fix/ci cd (#1197)

* chore: remove deprecated label-pr workflow * chore: reduce Dependabot update frequency to monthly * ci: adjust CI to account for removed db reset * refactor: improve CI/CD workflows for release and checks
2025-03-10 13:07:09 +00:00 · 2024-12-19 06:49:21 -05:00 · 2024-12-19 06:49:21 -05:00 · 77298c79af
commit 77298c79af
parent 9d86dad38d
9 changed files with 107 additions and 226 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -8,4 +8,4 @@ updates:
  - package-ecosystem: "gomod" # See documentation for possible values
    directory: "/" # Location of package manifests
    schedule:
-      interval: "weekly"
+      interval: "monthly"
--- a/.github/workflows/checks.yml
+++ b/.github/workflows/checks.yml
@ -2,9 +2,23 @@ name: Run All Checks

 on:
  pull_request:
+     types: [opened, edited, closed]
  merge_group:

 jobs:
+  tidy-pr:
+    name: Tidy PR
+    if: github.event_name == 'pull_request'
+    permissions:
+      contents: read # for TimonVS/pr-labeler-action to read config file
+      pull-requests: write # for TimonVS/pr-labeler-action to add labels in PR
+    runs-on: ubuntu-latest
+    steps:
+      - uses: TimonVS/pr-labeler-action@v5
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          configuration-path: .github/pr-labeler.yml # optional, .github/pr-labeler.yml is the default value
+
  test-builds:
    if: github.event_name == 'pull_request'
    runs-on: ubuntu-latest
@ -83,10 +97,10 @@ jobs:
          check-latest: true
      - run: make test-cover

-  goreleaser-check:
+  validate-release:
    if: github.event_name == 'merge_group'
    runs-on: ubuntu-latest
-    name: Check GoReleaser Config
+    name: Verify Release Config
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
@ -103,19 +117,36 @@ jobs:
      - name: Check GoReleaser Config
        uses: goreleaser/goreleaser-action@v6
        with:
-          distribution: goreleaser-pro
+          distribution: goreleaser
          version: latest
          args: check
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}

      - name: GoReleaser Dry Run
        uses: goreleaser/goreleaser-action@v6
        with:
-          distribution: goreleaser-pro
+          distribution: goreleaser
          version: latest
          args: release --snapshot --clean --skip=publish
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
+
+  bump-version:
+    if: github.event_name == 'merge_group'
+    runs-on: ubuntu-latest
+    name: Bump Current Version
+    needs: [validate-release, test-cover, test-race]
+    outputs:
+      new_tag: ${{ steps.bump.outputs.new_tag }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          fetch-depth: 0
+      - name: Create bump and changelog
+        id: bump
+        uses: commitizen-tools/commitizen-action@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          increment: "PATCH"
--- a/.github/workflows/deploy-net.yml
+++ b/.github/workflows/deploy-net.yml
@ -1,34 +0,0 @@
-name: Deploy Networks
-on:
-  workflow_dispatch:
-  push:
-    tags:
-      - "v*"
-    branches:
-      - develop
-
-permissions:
-  contents: write
-  issues: write
-
-jobs:
-  reboot-devnet:
-    name: Devnet Deploy
-    runs-on: goliath
-    environment: "Devnet"
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          branch: develop
-
-      - name: Stop Existing Network
-        continue-on-error: true
-        run: |
-          make stop-uds
-          make clean
-
-      - name: Start Updated Network
-        run: |
-          make start-uds
--- a/.github/workflows/label-pr.yml
+++ b/.github/workflows/label-pr.yml
@ -1,19 +0,0 @@
-name: PR Labeler
-on:
-  pull_request:
-    types: [opened, edited]
-
-permissions:
-  contents: read
-
-jobs:
-  pr-labeler:
-    permissions:
-      contents: read # for TimonVS/pr-labeler-action to read config file
-      pull-requests: write # for TimonVS/pr-labeler-action to add labels in PR
-    runs-on: ubuntu-latest
-    steps:
-      - uses: TimonVS/pr-labeler-action@v5
-        with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          configuration-path: .github/pr-labeler.yml # optional, .github/pr-labeler.yml is the default value
--- a/.github/workflows/publish-assets.yml
+++ b/.github/workflows/publish-assets.yml
@ -1,25 +0,0 @@
-name: Publish Versioned Assets
-on:
-  push:
-    branches:
-      - develop
-
-permissions:
-  contents: write
-  issues: write
-
-jobs:
-  buf_push_core:
-    name: Publish to buf.build/onsonr/sonr
-    runs-on: ubuntu-latest
-    steps:
-      # Run `git checkout`
-      - uses: actions/checkout@v3
-      # Install the `buf` CLI
-      - uses: bufbuild/buf-setup-action@v1
-      # Push only the Input in `proto` to the BSR
-      - uses: bufbuild/buf-push-action@v1
-        continue-on-error: true
-        with:
-          input: proto
-          buf_token: ${{ secrets.BUF_TOKEN }}
--- a/.github/workflows/make-docs.yml
+++ b/.github/workflows/make-docs.yml
@ -1,18 +1,36 @@
-name: Publish Docs via GitHub Pages
+name: Publish Versioned Assets
 on:
  push:
    branches:
-      - main
-      - master
      - develop
+      - main
    paths:
      - "docs/**"
+      - "proto/**"

 permissions:
  contents: write
+  issues: write
+
 jobs:
-  deploy:
+  buf_push:
+    name: Publish to buf.build/onsonr/sonr
    runs-on: ubuntu-latest
+    steps:
+      # Run `git checkout`
+      - uses: actions/checkout@v4
+      # Install the `buf` CLI
+      - uses: bufbuild/buf-setup-action@v1
+      # Push only the Input in `proto` to the BSR
+      - uses: bufbuild/buf-push-action@v1
+        continue-on-error: true
+        with:
+          input: proto
+          buf_token: ${{ secrets.BUF_TOKEN }}
+
+  publish-docs:
+    runs-on: ubuntu-latest
+    name: Publish Docs
    steps:
      - uses: actions/checkout@v4
      - name: Configure Git Credentials
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -0,0 +1,47 @@
+name: Versioned Release
+
+on:
+  push:
+    tags:
+      - v*
+
+permissions:
+  contents: write
+
+jobs:
+  new-release:
+    name: Run GoReleaser on New Tag
+    if: startsWith(github.ref, 'refs/tags/')
+    permissions: write-all
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          repository: onsonr/sonr
+          fetch-depth: 0
+          fetch-tags: true
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version: "1.23"
+          check-latest: true
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Release
+        uses: goreleaser/goreleaser-action@v6
+        with:
+          distribution: goreleaser
+          version: latest
+          args: release --clean
+        env:
+          GITHUB_TOKEN: ${{ secrets.GH_RELEASER_TOKEN }}
+          GITHUB_PERSONAL_AUTH_TOKEN: ${{ secrets.GH_RELEASER_TOKEN }}
+          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+          TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_TOKEN }}
--- a/.github/workflows/scheduled-release.yml
+++ b/.github/workflows/scheduled-release.yml
@ -1,95 +0,0 @@
-name: Versioned Release
-
-on:
-  push:
-    tags:
-      - "v[0-9]+.[0-9]+.[0-9]+"
-  workflow_dispatch:
-  repository_dispatch:
-    types: [trigger-release]
-
-permissions:
-  contents: write
-
-jobs:
-  check-release:
-    name: Check Existing Release
-    runs-on: ubuntu-latest
-    outputs:
-      release_exists: ${{ steps.check.outputs.release_exists }}
-      is_tag: ${{ steps.check-ref.outputs.is_tag }}
-      ref_name: ${{ steps.check-ref.outputs.ref_name }}
-    steps:
-      - name: Determine ref type and name
-        id: check-ref
-        run: |
-          if [[ $GITHUB_REF == refs/tags/* ]]; then
-            echo "is_tag=true" >> "$GITHUB_OUTPUT"
-            echo "ref_name=${GITHUB_REF#refs/tags/}" >> "$GITHUB_OUTPUT"
-          else
-            echo "is_tag=false" >> "$GITHUB_OUTPUT"
-            echo "ref_name=${GITHUB_REF#refs/heads/}" >> "$GITHUB_OUTPUT"
-          fi
-
-      - name: Check if release exists
-        id: check
-        if: steps.check-ref.outputs.is_tag == 'true'
-        run: |
-          RELEASE_EXISTS=$(curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-            "https://api.github.com/repos/onsonr/sonr/releases/tags/${GITHUB_REF#refs/tags/}" \
-            | jq -r 'if .message == "Not Found" then "false" else "true" end')
-          echo "release_exists=$RELEASE_EXISTS" >> "$GITHUB_OUTPUT"
-
-  goreleaser:
-    name: Run GoReleaser
-    needs: check-release
-    if: |
-      (needs.check-release.outputs.is_tag == 'true' && needs.check-release.outputs.release_exists == 'false') ||
-      (needs.check-release.outputs.is_tag == 'false')
-    permissions: write-all
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          repository: onsonr/sonr
-          fetch-depth: 0
-          fetch-tags: true
-
-      - name: Set up release configuration
-        id: setup
-        run: |
-          if [[ "${{ needs.check-release.outputs.is_tag }}" == "true" ]]; then
-            echo "Using tag configuration"
-            git checkout ${{ needs.check-release.outputs.ref_name }}
-            echo "args=release --clean" >> "$GITHUB_OUTPUT"
-          else
-            echo "Using snapshot configuration"
-            echo "args=release --snapshot --clean" >> "$GITHUB_OUTPUT"
-          fi
-
-      - uses: actions/setup-go@v5
-        with:
-          go-version: "1.23"
-          check-latest: true
-
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-
-      - name: Release
-        uses: goreleaser/goreleaser-action@v6
-        with:
-          distribution: goreleaser-pro
-          version: latest
-          args: ${{ steps.setup.outputs.args }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GH_RELEASER_TOKEN }}
-          GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
-          GITHUB_PERSONAL_AUTH_TOKEN: ${{ secrets.GH_RELEASER_TOKEN }}
-          DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
-          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
-          TELEGRAM_TOKEN: ${{ secrets.TELEGRAM_TOKEN }}
-          CLOUDSMITH_TOKEN: ${{ secrets.CLOUDSMITH_TOKEN }}
--- a/.github/workflows/version-bump.yml
+++ b/.github/workflows/version-bump.yml
@ -1,42 +0,0 @@
-name: Update Version and Release
-
-on:
-  push:
-    branches:
-      - master
-
-permissions:
-  contents: write
-  pull-requests: write
-
-jobs:
-  bump-version:
-    runs-on: ubuntu-latest
-    name: "Bump Version"
-    if: ${{ !startsWith(github.event.head_commit.message, 'bump:') }}
-    outputs:
-      new_tag: ${{ steps.bump.outputs.new_tag }}
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          fetch-depth: 0
-      - name: Create bump and changelog
-        id: bump
-        uses: commitizen-tools/commitizen-action@master
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          increment: "PATCH"
-
-  trigger-release:
-    needs: [bump-version]
-    if: needs.bump-version.outputs.new_tag != ''
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Trigger release workflow
-        uses: peter-evans/repository-dispatch@v2
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          event-type: trigger-release
-          client-payload: '{"tag": "${{ needs.bump-version.outputs.new_tag }}"}'