zecfoundation
/
zebra
mirror of https://github.com/ZcashFoundation/zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

style(ci): lint and standardize the actions structure (#3940) 

* style(ci): comply with https://json.schemastore.org/github-workflow.json

Some substituions were harder to make as files were not standardized

* fix(mergify): use correct name for macos

* style(actions): revert to single quotes

* style: lint dependabot and mergify conf files

* style: remove conditions with missing context

* imp(lint): automate GH Actions linting

* fix(lint): some actions need to be triggered by PR event

* fix(lint): consider all workflow YAMLs

* Use the same paths in the patch file

* revert: keep condition as is

* add TODO

* fix: add missing checkpoint_sync input

Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
This commit is contained in:
Gustavo Valverde 2022-04-12 01:06:37 -04:00 committed by GitHub
parent d09769714f
commit 831a2009bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 366 additions and 345 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
.github/dependabot.yml vendored
View File

@ -1,22 +1,22 @@
version: 2 version: 2
updates: updates:
- package-ecosystem: cargo - package-ecosystem: cargo
directory: "/" directory: '/'
schedule: schedule:
interval: daily interval: daily
timezone: America/New_York timezone: America/New_York
open-pull-requests-limit: 10 open-pull-requests-limit: 10
labels: labels:
- "A-dependencies" - 'A-dependencies'
- "A-rust" - 'A-rust'
- "P-Low :snowflake:" - 'P-Low :snowflake:'
- package-ecosystem: github-actions - package-ecosystem: github-actions
directory: "/" directory: '/'
schedule: schedule:
interval: daily interval: daily
timezone: America/New_York timezone: America/New_York
open-pull-requests-limit: 10 open-pull-requests-limit: 10
labels: labels:
- "A-infrastructure" - 'A-infrastructure'
- "A-dependencies" - 'A-dependencies'
- "P-Low :snowflake:" - 'P-Low :snowflake:'

24
.github/mergify.yml vendored
View File

@ -10,7 +10,7 @@ queue_rules:
- check-success=Test full validation sync from cached state - check-success=Test full validation sync from cached state
- check-success=Test stable zebra-state with fake activation heights on ubuntu-latest - check-success=Test stable zebra-state with fake activation heights on ubuntu-latest
- check-success=Test stable on ubuntu-latest - check-success=Test stable on ubuntu-latest
- check-success=Test stable on macOS-latest - check-success=Test stable on macos-latest
# TODO: Windows was removed for now, see https://github.com/ZcashFoundation/zebra/issues/3801 # TODO: Windows was removed for now, see https://github.com/ZcashFoundation/zebra/issues/3801
# - check-success=Test stable on windows-latest # - check-success=Test stable on windows-latest
- check-success=Clippy - check-success=Clippy
@ -27,7 +27,7 @@ queue_rules:
- check-success=Test full validation sync from cached state - check-success=Test full validation sync from cached state
- check-success=Test stable zebra-state with fake activation heights on ubuntu-latest - check-success=Test stable zebra-state with fake activation heights on ubuntu-latest
- check-success=Test stable on ubuntu-latest - check-success=Test stable on ubuntu-latest
- check-success=Test stable on macOS-latest - check-success=Test stable on macos-latest
# - check-success=Test stable on windows-latest # - check-success=Test stable on windows-latest
- check-success=Clippy - check-success=Clippy
- check-success=Rustfmt - check-success=Rustfmt
@ -43,7 +43,7 @@ queue_rules:
- check-success=Test full validation sync from cached state - check-success=Test full validation sync from cached state
- check-success=Test stable zebra-state with fake activation heights on ubuntu-latest - check-success=Test stable zebra-state with fake activation heights on ubuntu-latest
- check-success=Test stable on ubuntu-latest - check-success=Test stable on ubuntu-latest
- check-success=Test stable on macOS-latest - check-success=Test stable on macos-latest
# - check-success=Test stable on windows-latest # - check-success=Test stable on windows-latest
- check-success=Clippy - check-success=Clippy
- check-success=Rustfmt - check-success=Rustfmt
@ -51,13 +51,13 @@ queue_rules:
pull_request_rules: pull_request_rules:
- name: move to urgent queue when CI passes with 1 review and not WIP targeting main - name: move to urgent queue when CI passes with 1 review and not WIP targeting main
conditions: conditions:
- "#approved-reviews-by>=1" - '#approved-reviews-by>=1'
- "#review-threads-unresolved=0" - '#review-threads-unresolved=0'
- -draft - -draft
- base=main - base=main
- or: - or:
- "label~=^P-Critical" - 'label~=^P-Critical'
- "label~=^P-High" - 'label~=^P-High'
- label!=do-not-merge - label!=do-not-merge
actions: actions:
queue: queue:
@ -66,11 +66,11 @@ pull_request_rules:
- name: move to medium queue when CI passes with 1 review and not WIP targeting main - name: move to medium queue when CI passes with 1 review and not WIP targeting main
conditions: conditions:
- "#approved-reviews-by>=1" - '#approved-reviews-by>=1'
- "#review-threads-unresolved=0" - '#review-threads-unresolved=0'
- -draft - -draft
- base=main - base=main
- "label~=^P-Medium" - 'label~=^P-Medium'
- label!=do-not-merge - label!=do-not-merge
actions: actions:
queue: queue:
@ -79,8 +79,8 @@ pull_request_rules:
- name: move to low queue when CI passes with 1 review and not WIP targeting main - name: move to low queue when CI passes with 1 review and not WIP targeting main
conditions: conditions:
- "#approved-reviews-by>=1" - '#approved-reviews-by>=1'
- "#review-threads-unresolved=0" - '#review-threads-unresolved=0'
- -draft - -draft
- base=main - base=main
- label!=do-not-merge - label!=do-not-merge

164
.github/workflows/cd.yml vendored
View File

@ -5,8 +5,12 @@ on:
inputs: inputs:
network: network:
default: 'Mainnet' default: 'Mainnet'
description: 'Network to deploy: Mainnet or Testnet'
required: true
checkpoint_sync: checkpoint_sync:
default: true default: 'true'
description: 'Use as many checkpoints as possible when syncing'
required: true
push: push:
branches: branches:
- main - main
@ -32,93 +36,93 @@ jobs:
id-token: 'write' id-token: 'write'
steps: steps:
- uses: actions/checkout@v3.0.0 - uses: actions/checkout@v3.0.0
with: with:
persist-credentials: false persist-credentials: false
- name: Inject slug/short variables - name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4 uses: rlespinasse/github-slug-action@v4
with: with:
short-length: 7 short-length: 7
# Automatic tag management and OCI Image Format Specification for labels # Automatic tag management and OCI Image Format Specification for labels
- name: Docker meta - name: Docker meta
id: meta id: meta
uses: docker/metadata-action@v3.7.0 uses: docker/metadata-action@v3.7.0
with: with:
# list of Docker images to use as base name for tags # list of Docker images to use as base name for tags
images: | images: |
${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }} ${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}
${{ env.GCR_BASE }}/${{ env.GITHUB_REPOSITORY_SLUG_URL }}/${{ env.GITHUB_REF_SLUG_URL }} ${{ env.GCR_BASE }}/${{ env.GITHUB_REPOSITORY_SLUG_URL }}/${{ env.GITHUB_REF_SLUG_URL }}
# generate Docker tags based on the following events/attributes # generate Docker tags based on the following events/attributes
tags: | tags: |
type=schedule type=schedule
type=ref,event=branch type=ref,event=branch
type=ref,event=pr type=ref,event=pr
type=semver,pattern={{version}} type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}} type=semver,pattern={{major}}
type=sha type=sha
# Setup gcloud CLI # Setup gcloud CLI
- name: Authenticate to Google Cloud - name: Authenticate to Google Cloud
id: auth id: auth
uses: google-github-actions/auth@v0.7.0 uses: google-github-actions/auth@v0.7.0
with: with:
workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc' workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc'
service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com' service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com'
token_format: 'access_token' token_format: 'access_token'
- name: Set up QEMU - name: Set up QEMU
id: qemu id: qemu
uses: docker/setup-qemu-action@v1 uses: docker/setup-qemu-action@v1
with: with:
image: tonistiigi/binfmt:latest image: tonistiigi/binfmt:latest
platforms: all platforms: all
# Setup Docker Buildx to allow use of docker cache layers from GH # Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx - name: Set up Docker Buildx
id: buildx id: buildx
uses: docker/setup-buildx-action@v1 uses: docker/setup-buildx-action@v1
- name: Login to Google Artifact Registry - name: Login to Google Artifact Registry
uses: docker/login-action@v1.14.1 uses: docker/login-action@v1.14.1
with: with:
registry: us-docker.pkg.dev registry: us-docker.pkg.dev
username: oauth2accesstoken username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }} password: ${{ steps.auth.outputs.access_token }}
- name: Login to Google Container Registry - name: Login to Google Container Registry
uses: docker/login-action@v1.14.1 uses: docker/login-action@v1.14.1
with: with:
registry: gcr.io registry: gcr.io
username: oauth2accesstoken username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }} password: ${{ steps.auth.outputs.access_token }}
# Build and push image to Google Artifact Registry # Build and push image to Google Artifact Registry
- name: Build & push - name: Build & push
id: docker_build id: docker_build
uses: docker/build-push-action@v2.10.0 uses: docker/build-push-action@v2.10.0
with: with:
target: runtime target: runtime
context: . context: .
file: ./docker/Dockerfile file: ./docker/Dockerfile
# TODO: building crates is taking too long with arm64 and it's timing out on GHA # TODO: building crates is taking too long with arm64 and it's timing out on GHA
# platforms: | # platforms: |
# linux/amd64 # linux/amd64
# linux/arm64 # linux/arm64
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
build-args: | build-args: |
NETWORK=${{ github.event.inputs.network || env.NETWORK }} NETWORK=${{ github.event.inputs.network || env.NETWORK }}
SHORT_SHA=${{ env.GITHUB_SHA_SHORT }} SHORT_SHA=${{ env.GITHUB_SHA_SHORT }}
RUST_BACKTRACE=1 RUST_BACKTRACE=1
ZEBRA_SKIP_IPV6_TESTS="1" ZEBRA_SKIP_IPV6_TESTS="1"
CHECKPOINT_SYNC=${{ github.event.inputs.checkpoint_sync || true }} CHECKPOINT_SYNC=${{ github.event.inputs.checkpoint_sync || true }}
SENTRY_DSN=${{ secrets.SENTRY_ENDPOINT }} SENTRY_DSN=${{ secrets.SENTRY_ENDPOINT }}
push: true push: true
cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}:buildcache cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}:buildcache
cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}:buildcache,mode=max cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.GITHUB_REF_SLUG_URL }}:buildcache,mode=max
deploy-nodes: deploy-nodes:
name: Deploy Mainnet nodes name: Deploy Mainnet nodes

2
.github/workflows/ci.patch.yml vendored
View File

@ -23,7 +23,7 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
# TODO: Windows was removed for now, see https://github.com/ZcashFoundation/zebra/issues/3801 # TODO: Windows was removed for now, see https://github.com/ZcashFoundation/zebra/issues/3801
os: [ubuntu-latest, macOS-latest] os: [ubuntu-latest, macos-latest]
rust: [stable] rust: [stable]
steps: steps:

38
.github/workflows/ci.yml vendored
View File

@ -35,7 +35,7 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
# TODO: Windows was removed for now, see https://github.com/ZcashFoundation/zebra/issues/3801 # TODO: Windows was removed for now, see https://github.com/ZcashFoundation/zebra/issues/3801
os: [ubuntu-latest, macOS-latest] os: [ubuntu-latest, macos-latest]
rust: [stable] rust: [stable]
steps: steps:
@ -67,7 +67,7 @@ jobs:
# Ubuntu runners don't have reliable network or DNS during test steps. # Ubuntu runners don't have reliable network or DNS during test steps.
# Windows runners have an unreliable network. # Windows runners have an unreliable network.
shell: bash shell: bash
if: matrix.os != 'macOS-latest' if: matrix.os != 'macos-latest'
run: echo "ZEBRA_SKIP_NETWORK_TESTS=1" >> $GITHUB_ENV run: echo "ZEBRA_SKIP_NETWORK_TESTS=1" >> $GITHUB_ENV
- name: Minimise proptest cases on macOS and Windows - name: Minimise proptest cases on macOS and Windows
@ -79,8 +79,8 @@ jobs:
shell: bash shell: bash
if: matrix.os != 'ubuntu-latest' if: matrix.os != 'ubuntu-latest'
run: | run: |
echo "PROPTEST_CASES=1" >> $GITHUB_ENV echo "PROPTEST_CASES=1" >> $GITHUB_ENV
echo "PROPTEST_MAX_SHRINK_ITERS=1024" >> $GITHUB_ENV echo "PROPTEST_MAX_SHRINK_ITERS=1024" >> $GITHUB_ENV
- name: Change target output directory on Windows - name: Change target output directory on Windows
# Windows doesn't have enough space on the D: drive, so we redirect the build output to the # Windows doesn't have enough space on the D: drive, so we redirect the build output to the
@ -118,7 +118,7 @@ jobs:
- name: Run zebrad large sync tests - name: Run zebrad large sync tests
# Skip the entire step on Ubuntu and Windows, because the test would be skipped anyway due to ZEBRA_SKIP_NETWORK_TESTS # Skip the entire step on Ubuntu and Windows, because the test would be skipped anyway due to ZEBRA_SKIP_NETWORK_TESTS
if: matrix.os == 'macOS-latest' if: matrix.os == 'macos-latest'
uses: actions-rs/cargo@v1.0.3 uses: actions-rs/cargo@v1.0.3
with: with:
command: test command: test
@ -159,7 +159,7 @@ jobs:
- name: Run tests with fake activation heights - name: Run tests with fake activation heights
uses: actions-rs/cargo@v1.0.3 uses: actions-rs/cargo@v1.0.3
env: env:
TEST_FAKE_ACTIVATION_HEIGHTS: "" TEST_FAKE_ACTIVATION_HEIGHTS: ''
with: with:
command: test command: test
# Note: this only runs the zebra-state crate tests, # Note: this only runs the zebra-state crate tests,
@ -267,18 +267,18 @@ jobs:
continue-on-error: ${{ matrix.checks == 'advisories' }} continue-on-error: ${{ matrix.checks == 'advisories' }}
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
with: with:
persist-credentials: false persist-credentials: false
- uses: EmbarkStudios/cargo-deny-action@v1 - uses: EmbarkStudios/cargo-deny-action@v1
with: with:
command: check ${{ matrix.checks }} command: check ${{ matrix.checks }}
args: --all-features --workspace args: --all-features --workspace
# this check runs with optional features off # this check runs with optional features off
# so we expect some warnings about "skip tree root was not found" # so we expect some warnings about "skip tree root was not found"
- uses: EmbarkStudios/cargo-deny-action@v1 - uses: EmbarkStudios/cargo-deny-action@v1
with: with:
command: check ${{ matrix.checks }} command: check ${{ matrix.checks }}
args: --workspace args: --workspace

4
.github/workflows/clean.yml vendored
View File

@ -5,7 +5,7 @@ on:
pull_request: pull_request:
branches: branches:
- main - main
types: [ closed ] types: [closed]
env: env:
NETWORK: Mainnet NETWORK: Mainnet
@ -39,4 +39,4 @@ jobs:
continue-on-error: true continue-on-error: true
run: | run: |
TEST_INSTANCES=$(gcloud compute instances list --filter="${{ env.GITHUB_REF_SLUG_URL }}" --format='value(NAME)') TEST_INSTANCES=$(gcloud compute instances list --filter="${{ env.GITHUB_REF_SLUG_URL }}" --format='value(NAME)')
for instance in ${TEST_INSTANCES}; do gcloud compute instances delete $instance --zone "${{ env.ZONE }}" --delete-disks all --quiet; done for instance in ${TEST_INSTANCES}; do gcloud compute instances delete $instance --zone "${{ env.ZONE }}" --delete-disks all --quiet; done

4
.github/workflows/coverage.yml vendored
View File

@ -70,8 +70,8 @@ jobs:
# Coverage tests are much slower than other tests, particularly in hot loops. # Coverage tests are much slower than other tests, particularly in hot loops.
shell: bash shell: bash
run: | run: |
echo "PROPTEST_CASES=1" >> $GITHUB_ENV echo "PROPTEST_CASES=1" >> $GITHUB_ENV
echo "PROPTEST_MAX_SHRINK_ITERS=0" >> $GITHUB_ENV echo "PROPTEST_MAX_SHRINK_ITERS=0" >> $GITHUB_ENV
# Modified from: # Modified from:
# https://github.com/zcash/librustzcash/blob/c48bb4def2e122289843ddb3cb2984c325c03ca0/.github/workflows/ci.yml#L20-L33 # https://github.com/zcash/librustzcash/blob/c48bb4def2e122289843ddb3cb2984c325c03ca0/.github/workflows/ci.yml#L20-L33

100
.github/workflows/docs.yml vendored
View File

@ -23,62 +23,62 @@ jobs:
timeout-minutes: 30 timeout-minutes: 30
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout the source code - name: Checkout the source code
uses: actions/checkout@v3.0.0 uses: actions/checkout@v3.0.0
with: with:
persist-credentials: false persist-credentials: false
- name: Install latest beta - name: Install latest beta
uses: actions-rs/toolchain@v1 uses: actions-rs/toolchain@v1
with: with:
toolchain: beta toolchain: beta
components: rust-docs components: rust-docs
override: true override: true
- uses: Swatinem/rust-cache@v1 - uses: Swatinem/rust-cache@v1
- name: Install mdbook - name: Install mdbook
run: | run: |
cargo install mdbook cargo install mdbook
- name: Build Zebra book - name: Build Zebra book
run: | run: |
mdbook build book/ mdbook build book/
- name: Deploy Zebra book to firebase - name: Deploy Zebra book to firebase
uses: w9jds/firebase-action@v2.0.0 uses: w9jds/firebase-action@v2.0.0
with: with:
args: deploy args: deploy
env: env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }} FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
PROJECT_PATH: book/ PROJECT_PATH: book/
PROJECT_ID: zebra-book-b535f PROJECT_ID: zebra-book-b535f
- name: Build external docs - name: Build external docs
run: | run: |
# Exclude zebra-utils, it is not for library or app users # Exclude zebra-utils, it is not for library or app users
cargo doc --no-deps --workspace --exclude zebra-utils cargo doc --no-deps --workspace --exclude zebra-utils
env: env:
RUSTDOCFLAGS: "--html-in-header katex-header.html" RUSTDOCFLAGS: '--html-in-header katex-header.html'
- name: Deploy external docs to firebase - name: Deploy external docs to firebase
uses: w9jds/firebase-action@v2.0.0 uses: w9jds/firebase-action@v2.0.0
with: with:
args: deploy args: deploy
env: env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }} FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
PROJECT_ID: zebra-doc-external PROJECT_ID: zebra-doc-external
- name: Build internal docs - name: Build internal docs
run: | run: |
cargo doc --no-deps --document-private-items cargo doc --no-deps --document-private-items
env: env:
RUSTDOCFLAGS: "--html-in-header katex-header.html" RUSTDOCFLAGS: '--html-in-header katex-header.html'
- name: Deploy internal docs to firebase - name: Deploy internal docs to firebase
uses: w9jds/firebase-action@v2.0.0 uses: w9jds/firebase-action@v2.0.0
with: with:
args: deploy args: deploy
env: env:
FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }} FIREBASE_TOKEN: ${{ secrets.FIREBASE_TOKEN }}
PROJECT_ID: zebra-doc-internal-e9fd4 PROJECT_ID: zebra-doc-internal-e9fd4

7
.github/workflows/lint.patch.yml vendored
View File

@ -1,17 +1,16 @@
name: Lint Rust files name: Lint Rust files
on: on:
push: pull_request:
branches: branches:
- "**" - 'main'
- "!main"
paths-ignore: paths-ignore:
- '**/*.rs' - '**/*.rs'
- '**/Cargo.toml' - '**/Cargo.toml'
- '**/Cargo.lock' - '**/Cargo.lock'
- 'clippy.toml' - 'clippy.toml'
- '.cargo/config.toml' - '.cargo/config.toml'
- '.github/workflows/lint.yml' - '.github/workflows/*.yml'
jobs: jobs:
clippy: clippy:

14
.github/workflows/lint.yml vendored
View File

@ -1,10 +1,9 @@
name: Lint Rust files name: Lint Rust files
on: on:
push: pull_request:
branches: branches:
- "**" - 'main'
- "!main"
paths: paths:
# code and tests # code and tests
- '**/*.rs' - '**/*.rs'
@ -14,7 +13,8 @@ on:
# workflow definitions # workflow definitions
- 'clippy.toml' - 'clippy.toml'
- '.cargo/config.toml' - '.cargo/config.toml'
- '.github/workflows/lint.yml' # TODO: we might want to run this in a separate workflow in the future for the `actionlint` job
- '.github/workflows/*.yml'
env: env:
CARGO_INCREMENTAL: 0 CARGO_INCREMENTAL: 0
@ -82,3 +82,9 @@ jobs:
with: with:
command: fmt command: fmt
args: --all -- --check args: --all -- --check
actionlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: reviewdog/action-actionlint@v1.21.0

12
.github/workflows/test-full-sync.yml vendored
View File

@ -5,6 +5,12 @@ on:
inputs: inputs:
network: network:
default: 'Mainnet' default: 'Mainnet'
description: 'Network to deploy: Mainnet or Testnet'
required: true
checkpoint_sync:
default: 'true'
description: 'Configures `zebrad` to use as many checkpoints as possible'
required: true
pull_request: pull_request:
branches: branches:
- main - main
@ -24,7 +30,7 @@ on:
env: env:
CARGO_INCREMENTAL: '1' CARGO_INCREMENTAL: '1'
ZEBRA_SKIP_IPV6_TESTS: "1" ZEBRA_SKIP_IPV6_TESTS: '1'
RUST_BACKTRACE: full RUST_BACKTRACE: full
RUST_LIB_BACKTRACE: full RUST_LIB_BACKTRACE: full
COLORBT_SHOW_HIDDEN: '1' COLORBT_SHOW_HIDDEN: '1'
@ -41,7 +47,7 @@ jobs:
build: build:
# only run on Mergify head branches, and on manual dispatch: # only run on Mergify head branches, and on manual dispatch:
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#running-your-workflow-based-on-the-head-or-base-branch-of-a-pull-request-1 # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#running-your-workflow-based-on-the-head-or-base-branch-of-a-pull-request-1
if: startsWith(github.head_ref, 'mergify/merge-queue/') || github.event_name == 'workflow_dispatch' if: startsWith(github.head_ref, 'mergify/merge-queue/') || github.event_name == 'workflow_dispatch'
name: Build images name: Build images
timeout-minutes: 210 timeout-minutes: 210
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -132,7 +138,7 @@ jobs:
test-full-sync: test-full-sync:
name: Test full Mainnet sync name: Test full Mainnet sync
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: [ build ] needs: [build]
permissions: permissions:
contents: 'read' contents: 'read'
id-token: 'write' id-token: 'write'

7
.github/workflows/test.patch.yml vendored
View File

@ -25,7 +25,6 @@ jobs:
name: Test all name: Test all
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
if: ${{ github.event.inputs.regenerate-disks != 'true' }}
steps: steps:
- run: 'echo "No build required"' - run: 'echo "No build required"'
@ -33,7 +32,6 @@ jobs:
name: Test with fake activation heights name: Test with fake activation heights
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
if: ${{ github.event.inputs.regenerate-disks != 'true' }}
steps: steps:
- run: 'echo "No build required"' - run: 'echo "No build required"'
@ -42,7 +40,6 @@ jobs:
name: Test checkpoint sync from empty state name: Test checkpoint sync from empty state
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
if: ${{ github.event.inputs.regenerate-disks != 'true' }}
steps: steps:
- run: 'echo "No build required"' - run: 'echo "No build required"'
@ -57,8 +54,6 @@ jobs:
name: Regenerate stateful disks name: Regenerate stateful disks
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
outputs:
disk_short_sha: ${{ steps.disk-short-sha.outputs.disk_short_sha }}
steps: steps:
- run: 'echo "No build required"' - run: 'echo "No build required"'
@ -66,6 +61,6 @@ jobs:
test-stateful-sync: test-stateful-sync:
name: Test full validation sync from cached state name: Test full validation sync from cached state
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: [ build, regenerate-stateful-disks] needs: [build, regenerate-stateful-disks]
steps: steps:
- run: 'echo "No build required"' - run: 'echo "No build required"'

11
.github/workflows/test.yml vendored
View File

@ -5,10 +5,17 @@ on:
inputs: inputs:
network: network:
default: 'Mainnet' default: 'Mainnet'
description: 'Network to deploy: Mainnet or Testnet'
required: true
checkpoint_sync:
default: 'true'
description: 'Configures `zebrad` to use as many checkpoints as possible'
required: true
regenerate-disks: regenerate-disks:
type: boolean type: boolean
default: false default: false
description: Just update stateful disks description: 'Just update stateful disks'
required: true
pull_request: pull_request:
branches: branches:
- main - main
@ -358,7 +365,7 @@ jobs:
test-stateful-sync: test-stateful-sync:
name: Test full validation sync from cached state name: Test full validation sync from cached state
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: [ build, regenerate-stateful-disks] needs: [build, regenerate-stateful-disks]
permissions: permissions:
contents: 'read' contents: 'read'
id-token: 'write' id-token: 'write'

138
.github/workflows/zcash-lightwalletd.yml vendored
View File

@ -35,81 +35,81 @@ jobs:
id-token: 'write' id-token: 'write'
steps: steps:
- uses: actions/checkout@v3.0.0 - uses: actions/checkout@v3.0.0
with: with:
repository: adityapk00/lightwalletd repository: adityapk00/lightwalletd
ref: 'master' ref: 'master'
persist-credentials: false persist-credentials: false
- uses: actions/checkout@v3.0.0 - uses: actions/checkout@v3.0.0
with: with:
path: zebra path: zebra
persist-credentials: false persist-credentials: false
- name: Inject slug/short variables - name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4 uses: rlespinasse/github-slug-action@v4
with: with:
short-length: 7 short-length: 7
# Automatic tag management and OCI Image Format Specification for labels # Automatic tag management and OCI Image Format Specification for labels
- name: Docker meta - name: Docker meta
id: meta id: meta
uses: docker/metadata-action@v3.7.0 uses: docker/metadata-action@v3.7.0
with: with:
# list of Docker images to use as base name for tags # list of Docker images to use as base name for tags
images: | images: |
${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }} ${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}
# generate Docker tags based on the following events/attributes # generate Docker tags based on the following events/attributes
tags: | tags: |
type=schedule type=schedule
type=ref,event=branch type=ref,event=branch
type=ref,event=pr type=ref,event=pr
type=semver,pattern={{version}} type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}} type=semver,pattern={{major}}
type=sha type=sha
- name: Set up QEMU - name: Set up QEMU
id: qemu id: qemu
uses: docker/setup-qemu-action@v1 uses: docker/setup-qemu-action@v1
with: with:
image: tonistiigi/binfmt:latest image: tonistiigi/binfmt:latest
platforms: all platforms: all
# Setup Docker Buildx to allow use of docker cache layers from GH # Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx - name: Set up Docker Buildx
id: buildx id: buildx
uses: docker/setup-buildx-action@v1 uses: docker/setup-buildx-action@v1
# Setup gcloud CLI # Setup gcloud CLI
- name: Authenticate to Google Cloud - name: Authenticate to Google Cloud
id: auth id: auth
uses: google-github-actions/auth@v0.7.0 uses: google-github-actions/auth@v0.7.0
with: with:
workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc' workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc'
service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com' service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com'
token_format: 'access_token' token_format: 'access_token'
- name: Login to Google Artifact Registry - name: Login to Google Artifact Registry
uses: docker/login-action@v1.14.1 uses: docker/login-action@v1.14.1
with: with:
registry: us-docker.pkg.dev registry: us-docker.pkg.dev
username: oauth2accesstoken username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }} password: ${{ steps.auth.outputs.access_token }}
# Build and push image to Google Artifact Registry # Build and push image to Google Artifact Registry
- name: Build & push - name: Build & push
id: docker_build id: docker_build
uses: docker/build-push-action@v2.10.0 uses: docker/build-push-action@v2.10.0
with: with:
target: build target: build
context: . context: .
file: ./zebra/docker/zcash-lightwalletd/Dockerfile file: ./zebra/docker/zcash-lightwalletd/Dockerfile
platforms: | platforms: |
linux/amd64 linux/amd64
linux/arm64 linux/arm64
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
push: true push: true
cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache
cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache,mode=max cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache,mode=max

136
.github/workflows/zcash-params.yml vendored
View File

@ -32,80 +32,80 @@ jobs:
id-token: 'write' id-token: 'write'
steps: steps:
- uses: actions/checkout@v3.0.0 - uses: actions/checkout@v3.0.0
with: with:
persist-credentials: false persist-credentials: false
- name: Inject slug/short variables - name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4 uses: rlespinasse/github-slug-action@v4
with: with:
short-length: 7 short-length: 7
# Automatic tag management and OCI Image Format Specification for labels # Automatic tag management and OCI Image Format Specification for labels
- name: Docker meta - name: Docker meta
id: meta id: meta
uses: docker/metadata-action@v3.7.0 uses: docker/metadata-action@v3.7.0
with: with:
# list of Docker images to use as base name for tags # list of Docker images to use as base name for tags
images: | images: |
${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }} ${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}
# generate Docker tags based on the following events/attributes # generate Docker tags based on the following events/attributes
tags: | tags: |
type=schedule type=schedule
type=ref,event=branch type=ref,event=branch
type=ref,event=pr type=ref,event=pr
type=semver,pattern={{version}} type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}} type=semver,pattern={{major}}
type=sha type=sha
- name: Set up QEMU - name: Set up QEMU
id: qemu id: qemu
uses: docker/setup-qemu-action@v1 uses: docker/setup-qemu-action@v1
with: with:
image: tonistiigi/binfmt:latest image: tonistiigi/binfmt:latest
platforms: all platforms: all
# Setup Docker Buildx to allow use of docker cache layers from GH # Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx - name: Set up Docker Buildx
id: buildx id: buildx
uses: docker/setup-buildx-action@v1 uses: docker/setup-buildx-action@v1
# Setup gcloud CLI # Setup gcloud CLI
- name: Authenticate to Google Cloud - name: Authenticate to Google Cloud
id: auth id: auth
uses: google-github-actions/auth@v0.7.0 uses: google-github-actions/auth@v0.7.0
with: with:
workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc' workload_identity_provider: 'projects/143793276228/locations/global/workloadIdentityPools/github-actions/providers/github-oidc'
service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com' service_account: 'github-service-account@zealous-zebra.iam.gserviceaccount.com'
token_format: 'access_token' token_format: 'access_token'
- name: Login to Google Artifact Registry - name: Login to Google Artifact Registry
uses: docker/login-action@v1.14.1 uses: docker/login-action@v1.14.1
with: with:
registry: us-docker.pkg.dev registry: us-docker.pkg.dev
username: oauth2accesstoken username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }} password: ${{ steps.auth.outputs.access_token }}
# Build and push image to Google Artifact Registry # Build and push image to Google Artifact Registry
- name: Build & push - name: Build & push
id: docker_build id: docker_build
uses: docker/build-push-action@v2.10.0 uses: docker/build-push-action@v2.10.0
with: with:
target: builder target: builder
context: . context: .
file: ./docker/zcash-params/Dockerfile file: ./docker/zcash-params/Dockerfile
# TODO: building crates is taking too long with arm64 and it's timing out on GHA # TODO: building crates is taking too long with arm64 and it's timing out on GHA
# platforms: | # platforms: |
# linux/amd64 # linux/amd64
# linux/arm64 # linux/arm64
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
build-args: | build-args: |
SHORT_SHA=${{ env.GITHUB_SHA_SHORT }} SHORT_SHA=${{ env.GITHUB_SHA_SHORT }}
ZEBRA_SKIP_IPV6_TESTS="1" ZEBRA_SKIP_IPV6_TESTS="1"
SENTRY_DSN=${{ secrets.SENTRY_ENDPOINT }} SENTRY_DSN=${{ secrets.SENTRY_ENDPOINT }}
push: true push: true
cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache cache-from: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache
cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache,mode=max cache-to: type=registry,ref=${{ env.GAR_BASE }}/${{ env.IMAGE_NAME }}:buildcache,mode=max

10
.github/workflows/zcashd-manual-deploy.yml vendored
View File

@ -4,9 +4,13 @@ on:
workflow_dispatch: workflow_dispatch:
inputs: inputs:
network: network:
default: 'Testnet' default: 'Mainnet'
description: 'Network to deploy: Mainnet or Testnet'
required: true
size: size:
default: 10 default: '10'
description: 'GCP Managed Instance Group size'
required: true
env: env:
PROJECT_ID: zealous-zebra PROJECT_ID: zealous-zebra
@ -81,4 +85,4 @@ jobs:
gcloud compute instance-groups managed rolling-action start-update \ gcloud compute instance-groups managed rolling-action start-update \
"zcashd-${{ env.GITHUB_REF_SLUG_URL }}-${{ github.event.inputs.network }}" \ "zcashd-${{ env.GITHUB_REF_SLUG_URL }}-${{ github.event.inputs.network }}" \
--version template="zcashd-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }}" \ --version template="zcashd-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }}" \
--region "${{ env.REGION }}" --region "${{ env.REGION }}"