Use lockfile with cross and fix audit fail (#4656) #13427
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: test-suite | |
on: | |
push: | |
branches: | |
- stable | |
- staging | |
- trying | |
- 'pr/*' | |
pull_request: | |
merge_group: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
# Deny warnings in CI | |
# Disable debug info (see https://github.com/sigp/lighthouse/issues/4005) | |
RUSTFLAGS: "-D warnings -C debuginfo=0" | |
# The Nightly version used for cargo-udeps, might need updating from time to time. | |
PINNED_NIGHTLY: nightly-2023-04-16 | |
# Prevent Github API rate limiting. | |
LIGHTHOUSE_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# Enable self-hosted runners for the sigp repo only. | |
SELF_HOSTED_RUNNERS: ${{ github.repository == 'sigp/lighthouse' }} | |
# Self-hosted runners need to reference a different host for `./watch` tests. | |
WATCH_HOST: ${{ github.repository == 'sigp/lighthouse' && 'host.docker.internal' || 'localhost' }} | |
jobs: | |
target-branch-check: | |
name: target-branch-check | |
runs-on: ubuntu-latest | |
if: github.event_name == 'pull_request' || github.event_name == 'merge_group' | |
steps: | |
- name: Check that the pull request is not targeting the stable branch | |
run: test ${{ github.base_ref }} != "stable" | |
extract-msrv: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Extract Minimum Supported Rust Version (MSRV) | |
run: | | |
metadata=$(cargo metadata --no-deps --format-version 1) | |
msrv=$(echo $metadata | jq -r '.packages | map(select(.name == "lighthouse")) | .[0].rust_version') | |
echo "MSRV=$msrv" >> $GITHUB_OUTPUT | |
id: extract_msrv | |
outputs: | |
MSRV: ${{ steps.extract_msrv.outputs.MSRV }} | |
cargo-fmt: | |
name: cargo-fmt | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Check formatting with cargo fmt | |
run: make cargo-fmt | |
release-tests-ubuntu: | |
name: release-tests-ubuntu | |
# Use self-hosted runners only on the sigp repo. | |
runs-on: ${{ github.repository == 'sigp/lighthouse' && fromJson('["self-hosted", "linux", "large"]') || 'ubuntu-latest' }} | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
if: env.SELF_HOSTED_RUNNERS == false | |
run: rustup update stable | |
- name: Install Foundry (anvil) | |
uses: foundry-rs/foundry-toolchain@v1 | |
- name: Run tests in release | |
run: make test-release | |
release-tests-windows: | |
name: release-tests-windows | |
runs-on: ${{ github.repository == 'sigp/lighthouse' && fromJson('["self-hosted", "windows"]') || 'windows-2019' }} | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
if: env.SELF_HOSTED_RUNNERS == false | |
run: rustup update stable | |
- name: Use Node.js | |
uses: actions/setup-node@v2 | |
with: | |
node-version: '14' | |
- name: Install windows build tools | |
run: | | |
choco install python visualstudio2019-workload-vctools -y | |
npm config set msvs_version 2019 | |
- name: Install Foundry (anvil) | |
uses: foundry-rs/foundry-toolchain@v1 | |
- name: Install make | |
run: choco install -y make | |
- uses: KyleMayes/install-llvm-action@v1 | |
if: env.SELF_HOSTED_RUNNERS == false | |
with: | |
version: "15.0" | |
directory: ${{ runner.temp }}/llvm | |
- name: Set LIBCLANG_PATH | |
run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV | |
- name: Run tests in release | |
run: make test-release | |
beacon-chain-tests: | |
name: beacon-chain-tests | |
# Use self-hosted runners only on the sigp repo. | |
runs-on: ${{ github.repository == 'sigp/lighthouse' && fromJson('["self-hosted", "linux", "large"]') || 'ubuntu-latest' }} | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
if: env.SELF_HOSTED_RUNNERS == false | |
run: rustup update stable | |
- name: Run beacon_chain tests for all known forks | |
run: make test-beacon-chain | |
op-pool-tests: | |
name: op-pool-tests | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Run operation_pool tests for all known forks | |
run: make test-op-pool | |
slasher-tests: | |
name: slasher-tests | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Run slasher tests for all supported backends | |
run: make test-slasher | |
debug-tests-ubuntu: | |
name: debug-tests-ubuntu | |
# Use self-hosted runners only on the sigp repo. | |
runs-on: ${{ github.repository == 'sigp/lighthouse' && fromJson('["self-hosted", "linux", "large"]') || 'ubuntu-latest' }} | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
if: env.SELF_HOSTED_RUNNERS == false | |
run: rustup update stable | |
- name: Install Foundry (anvil) | |
uses: foundry-rs/foundry-toolchain@v1 | |
- name: Run tests in debug | |
run: make test-debug | |
state-transition-vectors-ubuntu: | |
name: state-transition-vectors-ubuntu | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Run state_transition_vectors in release. | |
run: make run-state-transition-tests | |
ef-tests-ubuntu: | |
name: ef-tests-ubuntu | |
# Use self-hosted runners only on the sigp repo. | |
runs-on: ${{ github.repository == 'sigp/lighthouse' && fromJson('["self-hosted", "linux", "small"]') || 'ubuntu-latest' }} | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
if: env.SELF_HOSTED_RUNNERS == false | |
run: rustup update stable | |
- name: Run consensus-spec-tests with blst, milagro and fake_crypto | |
run: make test-ef | |
dockerfile-ubuntu: | |
name: dockerfile-ubuntu | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Build the root Dockerfile | |
run: docker build --build-arg FEATURES=portable -t lighthouse:local . | |
- name: Test the built image | |
run: docker run -t lighthouse:local lighthouse --version | |
eth1-simulator-ubuntu: | |
name: eth1-simulator-ubuntu | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Install Foundry (anvil) | |
uses: foundry-rs/foundry-toolchain@v1 | |
- name: Run the beacon chain sim that starts from an eth1 contract | |
run: cargo run --release --bin simulator eth1-sim | |
merge-transition-ubuntu: | |
name: merge-transition-ubuntu | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Install Foundry (anvil) | |
uses: foundry-rs/foundry-toolchain@v1 | |
- name: Run the beacon chain sim and go through the merge transition | |
run: cargo run --release --bin simulator eth1-sim --post-merge | |
no-eth1-simulator-ubuntu: | |
name: no-eth1-simulator-ubuntu | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Run the beacon chain sim without an eth1 connection | |
run: cargo run --release --bin simulator no-eth1-sim | |
syncing-simulator-ubuntu: | |
name: syncing-simulator-ubuntu | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Install Foundry (anvil) | |
uses: foundry-rs/foundry-toolchain@v1 | |
- name: Run the syncing simulator | |
run: cargo run --release --bin simulator syncing-sim | |
doppelganger-protection-test: | |
name: doppelganger-protection-test | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Install geth | |
run: | | |
sudo add-apt-repository -y ppa:ethereum/ethereum | |
sudo apt-get update | |
sudo apt-get install ethereum | |
- name: Install lighthouse and lcli | |
run: | | |
make | |
make install-lcli | |
- name: Run the doppelganger protection failure test script | |
run: | | |
cd scripts/tests | |
./doppelganger_protection.sh failure genesis.json | |
- name: Run the doppelganger protection success test script | |
run: | | |
cd scripts/tests | |
./doppelganger_protection.sh success genesis.json | |
execution-engine-integration-ubuntu: | |
name: execution-engine-integration-ubuntu | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: '1.20' | |
- uses: actions/setup-dotnet@v3 | |
with: | |
dotnet-version: '6.0.201' | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Run exec engine integration tests in release | |
run: make test-exec-engine | |
check-benchmarks: | |
name: check-benchmarks | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Typecheck benchmark code without running it | |
run: make check-benches | |
clippy: | |
name: clippy | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Lint code for quality and style with Clippy | |
run: make lint | |
- name: Certify Cargo.lock freshness | |
run: git diff --exit-code Cargo.lock | |
check-msrv: | |
name: check-msrv | |
runs-on: ubuntu-latest | |
needs: [cargo-fmt, extract-msrv] | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install Rust @ MSRV (${{ needs.extract-msrv.outputs.MSRV }}) | |
run: rustup override set ${{ needs.extract-msrv.outputs.MSRV }} | |
- name: Run cargo check | |
run: cargo check --workspace | |
arbitrary-check: | |
name: arbitrary-check | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Validate state_processing feature arbitrary-fuzz | |
run: make arbitrary-fuzz | |
cargo-audit: | |
name: cargo-audit | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get latest version of stable Rust | |
run: rustup update stable | |
- name: Run cargo audit to identify known security vulnerabilities reported to the RustSec Advisory Database | |
run: make audit | |
cargo-vendor: | |
name: cargo-vendor | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Run cargo vendor to make sure dependencies can be vendored for packaging, reproducibility and archival purpose | |
run: CARGO_HOME=$(readlink -f $HOME) make vendor | |
cargo-udeps: | |
name: cargo-udeps | |
runs-on: ubuntu-latest | |
needs: cargo-fmt | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install Rust (${{ env.PINNED_NIGHTLY }}) | |
run: rustup toolchain install $PINNED_NIGHTLY | |
- name: Install cargo-udeps | |
run: cargo install cargo-udeps --locked --force | |
- name: Create Cargo config dir | |
run: mkdir -p .cargo | |
- name: Install custom Cargo config | |
run: cp -f .github/custom/config.toml .cargo/config.toml | |
- name: Run cargo udeps to identify unused crates in the dependency graph | |
run: make udeps | |
env: | |
# Allow warnings on Nightly | |
RUSTFLAGS: "" | |
compile-with-beta-compiler: | |
name: compile-with-beta-compiler | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install dependencies | |
run: sudo apt install -y git gcc g++ make cmake pkg-config llvm-dev libclang-dev clang | |
- name: Use Rust beta | |
run: rustup override set beta | |
- name: Run make | |
run: make |