* Revert "ci(ssh): connect using `ssh-compute` action by Google (#5330)"
This reverts commit b366d6e7bb.
* ci(ssh): use sudo for docker commands if user is not root
* ci(ssh): specify the service account to connect with
* ci(ssh): increase the Google Cloud instance sshd connection limit
* chore: add a new line at the end of the script
* chore: update our VM image to bullseye
* chore: fix `tj-actions/changed-files` file comparison
Motivation:
We've been trying multiple solutions to our SSH connection issues, our last
try solving this issues was PR https://github.com/ZcashFoundation/zebra/pull/5367/files
Depends-On: #5367
Expected behavior:
An SSH connection should not be terminated by the server, the connection
must be kept alive indefinitely until it's killed by GitHub Actions
Solution:
Disable TCP keepalive messages from the server and set `ClientAliveCountMax`
to 0, which disables connection termination
* Add latest and edge tags to Docker images
* Document how latest tag actually works
* Try a different syntax for is_default_branch
* Try again
* One last try
* Revert changes that don't work
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* Add RPC timing to zcash-rpc-diff
* Use transaction hash index for verbose block requests, rather than block data
* check if we are at tip for lightwallet wallet tests
* move function
* Apply suggestions from code review
Co-authored-by: teor <teor@riseup.net>
* Combine the lightwalletd sync and gRPC test APIs
* Rewrite the gRPC and full sync tests for the new APIs
* Make zebra_rpc_address optional because only some tests need it
* Check for the zebrad RPC port to open in the right place
* Do the quick lightwalletd integration tests first in the sequential test function
* Ignore the lightwalletd cached state env var in tests that don't want it
* Don't replace the state path in RPC tests
* Enable IO (and timers) on the tip check tokio runtime
* Stop waiting for sync if either waiter thread errors or panics
* Try to speed up slow lightwalletd full syncs
* Don't wait for the tip in send transaction tests, and try to speed up full lightwalletd syncs
* Remove redundant is_lightwalletd_finished store
Co-authored-by: Arya <aryasolhi@gmail.com>
* Fix unused variable error
* Actually create the lightwalletd cached state
* Fix lwd cache check logic
Co-authored-by: teor <teor@riseup.net>
Co-authored-by: Arya <aryasolhi@gmail.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* Add a Docker run command to the README
* Update the README with some user-relevant release candidate goals
* Update the release template for the release candidate
* Fix beta crate explanation
* Be more specific about what "this PR" means
* Update docker command for latest tag changes
* Update README Docker command based on tag changes
* Make Zebra release versions more vague in README.md
Co-authored-by: Pili Guerra <mpguerra@users.noreply.github.com>
* Move build instructions to build section
Co-authored-by: Pili Guerra <mpguerra@users.noreply.github.com>
* Add newlines to separate heading and paragraphs
* Remove extra newline
* Add a note for a future command update
* Remove manual build check, it doesn't have tier 1 support
Co-authored-by: Pili Guerra <mpguerra@users.noreply.github.com>
* refactor(ssh): connect using `ssh-compute` action by Google
Previous behavior:
From time to time SSH connections to deployed VMs fails with the following
error: `kex_exchange_identification: Connection closed by remote host`
This was still happening after implementing https://github.com/ZcashFoundation/zebra/pull/5292
Excpected behavior:
Ensure we're not creating SSH key pairs on the fly to improve our connections
guarantees
Solution:
- Enable the Cloud Identity-Aware Proxy API in GCP
- Create a firewall rule to enable connections from IAP
- Grant the required IAM permissions to enable IAP TCP forwarding
- Generate an SSH keys pair and set a private key as an input param
- Set the GitHub Action SA to have authorized ssh connection to the VMs
- Implement the `google-github-actions/ssh-compute` action to connect
* fix(ssh): id `compute-ssh` cannot be used more than once within the same scope
* fix(ci): try to enclose commands to override parsing issues
* tmp: remove ssh_args
* fix(action): secrets must be inherited to be used
* tmp: validate command enclosing fixes executin
* fix(ssh): ssh_args are not implemented correctly
* fix(ssh): login with the root user
* fix(privelege): uso sudo with docker commands
* tmp: add sudo
* fix(ssh): use sudo for all docker commands
* fix(ssh): add missing `sudo` commands
* fix(ssh): get sync height from ssh stdout
* fix(height): get the height correctly
Previous behavior:
The following error was causing an exit 1 in GitHub Actions when a pushing
to the `main` branch
```
Error: Similar commit hashes detected: previous sha is equivalent to the
current sha
```
Expeceted behavior:
Allow the linter to run succesfully even if the previous SHA has no files
changed
Solution:
Add `fetch-depth: 2` to retrieve the preceding commit
Previous behavior
From time to time SSH connections to deployed VMs fails with the following
error: `kex_exchange_identification: Connection closed by remote host`
Expected behavior
If the connection fails, attempt to reconnect once again (or multiple times)
Solution
Add the `ConnectionAttempts` and `ConnectTimeout` with 20 and 5 values
respectively, which attempst to reconnect 19 more times every 5 seconds
* Add a new block commit task and channels, that don't do anything yet
* Add last_block_hash_sent to the state service, to avoid database accesses
* Update last_block_hash_sent regardless of commit errors
* Rename a field to StateService.max_queued_finalized_height
* Commit finalized blocks to the state in a separate task
* Check for panics in the block write task
* Wait for the block commit task in tests, and check for errors
* Always run a proptest that sleeps once
* Add extra debugging to state shutdowns
* Work around a RocksDB shutdown bug
* Close the finalized block channel when we're finished with it
* Only reset state queue once per error
* Update some TODOs
* Add a module doc comment
* Drop channels and check for closed channels in the block commit task
* Close state channels and tasks on drop
* Remove some duplicate fields across StateService and ReadStateService
* Try tweaking the shutdown steps
* Update and clarify some comments
* Clarify another comment
* Don't try to cancel RocksDB background work on drop
* Fix up some comments
* Remove some duplicate code
* Remove redundant workarounds for shutdown issues
* Remode a redundant channel close in the block commit task
* Remove a mistaken `!force` shutdown condition
* Remove duplicate force-shutdown code and explain it better
* Improve RPC error logging
* Wait for chain tip updates in the RPC tests
* Wait 2 seconds for chain tip updates before skipping them
* Remove an unnecessary block_in_place()
* Fix some test error messages that were changed by earlier fixes
* Expand some comments, fix typos
Co-authored-by: Marek <mail@marek.onl>
* Actually drop children of failed blocks
* Explain why we drop descendants of failed blocks
* Clarify a comment
* Wait for chain tip updates in a failing test on macOS
* Clean duplicate finalized blocks when the non-finalized state activates
* Send an error when receiving a duplicate finalized block
* Update checkpoint block behaviour, document its consensus rule
* Wait for chain tip changes in inbound_block_height_lookahead_limit test
* Wait for the genesis block to commit in the fake peer set mempool tests
* Disable unreliable mempool verification check in the send transaction test
* Appease rustfmt
* Use clear_finalized_block_queue() everywhere that blocks are dropped
* Document how Finalized and NonFinalized clones are different
* Use the same check as commit_finalized() for finalized block heights
Co-authored-by: Marek <mail@marek.onl>
Co-authored-by: Marek <mail@marek.onl>
* Explain how to use the release template
I always have to look this up every time.
Also delete a long description of semantic versioning.
* Delete extra info that is already in the template elsewhere
* Explain how `Cargo.lock` gets updated
* Use a branch name that Google Cloud will accept
* Update release instructions for Docker binaries
* Add extra release testing steps
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: Gustavo Valverde <gustavo@iterativo.do>
* Combine high and medium queues into a batched queue
* Explain how to check config syntax
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* Update release-drafter.yml
* Explain where we got the workflow from
* Automatically add "trivial" label to dependabot updates
* Add categories and auto-labels to release drafter
* Update release PR template for automatic release drafter versions
* Also strip PR series numbers and leading spaces from changelog entries
* Update release note version check
* Update label names
* Add missing ! in conventional commits regex
Co-authored-by: Marek <mail@marek.onl>
* Make versioning steps more specific
Co-authored-by: Marek <mail@marek.onl>
* Remove conflicting detailed versioning explanations
Co-authored-by: Marek <mail@marek.onl>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Gustavo Valverde
teor
dependabot[bot]
Arya
Alfredo Garcia
Marek