Merge pull request #1728 from sourcenetwork/release/0.6.0

Release v0.6.0
sourcenetwork · Jul 31, 2023 · 4928d13 · 4928d13
2 parents b04c423 + 9f4134b
commit 4928d13
Show file tree

Hide file tree

Showing 569 changed files with 59,169 additions and 15,544 deletions.
diff --git a/.github/codecov.yml b/.github/codecov.yml
@@ -1,42 +1,67 @@
 # Source Network's codecov configuration file.
 
+
 github_checks:
-  annotations: true
+  annotations: true # This won't work if patch is `false` or has flags.
+
 
 codecov:
-  require_ci_to_pass: yes
+  require_ci_to_pass: false
+  allow_pseudo_compare: true
+  allow_coverage_offsets: true
+
 
 coverage:
   precision: 2
-  round: down
-  range: 65...100
+  round: "nearest"
+  range: 60...90
 
   status:
-    # Learn more at https://docs.codecov.io/docs/commit-status
+
     project:
       default:
-        target: 50%
-        threshold: 0.05 # allow this much decrease on project
-        flags:
-          - unit
-
-    # Disable patch as it is not correct and buggy.
-    # Folks over at amazon's aws and mozilla's firefox tv also did the same LOL:
-    #   - https://github.com/aws/amazon-vpc-cni-k8s/pull/1226/files
-    #   - https://github.com/mozilla-mobile/firefox-tv/pull/779/files
+        only_pulls: true        # Only post the status if the commits are on a pull request.
+        informational: true     # Don't fail codcov action because of project's coverage.
+        if_ci_failed: "error"   # Give an error if CI fails (eg. upload to codecov failed).
+        if_not_found: "failure" # Fail if no report for HEAD found.
+
+    # Note: Patch is needed for github annotations.
     patch:
       default:
-        enabled: no
-        if_not_found: success
+        informational: true     # Don't fail codcov action because of patch's coverage.
+        if_ci_failed: "error"   # Give an error if CI fails (eg. upload to codecov failed).
+        if_not_found: "failure" # Fail if no report for HEAD found.
+
+    # Detect indirect coverage changes.
+    changes:
+      default:
+        informational: true     # Don't fail codcov action because of indirect coverage changes.
+        if_ci_failed: "error"   # Give an error if CI fails (eg. upload to codecov failed).
+        if_not_found: "failure" # Fail if no report for HEAD found.
+
+
+parsers:
+  go:
+    partials_as_hits: false     # Don't treat partials as hits.
 
-    changes: false
 
 comment:
-  layout: "reach, diff, files"
-  behavior: default # update if exists else create new
-  require_changes: true
+  # First the reach graph, then the diff, then the file changes.
+  layout: "newheader, reach, diff, flags, files, footer"
+
+  # Change old comment with new results.
+  behavior: "default"
+
+  # Post comment even if there were no changes.
+  require_changes: false
+
+  # Post comment even if no head or base found.
+  require_head: false
+  require_base: false
+
 
 ignore:
   - "tests"
+  - "**/mocks/*"
   - "**/*_test.go"
   - "**/*.pb.go"
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -8,3 +8,11 @@ updates:
       - "dependencies"
     commit-message:
       prefix: "bot"
+  - package-ecosystem: "npm"
+    directory: "/playground"
+    schedule:
+      interval: "weekly"
+    labels:
+      - "dependencies"
+    commit-message:
+      prefix: "bot"
diff --git a/.github/workflows/build-ami-with-packer.yml b/.github/workflows/build-ami-with-packer.yml
diff --git a/.github/workflows/build-dependencies.yml b/.github/workflows/build-dependencies.yml
@@ -12,10 +12,13 @@ name: Build Dependencies Workflow
 
 on:
   pull_request:
+    branches:
+      - master
+      - develop
 
   push:
     tags:
-      - v*
+      - 'v[0-9]+.[0-9]+.[0-9]+'
     branches:
       - master
       - develop
@@ -34,7 +37,7 @@ jobs:
       - name: Setup Go environment explicitly
         uses: actions/setup-go@v3
         with:
-          go-version: "1.19"
+          go-version: "1.20"
           check-latest: true
 
       - name: Build all dependencies

diff --git a/.github/workflows/build-then-deploy-ami.yml b/.github/workflows/build-then-deploy-ami.yml
@@ -0,0 +1,116 @@
+# Copyright 2023 Democratized Data Foundation
+#
+# Use of this software is governed by the Business Source License
+# included in the file licenses/BSL.txt.
+#
+# As of the Change Date specified in that file, in accordance with
+# the Business Source License, use of this software will be governed
+# by the Apache License, Version 2.0, included in the file
+# licenses/APL.txt.
+
+# This workflow builds the AMI using packer, if the build is successfull
+# then it will deploy the AMI using terraform apply, onto AWS.
+name: Build Then Deploy AMI Workflow
+
+on:
+  push:
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+'
+
+env:
+  AWS_REGION: 'us-east-1'
+  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_AMI_ACCESS_KEY_ID }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_AMI_SECRET_ACCESS_KEY }}
+
+  # Logging verbosities (has to be named `PACKER_LOG` and `TF_LOG`).
+  PACKER_LOG: 1
+  TF_LOG: INFO
+
+  # Directories containing config files for AWS AMI.
+  PACKER_DIR: 'tools/cloud/aws/packer'
+  TF_DIR: 'tools/cloud/aws/terraform'
+
+  # Set environment type for terraform: `dev`, `test`, `prod`
+  ENVIRONMENT_TYPE: "dev"
+
+  # RELEASE_VERSION: v0.5.0
+
+jobs:
+  # This job is responsilble to build the AMI using packer.
+  build-ami-with-packer:
+    name: Build ami with packer job
+
+    runs-on: ubuntu-latest
+
+    defaults:
+      run:
+        working-directory: ${{ env.PACKER_DIR }}
+
+    steps:
+      - name: Checkout code into the directory
+        uses: actions/checkout@v3
+
+      - name: Environment version target
+        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> ${GITHUB_ENV}
+        # run: echo ${{ env.RELEASE_VERSION }}
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-region: ${{ env.AWS_REGION }}
+          aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
+
+      - name: Setup `packer`
+        uses: hashicorp/setup-packer@main
+        with:
+          version: "latest"
+
+      - name: Run `packer init`
+        run: "packer init build_aws_ami.pkr.hcl"
+
+      - name: Run `packer validate`
+        run: "packer validate -var \"commit=${{ env.RELEASE_VERSION }}\" build_aws_ami.pkr.hcl"
+
+      - name: Run `packer build`
+        run: "packer build -var \"commit=${{ env.RELEASE_VERSION }}\" build_aws_ami.pkr.hcl"
+
+  # This job is responsilble for deploying the built AMI onto AWS, using terraform apply.
+  deploy-ami-with-terraform-apply:
+    name: Deploy ami with terraform apply job
+    needs:
+      - build-ami-with-packer
+
+    runs-on: ubuntu-latest
+
+    defaults:
+      run:
+        working-directory: ${{ env.TF_DIR }}
+
+    steps:
+      - name: Checkout code into the directory
+        uses: actions/checkout@v3
+
+      - name: Terraform action setup
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_version: 1.3.7
+
+      - name: Terraform format
+        run: terraform fmt -check
+
+      - name: Terraform initialization
+        run: terraform init -backend-config="workspaces/${ENVIRONMENT_TYPE}-backend.conf"
+
+      - name: Terraform workspace
+        # Select workspace if it exists, otherwise create a new workspace.
+        run: terraform workspace select ${ENVIRONMENT_TYPE} || terraform workspace new ${ENVIRONMENT_TYPE}
+
+      - name: Terraform validation
+        run: terraform validate -no-color
+
+      - name: List workspaces 
+        run: ls workspaces
+
+      - name: Terraform Apply
+        run: terraform apply -auto-approve -input=false -var-file="workspaces/source-ec2-${ENVIRONMENT_TYPE}.tfvars"
diff --git a/.github/workflows/check-vulnerabilities.yml b/.github/workflows/check-vulnerabilities.yml
@@ -0,0 +1,39 @@
+# Copyright 2023 Democratized Data Foundation
+#
+# Use of this software is governed by the Business Source License
+# included in the file licenses/BSL.txt.
+#
+# As of the Change Date specified in that file, in accordance with
+# the Business Source License, use of this software will be governed
+# by the Apache License, Version 2.0, included in the file
+# licenses/APL.txt.
+
+name: Check Vulnerabilities Workflow
+
+on:
+  pull_request:
+    branches:
+      - master
+      - develop
+
+  push:
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+'
+    branches:
+      - master
+      - develop
+
+jobs:
+  check-vulnerabilities:
+    name: Check vulnerabilities job
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Run govulncheck
+        uses: golang/govulncheck-action@v1
+        with:
+          go-version-input: "1.20"
+          go-package: ./...
+          check-latest: true
+          cache: true