From c94cbd9932d9ca2703e42e4417337a6e2b549e33 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 10:42:30 +0100 Subject: [PATCH 01/22] [ci] Move ci from gitlab to github --- .github/workflows/ci.yml | 251 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 251 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000000..529bca29f2b --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,251 @@ +name: CI + +on: + # push: + # branches: + # - master + pull_request: + types: [opened, synchronize, reopened, ready_for_review] + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +# common variable is defined in the workflow +# repo env variable doesn't work for PR from forks +env: + CI_IMAGE: "paritytech/ci-unified:bullseye-1.81.0-2024-09-11-v202409111034" + +jobs: + set-image: + # This workaround sets the container image for each job using 'set-image' job output. + # env variables don't work for PR from forks, so we need to use outputs. + runs-on: ubuntu-latest + outputs: + CI_IMAGE: ${{ steps.set_image.outputs.CI_IMAGE }} + steps: + - id: set_image + run: echo "CI_IMAGE=${{ env.CI_IMAGE }}" >> $GITHUB_OUTPUT + + fmt: + name: Cargo fmt + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Cargo fmt + run: cargo +nightly fmt --all -- --check + + clippy-nightly: + name: Cargo clippy + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + env: + RUSTFLAGS: "-D warnings" + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Rust Cache + uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 + with: + cache-on-failure: true + cache-all-crates: true + + - name: Run clippy + run: SKIP_WASM_BUILD=1 cargo clippy --all-targets --locked --workspace + + spellcheck: + name: Spellcheck + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Spellcheck + run: cargo spellcheck check --cfg=.config/spellcheck.toml --checkers hunspell -m 1 $(find . -type f -name '*.rs' ! -path "./target/*" ! -name 'codegen_runtime.rs' ! -name 'weights.rs') + + check: + name: Check + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Rust Cache + uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 + with: + cache-on-failure: true + cache-all-crates: true + + - name: Check + run: SKIP_WASM_BUILD=1 time cargo check --locked --verbose --workspace + + check-nightly: + name: Check + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Rust Cache + uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 + with: + cache-on-failure: true + cache-all-crates: true + + - name: Check + run: | + rustup default nightly + SKIP_WASM_BUILD=1 time cargo check --locked --verbose --workspace + + test: + name: Test + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Rust Cache + uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 + with: + cache-on-failure: true + cache-all-crates: true + + - name: Test + run: | + cargo fetch + CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --verbose --workspace + + test-nightly: + name: Test + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Rust Cache + uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 + with: + cache-on-failure: true + cache-all-crates: true + + - name: Test nightly + run: | + rustup default nightly + cargo fetch + CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --verbose --workspace + + # do we really need this check? + deny: + name: Deny + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + # this job is allowed to fail, only licenses check is important + continue-on-error: true + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Deny + run: | + cargo deny check advisories --hide-inclusion-graph + cargo deny check bans sources --hide-inclusion-graph + + deny-licenses: + name: Deny License + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Deny License + run: cargo deny check licenses --hide-inclusion-graph + + check-rustdocs: + name: Check Rustdocs + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Rust Cache + uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 + with: + cache-on-failure: true + cache-all-crates: true + + - name: Check Rustdocs + run: cargo doc --no-deps --all --workspace --document-private-items + + partial-repo-pallets-build-test: + name: Partial repo pallets build test + runs-on: ubuntu-latest + needs: [set-image] + # we may live with failing partial repo build, it is just a signal for us + continue-on-error: true + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Partial repo pallets build test + run: ./scripts/verify-pallets-build.sh --no-revert + + build: + name: Build + runs-on: ubuntu-latest + needs: [set-image] + container: + image: ${{ needs.set-image.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Rust Cache + uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 + with: + cache-on-failure: true + cache-all-crates: true + + - name: Build + run: | + cargo fetch + CARGO_NET_OFFLINE=true time cargo build --release --verbose --workspace + + #todo: collect artifacts + #build image substrate-relay + #build image bridges-common-relay + #build and push image substrate-relay + #build and push image bridges-common-relay + #deploy argocd From d19f96272c162462bd942f46b772cac344d94b2d Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 11:34:05 +0100 Subject: [PATCH 02/22] rm -verbose --- .github/workflows/ci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 529bca29f2b..421c5bd6365 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -91,7 +91,7 @@ jobs: cache-all-crates: true - name: Check - run: SKIP_WASM_BUILD=1 time cargo check --locked --verbose --workspace + run: SKIP_WASM_BUILD=1 time cargo check --locked --workspace check-nightly: name: Check @@ -112,7 +112,7 @@ jobs: - name: Check run: | rustup default nightly - SKIP_WASM_BUILD=1 time cargo check --locked --verbose --workspace + SKIP_WASM_BUILD=1 time cargo check --locked --workspace test: name: Test @@ -133,7 +133,7 @@ jobs: - name: Test run: | cargo fetch - CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --verbose --workspace + CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --workspace test-nightly: name: Test @@ -155,7 +155,7 @@ jobs: run: | rustup default nightly cargo fetch - CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --verbose --workspace + CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --workspace # do we really need this check? deny: @@ -241,7 +241,7 @@ jobs: - name: Build run: | cargo fetch - CARGO_NET_OFFLINE=true time cargo build --release --verbose --workspace + CARGO_NET_OFFLINE=true time cargo build --release --workspace #todo: collect artifacts #build image substrate-relay From 369aa6e32e6081c6c6c12f610332c2fab03b76a8 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 11:45:34 +0100 Subject: [PATCH 03/22] rm some jobs --- .github/workflows/ci.yml | 63 +++++----------------------------------- 1 file changed, 7 insertions(+), 56 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 421c5bd6365..7e73f903594 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,25 +40,19 @@ jobs: - name: Cargo fmt run: cargo +nightly fmt --all -- --check - clippy-nightly: - name: Cargo clippy + clippy: + name: Clippy runs-on: ubuntu-latest needs: [set-image] + # todo: fixme + continue-on-error: true container: image: ${{ needs.set-image.outputs.CI_IMAGE }} - env: - RUSTFLAGS: "-D warnings" steps: - name: Checkout sources uses: actions/checkout@v4 - - name: Rust Cache - uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 - with: - cache-on-failure: true - cache-all-crates: true - - - name: Run clippy + - name: Clippy run: SKIP_WASM_BUILD=1 cargo clippy --all-targets --locked --workspace spellcheck: @@ -93,30 +87,9 @@ jobs: - name: Check run: SKIP_WASM_BUILD=1 time cargo check --locked --workspace - check-nightly: - name: Check - runs-on: ubuntu-latest - needs: [set-image] - container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - - name: Rust Cache - uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 - with: - cache-on-failure: true - cache-all-crates: true - - - name: Check - run: | - rustup default nightly - SKIP_WASM_BUILD=1 time cargo check --locked --workspace - test: name: Test - runs-on: ubuntu-latest + runs-on: parity-large needs: [set-image] container: image: ${{ needs.set-image.outputs.CI_IMAGE }} @@ -135,28 +108,6 @@ jobs: cargo fetch CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --workspace - test-nightly: - name: Test - runs-on: ubuntu-latest - needs: [set-image] - container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - - name: Rust Cache - uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 - with: - cache-on-failure: true - cache-all-crates: true - - - name: Test nightly - run: | - rustup default nightly - cargo fetch - CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --workspace - # do we really need this check? deny: name: Deny @@ -224,7 +175,7 @@ jobs: build: name: Build - runs-on: ubuntu-latest + runs-on: parity-large needs: [set-image] container: image: ${{ needs.set-image.outputs.CI_IMAGE }} From 9646e37248ebb6b8b8b489998d1694bfab8e8bb2 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 12:16:14 +0100 Subject: [PATCH 04/22] debug docker --- .github/workflows/ci.yml | 125 ++++++++++++++++++++++++++------------- ci.Dockerfile | 20 ++++--- 2 files changed, 94 insertions(+), 51 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7e73f903594..64f63971d15 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,9 +1,11 @@ name: CI on: - # push: - # branches: - # - master + push: + branches: + - master + tags: + - v* pull_request: types: [opened, synchronize, reopened, ready_for_review] @@ -17,22 +19,38 @@ env: CI_IMAGE: "paritytech/ci-unified:bullseye-1.81.0-2024-09-11-v202409111034" jobs: - set-image: - # This workaround sets the container image for each job using 'set-image' job output. + set-variables: + # This workaround sets the container image for each job using 'set-variables' job output. # env variables don't work for PR from forks, so we need to use outputs. runs-on: ubuntu-latest outputs: CI_IMAGE: ${{ steps.set_image.outputs.CI_IMAGE }} + VERSION: ${{ steps.version.outputs.VERSION }} steps: - - id: set_image + - name: Set image + id: set_image run: echo "CI_IMAGE=${{ env.CI_IMAGE }}" >> $GITHUB_OUTPUT + - name: Define version + id: version + run: | + export COMMIT_SHA=${{ github.sha }} + export COMMIT_SHA_SHORT=${COMMIT_SHA:0:8} + export REF_NAME=${{ github.ref_name }} + export REF_SLUG=${REF_NAME//\//_} + if [[ ${REF_SLUG} == "master" ]] + then + echo "VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT}" >> $GITHUB_OUTPUT + else + echo "VERSION=${REF_SLUG}" >> $GITHUB_OUTPUT + fi + echo "set VERSION=${VERSION}" fmt: name: Cargo fmt runs-on: ubuntu-latest - needs: [set-image] + needs: [set-variables] container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} + image: ${{ needs.set-variables.outputs.CI_IMAGE }} steps: - name: Checkout sources uses: actions/checkout@v4 @@ -40,14 +58,14 @@ jobs: - name: Cargo fmt run: cargo +nightly fmt --all -- --check + # todo: fixme clippy: name: Clippy runs-on: ubuntu-latest - needs: [set-image] - # todo: fixme + needs: [set-variables] continue-on-error: true container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} + image: ${{ needs.set-variables.outputs.CI_IMAGE }} steps: - name: Checkout sources uses: actions/checkout@v4 @@ -58,9 +76,9 @@ jobs: spellcheck: name: Spellcheck runs-on: ubuntu-latest - needs: [set-image] + needs: [set-variables] container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} + image: ${{ needs.set-variables.outputs.CI_IMAGE }} steps: - name: Checkout sources uses: actions/checkout@v4 @@ -68,12 +86,13 @@ jobs: - name: Spellcheck run: cargo spellcheck check --cfg=.config/spellcheck.toml --checkers hunspell -m 1 $(find . -type f -name '*.rs' ! -path "./target/*" ! -name 'codegen_runtime.rs' ! -name 'weights.rs') + # todo: fixme check: name: Check runs-on: ubuntu-latest - needs: [set-image] + needs: [set-variables] container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} + image: ${{ needs.set-variables.outputs.CI_IMAGE }} steps: - name: Checkout sources uses: actions/checkout@v4 @@ -90,9 +109,9 @@ jobs: test: name: Test runs-on: parity-large - needs: [set-image] + needs: [set-variables] container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} + image: ${{ needs.set-variables.outputs.CI_IMAGE }} steps: - name: Checkout sources uses: actions/checkout@v4 @@ -112,9 +131,9 @@ jobs: deny: name: Deny runs-on: ubuntu-latest - needs: [set-image] + needs: [set-variables] container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} + image: ${{ needs.set-variables.outputs.CI_IMAGE }} # this job is allowed to fail, only licenses check is important continue-on-error: true steps: @@ -129,9 +148,9 @@ jobs: deny-licenses: name: Deny License runs-on: ubuntu-latest - needs: [set-image] + needs: [set-variables] container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} + image: ${{ needs.set-variables.outputs.CI_IMAGE }} steps: - name: Checkout sources uses: actions/checkout@v4 @@ -142,9 +161,9 @@ jobs: check-rustdocs: name: Check Rustdocs runs-on: ubuntu-latest - needs: [set-image] + needs: [set-variables] container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} + image: ${{ needs.set-variables.outputs.CI_IMAGE }} steps: - name: Checkout sources uses: actions/checkout@v4 @@ -158,27 +177,12 @@ jobs: - name: Check Rustdocs run: cargo doc --no-deps --all --workspace --document-private-items - partial-repo-pallets-build-test: - name: Partial repo pallets build test - runs-on: ubuntu-latest - needs: [set-image] - # we may live with failing partial repo build, it is just a signal for us - continue-on-error: true - container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - - name: Partial repo pallets build test - run: ./scripts/verify-pallets-build.sh --no-revert - build: name: Build runs-on: parity-large - needs: [set-image] + needs: [set-variables] container: - image: ${{ needs.set-image.outputs.CI_IMAGE }} + image: ${{ needs.set-variables.outputs.CI_IMAGE }} steps: - name: Checkout sources uses: actions/checkout@v4 @@ -189,12 +193,49 @@ jobs: cache-on-failure: true cache-all-crates: true - - name: Build + - name: Build and pack artifact run: | cargo fetch CARGO_NET_OFFLINE=true time cargo build --release --workspace + mkdir -p ./artifacts + strip ./target/release/substrate-relay + mv -v ./target/release/substrate-relay ./artifacts/ + mv -v ./deployments/local-scripts/bridge-entrypoint.sh ./artifacts/ + mv -v ./ci.Dockerfile ./artifacts/ + + - name: upload artifacts + uses: actions/upload-artifact@v4 + with: + name: ${{ github.job }}-${{ github.sha }} + path: artifacts + retention-days: 1 + + build_docker: + name: Build docker image + runs-on: ubuntu-latest + needs: [set-variables] + env: + VERSION: ${{ needs.set-variables.outputs.VERSION }} + steps: + - name: Check out the repo + uses: actions/checkout@v4 + + - name: Download artifacts + uses: actions/download-artifact@v2 + with: + name: build-${{ github.sha }} + + - name: Build Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./ci.Dockerfile + push: false + # build-args: + tags: | + docker.io/paritytech/substrate-relay:${{ env.VERSION }} + docker.io/paritytech/bridges-common-relay:${{ env.VERSION }} - #todo: collect artifacts #build image substrate-relay #build image bridges-common-relay #build and push image substrate-relay diff --git a/ci.Dockerfile b/ci.Dockerfile index b419f6be54d..6ec22d5c0cd 100644 --- a/ci.Dockerfile +++ b/ci.Dockerfile @@ -8,16 +8,16 @@ ENV RUST_BACKTRACE 1 ENV DEBIAN_FRONTEND=noninteractive RUN set -eux; \ - apt-get update && \ - apt-get install -y --no-install-recommends \ - curl ca-certificates libssl-dev && \ + apt-get update && \ + apt-get install -y --no-install-recommends \ + curl ca-certificates libssl-dev && \ update-ca-certificates && \ - groupadd -g 1000 user && \ - useradd -u 1000 -g user -s /bin/sh -m user && \ - # apt clean up - apt-get autoremove -y && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* + groupadd -g 1000 user && \ + useradd -u 1000 -g user -s /bin/sh -m user && \ + # apt clean up + apt-get autoremove -y && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* # switch to non-root user USER user @@ -29,6 +29,8 @@ ARG PROJECT=substrate-relay COPY --chown=user:user ./${PROJECT} ./ COPY --chown=user:user ./bridge-entrypoint.sh ./ +RUN echo ${PROJECT}} + # check if executable works in this container RUN ./${PROJECT} --version From 8c0fc85d722b12da57369198dbf2360242c6f9a7 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 12:22:01 +0100 Subject: [PATCH 05/22] fix docker build --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 64f63971d15..3150d2f1d60 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -221,7 +221,7 @@ jobs: uses: actions/checkout@v4 - name: Download artifacts - uses: actions/download-artifact@v2 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: build-${{ github.sha }} From 6e4f03d52dec36af9404cbb048206513d8c25d87 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 12:49:11 +0100 Subject: [PATCH 06/22] add deps --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3150d2f1d60..eae34b63c8c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -213,7 +213,7 @@ jobs: build_docker: name: Build docker image runs-on: ubuntu-latest - needs: [set-variables] + needs: [set-variables, build] env: VERSION: ${{ needs.set-variables.outputs.VERSION }} steps: From 805822fa8e31c621dff752c87969d6b5b3454d01 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 16:52:53 +0100 Subject: [PATCH 07/22] run ci From d1b352c428ff9a7a4d108121c0f11e66b2ac70d7 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 17:02:41 +0100 Subject: [PATCH 08/22] pin version --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index eae34b63c8c..603000c082b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -204,9 +204,9 @@ jobs: mv -v ./ci.Dockerfile ./artifacts/ - name: upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: - name: ${{ github.job }}-${{ github.sha }} + name: build-${{ github.sha }} path: artifacts retention-days: 1 From 78840cc39adc8dfeee1b533b233d8bf36767ee16 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 17:04:57 +0100 Subject: [PATCH 09/22] checnge path --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 603000c082b..9412b09dc5f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -207,7 +207,7 @@ jobs: uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: build-${{ github.sha }} - path: artifacts + path: ./artifacts retention-days: 1 build_docker: From ab488e686174d782e31a804fd00257e0083b3434 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 17:14:42 +0100 Subject: [PATCH 10/22] downgrade upload artifact --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9412b09dc5f..9e3f1ced784 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -204,9 +204,9 @@ jobs: mv -v ./ci.Dockerfile ./artifacts/ - name: upload artifacts - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@v4.3.6 #b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: - name: build-${{ github.sha }} + name: build path: ./artifacts retention-days: 1 @@ -223,7 +223,7 @@ jobs: - name: Download artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: - name: build-${{ github.sha }} + name: build - name: Build Docker image uses: docker/build-push-action@v5 From f8310721c192578fc8e232901cac0b431a3dea22 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 17:22:49 +0100 Subject: [PATCH 11/22] retention? --- .github/workflows/ci.yml | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9e3f1ced784..bdd4399f5e6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -70,6 +70,13 @@ jobs: - name: Checkout sources uses: actions/checkout@v4 + # disabled until the jobs is fixed + # - name: Rust Cache + # uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 + # with: + # cache-on-failure: true + # cache-all-crates: true + - name: Clippy run: SKIP_WASM_BUILD=1 cargo clippy --all-targets --locked --workspace @@ -97,11 +104,12 @@ jobs: - name: Checkout sources uses: actions/checkout@v4 - - name: Rust Cache - uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 - with: - cache-on-failure: true - cache-all-crates: true + # disabled until the jobs is fixed + # - name: Rust Cache + # uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab # v2.7.5 + # with: + # cache-on-failure: true + # cache-all-crates: true - name: Check run: SKIP_WASM_BUILD=1 time cargo check --locked --workspace @@ -208,7 +216,7 @@ jobs: with: name: build path: ./artifacts - retention-days: 1 + retention-days: 2 build_docker: name: Build docker image From d6d73e43af2a604a420a93ab52fd5e8a5691c77f Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 17:33:55 +0100 Subject: [PATCH 12/22] v3 --- .github/workflows/ci.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bdd4399f5e6..4695e435829 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -225,11 +225,8 @@ jobs: env: VERSION: ${{ needs.set-variables.outputs.VERSION }} steps: - - name: Check out the repo - uses: actions/checkout@v4 - - name: Download artifacts - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + uses: actions/download-artifact@v3 #fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: build From 1f468b9f39c5f1b76e2ff19d54e3cc68b5561251 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 17:38:32 +0100 Subject: [PATCH 13/22] v3 --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4695e435829..8ab1faea027 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -212,7 +212,7 @@ jobs: mv -v ./ci.Dockerfile ./artifacts/ - name: upload artifacts - uses: actions/upload-artifact@v4.3.6 #b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@v3 #b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: build path: ./artifacts From e0b158d98200580db365a0f6f1b0bf63e4b86a3e Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 17:44:45 +0100 Subject: [PATCH 14/22] ls --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8ab1faea027..7647a2e89fd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -229,7 +229,7 @@ jobs: uses: actions/download-artifact@v3 #fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: build - + - run: ls -la - name: Build Docker image uses: docker/build-push-action@v5 with: From 4a816151f4c2801926b033dd4efa3d45cc156ac6 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 17:49:49 +0100 Subject: [PATCH 15/22] chmod +x --- .github/workflows/ci.yml | 5 ++++- ci.Dockerfile | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7647a2e89fd..a38ac376514 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -229,7 +229,10 @@ jobs: uses: actions/download-artifact@v3 #fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: build - - run: ls -la + - name: Make scripts executable + run: | + chmod +x bridge-entrypoint.sh + chmod +x substrate-relay - name: Build Docker image uses: docker/build-push-action@v5 with: diff --git a/ci.Dockerfile b/ci.Dockerfile index 6ec22d5c0cd..86df388a580 100644 --- a/ci.Dockerfile +++ b/ci.Dockerfile @@ -29,7 +29,7 @@ ARG PROJECT=substrate-relay COPY --chown=user:user ./${PROJECT} ./ COPY --chown=user:user ./bridge-entrypoint.sh ./ -RUN echo ${PROJECT}} +RUN echo ${PROJECT} # check if executable works in this container RUN ./${PROJECT} --version From ffb412d128d10c6f3bef62f02f883034c8a64ed7 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 18:12:25 +0100 Subject: [PATCH 16/22] add deploy --- .github/workflows/ci.yml | 15 ++--- .github/workflows/deploy.yml | 123 +++++++++++++++++++++++++++++++++++ 2 files changed, 127 insertions(+), 11 deletions(-) create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a38ac376514..e6e594107be 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,8 +4,6 @@ on: push: branches: - master - tags: - - v* pull_request: types: [opened, synchronize, reopened, ready_for_review] @@ -39,8 +37,10 @@ jobs: export REF_SLUG=${REF_NAME//\//_} if [[ ${REF_SLUG} == "master" ]] then + VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT} echo "VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT}" >> $GITHUB_OUTPUT else + VERSION=${REF_SLUG} echo "VERSION=${REF_SLUG}" >> $GITHUB_OUTPUT fi echo "set VERSION=${VERSION}" @@ -212,7 +212,7 @@ jobs: mv -v ./ci.Dockerfile ./artifacts/ - name: upload artifacts - uses: actions/upload-artifact@v3 #b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@v3 with: name: build path: ./artifacts @@ -226,7 +226,7 @@ jobs: VERSION: ${{ needs.set-variables.outputs.VERSION }} steps: - name: Download artifacts - uses: actions/download-artifact@v3 #fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + uses: actions/download-artifact@v3 with: name: build - name: Make scripts executable @@ -239,13 +239,6 @@ jobs: context: . file: ./ci.Dockerfile push: false - # build-args: tags: | docker.io/paritytech/substrate-relay:${{ env.VERSION }} docker.io/paritytech/bridges-common-relay:${{ env.VERSION }} - - #build image substrate-relay - #build image bridges-common-relay - #build and push image substrate-relay - #build and push image bridges-common-relay - #deploy argocd diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 00000000000..5eec57aa778 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,123 @@ +name: Deploy + +on: + push: + tags: + - v* + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +# common variable is defined in the workflow +# repo env variable doesn't work for PR from forks +env: + CI_IMAGE: "paritytech/ci-unified:bullseye-1.81.0-2024-09-11-v202409111034" + +jobs: + set-variables: + # This workaround sets the container image for each job using 'set-variables' job output. + # env variables don't work for PR from forks, so we need to use outputs. + runs-on: ubuntu-latest + outputs: + CI_IMAGE: ${{ steps.set_image.outputs.CI_IMAGE }} + VERSION: ${{ steps.version.outputs.VERSION }} + steps: + - name: Set image + id: set_image + run: echo "CI_IMAGE=${{ env.CI_IMAGE }}" >> $GITHUB_OUTPUT + - name: Define version + id: version + run: | + export COMMIT_SHA=${{ github.sha }} + export COMMIT_SHA_SHORT=${COMMIT_SHA:0:8} + export REF_NAME=${{ github.ref_name }} + export REF_SLUG=${REF_NAME//\//_} + if [[ ${REF_SLUG} == "master" ]] + then + VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT} + echo "VERSION=${REF_SLUG}-${COMMIT_SHA_SHORT}" >> $GITHUB_OUTPUT + else + VERSION=${REF_SLUG} + echo "VERSION=${REF_SLUG}" >> $GITHUB_OUTPUT + fi + echo "set VERSION=${VERSION}" + + build: + name: Build + runs-on: parity-large + needs: [set-variables] + container: + image: ${{ needs.set-variables.outputs.CI_IMAGE }} + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Build and pack artifact + run: | + cargo fetch + CARGO_NET_OFFLINE=true time cargo build --release --workspace + mkdir -p ./artifacts + strip ./target/release/substrate-relay + mv -v ./target/release/substrate-relay ./artifacts/ + mv -v ./deployments/local-scripts/bridge-entrypoint.sh ./artifacts/ + mv -v ./ci.Dockerfile ./artifacts/ + + - name: upload artifacts + uses: actions/upload-artifact@v3 + with: + name: build + path: ./artifacts + retention-days: 2 + + build_push_docker: + name: Build docker image + runs-on: ubuntu-latest + needs: [set-variables, build] + env: + VERSION: ${{ needs.set-variables.outputs.VERSION }} + steps: + - name: Log in to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + name: build + - name: Make scripts executable + run: | + chmod +x bridge-entrypoint.sh + chmod +x substrate-relay + - name: Build Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./ci.Dockerfile + push: true + tags: | + docker.io/paritytech/substrate-relay:${{ env.VERSION }} + docker.io/paritytech/bridges-common-relay:${{ env.VERSION }} + + deploy-westend: + name: Deploy Westend + runs-on: ubuntu-latest + environment: parity-testnet + needs: [set-variables, build_push_docker] + env: + VERSION: ${{ needs.set-variables.outputs.VERSION }} + ARGOCD_SERVER: "westend-argocd.teleport.parity.io" + steps: + - name: Deploy to ArgoCD + uses: paritytech/argocd-deployment-action@main + with: + environment: "parity-testnet" + tag: "${{ env.VERSION }}" + app_name: "bridges-common-relay" + app_packages: "headers-a,headers-b,parachains-a,parachains-b,messages-a,messages-b" + argocd_server: ${{ env.ARGOCD_SERVER }} + teleport_token: ${{ env.APP }} + teleport_app_name: "argocd-testnet" + argocd_auth_token: ${{ secrets.ARGOCD_AUTH_TOKEN }} From 71f7b6983d02bad466ad645d2dc98377b8e874e9 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Wed, 30 Oct 2024 18:16:22 +0100 Subject: [PATCH 17/22] add permissions --- .github/workflows/deploy.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 5eec57aa778..16715f1766f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -14,6 +14,11 @@ concurrency: env: CI_IMAGE: "paritytech/ci-unified:bullseye-1.81.0-2024-09-11-v202409111034" +#to use reusable workflow +permissions: + id-token: write + contents: read + jobs: set-variables: # This workaround sets the container image for each job using 'set-variables' job output. From 38d09ca9dec0eb2d0bb5726be50be58c7f6eaad3 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Thu, 31 Oct 2024 13:38:45 +0100 Subject: [PATCH 18/22] add env --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 16715f1766f..3837f7f6273 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -78,6 +78,7 @@ jobs: build_push_docker: name: Build docker image runs-on: ubuntu-latest + environment: tags needs: [set-variables, build] env: VERSION: ${{ needs.set-variables.outputs.VERSION }} From b2ce5b5e39ff60d83e3d61f708ccfe8e8e6eb80b Mon Sep 17 00:00:00 2001 From: alvicsam Date: Thu, 31 Oct 2024 15:49:37 +0100 Subject: [PATCH 19/22] fix deploy --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 3837f7f6273..6799ea31775 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -114,7 +114,7 @@ jobs: needs: [set-variables, build_push_docker] env: VERSION: ${{ needs.set-variables.outputs.VERSION }} - ARGOCD_SERVER: "westend-argocd.teleport.parity.io" + ARGOCD_SERVER: "argocd-chains.teleport.parity.io" steps: - name: Deploy to ArgoCD uses: paritytech/argocd-deployment-action@main @@ -125,5 +125,5 @@ jobs: app_packages: "headers-a,headers-b,parachains-a,parachains-b,messages-a,messages-b" argocd_server: ${{ env.ARGOCD_SERVER }} teleport_token: ${{ env.APP }} - teleport_app_name: "argocd-testnet" + teleport_app_name: "argocd-chains" argocd_auth_token: ${{ secrets.ARGOCD_AUTH_TOKEN }} From 51aa652260ddc52981cacedfe05ed2d3be1903d0 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Thu, 31 Oct 2024 15:54:59 +0100 Subject: [PATCH 20/22] =?UTF-8?q?rm=20gitlab=20=D1=81=D1=88?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/gitspiegel-trigger.yml | 22 -- .gitlab-ci.yml | 407 ----------------------- 2 files changed, 429 deletions(-) delete mode 100644 .github/workflows/gitspiegel-trigger.yml delete mode 100644 .gitlab-ci.yml diff --git a/.github/workflows/gitspiegel-trigger.yml b/.github/workflows/gitspiegel-trigger.yml deleted file mode 100644 index dce3aaf2fec..00000000000 --- a/.github/workflows/gitspiegel-trigger.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: gitspiegel sync - -# This workflow doesn't do anything, it's only use is to trigger "workflow_run" -# webhook, that'll be consumed by gitspiegel -# This way, gitspiegel won't do mirroring, unless this workflow runs, -# and running the workflow is protected by GitHub - -on: - pull_request: - types: - - opened - - synchronize - - unlocked - - ready_for_review - - reopened - -jobs: - sync: - runs-on: ubuntu-latest - steps: - - name: Do nothing - run: echo "let's go" diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index 2605a6374a2..00000000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,407 +0,0 @@ -stages: - - test - - build - - publish - - publish-docker-description - - deploy - -variables: - GIT_STRATEGY: fetch - GIT_DEPTH: 100 - CARGO_INCREMENTAL: 0 - ARCH: "x86_64" - CI_IMAGE: "paritytech/ci-unified:bullseye-1.81.0-2024-09-11-v202409111034" - RUST_BACKTRACE: full - BUILDAH_IMAGE: "quay.io/buildah/stable:v1.29" - BUILDAH_COMMAND: "buildah --storage-driver overlay2" - -default: - cache: {} - interruptible: true - retry: - max: 2 - when: - - runner_system_failure - - unknown_failure - - api_failure - -.collect-artifacts: &collect-artifacts - artifacts: - name: "${CI_JOB_NAME}_${CI_COMMIT_REF_NAME}" - when: on_success - expire_in: 7 days - paths: - - artifacts/ - -.kubernetes-build: &kubernetes-build - tags: - - kubernetes-parity-build - -.docker-env: &docker-env - image: "${CI_IMAGE}" - before_script: - - rustup show - - cargo --version - - rustup +nightly show - - cargo +nightly --version - tags: - - linux-docker-vm-c2 - -.test-refs: &test-refs - rules: - - if: $CI_PIPELINE_SOURCE == "pipeline" - - if: $CI_PIPELINE_SOURCE == "web" - - if: $CI_PIPELINE_SOURCE == "schedule" - - if: $CI_COMMIT_REF_NAME == "master" - - if: $CI_COMMIT_REF_NAME =~ /^[0-9]+$/ # PRs - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1 - -.test-only-refs: &test-only-refs - rules: - - if: $CI_COMMIT_REF_NAME =~ /^[0-9]+$/ # PRs - -.publish-refs: &publish-refs - rules: - # won't run on the CI image update pipeline - - if: $CI_PIPELINE_SOURCE == "pipeline" - when: never - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1 - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]{4}-[0-9]{2}-[0-9]{2}.*$/ # i.e. v2021-09-27, v2021-09-27-1 - # there are two types of nightly pipelines: - # 1. this one is triggered by the schedule with $PIPELINE == "nightly", it's for releasing. - # this job runs only on nightly pipeline with the mentioned variable, against `master` branch - - if: $CI_PIPELINE_SOURCE == "schedule" && $PIPELINE == "nightly" - -.nightly-test: &nightly-test - rules: - # 2. another is triggered by scripts repo $CI_PIPELINE_SOURCE == "pipeline" it's for the CI image - # update, it also runs all the nightly checks. - - if: $CI_PIPELINE_SOURCE == "pipeline" - -.deploy-refs: &deploy-refs - rules: - - if: $CI_PIPELINE_SOURCE == "pipeline" - when: never - - if: $SCHEDULED_JOB - when: never - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1 - when: manual - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]{4}-[0-9]{2}-[0-9]{2}.*$/ # i.e. v2021-09-27, v2021-09-27-1 - when: manual - - - -#### stage: test - -clippy-nightly: - stage: test - <<: *docker-env - <<: *test-refs - variables: - RUSTFLAGS: "-D warnings" - script: - - SKIP_WASM_BUILD=1 cargo clippy --all-targets --locked --workspace - -fmt: - stage: test - <<: *docker-env - <<: *test-refs - script: - - cargo +nightly fmt --all -- --check - -spellcheck: - stage: test - <<: *docker-env - <<: *test-refs - script: - - cargo spellcheck check --cfg=.config/spellcheck.toml --checkers hunspell -m 1 $(find . -type f -name '*.rs' ! -path "./target/*" ! -name 'codegen_runtime.rs' ! -name 'weights.rs') - -check: - stage: test - <<: *docker-env - <<: *test-refs - script: &check-script - - SKIP_WASM_BUILD=1 time cargo check --locked --verbose --workspace - -check-nightly: - stage: test - <<: *docker-env - <<: *nightly-test - script: - - rustup default nightly - - *check-script - -test: - stage: test - <<: *docker-env - <<: *test-refs -# variables: -# RUSTFLAGS: "-D warnings" - script: &test-script - - time cargo fetch - # Enable this, when you see: "`cargo metadata` can not fail on project `Cargo.toml`" - #- time cargo fetch --manifest-path=`cargo metadata --format-version=1 | jq --compact-output --raw-output ".packages[] | select(.name == \"polkadot-runtime\").manifest_path"` - #- time cargo fetch --manifest-path=`cargo metadata --format-version=1 | jq --compact-output --raw-output ".packages[] | select(.name == \"kusama-runtime\").manifest_path"` - - CARGO_NET_OFFLINE=true SKIP_WASM_BUILD=1 time cargo test --verbose --workspace - -test-nightly: - stage: test - <<: *docker-env - <<: *nightly-test - script: - - rustup default nightly - - *test-script - -deny: - stage: test - <<: *docker-env - <<: *nightly-test - <<: *collect-artifacts - script: - - cargo deny check advisories --hide-inclusion-graph - - cargo deny check bans sources --hide-inclusion-graph - after_script: - - mkdir -p ./artifacts - - echo "___Complete logs can be found in the artifacts___" - - cargo deny check advisories 2> advisories.log - - cargo deny check bans sources 2> bans_sources.log - # this job is allowed to fail, only licenses check is important - allow_failure: true - -deny-licenses: - stage: test - <<: *docker-env - <<: *test-refs - <<: *collect-artifacts - script: - - cargo deny check licenses --hide-inclusion-graph - after_script: - - mkdir -p ./artifacts - - echo "___Complete logs can be found in the artifacts___" - - cargo deny check licenses 2> licenses.log - -check-rustdoc: - stage: test - <<: *docker-env - <<: *test-refs - variables: - SKIP_WASM_BUILD: 1 - RUSTDOCFLAGS: "-Dwarnings" - script: - - time cargo doc --workspace --verbose --no-deps --all-features - -partial-repo-pallets-build-test: - stage: test - <<: *docker-env - <<: *nightly-test - script: - - ./scripts/verify-pallets-build.sh --no-revert - # we may live with failing partial repo build, it is just a signal for us - allow_failure: true - -build: - stage: test - rules: - # won't run on the CI image update pipeline - - if: $CI_PIPELINE_SOURCE == "pipeline" - when: never - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1 - - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]{4}-[0-9]{2}-[0-9]{2}.*$/ # i.e. v2021-09-27, v2021-09-27-1 - - if: $CI_PIPELINE_SOURCE == "schedule" && $PIPELINE == "nightly" - - if: $CI_COMMIT_REF_NAME =~ /^[0-9]+$/ # PRs - <<: *docker-env - <<: *collect-artifacts - # master - script: &build-script - - time cargo fetch - # Enable this, when you see: "`cargo metadata` can not fail on project `Cargo.toml`" - #- time cargo fetch --manifest-path=`cargo metadata --format-version=1 | jq --compact-output --raw-output ".packages[] | select(.name == \"polkadot-runtime\").manifest_path"` - #- time cargo fetch --manifest-path=`cargo metadata --format-version=1 | jq --compact-output --raw-output ".packages[] | select(.name == \"kusama-runtime\").manifest_path"` - - CARGO_NET_OFFLINE=true time cargo build --release --verbose --workspace - after_script: - # Prepare artifacts - - mkdir -p ./artifacts - - strip ./target/release/substrate-relay - - mv -v ./target/release/substrate-relay ./artifacts/ - - mv -v ./deployments/local-scripts/bridge-entrypoint.sh ./artifacts/ - - mv -v ./ci.Dockerfile ./artifacts/ - -build-nightly: - stage: build - <<: *docker-env - <<: *collect-artifacts - <<: *nightly-test - script: - - rustup default nightly - - *build-script - -#### stage: publish - -# check that images can be built -.build-image: &build-image - <<: *kubernetes-build - image: $BUILDAH_IMAGE - <<: *test-only-refs - variables: &build-image-variables - GIT_STRATEGY: none - DOCKERFILE: ci.Dockerfile - needs: - - job: build - artifacts: true - script: - # trim "-build-docker" from job name - - export DOCKER_IMAGE_NAME="${CI_JOB_NAME::-13}" - - if [[ "${CI_JOB_NAME::-13}" == "bridges-common-relay" ]]; then - export BRIDGES_PROJECT="substrate-relay"; - else - export BRIDGES_PROJECT="${CI_JOB_NAME::-13}"; - fi - - export IMAGE_NAME=docker.io/paritytech/${DOCKER_IMAGE_NAME} - - echo "Building ${IMAGE_NAME}" - - cd ./artifacts - - $BUILDAH_COMMAND build - --format=docker - --build-arg VCS_REF="${CI_COMMIT_SHORT_SHA}" - --build-arg BUILD_DATE="$(date +%d-%m-%Y)" - --build-arg PROJECT="${BRIDGES_PROJECT}" - --build-arg VERSION="${VERSION}" - --tag "${IMAGE_NAME}:latest" - --file "${DOCKERFILE}" . - -substrate-relay-build-docker: - stage: publish - <<: *build-image - -bridges-common-relay-build-docker: - stage: publish - <<: *build-image - variables: - <<: *build-image-variables - BRIDGES_PROJECT: substrate-relay - DOCKER_IMAGE_NAME: bridges-common-relay - -# build and publish images -.build-push-image: &build-push-image - <<: *kubernetes-build - image: $BUILDAH_IMAGE - <<: *publish-refs - variables: &image-variables - GIT_STRATEGY: none - DOCKERFILE: ci.Dockerfile - BRIDGES_PROJECT: "${CI_JOB_NAME}" - DOCKER_IMAGE_NAME: "${CI_JOB_NAME}" - IMAGE_NAME: docker.io/paritytech/$DOCKER_IMAGE_NAME - needs: - - job: build - artifacts: true - before_script: - - echo "Starting docker image build/push with name '${IMAGE_NAME}' for '${BRIDGES_PROJECT}' with Dockerfile = '${DOCKERFILE}'" - - if [[ "${CI_COMMIT_TAG}" ]]; then - VERSION=${CI_COMMIT_TAG}; - elif [[ "${CI_COMMIT_REF_NAME}" ]]; then - VERSION=$(echo ${CI_COMMIT_REF_NAME} | sed -r 's#/+#-#g'); - fi - # When building from version tags (v1.0, v2.1rc1, ...) we'll use "production" to tag - # docker image. In all other cases, it'll be "latest". - - if [[ $CI_COMMIT_REF_NAME =~ ^v[0-9]+\.[0-9]+.*$ ]]; then - FLOATING_TAG="production"; - else - FLOATING_TAG="latest"; - fi - - echo "Effective tags = ${VERSION} sha-${CI_COMMIT_SHORT_SHA} ${FLOATING_TAG}" - - echo "Full docker image name = ${IMAGE_NAME}" - script: - - test "${Docker_Hub_User_Parity}" -a "${Docker_Hub_Pass_Parity}" || - ( echo "no docker credentials provided"; exit 1 ) - - cd ./artifacts - - $BUILDAH_COMMAND build - --format=docker - --build-arg VCS_REF="${CI_COMMIT_SHORT_SHA}" - --build-arg BUILD_DATE="$(date +%d-%m-%Y)" - --build-arg PROJECT="${BRIDGES_PROJECT}" - --build-arg VERSION="${VERSION}" - --tag "${IMAGE_NAME}:${VERSION}" - --tag "${IMAGE_NAME}:sha-${CI_COMMIT_SHORT_SHA}" - --tag "${IMAGE_NAME}:${FLOATING_TAG}" - --file "${DOCKERFILE}" . - # The job will success only on the protected branch - - echo "${Docker_Hub_Pass_Parity}" | - buildah login --username "${Docker_Hub_User_Parity}" --password-stdin docker.io - - $BUILDAH_COMMAND info - - $BUILDAH_COMMAND push --format=v2s2 "${IMAGE_NAME}:${VERSION}" - - $BUILDAH_COMMAND push --format=v2s2 "${IMAGE_NAME}:sha-${CI_COMMIT_SHORT_SHA}" - - $BUILDAH_COMMAND push --format=v2s2 "${IMAGE_NAME}:${FLOATING_TAG}" - after_script: - - env REGISTRY_AUTH_FILE= buildah logout --all - -substrate-relay: - stage: publish - <<: *build-push-image - -bridges-common-relay: - stage: publish - <<: *build-push-image - variables: - <<: *image-variables - BRIDGES_PROJECT: substrate-relay - DOCKER_IMAGE_NAME: bridges-common-relay - -# Publish Docker images description to hub.docker.com - -.publish-docker-image-description: - stage: publish-docker-description - image: paritytech/dockerhub-description - variables: - DOCKER_USERNAME: $Docker_Hub_User_Parity - DOCKER_PASSWORD: $Docker_Hub_Pass_Parity - README_FILEPATH: $CI_PROJECT_DIR/docs/${CI_JOB_NAME}.README.md - rules: - - if: $CI_COMMIT_REF_NAME == "master" - changes: - - docs/${CI_JOB_NAME}.README.md - script: - - export DOCKERHUB_REPOSITORY="paritytech/${CI_JOB_NAME:10}" - - cd / && sh entrypoint.sh - tags: - - kubernetes-parity-build - -dockerhub-substrate-relay: - extends: .publish-docker-image-description - variables: - SHORT_DESCRIPTION: "substrate-relay" - -dockerhub-bridges-common-relay: - extends: .publish-docker-image-description - variables: - SHORT_DESCRIPTION: "bridges-common-relay" - -# FIXME: publish binaries - -deploy-bridges-common-relay-testnet: - <<: *deploy-refs - <<: *kubernetes-build - needs: - - job: bridges-common-relay - stage: deploy - image: argoproj/argocd:v2.5.5 - environment: parity-testnet - variables: - ARGOCD_OPTS: --grpc-web --grpc-web-root-path /parity-testnet - APP: bridges-common-relay - before_script: - - if [[ "${CI_COMMIT_TAG}" ]]; then - VERSION=${CI_COMMIT_TAG}; - elif [[ "${CI_COMMIT_REF_NAME}" ]]; then - VERSION=$(echo ${CI_COMMIT_REF_NAME} | sed -r 's#/+#-#g'); - fi - script: - - echo "Starting deploy version=${VERSION}" - - argocd app list - - argocd app set $APP - --helm-set headers-a.image.tag=$VERSION - --helm-set headers-b.image.tag=$VERSION - --helm-set parachains-a.image.tag=$VERSION - --helm-set parachains-b.image.tag=$VERSION - --helm-set messages-a.image.tag=$VERSION - --helm-set messages-b.image.tag=$VERSION - - argocd app sync $APP --async From 68e19ac27e59dffa9d20d200a1b9ba87e2782bc9 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Thu, 7 Nov 2024 15:35:17 +0100 Subject: [PATCH 21/22] update upload-download artifacts --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e6e594107be..83ba1f7792e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -212,10 +212,10 @@ jobs: mv -v ./ci.Dockerfile ./artifacts/ - name: upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: build - path: ./artifacts + path: ./artifacts/ retention-days: 2 build_docker: @@ -226,7 +226,7 @@ jobs: VERSION: ${{ needs.set-variables.outputs.VERSION }} steps: - name: Download artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: build - name: Make scripts executable From aaf39db6cf483a36d5a7449d69c84aa5164e8f61 Mon Sep 17 00:00:00 2001 From: alvicsam Date: Thu, 7 Nov 2024 15:48:17 +0100 Subject: [PATCH 22/22] upd deploy --- .github/workflows/deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 6799ea31775..bcb4eecc8b7 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -69,10 +69,10 @@ jobs: mv -v ./ci.Dockerfile ./artifacts/ - name: upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: build - path: ./artifacts + path: ./artifacts/ retention-days: 2 build_push_docker: @@ -90,7 +90,7 @@ jobs: password: ${{ secrets.DOCKERHUB_PASSWORD }} - name: Download artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: build - name: Make scripts executable