Skip to content

refactor: disallow prune in devnet + add onlyOwners #17896

refactor: disallow prune in devnet + add onlyOwners

refactor: disallow prune in devnet + add onlyOwners #17896

Workflow file for this run

name: CI
on:
push:
branches: [master]
pull_request:
branches-ignore: [devnet]
workflow_dispatch:
inputs: {}
concurrency:
# force parallelism in master
group: ci-${{ github.ref_name == 'master' && github.run_id || github.ref_name }}
cancel-in-progress: true
env:
DOCKERHUB_PASSWORD: "${{ secrets.DOCKERHUB_PASSWORD }}"
RUN_ID: ${{ github.run_id }}
RUN_ATTEMPT: ${{ github.run_attempt }}
USERNAME: ${{ github.event.pull_request.user.login || github.actor }}
GITHUB_TOKEN: ${{ github.token }}
GH_SELF_HOSTED_RUNNER_TOKEN: ${{ secrets.GH_SELF_HOSTED_RUNNER_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
BUILD_INSTANCE_SSH_KEY: ${{ secrets.BUILD_INSTANCE_SSH_KEY }}
GIT_COMMIT: ${{ github.event.pull_request.head.sha || github.sha }}
# kludge until we move away from runners
WAIT_FOR_RUNNERS: false
jobs:
setup:
uses: ./.github/workflows/setup-runner.yml
with:
username: ${{ github.event.pull_request.user.login || github.actor }}
runner_type: builder-x86
secrets: inherit
changes:
runs-on: ubuntu-20.04
# Required permissions.
permissions:
pull-requests: read
# Set job outputs to values from filter step
outputs:
avm-transpiler: ${{ steps.filter.outputs.avm-transpiler }}
build-images: ${{ steps.filter.outputs.build-images }}
barretenberg: ${{ steps.filter.outputs.barretenberg }}
barretenberg-cpp: ${{ steps.filter.outputs.barretenberg-cpp }}
noir: ${{ steps.filter.outputs.noir }}
noir-projects: ${{ steps.filter.outputs.noir-projects }}
l1-contracts: ${{ steps.filter.outputs.l1-contracts }}
non-docs: ${{ steps.filter.outputs.non-docs }}
non-misc-ci: ${{ steps.filter.outputs.non-misc-ci }}
non-barretenberg-cpp: ${{ steps.filter.outputs.non-barretenberg-cpp }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36
id: filter
with:
filters: |
barretenberg:
- 'barretenberg/**'
barretenberg-cpp:
- 'barretenberg/cpp/**'
build-images:
- 'build-images/**'
noir:
- 'noir/**'
avm-transpiler:
- 'avm-transpiler/**'
l1-contracts:
- 'l1-contracts/**'
noir-projects:
- 'noir-projects/**'
non-barretenberg-cpp:
- '!(barretenberg/cpp/**)'
# don't consider AVM stuff 'core bb'
- barretenberg/cpp/pil/**
- barretenberg/cpp/src/barretenberg/vm/**
- barretenberg/cpp/src/barretenberg/**/generated/*
- barretenberg/cpp/src/barretenberg/client_ivc.{hpp,cpp}
non-docs:
- '!(docs/**)'
non-misc-ci:
- '!(.github/**)'
# Always rebuild when this file changes
- .github/workflows/ci.yml
build-images:
needs: [setup, changes]
# Note we don't but the 'if' here as that would also apply to dependent jobs, instead we just copy it into each step
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
steps:
- uses: actions/checkout@v4
if: ${{ needs.changes.outputs.build-images == 'true' }}
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
if: ${{ needs.changes.outputs.build-images == 'true' }}
with:
concurrency_key: build-images-x86
- name: "Push Build Images If Changed"
if: ${{ needs.changes.outputs.build-images == 'true' }}
timeout-minutes: 40
run: |
earthly-ci --push ./build-images/+build
build:
needs: [build-images, changes]
if: ${{ needs.changes.outputs.non-docs == 'true' && needs.changes.outputs.non-misc-ci == 'true' && needs.changes.outputs.non-barretenberg-cpp == 'true' }}
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
outputs:
e2e_list: ${{ steps.e2e_list.outputs.list }}
bench_list: ${{ steps.bench_list.outputs.list }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: build-x86
# prepare images locally, tagged by commit hash
- name: "Build E2E Image"
timeout-minutes: 40
run: |
earthly-ci ./yarn-project+export-e2e-test-images
# We base our e2e list used in e2e-x86 off the targets in ./yarn-project/end-to-end
# (Note ARM uses just 2 tests as a smoketest)
- name: Create list of non-bench end-to-end jobs
id: e2e_list
run: echo "list=$(earthly ls ./yarn-project/end-to-end | grep -v '+base' | grep -v '+bench' | grep -v "+network" | grep -v 'devnet' | sed 's/+//' | jq -R . | jq -cs .)" >> $GITHUB_OUTPUT
- name: Create list of bench end-to-end jobs
id: bench_list
run: echo "list=$(earthly ls ./yarn-project/end-to-end | grep '+bench' | sed 's/+//' | jq -R . | jq -cs .)" >> $GITHUB_OUTPUT
# all the non-bench end-to-end integration tests for aztec
e2e:
needs: [build, changes]
if: ${{ needs.changes.outputs.non-barretenberg-cpp == 'true' }}
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
test: ${{ fromJson( needs.build.outputs.e2e_list )}}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
- name: Setup and Test
timeout-minutes: 40
uses: ./.github/ensure-tester-with-images
with:
runner_type: ${{ contains(matrix.test, 'prover') && '64core-tester-x86' || '8core-tester-x86' }}
builder_type: builder-x86
# these are copied to the tester and expected by the earthly command below
# if they fail to copy, it will try to build them on the tester and fail
builder_images_to_copy: aztecprotocol/aztec:${{ env.GIT_COMMIT }} aztecprotocol/end-to-end:${{ env.GIT_COMMIT }}
# command to produce the images in case they don't exist
builder_command: scripts/earthly-ci ./yarn-project+export-e2e-test-images
run: |
set -eux
cd ./yarn-project/end-to-end/
export FORCE_COLOR=1
../../scripts/earthly-ci -P --no-output +${{ matrix.test }}
# all the benchmarking end-to-end integration tests for aztec (not required to merge)
bench-e2e:
needs: [build, changes]
if: ${{ needs.changes.outputs.non-barretenberg-cpp == 'true' }}
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
test: ${{ fromJson( needs.build.outputs.bench_list )}}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
- name: Setup and Test
uses: ./.github/ensure-tester-with-images
timeout-minutes: 45
with:
runner_type: ${{ contains(matrix.test, 'prover') && '64core-tester-x86' || '16core-tester-x86' }}
builder_type: builder-x86
# these are copied to the tester and expected by the earthly command below
# if they fail to copy, it will try to build them on the tester and fail
builder_images_to_copy: aztecprotocol/aztec:${{ env.GIT_COMMIT }} aztecprotocol/end-to-end:${{ env.GIT_COMMIT }}
# command to produce the images in case they don't exist
builder_command: scripts/earthly-ci ./yarn-project+export-e2e-test-images
tester_ttl: 40
run: |
set -eux
cd ./yarn-project/end-to-end/
export FORCE_COLOR=1
export EARTHLY_BUILD_ARGS="${{ env.EARTHLY_BUILD_ARGS }}"
../../scripts/earthly-ci --exec-stats -P --no-output +${{ matrix.test }}
acir-bench:
runs-on: ubuntu-20.04
needs: [build-images, changes]
# Note: not fully accurate, but to work with bench-summary needs to be the same as bench-e2e
if: ${{ needs.changes.outputs.non-barretenberg-cpp == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
- name: Setup and Test
uses: ./.github/ensure-tester-with-images
timeout-minutes: 40
with:
runner_type: 16core-tester-x86
builder_type: builder-x86
# these are copied to the tester and expected by the earthly command below
# if they fail to copy, it will try to build them on the tester and fail
builder_images_to_copy: aztecprotocol/barretenberg-acir-benches:${{ env.GIT_COMMIT }}
# command to produce the images in case they don't exist
builder_command: cd noir && ../scripts/earthly-ci +export-bench-acir-bb
run: |
set -eux
cd ./noir/
export FORCE_COLOR=1
export EARTHLY_BUILD_ARGS="${{ env.EARTHLY_BUILD_ARGS }}"
../scripts/earthly-ci -P --no-output +bench-publish-acir-bb
bench-summary:
needs:
- acir-bench
- bench-e2e
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 100 # Downloading base benchmark from master requires access to history
ref: "${{ github.event.pull_request.head.sha }}"
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: build-x86
- name: "Build and upload bench aggregate file"
working-directory: ./yarn-project/scripts
run: |
earthly-ci -P +bench-aggregate
- name: "Download base benchmark and package into earthly"
if: ${{ github.event_name == 'pull_request' }}
run: |
# Download the base benchmark locally (requires AWS creds and .git history)
mkdir -p $BENCH_FOLDER
./scripts/logs/download_base_benchmark_from_s3.sh
# Package it into an earthly artifact to read from bench-comment
earthly-ci -P ./scripts/logs+pack-base-benchmark
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
BENCH_FOLDER: "./scripts/logs/tmp/bench"
PULL_REQUEST: "${{ github.event.pull_request.number }}"
- name: "Generate summary comment if pull request"
if: ${{ github.event_name == 'pull_request' }}
working-directory: ./yarn-project/scripts
run: |
earthly-ci -P +bench-comment
env:
AZTEC_BOT_GITHUB_TOKEN: ${{ secrets.AZTEC_BOT_GITHUB_TOKEN }}
bb-gcc:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg-cpp == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
# Only allow one memory-hunger prover test to use this runner
- uses: ./.github/ci-setup-action
with:
# must be globally unique for build x runner
concurrency_key: bb-gcc
- name: "Ensure GCC Builds"
working-directory: ./barretenberg/cpp/
timeout-minutes: 40
# limit our parallelism to half our cores
run: earthly-ci --no-output +preset-gcc
# barretenberg (prover) native, AVM (public VM) and Merkle tree (world state) tests
# only ran on x86 for resource reasons (memory intensive)
bb-native-tests:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg-cpp == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
# Only allow one memory-hunger prover test to use this runner
- uses: ./.github/ci-setup-action
with:
# must be globally unique for build x runner
concurrency_key: bb-native-tests-x86
- name: "Native Prover Tests"
working-directory: ./barretenberg/cpp/
timeout-minutes: 40
# limit our parallelism to half our cores
run: earthly-ci --exec-stats --no-output +test --hardware_concurrency=64
bb-js-test:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: bb-js-test-x86
- name: "bb.js Tests"
working-directory: ./barretenberg/ts/
timeout-minutes: 40
run: earthly-ci --no-output ./+test
noir-build-acir-tests:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg == 'true' || needs.changes.outputs.noir == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: build-acir-tests-x86
- name: "Build Acir Tests"
timeout-minutes: 40
run: earthly-ci --no-output ./noir/+build-acir-tests
bb-acir-tests-bb:
needs: [noir-build-acir-tests, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg == 'true' || needs.changes.outputs.noir == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: barretenberg-acir-tests-bb-x86
- name: "BB Native Acir Tests"
working-directory: ./barretenberg/
timeout-minutes: 40
run: earthly-ci --no-output ./+barretenberg-acir-tests-bb
bb-acir-tests-sol:
needs: [noir-build-acir-tests, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg == 'true' || needs.changes.outputs.noir == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: barretenberg-acir-tests-sol-x86
- name: "BB Solidity Acir Tests"
working-directory: ./barretenberg/
timeout-minutes: 40
run: earthly-ci --no-output ./+barretenberg-acir-tests-sol
bb-acir-tests-sol-honk:
needs: [noir-build-acir-tests, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg == 'true' || needs.changes.outputs.noir == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: barretenberg-acir-tests-sol-honk-x86
- name: "BB Solidity Acir Tests"
working-directory: ./barretenberg/
timeout-minutes: 40
run: earthly-ci --no-output ./+barretenberg-acir-tests-sol-honk
bb-acir-tests-bb-js:
needs: [noir-build-acir-tests, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg == 'true' || needs.changes.outputs.noir == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: barretenberg-acir-tests-bb-js-x86
- name: "BB JS Acir Tests"
working-directory: ./barretenberg/
timeout-minutes: 40
run: earthly-ci --no-output ./+barretenberg-acir-tests-bb.js
noir-format:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.noir == 'true' || needs.changes.outputs.noir-projects == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: noir-format-x86
- name: "Format Noir"
working-directory: ./noir/
timeout-minutes: 40
run: earthly-ci --no-output ./+format
- name: "Format noir-projects"
working-directory: ./noir-projects/
timeout-minutes: 40
run: |
earthly-ci --no-output ./+format
noir-test:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.noir == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: noir-x86
- name: "Test Nargo"
run: earthly-ci --no-output ./noir+test
noir-examples:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg == 'true' || needs.changes.outputs.noir == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: noir-examples-x86
- name: "Test Noir examples"
run: earthly-ci --no-output ./noir+examples
noir-packages-test:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg == 'true' || needs.changes.outputs.noir == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: noir-packages-x86
- name: "Test Noir JS packages"
run: earthly-ci --no-output ./noir+packages-test
noir-projects:
needs: [build-images, changes, build]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.barretenberg == 'true' || needs.changes.outputs.noir == 'true' || needs.changes.outputs.noir-projects == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: noir-projects-x86
- name: "Noir Projects"
timeout-minutes: 40
run: |
earthly-ci --no-output ./noir-projects/+test
avm-format:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.avm-transpiler == 'true' || needs.changes.outputs.noir == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: avm-transpiler-format-x86
- name: "Format AVM transpiler"
working-directory: ./avm-transpiler/
timeout-minutes: 40
run: earthly-ci --no-output ./+format
yarn-project-formatting:
needs: build
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: yarn-project-formatting-x86
- name: "Yarn Project Tests"
timeout-minutes: 40
run: earthly-ci --no-output ./yarn-project/+format-check
yarn-project-test:
needs: build
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: yarn-project-test-x86
- name: "Yarn Project Tests"
timeout-minutes: 40
run: earthly-ci --no-output ./yarn-project/+test
prover-client-test:
needs: build
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: prover-client-test-x86
- name: "Prover Client Tests"
timeout-minutes: 40
run: earthly-ci --no-output ./yarn-project/+prover-client-test
l1-contracts-test:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.l1-contracts == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: l1-contracts-${{ github.event.pull_request.user.login || github.actor }}-x86
- name: "Test l1 contracts"
run: earthly-ci --no-output ./l1-contracts+test
docs-preview:
needs: [build-images, changes]
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
if: ${{ needs.changes.outputs.non-barretenberg-cpp == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
with:
concurrency_key: docs-preview-x86
- name: "Docs Preview"
if: github.event.number
timeout-minutes: 40
run: |
earthly-ci --no-output \
./docs/+deploy-preview --ENV=staging --PR=${{ github.event.number }} \
--AZTEC_BOT_COMMENTER_GITHUB_TOKEN=${{ secrets.AZTEC_BOT_GITHUB_TOKEN }} \
--NETLIFY_AUTH_TOKEN=${{ secrets.NETLIFY_AUTH_TOKEN }} \
--NETLIFY_SITE_ID=${{ secrets.NETLIFY_SITE_ID }}
bb-bench:
runs-on: ubuntu-20.04
needs: [build-images, changes]
if: ${{ needs.changes.outputs.barretenberg-cpp == 'true' }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
- uses: ./.github/ci-setup-action
- name: Build Bench Binaries
uses: ./.github/ensure-builder
with:
runner_type: builder-x86
run: |
set -eux
echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u aztecprotocolci --password-stdin
scripts/earthly-ci --push ./barretenberg/cpp/+bench-binaries
- name: Run Bench
uses: ./.github/ensure-tester
timeout-minutes: 40
with:
runner_type: 16core-tester-x86
run: |
scripts/earthly-ci --artifact ./barretenberg/cpp/+bench/bench.json --bench_mode=cache
# TODO(AD): revisit this model as it's currently fiddly to get these artifacts off of the 'tester'
- name: Copy Bench.json
run: copy_from_tester /home/ubuntu/run-${{ env.RUN_ID }}/barretenberg/cpp/bench.json bench.json
# Utilize github-action-benchmark to automatically update the plots at
# https://aztecprotocol.github.io/aztec-packages/dev/bench/ with new benchmark data.
# This also creates an alert if benchmarks exceed the threshold specified below.
- name: Store benchmark result
if: ${{ github.ref == 'refs/heads/master' }}
uses: benchmark-action/github-action-benchmark@4de1bed97a47495fc4c5404952da0499e31f5c29
with:
name: C++ Benchmark
tool: "googlecpp"
output-file-path: bench.json
# Access token to deploy GitHub Pages branch
github-token: ${{ secrets.AZTEC_BOT_GITHUB_TOKEN }}
# Push and deploy GitHub pages branch automatically
auto-push: true
# Show alert with commit comment on detecting possible performance regression
alert-threshold: "105%" # alert if bench result is 1.05x worse
comment-on-alert: true
fail-on-alert: false
alert-comment-cc-users: "@ludamad @codygunton"
max-items-in-chart: 50
boxes:
needs: build
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
steps:
- uses: actions/checkout@v4
with: { ref: "${{ github.event.pull_request.head.sha }}" }
- uses: ./.github/ci-setup-action
with:
# must be globally unique for build x runner
concurrency_key: boxes-${{ github.event.pull_request.user.login || github.actor }}-build
- name: Build
working-directory: ./boxes
timeout-minutes: 40
run: earthly-ci +export-boxes
boxes-test:
needs: boxes
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
strategy:
fail-fast: false
matrix:
box: [vanilla, react]
# intermittent issues with firefox https://github.com/AztecProtocol/aztec-packages/issues/6676
# browser: [chromium, webkit, firefox]
browser: [chromium, webkit]
steps:
- uses: actions/checkout@v4
with: { ref: "${{ github.event.pull_request.head.sha }}" }
- uses: ./.github/ci-setup-action
with:
# must be globally unique for build x runner
concurrency_key: boxes-${{ github.event.pull_request.user.login || github.actor }}-x86-${{ matrix.box }}-${{ matrix.browser }}
- name: Box test
working-directory: ./boxes
timeout-minutes: 40
run: earthly-ci -P --no-output +test --box=${{ matrix.box }} --browser=${{ matrix.browser }} --mode=cache
protocol-circuits-gates-report:
needs: [build-images, changes]
if: ${{ needs.changes.outputs.non-docs == 'true' && needs.changes.outputs.non-misc-ci == 'true' }}
runs-on: ${{ github.event.pull_request.user.login || github.actor }}-x86
permissions:
pull-requests: write
steps:
- uses: actions/checkout@v4
with: { ref: "${{ env.GIT_COMMIT }}" }
# Only allow one memory-hunger prover test to use this runner
- uses: ./.github/ci-setup-action
with:
concurrency_key: protocol-circuits-gates-report-x86
- name: "Noir Protocol Circuits Report"
working-directory: ./noir-projects/
timeout-minutes: 40
run: |
earthly-ci \
--artifact +gates-report/gates_report.json
mv gates_report.json ../protocol_circuits_report.json
- name: Compare gates reports
id: gates_diff
uses: vezenovm/noir-gates-diff@acf12797860f237117e15c0d6e08d64253af52b6
with:
report: protocol_circuits_report.json
summaryQuantile: 0 # Display any diff in gate count
- name: Add gates diff to sticky comment
if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target'
uses: marocchino/sticky-pull-request-comment@v2
with:
# delete the comment in case changes no longer impact circuit sizes
delete: ${{ !steps.gates_diff.outputs.markdown }}
message: ${{ steps.gates_diff.outputs.markdown }}
merge-check:
runs-on: ubuntu-20.04
needs:
# must be kept in sync with rerun-check
- setup
- changes
- build
- e2e
# - bench-e2e # non-blocking
# - acir-bench # non-blocking
# - bench-summary # non-blocking
- bb-gcc
- bb-native-tests
- bb-js-test
- noir-build-acir-tests
- bb-acir-tests-bb
- bb-acir-tests-sol
- bb-acir-tests-sol-honk
- bb-acir-tests-bb-js
- noir-format
- noir-test
- noir-examples
- noir-packages-test
- noir-projects
- avm-format
- yarn-project-formatting
- yarn-project-test
- prover-client-test
- l1-contracts-test
- docs-preview
# - bb-bench # non-blocking
- boxes
- boxes-test
# - protocol-circuits-gates-report # non-blocking
if: always()
steps:
- name: Report overall success
env:
# We treat any skipped or failing jobs as a failure for the workflow as a whole.
FAIL: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
run: |
if [[ $FAIL == true ]]; then
echo "At least one job failed (or cancelled), merging not allowed."
exit 1
else
echo "All jobs succeeded, merge allowed."
exit 0
fi
rerun-check:
runs-on: ubuntu-20.04
permissions:
actions: write
needs:
# must be kept in sync with merge-check
- setup
- changes
- build
- e2e
# - bench-e2e # non-blocking
# - acir-bench # non-blocking
# - bench-summary # non-blocking
- bb-gcc
- bb-native-tests
- bb-js-test
- noir-build-acir-tests
- bb-acir-tests-bb
- bb-acir-tests-sol
- bb-acir-tests-sol-honk
- bb-acir-tests-bb-js
- noir-format
- noir-test
- noir-examples
- noir-packages-test
- noir-projects
- avm-format
- yarn-project-formatting
- yarn-project-test
- prover-client-test
- l1-contracts-test
- docs-preview
# - bb-bench # non-blocking
- boxes
- boxes-test
# - protocol-circuits-gates-report # non-blocking
if: ${{ !cancelled() }}
steps:
- name: Check for Rerun
env:
# We treat any skipped or failing jobs as a failure for the workflow as a whole.
HAD_FAILURE: ${{ contains(needs.*.result, 'failure') }}
GH_REPO: ${{ github.repository }}
GH_TOKEN: ${{ github.token }}
run: |
if [[ $HAD_FAILURE == true ]] && [[ $RUN_ATTEMPT -lt 2 ]] ; then
echo "Retrying first workflow failure. This is a stop-gap until things are more stable."
gh workflow run rerun.yml -F run_id=${{ github.run_id }}
fi
# NOTE: we only notify failures after a rerun has occurred
notify:
needs:
- merge-check
runs-on: ubuntu-20.04
if: ${{ github.ref == 'refs/heads/master' && failure() && github.run_attempt >= 2 }}
steps:
- name: Send notification to aztec3-ci channel if workflow failed on master
uses: slackapi/[email protected]
with:
payload: |
{
"url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_NOTIFY_WORKFLOW_TRIGGER_URL }}