Use improved subgroup checks from gnark-crypto #638
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and publish | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
jobs: | |
native-build-linux-x86-64: | |
runs-on: ubuntu-22.04 | |
env: | |
SKIP_GRADLE: true | |
steps: | |
- name: Prepare | |
run: | | |
# secp256k1 dependencies | |
sudo apt-get update | |
sudo apt upgrade -y | |
sudo apt-get install -y autoconf build-essential libtool automake patchelf | |
sudo apt autoremove -y | |
# golang dependencies | |
wget https://go.dev/dl/go1.23.1.linux-amd64.tar.gz | |
echo "49bbb517cfa9eee677e1e7897f7cf9cfdbcf49e05f61984a2789136de359f9bd go1.23.1.linux-amd64.tar.gz" | sha256sum -c || exit 1 | |
tar -xzf go1.23.1.linux-amd64.tar.gz | |
export GOROOT=$(pwd)/go | |
export PATH=$GOROOT/bin:$PATH | |
# rust dependencies | |
export CARGO_HOME="$HOME/.cargo" | |
curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain 1.75.0 | |
# nim dependencies | |
export CHOOSENIM_CHOOSE_VERSION=2.0.4 | |
curl https://nim-lang.org/choosenim/init.sh -sSf | sh -s -- -y | |
export PATH=$HOME/.nimble/bin:$PATH | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
# Check whether gradle.properties version has been released already | |
# This prevents accidently publish same version | |
# Only check binary for arithmetic as all published together and arithmetic is the first | |
- name: Check release published | |
run: | | |
# Only interested in release version | |
if [[ $(grep -E 'version=[0-9]+\.[0-9]+\.[0-9]+$' gradle.properties | wc -l) -ne 0 ]] | |
then | |
# Extract version from gradle.properties | |
VERSION=$(grep "^version" gradle.properties | sed 's|^version=\(.*\)$|\1|g') | |
echo "Query for version [$VERSION]" | |
RESPONSE_CODE=$(curl --head -L --silent --output /dev/null --write-out %{http_code} "$ART_URL/$VERSION") | |
echo "Response code for curl command [$RESPONSE_CODE]" | |
if [[ $RESPONSE_CODE == "404" ]] | |
then | |
echo "Version [$VERSION] has not yet been published" | |
else | |
if [[ $RESPONSE_CODE == "200" ]] | |
then | |
echo "ERROR: Binary arithmetic already exists for version [$VERSION]" | |
echo "ERROR: Blocking republishing same version to the Besu Artifactory" | |
echo "url $ART_URL/$VERSION" | |
exit 1 | |
else | |
echo "WARN: Unable to check whether version has been published previously" | |
echo "WARN: Failing job due to unknown status" | |
exit 1 | |
fi | |
fi | |
else | |
echo "No validation as not a release version" | |
fi | |
env: | |
ART_URL: 'https://hyperledger.jfrog.io/artifactory/besu-maven/org/hyperledger/besu/arithmetic' | |
- name: Build | |
run: ./build.sh | |
- uses: actions/[email protected] | |
with: | |
name: arithmetic native build artifacts | |
path: arithmetic/build/ | |
- uses: actions/[email protected] | |
with: | |
name: blake2bf native build artifacts | |
path: blake2bf/build/ | |
- uses: actions/[email protected] | |
with: | |
name: bls12-381 native build artifacts | |
path: bls12-381/build/ | |
- uses: actions/[email protected] | |
with: | |
name: secp256k1 native build artifacts | |
path: secp256k1/build/ | |
- uses: actions/[email protected] | |
with: | |
name: secp256r1 native build artifacts | |
path: secp256r1/besu-native-ec/release/ | |
- uses: actions/[email protected] | |
with: | |
name: ipa-multipoint native build artifacts | |
path: ipa-multipoint/build/ | |
- uses: actions/[email protected] | |
with: | |
name: gnark native build artifacts | |
path: gnark/build/ | |
- uses: actions/[email protected] | |
with: | |
name: constantine native build artifacts | |
path: constantine/build/ | |
native-build-linux-arm64: | |
runs-on: besu-arm64 | |
env: | |
SKIP_GRADLE: true | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Build | |
run: | | |
docker run -e SKIP_GRADLE=$SKIP_GRADLE -v $(pwd):/home/ubuntu ubuntu:20.04 /home/ubuntu/native-build.sh | |
- uses: actions/[email protected] | |
with: | |
name: arithmetic native build artifacts | |
path: arithmetic/build/ | |
- uses: actions/[email protected] | |
with: | |
name: blake2bf native build artifacts | |
path: blake2bf/build/ | |
- uses: actions/[email protected] | |
with: | |
name: bls12-381 native build artifacts | |
path: bls12-381/build/ | |
- uses: actions/[email protected] | |
with: | |
name: secp256k1 native build artifacts | |
path: secp256k1/build/ | |
- uses: actions/[email protected] | |
with: | |
name: secp256r1 native build artifacts | |
path: secp256r1/besu-native-ec/release/ | |
- uses: actions/[email protected] | |
with: | |
name: ipa-multipoint native build artifacts | |
path: ipa-multipoint/build/ | |
- uses: actions/[email protected] | |
with: | |
name: gnark native build artifacts | |
path: gnark/build/ | |
- uses: actions/[email protected] | |
with: | |
name: constantine native build artifacts | |
path: constantine/build/ | |
native-build-macos: | |
runs-on: macos-13 | |
env: | |
SKIP_GRADLE: true | |
steps: | |
- name: Prepare | |
run: | | |
# secp256k1 dependencies | |
brew install autoconf automake libtool | |
# gnark dependencies | |
brew install [email protected] || true | |
# rust dependencies | |
export CARGO_HOME="$HOME/.cargo" | |
curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain 1.75.0 | |
# install both x86 and arm64 toolchains | |
export PATH="$HOME/.cargo/bin:$PATH" | |
rustup target add x86_64-apple-darwin | |
rustup target add aarch64-apple-darwin | |
# nim dependencies | |
export CHOOSENIM_CHOOSE_VERSION=2.0.4 | |
curl https://nim-lang.org/choosenim/init.sh -sSf | sh -s -- -y | |
export PATH=$HOME/.nimble/bin:$PATH | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Build | |
run: ./build.sh | |
- uses: actions/[email protected] | |
with: | |
name: arithmetic native build artifacts | |
path: arithmetic/build/ | |
- uses: actions/[email protected] | |
with: | |
name: blake2bf native build artifacts | |
path: blake2bf/build/ | |
- uses: actions/[email protected] | |
with: | |
name: bls12-381 native build artifacts | |
path: bls12-381/build/ | |
- uses: actions/[email protected] | |
with: | |
name: secp256k1 native build artifacts | |
path: secp256k1/build/ | |
- uses: actions/[email protected] | |
with: | |
name: secp256r1 native build artifacts | |
path: secp256r1/besu-native-ec/release/ | |
- uses: actions/[email protected] | |
with: | |
name: ipa-multipoint native build artifacts | |
path: ipa-multipoint/build/ | |
- uses: actions/[email protected] | |
with: | |
name: gnark native build artifacts | |
path: gnark/build/ | |
- uses: actions/[email protected] | |
with: | |
name: constantine native build artifacts | |
path: constantine/build/ | |
native-build-m1: | |
runs-on: macos-13-xlarge | |
env: | |
SKIP_GRADLE: true | |
steps: | |
- name: Prepare | |
run: | | |
# check for homebrew and install from known sha if it is missing (like on macstadium) | |
if ! command -v brew &> /dev/null | |
then | |
# get pwd for homebrew: | |
export HOMEBREW_PREFIX=`pwd`/../homebrew | |
# use local homebrew 4.0.26 release, as brew is not available on macstadium: | |
mkdir -p $HOMEBREW_PREFIX && curl -L https://github.com/Homebrew/brew/tarball/eff45ef570f265e226f14ce91da72d7a6e7d516a| tar xz --strip 1 -C $HOMEBREW_PREFIX | |
export PATH=$HOMEBREW_PREFIX/bin:$PATH | |
echo "HOMEBREW_BIN=$HOMEBREW_PREFIX/bin" >> $GITHUB_ENV | |
fi | |
# secp256k1, gnark dependencies | |
brew install autoconf automake libtool | |
# gnark dependencies | |
brew install [email protected] || true | |
# rust dependencies | |
export CARGO_HOME="$HOME/.cargo" | |
curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain 1.75.0 | |
# install both x86 and arm64 toolchains | |
export PATH="$HOME/.cargo/bin:$PATH" | |
rustup target add x86_64-apple-darwin | |
rustup target add aarch64-apple-darwin | |
# nim dependencies | |
export CHOOSENIM_CHOOSE_VERSION=2.0.4 | |
curl https://nim-lang.org/choosenim/init.sh -sSf | sh -s -- -y | |
export PATH=$HOME/.nimble/bin:$PATH | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Set up Java | |
uses: actions/setup-java@v4 | |
with: | |
distribution: adopt | |
java-version: 21 | |
cache: gradle | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.23' | |
- name: Build | |
run: | | |
export HOMEBREW_BIN=${{ env.HOMEBREW_BIN }} | |
export PATH=$HOMEBREW_BIN:$PATH | |
./build.sh | |
- uses: actions/[email protected] | |
with: | |
name: arithmetic native build artifacts | |
path: arithmetic/build/ | |
- uses: actions/[email protected] | |
with: | |
name: blake2bf native build artifacts | |
path: blake2bf/build/ | |
- uses: actions/[email protected] | |
with: | |
name: bls12-381 native build artifacts | |
path: bls12-381/build/ | |
- uses: actions/[email protected] | |
with: | |
name: secp256k1 native build artifacts | |
path: secp256k1/build/ | |
- uses: actions/[email protected] | |
with: | |
name: secp256r1 native build artifacts | |
path: secp256r1/besu-native-ec/release/ | |
- uses: actions/[email protected] | |
with: | |
name: ipa-multipoint native build artifacts | |
path: ipa-multipoint/build/ | |
- uses: actions/[email protected] | |
with: | |
name: gnark native build artifacts | |
path: gnark/build/ | |
- uses: actions/[email protected] | |
with: | |
name: constantine native build artifacts | |
path: constantine/build/ | |
final-assembly: | |
runs-on: ubuntu-22.04 | |
needs: | |
- native-build-macos | |
- native-build-m1 | |
- native-build-linux-x86-64 | |
- native-build-linux-arm64 | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Download arithmetic | |
uses: actions/download-artifact@v3 | |
with: | |
name: arithmetic native build artifacts | |
path: arithmetic/build/ | |
- name: Download blake2bf | |
uses: actions/download-artifact@v3 | |
with: | |
name: blake2bf native build artifacts | |
path: blake2bf/build/ | |
- name: Download bls12-381 | |
uses: actions/download-artifact@v3 | |
with: | |
name: bls12-381 native build artifacts | |
path: bls12-381/build/ | |
- name: Download secp256k1 | |
uses: actions/download-artifact@v3 | |
with: | |
name: secp256k1 native build artifacts | |
path: secp256k1/build/ | |
- name: Download secp256r1 | |
uses: actions/download-artifact@v3 | |
with: | |
name: secp256r1 native build artifacts | |
path: secp256r1/besu-native-ec/release/ | |
- name: Download ipa-multipoint | |
uses: actions/download-artifact@v3 | |
with: | |
name: ipa-multipoint native build artifacts | |
path: ipa-multipoint/build/ | |
- name: Download gnark | |
uses: actions/download-artifact@v3 | |
with: | |
name: gnark native build artifacts | |
path: gnark/build/ | |
- name: Download constantine | |
uses: actions/download-artifact@v3 | |
with: | |
name: constantine native build artifacts | |
path: constantine/build/ | |
- name: Set up Java | |
uses: actions/setup-java@v4 | |
with: | |
distribution: adopt | |
java-version: 21 | |
cache: gradle | |
- name: gradle build | |
uses: gradle/[email protected] | |
with: | |
arguments: --no-daemon --parallel build --scan | |
- uses: actions/[email protected] | |
with: | |
name: jars | |
path: altbn128/build/libs | |
- uses: actions/[email protected] | |
with: | |
name: jars | |
path: arithmetic/build/libs | |
- uses: actions/[email protected] | |
with: | |
name: jars | |
path: blake2bf/build/libs | |
- uses: actions/[email protected] | |
with: | |
name: jars | |
path: bls12-381/build/libs | |
- uses: actions/[email protected] | |
with: | |
name: jars | |
path: secp256k1/build/libs | |
- uses: actions/[email protected] | |
with: | |
name: jars | |
path: secp256r1/build/libs | |
- uses: actions/[email protected] | |
with: | |
name: jars | |
path: ipa-multipoint/build/libs | |
- uses: actions/[email protected] | |
with: | |
name: jars | |
path: gnark/build/libs | |
- uses: actions/[email protected] | |
with: | |
name: jars | |
path: constantine/build/libs | |
- name: gradle publish | |
uses: gradle/gradle-build-action@v2 | |
if: contains('refs/heads/release-', github.ref) || github.ref == 'refs/heads/main' | |
env: | |
ARTIFACTORY_USER: ${{ secrets.BESU_ARTIFACTORY_USER }} | |
ARTIFACTORY_KEY: ${{ secrets.BESU_ARTIFACTORY_TOKEN }} | |
with: | |
arguments: --no-daemon --parallel publish artifactoryPublish --scan |