chore: make coinbase and fee_recipient inaccessible #8539
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [master] | |
pull_request: {} | |
workflow_dispatch: | |
inputs: | |
username: | |
description: "Defaults to GitHub Actor" | |
required: false | |
concurrency: | |
# force parallelism in master | |
group: ci-${{ github.ref_name == 'master' && github.run_id || github.ref_name }} | |
cancel-in-progress: true | |
env: | |
DOCKERHUB_PASSWORD: "${{ secrets.DOCKERHUB_PASSWORD }}" | |
RUN_ID: ${{ github.run_id }} | |
RUN_ATTEMPT: ${{ github.run_attempt }} | |
USERNAME: ${{ inputs.username || github.actor }} | |
GITHUB_TOKEN: ${{ github.token }} | |
GH_SELF_HOSTED_RUNNER_TOKEN: ${{ secrets.GH_SELF_HOSTED_RUNNER_TOKEN }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
BUILD_INSTANCE_SSH_KEY: ${{ secrets.BUILD_INSTANCE_SSH_KEY }} | |
# kludge until we move away from runners | |
WAIT_FOR_RUNNERS: false | |
jobs: | |
setup: | |
uses: ./.github/workflows/setup-runner.yml | |
with: | |
username: ${{ inputs.username || github.actor }} | |
runner_type: builder-x86 | |
secrets: inherit | |
build: | |
needs: setup | |
runs-on: ${{ inputs.username || github.actor }}-x86 | |
outputs: | |
e2e_list: ${{ steps.e2e_list.outputs.list }} | |
bench_list: ${{ steps.bench_list.outputs.list }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: build-${{ inputs.username || github.actor }}-x86 | |
# prepare images locally, tagged by commit hash | |
- name: "Build E2E Image" | |
timeout-minutes: 40 | |
run: earthly-ci ./yarn-project+export-e2e-test-images | |
# We base our e2e list used in e2e-x86 off the targets in ./yarn-project/end-to-end | |
# (Note ARM uses just 2 tests as a smoketest) | |
- name: Create list of non-bench end-to-end jobs | |
id: e2e_list | |
run: echo "list=$(earthly ls ./yarn-project/end-to-end | grep -v '+base' | grep -v '+bench' | sed 's/+//' | jq -R . | jq -cs .)" >> $GITHUB_OUTPUT | |
- name: Create list of bench end-to-end jobs | |
id: bench_list | |
run: echo "list=$(earthly ls ./yarn-project/end-to-end | grep '+bench' | sed 's/+//' | jq -R . | jq -cs .)" >> $GITHUB_OUTPUT | |
# all the non-bench end-to-end integration tests for aztec | |
e2e: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
test: ${{ fromJson( needs.build.outputs.e2e_list )}} | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
- name: Setup and Test | |
timeout-minutes: 40 | |
uses: ./.github/ensure-tester-with-images | |
with: | |
runner_type: ${{ matrix.test == 'client-prover-integration' && '32core-tester-x86' || '8core-tester-x86' }} | |
builder_type: builder-x86 | |
# these are copied to the tester and expected by the earthly command below | |
# if they fail to copy, it will try to build them on the tester and fail | |
builder_images_to_copy: aztecprotocol/aztec:${{ github.event.pull_request.head.sha }} aztecprotocol/end-to-end:${{ github.event.pull_request.head.sha }} | |
# command to produce the images in case they don't exist | |
builder_command: scripts/earthly-ci ./yarn-project+export-e2e-test-images | |
run: | | |
set -eux | |
cd ./yarn-project/end-to-end/ | |
export FORCE_COLOR=1 | |
../../scripts/earthly-ci -P --no-output +${{ matrix.test }} | |
# all the benchmarking end-to-end integration tests for aztec (not required to merge) | |
bench-e2e: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
test: ${{ fromJson( needs.build.outputs.bench_list )}} | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
- name: Setup and Test | |
uses: ./.github/ensure-tester-with-images | |
timeout-minutes: 40 | |
with: | |
runner_type: 16core-tester-x86 | |
builder_type: builder-x86 | |
# these are copied to the tester and expected by the earthly command below | |
# if they fail to copy, it will try to build them on the tester and fail | |
builder_images_to_copy: aztecprotocol/aztec:${{ github.event.pull_request.head.sha }} aztecprotocol/end-to-end:${{ github.event.pull_request.head.sha }} | |
# command to produce the images in case they don't exist | |
builder_command: cd yarn-project/end-to-end/ && ../../scripts/earthly-ci +${{ matrix.test }} | |
run: | | |
set -eux | |
cd ./yarn-project/end-to-end/ | |
export FORCE_COLOR=1 | |
../../scripts/earthly-ci -P \ | |
--secret AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \ | |
--secret AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \ | |
--no-output \ | |
+${{ matrix.test }} | |
# # bench-summary: | |
# # needs: e2e | |
# # runs-on: ${{ inputs.username || github.actor }}-x86 | |
# # steps: | |
# # - uses: actions/checkout@v4 | |
# # with: | |
# # fetch-depth: 100 # Downloading base benchmark from master requires access to history | |
# # ref: "${{ github.event.pull_request.head.sha }}" | |
# # - uses: ./.github/ci-setup-action | |
# # with: | |
# # concurrency_key: build-${{ inputs.username || github.actor }}-x86 | |
# # - name: "Build and upload bench aggregate file" | |
# # working-directory: ./yarn-project/scripts | |
# # run: earthly-ci -P --secret AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} --secret AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} +bench-aggregate | |
# # - name: "Download base benchmark" | |
# # if: ${{ github.event_name == 'pull_request' }} | |
# # run: scripts/logs/download_base_benchmark_from_s3.sh | |
# # env: | |
# # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
# # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
# # BENCH_FOLDER: ./yarn-project/scripts/bench | |
# # PULL_REQUEST: "${{ github.event.pull_request.number }}" | |
# # - name: "Generate summary comment if pull request" | |
# # if: ${{ github.event_name == 'pull_request' }} | |
# # working-directory: ./yarn-project/scripts | |
# # run: earthly-ci -P --secret AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} --secret AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} --secret AZTEC_BOT_COMMENTER_GITHUB_TOKEN=${{ secrets.AZTEC_BOT_GITHUB_TOKEN }} +bench-comment | |
noir-format: | |
needs: setup | |
runs-on: ${{ inputs.username || github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: noir-format-${{ inputs.username || github.actor }}-x86 | |
- name: "Format Noir" | |
working-directory: ./noir/ | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./+format | |
- name: "Format noir-projects" | |
working-directory: ./noir-projects/ | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./+format | |
# barretenberg (prover) native and AVM (public VM) tests | |
# only ran on x86 for resource reasons (memory intensive) | |
bb-native-tests: | |
needs: setup | |
runs-on: ${{ inputs.username || github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
# Only allow one memory-hunger prover test to use this runner | |
- uses: ./.github/ci-setup-action | |
with: | |
# must be globally unique for build x runner | |
concurrency_key: bb-native-tests-${{ inputs.username || github.actor }}-x86 | |
- name: "Native Prover Tests" | |
working-directory: ./barretenberg/cpp/ | |
timeout-minutes: 25 | |
# limit our parallelism to half our cores | |
run: earthly-ci --no-output +test --hardware_concurrency=64 | |
bb-js-test: | |
needs: setup | |
runs-on: ${{ github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: bb-js-test-${{ github.actor }}-x86 | |
- name: "bb.js Tests" | |
working-directory: ./barretenberg/ts/ | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./+test | |
noir-test: | |
needs: setup | |
runs-on: ${{ inputs.username || github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: noir-${{ inputs.username || github.actor }}-x86 | |
- name: "Test Noir JS packages" | |
run: earthly-ci --no-output ./noir+test | |
noir-packages-test: | |
needs: setup | |
runs-on: ${{ inputs.username || github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: noir-packages-${{ inputs.username || github.actor }}-x86 | |
- name: "Test Noir JS packages" | |
run: earthly-ci --no-output ./noir+packages-test | |
noir-projects: | |
needs: setup | |
runs-on: ${{ inputs.username || github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: noir-projects-${{ inputs.username || github.actor }}-x86 | |
- name: "Noir Projects" | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./noir-projects/+test | |
yarn-project-formatting: | |
needs: noir-projects | |
runs-on: ${{ github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
# Only allow one memory-hunger prover test to use this runner | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: yarn-project-formatting-${{ github.actor }}-x86 | |
- name: "Yarn Project Tests" | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./yarn-project/+format-check | |
yarn-project-test: | |
# quiet machine | |
needs: [noir-projects, build, bb-native-tests] | |
runs-on: ${{ github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
# Only allow one memory-hunger prover test to use this runner | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: yarn-project-test-${{ github.actor }}-x86 | |
- name: "Yarn Project Tests" | |
timeout-minutes: 30 | |
run: earthly-ci --no-output ./yarn-project/+test | |
prover-client-test: | |
needs: noir-projects | |
runs-on: ${{ github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: prover-client-test-${{ github.actor }}-x86 | |
- name: "Prover Client Tests" | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./yarn-project/+prover-client-test | |
build-acir-tests: | |
needs: build | |
runs-on: ${{ github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: build-acir-tests-${{ github.actor }}-x86 | |
- name: "Build Acir Tests" | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./noir/+build-acir-tests | |
barretenberg-acir-tests-bb: | |
needs: build-acir-tests | |
runs-on: ${{ github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: barretenberg-acir-tests-bb-${{ github.actor }}-x86 | |
- name: "BB Native Acir Tests" | |
working-directory: ./noir/ | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./+barretenberg-acir-tests-bb | |
barretenberg-acir-tests-sol: | |
needs: build-acir-tests | |
runs-on: ${{ github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: barretenberg-acir-tests-sol-${{ github.actor }}-x86 | |
- name: "BB Solidity Acir Tests" | |
working-directory: ./noir/ | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./+barretenberg-acir-tests-sol | |
barretenberg-acir-tests-bb-js: | |
needs: build-acir-tests | |
runs-on: ${{ github.actor }}-x86 | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: barretenberg-acir-tests-bb-js-${{ github.actor }}-x86 | |
- name: "BB JS Acir Tests" | |
working-directory: ./noir/ | |
timeout-minutes: 25 | |
run: earthly-ci --no-output ./+barretenberg-acir-tests-bb.js | |
docs-preview: | |
needs: build | |
runs-on: ${{ inputs.username || github.actor }}-x86 | |
if: github.event.number | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: docs-preview-${{ inputs.username || github.actor }}-x86 | |
- name: "Docs Preview" | |
timeout-minutes: 30 | |
run: earthly --no-output ./docs/+deploy-preview --PR=${{ github.event.number }} --AZTEC_BOT_COMMENTER_GITHUB_TOKEN=${{ secrets.AZTEC_BOT_GITHUB_TOKEN }} --NETLIFY_AUTH_TOKEN=${{ secrets.NETLIFY_AUTH_TOKEN }} --NETLIFY_SITE_ID=${{ secrets.NETLIFY_SITE_ID }} | |
bb-bench: | |
runs-on: ubuntu-latest | |
needs: setup | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
- uses: ./.github/ci-setup-action | |
- name: Build Bench Binaries | |
uses: ./.github/ensure-builder | |
with: | |
runner_type: builder-x86 | |
run: | | |
set -eux | |
echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u aztecprotocolci --password-stdin | |
scripts/earthly-ci --push ./barretenberg/cpp/+bench-binaries | |
- name: Run Bench | |
uses: ./.github/ensure-tester | |
timeout-minutes: 25 | |
with: | |
runner_type: 16core-tester-x86 | |
run: | | |
scripts/earthly-ci --no-output ./barretenberg/cpp/+bench-client-ivc --bench_mode=cache | |
scripts/earthly-ci --no-output ./barretenberg/cpp/+bench-ultra-honk --bench_mode=cache | |
protocol-circuits-gates-report: | |
needs: setup | |
runs-on: ${{ inputs.username || github.actor }}-x86 | |
permissions: | |
pull-requests: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: { ref: "${{ github.event.pull_request.head.sha }}" } | |
# Only allow one memory-hunger prover test to use this runner | |
- uses: ./.github/ci-setup-action | |
with: | |
concurrency_key: protocol-circuits-gates-report-${{ inputs.username || github.actor }}-x86 | |
- name: "Noir Protocol Circuits Report" | |
working-directory: ./noir-projects/ | |
timeout-minutes: 25 | |
run: | | |
earthly-ci --artifact +gates-report/gates_report.json | |
mv gates_report.json ../protocol_circuits_report.json | |
- name: Compare gates reports | |
id: gates_diff | |
uses: vezenovm/noir-gates-diff@acf12797860f237117e15c0d6e08d64253af52b6 | |
with: | |
report: protocol_circuits_report.json | |
summaryQuantile: 0 # Display any diff in gate count | |
- name: Add gates diff to sticky comment | |
if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target' | |
uses: marocchino/sticky-pull-request-comment@v2 | |
with: | |
# delete the comment in case changes no longer impact circuit sizes | |
delete: ${{ !steps.gates_diff.outputs.markdown }} | |
message: ${{ steps.gates_diff.outputs.markdown }} | |
merge-check: | |
runs-on: ubuntu-latest | |
needs: | |
[ | |
e2e, | |
bb-native-tests, | |
bb-bench, | |
yarn-project-formatting, | |
yarn-project-test, | |
prover-client-test, | |
bb-js-test, | |
barretenberg-acir-tests-bb-js, | |
barretenberg-acir-tests-bb, | |
barretenberg-acir-tests-sol, | |
noir-test, | |
noir-packages-test, | |
] | |
if: always() | |
steps: | |
- run: | | |
failed=${{ contains(needs.*.result, 'failure') }} | |
if $failed | |
then | |
echo "At least one job failed, merging not allowed." | |
exit 1 | |
fi | |
echo "All jobs succeeded, merge allowed." | |
notify: | |
needs: | |
- merge-check | |
runs-on: ubuntu-latest | |
if: ${{ github.ref == 'refs/heads/master' && failure() }} | |
steps: | |
- name: Send notification to aztec3-ci channel if workflow failed on master | |
uses: slackapi/[email protected] | |
with: | |
payload: | | |
{ | |
"url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
} | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_NOTIFY_WORKFLOW_TRIGGER_URL }} |