Skip to content

Detect underflows in build_closing_transaction #16147

Detect underflows in build_closing_transaction

Detect underflows in build_closing_transaction #16147

Workflow file for this run

name: Continuous Integration Checks
on:
push:
branches-ignore:
- master
pull_request:
branches-ignore:
- master
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
strategy:
fail-fast: false
matrix:
platform: [ ubuntu-latest, windows-latest, macos-latest ]
toolchain: [ stable, beta, 1.63.0 ] # 1.63.0 is the MSRV for all crates.
exclude:
- platform: windows-latest
toolchain: 1.63.0
runs-on: ${{ matrix.platform }}
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Install Rust ${{ matrix.toolchain }} toolchain
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ matrix.toolchain }}
rustup override set ${{ matrix.toolchain }}
- name: Install no-std-check dependencies for ARM Embedded
if: "matrix.platform == 'ubuntu-latest'"
run: |
rustup target add thumbv7m-none-eabi
sudo apt-get -y install gcc-arm-none-eabi
- name: shellcheck the CI and `contrib` scripts
if: "matrix.platform == 'ubuntu-latest'"
run: |
sudo apt-get -y install shellcheck
shellcheck ci/*.sh -aP ci
shellcheck contrib/*.sh -aP contrib
- name: Set RUSTFLAGS to deny warnings
if: "matrix.toolchain == '1.63.0'"
run: echo "RUSTFLAGS=-D warnings" >> "$GITHUB_ENV"
- name: Enable caching for bitcoind
id: cache-bitcoind
uses: actions/cache@v4
with:
path: bin/bitcoind-${{ runner.os }}-${{ runner.arch }}
key: bitcoind-${{ runner.os }}-${{ runner.arch }}
- name: Enable caching for electrs
id: cache-electrs
uses: actions/cache@v4
with:
path: bin/electrs-${{ runner.os }}-${{ runner.arch }}
key: electrs-${{ runner.os }}-${{ runner.arch }}
- name: Download bitcoind/electrs
if: "matrix.platform != 'windows-latest' && (steps.cache-bitcoind.outputs.cache-hit != 'true' || steps.cache-electrs.outputs.cache-hit != 'true')"
run: |
source ./contrib/download_bitcoind_electrs.sh
mkdir bin
mv "$BITCOIND_EXE" bin/bitcoind-${{ runner.os }}-${{ runner.arch }}
mv "$ELECTRS_EXE" bin/electrs-${{ runner.os }}-${{ runner.arch }}
- name: Set bitcoind/electrs environment variables
run: |
echo "BITCOIND_EXE=$( pwd )/bin/bitcoind-${{ runner.os }}-${{ runner.arch }}" >> "$GITHUB_ENV"
echo "ELECTRS_EXE=$( pwd )/bin/electrs-${{ runner.os }}-${{ runner.arch }}" >> "$GITHUB_ENV"
- name: Run CI script
shell: bash # Default on Winblows is powershell
run: CI_ENV=1 CI_MINIMIZE_DISK_USAGE=1 ./ci/ci-tests.sh
coverage:
strategy:
fail-fast: false
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Rust stable toolchain
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal
- name: Run tests with coverage generation
run: |
cargo install cargo-llvm-cov
export RUSTFLAGS="-Coverflow-checks=off"
cargo llvm-cov --features rest-client,rpc-client,tokio,futures,serde --codecov --hide-instantiations --output-path=target/codecov.json
# Could you use this to fake the coverage report for your PR? Sure.
# Will anyone be impressed by your amazing coverage? No
# Maybe if codecov wasn't broken we wouldn't need to do this...
bash <(curl -s https://codecov.io/bash) -f target/codecov.json -t "f421b687-4dc2-4387-ac3d-dc3b2528af57"
benchmark:
runs-on: ubuntu-latest
env:
TOOLCHAIN: stable
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }}
rustup override set ${{ env.TOOLCHAIN }}
- name: Cache routing graph snapshot
id: cache-graph
uses: actions/cache@v4
with:
path: lightning/net_graph-2023-12-10.bin
key: ldk-net_graph-v0.0.118-2023-12-10.bin
- name: Fetch routing graph snapshot
if: steps.cache-graph.outputs.cache-hit != 'true'
run: |
curl --verbose -L -o lightning/net_graph-2023-12-10.bin https://bitcoin.ninja/ldk-net_graph-v0.0.118-2023-12-10.bin
echo "Sha sum: $(sha256sum lightning/net_graph-2023-12-10.bin | awk '{ print $1 }')"
if [ "$(sha256sum lightning/net_graph-2023-12-10.bin | awk '{ print $1 }')" != "${EXPECTED_ROUTING_GRAPH_SNAPSHOT_SHASUM}" ]; then
echo "Bad hash"
exit 1
fi
env:
EXPECTED_ROUTING_GRAPH_SNAPSHOT_SHASUM: e94b38ef4b3ce683893bf6a3ee28d60cb37c73b059403ff77b7e7458157968c2
- name: Cache scorer snapshot
id: cache-scorer
uses: actions/cache@v4
with:
path: lightning/scorer-2023-12-10.bin
key: ldk-scorer-v0.0.118-2023-12-10.bin
- name: Fetch scorer snapshot
if: steps.cache-scorer.outputs.cache-hit != 'true'
run: |
curl --verbose -L -o lightning/scorer-2023-12-10.bin https://bitcoin.ninja/ldk-scorer-v0.0.118-2023-12-10.bin
echo "Sha sum: $(sha256sum lightning/scorer-2023-12-10.bin | awk '{ print $1 }')"
if [ "$(sha256sum lightning/scorer-2023-12-10.bin | awk '{ print $1 }')" != "${EXPECTED_SCORER_SNAPSHOT_SHASUM}" ]; then
echo "Bad hash"
exit 1
fi
env:
EXPECTED_SCORER_SNAPSHOT_SHASUM: 570a26bb28870fe1da7e392cdec9fb794718826b04c43ca053d71a8a9bb9be69
- name: Fetch rapid graph sync reference input
run: |
curl --verbose -L -o lightning-rapid-gossip-sync/res/full_graph.lngossip https://bitcoin.ninja/ldk-compressed_graph-285cb27df79-2022-07-21.bin
echo "Sha sum: $(sha256sum lightning-rapid-gossip-sync/res/full_graph.lngossip | awk '{ print $1 }')"
if [ "$(sha256sum lightning-rapid-gossip-sync/res/full_graph.lngossip | awk '{ print $1 }')" != "${EXPECTED_RAPID_GOSSIP_SHASUM}" ]; then
echo "Bad hash"
exit 1
fi
env:
EXPECTED_RAPID_GOSSIP_SHASUM: e0f5d11641c11896d7af3a2246d3d6c3f1720b7d2d17aab321ecce82e6b7deb8
- name: Test with Network Graph on Rust ${{ matrix.toolchain }}
run: |
cd lightning
RUSTFLAGS="--cfg=require_route_graph_test" cargo test
cd ..
- name: Run benchmarks on Rust ${{ matrix.toolchain }}
run: |
cd bench
RUSTFLAGS="--cfg=ldk_bench --cfg=require_route_graph_test" cargo bench
check_commits:
runs-on: ubuntu-latest
env:
TOOLCHAIN: stable
steps:
- name: Checkout source code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }}
rustup override set ${{ env.TOOLCHAIN }}
- name: Fetch full tree and rebase on upstream
run: |
git remote add upstream https://github.com/lightningdevkit/rust-lightning
git fetch upstream
export GIT_COMMITTER_EMAIL="rl-ci@example.com"
export GIT_COMMITTER_NAME="RL CI"
git rebase upstream/main
- name: For each commit, run cargo check (including in fuzz)
run: ci/check-each-commit.sh upstream/main
check_release:
runs-on: ubuntu-latest
env:
TOOLCHAIN: stable
steps:
- name: Checkout source code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }}
rustup override set ${{ env.TOOLCHAIN }}
- name: Run cargo check for release build.
run: |
cargo check --release
cargo check --no-default-features --features=futures,std --release
cargo doc --release
- name: Run cargo check for Taproot build.
run: |
cargo check --release
cargo check --no-default-features --release
cargo check --no-default-features --features=futures,std --release
cargo doc --release
cargo doc --no-default-features --release
env:
RUSTFLAGS: '--cfg=taproot'
RUSTDOCFLAGS: '--cfg=taproot'
fuzz:
runs-on: ubuntu-latest
env:
TOOLCHAIN: 1.63
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }}
rustup override set ${{ env.TOOLCHAIN }}
- name: Install dependencies for honggfuzz
run: |
sudo apt-get update
sudo apt-get -y install build-essential binutils-dev libunwind-dev
- name: Pin the regex dependency
run: |
cd fuzz && cargo update -p regex --precise "1.9.6" --verbose && cd ..
- name: Sanity check fuzz targets on Rust ${{ env.TOOLCHAIN }}
run: cd fuzz && RUSTFLAGS="--cfg=fuzzing --cfg=secp256k1_fuzz --cfg=hashes_fuzz" cargo test --verbose --color always
- name: Run fuzzers
run: cd fuzz && ./ci-fuzz.sh && cd ..
linting:
runs-on: ubuntu-latest
env:
TOOLCHAIN: stable
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }}
rustup override set ${{ env.TOOLCHAIN }}
- name: Install clippy
run: |
rustup component add clippy
- name: Run default clippy linting
run: |
./ci/check-lint.sh
rustfmt:
runs-on: ubuntu-latest
env:
TOOLCHAIN: 1.63.0
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }}
rustup override set ${{ env.TOOLCHAIN }}
- name: Install rustfmt
run: |
rustup component add rustfmt
- name: Run rustfmt checks
run: ci/rustfmt.sh
incremental-mutants:
runs-on: ubuntu-latest
if: github.ref_name != 'main' # `main` has no diff with itself
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Relative diff
run: |
git branch -av
git diff origin/main.. | tee git.diff
- uses: Swatinem/rust-cache@v2
- name: Mutants
run: |
cargo install cargo-mutants
cargo mutants --no-shuffle -j 2 -vV --in-diff git.diff