diff --git a/.github/workflows/actionlint-exceptions.txt b/.github/workflows/actionlint-exceptions.txt deleted file mode 100644 index 74f116c2684..00000000000 --- a/.github/workflows/actionlint-exceptions.txt +++ /dev/null @@ -1,4 +0,0 @@ -.github/workflows/haskell.yml -.github/workflows/release-ghcr.yaml -.github/workflows/release-upload.yaml -.github/workflows/stylish-haskell.yml diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml deleted file mode 100644 index 01b989474df..00000000000 --- a/.github/workflows/actionlint.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Actionlint - -on: - merge_group: - pull_request: - -jobs: - actionlint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - # We want to install Nix to provision shellcheck, so that actionlint doesn't install - # its own shellcheck. This will also make sure that this pipeline runs using - # the same shellcheck as the ones in Nix shells of developers. - - name: Install Nix with good defaults - uses: input-output-hk/install-nix-action@v20 - with: - extra_nix_config: | - trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= - substituters = https://cache.nixos.org/ https://cache.iog.io/ - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/install-nix-action@v18 - with: - nix_path: nixpkgs=channel:nixos-unstable - # Make the Nix environment available to next steps - - uses: rrbutani/use-nix-shell-action@v1 - - - name: actionlint - run: | - for file in $(git ls-files ".github/workflows/*.y*ml") - do - if grep -q "$file" ".github/workflows/actionlint-exceptions.txt" - then - echo "⚠️ $file is ignored from actionlint's verifications. Please consider fixing it." - else - echo "actionlint $file" - actionlint "$file" - fi - done diff --git a/.github/workflows/cabal.project.local.ci b/.github/workflows/cabal.project.local.ci deleted file mode 100644 index 6a1d077fa8e..00000000000 --- a/.github/workflows/cabal.project.local.ci +++ /dev/null @@ -1,2 +0,0 @@ -package HsOpenSSL - flags: +use-pkg-config diff --git a/.github/workflows/check-cabal-files.yml b/.github/workflows/check-cabal-files.yml deleted file mode 100644 index f30d2e80f18..00000000000 --- a/.github/workflows/check-cabal-files.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: Check cabal files - -on: - pull_request: # Required for workflows to be able to be approved from forks - merge_group: - -jobs: - check-cabal-files: - runs-on: ubuntu-latest - - steps: - - name: Install Haskell - uses: input-output-hk/actions/haskell@latest - id: setup-haskell - with: - cabal-version: "3.10.2.0" - - - uses: actions/checkout@v3 - - - name: Cabal check - run: ./scripts/ci/check-cabal-files.sh diff --git a/.github/workflows/check-git-dependencies.yml b/.github/workflows/check-git-dependencies.yml deleted file mode 100644 index 2ca0c42be03..00000000000 --- a/.github/workflows/check-git-dependencies.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: Check git dependencies - -on: - pull_request: # Required for workflows to be able to be approved from forks - merge_group: - -jobs: - build: - runs-on: ubuntu-latest - - defaults: - run: - shell: bash - - steps: - - - uses: actions/checkout@v3 - - - name: Check git dependencies - run: | - .github/bin/check-git-dependencies diff --git a/.github/workflows/check-hlint.yml b/.github/workflows/check-hlint.yml deleted file mode 100644 index 33376132a33..00000000000 --- a/.github/workflows/check-hlint.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: Check HLint - -on: - pull_request: # Required for workflows to be able to be approved from forks - merge_group: - -jobs: - build: - runs-on: ubuntu-latest - - defaults: - run: - shell: bash - - steps: - - - uses: actions/checkout@v3 - - - name: Install dependencies - run: | - sudo apt-get -y install libtinfo5 - - - name: 'Set up HLint' - uses: rwe/actions-hlint-setup@v1 - with: - version: 3.3 - - - name: 'Run HLint' - uses: rwe/actions-hlint-run@v2 diff --git a/.github/workflows/check-mainnet-config.yml b/.github/workflows/check-mainnet-config.yml deleted file mode 100644 index acbbc250811..00000000000 --- a/.github/workflows/check-mainnet-config.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: Check mainnet configuration - -on: - push: - merge_group: - -jobs: - build: - runs-on: ubuntu-latest - - defaults: - run: - shell: bash - - steps: - - - name: Install Nix - uses: cachix/install-nix-action@v27 - with: - # Use last stable nixos channel and the same nix as in channel: - nix_path: nixpkgs=channel:nixos-24.05 - github_access_token: ${{ secrets.GITHUB_TOKEN }} - extra_nix_config: | - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} - experimental-features = nix-command flakes - allow-import-from-derivation = true - substituters = https://cache.nixos.org https://cache.iog.io - trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= - - - uses: actions/checkout@v3 - - - name: Refresh cardano-node mainnet configuration - run: | - nix build --no-update-lock-file .#hydraJobs.cardano-deployment - - - name: Check if configuration from nix is a superset of in-repo configuration - run: | - set -uo pipefail - - test_files=( - 'mainnet-alonzo-genesis.json' - 'mainnet-byron-genesis.json' - 'mainnet-config.json' - 'mainnet-shelley-genesis.json' - 'mainnet-topology.json' - ) - - for f in "${test_files[@]}"; do - nix_file="result/$f" - repo_file="configuration/cardano/$f" - if ! jq -e --slurpfile nix "$nix_file" --slurpfile repo "$repo_file" -n '$repo | reduce keys[] as $k (true; . and $repo[$k] == $nix[$k])' &>/dev/null ; then - echo "Nix file $nix_file does not have all the same top-level entries as the file from repository $repo_file" - diff "$nix_file" "$repo_file" - exit 1 - fi - done diff --git a/.github/workflows/continuous_integration.yml b/.github/workflows/continuous_integration.yml new file mode 100644 index 00000000000..243a786bcd3 --- /dev/null +++ b/.github/workflows/continuous_integration.yml @@ -0,0 +1,62 @@ +name: Build + +env: + NIX_SHELL="github:CardanoSolutions/devx#ghc94-static-minimal-iog" + NIX_OPTS="--no-write-lock-file --refresh" + +on: + push: + branches: [ "master", "v*.*.*" ] + +jobs: + continuous_integration: + strategy: + matrix: + os: [ linux, macos ] + arch: [ x86_64, aarch64 ] + compiler: [ ghc948 ] + exclude: + - os: linux + arch: aarch64 + - os: macos + arch: x86_64 + + runs-on: ${{ (matrix.os == 'linux' && 'ubuntu-latest') || 'macos-latest') }} + + steps: + + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Install Nix + uses: cachix/install-nix-action@v22 + with: + extra_nix_config: | + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= loony-tools:pr9m4BkM/5/eSTZlkQyRt57Jz7OMBxNSUiMC4FkcNfk= + substituters = https://cache.zw3rk.com/ https://cache.nixos.org/ + nix_path: nixpkgs=channel:nixos-unstable + + - name: Prepare Cache + shell: bash + run: | + if [ "$OS" == "macos" ]; then + nix develop $NIX_SHELL $NIX_OPTS --command bash -c "cat /nix/store/l0np941gvmpqcgxankbgb7zpl4mj332v-cabal.project.local >> cabal.project.local" + else + nix develop $NIX_SHELL $NIX_OPTS --command bash -c "cat /nix/store/vd865r55pdbndjwh994h90m35qq77x44-cabal.project.local >> cabal.project.local" + fi + nix develop $NIX_SHELL $NIX_OPTS --command bash -c "cabal update && cabal freeze" + + - name: Cache + uses: actions/cache@v3 + with: + path: | + ~/.cabal-static/packages + ~/.cabal-static/store + key: cabal-${{ matrix.os }}-${{ matrix.arch }}-${{ matrix.compiler }}-${{ hashFiles('cabal.project.freeze') }} + restore-keys: | + cabal-${{ matrix.os }}-${{ matrix.arch }}-${{ matrix.compiler }} + + - name: Build + shell: bash + run: | + nix develop $NIX_SHELL $NIX_OPTS --command bash -c "cabal build kupo:exe:kupo" diff --git a/.github/workflows/github-page.yml b/.github/workflows/github-page.yml deleted file mode 100644 index 2bfe19bd8ec..00000000000 --- a/.github/workflows/github-page.yml +++ /dev/null @@ -1,66 +0,0 @@ -name: "Haddock documentation" - -on: - push: - branches: - - master - -jobs: - build: - runs-on: ubuntu-latest - - defaults: - run: - shell: bash - - steps: - - name: Install Nix - uses: cachix/install-nix-action@v18 - with: - # Use last stable nixos channel and the same nix as in channel: - nix_path: nixpkgs=channel:nixos-24.05 - github_access_token: ${{ secrets.GITHUB_TOKEN }} - extra_nix_config: | - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} - experimental-features = nix-command flakes - allow-import-from-derivation = true - substituters = https://cache.nixos.org https://cache.iog.io - trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= - - - uses: actions/checkout@v3 - - - name: Fetch nix cache and update cabal indices - run: | - nix develop .\#project.x86_64-linux.projectVariants.ghc964.shell --command \ - cabal update - - - name: Build whole project - run: | - nix develop .\#project.x86_64-linux.projectVariants.ghc964.shell --command \ - cabal build all - - - name: Build documentation - run: | - nix develop .\#project.x86_64-linux.projectVariants.ghc964.shell --command \ - cabal haddock-project --local --output=./haddocks --internal --foreign-libraries - - - name: Compress haddocks - run: | - tar -czf haddocks.tgz -C haddocks . - - - name: Upload haddocks artifact - uses: actions/upload-artifact@v4 - if: ${{ always() }} - continue-on-error: true - with: - name: haddocks - path: ./haddocks.tgz - - - name: Deploy documentation to gh-pages 🚀 - if: github.ref == 'refs/heads/master' - uses: peaceiris/actions-gh-pages@v3 - with: - github_token: ${{ secrets.GITHUB_TOKEN || github.token }} - publish_dir: haddocks - cname: cardano-node.cardano.intersectmbo.org - force_orphan: true diff --git a/.github/workflows/haskell.yml b/.github/workflows/haskell.yml deleted file mode 100644 index 3b9bf800118..00000000000 --- a/.github/workflows/haskell.yml +++ /dev/null @@ -1,262 +0,0 @@ -name: Haskell CI - -on: - pull_request: # Required for workflows to be able to be approved from forks - merge_group: - - # DO NOT DELETE. - # This is required for nightly builds and is invoked by nightly-trigger.yml - # on a schedule trigger. - workflow_dispatch: - inputs: - reason: - description: 'Reason' - required: false - default: manual - tests: - description: 'Tests' - required: false - default: some - -jobs: - build: - runs-on: ${{ matrix.os }} - - strategy: - fail-fast: false - matrix: - # If you edit these versions, make sure the version in the lonely macos-latest job below is updated accordingly - ghc: ["9.6.4", "9.8.1"] - cabal: ["3.10.2.1"] - os: [windows-latest, ubuntu-latest] - include: - # Using include, to make sure there will only be one macOS job, even if the matrix gets expanded later on. - # We want a single job, because macOS runners are scarce. - - os: macos-latest - cabal: "3.10.2.1" - ghc: "9.6.4" - - env: - # Modify this value to "invalidate" the cabal cache. - CABAL_CACHE_VERSION: "2024-04-24" - - concurrency: - group: > - a+${{ github.event_name }} - b+${{ github.workflow_ref }} - c+${{ github.job }} - d+${{ matrix.ghc }} - e+${{ matrix.cabal }} - f+${{ matrix.os }} - g+${{ (startsWith(github.ref, 'refs/heads/gh-readonly-queue/') && github.run_id) || github.event.pull_request.number || github.ref }} - cancel-in-progress: true - - steps: - - name: Concurrency group - run: > - echo - a+${{ github.event_name }} - b+${{ github.workflow_ref }} - c+${{ github.job }} - d+${{ matrix.ghc }} - e+${{ matrix.cabal }} - f+${{ matrix.os }} - g+${{ (startsWith(github.ref, 'refs/heads/gh-readonly-queue/') && github.run_id) || github.event.pull_request.number || github.ref }} - - - name: Install Haskell - uses: input-output-hk/actions/haskell@latest - id: setup-haskell - with: - ghc-version: ${{ matrix.ghc }} - cabal-version: ${{ matrix.cabal }} - - - name: Install system dependencies - uses: input-output-hk/actions/base@latest - with: - use-sodium-vrf: true # default is true - - - uses: actions/checkout@v4 - - - name: Cabal update - run: cabal update - - - name: Configure build - shell: bash - run: | - cp .github/workflows/cabal.project.local.ci cabal.project.local - echo "# cabal.project.local" - cat cabal.project.local - - # A dry run `build all` operation does *NOT* downlaod anything, it just looks at the package - # indices to generate an install plan. - - name: Build dry run - run: cabal build all --enable-tests --dry-run --minimize-conflict-set - - # From the install plan we generate a dependency list. - - name: Record dependencies - id: record-deps - run: | - # The tests call out to msys2 commands. We generally do not want to mix toolchains, so - # we are very deliberate about only adding msys64 to the path where absolutely necessary. - ${{ (runner.os == 'Windows' && '$env:PATH=("C:\msys64\mingw64\bin;{0}" -f $env:PATH)') || '' }} - cat dist-newstyle/cache/plan.json | jq -r '."install-plan"[] | select(.style != "local") | .id' | sort | uniq > dependencies.txt - - # From the dependency list we restore the cached dependencies. - # We use the hash of `dependencies.txt` as part of the cache key because that will be stable - # until the `index-state` values in the `cabal.project` file changes. - - name: Restore cached dependencies - uses: actions/cache/restore@v4 - id: cache - with: - path: | - ${{ steps.setup-haskell.outputs.cabal-store }} - dist-newstyle - key: cache-${{ env.CABAL_CACHE_VERSION }}-${{ runner.os }}-${{ matrix.ghc }}-${{ hashFiles('dependencies.txt') }} - - # Now we install the dependencies. If the cache was found and restored in the previous step, - # this should be a no-op, but if the cache key was not found we need to build stuff so we can - # cache it for the next step. - - name: Install dependencies - run: cabal build all --enable-tests --only-dependencies -j --ghc-option=-j4 - - # Always store the cabal cache. - # This can fail (benign failure) if there is already a hash at that key. - - name: Cache Cabal store - uses: actions/cache/save@v4 - with: - path: | - ${{ steps.setup-haskell.outputs.cabal-store }} - dist-newstyle - key: cache-${{ env.CABAL_CACHE_VERSION }}-${{ runner.os }}-${{ matrix.ghc }}-${{ hashFiles('dependencies.txt') }} - - # Now we build. - - name: Build all - run: cabal build all --enable-tests - - - name: Run tests - env: - TMPDIR: ${{ runner.temp }} - TMP: ${{ runner.temp }} - KEEP_WORKSPACE: 1 - run: | - cabal test cardano-testnet cardano-node cardano-node-chairman cardano-submit-api - - - name: Tar failed tests workspaces - if: ${{ failure() }} - env: - TMP: ${{ runner.temp }} - shell: bash - run: | - cd $TMP - find . -name 'module' -type f -exec dirname {} \; | xargs -L1 basename | sort -u | xargs tar -czvf workspaces.tgz - - - name: Upload workspaces on tests failure - if: ${{ failure() }} - uses: actions/upload-artifact@v4 - with: - name: failed-test-workspaces-${{ matrix.os }}-ghc${{ matrix.ghc }}-cabal${{ matrix.cabal }}.tgz - path: ${{ runner.temp }}/workspaces.tgz - - - name: "Tar artifacts" - shell: bash - run: | - mkdir -p artifacts - - for exe in $(cat dist-newstyle/cache/plan.json | jq -r '."install-plan"[] | select(.style == "local" and (."component-name" | startswith("exe:"))) | ."bin-file"'); do - if [ -f $exe ]; then - echo "Including artifact $exe" - - ( cd artifacts - tar -C "$(dirname $exe)" -czf "$(basename $exe).tar.gz" "$(basename $exe)" - ) - else - echo "Skipping artifact $exe" - fi - done - - - name: Delete socket files in chairman tests in preparation for uploading artifacts - if: ${{ always() }} - shell: bash - run: | - if [ -d "${{ runner.temp }}/chairman" ]; then - find "${{ runner.temp }}/chairman" -type s -exec rm -f {} \; - fi - - - name: Save Artifact - uses: actions/upload-artifact@v4 - if: ${{ always() }} - continue-on-error: true - with: - name: chairman-test-artifacts-${{ matrix.os }}-${{ matrix.ghc }} - path: ${{ runner.temp }}/chairman/ - - # Uncomment the following back in for debugging. Remember to launch a `pwsh` from - # the tmux session to debug `pwsh` issues. And be reminded that the `/msys2` and - # `/msys2/mingw64` paths are not in PATH by default for the workflow, but tmate - # will put them in. - # You may also want to run - # - # $env:PATH=("C:\Program Files\PowerShell\7;{0}" -f $env:ORIGINAL_PATH) - # - # to restore the original path. Do note that some test might need msys2 - # and will silently fail if msys2 is not in path. See the "Run tests" step. - # - # - name: Setup tmate session - # if: ${{ failure() }} - # uses: mxschmitt/action-tmate@v3 - # with: - # limit-access-to-actor: true - - build-complete: - needs: [build] - if: ${{ always() }} - runs-on: ubuntu-latest - steps: - - name: Check if any previous job failed - run: | - if [[ "${{ needs.build.result }}" == "failure" ]]; then - # this ignores skipped dependencies - echo 'Required jobs failed to build.' - exit 1 - else - echo 'Build complete' - fi - - release: - needs: [build] - if: ${{ startsWith(github.ref, 'refs/tags') }} - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Create Release Tag - id: create_release_tag - run: | - echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_OUTPUT - - - name: Create Release - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ github.ref }} - release_name: Release ${{ github.ref }} - draft: true - prerelease: false - - - name: Download Artifact - uses: actions/download-artifact@v1 - with: - name: artifacts-ubuntu-latest - - - name: Upload Release Asset - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: ./artifacts-ubuntu-latest/cardano-submit-api.tar.gz - asset_name: cardano-submit-api_${{ steps.create_release_tag.outputs.TAG }}-linux.tar.gz - asset_content_type: application/gzip diff --git a/.github/workflows/markdown-links-ci-check.yml b/.github/workflows/markdown-links-ci-check.yml deleted file mode 100644 index 173b96261f5..00000000000 --- a/.github/workflows/markdown-links-ci-check.yml +++ /dev/null @@ -1,15 +0,0 @@ -name: Check Markdown links - -on: - pull_request: # Required for workflows to be able to be approved from forks - merge_group: - -jobs: - markdown-link-check: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: - use-quiet-mode: yes - config-file: '.github/mlc_config.json' diff --git a/.github/workflows/nightly-trigger.yml b/.github/workflows/nightly-trigger.yml deleted file mode 100644 index 452077f08e3..00000000000 --- a/.github/workflows/nightly-trigger.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: Nightly Trigger - -on: - workflow_dispatch: - schedule: - - cron: '0 5 * * *' - -jobs: - build: - runs-on: ubuntu-latest - - defaults: - run: - shell: bash - - steps: - - - uses: actions/checkout@v3 - - - name: Tag - run: | - git branch -D nightly || true - git checkout -b nightly - git push origin nightly --force - - - name: Invoke workflow - uses: input-output-hk/workflow-dispatch@v1 - with: - workflow: .github/workflows/haskell.yml - ref: nightly - token: ${{ secrets.MACHINE_TOKEN }} - inputs: '{ "reason": "nightly", "tests": "all" }' diff --git a/.github/workflows/release-ghcr.yaml b/.github/workflows/release-ghcr.yaml deleted file mode 100644 index 5085d9ef3ce..00000000000 --- a/.github/workflows/release-ghcr.yaml +++ /dev/null @@ -1,85 +0,0 @@ -name: Upload to ghci.io - -on: - push: - tags: - - '**' - # GITHUB_SHA: Last commit in the tagged release - # GITHUB_REF: Tag ref of release refs/tags/ - release: - types: - - published - # GITHUB_SHA: Last commit on the GITHUB_REF branch or tag - # GITHUB_REF: Branch or tag that received dispatch - workflow_dispatch: {} - -env: - # Only to avoid some repetition - FLAKE_REF: github:${{ github.repository }}/${{ github.ref_name }} - GH_TOKEN: ${{ github.token }} - # We need to tell skopeo where to write the authentication token - REGISTRY_AUTH_FILE: ./skopeo-registry-auth-file.json - -jobs: - wait-for-hydra: - name: "Wait for hydra check-runs" - runs-on: ubuntu-latest - steps: - - name: Waiting for ci/hydra-build:required to complete - run: | - while [[ true ]]; do - conclusion=$(gh api repos/$GITHUB_REPOSITORY/commits/$GITHUB_SHA/check-runs --jq '.check_runs[] | select(.name == "ci/hydra-build:required") | .conclusion') - case "$conclusion" in - success) - echo "ci/hydra-build:required succeeded" - exit 0;; - failure) - echo "ci/hydra-build:required failed" - exit 1;; - *) - echo "ci/hydra-build:required pending. Waiting 30s..." - sleep 30;; - esac - done - - build: - needs: [wait-for-hydra] - name: "Upload to ghcr.io" - runs-on: ubuntu-latest - steps: - - name: Install Nix - uses: input-output-hk/install-nix-action@v20 - - - name: Display flake metadata - id: flake-metadata - run: | - nix flake metadata ${{ env.FLAKE_REF }} - nix flake metadata ${{ env.FLAKE_REF }} --json | jq -r '"LOCKED_URL=\(.url)"' >> "$GITHUB_OUTPUT" - - - name: Login to GitHub Container Registry - run: skopeo login --username ${{ github.actor }} --password ${{ secrets.GITHUB_TOKEN }} ghcr.io - - # NOTE We assume that hydra has already built the image, this is - # reasonable since, before applying the tag, we must have already - # pushed the tagged commit somewhere, and Hydra will have had the - # change to build the image. - - - name: Uploading intersectmbo/cardano-node - run: | - echo "::group::Downloading from cache" - nix build --accept-flake-config --print-out-paths --builders "" --max-jobs 0 ${{ steps.flake-metadata.outputs.LOCKED_URL }}#dockerImage/node - echo "::endgroup::" - - echo "::group::Uploading to registry" - skopeo copy docker-archive:./result docker://ghcr.io/intersectmbo/cardano-node:$GITHUB_REF_NAME - echo "::endgroup::" - - - name: Uploading intersectmbo/cardano-submit-api - run: | - echo "::group::Downloading from cache" - nix build --accept-flake-config --print-out-paths --builders "" --max-jobs 0 ${{ steps.flake-metadata.outputs.LOCKED_URL }}#dockerImage/submit-api - echo "::endgroup::" - - echo "::group::Uploading to registry" - skopeo copy docker-archive:./result docker://ghcr.io/intersectmbo/cardano-submit-api:$GITHUB_REF_NAME - echo "::endgroup::" diff --git a/.github/workflows/release-upload.yaml b/.github/workflows/release-upload.yaml deleted file mode 100644 index 88ff81b1018..00000000000 --- a/.github/workflows/release-upload.yaml +++ /dev/null @@ -1,112 +0,0 @@ -name: Post Release Upload -# This makes it easy to get download release binaries built using -# a github action for any tagged commit. -# -# This workflow builds and uploads the macOS, win64 and linux -# binary packages as github assets. -# -# It uses `--builders "" --max-jobs 0` to ensure the assets are -# from the IOG cache. -on: - workflow_dispatch: - release: - types: - - published - push: - tags: - - '**' -env: - # Only to avoid some repetition - FLAKE_REF: github:${{ github.repository }}/${{ github.ref_name }} - GH_TOKEN: ${{ github.token }} - -jobs: - wait-for-hydra: - name: "Wait for hydra check-runs" - runs-on: ubuntu-latest - steps: - - name: Get specific check run status - run: | - while [[ true ]]; do - conclusion=$(gh api repos/$GITHUB_REPOSITORY/commits/$GITHUB_SHA/check-runs --jq '.check_runs[] | select(.name == "ci/hydra-build:required") | .conclusion') - case "$conclusion" in - success) - echo "ci/hydra-build:required succeeded" - exit 0;; - failure) - echo "ci/hydra-build:required failed" - exit 1;; - *) - echo "ci/hydra-build:required pending. Waiting 30s..." - sleep 30;; - esac - done - - pull: - needs: [wait-for-hydra] - strategy: - matrix: - arch: [linux, macos, win64] - name: "Download Asset from the Cache" - runs-on: ubuntu-latest - steps: - - name: Install Nix with good defaults - uses: input-output-hk/install-nix-action@v20 - with: - extra_nix_config: | - trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= - substituters = https://cache.iog.io/ https://cache.nixos.org/ - nix_path: nixpkgs=channel:nixos-unstable - - name: Display flake metadata - id: flake-metadata - run: | - nix flake metadata ${{ env.FLAKE_REF }} - nix flake metadata ${{ env.FLAKE_REF }} --json | jq -r '"LOCKED_URL=\(.url)"' >> "$GITHUB_OUTPUT" - - name: Build - run: | - case ${{ matrix.arch }} in - linux) - nix build --builders "" --max-jobs 0 ${{ steps.flake-metadata.outputs.LOCKED_URL }}#hydraJobs.x86_64-linux.musl.cardano-node-linux - cp result/cardano-node-*-*.tar.gz . - ;; - macos) - nix build --builders "" --max-jobs 0 ${{ steps.flake-metadata.outputs.LOCKED_URL }}#hydraJobs.x86_64-darwin.native.cardano-node-macos - cp result/cardano-node-*-*.tar.gz . - ;; - win64) - nix build --builders "" --max-jobs 0 ${{ steps.flake-metadata.outputs.LOCKED_URL }}#hydraJobs.x86_64-linux.windows.cardano-node-win64 - cp result/cardano-node-*-*.zip . - ;; - esac - - uses: actions/upload-artifact@v4 - with: - name: ${{ github.sha }}-${{ matrix.arch }} - path: cardano-node-*-*.* - retention-days: 1 - - upload-assets: - needs: [pull] - name: "Upload Assets" - runs-on: ubuntu-latest - steps: - - uses: actions/download-artifact@v4 - with: - merge-multiple: true - - name: Checksums - run: | - # find returns something like this: - # "cardano-node-8.11.0-linux.tar.gz cardano-node-8.11.0-macos.tar.gz ..." - # We use the first member of this list to compute the prefix "cardano-node-8.11.0" - first_archive=$(find . -maxdepth 1 -name "cardano-node-*" -printf '%P\n' | head -n 1) - # Then we trim the architecture-specific suffix (last "-" and after) - sha256sums_filename=$(echo "${first_archive%-*}-sha256sums.txt") - sha256sum cardano-node-* >> "$sha256sums_filename" - - name: Release - uses: input-output-hk/action-gh-release@v1 - with: - draft: true - files: | - cardano-node-*-win64.zip - cardano-node-*-macos.tar.gz - cardano-node-*-linux.tar.gz - cardano-node-*-sha256sums.txt diff --git a/.github/workflows/shellcheck-exceptions.txt b/.github/workflows/shellcheck-exceptions.txt deleted file mode 100644 index ef1749c6a3b..00000000000 --- a/.github/workflows/shellcheck-exceptions.txt +++ /dev/null @@ -1,60 +0,0 @@ -.github/bin/haddocks.sh -scripts/ci/check-cabal-files.sh -bench/process/process.sh -bench/script/probe.sh -cardano-submit-api/test/run.sh -cardano-tracer/demo/multi/run.sh -cardano-tracer/demo/ssh/run.sh -ci/check-dependencies-merged-to-master.sh -ci/check-hydra.sh -configuration/cardano/update-config-files.sh -nix/regenerate.sh -nix/workbench/analyse/analyse.sh -nix/workbench/backend/backend.sh -nix/workbench/backend/nomad.sh -nix/workbench/backend/nomad/cloud.sh -nix/workbench/backend/nomad/exec.sh -nix/workbench/backend/nomad/podman.sh -nix/workbench/backend/supervisor.sh -nix/workbench/chaindb.sh -nix/workbench/env.sh -nix/workbench/lib-cabal.sh -nix/workbench/lib.sh -nix/workbench/manifest.sh -nix/workbench/nomad.sh -nix/workbench/profile/pparams/apiPparamsImport.sh -nix/workbench/profile/pparams/diffLatest.sh -nix/workbench/profile/pparams/diffLatestWithOverlay.sh -nix/workbench/profile/pparams/pparamsLastWithOverlay.sh -nix/workbench/profile/profile.sh -nix/workbench/publish.sh -nix/workbench/run.sh -nix/workbench/scenario.sh -nix/workbench/topology/topology.sh -scripts/babbage/example-babbage-script-usage.sh -scripts/babbage/mkfiles.sh -scripts/babbage/script-context-equivalance-test.sh -scripts/babbage/script-mint-context-equivalance-test.sh -scripts/babbage/staking-example/claim-script-staking-rewards.sh -scripts/babbage/staking-example/register-and-delegate-script-staking-address.sh -scripts/bin-path.sh -scripts/byron-to-alonzo/burn.sh -scripts/byron-to-alonzo/mint.sh -scripts/byron-to-alonzo/mkfiles.sh -scripts/byron-to-alonzo/update-3.sh -scripts/byron-to-alonzo/update-4.sh -scripts/byron-to-alonzo/update-5.sh -scripts/ci/check-cabal-files.sh -scripts/gen-merge-summary.sh -scripts/lite/example-build-cmd.sh -scripts/lite/shelley-testnet-2.sh -scripts/lite/shelley-testnet.sh -scripts/lite/shutdown-ipc-example.sh -scripts/lite/split-txouts.sh -scripts/plutus/always-fails.sh -scripts/plutus/example-txin-locking-plutus-script.sh -scripts/plutus/script-context-equivalance-test.sh -scripts/plutus/script-context-equivalence-test-minting.sh -scripts/plutus/simple-minting-policy.sh -scripts/plutus/staking-example/claim-script-staking-rewards.sh -scripts/test-stake-cred-script/create-collateral.sh diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml deleted file mode 100644 index a77d2d54bc5..00000000000 --- a/.github/workflows/shellcheck.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: Shellcheck -# This pipeline runs shellcheck on all files with extension .sh, -# except the ones listed in .github/workflows/shellcheck-exceptions.txt. -# -# This pipeline uses Nix, so that the shellcheck version used is the same -# ones as used by developers in Nix shells. This ensures the CI's behavior -# is consistent with the one of developers. - -on: - merge_group: - pull_request: - -jobs: - shellcheck: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install Nix with good defaults - uses: input-output-hk/install-nix-action@v20 - with: - extra_nix_config: | - trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= - substituters = https://cache.nixos.org/ https://cache.iog.io/ - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/install-nix-action@v18 - with: - nix_path: nixpkgs=channel:nixos-unstable - # Make the Nix environment available to next steps - - uses: rrbutani/use-nix-shell-action@v1 - - name: shellcheck - run: | - for file in $(git ls-files "*.sh") - do - if grep -q "$file" ".github/workflows/shellcheck-exceptions.txt" - then - echo "⚠️ $file is ignored from shellcheck's verifications. Please consider fixing it." - else - echo "shellcheck $file" - shellcheck "$file" - fi - done diff --git a/.github/workflows/stale-bot.yml b/.github/workflows/stale-bot.yml deleted file mode 100644 index 5fef42c6ec2..00000000000 --- a/.github/workflows/stale-bot.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: 'Close stale issues and PR' -on: - schedule: - - cron: '30 1 * * *' - -jobs: - stale: - runs-on: ubuntu-latest - steps: - - uses: actions/stale@v6 - with: - stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 120 days.' - stale-pr-message: 'This PR is stale because it has been open 45 days with no activity.' - close-issue-message: 'This issue was closed because it has been stalled for 120 days with no activity. Remove stale label or comment or this will be closed in 60 days.' - close-pr-message: 'This issue was closed because it has been stalled for 60 days with no activity.' - days-before-stale: 30 - days-before-close: 120 - days-before-pr-stale: 45 - days-before-pr-close: 60 diff --git a/.github/workflows/stylish-haskell.yml b/.github/workflows/stylish-haskell.yml deleted file mode 100644 index f77247ca985..00000000000 --- a/.github/workflows/stylish-haskell.yml +++ /dev/null @@ -1,89 +0,0 @@ -name: Check Stylish Haskell - -on: - pull_request: # Required for workflows to be able to be approved from forks - merge_group: - -# When pushing branches (and/or updating PRs), we do want to cancel previous -# build runs. We assume they are stale now; and do not want to spend CI time and -# resources on continuing to continue those runs. This is what the concurrency.group -# value lets us express. When using merge queues, we now have to consider -# - runs triggers by commits per pull-request -# we want to cancel any previous run. So they should all get the same group (per PR) -# - runs refs/heads/gh-readonly-queue/ (they should all get their -# unique git ref, we don't want to cancel any of the ones in the queue) -# - if it's neither, we fall back to the run_id (this is a unique number for each -# workflow run; it does not change if you "rerun" a job) -concurrency: - group: ${{ github.workflow }}-${{ github.event.type }}-${{ startsWith(github.ref, 'refs/heads/gh-readonly-queue/') && github.ref || github.event.pull_request.number || github.run_id }} - cancel-in-progress: true - -jobs: - build: - runs-on: ubuntu-latest - - strategy: - fail-fast: false - - env: - STYLISH_HASKELL_VERSION: "0.14.6.0" - - STYLISH_HASKELL_PATHS: > - cardano-git-rev - cardano-node - cardano-node-capi - cardano-node-chairman - cardano-submit-api - cardano-testnet - cardano-tracer - trace-dispatcher - trace-forward - trace-resources - - steps: - - name: Download stylish-haskell - if: runner.os == 'Linux' - run: | - version="${{ env.STYLISH_HASKELL_VERSION }}" - - curl -sL \ - "https://github.com/haskell/stylish-haskell/releases/download/v$version/stylish-haskell-v$version-linux-x86_64.tar.gz" \ - | tar -C "/tmp" -xz - - echo "PATH=/tmp/stylish-haskell-v$version-linux-x86_64:$PATH" >> $GITHUB_ENV - - - uses: actions/checkout@v3 - - - name: Run stylish-haskell over all Haskell files (always succeeds) - run: | - git add . - git stash - - for x in $(git ls-tree --full-tree --name-only -r HEAD ${{ env.STYLISH_HASKELL_PATHS }}); do - if [ "${x##*.}" == "hs" ]; then - if grep -qE '^#' $x; then - echo "$x contains CPP. Skipping." - else - stylish-haskell -i $x - fi - fi - done - - git --no-pager diff - - - name: Run stylish-haskell over all modified files - run: | - git add . - git stash - git fetch origin ${{ github.base_ref }} --unshallow - for x in $(git diff --name-only --diff-filter=ACMR origin/${{ github.base_ref }}..HEAD ${{ env.STYLISH_HASKELL_PATHS }}); do - if [ "${x##*.}" == "hs" ]; then - if grep -qE '^#' $x; then - echo "$x contains CPP. Skipping." - else - stylish-haskell -i $x - fi - fi - done - - git --no-pager diff --exit-code diff --git a/.github/workflows/update-hackage-and-chap.yml b/.github/workflows/update-hackage-and-chap.yml deleted file mode 100644 index c1d97843e27..00000000000 --- a/.github/workflows/update-hackage-and-chap.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: Update Hackage and CHaP - -on: - workflow_dispatch: # allows manual triggering - schedule: - - cron: '0 0 * * 0' # runs weekly on Sunday at 00:00 - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Install Nix - uses: cachix/install-nix-action@v18 - with: - # Use last stable nixos channel and the same nix as in channel: - nix_path: nixpkgs=channel:nixos-24.05 - github_access_token: ${{ secrets.GITHUB_TOKEN }} - extra_nix_config: | - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} - experimental-features = nix-command flakes - allow-import-from-derivation = true - substituters = https://cache.nixos.org https://cache.iog.io - trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= - - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Update flake.lock - uses: DeterminateSystems/update-flake-lock@v19 - with: - token: ${{ secrets.GITHUB_TOKEN }} - inputs: hackageNix CHaP - nix-options: --accept-flake-config - pr-title: "flake.lock: update Hackage and CHaP" - pr-labels: dependencies, automated - pr-body: | - Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action. - - ``` - {{ env.GIT_COMMIT_MESSAGE }} - ```