-
Notifications
You must be signed in to change notification settings - Fork 1
63 lines (60 loc) · 1.78 KB
/
forge-script.yml
File metadata and controls
63 lines (60 loc) · 1.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
name: Forge Script
on:
workflow_call:
inputs:
github-environment:
description: 'Github Environment to deploy from; contains required secrets'
required: true
type: string
forge-script-contract:
description: 'Name of the script contract'
required: true
type: string
forge-script-signature:
description: 'Signature of the script function to call'
required: true
type: string
forge-script-params:
description: 'Parameters for the script'
required: false
type: string
secrets:
aws-role:
description: 'Role ARN to assume for AWS'
required: true
kms-key-id:
description: 'KMS key ID for AWS'
required: true
rpc-url:
description: 'RPC URL for the network'
required: true
permissions:
id-token: write
jobs:
run-script:
name: Run Forge Script
runs-on: ubuntu-24.04-arm
environment: ${{ inputs.github-environment }}
steps:
- uses: actions/checkout@v6
with:
submodules: 'recursive'
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v6
with:
role-to-assume: ${{ secrets.aws-role }}
aws-region: us-east-1
- name: Run Script ${{inputs.forge-script-signature}}
env:
AWS_KMS_KEY_ID: ${{ secrets.kms-key-id }}
run: |
forge script ${{ inputs.forge-script-contract }} \
--sig "${{inputs.forge-script-signature}}" \
--rpc-url ${{ secrets.rpc-url }} \
--aws \
--legacy \
--broadcast \
-vvvv \
${{ inputs.forge-script-params }}