Detect underflows in build_closing_transaction
#16147
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration Checks | |
on: | |
push: | |
branches-ignore: | |
- master | |
pull_request: | |
branches-ignore: | |
- master | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
strategy: | |
fail-fast: false | |
matrix: | |
platform: [ ubuntu-latest, windows-latest, macos-latest ] | |
toolchain: [ stable, beta, 1.63.0 ] # 1.63.0 is the MSRV for all crates. | |
exclude: | |
- platform: windows-latest | |
toolchain: 1.63.0 | |
runs-on: ${{ matrix.platform }} | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
- name: Install Rust ${{ matrix.toolchain }} toolchain | |
run: | | |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ matrix.toolchain }} | |
rustup override set ${{ matrix.toolchain }} | |
- name: Install no-std-check dependencies for ARM Embedded | |
if: "matrix.platform == 'ubuntu-latest'" | |
run: | | |
rustup target add thumbv7m-none-eabi | |
sudo apt-get -y install gcc-arm-none-eabi | |
- name: shellcheck the CI and `contrib` scripts | |
if: "matrix.platform == 'ubuntu-latest'" | |
run: | | |
sudo apt-get -y install shellcheck | |
shellcheck ci/*.sh -aP ci | |
shellcheck contrib/*.sh -aP contrib | |
- name: Set RUSTFLAGS to deny warnings | |
if: "matrix.toolchain == '1.63.0'" | |
run: echo "RUSTFLAGS=-D warnings" >> "$GITHUB_ENV" | |
- name: Enable caching for bitcoind | |
id: cache-bitcoind | |
uses: actions/cache@v4 | |
with: | |
path: bin/bitcoind-${{ runner.os }}-${{ runner.arch }} | |
key: bitcoind-${{ runner.os }}-${{ runner.arch }} | |
- name: Enable caching for electrs | |
id: cache-electrs | |
uses: actions/cache@v4 | |
with: | |
path: bin/electrs-${{ runner.os }}-${{ runner.arch }} | |
key: electrs-${{ runner.os }}-${{ runner.arch }} | |
- name: Download bitcoind/electrs | |
if: "matrix.platform != 'windows-latest' && (steps.cache-bitcoind.outputs.cache-hit != 'true' || steps.cache-electrs.outputs.cache-hit != 'true')" | |
run: | | |
source ./contrib/download_bitcoind_electrs.sh | |
mkdir bin | |
mv "$BITCOIND_EXE" bin/bitcoind-${{ runner.os }}-${{ runner.arch }} | |
mv "$ELECTRS_EXE" bin/electrs-${{ runner.os }}-${{ runner.arch }} | |
- name: Set bitcoind/electrs environment variables | |
run: | | |
echo "BITCOIND_EXE=$( pwd )/bin/bitcoind-${{ runner.os }}-${{ runner.arch }}" >> "$GITHUB_ENV" | |
echo "ELECTRS_EXE=$( pwd )/bin/electrs-${{ runner.os }}-${{ runner.arch }}" >> "$GITHUB_ENV" | |
- name: Run CI script | |
shell: bash # Default on Winblows is powershell | |
run: CI_ENV=1 CI_MINIMIZE_DISK_USAGE=1 ./ci/ci-tests.sh | |
coverage: | |
strategy: | |
fail-fast: false | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Rust stable toolchain | |
run: | | |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal | |
- name: Run tests with coverage generation | |
run: | | |
cargo install cargo-llvm-cov | |
export RUSTFLAGS="-Coverflow-checks=off" | |
cargo llvm-cov --features rest-client,rpc-client,tokio,futures,serde --codecov --hide-instantiations --output-path=target/codecov.json | |
# Could you use this to fake the coverage report for your PR? Sure. | |
# Will anyone be impressed by your amazing coverage? No | |
# Maybe if codecov wasn't broken we wouldn't need to do this... | |
bash <(curl -s https://codecov.io/bash) -f target/codecov.json -t "f421b687-4dc2-4387-ac3d-dc3b2528af57" | |
benchmark: | |
runs-on: ubuntu-latest | |
env: | |
TOOLCHAIN: stable | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain | |
run: | | |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }} | |
rustup override set ${{ env.TOOLCHAIN }} | |
- name: Cache routing graph snapshot | |
id: cache-graph | |
uses: actions/cache@v4 | |
with: | |
path: lightning/net_graph-2023-12-10.bin | |
key: ldk-net_graph-v0.0.118-2023-12-10.bin | |
- name: Fetch routing graph snapshot | |
if: steps.cache-graph.outputs.cache-hit != 'true' | |
run: | | |
curl --verbose -L -o lightning/net_graph-2023-12-10.bin https://bitcoin.ninja/ldk-net_graph-v0.0.118-2023-12-10.bin | |
echo "Sha sum: $(sha256sum lightning/net_graph-2023-12-10.bin | awk '{ print $1 }')" | |
if [ "$(sha256sum lightning/net_graph-2023-12-10.bin | awk '{ print $1 }')" != "${EXPECTED_ROUTING_GRAPH_SNAPSHOT_SHASUM}" ]; then | |
echo "Bad hash" | |
exit 1 | |
fi | |
env: | |
EXPECTED_ROUTING_GRAPH_SNAPSHOT_SHASUM: e94b38ef4b3ce683893bf6a3ee28d60cb37c73b059403ff77b7e7458157968c2 | |
- name: Cache scorer snapshot | |
id: cache-scorer | |
uses: actions/cache@v4 | |
with: | |
path: lightning/scorer-2023-12-10.bin | |
key: ldk-scorer-v0.0.118-2023-12-10.bin | |
- name: Fetch scorer snapshot | |
if: steps.cache-scorer.outputs.cache-hit != 'true' | |
run: | | |
curl --verbose -L -o lightning/scorer-2023-12-10.bin https://bitcoin.ninja/ldk-scorer-v0.0.118-2023-12-10.bin | |
echo "Sha sum: $(sha256sum lightning/scorer-2023-12-10.bin | awk '{ print $1 }')" | |
if [ "$(sha256sum lightning/scorer-2023-12-10.bin | awk '{ print $1 }')" != "${EXPECTED_SCORER_SNAPSHOT_SHASUM}" ]; then | |
echo "Bad hash" | |
exit 1 | |
fi | |
env: | |
EXPECTED_SCORER_SNAPSHOT_SHASUM: 570a26bb28870fe1da7e392cdec9fb794718826b04c43ca053d71a8a9bb9be69 | |
- name: Fetch rapid graph sync reference input | |
run: | | |
curl --verbose -L -o lightning-rapid-gossip-sync/res/full_graph.lngossip https://bitcoin.ninja/ldk-compressed_graph-285cb27df79-2022-07-21.bin | |
echo "Sha sum: $(sha256sum lightning-rapid-gossip-sync/res/full_graph.lngossip | awk '{ print $1 }')" | |
if [ "$(sha256sum lightning-rapid-gossip-sync/res/full_graph.lngossip | awk '{ print $1 }')" != "${EXPECTED_RAPID_GOSSIP_SHASUM}" ]; then | |
echo "Bad hash" | |
exit 1 | |
fi | |
env: | |
EXPECTED_RAPID_GOSSIP_SHASUM: e0f5d11641c11896d7af3a2246d3d6c3f1720b7d2d17aab321ecce82e6b7deb8 | |
- name: Test with Network Graph on Rust ${{ matrix.toolchain }} | |
run: | | |
cd lightning | |
RUSTFLAGS="--cfg=require_route_graph_test" cargo test | |
cd .. | |
- name: Run benchmarks on Rust ${{ matrix.toolchain }} | |
run: | | |
cd bench | |
RUSTFLAGS="--cfg=ldk_bench --cfg=require_route_graph_test" cargo bench | |
check_commits: | |
runs-on: ubuntu-latest | |
env: | |
TOOLCHAIN: stable | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain | |
run: | | |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }} | |
rustup override set ${{ env.TOOLCHAIN }} | |
- name: Fetch full tree and rebase on upstream | |
run: | | |
git remote add upstream https://github.com/lightningdevkit/rust-lightning | |
git fetch upstream | |
export GIT_COMMITTER_EMAIL="rl-ci@example.com" | |
export GIT_COMMITTER_NAME="RL CI" | |
git rebase upstream/main | |
- name: For each commit, run cargo check (including in fuzz) | |
run: ci/check-each-commit.sh upstream/main | |
check_release: | |
runs-on: ubuntu-latest | |
env: | |
TOOLCHAIN: stable | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain | |
run: | | |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }} | |
rustup override set ${{ env.TOOLCHAIN }} | |
- name: Run cargo check for release build. | |
run: | | |
cargo check --release | |
cargo check --no-default-features --features=futures,std --release | |
cargo doc --release | |
- name: Run cargo check for Taproot build. | |
run: | | |
cargo check --release | |
cargo check --no-default-features --release | |
cargo check --no-default-features --features=futures,std --release | |
cargo doc --release | |
cargo doc --no-default-features --release | |
env: | |
RUSTFLAGS: '--cfg=taproot' | |
RUSTDOCFLAGS: '--cfg=taproot' | |
fuzz: | |
runs-on: ubuntu-latest | |
env: | |
TOOLCHAIN: 1.63 | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain | |
run: | | |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }} | |
rustup override set ${{ env.TOOLCHAIN }} | |
- name: Install dependencies for honggfuzz | |
run: | | |
sudo apt-get update | |
sudo apt-get -y install build-essential binutils-dev libunwind-dev | |
- name: Pin the regex dependency | |
run: | | |
cd fuzz && cargo update -p regex --precise "1.9.6" --verbose && cd .. | |
- name: Sanity check fuzz targets on Rust ${{ env.TOOLCHAIN }} | |
run: cd fuzz && RUSTFLAGS="--cfg=fuzzing --cfg=secp256k1_fuzz --cfg=hashes_fuzz" cargo test --verbose --color always | |
- name: Run fuzzers | |
run: cd fuzz && ./ci-fuzz.sh && cd .. | |
linting: | |
runs-on: ubuntu-latest | |
env: | |
TOOLCHAIN: stable | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain | |
run: | | |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }} | |
rustup override set ${{ env.TOOLCHAIN }} | |
- name: Install clippy | |
run: | | |
rustup component add clippy | |
- name: Run default clippy linting | |
run: | | |
./ci/check-lint.sh | |
rustfmt: | |
runs-on: ubuntu-latest | |
env: | |
TOOLCHAIN: 1.63.0 | |
steps: | |
- name: Checkout source code | |
uses: actions/checkout@v4 | |
- name: Install Rust ${{ env.TOOLCHAIN }} toolchain | |
run: | | |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }} | |
rustup override set ${{ env.TOOLCHAIN }} | |
- name: Install rustfmt | |
run: | | |
rustup component add rustfmt | |
- name: Run rustfmt checks | |
run: ci/rustfmt.sh | |
incremental-mutants: | |
runs-on: ubuntu-latest | |
if: github.ref_name != 'main' # `main` has no diff with itself | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Relative diff | |
run: | | |
git branch -av | |
git diff origin/main.. | tee git.diff | |
- uses: Swatinem/rust-cache@v2 | |
- name: Mutants | |
run: | | |
cargo install cargo-mutants | |
cargo mutants --no-shuffle -j 2 -vV --in-diff git.diff |