A0-3755: Faucet cleaup

.eslintrc.json

@@ -5,25 +5,40 @@
   },
   "extends": [
     "eslint:recommended",
+    "plugin:@typescript-eslint/eslint-recommended",
     "plugin:@typescript-eslint/recommended",
-    "plugin:import/recommended",
+    "plugin:@typescript-eslint/recommended-requiring-type-checking",
     "plugin:import/typescript",
-    "plugin:security/recommended",
-    "plugin:prettier/recommended"
+    "semistandard"
   ],
+  "globals": {
+    "Atomics": "readonly",
+    "SharedArrayBuffer": "readonly"
+  },
   "parser": "@typescript-eslint/parser",
+  "parserOptions": {
+    "project": ["./tsconfig.json"]
+  },
   "plugins": [
     "@typescript-eslint",
     "security",
     "promise",
     "simple-import-sort"
   ],
   "rules": {
+    "@typescript-eslint/camelcase": "off",
+    "@typescript-eslint/no-unused-vars": "error",
+    "arrow-spacing":["warn",{ "before": true, "after": true }],
+    "camelcase": "off",
+    "comma-dangle": ["error", "never"],
+    "no-multiple-empty-lines": ["error", {"max": 1}],
+    "no-trailing-spaces": ["warn"],
+    "no-unused-vars": "off",
+    "object-curly-spacing": ["error", "always"],
+    "quotes": ["error", "single",  { "avoidEscape": true }],
+    "semi": [2, "always"],
     "simple-import-sort/imports": "error",
-    "sort-keys": [
-      "error",
-      "asc",
-      { "caseSensitive": true, "natural": false, "minKeys": 2 }
-    ]
+    "sort-keys": ["error", "asc", {"caseSensitive": true, "natural": false, "minKeys": 2}],
+    "switch-colon-spacing": ["error", {"after": true, "before": false}]
   }
 }

.github/workflows/_check-vars-and-secrets.yml

@@ -0,0 +1,38 @@
+---
+#  This workflow checks if vars and secrets are present and fails if one is empty.
+#  It should be included as a first step in all the workflows.
+name: Check vars and secrets
+on:
+  workflow_call:
+
+jobs:
+  main:
+    name: Check available vars and secrets
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Check vars
+        run: |
+          if [[ \
+            -z '${{ vars.ECR_PUBLIC_HOST }}' || \
+            -z '${{ vars.ECR_PUBLIC_REGISTRY }}' || \
+            -z '${{ vars.KUSTOMIZE_VERSION }}'
+          ]]; then
+            echo '!!! Some repository variables are either missing or empty.'
+            echo '!!! Please check either repository or organization settings.'
+            exit 1
+          fi
+
+      - name: Check secrets
+        run: |
+          if [[ \
+            -z '${{ secrets.AWS_MAINNET_ACCESS_KEY_ID }}' || \
+            -z '${{ secrets.AWS_MAINNET_SECRET_ACCESS_KEY }}' || \
+            -z '${{ secrets.AUTOCOMMIT_AUTHOR }}' || \
+            -z '${{ secrets.AUTOCOMMIT_EMAIL }}' || \
+            -z '${{ secrets.CI_GH_TOKEN }}' || \
+            -z '${{ secrets.REPO_ARGOCD_APPS_NAME }}'
+          ]]; then
+            echo '!!! Some repository secrets are either missing or empty.'
+            echo '!!! Please check either repository or organization settings.'
+            exit 1
+          fi

.github/workflows/deploy-to-testnet.yml

@@ -0,0 +1,83 @@
+---
+name: Deploy to Testnet
+
+on:
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: false
+
+jobs:
+  check-vars-and-secrets:
+    name: Check vars and secrets
+    uses: ./.github/workflows/_check-vars-and-secrets.yml
+    secrets: inherit
+
+  deploy-faucet-to-testnet:
+    name: Build and push faucet image
+    needs: [check-vars-and-secrets]
+    runs-on: ubuntu-20.04
+    steps:
+      - name: GIT | Checkout Source code
+        uses: actions/checkout@v4
+
+      - name: Call action get-ref-properties
+        id: get-ref-properties
+        uses: Cardinal-Cryptography/github-actions/get-ref-properties@v6
+
+      - name: Get facuet rc image name
+        id: get-image-name
+        env:
+          ECR_REGISTRY: '${{ vars.ECR_PUBLIC_REGISTRY }}'
+          APP: faucet
+          TAG: '${{ steps.get-ref-properties.outputs.sha }}'
+        shell: bash
+        run: |
+          image=${{ env.ECR_REGISTRY }}${{ env.APP }}:${{ env.TAG }}
+          echo "image=${image}" >> $GITHUB_OUTPUT
+
+      - name: Check deploy image existence
+        uses: Cardinal-Cryptography/github-actions/check-image-existence-ecr@v6
+        with:
+          ecr-image: ${{ steps.get-image-name.outputs.image }}
+
+      - name: Get repo owner
+        id: get-repo-owner
+        shell: bash
+        run: |
+          echo "repo-owner=$GITHUB_REPOSITORY_OWNER" >> $GITHUB_OUTPUT
+
+      - name: GIT | Checkout argocd apps repo
+        uses: actions/checkout@v4
+        with:
+          ref: 'testnet'
+          # yamllint disable-line rule:line-length
+          repository: ${{ steps.get-repo-owner.outputs.repo-owner }}/${{ secrets.REPO_ARGOCD_APPS_NAME }}
+          token: ${{ secrets.CI_GH_TOKEN }}
+          path: ${{ secrets.REPO_ARGOCD_APPS_NAME }}
+
+      - name: Init kustomize
+        uses: imranismail/setup-kustomize@v2
+        with:
+          kustomize-version: ${{ vars.KUSTOMIZE_VERSION }}
+
+      - name: Update faucet Testnet image in kustomize file
+        env:
+          RELEASE_IMAGE: ${{ steps.get-image-name.outputs.image }}
+          REGIONS_AWS: 'eu-central-1'
+        run: |
+            export aleph_path=$(pwd)
+            export apps_name=${{ secrets.REPO_ARGOCD_APPS_NAME }}
+            cd ${aleph_path}/${apps_name}/faucet/overlays/testnet/${{ env.REGIONS_AWS }}
+            kustomize edit set image "faucet-image-placeholder=${{ env.RELEASE_IMAGE }}"
+
+      - name: GIT | Commit changes to argocd apps repository.
+        uses: EndBug/[email protected]
+        with:
+          author_name: ${{ secrets.AUTOCOMMIT_AUTHOR }}
+          author_email: ${{ secrets.AUTOCOMMIT_EMAIL }}
+          # yamllint disable-line rule:line-length
+          message: "Updating testnet faucet docker image tag to: ${{ steps.get-image-name.outputs.image }}"
+          add: "*.yaml"
+          cwd: ${{ secrets.REPO_ARGOCD_APPS_NAME }}

.github/workflows/on-alephzero-branch-commit.yml

@@ -0,0 +1,57 @@
+---
+name: Push to alephzero branch
+
+on:
+  push:
+    branches:
+      - alephzero
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+jobs:
+  check-vars-and-secrets:
+    name: Check vars and secrets
+    uses: ./.github/workflows/_check-vars-and-secrets.yml
+    secrets: inherit
+
+  build-and-push-faucet:
+    name: Build and push faucet image
+    needs: [check-vars-and-secrets]
+    runs-on: ubuntu-20.04
+    steps:
+      - name: GIT | Checkout Source code
+        uses: actions/checkout@v4
+
+      - name: Call action get-ref-properties
+        id: get-ref-properties
+        uses: Cardinal-Cryptography/github-actions/get-ref-properties@v6
+
+      - name: Get facuet rc image name
+        id: get-image-name
+        env:
+          ECR_REGISTRY: '${{ vars.ECR_PUBLIC_REGISTRY }}'
+          APP: faucet
+          TAG: '${{ steps.get-ref-properties.outputs.sha }}'
+        shell: bash
+        run: |
+          image=${{ env.ECR_REGISTRY }}${{ env.APP }}:${{ env.TAG }}
+          echo "image=${image}" >> $GITHUB_OUTPUT
+
+      - name: Build docker image
+        run: |
+          docker build --tag '${{ steps.get-image-name.outputs.image }}' -f ./Dockerfile .
+
+      - name: Login to ECR
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ vars.ECR_PUBLIC_HOST }}
+          username: ${{ secrets.AWS_MAINNET_ACCESS_KEY_ID }}
+          password: ${{ secrets.AWS_MAINNET_SECRET_ACCESS_KEY }}
+
+      - name: Push image to the ECR registry
+        id: push-image
+        run: |
+          docker push '${{ steps.get-image-name.outputs.image }}'
+

.github/workflows/on-pr-commit.yml

@@ -0,0 +1,22 @@
+---
+name: PR commit
+on:
+  pull_request:
+  merge_group:
+
+jobs:
+  main:
+    continue-on-error: true
+    strategy:
+      matrix:
+        step: ['lint', 'build']
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - name: ${{ matrix.step }}
+        run: |
+          yarn --frozen-lockfile
+          yarn ${{ matrix.step }}

.github/workflows/yaml-lint.yml

@@ -0,0 +1,21 @@
+---
+name: GH Action YAML linter
+
+on:
+  merge_group:
+  pull_request:
+    paths:
+      - '.github/**.yml'
+      - '.github/**.yaml'
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+jobs:
+  main:
+    name: YAML Lint
+    runs-on: ubuntu-20.04
+    steps:
+      - name: LINT | Execute YAML linter
+        uses: Cardinal-Cryptography/github-actions/yaml-lint@v6