.github/workflows/ci.yml

name: CI

on:
  release:
    types: [published]
  push:
    branches:
       - main
    tags:
      - test-artifacts*
  pull_request:
    branches:
      - main
jobs:
  snyk-scan-deps-licences:
    runs-on: ubuntu-latest
    permissions:
      id-token: write
      pull-requests: read
      contents: read
      deployments: write
    steps:
      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b
      - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
        with:
          role_name: ${{ secrets.AWS_ROLE_NAME_SNYK_SECRET }}
          app_name: 'babylon-nodecli'
          step_name: 'snyk-scan-deps-licenses'
          secret_prefix: 'SNYK'
          secret_name: ${{ secrets.AWS_SECRET_NAME_SNYK }}
          parse_json: true
#      - name: Run Snyk to check for deps vulnerabilities - Devops
#        uses: snyk/actions/python@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0
#        with:
#          args: --all-projects --org=${{ env.SNYK_DEVOPS_ORG_ID }} --severity-threshold=critical -d
      - name: Install pipenv
        run: |
          python -m pip install --upgrade pipenv wheel
      - name: Run Snyk to check for deps vulnerabilities - Network
        run: |
          npm install snyk -g
          snyk -v
          snyk auth ${{ env.SNYK_TOKEN }}
          snyk test --all-projects --org=${{ env.SNYK_NETWORK_ORG_ID }} --severity-threshold=critical -d

  snyk-scan-code:
    runs-on: ubuntu-latest
    permissions:
      id-token: write
      pull-requests: read
      contents: read
      deployments: write
    steps:
      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b
      - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
        with:
          role_name: ${{ secrets.AWS_ROLE_NAME_SNYK_SECRET }}
          app_name: 'babylon-nodecli'
          step_name: 'snyk-scan-code'
          secret_prefix: 'SNYK'
          secret_name: ${{ secrets.AWS_SECRET_NAME_SNYK }}
          parse_json: true
      - name: Run Snyk to check for code vulnerabilities - Devops
        uses: snyk/actions/python@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0
        with:
          args: --all-projects --org=${{ env.SNYK_NETWORK_ORG_ID }} --severity-threshold=high
          command: code test

  snyk-sbom:
    runs-on: ubuntu-latest
    permissions:
      id-token: write
      pull-requests: read
      contents: read
      deployments: write
    needs:
      - snyk-scan-deps-licences
      - snyk-scan-code
    steps:
      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b
      - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
        with:
          role_name: ${{ secrets.AWS_ROLE_NAME_SNYK_SECRET }}
          app_name: 'babylon-nodecli'
          step_name: 'snyk-sbom'
          secret_prefix: 'SNYK'
          secret_name: ${{ secrets.AWS_SECRET_NAME_SNYK }}
          parse_json: true
      - name: Generate SBOM # check SBOM can be generated but nothing is done with it
        uses: snyk/actions/python@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0
        with:
          args: --all-projects --format=cyclonedx1.4+json --json-file-output sbom.json
          command: sbom


  package_ubuntu_cli:
    name: "Package cli for Ubuntu"
    runs-on: ubuntu-22.04
    steps:
      - name: cancel running workflows
        uses: styfle/cancel-workflow-action@0.11.0
        with:
          access_token: ${{ github.token }}
      - name: Checkout
        uses: actions/checkout@v3.4.0
        with:
          fetch-depth: 0
      - name: Dump context
        uses: crazy-max/ghaction-dump-context@v1
      - name: Install build essentials
        run: sudo apt-get -y install build-essential
      - name: setup python
        uses: actions/setup-python@v4.5.0
        with:
          python-version: 3.10.6
      - name: Build application local
        run: |
          cd node-runner-cli
          make install
          make local
      - name: Execute Unit Tests
        run: |
          cd node-runner-cli
          pip install pytest
          pip install pytest-cov
          make test
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Publish Test Results
        uses: EnricoMi/publish-unit-test-result-action@v2.6.1
        if: always()
        with:
          files: |
            /home/runner/work/babylon-nodecli/babylon-nodecli/node-runner-cli/junit/test-results.xml 
            test-results/**/*.xml
            test-results/**/*.trx
            test-results/**/*.json
            junit/**/*.xml
            junit/*.xml
            node-runner-cli/junit/**/*.xml
            junit/*.xml
            **/junit/test-results.xml
      - if: ${{ github.event_name == 'pull_request' }}
        name: Get Cover 
        uses: orgoro/coverage@v3
        with:
          coverageFile: node-runner-cli/coverage.xml
          token: ${{ secrets.GITHUB_TOKEN }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Build the binary for ubuntu jammy
        run: |
          cd node-runner-cli
          make output-ubuntu-jammy
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: "Upload generated cli file"
        uses: actions/upload-artifact@v3.1.2
        with:
          name: ubuntu 22.04
          path: "${{ github.workspace }}/node-runner-cli/out/ubuntu/jammy/radixnode"
      - name: Build the binary for ubuntu focal
        run: |
          cd node-runner-cli
          make output-ubuntu-focal
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: "Upload generated cli file"
        uses: actions/upload-artifact@v3.1.2
        with:
          name: ubuntu 20.04
          path: "${{ github.workspace }}/node-runner-cli/out/ubuntu/focal/radixnode"

  upload-asset-store:
    environment: AWS_ARTIFACT
    runs-on: ubuntu-22.04
    if: ${{ github.event_name == 'push' }}
    needs:
      - package_ubuntu_cli
    permissions:
      id-token: write
      contents: read
      pull-requests: read
    steps:
      - name: Checkout
        uses: actions/checkout@v3.4.0
      - name: set branchname with commit
        run: |
          ls -l
          BRANCH_NAME_WITH_HYPENS=$(echo ${GITHUB_REF##*/} | sed 's/\//-/g')
          COMMIT=$(git log -1 --format=%h )
          BRANCH_WITH_COMMIT=$BRANCH_NAME_WITH_HYPENS-$COMMIT
          echo "BRANCH_WITH_COMMIT=$BRANCH_WITH_COMMIT" >> $GITHUB_ENV
      - name: Configure AWS Region
        run: echo "AWS_DEFAULT_REGION=eu-west-1" >> $GITHUB_ENV
      - id: install-aws-cli
        uses: unfor19/install-aws-cli-action@v1
        with:
          version: 2
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef
        with:
          role-to-assume: arn:aws:iam::${{secrets.ARTIFACT_AWS_ACCOUNT_ID }}:role/gh-asset-store-deployer
          aws-region: eu-west-1
      - name: Download packaged cli
        uses: actions/download-artifact@v3
        with:
          name: ubuntu 22.04
      - name: Upload cli to asset store
        run: |
          ls */**
          aws s3 cp radixnode s3://${{secrets.ARTIFACT_AWS_BUCKET }}/radixnode/${{env.BRANCH_WITH_COMMIT}}/radixnode-ubuntu-22.04

  upload-release-jammy:
    runs-on: ubuntu-22.04
    if: ${{ github.event_name == 'release' }}
    needs:
      - package_ubuntu_cli
    steps:
      - name: Download packaged cli
        uses: actions/download-artifact@v3
        with:
          name: ubuntu 22.04
      - name: Upload radixcli ubuntu binary
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ github.event.release.upload_url }}
          asset_path: ./radixnode
          asset_name: radixnode-ubuntu-22.04
          asset_content_type: application/octet-stream
        if: ${{ github.event_name == 'release' }}

  upload-release-focal:
    runs-on: ubuntu-20.04
    if: ${{ github.event_name == 'release' }}
    needs:
      - package_ubuntu_cli
    steps:
      - name: Download packaged cli
        uses: actions/download-artifact@v3
        with:
          name: ubuntu 20.04
      - name: Upload radixcli ubuntu binary
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ github.event.release.upload_url }}
          asset_path: ./radixnode
          asset_name: radixnode-ubuntu-20.04
          asset_content_type: application/octet-stream
        if: ${{ github.event_name == 'release' }}

  test-systemd:
    runs-on: [node-only]
    needs:
      - package_ubuntu_cli
    steps:
      - name: Checkout
        uses: actions/checkout@v3.4.0
        with:
          fetch-depth: 0
      - name: Download packaged cli
        uses: actions/download-artifact@v3
        with:
          name: ubuntu 22.04
      - name: Get dependencies
        run: |
          chmod +x ./radixnode
          sudo apt-get update
          sudo apt-get install containerd runc
      - name: Run systemd dependencies
        run: |
          ls -a
          chmod +x ./radixnode
          # ./radixnode systemd dependencies
          echo "expecting the dependencies to be already installed"
      - name: Run systemd config
        run: |
          ls -a
          chmod +x ./radixnode
          echo "HOME=$HOME"
          echo "PATH=$PWD"
          ./radixnode systemd config -m CORE \
            -n 13 \
            -t radix://node_tdx_d_1qwq2nfe6vxqwe3mqmfm9l2xl97as7lkwndval63cymvc3qszn8nqx6g2s3m@3.109.161.178 \
            -i 35.178.142.54 \
            -v "not_a_real_validator_address" \
            -k $KEYSTORE_PASSWORD -nk -a \
            -dd $HOME/babylon-ledger
          ./radixnode systemd stop && sudo rm -rf $HOME/babylon-ledger
        env:
          KEYSTORE_PASSWORD: ${{secrets.KEYSTORE_PASSWORD}}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Run systemd install
        run: |
          ls -a
          chmod +x ./radixnode
          echo "HOME=$HOME"
          echo "PATH=$PWD"
          ./radixnode systemd install
      - name: Get Logs and Status
        run: |
          sleep 15
          sudo tail /var/log/syslog  -n 100
          ./radixnode auth set-admin-password --setupmode SYSTEMD -p $NGINX_ADMIN_PASSWORD
          ./radixnode auth set-superadmin-password --setupmode SYSTEMD -p $NGINX_SUPERADMIN_PASSWORD
          ./radixnode auth set-metrics-password --setupmode SYSTEMD -p $NGINX_METRICS_PASSWORD
          NGINX_ADMIN_PASSWORD=$NGINX_ADMIN_PASSWORD ./radixnode api system health
          NGINX_ADMIN_PASSWORD=$NGINX_ADMIN_PASSWORD ./radixnode api system version
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          NGINX_ADMIN_PASSWORD: ${{secrets.NGINX_ADMIN_PASSWORD}}
          NGINX_METRICS_PASSWORD: ${{secrets.NGINX_METRICS_PASSWORD}}
          NGINX_SUPERADMIN_PASSWORD: ${{secrets.NGINX_SUPERADMIN_PASSWORD}}
      - name: Stop systemd 
        run: |
          chmod +x ./radixnode
          echo "HOME=$HOME"
          echo "PATH=$PWD"
          ./radixnode systemd stop   
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      # - name: Clean Up
      #   run: |
      #     sudo rm -rf /etc/radixdlt/node
      #     rm -rf node-config/
      #     rm -rf monitoring

  test-config-command:
    runs-on: ubuntu-22.04
    needs:
      - package_ubuntu_cli
    steps:
      - name: Checkout
        uses: actions/checkout@v3.4.0
        with:
          fetch-depth: 0
      - name: Download packaged cli
        uses: actions/download-artifact@v3
        with:
          name: ubuntu 22.04
      - name: Get dependencies
        run: |
          chmod +x ./radixnode
          sudo apt-get update
          sudo apt-get install containerd runc
          ./radixnode docker dependencies
      - name: core-gateway-all-local
        run: |
          ls -a
          chmod +x ./radixnode
          mkdir -p $HOME/node-config
          echo "HOME=$HOME"
          echo "PATH=$PWD"
          export PROMPT_FEEDS="node-runner-cli/test-prompts/core-gateway-all-local.yml"
          ./radixnode docker config -m DETAILED \
           -d $HOME/node-config \
           -k $KEYSTORE_PASSWORD -nk -a
        env:
          KEYSTORE_PASSWORD: ${{secrets.KEYSTORE_PASSWORD}}
          RADIXDLT_APP_VERSION_OVERRIDE: "1.3.2"
          RADIXDLT_GATEWAY_VERSION_OVERRIDE: "0.0.1-rc1"
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: corenode-01
        run: |
          ls -a
          chmod +x ./radixnode
          export PROMPT_FEEDS="node-runner-cli/test-prompts/corenode-01.yml"
          ./radixnode docker config -m DETAILED \
           -d $HOME/node-config \
           -k $KEYSTORE_PASSWORD -nk -a
        env:
          KEYSTORE_PASSWORD: ${{secrets.KEYSTORE_PASSWORD}}
          RADIXDLT_APP_VERSION_OVERRIDE: "1.3.2"
          RADIXDLT_GATEWAY_VERSION_OVERRIDE: "0.0.1-rc1"
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: corenode-02
        run: |
          ls -a
          export PROMPT_FEEDS="node-runner-cli/test-prompts/corenode-02.yml"
          ./radixnode docker config -m DETAILED \
           -d $HOME/node-config \
           -k $KEYSTORE_PASSWORD -nk -a
        env:
          KEYSTORE_PASSWORD: ${{secrets.KEYSTORE_PASSWORD}}
          RADIXDLT_APP_VERSION_OVERRIDE: "1.3.2"
          RADIXDLT_GATEWAY_VERSION_OVERRIDE: "0.0.1-rc1"
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
#      Enable below tests when gateway support is implemented
#      - name: gateway-remote-core-local-postgress
#        run: |
#          ls -a
#          export PROMPT_FEEDS="node-runner-cli/test-prompts/gateway-remote-core-local-postgress.yml"
#          ./radixnode docker config -m DETAILED \
#           -d $HOME/node-config \
#           -k $KEYSTORE_PASSWORD -nk -a
#        env:
#          KEYSTORE_PASSWORD: ${{secrets.KEYSTORE_PASSWORD}}
#          RADIXDLT_APP_VERSION_OVERRIDE: "1.3.2"
#          RADIXDLT_GATEWAY_VERSION_OVERRIDE: "0.0.1-rc1"
#      - name: gateway-remote-core-remote-postgress
#        run: |
#          ls -a
#          export PROMPT_FEEDS="node-runner-cli/test-prompts/gateway-remote-core-remote-postgress.yml"
#          ./radixnode docker config -m DETAILED \
#           -d $HOME/node-config \
#           -k $KEYSTORE_PASSWORD -nk -a
#        env:
#          KEYSTORE_PASSWORD: ${{secrets.KEYSTORE_PASSWORD}}
#          RADIXDLT_APP_VERSION_OVERRIDE: "1.3.2"
#          RADIXDLT_GATEWAY_VERSION_OVERRIDE: "0.0.1-rc1"

  test-core-only-node:
    runs-on: ubuntu-22.04
    permissions:
      id-token: write
      pull-requests: read
      contents: read
    needs:
      - package_ubuntu_cli
    steps:
      - name: Checkout
        uses: actions/checkout@v3.4.0
        with:
          fetch-depth: 0
      - name: Download packaged cli
        uses: actions/download-artifact@v3
        with:
          name: ubuntu 22.04
      - name: Run configure command
        run: |
          chmod +x ./radixnode
          sudo apt-get update
          sudo apt-get install containerd runc
          ./radixnode docker dependencies
      - name: Setup config
        run: |
          chmod +x ./radixnode
          mkdir -p $HOME/node-config
          export DISABLE_VERSION_CHECK=true
          export RADIXDLT_APP_VERSION_OVERRIDE="rcnet-v2-phase2-r4"
          export DOCKER_COMPOSE_LOCATION="/usr/local/bin/docker-compose"
          export PROMPT_FEEDS="node-runner-cli/test-prompts/core-gateway-all-local.yml"
          ./radixnode docker config -m DETAILED \
           -d $HOME/node-config \
           -k $KEYSTORE_PASSWORD -nk -a
        env:
          KEYSTORE_PASSWORD: ${{secrets.KEYSTORE_PASSWORD}}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
#      - id: auth
#        uses: google-github-actions/auth@a61909d048e0be579b6c15b27088d19668493851
#        with:
#          workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDP }}
#          service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }}
#      - name: 'Register gcloud as Docker credential helper'
#        run: |
#          gcloud auth configure-docker -q
#      - uses: radixdlt/iac-resuable-artifacts/fetch-secrets@v0.8.0
#        with:
#          role_name: "arn:aws:iam::308190735829:role/gh-common-secrets-read-access"
#          app_name: "dashboard"
#          step_name: "push-dash"
#          secret_prefix: "GH_GCR_JSON_KEY"
#          secret_name: "arn:aws:secretsmanager:eu-west-2:308190735829:secret:github-actions/common/gcr-credentials-OeJwWi"
#          parse_json: false
      - name: Login to GCR
        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
        with:
          registry: eu.gcr.io
          username: _json_key
          password: ${{ secrets.GCR_EU_DEV_JSON_KEY }}
      - name: Run CLI setup
        run: |
          export DISABLE_VERSION_CHECK=true
          export DOCKER_COMPOSE_LOCATION="/usr/local/bin/docker-compose"
          ./radixnode docker install -f $HOME/node-config/config.yaml -a
          # ToDo: Fix Authorization error export DOCKER_COMPOSE_FOLDER_PREFIX=runner ?
          sleep 60
          ./radixnode auth set-admin-password -m DOCKER -p $NGINX_ADMIN_PASSWORD
          ./radixnode auth set-metrics-password -m DOCKER -p $NGINX_METRICS_PASSWORD
          ./radixnode auth set-superadmin-password -m DOCKER -p $NGINX_SUPERADMIN_PASSWORD
          NGINX_ADMIN_PASSWORD=$NGINX_ADMIN_PASSWORD ./radixnode api system health
          NGINX_ADMIN_PASSWORD=$NGINX_ADMIN_PASSWORD ./radixnode api system version
        env:
          NGINX_ADMIN_PASSWORD: ${{secrets.NGINX_ADMIN_PASSWORD}}
          NGINX_METRICS_PASSWORD: ${{secrets.NGINX_METRICS_PASSWORD}}
          NGINX_SUPERADMIN_PASSWORD: ${{secrets.NGINX_SUPERADMIN_PASSWORD}}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Run Monitoring setup
        run: |
          export DOCKER_COMPOSE_LOCATION="/usr/local/bin/docker-compose"
          ./radixnode monitoring config \
                        -m MONITOR_CORE  \
                        -cm $NGINX_METRICS_PASSWORD  \
                        -gm $NGINX_METRICS_PASSWORD  \
                        -am $NGINX_METRICS_PASSWORD

          ./radixnode monitoring install -a

        env:
          NGINX_ADMIN_PASSWORD: ${{secrets.NGINX_ADMIN_PASSWORD}}
          NGINX_METRICS_PASSWORD: ${{secrets.NGINX_METRICS_PASSWORD}}
          NGINX_SUPERADMIN_PASSWORD: ${{secrets.NGINX_SUPERADMIN_PASSWORD}}

  snyk-monitor:
    runs-on: ubuntu-latest
    #needs:
    #  - upload-release-jammy
    permissions:
      id-token: write
      pull-requests: read
      contents: read
      deployments: write
    steps:
      - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b
      - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
        with:
          role_name: ${{ secrets.AWS_ROLE_NAME_SNYK_SECRET }}
          app_name: 'babylon-nodecli'
          step_name: 'snyk-monitor'
          secret_prefix: 'SNYK'
          secret_name: ${{ secrets.AWS_SECRET_NAME_SNYK }}
          parse_json: true
      - name: Enable Snyk online monitoring to check for vulnerabilities
        uses: snyk/actions/python@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0
        with:
          args: --all-projects --org=${{ env.SNYK_DEVOPS_ORG_ID }} --target-reference=${{ github.ref_name }}
          command: monitor
      - name: Enable Snyk online monitoring to check for vulnerabilities
        uses: snyk/actions/python@b98d498629f1c368650224d6d212bf7dfa89e4bf # v0.4.0
        with:
          args: --all-projects --org=${{ env.SNYK_NETWORK_ORG_ID }} --target-reference=${{ github.ref_name }}
          command: monitor

#  These do not run on Babylon
#  test-core-api:
#    runs-on: [node-only]
#    needs:
#      - test-core-only-node
#    steps:
#      - uses: actions/setup-python@v3
#        with:
#          python-version: '3.x'
#          architecture: 'x64'
#      - name: Checkout
#        uses: actions/checkout@v3.4.0
#      - name: setup python modules
#        run: |
#          cd node-runner-cli
#          make local
#      - name: Run api commands
#        run: |
#          export DISABLE_VERSION_CHECK=true
#          export NGINX_ADMIN_PASSWORD=$NGINX_ADMIN_PASSWORD
#          export NGINX_METRICS_PASSWORD=$NGINX_METRICS_PASSWORD
#          export NGINX_SUPERADMIN_PASSWORD=$NGINX_SUPERADMIN_PASSWORD
#          python node-runner-cli/tests.py
#        env:
#          NGINX_ADMIN_PASSWORD: ${{secrets.NGINX_ADMIN_PASSWORD}}
#          NGINX_METRICS_PASSWORD: ${{secrets.NGINX_METRICS_PASSWORD}}
#          NGINX_SUPERADMIN_PASSWORD: ${{secrets.NGINX_SUPERADMIN_PASSWORD}}

#  test-full-stack:
#    runs-on: ubuntu-22.04
#    needs:
#      - package_ubuntu_cli
#    steps:
#      - name: Download packaged cli
#        uses: actions/download-artifact@v3
#        with:
#          name: ubuntu 22.04
#      - name: Get dependencies
#        run: |
#          chmod +x ./radixnode
#          sudo apt-get update
#          sudo apt-get install containerd runc
#          ./radixnode docker dependencies
#      - name: Setup config
#        run: |
#          chmod +x ./radixnode
#          mkdir -p $HOME/node-config
#          export DISABLE_VERSION_CHECK=true
#          rm -rf $HOME/node-config
#          ./radixnode docker config -d $HOME/node-config \
#            -t radix://tn1qv9f8ys7ade4khjyr2s6zlhuxjqvhzz39kvjskupaj9lvhl3lwxauc67nn8@65.1.217.210 \
#            -m CORE GATEWAY -n 2 -k $KEYSTORE_PASSWORD -nk -p $POSTGRESS_PASSWORD -a
#          #grep -v "password" $HOME/node-config/config.yaml > temp && mv temp $HOME/node-config/config.yaml
#          cat $HOME/node-config/config.yaml
#        env:
#          POSTGRESS_PASSWORD: ${{secrets.POSTGRESS_PASSWORD}}
#          KEYSTORE_PASSWORD: ${{secrets.KEYSTORE_PASSWORD}}
#          CORE_DOCKER_REPO_OVERRIDE: "radixdlt/radixdlt-core"
#          RADIXDLT_APP_VERSION_OVERRIDE: "1.3.2"
#          RADIXDLT_GATEWAY_VERSION_OVERRIDE: "0.0.1-rc1"
#      - name: Run CLI setup
#        run: |
#          export DISABLE_VERSION_CHECK=true
#          export COMPOSE_HTTP_TIMEOUT=360
#
#          ./radixnode docker stop -f $HOME/node-config/config.yaml
#
#          #Below PATH require when ansible is installed as part of pip
#          export PATH="$PATH:/home/ubuntu/.local/bin"
#
#          DOCKER_COMPOSE_FOLDER_PREFIX=ubuntu ./radixnode auth set-admin-password -m DOCKER -p $NGINX_ADMIN_PASSWORD
#          DOCKER_COMPOSE_FOLDER_PREFIX=ubuntu ./radixnode auth set-metrics-password -m DOCKER -p $NGINX_METRICS_PASSWORD
#          DOCKER_COMPOSE_FOLDER_PREFIX=ubuntu ./radixnode auth set-gateway-password -m DOCKER -p $NGINX_GATEWAY_PASSWORD
#
#          ./radixnode monitoring stop
#          ./radixnode monitoring config \
#              -m MONITOR_CORE MONITOR_GATEWAY \
#              -cm $NGINX_METRICS_PASSWORD  \
#              -gm $NGINX_METRICS_PASSWORD  \
#              -am $NGINX_METRICS_PASSWORD
#
#          ./radixnode monitoring install -a
#
#          export POSTGRES_PASSWORD=${{secrets.POSTGRESS_PASSWORD}}
#          export RADIXDLT_NODE_KEY_PASSWORD=${{secrets.KEYSTORE_PASSWORD}}
#          # ToDo: Fix Docker Image Pull with Gateway installation
#          # ./radixnode docker install -f $HOME/node-config/config.yaml -a
#          # sleep 60
#
#          # NGINX_ADMIN_PASSWORD=$NGINX_ADMIN_PASSWORD ./radixnode api system health
#          # curl -f  --request POST --insecure --user "gateway:$NGINX_GATEWAY_PASSWORD" https://localhost/gateway
#          # curl --insecure --user "gateway:$NGINX_GATEWAY_PASSWORD" https://localhost/token/native --header 'Content-Type: application/json' -d '{ "network_identifier":{"network":"stokenet"}}'
#          # curl -k -f -u "metrics:$NGINX_METRICS_PASSWORD" https://localhost/gateway/metrics
#
#        env:
#          NGINX_ADMIN_PASSWORD: ${{secrets.NGINX_ADMIN_PASSWORD}}
#          NGINX_METRICS_PASSWORD: ${{secrets.NGINX_METRICS_PASSWORD}}
#          NGINX_GATEWAY_PASSWORD: ${{secrets.NGINX_GATEWAY_PASSWORD}}
#          CORE_DOCKER_REPO_OVERRIDE: "radixdlt/radixdlt-core"
#          RADIXDLT_APP_VERSION_OVERRIDE: "1.3.2"
#          RADIXDLT_GATEWAY_VERSION_OVERRIDE: "0.0.1-rc1"

#
#  test-full-stack-no-nginx:
#    runs-on: ubuntu-22.04
#    needs:
#      - package_ubuntu_cli
#    steps:
#      - name: Download packaged cli
#        uses: actions/download-artifact@v3
#        with:
#          name: ubuntu 22.04
#      - name: Get dependencies
#        run: |
#          chmod +x ./radixnode
#          sudo apt-get update
#          sudo apt-get install containerd runc
#          ./radixnode docker dependencies
#      - name: Setup config
#        run: |
#          chmod +x ./radixnode
#          mkdir -p $HOME/node-config
#          export DISABLE_VERSION_CHECK=true
#          export COMPOSE_HTTP_TIMEOUT=360
#          ./radixnode docker config -d $HOME/node-config \
#            -t radix://tn1qv9f8ys7ade4khjyr2s6zlhuxjqvhzz39kvjskupaj9lvhl3lwxauc67nn8@65.1.217.210 \
#            -m CORE GATEWAY -n 2 -k password -nk -p postgres -xg false -xc false -a
#        env:
#          POSTGRESS_PASSWORD: ${{secrets.POSTGRESS_PASSWORD}}
#          KEYSTORE_PASSWORD: ${{secrets.KEYSTORE_PASSWORD}}
#          CORE_DOCKER_REPO_OVERRIDE: "radixdlt/radixdlt-core"
#          RADIXDLT_APP_VERSION_OVERRIDE: "1.3.2"
#          RADIXDLT_GATEWAY_VERSION_OVERRIDE: "0.0.1-rc1"
#      - name: Run CLI setup
#        run: |
#          export DISABLE_VERSION_CHECK=true
#          export COMPOSE_HTTP_TIMEOUT=360
#          ./radixnode docker stop -f $HOME/node-config/config.yaml
#
#          #Below PATH require when ansible is installed as part of pip
#          export PATH="$PATH:/home/ubuntu/.local/bin"
#          # ToDo: Fix Docker Image Pull with Gateway installation
#          # ./radixnode docker install -f $HOME/node-config/config.yaml -a -u
#
#          # sleep 60
#          # NODE_END_POINT="http://localhost:3333" NGINX=false ./radixnode api system health
#          # curl -k -f -u "admin:$NGINX_ADMIN_PASSWORD" http://localhost:5207
#        env:
#          CORE_DOCKER_REPO_OVERRIDE: "radixdlt/radixdlt-core"
#          RADIXDLT_APP_VERSION_OVERRIDE: "1.3.2"
#          RADIXDLT_GATEWAY_VERSION_OVERRIDE: "0.0.1-rc1"