Skip to content

add check metadatahash signed extension #631

add check metadatahash signed extension

add check metadatahash signed extension #631

Workflow file for this run

name: CI
on:
push:
branches:
- master
tags:
- '[0-9]+.[0-9]+.[0-9]+'
- '[0-9]+.[0-9]+.[0-9]+-dev*'
pull_request:
branches: [ master ]
workflow_dispatch:
inputs:
verbose:
description: "Set --verbose to get verbose build output"
required: false
default: 'true'
env:
VERBOSE: ${{ github.events.input.verbose }}
SUBWASM_VERSION: 0.18.0
jobs:
# this job set up dynamic configuration shared among jobs
config:
name: Set up Config
runs-on: ubuntu-latest
env:
ENABLE_CHECK: true
outputs:
check: ${{ steps.check.outputs.check }}
runs: ${{ steps.runs.outputs.runs }}
steps:
- id: check
run: echo "{check}=${{ env.ENABLE_CHECK }}" >> $GITHUB_OUTPUT
cancel_previous_runs:
name: Cancel Previous Runs
runs-on: ubuntu-22.04
steps:
- uses: styfle/[email protected]
with:
access_token: ${{ secrets.GITHUB_TOKEN }}
build_primary_binaries:
name: Primary build ${{ matrix.binary }} for ${{ matrix.rust-target }} on (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ ubuntu-22.04 ]
rust: [ stable ]
binary: [ release ]
env:
RUST_BACKTRACE: full
RUSTV: ${{ matrix.rust }}
TARGET: ${{ matrix.rust-target }}
RUST_BIN_DIR: target/${{ matrix.rust-target }}/debug
RELEASE_NAME: debug
steps:
- uses: actions/checkout@v3
- name: Print env
run: |
echo "RUST_BIN_DIR = ${{ env.RUST_BIN_DIR }} "
# With rustup's nice new toml format, we just need to run rustup show to install the toolchain
# https://github.com/actions-rs/toolchain/issues/126#issuecomment-782989659
- name: Setup Rust toolchain
run: rustup show
- uses: Swatinem/rust-cache@v2
with:
key: ${{ matrix.os }}-${{ env.RUST_BIN_DIR }}-${{ matrix.binary }}
- name: Install protobuf
run: |
sudo apt update
sudo apt install --assume-yes protobuf-compiler
- name: Release
if: ${{ matrix.binary == 'release' }}
run: cargo build --release --locked
# Upload artifacts
- name: Upload integritee-collator
uses: actions/upload-artifact@v3
with:
name: integritee-collator-${{ github.sha }}
path: target/release/integritee-collator
- name: Slack Notification
uses: 8398a7/action-slack@v3
if: failure()
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
build_try_runtime_and_benchmark_binaries:
name: Extra features build ${{ matrix.binary }} for ${{ matrix.rust-target }} on (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ ubuntu-22.04 ]
rust: [ stable ]
binary: [ release ]
env:
RUST_BACKTRACE: full
RUSTV: ${{ matrix.rust }}
TARGET: ${{ matrix.rust-target }}
RUST_BIN_DIR: target/${{ matrix.rust-target }}/debug
RELEASE_NAME: debug
steps:
- uses: actions/checkout@v3
- name: Print env
run: |
echo "RUST_BIN_DIR = ${{ env.RUST_BIN_DIR }} "
# With rustup's nice new toml format, we just need to run rustup show to install the toolchain
# https://github.com/actions-rs/toolchain/issues/126#issuecomment-782989659
- name: Setup Rust toolchain
run: rustup show
- uses: Swatinem/rust-cache@v2
with:
key: ${{ matrix.os }}-${{ env.RUST_BIN_DIR }}-${{ matrix.binary }}
- name: Install protobuf
run: |
sudo apt update
sudo apt install --assume-yes protobuf-compiler
- name: Release
if: ${{ matrix.binary == 'release' }}
run: cargo build --release --locked --features try-runtime,runtime-benchmarks
# Upload artifacts
- name: Upload integritee-collator
uses: actions/upload-artifact@v3
with:
name: integritee-collator-${{ github.sha }}
path: target/release/integritee-collator
- name: Slack Notification
uses: 8398a7/action-slack@v3
if: failure()
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
# Run all checks and unit test. This always run on debug mode
check:
name: Rust check ${{ matrix.check }} (${{ matrix.rust-target }})
needs: config
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ ubuntu-latest ]
rust: [ nightly-2024-04-14 ]
rust-target: [ x86_64-unknown-linux-gnu ]
# check: [fmt --all -- --check, clippy -- -D warnings]
check: [ check --features runtime-benchmarks ] # skip clippy for now
env:
RUST_BACKTRACE: full
RUSTV: ${{ matrix.rust }}
TARGET: ${{ matrix.rust-target }}
steps:
- uses: actions/checkout@v3
# With rustup's nice new toml format, we just need to run rustup show to install the toolchain
# https://github.com/actions-rs/toolchain/issues/126#issuecomment-782989659
- name: Setup Rust toolchain
run: rustup show
- name: Install protobuf
run: |
sudo apt update
sudo apt install --assume-yes protobuf-compiler
- uses: Swatinem/rust-cache@v2
with:
key: ${{ matrix.rust-target }}-${{ matrix.check }}
- name: ${{ matrix.check }}
run: cargo ${{ matrix.check }}
license-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install cargo-about
uses: baptiste0928/cargo-install@v2
with:
crate: cargo-about
version: "0.6.1"
- name: Run license check
# Explicitly use stable because otherwise cargo will trigger a download of
# the nightly version specified in rust-toolchain.toml
run: cargo +stable about generate about.hbs > license.html
- name: Archive license file
uses: actions/upload-artifact@v3
with:
name: license
path: license.html
cargo-toml-fmt:
runs-on: ubuntu-latest
container: "tamasfe/taplo:0.7.0-alpine"
steps:
- uses: actions/checkout@v3
- name: Run Taplo fmt
run: taplo fmt --check
- name: Fail-fast; cancel other jobs
if: failure()
uses: andymckay/[email protected]
build-runtimes:
name: Build Runtimes
runs-on: ubuntu-latest
strategy:
matrix:
runtime: [ "shell", "integritee" ]
steps:
- uses: actions/checkout@v3
- name: Cache target dir
uses: actions/cache@v3
with:
path: "${{ github.workspace }}/runtime/${{ matrix.runtime }}/target"
key: srtool-target-${{ matrix.runtime }}-${{ github.sha }}
restore-keys: |
srtool-target-${{ matrix.runtime }}-
srtool-target-
- name: Srtool build
id: srtool_build
uses: chevdor/[email protected]
with:
image: paritytech/srtool
chain: ${{ matrix.runtime }}
runtime_dir: polkadot-parachains/${{ matrix.runtime }}-runtime
- name: Summary
run: |
echo '${{ steps.srtool_build.outputs.json }}' | jq > ${{ matrix.runtime }}-srtool-digest.json
cat ${{ matrix.runtime }}-srtool-digest.json
echo "Compressed Runtime: ${{ steps.srtool_build.outputs.wasm_compressed }}"
# It takes a while to build the runtime, so let's save the artifact as soon as we have it.
- name: Archive Artifacts for ${{ matrix.runtime }}
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with:
name: ${{ matrix.runtime }}-runtime-${{ github.sha }}
path: |
${{ steps.srtool_build.outputs.wasm_compressed }}
# We now get extra information thanks to subwasm
- name: Install subwasm
run: |
wget https://github.com/chevdor/subwasm/releases/download/v${{ env.SUBWASM_VERSION }}/subwasm_linux_amd64_v${{ env.SUBWASM_VERSION }}.deb
sudo dpkg -i subwasm_linux_amd64_v${{ env.SUBWASM_VERSION }}.deb
subwasm --version
- name: Show Runtime information
shell: bash
run: |
subwasm info ${{ steps.srtool_build.outputs.wasm_compressed }}
subwasm --json info ${{ steps.srtool_build.outputs.wasm_compressed }} > ${{ matrix.runtime }}-compressed-info.json
- name: Extract the metadata
shell: bash
run: |
subwasm meta ${{ steps.srtool_build.outputs.wasm }}
subwasm --json meta ${{ steps.srtool_build.outputs.wasm }} > ${{ matrix.runtime }}-metadata.json
# This is unsupported it wants to diff the metadata with a running chain. i.e. wss://kusama-<matrix.chain>-rpc.parity.io
# - name: Check the metadata diff
# shell: bash
# run: |
# subwasm diff ${{ steps.srtool_build.outputs.wasm }} --chain-b ${{ matrix.chain }} > ${{ matrix.chain }}-diff.txt
# cat ${{ matrix.chain }}-diff.txt
- name: Archive Subwasm results
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with:
name: ${{ matrix.runtime }}-srtool-json-${{ github.sha }}
path: |
${{ matrix.runtime }}-srtool-digest.json
${{ matrix.runtime }}-info.json
${{ matrix.runtime }}-compressed-info.json
${{ matrix.runtime }}-metadata.json
${{ matrix.runtime }}-diff.txt
- name: Slack Notification
uses: 8398a7/action-slack@v3
if: failure()
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
create_artifacts:
needs: [ build_primary_binaries, build-runtimes ]
runs-on: ubuntu-22.04
env:
CHAIN_SPEC: ${{ matrix.chain }}-${{ matrix.config }}
strategy:
fail-fast: false
matrix:
chain: [ integritee ]
config: [ rococo, westend, kusama, polkadot, moonbase, paseo ]
include:
- chain: shell
config: kusama-lease2
steps:
- name: Checkout
uses: actions/checkout@v3
- uses: actions/download-artifact@v3
with:
name: integritee-collator-${{ github.sha }}
- name: 'Create binaries for artifacts'
run: |
chmod +x ./integritee-collator
./integritee-collator export-genesis-state --chain ${{ env.CHAIN_SPEC }} > ${{ env.CHAIN_SPEC }}.state
./integritee-collator build-spec --chain ${{ env.CHAIN_SPEC }} --disable-default-bootnode --raw > ${{ env.CHAIN_SPEC }}.json
- name: Compute file metadata
id: vars
run: |
sha256sum ${{ env.CHAIN_SPEC }}.state >> checksums.txt
sha256sum ${{ env.CHAIN_SPEC }}.json >> checksums.txt
- name: Upload ${{ env.CHAIN_SPEC }} Files
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with:
name: ${{ env.CHAIN_SPEC }}-${{ github.sha }}
path: |
checksums.txt
${{ env.CHAIN_SPEC }}.state
${{ env.CHAIN_SPEC }}.json
- name: Slack Notification
uses: 8398a7/action-slack@v3
if: failure()
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
release:
name: Draft Release
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
needs: [ create_artifacts, build_primary_binaries, check ]
outputs:
release_url: ${{ steps.create-release.outputs.html_url }}
asset_upload_url: ${{ steps.create-release.outputs.upload_url }}
steps:
- uses: actions/checkout@v3
- name: Download Integritee Collator
uses: actions/download-artifact@v3
with:
name: integritee-collator-${{ github.sha }}
- name: Create required package.json
run: test -f package.json || echo '{}' >package.json
- name: Changelog
uses: scottbrenner/generate-changelog-action@master
id: Changelog
- name: Display structure of downloaded files
run: ls -R
working-directory: .
- name: Release
id: create-release
uses: softprops/action-gh-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
body: |
${{ steps.Changelog.outputs.changelog }}
draft: true
files: |
integritee-collator
- name: Slack Notification
uses: 8398a7/action-slack@v3
if: failure()
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish-runtimes:
name: Publish Runtimes
runs-on: ubuntu-latest
needs: [ "release" ]
strategy:
matrix:
runtime: [ "shell", "integritee" ]
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
- name: Set up Ruby 3
uses: ruby/setup-ruby@v1
with:
ruby-version: '3.0'
- name: Get runtime version
id: get-runtime-ver
run: |
ls
ls "${{ matrix.runtime }}-runtime-${{ github.sha }}"
runtime_ver="$(ruby -e 'require "./scripts/github/lib.rb"; puts get_runtime("${{ matrix.runtime }}")')"
echo "Found version: >$runtime_ver<"
echo "runtime_ver={$runtime_ver}" >> $GITHUB_OUTPUT
- name: Upload compressed ${{ matrix.runtime }} wasm
uses: shogo82148/actions-upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ needs.release.outputs.asset_upload_url }}
asset_path: "${{ matrix.runtime }}-runtime-${{ github.sha }}/${{ matrix.runtime }}_runtime.compact.compressed.wasm"
asset_name: ${{ matrix.runtime }}_runtime-v${{ steps.get-runtime-ver.outputs.runtime_ver }}.compact.compressed.wasm
asset_content_type: application/wasm
- name: Slack Notification
uses: 8398a7/action-slack@v3
if: failure()
with:
status: ${{ job.status }}
fields: repo,message,commit,author,action,eventName,ref,workflow,job,took # selectable (default: repo,message)
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}