From bf5a605c61a492724322f56d0fbb3eb71d2d08b8 Mon Sep 17 00:00:00 2001 From: paypes <43441600+abbesBenayache@users.noreply.github.com> Date: Mon, 8 Sep 2025 11:06:07 +0200 Subject: [PATCH 1/3] feat: add modular deployment workflows - Create separate deployment workflows instead of single dapp-deploy --- .github/workflows/README.md | 185 ++++++++++++++++++ .../deployment/01-deploy-dapp-contract.yml | 143 ++++++++++++++ .../deployment/02-push-dapp-secret.yml | 55 ++++++ .../deployment/03-publish-sell-order.yml | 64 ++++++ .../deployment/04-add-resource-whitelist.yml | 73 +++++++ .../workflows/deployment/05-configure-ens.yml | 58 ++++++ .../{ => deployment}/dapp-deploy.yml | 0 .../{ => deployment}/deployment-dapp-ci.yml | 0 8 files changed, 578 insertions(+) create mode 100644 .github/workflows/README.md create mode 100644 .github/workflows/deployment/01-deploy-dapp-contract.yml create mode 100644 .github/workflows/deployment/02-push-dapp-secret.yml create mode 100644 .github/workflows/deployment/03-publish-sell-order.yml create mode 100644 .github/workflows/deployment/04-add-resource-whitelist.yml create mode 100644 .github/workflows/deployment/05-configure-ens.yml rename .github/workflows/{ => deployment}/dapp-deploy.yml (100%) rename .github/workflows/{ => deployment}/deployment-dapp-ci.yml (100%) diff --git a/.github/workflows/README.md b/.github/workflows/README.md new file mode 100644 index 0000000..e96e32b --- /dev/null +++ b/.github/workflows/README.md @@ -0,0 +1,185 @@ +# GitHub Workflows - Web3Telegram SDK + +Complete documentation of GitHub Actions workflows for the Web3Telegram SDK project. + +## 📋 Overview + +The project uses 3 categories of workflows: + +- **SDK** : CI, build, NPM publication of the SDK +- **DApp** : CI and application deployment +- **Release** : Version management and releases + +## 🚀 SDK Workflows + +### `sdk-ci.yml` + +**SDK CI** - Automatic validation on every PR + +- **Trigger** : Pull Request on `src/`, `tests/`, configs +- **Actions** : Lint, unit tests, TypeScript build +- **Concurrency** : Cancels previous runs + +### `sdk-npm-publish.yml` + +**Manual NPM Publication** - Deploy to NPM + +- **Trigger** : `workflow_dispatch` +- **Inputs** : `tag` (latest/nightly) +- **Restriction** : `main` branch only + +### `sdk-release.yml` + +**Automatic NPM Publication** - Official release + +- **Trigger** : Tag `web3telegram-v*` +- **Action** : Publication with `latest` tag + +### `reusable-sdk-npm.yml` + +**Reusable Workflow** - Template for NPM publication + +- **Type** : `workflow_call` +- **Usage** : Used by `sdk-npm-publish.yml` and `sdk-release.yml` + +## 🏗️ DApp Workflows + +### `dapp-ci.yml` + +**Application CI** - DApp code validation + +- **Trigger** : Pull Request on `dapp/` +- **Actions** : Lint, tests, validation + +### `deployment/deployment-dapp-ci.yml` + +**Deployment CI** - Deployment scripts validation + +- **Trigger** : Pull Request on `deployment-dapp/` +- **Actions** : Lint, TypeScript scripts tests + +## 🚀 Deployment Workflows + +### `deployment/dapp-deploy.yml` (Main) + +**Complete Deployment** + +- **Trigger** : `workflow_dispatch` +- **Inputs** : `environment` (bellecour-dev, arbitrum-sepolia-dev, etc.) +- **Process** : + 1. Docker build + Sconify + 2. Contract deployment + 3. Push secrets + 4. Publish sell order + 5. Whitelist + 6. ENS configuration + +### `deployment/01-deploy-dapp-contract.yml` + +**Contract Deployment** - Deploy the smart contract + +- **Trigger** : `workflow_dispatch` +- **Inputs** : `environment`, `docker_image_tag`, `checksum`, `fingerprint` +- **Outputs** : `app_address` + +### `deployment/02-push-dapp-secret.yml` + +**Push Secrets** - Push secrets to SMS (Secret Management Service) + +- **Trigger** : `workflow_dispatch` +- **Inputs** : `environment`, `app_address` + +### `deployment/03-publish-sell-order.yml` + +**Sell Order** - Publish a free sell order + +- **Trigger** : `workflow_dispatch` +- **Inputs** : `environment`, `app_address`, `price`, `volume` + +### `deployment/04-add-resource-whitelist.yml` + +**Whitelist** - Add app to a whitelist already deployed on whitelist-smartcontract repo and transfer ownership to web3telegram wallet + +- **Trigger** : `workflow_dispatch` +- **Inputs** : `environment`, `app_address`, `whitelist_contract_address` + +### `deployment/05-configure-ens.yml` + +**ENS Configuration** - Configure ENS name (only on bellecour environment) + +- **Trigger** : `workflow_dispatch` +- **Inputs** : `environment`, `app_address`, `ens_name` + +## 📦 Release Workflows + +### `release.yml` + +**Release Please** - Automatic version management + +- **Trigger** : Push on `main` +- **Action** : Automatic release PR creation + +### `conventional-commits.yml` + +**Commit Validation** - Check conventional commits + +- **Trigger** : Pull Request +- **Action** : Commit format validation + +## 🎯 Usage + +### Complete Deployment + +```bash +gh workflow run deployment/dapp-deploy.yml -f environment=bellecour-dev +``` + +### SDK Publication + +```bash +# Manual publication +gh workflow run sdk-npm-publish.yml -f tag=nightly + +# Automatic publication (via tag) +git tag web3telegram-v1.0.0 +git push origin web3telegram-v1.0.0 +``` + +## 🔧 Environments + +| Environment | Network | Usage | +| ----------------------- | ----------------- | --------------- | +| `bellecour-dev` | Bellecour Testnet | Development | +| `arbitrum-sepolia-dev` | Arbitrum Sepolia | Testing | +| `bellecour-prod` | Bellecour Mainnet | Production | +| `arbitrum-sepolia-prod` | Arbitrum Sepolia | Production test | +| `arbitrum-prod` | Arbitrum Mainnet | Production | + +## 📁 Structure + +``` +.github/workflows/ +├── sdk-ci.yml # SDK CI +├── sdk-npm-publish.yml # Manual NPM publication +├── sdk-release.yml # Automatic NPM publication +├── reusable-sdk-npm.yml # NPM template +├── dapp-ci.yml # DApp CI +├── release.yml # Release Please +├── conventional-commits.yml # Commit validation +└── deployment/ # Deployment workflows + ├── dapp-deploy.yml # Main orchestrator + ├── 01-deploy-dapp-contract.yml + ├── 02-push-dapp-secret.yml + ├── 03-publish-sell-order.yml + ├── 04-add-resource-whitelist.yml + ├── 05-configure-ens.yml + └── deployment-dapp-ci.yml # Deployment CI +``` + +## ⚡ Benefits + +- **Modularity** : Each step can be executed independently +- **Recovery** : In case of failure, restart only the concerned step +- **Flexibility** : Reusable and configurable workflows +- **Security** : Automatic validation and separate environments +- **Traceability** : Detailed logs for each step diff --git a/.github/workflows/deployment/01-deploy-dapp-contract.yml b/.github/workflows/deployment/01-deploy-dapp-contract.yml new file mode 100644 index 0000000..24b8cca --- /dev/null +++ b/.github/workflows/deployment/01-deploy-dapp-contract.yml @@ -0,0 +1,143 @@ +name: 01-deploy-dapp-contract + +on: + workflow_dispatch: + inputs: + environment: + description: 'Deployment environment' + required: true + type: choice + options: + # dev environments + - bellecour-dev + - arbitrum-sepolia-dev + # prod environments (requires a tag starting with dapp-v) + - bellecour-prod + - arbitrum-sepolia-prod + - arbitrum-prod + # Optional inputs for manual override + docker_image_tag: + description: 'Docker image tag (if not provided, will build from scratch)' + required: false + type: string + checksum: + description: 'Docker image checksum (if not provided, will build from scratch)' + required: false + type: string + fingerprint: + description: 'Docker image fingerprint (if not provided, will build from scratch)' + required: false + type: string + +jobs: + extract-tag: + runs-on: ubuntu-latest + outputs: + clean_tag: ${{ steps.tag.outputs.clean_tag }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Check and extract tag + id: tag + run: | + if [[ "${{ github.event.inputs.environment }}" == *-prod ]]; then + if [[ "${GITHUB_REF}" != refs/tags/dapp-v* ]]; then + echo "Error: The ref must be a tag starting with 'dapp-v' for production deployments." + exit 1 + fi + TAG=${GITHUB_REF#refs/tags/dapp-v}-$(date +%s) + echo "clean_tag=${TAG}" | tee -a $GITHUB_OUTPUT + else + echo "clean_tag=dev" | tee -a $GITHUB_OUTPUT + fi + + docker-publish: + if: ${{ !github.event.inputs.docker_image_tag }} + uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/docker-build.yml@docker-build-v2.3.1 + needs: [extract-tag] + with: + image-name: 'iexechub/web3telegram-dapp' + registry: 'docker.io' + dockerfile: 'dapp/Dockerfile' + context: 'dapp' + security-scan: true + security-report: 'sarif' + hadolint: true + push: true + image-tag: ${{ needs.extract-tag.outputs.clean_tag }} + secrets: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PAT }} + + sconify: + if: ${{ !github.event.inputs.docker_image_tag }} + uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/sconify.yml@sconify-v2.0.0 + needs: [docker-publish, extract-tag] + with: + image-name: 'iexechub/web3telegram-dapp' + image-tag: ${{ needs.extract-tag.outputs.clean_tag }} + sconify-debug: false + sconify-prod: true + docker-registry: docker.io + sconify-version: ${{ vars.SCONIFY_VERSION }} + binary: /usr/local/bin/node + command: node + host-path: | + /etc/hosts + /etc/resolv.conf + binary-fs: true + fs-dir: /app + heap: 1G + dlopen: 1 + mprotect: 0 + secrets: + docker-username: ${{ secrets.DOCKERHUB_USERNAME }} + docker-password: ${{ secrets.DOCKERHUB_PAT }} + scontain-username: ${{ secrets.SCONTAIN_REGISTRY_USERNAME }} + scontain-password: ${{ secrets.SCONTAIN_REGISTRY_PAT }} + scone-signing-key: ${{ secrets.SCONIFY_SIGNING_PRIVATE_KEY }} + + deploy-dapp: + needs: [extract-tag, sconify] + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + outputs: + app_address: ${{ steps.deploy.outputs.app_address }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20.19.0' + cache: 'npm' + + - name: Install dependencies + run: | + npm ci + cd node_modules/whitelist-smart-contract + npm install --save-dev ts-node + cd ../../deployment-dapp + npm ci + + - name: Deploy dapp contract + id: deploy + env: + WALLET_PRIVATE_KEY: ${{ secrets.WEB3TELEGRAM_APP_OWNER_PRIVATEKEY }} + DOCKER_IMAGE_TAG: ${{ github.event.inputs.docker_image_tag || needs.sconify.outputs.prod-image-tag }} + CHECKSUM: ${{ github.event.inputs.checksum || needs.sconify.outputs.prod-checksum }} + FINGERPRINT: ${{ github.event.inputs.fingerprint || needs.sconify.outputs.prod-mrenclave }} + RPC_URL: ${{ secrets.RPC_URL }} + SCONIFY_VERSION: ${{ vars.SCONIFY_VERSION }} + run: | + cd deployment-dapp + npm run deploy-dapp + echo "app_address=$(cat .app-address)" >> $GITHUB_OUTPUT + + - name: Upload app address artifact + uses: actions/upload-artifact@v4 + with: + name: app-address + path: deployment-dapp/.app-address + retention-days: 30 diff --git a/.github/workflows/deployment/02-push-dapp-secret.yml b/.github/workflows/deployment/02-push-dapp-secret.yml new file mode 100644 index 0000000..23ad9ee --- /dev/null +++ b/.github/workflows/deployment/02-push-dapp-secret.yml @@ -0,0 +1,55 @@ +name: 02-push-dapp-secret.yml + +on: + workflow_dispatch: + inputs: + environment: + description: 'Deployment environment' + required: true + type: choice + options: + # dev environments + - bellecour-dev + - arbitrum-sepolia-dev + # prod environments + - bellecour-prod + - arbitrum-sepolia-prod + - arbitrum-prod + app_address: + description: 'App contract address' + required: true + type: string + +jobs: + push-secret: + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20.19.0' + cache: 'npm' + + - name: Install dependencies + run: | + npm ci + cd deployment-dapp + npm ci + + - name: Create app address file + run: | + echo "${{ inputs.app_address }}" > deployment-dapp/.app-address + echo "Using app address: ${{ inputs.app_address }}" + + - name: Push dapp secret + env: + WALLET_PRIVATE_KEY: ${{ secrets.WEB3TELEGRAM_APP_OWNER_PRIVATEKEY }} + TELEGRAM_BOT_TOKEN: ${{ secrets.TELEGRAM_BOT_TOKEN }} + RPC_URL: ${{ secrets.RPC_URL }} + run: | + cd deployment-dapp + npm run push-dapp-secret diff --git a/.github/workflows/deployment/03-publish-sell-order.yml b/.github/workflows/deployment/03-publish-sell-order.yml new file mode 100644 index 0000000..692e3fb --- /dev/null +++ b/.github/workflows/deployment/03-publish-sell-order.yml @@ -0,0 +1,64 @@ +name: 03-publish-sell-order.yml + +on: + workflow_dispatch: + inputs: + environment: + description: 'Deployment environment' + required: true + type: choice + options: + # dev environments + - bellecour-dev + - arbitrum-sepolia-dev + # prod environments + - bellecour-prod + - arbitrum-sepolia-prod + - arbitrum-prod + app_address: + description: 'App contract address' + required: true + type: string + price: + description: 'Sell order price' + required: true + type: string + volume: + description: 'Sell order volume' + required: true + type: string + +jobs: + publish-sell-order: + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20.19.0' + cache: 'npm' + + - name: Install dependencies + run: | + npm ci + cd deployment-dapp + npm ci + + - name: Create app address file + run: | + echo "${{ inputs.app_address }}" > deployment-dapp/.app-address + echo "Using app address: ${{ inputs.app_address }}" + + - name: Publish free sell order + env: + WALLET_PRIVATE_KEY: ${{ secrets.WEB3TELEGRAM_APP_OWNER_PRIVATEKEY }} + PRICE: ${{ inputs.price }} + VOLUME: ${{ inputs.volume }} + RPC_URL: ${{ secrets.RPC_URL }} + run: | + cd deployment-dapp + npm run publish-sell-order diff --git a/.github/workflows/deployment/04-add-resource-whitelist.yml b/.github/workflows/deployment/04-add-resource-whitelist.yml new file mode 100644 index 0000000..28d6b48 --- /dev/null +++ b/.github/workflows/deployment/04-add-resource-whitelist.yml @@ -0,0 +1,73 @@ +name: 04-add-resource-whitelist.yml + +on: + workflow_dispatch: + inputs: + environment: + description: 'Deployment environment' + required: true + type: choice + options: + # dev environments + - bellecour-dev + - arbitrum-sepolia-dev + # prod environments + - bellecour-prod + - arbitrum-sepolia-prod + - arbitrum-prod + app_address: + description: 'App contract address' + required: true + type: string + whitelist_contract_address: + description: 'Whitelist contract address' + required: true + type: string + +jobs: + add-to-whitelist: + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20.19.0' + cache: 'npm' + + - name: Install dependencies + run: | + npm ci + cd node_modules/whitelist-smart-contract + npm install --save-dev ts-node + + - name: Determine network from environment + id: network + run: | + case "${{ inputs.environment }}" in + bellecour-dev|bellecour-prod) + echo "network_name=bellecour" >> $GITHUB_OUTPUT + ;; + arbitrum-sepolia-dev|arbitrum-sepolia-prod) + echo "network_name=arbitrum-sepolia" >> $GITHUB_OUTPUT + ;; + arbitrum-prod) + echo "network_name=arbitrum" >> $GITHUB_OUTPUT + ;; + *) + echo "Error: Unknown environment ${{ inputs.environment }}" + exit 1 + ;; + esac + + - name: Add resource to whitelist + env: + CONTRACT_ADDRESS: ${{ inputs.whitelist_contract_address }} + PRIVATE_KEY: ${{ secrets.WEB3TELEGRAM_APP_OWNER_PRIVATEKEY }} + run: | + cd node_modules/whitelist-smart-contract + export ADDRESS_TO_ADD=${{ inputs.app_address }} + npm run addResourceToWhitelist -- --network ${{ steps.network.outputs.network_name }} diff --git a/.github/workflows/deployment/05-configure-ens.yml b/.github/workflows/deployment/05-configure-ens.yml new file mode 100644 index 0000000..d9d95a6 --- /dev/null +++ b/.github/workflows/deployment/05-configure-ens.yml @@ -0,0 +1,58 @@ +name: 05-configure-ens.yml + +on: + workflow_dispatch: + inputs: + environment: + description: 'Deployment environment' + required: true + type: choice + options: + # dev environments + - bellecour-dev + - arbitrum-sepolia-dev + # prod environments + - bellecour-prod + - arbitrum-sepolia-prod + - arbitrum-prod + app_address: + description: 'App contract address' + required: true + type: string + ens_name: + description: 'ENS name to configure' + required: true + type: string + +jobs: + configure-ens: + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '20.19.0' + cache: 'npm' + + - name: Install dependencies + run: | + npm ci + cd deployment-dapp + npm ci + + - name: Create app address file + run: | + echo "${{ inputs.app_address }}" > deployment-dapp/.app-address + echo "Using app address: ${{ inputs.app_address }}" + + - name: Configure ENS + env: + WALLET_PRIVATE_KEY: ${{ secrets.WEB3TELEGRAM_APP_OWNER_PRIVATEKEY }} + DAPP_ENS_NAME: ${{ inputs.ens_name }} + run: | + cd deployment-dapp + npm run configure-ens diff --git a/.github/workflows/dapp-deploy.yml b/.github/workflows/deployment/dapp-deploy.yml similarity index 100% rename from .github/workflows/dapp-deploy.yml rename to .github/workflows/deployment/dapp-deploy.yml diff --git a/.github/workflows/deployment-dapp-ci.yml b/.github/workflows/deployment/deployment-dapp-ci.yml similarity index 100% rename from .github/workflows/deployment-dapp-ci.yml rename to .github/workflows/deployment/deployment-dapp-ci.yml From 9ca9e140d61604331b10709c4fe527344fb77645 Mon Sep 17 00:00:00 2001 From: paypes <43441600+abbesBenayache@users.noreply.github.com> Date: Mon, 8 Sep 2025 11:57:18 +0200 Subject: [PATCH 2/3] fix: move workflows to root directory for GitHub Actions visibility - Move all deployment workflows from deployment/ folder to .github/workflows/ root --- .../01-deploy-dapp-contract.yml | 0 .../{deployment => }/02-push-dapp-secret.yml | 0 .../03-publish-sell-order.yml | 0 .../04-add-resource-whitelist.yml | 0 .../{deployment => }/05-configure-ens.yml | 0 .github/workflows/README.md | 29 +++++++++---------- .../{deployment => }/dapp-deploy.yml | 0 .../{deployment => }/deployment-dapp-ci.yml | 0 8 files changed, 14 insertions(+), 15 deletions(-) rename .github/workflows/{deployment => }/01-deploy-dapp-contract.yml (100%) rename .github/workflows/{deployment => }/02-push-dapp-secret.yml (100%) rename .github/workflows/{deployment => }/03-publish-sell-order.yml (100%) rename .github/workflows/{deployment => }/04-add-resource-whitelist.yml (100%) rename .github/workflows/{deployment => }/05-configure-ens.yml (100%) rename .github/workflows/{deployment => }/dapp-deploy.yml (100%) rename .github/workflows/{deployment => }/deployment-dapp-ci.yml (100%) diff --git a/.github/workflows/deployment/01-deploy-dapp-contract.yml b/.github/workflows/01-deploy-dapp-contract.yml similarity index 100% rename from .github/workflows/deployment/01-deploy-dapp-contract.yml rename to .github/workflows/01-deploy-dapp-contract.yml diff --git a/.github/workflows/deployment/02-push-dapp-secret.yml b/.github/workflows/02-push-dapp-secret.yml similarity index 100% rename from .github/workflows/deployment/02-push-dapp-secret.yml rename to .github/workflows/02-push-dapp-secret.yml diff --git a/.github/workflows/deployment/03-publish-sell-order.yml b/.github/workflows/03-publish-sell-order.yml similarity index 100% rename from .github/workflows/deployment/03-publish-sell-order.yml rename to .github/workflows/03-publish-sell-order.yml diff --git a/.github/workflows/deployment/04-add-resource-whitelist.yml b/.github/workflows/04-add-resource-whitelist.yml similarity index 100% rename from .github/workflows/deployment/04-add-resource-whitelist.yml rename to .github/workflows/04-add-resource-whitelist.yml diff --git a/.github/workflows/deployment/05-configure-ens.yml b/.github/workflows/05-configure-ens.yml similarity index 100% rename from .github/workflows/deployment/05-configure-ens.yml rename to .github/workflows/05-configure-ens.yml diff --git a/.github/workflows/README.md b/.github/workflows/README.md index e96e32b..d07e9e3 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -60,7 +60,7 @@ The project uses 3 categories of workflows: ## 🚀 Deployment Workflows -### `deployment/dapp-deploy.yml` (Main) +### `dapp-deploy.yml` (Main) **Complete Deployment** @@ -74,7 +74,7 @@ The project uses 3 categories of workflows: 5. Whitelist 6. ENS configuration -### `deployment/01-deploy-dapp-contract.yml` +### `01-deploy-dapp-contract.yml` **Contract Deployment** - Deploy the smart contract @@ -82,28 +82,28 @@ The project uses 3 categories of workflows: - **Inputs** : `environment`, `docker_image_tag`, `checksum`, `fingerprint` - **Outputs** : `app_address` -### `deployment/02-push-dapp-secret.yml` +### `02-push-dapp-secret.yml` **Push Secrets** - Push secrets to SMS (Secret Management Service) - **Trigger** : `workflow_dispatch` - **Inputs** : `environment`, `app_address` -### `deployment/03-publish-sell-order.yml` +### `03-publish-sell-order.yml` **Sell Order** - Publish a free sell order - **Trigger** : `workflow_dispatch` - **Inputs** : `environment`, `app_address`, `price`, `volume` -### `deployment/04-add-resource-whitelist.yml` +### `04-add-resource-whitelist.yml` **Whitelist** - Add app to a whitelist already deployed on whitelist-smartcontract repo and transfer ownership to web3telegram wallet - **Trigger** : `workflow_dispatch` - **Inputs** : `environment`, `app_address`, `whitelist_contract_address` -### `deployment/05-configure-ens.yml` +### `05-configure-ens.yml` **ENS Configuration** - Configure ENS name (only on bellecour environment) @@ -131,7 +131,7 @@ The project uses 3 categories of workflows: ### Complete Deployment ```bash -gh workflow run deployment/dapp-deploy.yml -f environment=bellecour-dev +gh workflow run dapp-deploy.yml -f environment=bellecour-dev ``` ### SDK Publication @@ -166,14 +166,13 @@ git push origin web3telegram-v1.0.0 ├── dapp-ci.yml # DApp CI ├── release.yml # Release Please ├── conventional-commits.yml # Commit validation -└── deployment/ # Deployment workflows - ├── dapp-deploy.yml # Main orchestrator - ├── 01-deploy-dapp-contract.yml - ├── 02-push-dapp-secret.yml - ├── 03-publish-sell-order.yml - ├── 04-add-resource-whitelist.yml - ├── 05-configure-ens.yml - └── deployment-dapp-ci.yml # Deployment CI +├── dapp-deploy.yml # Main orchestrator +├── 01-deploy-dapp-contract.yml # Contract deployment +├── 02-push-dapp-secret.yml # Push secrets +├── 03-publish-sell-order.yml # Publish sell order +├── 04-add-resource-whitelist.yml # Whitelist app +├── 05-configure-ens.yml # Configure ENS +└── deployment-dapp-ci.yml # Deployment CI ``` ## ⚡ Benefits diff --git a/.github/workflows/deployment/dapp-deploy.yml b/.github/workflows/dapp-deploy.yml similarity index 100% rename from .github/workflows/deployment/dapp-deploy.yml rename to .github/workflows/dapp-deploy.yml diff --git a/.github/workflows/deployment/deployment-dapp-ci.yml b/.github/workflows/deployment-dapp-ci.yml similarity index 100% rename from .github/workflows/deployment/deployment-dapp-ci.yml rename to .github/workflows/deployment-dapp-ci.yml From e79291fae7bce0c4925dc1f8750f59318e5e5baa Mon Sep 17 00:00:00 2001 From: paypes <43441600+abbesBenayache@users.noreply.github.com> Date: Mon, 8 Sep 2025 14:00:08 +0200 Subject: [PATCH 3/3] feat(workflows): improve whitelist workflow with environment variables - Make whitelist_contract_address optional with environment variable fallback - Remove network determination step and use WHITELIST_NETWORK_NAME variable --- .../workflows/04-add-resource-whitelist.yml | 28 ++++--------------- .github/workflows/README.md | 2 +- 2 files changed, 6 insertions(+), 24 deletions(-) diff --git a/.github/workflows/04-add-resource-whitelist.yml b/.github/workflows/04-add-resource-whitelist.yml index 28d6b48..64c334d 100644 --- a/.github/workflows/04-add-resource-whitelist.yml +++ b/.github/workflows/04-add-resource-whitelist.yml @@ -20,8 +20,8 @@ on: required: true type: string whitelist_contract_address: - description: 'Whitelist contract address' - required: true + description: 'Whitelist contract address (optional, uses environment variable by default)' + required: false type: string jobs: @@ -44,30 +44,12 @@ jobs: cd node_modules/whitelist-smart-contract npm install --save-dev ts-node - - name: Determine network from environment - id: network - run: | - case "${{ inputs.environment }}" in - bellecour-dev|bellecour-prod) - echo "network_name=bellecour" >> $GITHUB_OUTPUT - ;; - arbitrum-sepolia-dev|arbitrum-sepolia-prod) - echo "network_name=arbitrum-sepolia" >> $GITHUB_OUTPUT - ;; - arbitrum-prod) - echo "network_name=arbitrum" >> $GITHUB_OUTPUT - ;; - *) - echo "Error: Unknown environment ${{ inputs.environment }}" - exit 1 - ;; - esac - - name: Add resource to whitelist env: - CONTRACT_ADDRESS: ${{ inputs.whitelist_contract_address }} + CONTRACT_ADDRESS: ${{ inputs.whitelist_contract_address || vars.WEB3TELEGRAM_WHITELIST_CONTRACT_ADDRESS }} PRIVATE_KEY: ${{ secrets.WEB3TELEGRAM_APP_OWNER_PRIVATEKEY }} + WHITELIST_NETWORK_NAME: ${{ vars.WHITELIST_NETWORK_NAME }} run: | cd node_modules/whitelist-smart-contract export ADDRESS_TO_ADD=${{ inputs.app_address }} - npm run addResourceToWhitelist -- --network ${{ steps.network.outputs.network_name }} + npm run addResourceToWhitelist -- --network $WHITELIST_NETWORK_NAME diff --git a/.github/workflows/README.md b/.github/workflows/README.md index d07e9e3..de69af7 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -101,7 +101,7 @@ The project uses 3 categories of workflows: **Whitelist** - Add app to a whitelist already deployed on whitelist-smartcontract repo and transfer ownership to web3telegram wallet - **Trigger** : `workflow_dispatch` -- **Inputs** : `environment`, `app_address`, `whitelist_contract_address` +- **Inputs** : `environment`, `app_address`, `whitelist_contract_address` (optional) ### `05-configure-ens.yml`