Skip to content

Use improved subgroup checks from gnark-crypto #638

Use improved subgroup checks from gnark-crypto

Use improved subgroup checks from gnark-crypto #638

Workflow file for this run

name: Build and publish
on:
pull_request:
push:
branches:
- main
jobs:
native-build-linux-x86-64:
runs-on: ubuntu-22.04
env:
SKIP_GRADLE: true
steps:
- name: Prepare
run: |
# secp256k1 dependencies
sudo apt-get update
sudo apt upgrade -y
sudo apt-get install -y autoconf build-essential libtool automake patchelf
sudo apt autoremove -y
# golang dependencies
wget https://go.dev/dl/go1.23.1.linux-amd64.tar.gz
echo "49bbb517cfa9eee677e1e7897f7cf9cfdbcf49e05f61984a2789136de359f9bd go1.23.1.linux-amd64.tar.gz" | sha256sum -c || exit 1
tar -xzf go1.23.1.linux-amd64.tar.gz
export GOROOT=$(pwd)/go
export PATH=$GOROOT/bin:$PATH
# rust dependencies
export CARGO_HOME="$HOME/.cargo"
curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain 1.75.0
# nim dependencies
export CHOOSENIM_CHOOSE_VERSION=2.0.4
curl https://nim-lang.org/choosenim/init.sh -sSf | sh -s -- -y
export PATH=$HOME/.nimble/bin:$PATH
- name: Checkout Repo
uses: actions/checkout@v4
with:
submodules: recursive
# Check whether gradle.properties version has been released already
# This prevents accidently publish same version
# Only check binary for arithmetic as all published together and arithmetic is the first
- name: Check release published
run: |
# Only interested in release version
if [[ $(grep -E 'version=[0-9]+\.[0-9]+\.[0-9]+$' gradle.properties | wc -l) -ne 0 ]]
then
# Extract version from gradle.properties
VERSION=$(grep "^version" gradle.properties | sed 's|^version=\(.*\)$|\1|g')
echo "Query for version [$VERSION]"
RESPONSE_CODE=$(curl --head -L --silent --output /dev/null --write-out %{http_code} "$ART_URL/$VERSION")
echo "Response code for curl command [$RESPONSE_CODE]"
if [[ $RESPONSE_CODE == "404" ]]
then
echo "Version [$VERSION] has not yet been published"
else
if [[ $RESPONSE_CODE == "200" ]]
then
echo "ERROR: Binary arithmetic already exists for version [$VERSION]"
echo "ERROR: Blocking republishing same version to the Besu Artifactory"
echo "url $ART_URL/$VERSION"
exit 1
else
echo "WARN: Unable to check whether version has been published previously"
echo "WARN: Failing job due to unknown status"
exit 1
fi
fi
else
echo "No validation as not a release version"
fi
env:
ART_URL: 'https://hyperledger.jfrog.io/artifactory/besu-maven/org/hyperledger/besu/arithmetic'
- name: Build
run: ./build.sh
- uses: actions/[email protected]
with:
name: arithmetic native build artifacts
path: arithmetic/build/
- uses: actions/[email protected]
with:
name: blake2bf native build artifacts
path: blake2bf/build/
- uses: actions/[email protected]
with:
name: bls12-381 native build artifacts
path: bls12-381/build/
- uses: actions/[email protected]
with:
name: secp256k1 native build artifacts
path: secp256k1/build/
- uses: actions/[email protected]
with:
name: secp256r1 native build artifacts
path: secp256r1/besu-native-ec/release/
- uses: actions/[email protected]
with:
name: ipa-multipoint native build artifacts
path: ipa-multipoint/build/
- uses: actions/[email protected]
with:
name: gnark native build artifacts
path: gnark/build/
- uses: actions/[email protected]
with:
name: constantine native build artifacts
path: constantine/build/
native-build-linux-arm64:
runs-on: besu-arm64
env:
SKIP_GRADLE: true
steps:
- name: Checkout Repo
uses: actions/checkout@v4
with:
submodules: recursive
- name: Build
run: |
docker run -e SKIP_GRADLE=$SKIP_GRADLE -v $(pwd):/home/ubuntu ubuntu:20.04 /home/ubuntu/native-build.sh
- uses: actions/[email protected]
with:
name: arithmetic native build artifacts
path: arithmetic/build/
- uses: actions/[email protected]
with:
name: blake2bf native build artifacts
path: blake2bf/build/
- uses: actions/[email protected]
with:
name: bls12-381 native build artifacts
path: bls12-381/build/
- uses: actions/[email protected]
with:
name: secp256k1 native build artifacts
path: secp256k1/build/
- uses: actions/[email protected]
with:
name: secp256r1 native build artifacts
path: secp256r1/besu-native-ec/release/
- uses: actions/[email protected]
with:
name: ipa-multipoint native build artifacts
path: ipa-multipoint/build/
- uses: actions/[email protected]
with:
name: gnark native build artifacts
path: gnark/build/
- uses: actions/[email protected]
with:
name: constantine native build artifacts
path: constantine/build/
native-build-macos:
runs-on: macos-13
env:
SKIP_GRADLE: true
steps:
- name: Prepare
run: |
# secp256k1 dependencies
brew install autoconf automake libtool
# gnark dependencies
brew install [email protected] || true
# rust dependencies
export CARGO_HOME="$HOME/.cargo"
curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain 1.75.0
# install both x86 and arm64 toolchains
export PATH="$HOME/.cargo/bin:$PATH"
rustup target add x86_64-apple-darwin
rustup target add aarch64-apple-darwin
# nim dependencies
export CHOOSENIM_CHOOSE_VERSION=2.0.4
curl https://nim-lang.org/choosenim/init.sh -sSf | sh -s -- -y
export PATH=$HOME/.nimble/bin:$PATH
- name: Checkout Repo
uses: actions/checkout@v4
with:
submodules: recursive
- name: Build
run: ./build.sh
- uses: actions/[email protected]
with:
name: arithmetic native build artifacts
path: arithmetic/build/
- uses: actions/[email protected]
with:
name: blake2bf native build artifacts
path: blake2bf/build/
- uses: actions/[email protected]
with:
name: bls12-381 native build artifacts
path: bls12-381/build/
- uses: actions/[email protected]
with:
name: secp256k1 native build artifacts
path: secp256k1/build/
- uses: actions/[email protected]
with:
name: secp256r1 native build artifacts
path: secp256r1/besu-native-ec/release/
- uses: actions/[email protected]
with:
name: ipa-multipoint native build artifacts
path: ipa-multipoint/build/
- uses: actions/[email protected]
with:
name: gnark native build artifacts
path: gnark/build/
- uses: actions/[email protected]
with:
name: constantine native build artifacts
path: constantine/build/
native-build-m1:
runs-on: macos-13-xlarge
env:
SKIP_GRADLE: true
steps:
- name: Prepare
run: |
# check for homebrew and install from known sha if it is missing (like on macstadium)
if ! command -v brew &> /dev/null
then
# get pwd for homebrew:
export HOMEBREW_PREFIX=`pwd`/../homebrew
# use local homebrew 4.0.26 release, as brew is not available on macstadium:
mkdir -p $HOMEBREW_PREFIX && curl -L https://github.com/Homebrew/brew/tarball/eff45ef570f265e226f14ce91da72d7a6e7d516a| tar xz --strip 1 -C $HOMEBREW_PREFIX
export PATH=$HOMEBREW_PREFIX/bin:$PATH
echo "HOMEBREW_BIN=$HOMEBREW_PREFIX/bin" >> $GITHUB_ENV
fi
# secp256k1, gnark dependencies
brew install autoconf automake libtool
# gnark dependencies
brew install [email protected] || true
# rust dependencies
export CARGO_HOME="$HOME/.cargo"
curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain 1.75.0
# install both x86 and arm64 toolchains
export PATH="$HOME/.cargo/bin:$PATH"
rustup target add x86_64-apple-darwin
rustup target add aarch64-apple-darwin
# nim dependencies
export CHOOSENIM_CHOOSE_VERSION=2.0.4
curl https://nim-lang.org/choosenim/init.sh -sSf | sh -s -- -y
export PATH=$HOME/.nimble/bin:$PATH
- name: Checkout Repo
uses: actions/checkout@v4
with:
submodules: recursive
- name: Set up Java
uses: actions/setup-java@v4
with:
distribution: adopt
java-version: 21
cache: gradle
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '1.23'
- name: Build
run: |
export HOMEBREW_BIN=${{ env.HOMEBREW_BIN }}
export PATH=$HOMEBREW_BIN:$PATH
./build.sh
- uses: actions/[email protected]
with:
name: arithmetic native build artifacts
path: arithmetic/build/
- uses: actions/[email protected]
with:
name: blake2bf native build artifacts
path: blake2bf/build/
- uses: actions/[email protected]
with:
name: bls12-381 native build artifacts
path: bls12-381/build/
- uses: actions/[email protected]
with:
name: secp256k1 native build artifacts
path: secp256k1/build/
- uses: actions/[email protected]
with:
name: secp256r1 native build artifacts
path: secp256r1/besu-native-ec/release/
- uses: actions/[email protected]
with:
name: ipa-multipoint native build artifacts
path: ipa-multipoint/build/
- uses: actions/[email protected]
with:
name: gnark native build artifacts
path: gnark/build/
- uses: actions/[email protected]
with:
name: constantine native build artifacts
path: constantine/build/
final-assembly:
runs-on: ubuntu-22.04
needs:
- native-build-macos
- native-build-m1
- native-build-linux-x86-64
- native-build-linux-arm64
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Download arithmetic
uses: actions/download-artifact@v3
with:
name: arithmetic native build artifacts
path: arithmetic/build/
- name: Download blake2bf
uses: actions/download-artifact@v3
with:
name: blake2bf native build artifacts
path: blake2bf/build/
- name: Download bls12-381
uses: actions/download-artifact@v3
with:
name: bls12-381 native build artifacts
path: bls12-381/build/
- name: Download secp256k1
uses: actions/download-artifact@v3
with:
name: secp256k1 native build artifacts
path: secp256k1/build/
- name: Download secp256r1
uses: actions/download-artifact@v3
with:
name: secp256r1 native build artifacts
path: secp256r1/besu-native-ec/release/
- name: Download ipa-multipoint
uses: actions/download-artifact@v3
with:
name: ipa-multipoint native build artifacts
path: ipa-multipoint/build/
- name: Download gnark
uses: actions/download-artifact@v3
with:
name: gnark native build artifacts
path: gnark/build/
- name: Download constantine
uses: actions/download-artifact@v3
with:
name: constantine native build artifacts
path: constantine/build/
- name: Set up Java
uses: actions/setup-java@v4
with:
distribution: adopt
java-version: 21
cache: gradle
- name: gradle build
uses: gradle/[email protected]
with:
arguments: --no-daemon --parallel build --scan
- uses: actions/[email protected]
with:
name: jars
path: altbn128/build/libs
- uses: actions/[email protected]
with:
name: jars
path: arithmetic/build/libs
- uses: actions/[email protected]
with:
name: jars
path: blake2bf/build/libs
- uses: actions/[email protected]
with:
name: jars
path: bls12-381/build/libs
- uses: actions/[email protected]
with:
name: jars
path: secp256k1/build/libs
- uses: actions/[email protected]
with:
name: jars
path: secp256r1/build/libs
- uses: actions/[email protected]
with:
name: jars
path: ipa-multipoint/build/libs
- uses: actions/[email protected]
with:
name: jars
path: gnark/build/libs
- uses: actions/[email protected]
with:
name: jars
path: constantine/build/libs
- name: gradle publish
uses: gradle/gradle-build-action@v2
if: contains('refs/heads/release-', github.ref) || github.ref == 'refs/heads/main'
env:
ARTIFACTORY_USER: ${{ secrets.BESU_ARTIFACTORY_USER }}
ARTIFACTORY_KEY: ${{ secrets.BESU_ARTIFACTORY_TOKEN }}
with:
arguments: --no-daemon --parallel publish artifactoryPublish --scan