From 84c4ec9253193f861173148b3c3b07bc8f3adcbc Mon Sep 17 00:00:00 2001 From: Ludo Galabru <4290054+vabanaerytk@users.noreply.github.com> Date: Tue, 12 Sep 2023 17:49:31 -0400 Subject: [PATCH 1/2] fix: workflow --- .github/workflows/ci.yaml | 464 ++++---------------------------------- 1 file changed, 47 insertions(+), 417 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3475806..3c2daec 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,447 +1,77 @@ name: CI + on: - pull_request: push: branches: - - main - develop - - rc/next + - main + tags-ignore: + - "**" + paths-ignore: + - "**/CHANGELOG.md" + pull_request: workflow_dispatch: jobs: - pre_run: - name: Cancel previous runs + build-publish: runs-on: ubuntu-latest steps: - - name: Cancel Previous Runs - uses: styfle/cancel-workflow-action@ad6cb1b847ffb509a69b745b6ee2f1d14dfe14b8 + - uses: actions/checkout@v2 with: - access_token: ${{ github.token }} + token: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }} + fetch-depth: 0 persist-credentials: false - get_release_info: - name: Get Release Info - runs-on: ubuntu-latest - needs: pre_run - outputs: - tag: ${{ steps.new_release_tag.outputs.TAG }} - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - submodules: recursive - - - name: Get latest release - if: startsWith(github.ref, 'refs/heads/main') - id: release - uses: pozetroninc/github-action-get-latest-release@master - with: - repository: ${{ github.repository }} - excludes: prerelease, draft - - - name: Determine if release build - if: startsWith(github.ref, 'refs/heads/main') - id: new_release_tag - env: - LATEST_RELEASE: ${{ steps.release.outputs.release }} - run: | - CARGO_VERSION=v$(grep "version" components/chainhook-cli/Cargo.toml | head -n 1 | cut -d\" -f2) - if [[ "${CARGO_VERSION}" != "${LATEST_RELEASE}" ]]; then - echo "::set-output name=TAG::${CARGO_VERSION}" - echo "::warning::Will create release for version: ${CARGO_VERSION}" - else - echo "::warning::Will not create a release" - fi - - audit: - name: Audit and format - runs-on: ubuntu-latest - needs: pre_run - steps: - - name: Checkout repository - uses: actions/checkout@v3 - with: - submodules: recursive - - - name: Install Rust toolchain - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - profile: minimal - components: rustfmt - override: true - - - name: Set Cargo file permissions - run: sudo chown -R $(whoami):$(id -ng) ~/.cargo/ - - - name: Cache cargo - uses: actions/cache@v2 - with: - path: ~/.cargo/ - key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - - - name: Install dependencies - run: cargo install cargo-audit - - - name: Run audit - run: cargo audit --ignore RUSTSEC-2021-0076 --ignore RUSTSEC-2021-0119 --ignore RUSTSEC-2022-0028 --ignore RUSTSEC-2020-0071 --ignore RUSTSEC-2021-0124 --ignore RUSTSEC-2022-0040 --ignore RUSTSEC-2023-0018 - - - name: Run rustfmt - run: cargo fmt --all -- --check - - # test_coverage_cargo: - # name: Generate test coverage - # runs-on: ubuntu-latest - # needs: pre_run - # strategy: - # fail-fast: false - # matrix: - # include: - # - name: clarinet - # working-directory: components/clarinet-cli - # - name: clarity-repl - # working-directory: components/clarity-repl - # - name: chainhook-cli - # working-directory: components/chainhook-event-observer - # steps: - # - name: Checkout repository - # uses: actions/checkout@v3 - # with: - # submodules: recursive - - # - name: Install Rust toolchain stable - # uses: actions-rs/toolchain@v1 - # with: - # toolchain: stable - # profile: minimal - # override: true - - # - name: Cache cargo - # uses: actions/cache@v2 - # id: cache-cargo - # with: - # path: | - # ~/.cargo/bin/ - # ~/.cargo/registry/index/ - # ~/.cargo/registry/cache/ - # ~/.cargo/git/db/ - # target/ - # key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - - # - name: Install dependencies - # if: steps.cache-cargo.outputs.cache-hit != 'true' - # run: RUSTC_BOOTSTRAP=1 cargo install grcov - - # - name: Install Rust toolchain - # uses: actions-rs/toolchain@v1 - # with: - # toolchain: stable - # profile: minimal - # components: llvm-tools-preview - # override: true - - # - name: Unit Tests - # env: - # RUSTFLAGS: "-C instrument-coverage" - # LLVM_PROFILE_FILE: "${{ matrix.name }}-%p-%m.profraw" - # run: cargo build --package=clarinet-cli --locked && cargo test --package=clarinet-cli - - # - name: Generate coverage - # run: grcov . --binary-path ./target/debug/ -s . -t lcov --branch --ignore-not-existing --ignore "/*" -o lcov.info - - # # Run functional tests here in addition to the other jobs so we can fail fast - # # Since these tests are reached much earlier in the pipeline - # - name: Functional Tests - # if: matrix.name == 'clarinet' - # run: | - # for testdir in $(ls components/clarinet-cli/examples); do - # ./target/debug/clarinet test --manifest-path components/clarinet-cli/examples/${testdir}/Clarinet.toml - # done - - # - name: Upload coverage report - # uses: codecov/codecov-action@v1 - # with: - # flags: unittests - # name: ${{ matrix.name }} - # verbose: true - - dist_chainhook: - name: Build Chainhook Distributions - runs-on: ${{ matrix.os }} - needs: pre_run - # Related upstream issue: - # https://github.com/nagisa/rust_libloading/issues/61#issuecomment-607941377 - # - # env: - # CC: deny_c - - strategy: - fail-fast: false - matrix: - include: - - os: ubuntu-latest - platform: linux - target: x86_64-unknown-linux-gnu - architecture: x64 - libc: glibc - - os: windows-latest - platform: windows - target: x86_64-pc-windows-msvc - architecture: x64 - - os: macos-latest - platform: darwin - target: x86_64-apple-darwin - architecture: x64 - - os: macos-latest - platform: darwin - target: aarch64-apple-darwin - architecture: arm64 - - steps: - - name: Configure git to use LF (Windows) - if: matrix.os == 'windows-latest' - run: | - git config --global core.autocrlf false - git config --global core.eol lf - - - name: Checkout repository - uses: actions/checkout@v3 - with: - submodules: recursive - - - name: Install Rust toolchain - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - target: ${{ matrix.target }} - profile: minimal - components: llvm-tools-preview - override: true - - - name: Install wix (Windows) - if: matrix.os == 'windows-latest' - run: cargo install cargo-wix - - - if: matrix.os != 'windows-latest' - run: sudo chown -R $(whoami):$(id -ng) ~/.cargo/ - - - name: Cache cargo - uses: actions/cache@v2 - with: - path: | - ~/.cargo/bin/ - ~/.cargo/registry/index/ - ~/.cargo/registry/cache/ - ~/.cargo/git/db/ - target/${{ matrix.target }}/release/ - key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - - # Set environment variables required from cross compiling from macos-x86_64 to macos-arm64 - - name: Configure macos-arm64 cross compile config - if: matrix.target == 'aarch64-apple-darwin' - run: | - echo "SDKROOT=$(xcrun -sdk macosx --show-sdk-path)" >> $GITHUB_ENV - echo "MACOSX_DEPLOYMENT_TARGET=$(xcrun -sdk macosx --show-sdk-platform-version)" >> $GITHUB_ENV - - - name: Configure artifact names (libc) - if: ${{ matrix.libc }} - shell: bash - run: | - echo "SHORT_TARGET_NAME=${{ matrix.platform }}-${{ matrix.architecture }}-${{ matrix.libc }}" >> $GITHUB_ENV - echo "PRE_GYP_TARGET_NAME=${{ matrix.platform }}-${{ matrix.architecture }}-${{ matrix.libc }}" >> $GITHUB_ENV - - - name: Configure artifact names (not libc) - if: ${{ ! matrix.libc }} - shell: bash - run: | - echo "SHORT_TARGET_NAME=${{ matrix.platform }}-${{ matrix.architecture }}" >> $GITHUB_ENV - echo "PRE_GYP_TARGET_NAME=${{ matrix.platform }}-${{ matrix.architecture }}-unknown" >> $GITHUB_ENV - - - name: Build - Cargo - if: matrix.target != 'x86_64-unknown-linux-musl' - run: cargo build --release --features=telemetry --locked --target ${{ matrix.target }} - - - name: Code sign bin (Windows) - if: startsWith(github.ref, 'refs/heads/main') && matrix.os == 'windows-latest' - run: | - $certificate_file_name = "${env:TEMP}\certificate.pfx" - - $bytes_cert = [Convert]::FromBase64String('${{ secrets.WINDOWS_CODE_SIGNING_CERTIFICATE }}') - [IO.File]::WriteAllBytes(${certificate_file_name}, ${bytes_cert}) - - $signtool_path = ((Resolve-Path -Path "${env:ProgramFiles(x86)}/Windows Kits/10/bin/10*/x86").Path[-1]) + "/signtool.exe" - $bin_path = (Resolve-Path -Path "target/${{ matrix.target }}/release/chainhook.exe").Path - & ${signtool_path} sign ` - /d "Clarinet is a clarity runtime packaged as a command line tool, designed to facilitate smart contract understanding, development, testing and deployment." ` - /du "https://github.com/hirosystems/chainhook" ` - /tr http://timestamp.digicert.com ` - /td sha256 ` - /fd sha256 ` - -f "${certificate_file_name}" ` - -p "${{ secrets.WINDOWS_CODE_SIGNING_PASSWORD }}" ` - "${bin_path}" - - - name: Build Installer (Windows) - if: matrix.os == 'windows-latest' - run: cargo wix -v --no-build --nocapture -p chainhook-cli - - - name: Code sign installer (Windows) - if: startsWith(github.ref, 'refs/heads/main') && matrix.os == 'windows-latest' + - name: Cargo test run: | - $certificate_file_name = "${env:TEMP}\certificate.pfx" - - $bytes_cert = [Convert]::FromBase64String('${{ secrets.WINDOWS_CODE_SIGNING_CERTIFICATE }}') - [IO.File]::WriteAllBytes(${certificate_file_name}, ${bytes_cert}) - - $signtool_path = ((Resolve-Path -Path "${env:ProgramFiles(x86)}/Windows Kits/10/bin/10*/x86").Path[-1]) + "/signtool.exe" - $msi_path = (Resolve-Path -Path "target/wix/*.msi").Path - & ${signtool_path} sign ` - /d "Clarinet is a clarity runtime packaged as a command line tool, designed to facilitate smart contract understanding, development, testing and deployment." ` - /du "https://github.com/hirosystems/chainhook" ` - /tr http://timestamp.digicert.com ` - /td sha256 ` - /fd sha256 ` - -f "${certificate_file_name}" ` - -p "${{ secrets.WINDOWS_CODE_SIGNING_PASSWORD }}" ` - "${msi_path}" - - # Don't compress for Windows because winget can't yet unzip files - - name: Compress cargo artifact (Linux) - if: matrix.os != 'windows-latest' - run: tar -C target/${{ matrix.target }}/release -zcvf chainhook-${{ env.SHORT_TARGET_NAME }}.tar.gz chainhook - - - name: Rename cargo artifact (Windows) - if: matrix.os == 'windows-latest' - shell: bash - run: mv target/wix/*.msi chainhook-${{ env.SHORT_TARGET_NAME }}.msi - - # Separate uploads to prevent paths from being preserved - - name: Upload cargo artifacts (Linux) - if: matrix.os != 'windows-latest' - uses: actions/upload-artifact@v2 - with: - name: chainhook-${{ env.SHORT_TARGET_NAME }} - path: chainhook-${{ env.SHORT_TARGET_NAME }}.tar.gz - - - name: Upload cargo artifact (Windows) - if: matrix.os == 'windows-latest' - uses: actions/upload-artifact@v2 + rustup update + cargo check + cargo test --all + + - name: Semantic Release + uses: cycjimmy/semantic-release-action@v3 + id: semantic + # Only run on non-PR events or only PRs that aren't from forks + if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }} + SEMANTIC_RELEASE_PACKAGE: ${{ github.event.repository.name }} with: - name: chainhook-${{ env.SHORT_TARGET_NAME }} - path: chainhook-${{ env.SHORT_TARGET_NAME }}.msi + semantic_version: 19 + extra_plugins: | + @semantic-release/changelog@6.0.3 + @semantic-release/git@10.0.1 + conventional-changelog-conventionalcommits@6.1.0 - - name: Unit Tests - Cargo - # can't easily run mac-arm64 tests in GH without native runners for that arch - if: matrix.target != 'aarch64-apple-darwin' - run: cargo test --release --locked --target ${{ matrix.target }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 - # - name: Functional Tests (Linux) - # # can't easily run mac-arm64 tests in GH without native runners for that arch - # if: matrix.os != 'windows-latest' && matrix.target != 'aarch64-apple-darwin' - # run: | - # for testdir in $(ls components/chainhook-cli/examples); do - # ./target/${{ matrix.target }}/release/clarinet test --manifest-path components/clarinet-cli/examples/${testdir}/Clarinet.toml - # done - - # - name: Functional Tests (Windows) - # if: matrix.os == 'windows-latest' - # run: | - # foreach($testdir in Get-ChildItem components/clarinet-cli/examples) { - # ./target/${{ matrix.target }}/release/clarinet test --manifest-path ${testdir}/Clarinet.toml - # } - - docker_images: - name: Create ${{ matrix.name }} Docker Image - runs-on: ubuntu-latest - needs: - - get_release_info - - dist_chainhook_node - outputs: - version: ${{ steps.docker_meta.outputs.version }} - strategy: - fail-fast: false - matrix: - include: - - name: Chainhook Node - description: A Stacks event observer. - image: ${{ github.repository_owner }}/chainhook-cli - artifact: chainhook-cli-linux-x64-glibc - dockerfile: dockerfiles/components/chainhook-cli.dockerfile - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - submodules: recursive - - - name: Generate Docker tags/labels - id: docker_meta + - name: Docker Meta + id: meta uses: docker/metadata-action@v4 with: - images: ${{ matrix.image }} + images: | + blockstack/${{ github.event.repository.name }} + hirosystems/${{ github.event.repository.name }} tags: | type=ref,event=branch type=ref,event=pr - type=semver,pattern={{version}},value=${{ needs.get_release_info.outputs.tag }},enable=${{ needs.get_release_info.outputs.tag != '' }} - type=semver,pattern={{major}}.{{minor}},value=${{ needs.get_release_info.outputs.tag }},enable=${{ needs.get_release_info.outputs.tag != '' }} - labels: | - org.opencontainers.image.title=${{ matrix.name }} - org.opencontainers.image.description=${{ matrix.description }} + type=semver,pattern={{version}},value=${{ steps.semantic.outputs.new_release_version }},enable=${{ steps.semantic.outputs.new_release_version != '' }} + type=semver,pattern={{major}}.{{minor}},value=${{ steps.semantic.outputs.new_release_version }},enable=${{ steps.semantic.outputs.new_release_version != '' }} + type=raw,value=latest,enable={{is_default_branch}} - - name: Login to Dockerhub + - name: Login to DockerHub uses: docker/login-action@v2 - if: github.event_name != 'pull_request' with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Download pre-built dist - uses: actions/download-artifact@v3 - with: - name: ${{ matrix.artifact }} - - - name: Untar pre-built dist - run: tar zxvf *.tar.gz - - - name: Create Image - uses: docker/build-push-action@v3 + - name: Build/Tag/Push Image + uses: docker/build-push-action@v2 with: context: . - file: ${{ matrix.dockerfile }} - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.docker_meta.outputs.tags }} - labels: ${{ steps.docker_meta.outputs.labels }} - - release: - name: Release - runs-on: ubuntu-latest - if: startsWith(github.ref, 'refs/heads/main') && needs.get_release_info.outputs.tag != '' - needs: - - get_release_info - - audit - # - test_coverage_cargo - - docker_images - permissions: - actions: write - contents: write - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - submodules: recursive - - - name: Download pre-built dists - uses: actions/download-artifact@v3 - - - name: Tag and Release - uses: ncipollo/release-action@v1 - with: - artifacts: "**/*.tar.gz,**/*.msi" - tag: ${{ needs.get_release_info.outputs.tag }} - commit: ${{ env.GITHUB_SHA }} - - - name: Trigger pkg-version-bump workflow - uses: peter-evans/repository-dispatch@v1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - event-type: released - client-payload: '{"tag": "${{ needs.get_release_info.outputs.tag }}"}' + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + file: ./dockerfiles/components/chainhook.dockerfile + # Only push if (there's a new release on main branch, or if building a non-main branch) and (Only run on non-PR events or only PRs that aren't from forks) + push: ${{ (github.ref != 'refs/heads/master' || steps.semantic.outputs.new_release_version != '') && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) }} From 028711d6cd354ddfe5f39cfab84253dcb2897f13 Mon Sep 17 00:00:00 2001 From: Ludo Galabru <4290054+vabanaerytk@users.noreply.github.com> Date: Tue, 12 Sep 2023 17:49:54 -0400 Subject: [PATCH 2/2] chore: clean gitignore --- .gitignore | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 837e005..06ccb5f 100644 --- a/.gitignore +++ b/.gitignore @@ -12,16 +12,9 @@ npm-debug.log* **/.requirements **/.cache **/.build -components/stacks-devnet-js/dist -components/stacks-devnet-js/build components/chainhook-types-js/dist *.tar.gz *.zip *.rdb - -components/chainhook-db/examples/arkadiko-data-indexing/vault-monitor/bin -components/chainhook-db/examples/arkadiko-data-indexing/vault-monitor/tmp -components/chainhook-db/examples/arkadiko-data-indexing/vault-monitor/vendor -components/chainhook-cli/cache -components/chainhook-cli/index.redb +*.redb cache/