diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index 229272a..21f2865 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -23,9 +23,21 @@ jobs: ref: ${{ inputs.commit_branch }} fetch-depth: 0 fetch-tags: true + - uses: docker/setup-qemu-action@v2 + - uses: docker/setup-buildx-action@v2 + # Configure SSH for private Go modules + - name: Setup SSH for private modules + run: | + mkdir -p ~/.ssh + echo "${{ secrets.SSH_KEY_B64 }}" | base64 -d > ~/.ssh/id_rsa + chmod 600 ~/.ssh/id_rsa + ssh-keyscan github.com >> ~/.ssh/known_hosts # Build and push docker image - name: Run go releaser run: | - docker run --rm -e CGO_ENABLED -e GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} \ + docker run --rm -e CGO_ENABLED -e GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} -e GOPRIVATE=github.com/xrplevm/evm-sec-papyrus\ -v /var/run/docker.sock:/var/run/docker.sock -v $PWD:/go/src/exrp -w /go/src/exrp \ - goreleaser/goreleaser-cross:v1.22 release --clean --skip validate \ No newline at end of file + -v ~/.ssh:/root/.ssh:ro \ + --entrypoint /bin/sh \ + goreleaser/goreleaser-cross:v1.22 -c \ + 'git config --global --add safe.directory /go/src/exrp && git config --global url."ssh://git@github.com/xrplevm/evm-sec-papyrus".insteadOf "https://github.com/xrplevm/evm-sec-papyrus" && goreleaser release --clean --skip validate' \ No newline at end of file diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index f048909..eb7098f 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -16,22 +16,12 @@ jobs: - uses: actions/checkout@v2 - uses: docker/setup-qemu-action@v2 - uses: docker/setup-buildx-action@v2 - - uses: actions/cache@v3 - with: - path: /tmp/.buildx-cache - key: ${{ github.job }}-${{ runner.os }}-${{ github.event.pull_request.number }}-buildx - restore-keys: | - ${{ github.job }}-${{ runner.os }}-${{ github.event.pull_request.number }}-buildx # Build docker image - - name: Build docker image - uses: docker/build-push-action@v4 - with: - target: integration - push: false - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new - - name: Move cache - if: always() - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache \ No newline at end of file + - name: Build docker image + uses: docker/build-push-action@v4 + with: + context: . + target: integration + push: false + secrets: | + ssh_key_b64=${{ secrets.SSH_KEY_B64 }} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f8144a3..ec0f545 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -46,6 +46,8 @@ jobs: tags: | peersyst/exrp:${{ github.event.inputs.tag }} ${{ fromJSON('["", "peersyst/exrp:latest"]')[github.event.inputs.is_latest_release == 'true'] }} + secrets: | + ssh_key_b64=${{ secrets.SSH_KEY_B64 }} - name: Publish the Release uses: softprops/action-gh-release@v1 with: diff --git a/Dockerfile b/Dockerfile index 2e28e3c..a20dab4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,6 +6,15 @@ RUN apt update && \ ca-certificates WORKDIR /app COPY . . + +# Hotfix to allow download of private go module +ENV GOPRIVATE=github.com/xrplevm/evm-sec-papyrus +RUN mkdir -p ~/.ssh +RUN --mount=type=secret,id=ssh_key_b64 base64 -d -i /run/secrets/ssh_key_b64 > ~/.ssh/id_rsa +RUN chmod 600 ~/.ssh/id_rsa +RUN ssh-keyscan github.com >> ~/.ssh/known_hosts +RUN git config --global url."ssh://git@github.com/xrplevm/evm-sec-papyrus".insteadOf "https://github.com/xrplevm/evm-sec-papyrus" + RUN make install