From 1ea09139cc462df04d38a672aca3b41266016b80 Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Wed, 22 Sep 2021 15:50:18 +0200 Subject: [PATCH 01/11] Add ci build (#30) --- .github/workflows/ci.yml | 380 +++++++++++++++++++++++++++++++++++++++ scripts/github/lib.rb | 12 ++ 2 files changed, 392 insertions(+) create mode 100644 .github/workflows/ci.yml create mode 100644 scripts/github/lib.rb diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..3d9ad09 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,380 @@ +name: CI + +on: + push: + branches: +# - master + - new_ci + tags: + - '[0-9]+.[0-9]+.[0-9]+' + pull_request: + branches: [master] + workflow_dispatch: + inputs: + verbose: + description: "Set --verbose to get verbose build output" + required: false + default: 'true' + +env: + VERBOSE: ${{ github.events.input.verbose }} + SUBWASM_VERSION: 0.12.0 + + +jobs: + + # this job set up dynamic configuration shared among jobs + config: + name: Set up Config + runs-on: ubuntu-latest + env: + ENABLE_CHECK: true + outputs: + check: ${{ steps.check.outputs.check }} + runs: ${{ steps.runs.outputs.runs }} + steps: + - id: check + run: echo "::set-output name=check::${{ env.ENABLE_CHECK }}" + + cancel_previous_runs: + name: Cancel Previous Runs + runs-on: ubuntu-20.04 + steps: + - uses: styfle/cancel-workflow-action@0.4.1 + with: + access_token: ${{ secrets.GITHUB_TOKEN }} + + build_primary_binaries: + name: Primary build ${{ matrix.binary }} for ${{ matrix.rust-target }} on (${{ matrix.os }}) + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-20.04] + rust: [stable] + binary: [release] + env: + RUST_BACKTRACE: full + RUSTV: ${{ matrix.rust }} + TARGET: ${{ matrix.rust-target }} + RUST_BIN_DIR: target/${{ matrix.rust-target }}/debug + RELEASE_NAME: debug + steps: + - uses: actions/checkout@v2 + + - name: Print env + run: | + echo "RUST_BIN_DIR = ${{ env.RUST_BIN_DIR }} " + + # With rustup's nice new toml format, we just need to run rustup show to install the toolchain + # https://github.com/actions-rs/toolchain/issues/126#issuecomment-782989659 + - name: Setup Rust toolchain + run: rustup show + + - name: Install llvm-10 + run: sudo apt-get install llvm-10 clang-10 + + - uses: Swatinem/rust-cache@v1 + with: + key: ${{ matrix.os }}-${{ env.RUST_BIN_DIR }}-${{ matrix.binary }} + + - name: Release + if: ${{ matrix.binary == 'release' }} + run: | + cargo clean -p integritee-collator + cargo build --release + + # Upload artifacts + - name: Upload integritee-node + uses: actions/upload-artifact@v2 + with: + name: integritee-node-${{ github.sha }} + path: target/release/integritee-node + + - name: Slack Notification + uses: 8398a7/action-slack@v3 + if: failure() + with: + status: ${{ job.status }} + fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message) + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + + + # Run all checks and unit test. This always run on debug mode + check: + name: Rust check ${{ matrix.check }} (${{ matrix.rust-target }}) + needs: config + if: ${{ needs.config.outputs.check == 'true' }} + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest] + rust: [stable] + rust-target: [x86_64-unknown-linux-gnu] + check: [fmt, clippy] + env: + RUST_BACKTRACE: full + RUSTV: ${{ matrix.rust }} + TARGET: ${{ matrix.rust-target }} + steps: + - uses: actions/checkout@v2 + + # With rustup's nice new toml format, we just need to run rustup show to install the toolchain + # https://github.com/actions-rs/toolchain/issues/126#issuecomment-782989659 + # - name: Setup Rust toolchain + # run: rustup show + + # - name: Install llvm-10 + # run: sudo apt-get install llvm-10 clang-10 + + # - uses: Swatinem/rust-cache@v1 + # with: + # key: ${{ matrix.rust-target }}-${{ matrix.check }} + + # - name: Fmt + # if: ${{ matrix.check == 'fmt' }} + # run: cargo fmt --all -- --check + + # - name: Clippy + # if: ${{ matrix.check == 'clippy' }} + # run: cargo clippy -- -D warnings + + build-runtimes: + name: Build Runtimes + runs-on: ubuntu-latest + strategy: + matrix: + runtime: ["integritee-node"] + steps: + - uses: actions/checkout@v2 + + - name: Cache target dir + uses: actions/cache@v2 + with: + path: "${{ github.workspace }}/runtime/target" + key: srtool-target-${{ matrix.runtime }}-${{ github.sha }} + restore-keys: | + srtool-target-${{ matrix.runtime }}- + srtool-target- + + - name: Srtool build + id: srtool_build + uses: chevdor/srtool-actions@v0.3.0 + with: + chain: ${{ matrix.runtime }} + runtime_dir: runtime + + - name: Summary + run: | + echo '${{ steps.srtool_build.outputs.json }}' | jq > ${{ matrix.runtime }}-srtool-digest.json + cat ${{ matrix.runtime }}-srtool-digest.json + echo "Compact Runtime: ${{ steps.srtool_build.outputs.wasm }}" + echo "Compressed Runtime: ${{ steps.srtool_build.outputs.wasm_compressed }}" + + # We now get extra information thanks to subwasm + - name: Install subwasm + run: | + wget https://github.com/chevdor/subwasm/releases/download/v${{ env.SUBWASM_VERSION }}/subwasm_linux_amd64_v${{ env.SUBWASM_VERSION }}.deb + sudo dpkg -i subwasm_linux_amd64_v${{ env.SUBWASM_VERSION }}.deb + subwasm --version + + - name: Show Runtime information + shell: bash + run: | + subwasm info ${{ steps.srtool_build.outputs.wasm }} + subwasm info ${{ steps.srtool_build.outputs.wasm_compressed }} + subwasm --json info ${{ steps.srtool_build.outputs.wasm }} > ${{ matrix.runtime }}-info.json + subwasm --json info ${{ steps.srtool_build.outputs.wasm_compressed }} > ${{ matrix.runtime }}-compressed-info.json + + - name: Extract the metadata + shell: bash + run: | + subwasm meta ${{ steps.srtool_build.outputs.wasm }} + subwasm --json meta ${{ steps.srtool_build.outputs.wasm }} > ${{ matrix.runtime }}-metadata.json + +# This is unsupported it wants to diff the metadata with a running chain. i.e. wss://kusama--rpc.parity.io +# - name: Check the metadata diff +# shell: bash +# run: | +# subwasm diff ${{ steps.srtool_build.outputs.wasm }} --chain-b ${{ matrix.chain }} > ${{ matrix.chain }}-diff.txt +# cat ${{ matrix.chain }}-diff.txt + + - name: Upload ${{ matrix.runtime }} srtool json + uses: actions/upload-artifact@v2 + with: + name: ${{ matrix.runtime }}-srtool-json-${{ github.sha }} + path: | + ${{ matrix.runtime }}-srtool-digest.json + ${{ matrix.runtime }}-info.json + ${{ matrix.runtime }}-compressed-info.json + ${{ matrix.runtime }}-metadata.json +# ${{ matrix.runtime }}-diff.txt + + + - name: Upload ${{ matrix.runtime }} runtime + uses: actions/upload-artifact@v2 + with: + name: ${{ matrix.runtime }}-runtime-${{ github.sha }} + path: | + ${{ steps.srtool_build.outputs.wasm }} + ${{ steps.srtool_build.outputs.wasm_compressed }} + + - name: Slack Notification + uses: 8398a7/action-slack@v3 + if: failure() + with: + status: ${{ job.status }} + fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message) + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + + create_artifacts: + needs: [ build_primary_binaries, build-runtimes ] + runs-on: ubuntu-20.04 + env: + CHAIN_SPEC: ${{ matrix.chain }}-${{ matrix.config }} + strategy: + fail-fast: false + matrix: + chain: [shell] + config: [kusama] + steps: + - name: Checkout + uses: actions/checkout@v2 + + # - uses: actions/download-artifact@v2 + # with: + # name: integritee-collator-${{ github.sha }} + + # - name: 'Create binaries for artifacts' + # # Note: there is no way to pass the parachain-id to the `build-spec` cmd, which which imposes to set + # # `DEFAULT_PARA_ID=2015` in the `polkadot-parachains/command`. + # run: | + # chmod +x ./integritee-collator + # ./integritee-collator export-genesis-state --chain ${{ env.CHAIN_SPEC }} --parachain-id 2015 > ${{ env.CHAIN_SPEC }}.state + # ./integritee-collator build-spec --chain ${{ env.CHAIN_SPEC }} --disable-default-bootnode --raw > ${{ env.CHAIN_SPEC }}.json + + + # - name: Compute file metadata + # id: vars + # run: | + # sha256sum ${{ env.CHAIN_SPEC }}.state >> checksums.txt + # sha256sum ${{ env.CHAIN_SPEC }}.json >> checksums.txt + + # - name: Upload ${{ env.CHAIN_SPEC }} Files + # uses: actions/upload-artifact@v2 + # with: + # name: ${{ env.CHAIN_SPEC }}-${{ github.sha }} + # path: | + # checksums.txt + # ${{ env.CHAIN_SPEC }}.state + # ${{ env.CHAIN_SPEC }}.json + + - name: Slack Notification + uses: 8398a7/action-slack@v3 + if: failure() + with: + status: ${{ job.status }} + fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message) + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + + release: + name: Draft Release + if: startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-latest + needs: [create_artifacts, build_primary_binaries, check] + outputs: + release_url: ${{ steps.create-release.outputs.html_url }} + asset_upload_url: ${{ steps.create-release.outputs.upload_url }} + steps: + - uses: actions/checkout@v2 + + - name: Download Integritee Collator + uses: actions/download-artifact@v2 + with: + name: integritee-collator-${{ github.sha }} + + - name: Create required package.json + run: test -f package.json || echo '{}' >package.json + + - name: Changelog + uses: scottbrenner/generate-changelog-action@master + id: Changelog + + - name: Display structure of downloaded files + run: ls -R + working-directory: . + + - name: Release + id: create-release + uses: softprops/action-gh-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + body: | + ${{ steps.Changelog.outputs.changelog }} + draft: true + files: | + integritee-node + + - name: Slack Notification + uses: 8398a7/action-slack@v3 + if: failure() + with: + status: ${{ job.status }} + fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message) + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + + publish-runtimes: + name: Publish Runtimes + runs-on: ubuntu-latest + needs: ["release"] + strategy: + matrix: + runtime: ["integritee-node"] + steps: + - uses: actions/checkout@v2 + - uses: actions/download-artifact@v2 + - name: Set up Ruby 2.7 + uses: actions/setup-ruby@v1 + with: + ruby-version: 2.7 + + - name: Get runtime version + id: get-runtime-ver + run: | + ls + ls "${{ matrix.runtime }}-runtime-${{ github.sha }}" + runtime_ver="$(ruby -e 'require "./scripts/github/lib.rb"; puts get_runtime()')" + echo "::set-output name=runtime_ver::$runtime_ver" + + - name: Upload compact ${{ matrix.runtime }} wasm + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.release.outputs.asset_upload_url }} + asset_path: "${{ matrix.runtime }}-runtime-${{ github.sha }}/${{ matrix.runtime }}_runtime.compact.wasm" + asset_name: ${{ matrix.runtime }}_runtime-v${{ steps.get-runtime-ver.outputs.runtime_ver }}.compact.wasm + asset_content_type: application/wasm + + - name: Upload compressed ${{ matrix.runtime }} wasm + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ needs.release.outputs.asset_upload_url }} + asset_path: "${{ matrix.runtime }}-runtime-${{ github.sha }}/${{ matrix.runtime }}_runtime.compact.compressed.wasm" + asset_name: ${{ matrix.runtime }}_runtime-v${{ steps.get-runtime-ver.outputs.runtime_ver }}.compact.compressed.wasm + asset_content_type: application/wasm + + - name: Slack Notification + uses: 8398a7/action-slack@v3 + if: failure() + with: + status: ${{ job.status }} + fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message) + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} diff --git a/scripts/github/lib.rb b/scripts/github/lib.rb new file mode 100644 index 0000000..f34f2c0 --- /dev/null +++ b/scripts/github/lib.rb @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +# A collection of helper functions that might be useful for various scripts + +# Gets the runtime version for a given runtime. +# Optionally accepts a path that is the root of the project which defaults to +# the current working directory +def get_runtime(path = '.') + File.open(path + "/runtime/src/lib.rs") do |f| + f.find { |l| l =~ /spec_version:/ }.match(/[0-9]+/)[0] + end +end From f8a42574fd376bba7117e2c2393b8576ab93725e Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Wed, 22 Sep 2021 15:57:25 +0200 Subject: [PATCH 02/11] rename collator to node (#30) --- .github/workflows/ci.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3d9ad09..7c9bf6b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,9 +79,9 @@ jobs: - name: Release if: ${{ matrix.binary == 'release' }} - run: | - cargo clean -p integritee-collator - cargo build --release + run: cargo build --release + # cargo clean -p integritee-node + # Upload artifacts - name: Upload integritee-node @@ -244,15 +244,15 @@ jobs: # - uses: actions/download-artifact@v2 # with: - # name: integritee-collator-${{ github.sha }} + # name: integritee-node-${{ github.sha }} # - name: 'Create binaries for artifacts' # # Note: there is no way to pass the parachain-id to the `build-spec` cmd, which which imposes to set # # `DEFAULT_PARA_ID=2015` in the `polkadot-parachains/command`. # run: | - # chmod +x ./integritee-collator - # ./integritee-collator export-genesis-state --chain ${{ env.CHAIN_SPEC }} --parachain-id 2015 > ${{ env.CHAIN_SPEC }}.state - # ./integritee-collator build-spec --chain ${{ env.CHAIN_SPEC }} --disable-default-bootnode --raw > ${{ env.CHAIN_SPEC }}.json + # chmod +x ./integritee-node + # ./integritee-node export-genesis-state --chain ${{ env.CHAIN_SPEC }} --parachain-id 2015 > ${{ env.CHAIN_SPEC }}.state + # ./integritee-node build-spec --chain ${{ env.CHAIN_SPEC }} --disable-default-bootnode --raw > ${{ env.CHAIN_SPEC }}.json # - name: Compute file metadata @@ -293,7 +293,7 @@ jobs: - name: Download Integritee Collator uses: actions/download-artifact@v2 with: - name: integritee-collator-${{ github.sha }} + name: integritee-node-${{ github.sha }} - name: Create required package.json run: test -f package.json || echo '{}' >package.json From 05e86b51b01470d6fc6f3cc63a1885c6fd0dfcf2 Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Wed, 22 Sep 2021 16:51:13 +0200 Subject: [PATCH 03/11] Add full release workflow (#30) --- .github/workflows/ci.yml | 6 +- .github/workflows/delete-release.yml | 63 ++++++++++++++++++++ .github/workflows/publish-docker-release.yml | 62 +++++++++++++++++++ 3 files changed, 128 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/delete-release.yml create mode 100644 .github/workflows/publish-docker-release.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7c9bf6b..a2729e1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,9 +79,9 @@ jobs: - name: Release if: ${{ matrix.binary == 'release' }} - run: cargo build --release - # cargo clean -p integritee-node - + run: | + cargo clean -p integritee-node + cargo build --release # Upload artifacts - name: Upload integritee-node diff --git a/.github/workflows/delete-release.yml b/.github/workflows/delete-release.yml new file mode 100644 index 0000000..2d779e5 --- /dev/null +++ b/.github/workflows/delete-release.yml @@ -0,0 +1,63 @@ +name: Delete-Release + +on: + release: + types: [deleted] # should be deleted + +jobs: + purge-image: + name: Delete image from ghcr.io + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: Set output + id: vars + run: echo ::set-output name=tag::${GITHUB_REF#refs/*/} + + - name: Check output + env: + RELEASE_VERSION: ${{ steps.vars.outputs.tag }} + run: | + echo $RELEASE_VERSION + echo ${{ steps.vars.outputs.tag }} + echo ${{github.event.pull_request.number}} + + - name: Login to DockerHub + if: github.event_name != 'pull_request' + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + # Unfortunately accessing the repo with personal access token is not possible + # Workaround: disable 2FA and user password instead of TOKEN + # Update: if 2FA is disabled TOKEN works as well. + - name: Delete docker tag + run: | + ORGANIZATION="integritee" + IMAGE="integritee-node" + TAG="${{ steps.vars.outputs.tag }}" + + login_data() { + cat < Date: Thu, 23 Sep 2021 09:05:50 +0200 Subject: [PATCH 04/11] Correct wasm filename (#30) --- .github/workflows/ci.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a2729e1..e2f2293 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,6 +19,7 @@ on: env: VERBOSE: ${{ github.events.input.verbose }} SUBWASM_VERSION: 0.12.0 + CARGO_TERM_COLOR: always jobs: @@ -356,8 +357,8 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ needs.release.outputs.asset_upload_url }} - asset_path: "${{ matrix.runtime }}-runtime-${{ github.sha }}/${{ matrix.runtime }}_runtime.compact.wasm" - asset_name: ${{ matrix.runtime }}_runtime-v${{ steps.get-runtime-ver.outputs.runtime_ver }}.compact.wasm + asset_path: "${{ matrix.runtime }}-runtime-${{ github.sha }}/integritee_node_runtime.compact.wasm" + asset_name: integritee_node_runtime-v${{ steps.get-runtime-ver.outputs.runtime_ver }}.compact.wasm asset_content_type: application/wasm - name: Upload compressed ${{ matrix.runtime }} wasm @@ -366,8 +367,8 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ needs.release.outputs.asset_upload_url }} - asset_path: "${{ matrix.runtime }}-runtime-${{ github.sha }}/${{ matrix.runtime }}_runtime.compact.compressed.wasm" - asset_name: ${{ matrix.runtime }}_runtime-v${{ steps.get-runtime-ver.outputs.runtime_ver }}.compact.compressed.wasm + asset_path: "${{ matrix.runtime }}-runtime-${{ github.sha }}/integritee_node_runtime.compact.compressed.wasm" + asset_name: integritee_node_runtime-v${{ steps.get-runtime-ver.outputs.runtime_ver }}.compact.compressed.wasm asset_content_type: application/wasm - name: Slack Notification From ca03a24ae64128a048cc025698f263e7e264d94c Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Thu, 23 Sep 2021 09:33:59 +0200 Subject: [PATCH 05/11] Fix dockerhub filename (#30) --- .github/workflows/publish-docker-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-docker-release.yml b/.github/workflows/publish-docker-release.yml index 5bc9e50..db0d623 100644 --- a/.github/workflows/publish-docker-release.yml +++ b/.github/workflows/publish-docker-release.yml @@ -45,7 +45,7 @@ jobs: context: . tags: | integritee/integritee-node:latest - integritee/integritee-:${{ github.event.release.tag_name }} + integritee/integritee-node:${{ github.event.release.tag_name }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache From c9abace54fbdf8e15dfe61662162c16339305336 Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Thu, 23 Sep 2021 10:20:09 +0200 Subject: [PATCH 06/11] Add Dockerfile (#30) --- Dockerfile | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..94935fb --- /dev/null +++ b/Dockerfile @@ -0,0 +1,28 @@ +FROM phusion/baseimage:focal-1.0.0 +LABEL maintainer="zoltan@integritee.network" +LABEL description="This is the 2nd stage: a very small image where we copy the Substrate binary." + +RUN mv /usr/share/ca* /tmp && \ + rm -rf /usr/share/* && \ + mv /tmp/ca-certificates /usr/share/ && \ + useradd -m -u 1000 -U -s /bin/sh -d /integritee integritee && \ + mkdir -p /integritee/.local/share/integritee-node && \ + chown -R integritee:integritee /integritee/.local && \ + ln -s /integritee/.local/share/integritee-node /data + +COPY integritee-node /usr/local/bin +RUN chmod +x /usr/local/bin/integritee-node + +# checks +RUN ldd /usr/local/bin/integritee-node && \ + /usr/local/bin/integritee-node --version + +# Shrinking +RUN rm -rf /usr/lib/python* && \ + rm -rf /usr/bin /usr/sbin /usr/share/man + +USER integritee +EXPOSE 30333 9933 9944 9615 +VOLUME ["/data"] + +ENTRYPOINT ["/usr/local/bin/integritee-node"] \ No newline at end of file From c883e3db5c875612e2c242ecd6184ef27164f716 Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Thu, 23 Sep 2021 11:16:18 +0200 Subject: [PATCH 07/11] Add dev version: skip-ias-check (#30) --- .github/workflows/ci.yml | 62 +++++++++++++++++++- .github/workflows/delete-release.yml | 5 +- .github/workflows/publish-docker-release.yml | 13 ++-- 3 files changed, 73 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e2f2293..642f5ee 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -100,6 +100,60 @@ jobs: env: SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + build-skip-ais-check: + name: Primary build ${{ matrix.binary }} for ${{ matrix.rust-target }} on (${{ matrix.os }}) + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-20.04] + rust: [stable] + binary: [release] + env: + RUST_BACKTRACE: full + RUSTV: ${{ matrix.rust }} + TARGET: ${{ matrix.rust-target }} + RUST_BIN_DIR: target/${{ matrix.rust-target }}/debug + RELEASE_NAME: debug + steps: + - uses: actions/checkout@v2 + + - name: Print env + run: | + echo "RUST_BIN_DIR = ${{ env.RUST_BIN_DIR }} " + + # With rustup's nice new toml format, we just need to run rustup show to install the toolchain + # https://github.com/actions-rs/toolchain/issues/126#issuecomment-782989659 + - name: Setup Rust toolchain + run: rustup show + + - name: Install llvm-10 + run: sudo apt-get install llvm-10 clang-10 + + - uses: Swatinem/rust-cache@v1 + with: + key: ${{ matrix.os }}-${{ env.RUST_BIN_DIR }}-${{ matrix.binary }}-skip-ias-check + + - name: Release + if: ${{ matrix.binary == 'release' }} + run: | + cargo clean -p integritee-node + cargo build --release --features skip-ias-check + + # Upload artifacts + - name: Upload integritee-node-dev + uses: actions/upload-artifact@v2 + with: + name: integritee-node-dev-${{ github.sha }} + path: target/release/integritee-node + + - name: Slack Notification + uses: 8398a7/action-slack@v3 + if: failure() + with: + status: ${{ job.status }} + fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message) + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # Run all checks and unit test. This always run on debug mode check: @@ -284,13 +338,18 @@ jobs: name: Draft Release if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-latest - needs: [create_artifacts, build_primary_binaries, check] + needs: [create_artifacts, build_primary_binaries, build-skip-ais-check, check] outputs: release_url: ${{ steps.create-release.outputs.html_url }} asset_upload_url: ${{ steps.create-release.outputs.upload_url }} steps: - uses: actions/checkout@v2 + - name: Download Integritee Collator + uses: actions/download-artifact@v2 + with: + name: integritee-node-dev-${{ github.sha }} + - name: Download Integritee Collator uses: actions/download-artifact@v2 with: @@ -318,6 +377,7 @@ jobs: draft: true files: | integritee-node + integritee-node-dev - name: Slack Notification uses: 8398a7/action-slack@v3 diff --git a/.github/workflows/delete-release.yml b/.github/workflows/delete-release.yml index 2d779e5..b13a280 100644 --- a/.github/workflows/delete-release.yml +++ b/.github/workflows/delete-release.yml @@ -8,6 +8,9 @@ jobs: purge-image: name: Delete image from ghcr.io runs-on: ubuntu-latest + strategy: + matrix: + binary: ["integritee-node", "integritee-node-dev"] steps: - uses: actions/checkout@v2 @@ -36,7 +39,7 @@ jobs: - name: Delete docker tag run: | ORGANIZATION="integritee" - IMAGE="integritee-node" + IMAGE="${{ matrix.binary }}" TAG="${{ steps.vars.outputs.tag }}" login_data() { diff --git a/.github/workflows/publish-docker-release.yml b/.github/workflows/publish-docker-release.yml index db0d623..f092740 100644 --- a/.github/workflows/publish-docker-release.yml +++ b/.github/workflows/publish-docker-release.yml @@ -7,8 +7,11 @@ on: jobs: main: - name: Push to Dockerhub + name: Push Integritee Node to Dockerhub runs-on: ubuntu-latest + strategy: + matrix: + binary: ["integritee-node", "integritee-node-dev"] steps: - uses: actions/checkout@v2 @@ -16,7 +19,7 @@ jobs: uses: dsaltares/fetch-gh-release-asset@master with: version: "tags/${{ github.event.release.tag_name }}" - file: "integritee-node" + file: "${{ matrix.binary }}" target: "integritee-node" token: ${{ secrets.GITHUB_TOKEN }} @@ -44,8 +47,8 @@ jobs: push: true context: . tags: | - integritee/integritee-node:latest - integritee/integritee-node:${{ github.event.release.tag_name }} + integritee/${{ matrix.binary }}:latest + integritee/${{ matrix.binary }}:${{ github.event.release.tag_name }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache @@ -59,4 +62,4 @@ jobs: status: ${{ job.status }} fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message) env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} \ No newline at end of file + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} From 7adae0db984379fa636b77ff37c1d1d72b807e56 Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Thu, 23 Sep 2021 15:04:44 +0200 Subject: [PATCH 08/11] Fix download node and node-dev binary to docker (#30) --- .github/workflows/ci.yml | 5 +++++ .github/workflows/delete-release.yml | 1 - .github/workflows/publish-docker-release.yml | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 642f5ee..c6cf807 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -349,12 +349,17 @@ jobs: uses: actions/download-artifact@v2 with: name: integritee-node-dev-${{ github.sha }} + path: integritee-node-dev - name: Download Integritee Collator uses: actions/download-artifact@v2 with: name: integritee-node-${{ github.sha }} + path: integritee-node + - name: Display structure of downloaded files + run: ls -R + - name: Create required package.json run: test -f package.json || echo '{}' >package.json diff --git a/.github/workflows/delete-release.yml b/.github/workflows/delete-release.yml index b13a280..9ba9f89 100644 --- a/.github/workflows/delete-release.yml +++ b/.github/workflows/delete-release.yml @@ -35,7 +35,6 @@ jobs: # Unfortunately accessing the repo with personal access token is not possible # Workaround: disable 2FA and user password instead of TOKEN - # Update: if 2FA is disabled TOKEN works as well. - name: Delete docker tag run: | ORGANIZATION="integritee" diff --git a/.github/workflows/publish-docker-release.yml b/.github/workflows/publish-docker-release.yml index f092740..45b3f2a 100644 --- a/.github/workflows/publish-docker-release.yml +++ b/.github/workflows/publish-docker-release.yml @@ -15,7 +15,7 @@ jobs: steps: - uses: actions/checkout@v2 - - name: Download integritee-node from release + - name: Download ${{ matrix.binary }} from release uses: dsaltares/fetch-gh-release-asset@master with: version: "tags/${{ github.event.release.tag_name }}" From be39f7a69b4d69e0d2986791a6a5448946414939 Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Thu, 23 Sep 2021 15:39:50 +0200 Subject: [PATCH 09/11] Fix download node and node-dev binary to docker (#30) --- .github/workflows/ci.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c6cf807..582626f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -349,17 +349,16 @@ jobs: uses: actions/download-artifact@v2 with: name: integritee-node-dev-${{ github.sha }} - path: integritee-node-dev + path: integritee-node-dev-tmp - name: Download Integritee Collator uses: actions/download-artifact@v2 with: name: integritee-node-${{ github.sha }} - path: integritee-node - - name: Display structure of downloaded files - run: ls -R - + - name: Move binaries + run: mv integritee-node-dev-tmp/integritee-node ./integritee-node-dev + - name: Create required package.json run: test -f package.json || echo '{}' >package.json From b96dfed4ca2f0337da281ce979d54fb4cf5e4f3a Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Fri, 24 Sep 2021 09:17:50 +0200 Subject: [PATCH 10/11] Finalize build target (#30) --- .github/workflows/ci.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 582626f..58b3a3c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,8 +3,7 @@ name: CI on: push: branches: -# - master - - new_ci + - master tags: - '[0-9]+.[0-9]+.[0-9]+' pull_request: From f2bde17b49cd18dcffc78a052f913d6b8bc21878 Mon Sep 17 00:00:00 2001 From: Zoltan Mosonyi Date: Fri, 24 Sep 2021 09:19:47 +0200 Subject: [PATCH 11/11] Delete old worklow (#30) --- .github/workflows/build.yml | 58 ------------------------------------- 1 file changed, 58 deletions(-) delete mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index e33729b..0000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,58 +0,0 @@ -name: Build - -on: - push: - branches: [ master ] - pull_request: - branches: [ master ] - -env: - CARGO_TERM_COLOR: always - -jobs: - - build: - runs-on: ubuntu-18.04 - steps: - # With rustup's nice new toml format, we just need to run rustup show to install the toolchain - # https://github.com/actions-rs/toolchain/issues/126#issuecomment-782989659 - - name: Setup Rust toolchain - run: rustup show - - - name: Install llvm-10 - run: sudo apt-get install llvm-10 clang-10 - - - uses: actions/checkout@v2 - with: - submodules: 'true' - - - name: cargo build - run: cargo build --release - - - name: Upload Artifact - uses: actions/upload-artifact@v2 - with: - name: integritee-node - path: target/release/integritee-node - - build-skip-ais-check: - runs-on: ubuntu-18.04 - steps: - - name: Setup Rust toolchain - run: rustup show - - - name: Install llvm-10 - run: sudo apt-get install llvm-10 clang-10 - - - uses: actions/checkout@v2 - with: - submodules: 'true' - - - name: cargo build - run: cargo build --release --features skip-ias-check - - - name: Upload Artifact - uses: actions/upload-artifact@v2 - with: - name: integritee-node-skip-ias-check - path: target/release/integritee-node \ No newline at end of file