zecfoundation
/
zebra
mirror of https://github.com/ZcashFoundation/zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

style(ci): lint and standardize the actions structure (#3940) 

* style(ci): comply with https://json.schemastore.org/github-workflow.json

Some substituions were harder to make as files were not standardized

* fix(mergify): use correct name for macos

* style(actions): revert to single quotes

* style: lint dependabot and mergify conf files

* style: remove conditions with missing context

* imp(lint): automate GH Actions linting

* fix(lint): some actions need to be triggered by PR event

* fix(lint): consider all workflow YAMLs

* Use the same paths in the patch file

* revert: keep condition as is

* add TODO

* fix: add missing checkpoint_sync input

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
This commit is contained in:
Gustavo Valverde 2022-04-12 01:06:37 -04:00 committed by GitHub
parent d09769714f
commit 831a2009bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 366 additions and 345 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
.github/dependabot.yml vendored
View File

@ -1,22 +1,22 @@
version: 2
updates:
- package-ecosystem: cargo
directory: "/"
schedule:
interval: daily
timezone: America/New_York
open-pull-requests-limit: 10
labels:
- "A-dependencies"
- "A-rust"
- "P-Low :snowflake:"
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: daily
timezone: America/New_York
open-pull-requests-limit: 10
labels:
- "A-infrastructure"
- "A-dependencies"
- "P-Low :snowflake:"
- package-ecosystem: cargo
directory: '/'
schedule:
interval: daily
timezone: America/New_York
open-pull-requests-limit: 10
labels:
- 'A-dependencies'
- 'A-rust'
- 'P-Low :snowflake:'
- package-ecosystem: github-actions
directory: '/'
schedule:
interval: daily
timezone: America/New_York
open-pull-requests-limit: 10
labels:
- 'A-infrastructure'
- 'A-dependencies'
- 'P-Low :snowflake:'

24
.github/mergify.yml vendored
View File

@ -10,7 +10,7 @@ queue_rules:
- check-success=Test full validation sync from cached state
- check-success=Test stable zebra-state with fake activation heights on ubuntu-latest
- check-success=Test stable on ubuntu-latest
- check-success=Test stable on macOS-latest
- check-success=Test stable on macos-latest
# TODO: Windows was removed for now, see https://github.com/ZcashFoundation/zebra/issues/3801
# - check-success=Test stable on windows-latest
- check-success=Clippy
@ -27,7 +27,7 @@ queue_rules:
- check-success=Test full validation sync from cached state
- check-success=Test stable zebra-state with fake activation heights on ubuntu-latest
- check-success=Test stable on ubuntu-latest
- check-success=Test stable on macOS-latest
- check-success=Test stable on macos-latest
# - check-success=Test stable on windows-latest
- check-success=Clippy
- check-success=Rustfmt
@ -43,7 +43,7 @@ queue_rules:
- check-success=Test full validation sync from cached state
- check-success=Test stable zebra-state with fake activation heights on ubuntu-latest
- check-success=Test stable on ubuntu-latest
- check-success=Test stable on macOS-latest
- check-success=Test stable on macos-latest
# - check-success=Test stable on windows-latest
- check-success=Clippy
- check-success=Rustfmt
@ -51,13 +51,13 @@ queue_rules:
pull_request_rules:
- name: move to urgent queue when CI passes with 1 review and not WIP targeting main
conditions:
- "#approved-reviews-by>=1"
- "#review-threads-unresolved=0"
- '#approved-reviews-by>=1'
- '#review-threads-unresolved=0'
- -draft
- base=main
- or:
- "label~=^P-Critical"
- "label~=^P-High"
- 'label~=^P-Critical'
- 'label~=^P-High'
- label!=do-not-merge
actions:
queue:
@ -66,11 +66,11 @@ pull_request_rules:
- name: move to medium queue when CI passes with 1 review and not WIP targeting main
conditions:
- "#approved-reviews-by>=1"
- "#review-threads-unresolved=0"
- '#approved-reviews-by>=1'
- '#review-threads-unresolved=0'
- -draft
- base=main
- "label~=^P-Medium"
- 'label~=^P-Medium'
- label!=do-not-merge
actions:
queue:
@ -79,8 +79,8 @@ pull_request_rules:
- name: move to low queue when CI passes with 1 review and not WIP targeting main
conditions:
- "#approved-reviews-by>=1"
- "#review-threads-unresolved=0"
- '#approved-reviews-by>=1'
- '#review-threads-unresolved=0'
- -draft
- base=main
- label!=do-not-merge

164
.github/workflows/cd.yml vendored
View File

@ -5,8 +5,12 @@ on:
inputs:
network:
default: 'Mainnet'
description: 'Network to deploy: Mainnet or Testnet'
required: true
checkpoint_sync:
default: true
default: 'true'
description: 'Use as many checkpoints as possible when syncing'
required: true
push:
branches:
- main
@ -32,93 +36,93 @@ jobs:
id-token: 'write'
steps:
- uses: actions/checkout@v3.0.0
with:
persist-credentials: false
- uses: actions/checkout@v3.0.0
with:
persist-credentials: false
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
with:
short-length: 7
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
with:
short-length: 7
# Automatic tag management and OCI Image Format Specification for labels
- name: Docker meta
id: meta
uses: docker/metadata-action@v3.7.0
with:
# list of Docker images to use as base name for tags
images: |
${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}
${{ env.GCR_BASE }}/${{ env.GITHUB_REPOSITORY_SLUG_URL }}/${{ env.GITHUB_REF_SLUG_URL }}
# generate Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
# Automatic tag management and OCI Image Format Specification for labels
- name: Docker meta
id: meta
uses: docker/metadata-action@v3.7.0
with:
# list of Docker images to use as base name for tags
images: |
${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}
${{ env.GCR_BASE }}/${{ env.GITHUB_REPOSITORY_SLUG_URL }}/${{ env.GITHUB_REF_SLUG_URL }}
# generate Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
# Setup gcloud CLI
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v0.7.0
with:
workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc'
service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com'
token_format: 'access_token'
# Setup gcloud CLI
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v0.7.0
with:
workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc'
service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com'
token_format: 'access_token'
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v1
with:
image: tonistiigi/binfmt:latest
platforms: all
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v1
with:
image: tonistiigi/binfmt:latest
platforms: all
# Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
# Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Login to Google Artifact Registry
uses: docker/login-action@v1.14.1
with:
registry: us-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: Login to Google Artifact Registry
uses: docker/login-action@v1.14.1
with:
registry: us-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: Login to Google Container Registry
uses: docker/login-action@v1.14.1
with:
registry: gcr.io
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: Login to Google Container Registry
uses: docker/login-action@v1.14.1
with:
registry: gcr.io
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
# Build and push image to Google Artifact Registry
- name: Build & push
id: docker_build
uses: docker/build-push-action@v2.10.0
with:
target: runtime
context: .
file: ./docker/Dockerfile
# TODO: building crates is taking too long with arm64 and it's timing out on GHA
# platforms: |
# linux/amd64
# linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
NETWORK=${{ github.event.inputs.network || env.NETWORK }}
SHORT_SHA=${{ env.GITHUB_SHA_SHORT }}
RUST_BACKTRACE=1
ZEBRA_SKIP_IPV6_TESTS="1"
CHECKPOINT_SYNC=${{ github.event.inputs.checkpoint_sync || true }}
SENTRY_DSN=${{ secrets.SENTRY_ENDPOINT }}
push: true
cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}:buildcache
cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}:buildcache,mode=max
# Build and push image to Google Artifact Registry
- name: Build & push
id: docker_build
uses: docker/build-push-action@v2.10.0
with:
target: runtime
context: .
file: ./docker/Dockerfile
# TODO: building crates is taking too long with arm64 and it's timing out on GHA
# platforms: |
# linux/amd64
# linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
NETWORK=${{ github.event.inputs.network || env.NETWORK }}
SHORT_SHA=${{ env.GITHUB_SHA_SHORT }}
RUST_BACKTRACE=1
ZEBRA_SKIP_IPV6_TESTS="1"
CHECKPOINT_SYNC=${{ github.event.inputs.checkpoint_sync || true }}
SENTRY_DSN=${{ secrets.SENTRY_ENDPOINT }}
push: true
cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}:buildcache
cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}:buildcache,mode=max
deploy-nodes:
name: Deploy Mainnet nodes

2
.github/workflows/ci.patch.yml vendored
View File

@ -23,7 +23,7 @@ jobs:
fail-fast: false
matrix:
# TODO: Windows was removed for now, see https://github.com/ZcashFoundation/zebra/issues/3801
os: [ubuntu-latest, macOS-latest]
os: [ubuntu-latest, macos-latest]
rust: [stable]
steps:

38
.github/workflows/ci.yml vendored
View File

@ -35,7 +35,7 @@ jobs:
fail-fast: false
matrix:
# TODO: Windows was removed for now, see https://github.com/ZcashFoundation/zebra/issues/3801
os: [ubuntu-latest, macOS-latest]
os: [ubuntu-latest, macos-latest]
rust: [stable]
steps:
@ -67,7 +67,7 @@ jobs:
# Ubuntu runners don't have reliable network or DNS during test steps.
# Windows runners have an unreliable network.
shell: bash
if: matrix.os != 'macOS-latest'
if: matrix.os != 'macos-latest'
run: echo "ZEBRA_SKIP_NETWORK_TESTS=1" >> $GITHUB_ENV
- name: Minimise proptest cases on macOS and Windows
@ -79,8 +79,8 @@ jobs:
shell: bash
if: matrix.os != 'ubuntu-latest'
run: |
echo "PROPTEST_CASES=1" >> $GITHUB_ENV
echo "PROPTEST_MAX_SHRINK_ITERS=1024" >> $GITHUB_ENV
echo "PROPTEST_CASES=1" >> $GITHUB_ENV
echo "PROPTEST_MAX_SHRINK_ITERS=1024" >> $GITHUB_ENV
- name: Change target output directory on Windows
# Windows doesn't have enough space on the D: drive, so we redirect the build output to the
@ -118,7 +118,7 @@ jobs:
- name: Run zebrad large sync tests
# Skip the entire step on Ubuntu and Windows, because the test would be skipped anyway due to ZEBRA_SKIP_NETWORK_TESTS
if: matrix.os == 'macOS-latest'
if: matrix.os == 'macos-latest'
uses: actions-rs/cargo@v1.0.3
with:
command: test
@ -159,7 +159,7 @@ jobs:
- name: Run tests with fake activation heights
uses: actions-rs/cargo@v1.0.3
env:
TEST_FAKE_ACTIVATION_HEIGHTS: ""
TEST_FAKE_ACTIVATION_HEIGHTS: ''
with:
command: test
# Note: this only runs the zebra-state crate tests,
@ -267,18 +267,18 @@ jobs:
continue-on-error: ${{ matrix.checks == 'advisories' }}
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- uses: actions/checkout@v2
with:
persist-credentials: false
- uses: EmbarkStudios/cargo-deny-action@v1
with:
command: check ${{ matrix.checks }}
args: --all-features --workspace
- uses: EmbarkStudios/cargo-deny-action@v1
with:
command: check ${{ matrix.checks }}
args: --all-features --workspace
# this check runs with optional features off
# so we expect some warnings about "skip tree root was not found"
- uses: EmbarkStudios/cargo-deny-action@v1
with:
command: check ${{ matrix.checks }}
args: --workspace
# this check runs with optional features off
# so we expect some warnings about "skip tree root was not found"
- uses: EmbarkStudios/cargo-deny-action@v1
with:
command: check ${{ matrix.checks }}
args: --workspace

4
.github/workflows/clean.yml vendored
View File

@ -5,7 +5,7 @@ on:
pull_request:
branches:
- main
types: [ closed ]
types: [closed]
env:
NETWORK: Mainnet
@ -39,4 +39,4 @@ jobs:
continue-on-error: true
run: |
TEST_INSTANCES=$(gcloud compute instances list --filter="${{ env.GITHUB_REF_SLUG_URL }}" --format='value(NAME)')
for instance in ${TEST_INSTANCES}; do gcloud compute instances delete $instance --zone "${{ env.ZONE }}" --delete-disks all --quiet; done
for instance in ${TEST_INSTANCES}; do gcloud compute instances delete $instance --zone "${{ env.ZONE }}" --delete-disks all --quiet; done

4
.github/workflows/coverage.yml vendored
View File

@ -70,8 +70,8 @@ jobs:
# Coverage tests are much slower than other tests, particularly in hot loops.
shell: bash
run: |
echo "PROPTEST_CASES=1" >> $GITHUB_ENV
echo "PROPTEST_MAX_SHRINK_ITERS=0" >> $GITHUB_ENV
echo "PROPTEST_CASES=1" >> $GITHUB_ENV
echo "PROPTEST_MAX_SHRINK_ITERS=0" >> $GITHUB_ENV
# Modified from:
# https://github.com/zcash/librustzcash/blob/c48bb4def2e122289843ddb3cb2984c325c03ca0/.github/workflows/ci.yml#L20-L33

100
.github/workflows/docs.yml vendored
View File

@ -23,62 +23,62 @@ jobs:
timeout-minutes: 30
runs-on: ubuntu-latest
steps:
- name: Checkout the source code
uses: actions/checkout@v3.0.0
with:
persist-credentials: false
- name: Checkout the source code
uses: actions/checkout@v3.0.0
with:
persist-credentials: false
- name: Install latest beta
uses: actions-rs/toolchain@v1
with:
toolchain: beta
components: rust-docs
override: true
- name: Install latest beta
uses: actions-rs/toolchain@v1
with:
toolchain: beta
components: rust-docs
override: true
- uses: Swatinem/rust-cache@v1
- uses: Swatinem/rust-cache@v1
- name: Install mdbook
run: |
cargo install mdbook
- name: Install mdbook
run: |
cargo install mdbook
- name: Build Zebra book
run: |
mdbook build book/
- name: Build Zebra book
run: |
mdbook build book/
- name: Deploy Zebra book to firebase
uses: w9jds/firebase-action@v2.0.0
with:
args: deploy
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
PROJECT_PATH: book/
PROJECT_ID: zebra-book-b535f
- name: Deploy Zebra book to firebase
uses: w9jds/firebase-action@v2.0.0
with:
args: deploy
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
PROJECT_PATH: book/
PROJECT_ID: zebra-book-b535f
- name: Build external docs
run: |
# Exclude zebra-utils, it is not for library or app users
cargo doc --no-deps --workspace --exclude zebra-utils
env:
RUSTDOCFLAGS: "--html-in-header katex-header.html"
- name: Build external docs
run: |
# Exclude zebra-utils, it is not for library or app users
cargo doc --no-deps --workspace --exclude zebra-utils
env:
RUSTDOCFLAGS: '--html-in-header katex-header.html'
- name: Deploy external docs to firebase
uses: w9jds/firebase-action@v2.0.0
with:
args: deploy
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
PROJECT_ID: zebra-doc-external
- name: Deploy external docs to firebase
uses: w9jds/firebase-action@v2.0.0
with:
args: deploy
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
PROJECT_ID: zebra-doc-external
- name: Build internal docs
run: |
cargo doc --no-deps --document-private-items
env:
RUSTDOCFLAGS: "--html-in-header katex-header.html"
- name: Build internal docs
run: |
cargo doc --no-deps --document-private-items
env:
RUSTDOCFLAGS: '--html-in-header katex-header.html'
- name: Deploy internal docs to firebase
uses: w9jds/firebase-action@v2.0.0
with:
args: deploy
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
PROJECT_ID: zebra-doc-internal-e9fd4
- name: Deploy internal docs to firebase
uses: w9jds/firebase-action@v2.0.0
with:
args: deploy
env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
PROJECT_ID: zebra-doc-internal-e9fd4

7
.github/workflows/lint.patch.yml vendored
View File

@ -1,17 +1,16 @@
name: Lint Rust files
on:
push:
pull_request:
branches:
- "**"
- "!main"
- 'main'
paths-ignore:
- '**/*.rs'
- '**/Cargo.toml'
- '**/Cargo.lock'
- 'clippy.toml'
- '.cargo/config.toml'
- '.github/workflows/lint.yml'
- '.github/workflows/*.yml'
jobs:
clippy:

14
.github/workflows/lint.yml vendored
View File

@ -1,10 +1,9 @@
name: Lint Rust files
on:
push:
pull_request:
branches:
- "**"
- "!main"
- 'main'
paths:
# code and tests
- '**/*.rs'
@ -14,7 +13,8 @@ on:
# workflow definitions
- 'clippy.toml'
- '.cargo/config.toml'
- '.github/workflows/lint.yml'
# TODO: we might want to run this in a separate workflow in the future for the `actionlint` job
- '.github/workflows/*.yml'
env:
CARGO_INCREMENTAL: 0
@ -82,3 +82,9 @@ jobs:
with:
command: fmt
args: --all -- --check
actionlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: reviewdog/action-actionlint@v1.21.0

12
.github/workflows/test-full-sync.yml vendored
View File

@ -5,6 +5,12 @@ on:
inputs:
network:
default: 'Mainnet'
description: 'Network to deploy: Mainnet or Testnet'
required: true
checkpoint_sync:
default: 'true'
description: 'Configures `zebrad` to use as many checkpoints as possible'
required: true
pull_request:
branches:
- main
@ -24,7 +30,7 @@ on:
env:
CARGO_INCREMENTAL: '1'
ZEBRA_SKIP_IPV6_TESTS: "1"
ZEBRA_SKIP_IPV6_TESTS: '1'
RUST_BACKTRACE: full
RUST_LIB_BACKTRACE: full
COLORBT_SHOW_HIDDEN: '1'
@ -41,7 +47,7 @@ jobs:
build:
# only run on Mergify head branches, and on manual dispatch:
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#running-your-workflow-based-on-the-head-or-base-branch-of-a-pull-request-1
if: startsWith(github.head_ref, 'mergify/merge-queue/') || github.event_name == 'workflow_dispatch'
if: startsWith(github.head_ref, 'mergify/merge-queue/') || github.event_name == 'workflow_dispatch'
name: Build images
timeout-minutes: 210
runs-on: ubuntu-latest
@ -132,7 +138,7 @@ jobs:
test-full-sync:
name: Test full Mainnet sync
runs-on: ubuntu-latest
needs: [ build ]
needs: [build]
permissions:
contents: 'read'
id-token: 'write'

7
.github/workflows/test.patch.yml vendored
View File

@ -25,7 +25,6 @@ jobs:
name: Test all
runs-on: ubuntu-latest
needs: build
if: ${{ github.event.inputs.regenerate-disks != 'true' }}
steps:
- run: 'echo "No build required"'
@ -33,7 +32,6 @@ jobs:
name: Test with fake activation heights
runs-on: ubuntu-latest
needs: build
if: ${{ github.event.inputs.regenerate-disks != 'true' }}
steps:
- run: 'echo "No build required"'
@ -42,7 +40,6 @@ jobs:
name: Test checkpoint sync from empty state
runs-on: ubuntu-latest
needs: build
if: ${{ github.event.inputs.regenerate-disks != 'true' }}
steps:
- run: 'echo "No build required"'
@ -57,8 +54,6 @@ jobs:
name: Regenerate stateful disks
runs-on: ubuntu-latest
needs: build
outputs:
disk_short_sha: ${{ steps.disk-short-sha.outputs.disk_short_sha }}
steps:
- run: 'echo "No build required"'
@ -66,6 +61,6 @@ jobs:
test-stateful-sync:
name: Test full validation sync from cached state
runs-on: ubuntu-latest
needs: [ build, regenerate-stateful-disks]
needs: [build, regenerate-stateful-disks]
steps:
- run: 'echo "No build required"'

11
.github/workflows/test.yml vendored
View File

@ -5,10 +5,17 @@ on:
inputs:
network:
default: 'Mainnet'
description: 'Network to deploy: Mainnet or Testnet'
required: true
checkpoint_sync:
default: 'true'
description: 'Configures `zebrad` to use as many checkpoints as possible'
required: true
regenerate-disks:
type: boolean
default: false
description: Just update stateful disks
description: 'Just update stateful disks'
required: true
pull_request:
branches:
- main
@ -358,7 +365,7 @@ jobs:
test-stateful-sync:
name: Test full validation sync from cached state
runs-on: ubuntu-latest
needs: [ build, regenerate-stateful-disks]
needs: [build, regenerate-stateful-disks]
permissions:
contents: 'read'
id-token: 'write'

138
.github/workflows/zcash-lightwalletd.yml vendored
View File

@ -35,81 +35,81 @@ jobs:
id-token: 'write'
steps:
- uses: actions/checkout@v3.0.0
with:
repository: adityapk00/lightwalletd
ref: 'master'
persist-credentials: false
- uses: actions/checkout@v3.0.0
with:
repository: adityapk00/lightwalletd
ref: 'master'
persist-credentials: false
- uses: actions/checkout@v3.0.0
with:
path: zebra
persist-credentials: false
- uses: actions/checkout@v3.0.0
with:
path: zebra
persist-credentials: false
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
with:
short-length: 7
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
with:
short-length: 7
# Automatic tag management and OCI Image Format Specification for labels
- name: Docker meta
id: meta
uses: docker/metadata-action@v3.7.0
with:
# list of Docker images to use as base name for tags
images: |
${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}
# generate Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Docker meta
id: meta
uses: docker/metadata-action@v3.7.0
with:
# list of Docker images to use as base name for tags
images: |
${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}
# generate Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v1
with:
image: tonistiigi/binfmt:latest
platforms: all
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v1
with:
image: tonistiigi/binfmt:latest
platforms: all
# Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
# Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
# Setup gcloud CLI
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v0.7.0
with:
workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc'
service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com'
token_format: 'access_token'
# Setup gcloud CLI
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v0.7.0
with:
workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc'
service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com'
token_format: 'access_token'
- name: Login to Google Artifact Registry
uses: docker/login-action@v1.14.1
with:
registry: us-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: Login to Google Artifact Registry
uses: docker/login-action@v1.14.1
with:
registry: us-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
# Build and push image to Google Artifact Registry
- name: Build & push
id: docker_build
uses: docker/build-push-action@v2.10.0
with:
target: build
context: .
file: ./zebra/docker/zcash-lightwalletd/Dockerfile
platforms: |
linux/amd64
linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: true
cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache
cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache,mode=max
# Build and push image to Google Artifact Registry
- name: Build & push
id: docker_build
uses: docker/build-push-action@v2.10.0
with:
target: build
context: .
file: ./zebra/docker/zcash-lightwalletd/Dockerfile
platforms: |
linux/amd64
linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: true
cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache
cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache,mode=max

136
.github/workflows/zcash-params.yml vendored
View File

@ -32,80 +32,80 @@ jobs:
id-token: 'write'
steps:
- uses: actions/checkout@v3.0.0
with:
persist-credentials: false
- uses: actions/checkout@v3.0.0
with:
persist-credentials: false
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
with:
short-length: 7
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
with:
short-length: 7
# Automatic tag management and OCI Image Format Specification for labels
- name: Docker meta
id: meta
uses: docker/metadata-action@v3.7.0
with:
# list of Docker images to use as base name for tags
images: |
${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}
# generate Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Docker meta
id: meta
uses: docker/metadata-action@v3.7.0
with:
# list of Docker images to use as base name for tags
images: |
${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}
# generate Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v1
with:
image: tonistiigi/binfmt:latest
platforms: all
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v1
with:
image: tonistiigi/binfmt:latest
platforms: all
# Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
# Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
# Setup gcloud CLI
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v0.7.0
with:
workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc'
service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com'
token_format: 'access_token'
# Setup gcloud CLI
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v0.7.0
with:
workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc'
service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com'
token_format: 'access_token'
- name: Login to Google Artifact Registry
uses: docker/login-action@v1.14.1
with:
registry: us-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: Login to Google Artifact Registry
uses: docker/login-action@v1.14.1
with:
registry: us-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
# Build and push image to Google Artifact Registry
- name: Build & push
id: docker_build
uses: docker/build-push-action@v2.10.0
with:
target: builder
context: .
file: ./docker/zcash-params/Dockerfile
# TODO: building crates is taking too long with arm64 and it's timing out on GHA
# platforms: |
# linux/amd64
# linux/arm64
# Build and push image to Google Artifact Registry
- name: Build & push
id: docker_build
uses: docker/build-push-action@v2.10.0
with:
target: builder
context: .
file: ./docker/zcash-params/Dockerfile
# TODO: building crates is taking too long with arm64 and it's timing out on GHA
# platforms: |
# linux/amd64
# linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
SHORT_SHA=${{ env.GITHUB_SHA_SHORT }}
ZEBRA_SKIP_IPV6_TESTS="1"
SENTRY_DSN=${{ secrets.SENTRY_ENDPOINT }}
push: true
cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache
cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache,mode=max
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
SHORT_SHA=${{ env.GITHUB_SHA_SHORT }}
ZEBRA_SKIP_IPV6_TESTS="1"
SENTRY_DSN=${{ secrets.SENTRY_ENDPOINT }}
push: true
cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache
cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache,mode=max

10
.github/workflows/zcashd-manual-deploy.yml vendored
View File

@ -4,9 +4,13 @@ on:
workflow_dispatch:
inputs:
network:
default: 'Testnet'
default: 'Mainnet'
description: 'Network to deploy: Mainnet or Testnet'
required: true
size:
default: 10
default: '10'
description: 'GCP Managed Instance Group size'
required: true
env:
PROJECT_ID: zealous-zebra
@ -81,4 +85,4 @@ jobs:
gcloud compute instance-groups managed rolling-action start-update \
"zcashd-${{ env.GITHUB_REF_SLUG_URL }}-${{ github.event.inputs.network }}" \
--version template="zcashd-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }}" \
--region "${{ env.REGION }}"
--region "${{ env.REGION }}"