.github/workflows/node-services-docker.yml' | |
| - 'typescript/docker-bake.hcl' | |
| workflow_dispatch: | |
| inputs: | |
| include_arm64: | |
| description: 'Include arm64 in the build' | |
| required: false | |
| default: 'false' | |
| concurrency: | |
| group: build-push-node-services-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| check-env: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| gcloud-service-key: ${{ steps.gcloud-service-key.outputs.defined }} | |
| steps: | |
| - id: gcloud-service-key | |
| env: | |
| GCLOUD_SERVICE_KEY: ${{ secrets.GCLOUD_SERVICE_KEY }} | |
| if: "${{ env.GCLOUD_SERVICE_KEY != '' }}" | |
| run: echo "defined=true" >> $GITHUB_OUTPUT | |
| build-and-push-to-gcr: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| pull-requests: write | |
| needs: [check-env] | |
| if: needs.check-env.outputs.gcloud-service-key == 'true' | |
| steps: | |
| - name: Generate GitHub App Token | |
| id: generate-token | |
| uses: actions/create-github-app-token@v2 | |
| with: | |
| app-id: ${{ secrets.HYPER_GONK_APP_ID }} | |
| private-key: ${{ secrets.HYPER_GONK_PRIVATE_KEY }} | |
| - uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.sha }} | |
| submodules: recursive | |
| persist-credentials: false | |
| fetch-depth: 0 | |
| - name: Generate tag data | |
| id: taggen | |
| run: | | |
| set -euo pipefail | |
| TAG_SHA=$(echo '${{ github.event.pull_request.head.sha || github.sha }}' | cut -b 1-7) | |
| TAG_DATE=$(date +'%Y%m%d-%H%M%S') | |
| echo "TAG_SHA_DATE=${TAG_SHA}-${TAG_DATE}" >> $GITHUB_OUTPUT | |
| # Determine primary tag based on event type | |
| if [ "${{ github.ref_type }}" = "tag" ]; then | |
| echo "TAG=${{ github.ref_name }}" >> $GITHUB_OUTPUT | |
| elif [ "${{ github.event_name }}" = "pull_request" ]; then | |
| echo "TAG=pr-${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT | |
| else | |
| echo "TAG=${{ github.ref_name }}" >> $GITHUB_OUTPUT | |
| fi | |
| # Determine platforms | |
| if [ "${{ github.event.inputs.include_arm64 }}" == "true" ]; then | |
| echo "PLATFORMS=linux/amd64,linux/arm64" >> $GITHUB_OUTPUT | |
| else | |
| echo "PLATFORMS=linux/amd64" >> $GITHUB_OUTPUT | |
| fi | |
| # Get Foundry version | |
| FOUNDRY_VERSION=$(cat solidity/.foundryrc) | |
| echo "FOUNDRY_VERSION=$FOUNDRY_VERSION" >> $GITHUB_OUTPUT | |
| - name: Set up Depot CLI | |
| uses: depot/setup-action@v1 | |
| - name: Login to GCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: gcr.io | |
| username: _json_key | |
| password: ${{ secrets.GCLOUD_SERVICE_KEY }} | |
| - name: Build and push all images | |
| id: build | |
| uses: depot/bake-action@v1 | |
| env: | |
| TAG: ${{ steps.taggen.outputs.TAG }} | |
| TAG_SHA_DATE: ${{ steps.taggen.outputs.TAG_SHA_DATE }} | |
| PLATFORMS: ${{ steps.taggen.outputs.PLATFORMS }} | |
| FOUNDRY_VERSION: ${{ steps.taggen.outputs.FOUNDRY_VERSION }} | |
| SERVICE_VERSION: ${{ steps.taggen.outputs.TAG_SHA_DATE }} | |
| with: | |
| project: 3cpjhx94qv | |
| files: typescript/docker-bake.hcl | |
| push: true | |
| - name: Generate image tags output | |
| id: image-tags | |
| if: always() | |
| run: | | |
| TAG="${{ steps.taggen.outputs.TAG }}" | |
| TAG_SHA_DATE="${{ steps.taggen.outputs.TAG_SHA_DATE }}" | |
| REGISTRY="gcr.io/abacus-labs-dev" | |
| # Generate tags for comment action (SHA-date only) | |
| TAGS=$(cat << EOF | |
| ${REGISTRY}/hyperlane-rebalancer:${TAG_SHA_DATE} | |
| ${REGISTRY}/hyperlane-warp-monitor:${TAG_SHA_DATE} | |
| ${REGISTRY}/hyperlane-key-funder:${TAG_SHA_DATE} | |
| ${REGISTRY}/hyperlane-ts-relayer:${TAG_SHA_DATE} | |
| ${REGISTRY}/hyperlane-offchain-lookup-server:${TAG_SHA_DATE} | |
| EOF | |
| ) | |
| echo "tags<<EOF" >> $GITHUB_OUTPUT | |
| echo "$TAGS" >> $GITHUB_OUTPUT | |
| echo "EOF" >> $GITHUB_OUTPUT | |
| # Write job summary | |
| cat >> $GITHUB_STEP_SUMMARY << EOF | |
| ## ⚙️ Node Service Docker Images | |
| | Service | Tag | | |
| |---------|-----| | |
| | ♻️ rebalancer | \`${TAG_SHA_DATE}\` | | |
| | 🕵️ warp-monitor | \`${TAG_SHA_DATE}\` | | |
| | 🔑 key-funder | \`${TAG_SHA_DATE}\` | | |
| | 🚀 ts-relayer | \`${TAG_SHA_DATE}\` | | |
| | 🔍 offchain-lookup-server | \`${TAG_SHA_DATE}\` | | |
| **Full image paths:** | |
| \`\`\` | |
| ${TAGS} | |
| \`\`\` | |
| EOF | |
| - name: Comment image tags on PR | |
| if: github.event_name == 'pull_request' && always() | |
| uses: ./.github/actions/docker-image-comment | |
| with: | |
| comment_tag: typescript-docker-images | |
| image_name: Node Service Docker Images | |
| emoji: '⚙️' | |
| image_tags: ${{ steps.image-tags.outputs.tags }} | |
| pr_number: ${{ github.event.pull_request.number }} | |
| github_token: ${{ steps.generate-token.outputs.token }} | |
| job_status: ${{ job.status }} |