Attach Sui binaries to a release #301
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Attach Sui binaries to a release | |
| on: | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| inputs: | |
| sui_tag: | |
| description: 'Sui repo tag to build from' | |
| type: string | |
| required: true | |
| env: | |
| TAG_NAME: "${{ github.event.inputs.sui_tag || github.ref }}" | |
| CARGO_TERM_COLOR: always | |
| # Disable incremental compilation. | |
| # | |
| # Incremental compilation is useful as part of an edit-build-test-edit cycle, | |
| # as it lets the compiler avoid recompiling code that hasn't changed. However, | |
| # on CI, we're not making small edits; we're almost always building the entire | |
| # project from scratch. Thus, incremental compilation on CI actually | |
| # introduces *additional* overhead to support making future builds | |
| # faster...but no future builds will ever occur in any given CI environment. | |
| # | |
| # See https://matklad.github.io/2021/09/04/fast-rust-builds.html#ci-workflow | |
| # for details. | |
| CARGO_INCREMENTAL: 0 | |
| # Allow more retries for network requests in cargo (downloading crates) and | |
| # rustup (installing toolchains). This should help to reduce flaky CI failures | |
| # from transient network timeouts or other issues. | |
| CARGO_NET_RETRY: 10 | |
| RUSTUP_MAX_RETRIES: 10 | |
| # Don't emit giant backtraces in the CI logs. | |
| RUST_BACKTRACE: short | |
| jobs: | |
| release-build: | |
| name: Build & Publish Binaries | |
| timeout-minutes: 80 | |
| strategy: | |
| matrix: | |
| os: [ windows-ghcloud, ubuntu-ghcloud, macos-latest-xl, macos-arm64-self-hosted ] | |
| fail-fast: false | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Clean up and validate tag name ${{ env.TAG_NAME }} | |
| shell: bash | |
| run: | | |
| export sui_tag=$(echo ${{ env.TAG_NAME }} | sed s/'refs\/tags\/'//) | |
| [[ "${sui_tag}" == "main" ]] && echo "tag cannot be equals to 'main'" && exit 1 | |
| echo "sui_tag=${sui_tag}" >> $GITHUB_ENV | |
| export sui_version=$(echo ${sui_tag} | sed -e 's/mainnet-v//' -e 's/testnet-v//') | |
| echo "sui_version=${sui_version}" >> $GITHUB_ENV | |
| - name: Configure AWS credentials | |
| if: ${{ env.TAG_NAME != 'main' }} | |
| uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # pin@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-2 | |
| - name: Set os/arch variables (Windows) | |
| if: ${{ matrix.os == 'windows-ghcloud' }} | |
| shell: bash | |
| run: | | |
| export arch=$(uname -m) | |
| export os_type="windows-${arch}" | |
| echo "os_type=${os_type}" >> $GITHUB_ENV | |
| - name: Set os/arch variables | |
| if: ${{ matrix.os != 'windows-ghcloud' }} | |
| shell: bash | |
| run: | | |
| export arch=$(uname -m) | |
| export system_os=$(echo ${{ matrix.os }} | cut -d- -f1) | |
| export os_type="${system_os}-${arch}" | |
| echo "os_type=${system_os}-${arch}" >> $GITHUB_ENV | |
| - name: Check if archives of binaries have already been built | |
| continue-on-error: true | |
| shell: bash | |
| run: | | |
| echo "s3_archive_exist=$(curl -Is https://sui-releases.s3.us-east-1.amazonaws.com/releases/sui-${{ env.sui_tag }}-${{ env.os_type }}.tgz | head -n 1 | grep '200 OK')" >> $GITHUB_ENV | |
| - name: Download archive, if it exists | |
| if: ${{ env.s3_archive_exist != '' }} | |
| shell: bash | |
| run: | | |
| mkdir -p ./target/release | |
| aws s3 cp s3://sui-releases/releases/sui-${{ env.sui_tag }}-${os_type}.tgz ./target/release/sui-${{ env.sui_tag }}-${os_type}.tgz | |
| - name: Setup caching | |
| if: ${{ env.s3_archive_exist == '' }} | |
| uses: bmwill/rust-cache@v1 # Fork of 'Swatinem/rust-cache' which allows caching additional paths | |
| - name: Install nexttest (Windows) | |
| if: ${{ matrix.os == 'windows-ghcloud' && env.s3_archive_exist == '' }} | |
| uses: taiki-e/install-action@nextest | |
| - name: Setup protoc (Windows) | |
| if: ${{ matrix.os == 'windows-ghcloud' && env.s3_archive_exist == '' }} | |
| uses: arduino/setup-protoc@v1 | |
| # this avoids rate-limiting | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Install postgres (Windows) | |
| if: ${{ matrix.os == 'windows-ghcloud' && env.s3_archive_exist == '' }} | |
| shell: bash | |
| run: | | |
| choco install postgresql12 --force --params '/Password:root' | |
| echo "C:\Program Files\PostgreSQL\12\bin" >> $GITHUB_PATH | |
| echo "C:\Program Files\PostgreSQL\12\lib" >> $GITHUB_PATH | |
| echo "PQ_LIB_DIR=C:\Program Files\PostgreSQL\12\lib" >> $GITHUB_ENV | |
| echo "PG_DATABASE_URL=postgres://postgres:root@localhost/" >> $GITHUB_ENV | |
| echo "PG_EXAMPLE_DATABASE_URL=postgres://postgres:root@localhost/diesel_example" >> $GITHUB_ENV | |
| - name: Checking out ${{ env.sui_tag }} | |
| if: ${{ env.s3_archive_exist == '' }} | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ env.sui_tag }} | |
| - name: cargo build (release) for ${{ matrix.os }} platform | |
| if: ${{ env.s3_archive_exist == '' }} | |
| shell: bash | |
| run: | | |
| [ -f ~/.cargo/env ] && source ~/.cargo/env ; cargo build --release | |
| cd external-crates/move && cargo build -p move-analyzer --release | |
| - name: Rename binaries for ${{ matrix.os }} | |
| if: ${{ matrix.os != 'windows-ghcloud' && env.s3_archive_exist == '' }} | |
| shell: bash | |
| run: | | |
| [ -f ./target/release/sui ] && mv ./target/release/sui ./target/release/sui-${os_type} | |
| [ -f ./target/release/sui-node ] && mv ./target/release/sui-node ./target/release/sui-node-${os_type} | |
| [ -f ./target/release/sui-tool ] && mv ./target/release/sui-tool ./target/release/sui-tool-${os_type} | |
| [ -f ./target/release/sui-faucet ] && mv ./target/release/sui-faucet ./target/release/sui-faucet-${os_type} | |
| [ -f ./target/release/sui-test-validator ] && mv ./target/release/sui-test-validator ./target/release/sui-test-validator-${os_type} | |
| [ -f ./target/release/sui-data-ingestion ] && mv ./target/release/sui-data-ingestion ./target/release/sui-data-ingestion-${os_type} | |
| [ -f ./target/release/sui-bridge ] && mv ./target/release/sui-bridge ./target/release/sui-bridge-${os_type} | |
| [ -f ./external-crates/move/target/release/move-analyzer ] && mv ./external-crates/move/target/release/move-analyzer ./external-crates/move/target/release/move-analyzer-${os_type} | |
| tar -cvzf ./target/release/sui-${{ env.sui_tag }}-${os_type}.tgz ./target/release/sui*-${os_type}* ./external-crates/move/target/release/move-analyzer-${os_type} | |
| [[ ${{ env.sui_tag }} == *"mainnet"* ]] && aws s3 cp ./target/release/sui-${{ env.sui_tag }}-${os_type}.tgz s3://sui-releases/releases/sui-${{ env.sui_tag }}-${os_type}.tgz || true | |
| - name: Rename binaries for Windows | |
| if: ${{ matrix.os == 'windows-ghcloud' && env.s3_archive_exist == '' }} | |
| shell: bash | |
| run: | | |
| [ -f ./target/release/sui.exe ] && cp ./target/release/sui.exe ./target/release/sui-${os_type}.exe | |
| [ -f ./target/release/sui-node.exe ] && mv ./target/release/sui-node.exe ./target/release/sui-node-${os_type}.exe | |
| [ -f ./target/release/sui-tool.exe ] && mv ./target/release/sui-tool.exe ./target/release/sui-tool-${os_type}.exe | |
| [ -f ./target/release/sui-faucet.exe ] && mv ./target/release/sui-faucet.exe ./target/release/sui-faucet-${os_type}.exe | |
| [ -f ./target/release/sui-test-validator.exe ] && mv ./target/release/sui-test-validator.exe ./target/release/sui-test-validator-${os_type}.exe | |
| [ -f ./target/release/sui-indexer.exe ] && mv ./target/release/sui-indexer.exe ./target/release/sui-indexer-${os_type}.exe | |
| [ -f ./target/release/sui-data-ingestion.exe ] && mv ./target/release/sui-data-ingestion.exe ./target/release/sui-data-ingestion-${os_type}.exe | |
| [ -f ./external-crates/move/target/release/move-analyzer.exe ] && mv ./external-crates/move/target/release/move-analyzer.exe ./external-crates/move/target/release/move-analyzer-${os_type}.exe | |
| tar -cvzf ./target/release/sui-${{ env.sui_tag }}-${os_type}.tgz ./target/release/sui*-${os_type}* ./external-crates/move/target/release/move-analyzer-${os_type}.exe | |
| [[ ${{ env.sui_tag }} == *"mainnet"* ]] && aws s3 cp ./target/release/sui-${{ env.sui_tag }}-${os_type}.tgz s3://sui-releases/releases/sui-${{ env.sui_tag }}-${os_type}.tgz || true | |
| - name: "Publish Windows sui binary to Chocolately" | |
| if: ${{ matrix.os == 'windows-ghcloud' && env.s3_archive_exist == '' && contains( env.sui_tag, 'testnet') }} | |
| working-directory: chocolatey | |
| continue-on-error: true | |
| shell: bash | |
| run: | | |
| choco install checksum | |
| export sui_sha=$(checksum -t sha256 ../target/release/sui.exe) | |
| cat <<EOF >>VERIFICATION.txt | |
| Sui Binary verification steps | |
| 1. Go to https://github.com/MystenLabs/sui/releases/download/${{ env.sui_tag }}/sui-${{ env.sui_tag }}-windows-x86_64.tgz | |
| 2. Extract sui-windows-x86_64.exe | |
| 3. checksum.exe -t sha256 sui-windows-x86_64.exe: ${sui_sha} | |
| File 'LICENSE.txt' is obtained from: https://github.com/MystenLabs/sui/blob/main/LICENSE | |
| EOF | |
| choco pack --version ${{ env.sui_version }} configuration=release | |
| choco apikey --api-key ${{ secrets.CHOCO_API_KEY }} --source https://push.chocolatey.org/ | |
| choco push sui.${{ env.sui_version }}.nupkg --source https://push.chocolatey.org/ | |
| - name: Upload release artifacts for ${{ matrix.os }} platform | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: sui-binaries-${{ matrix.os }} | |
| if-no-files-found: error | |
| path: | | |
| ./target/release/sui-${{ env.sui_tag }}-${{ env.os_type }}.tgz | |
| - name: Publish binaries for ${{ env.sui_tag }} release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| tag_name: ${{ env.sui_tag }} | |
| files: | | |
| ./target/release/sui-${{ env.sui_tag }}-${{ env.os_type }}.tgz | |
| update-homebrew-formula: | |
| name: Push binaries to homebrew | |
| needs: release-build | |
| runs-on: ubuntu-latest | |
| if: ${{ contains( inputs.sui_tag, 'testnet') || contains( github.ref, 'testnet') }} | |
| steps: | |
| - name: Clean up tag name ${{ env.TAG_NAME }} | |
| shell: bash | |
| run: | | |
| echo "sui_tag=$(echo ${{ env.TAG_NAME }} | sed s/'refs\/tags\/'//)" >> $GITHUB_ENV | |
| # Checkout MystenLabs/homebrew-tap | |
| - name: Checkout Target Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: MystenLabs/homebrew-tap | |
| # @john's PAT, needs to be rotated jan 5 2025 | |
| token: ${{ secrets.HOMEBREW_TAP_REPO_READ_WRITE }} | |
| ref: main | |
| fetch-depth: 0 | |
| # Download all artifacts from the previous job | |
| - name: Download all artifacts | |
| uses: actions/download-artifact@v2 | |
| - name: Fetch Ubuntu x86_64 Binary and Compute SHA256 | |
| shell: bash | |
| run: | | |
| echo "sha256_ubuntu_release=$(sha256sum sui-binaries-ubuntu-ghcloud/sui-${{ env.sui_tag }}-ubuntu-x86_64.tgz | awk '{print $1}')" >> $GITHUB_ENV | |
| echo "sha256_macos_x86_release=$(sha256sum sui-binaries-macos-latest-xl/sui-${{ env.sui_tag }}-macos-x86_64.tgz | awk '{print $1}')" >> $GITHUB_ENV | |
| echo "sha256_macos_arm_release=$(sha256sum sui-binaries-macos-arm64-self-hosted/sui-${{ env.sui_tag }}-macos-arm64.tgz | awk '{print $1}' )" >> $GITHUB_ENV | |
| # Install Jinja2 for templating | |
| - name: Install Jinja2 | |
| run: pip install jinja2 | |
| - name: Apply Jinja2 Template and Update Formula | |
| run: | | |
| python3 - <<EOF | |
| import jinja2 | |
| import os | |
| # Load the template | |
| template_loader = jinja2.FileSystemLoader(searchpath="./template") | |
| template_env = jinja2.Environment(loader=template_loader) | |
| template = template_env.get_template("sui.rb.j2") | |
| version = "${{ env.sui_tag }}".removeprefix("testnet-v") | |
| # Render the template with variables | |
| output = template.render( | |
| version=version, | |
| linux_sha256="${sha256_ubuntu_release}", | |
| macos_intel_sha256="${sha256_macos_x86_release}", | |
| macos_arm_sha256="${sha256_macos_arm_release}" | |
| ) | |
| # Write the output to the formula file | |
| with open("Formula/sui.rb", "w") as file: | |
| file.write(output) | |
| EOF | |
| # Commit and Push to Target Repository | |
| - name: Commit and Push to Target Repository | |
| uses: github-actions-x/[email protected] | |
| with: | |
| github-token: ${{ secrets.HOMEBREW_TAP_REPO_READ_WRITE }} | |
| commit-message: "Update Homebrew formula for release ${{ env.sui_tag }}" | |
| files: Formula/sui.rb | |
| push-branch: main | |
| rebase: 'true' | |
| force-add: 'true' | |
| name: ${{ github.triggering_actor }} | |
| email: ${{ github.triggering_actor }}@users.noreply.github.com | |
| # Tag all sui images with release tag, so that they can be easily found | |
| tag-docker-hub-images: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Dispatch Tagging of images in DockerHub, in MystenLabs/sui-operations | |
| uses: peter-evans/repository-dispatch@26b39ed245ab8f31526069329e112ab2fb224588 # pin@v2 | |
| with: | |
| repository: MystenLabs/sui-operations | |
| token: ${{ secrets.DOCKER_BINARY_BUILDS_DISPATCH }} | |
| event-type: tag-docker-images | |
| client-payload: '{"sui_commit": "${{ github.sha }}", "repo_name": "all", "tag": "${{ env.TAG_NAME }}"}' |