Skip to content

Commit

Permalink
fix: use unique names and remove smart contract set (#21)
Browse files Browse the repository at this point in the history 
## Summary by Sourcery

Use unique names for SettleMint resources and remove the smart contract
set ID.

Enhancements:
- Updated action inputs to use unique names instead of IDs for
SettleMint resources.

Tests:
- Removed smart contract set ID from environment variables.
  • Loading branch information
@janb87
janb87 authored Jan 7, 2025
1 parent 4ffcb3d commit 557dbb8
Show file tree
Hide file tree
Showing 10 changed files with 121 additions and 85 deletions.
2 changes: 1 addition & 1 deletion .cursorrules
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
7. Configure TypeScript for proper type checking
8. Support all SettleMint environment variables as optional inputs
9. Set predefined contract addresses as environment variables
10. Add auto-login and auto-connect functionality
10. Add auto-connect functionality
11. Process .env files from secrets and add them to GitHub environment
12. Add comprehensive test coverage for main functionality
13. Configure Renovate to run `npm run package` after dependency updates
Expand Down
3 changes: 1 addition & 2 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,8 +64,7 @@ jobs:
id: test-action
uses: ./
with:
personal-access-token: ${{ secrets.SETTLEMINT_PERSONAL_ACCESS_TOKEN }}
command: codegen
workspace: ${{ secrets.SETTLEMINT_WORKSPACE }}
application: ${{ secrets.SETTLEMINT_APPLICATION }}
access-token: ${{ secrets.SETTLEMINT_ACCESS_TOKEN }}
access-token: ${{ secrets.SETTLEMINT_PERSONAL_ACCESS_TOKEN }}
5 changes: 5 additions & 0 deletions .vscode/settings.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
"[typescript]": {
"editor.defaultFormatter": "biomejs.biome"
}
}
80 changes: 41 additions & 39 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ steps:
- name: Run SettleMint CLI
uses: settlemint/settlemint-action@main
with:
command: 'workspace list'
command: "workspace list"
access-token: ${{ secrets.SETTLEMINT_ACCESS_TOKEN }}
```
Expand All @@ -54,47 +54,43 @@ steps:
- name: Deploy Smart Contract
uses: settlemint/settlemint-action@main
with:
command: 'contract deploy MyContract'
command: "scs hardhat deploy remote --accept-defaults"
access-token: ${{ secrets.SETTLEMINT_ACCESS_TOKEN }}
version: '1.0.0'
workspace: 'my-workspace-id'
blockchain-network: 'my-network-id'
auto-login: 'true'
auto-connect: 'true'
version: "1.0.0"
workspace: "my-workspace-ae70"
blockchain-node: "my-node-3b8e"
auto-connect: "true"
```
## Inputs
### Required
| Input | Description | Required |
|------------------|--------------------------------|----------|
| personal-access-token | SettleMint Personal Access Token | Yes |
| access-token | SettleMint ApplicationAccess Token | Yes |
| Input | Description | Required |
| ------------ | -------------------------------------------------------------------------- | -------- |
| access-token | SettleMint Access Token (can be a personal or an application access token) | Yes |
### Optional
| Input | Description | Default |
|--------------------|--------------------------------------------------|----------------------------------|
| command | CLI command to execute | - |
| version | CLI version to install | 'latest' |
| auto-login | Automatically login to SettleMint | 'true' |
| auto-connect | Automatically connect to workspace | 'true' |
| instance | SettleMint instance URL | 'https://console.settlemint.com' |
| workspace | Workspace ID | - |
| application | Application ID | - |
| blockchain-network | Blockchain network ID | - |
| blockchain-node | Blockchain node ID | - |
| load-balancer | Load balancer ID | - |
| hasura | Hasura ID | - |
| thegraph | TheGraph ID | - |
| portal | Portal ID | - |
| hd-private-key | HD private key | - |
| minio | MinIO ID | - |
| ipfs | IPFS ID | - |
| custom-deployment | Custom deployment ID | - |
| blockscout | Blockscout ID | - |
| smart-contract-set | Smart contract set ID | - |
| Input | Description | Default |
| ------------------ | ---------------------------------- | ------------------------------------------------------------------- |
| command | CLI command to execute | - |
| version | CLI version to install | 'latest' |
| auto-connect | Automatically connect to workspace | 'true' (only executed when access-token is a personal access token) |
| instance | SettleMint instance URL | 'https://console.settlemint.com' |
| workspace | Workspace unique name | - |
| application | Application unique name | - |
| blockchain-network | Blockchain network unique name | - |
| blockchain-node | Blockchain node unique name | - |
| load-balancer | Load balancer unique name | - |
| hasura | Hasura unique name | - |
| thegraph | TheGraph unique name | - |
| portal | Portal unique name | - |
| hd-private-key | HD private key | - |
| minio | MinIO unique name | - |
| ipfs | IPFS unique name | - |
| custom-deployment | Custom deployment unique name | - |
| blockscout | Blockscout unique name | - |
## Common Use Cases
Expand All @@ -104,11 +100,9 @@ steps:
- name: Deploy Contract
uses: settlemint/settlemint-action@main
with:
command: |
contract compile
contract deploy MyContract
command: scs hardhat deploy remote --accept-defaults
access-token: ${{ secrets.SETTLEMINT_ACCESS_TOKEN }}
workspace: ${{ vars.WORKSPACE_ID }}
workspace: ${{ vars.WORKSPACE_UNIQUE_NAME }}
```
### Managing Workspaces
Expand All @@ -128,7 +122,7 @@ steps:
uses: settlemint/settlemint-action@main
with:
command: --version
version: '1.0.0'
version: "1.0.0"
access-token: ${{ secrets.SETTLEMINT_ACCESS_TOKEN }}
```
Expand All @@ -140,12 +134,14 @@ All inputs are automatically converted to environment variables with the `SETTLE
- `blockchain-network` → `SETTLEMINT_BLOCKCHAIN_NETWORK`

### Environment Files

The action supports loading environment variables from `.env` files. You can provide the content of your env files through the following inputs:

- `dotEnvFile`: Content of your main `.env` file
- `dotEnvLocalFile`: Content of your `.env.local` file

⚠️ **Important**: Always store env file contents in GitHub Secrets:

```yaml
steps:
- uses: settlemint/settlemint-action@main
Expand All @@ -156,6 +152,7 @@ steps:
```

The action will process these files and add all variables to the GitHub Actions environment. It handles:

- Comments (lines starting with #)
- Empty lines
- Quoted values
Expand All @@ -165,6 +162,7 @@ The action will process these files and add all variables to the GitHub Actions
## Error Handling

The action will fail if:

- Invalid access token is provided
- Required inputs are missing
- CLI command execution fails
Expand All @@ -179,26 +177,31 @@ The action will fail if:
## Security Best Practices

### Handling Secrets 🔒

- **NEVER** commit access tokens, private keys or any secrets directly in your workflow files or repository
- **ALWAYS** use GitHub Secrets for sensitive information:

```yaml
# ✅ CORRECT - Using GitHub Secrets
access-token: ${{ secrets.SETTLEMINT_ACCESS_TOKEN }}
# ❌ WRONG - NEVER do this
access-token: "your-token-here" # This is a security risk!
```

- Use GitHub's OIDC (OpenID Connect) for token management in production environments
- Regularly rotate your access tokens and secrets
- Limit secret access to only the necessary workflows and repositories

### Environment Variables

When using .env files:

```yaml
steps:
- uses: settlemint/settlemint-action@main
with:
dotEnvFile: ${{ secrets.ENV_FILE_CONTENT }} # Store as a secret!
dotEnvFile: ${{ secrets.ENV_FILE_CONTENT }} # Store as a secret!
access-token: ${{ secrets.SETTLEMINT_ACCESS_TOKEN }}
```

Expand All @@ -214,4 +217,3 @@ This project is licensed under the FSL-1.1-MIT License - see the [LICENSE](LICEN

- 📚 [SettleMint Documentation](https://console.settlemint.com/documentation)
- 📧 [Support Email](mailto:support@settlemint.com)

33 changes: 28 additions & 5 deletions __tests__/main.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,6 @@ describe('action', () => {
return 'status';
case 'version':
return 'latest';
case 'auto-login':
return 'false';
case 'auto-connect':
return 'false';
default:
Expand All @@ -53,17 +51,17 @@ describe('action', () => {
expect(errorMock).not.toHaveBeenCalled();
});

it('handles auto-login and auto-connect', async () => {
it('handles auto-connect when using a personal access token', async () => {
getInputMock.mockImplementation((name) => {
switch (name) {
case 'command':
return 'status';
case 'version':
return 'latest';
case 'auto-login':
return 'true';
case 'auto-connect':
return 'true';
case 'access-token':
return 'sm_pat_1234567890';
default:
return '';
}
Expand All @@ -78,6 +76,31 @@ describe('action', () => {
expect(execMock).toHaveBeenNthCalledWith(4, 'settlemint', ['status']);
});

it('does not auto-connect when using an application access token', async () => {
getInputMock.mockImplementation((name) => {
switch (name) {
case 'command':
return 'status';
case 'version':
return 'latest';
case 'auto-connect':
return 'true';
case 'access-token':
return 'sm_aat_1234567890';
default:
return '';
}
});

await main.run();
expect(runMock).toHaveReturned();

expect(execMock).toHaveBeenNthCalledWith(1, 'npm', ['install', '-g', '@settlemint/sdk-cli@latest']);
expect(execMock).not.toHaveBeenCalledWith('settlemint', ['login', '-a']);
expect(execMock).not.toHaveBeenCalledWith('settlemint', ['connect', '-a']);
expect(execMock).toHaveBeenNthCalledWith(2, 'settlemint', ['status']);
});

it('sets environment variables when provided', async () => {
getInputMock.mockImplementation((name) => {
switch (name) {
Expand Down
42 changes: 16 additions & 26 deletions action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,70 +10,60 @@ inputs:
command:
description: 'The SettleMint CLI command to execute'
required: false
personal-access-token:
description: 'SettleMint Personal Access Token'
access-token:
description: 'SettleMint Access Token (can be a personal or an application access token)'
required: true
auto-login:
description: 'Automatically login to SettleMint'
required: false
default: 'true'
auto-connect:
description: 'Automatically connect to SettleMint'
description: 'Automatically connect to SettleMint (only executed when access-token is a personal access token)'
required: false
default: 'true'
version:
description: 'SettleMint CLI version to install (defaults to latest)'
required: false
default: 'latest'
access-token:
description: 'SettleMint Access Token'
required: true
instance:
description:
'SettleMint instance URL (defaults to https://console.settlemint.com)'
required: false
default: 'https://console.settlemint.com'
workspace:
description: 'SettleMint workspace ID'
description: 'SettleMint workspace unique name'
required: false
application:
description: 'SettleMint application ID'
description: 'SettleMint application unique name'
required: false
blockchain-network:
description: 'SettleMint blockchain network ID'
description: 'SettleMint blockchain network unique name'
required: false
blockchain-node:
description: 'SettleMint blockchain node ID'
description: 'SettleMint blockchain node unique name'
required: false
load-balancer:
description: 'SettleMint load balancer ID'
description: 'SettleMint load balancer unique name'
required: false
hasura:
description: 'SettleMint Hasura ID'
description: 'SettleMint Hasura unique name'
required: false
thegraph:
description: 'SettleMint TheGraph ID'
description: 'SettleMint TheGraph unique name'
required: false
portal:
description: 'SettleMint Portal ID'
description: 'SettleMint Portal unique name'
required: false
hd-private-key:
description: 'SettleMint HD private key'
description: 'SettleMint HD private key unique name'
required: false
minio:
description: 'SettleMint MinIO ID'
description: 'SettleMint MinIO unique name'
required: false
ipfs:
description: 'SettleMint IPFS ID'
description: 'SettleMint IPFS unique name'
required: false
custom-deployment:
description: 'SettleMint custom deployment ID'
description: 'SettleMint custom deployment unique name'
required: false
blockscout:
description: 'SettleMint Blockscout ID'
required: false
smart-contract-set:
description: 'SettleMint smart contract set ID'
description: 'SettleMint Blockscout unique name'
required: false
dotEnvFile:
description: 'A Github Actions secret containing the .env file, loaded in one go for easy updates'
Expand Down
2 changes: 1 addition & 1 deletion badges/coverage.svg
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading

0 comments on commit 557dbb8

Please sign in to comment.