ci: Refactor scripts #60
Conversation
febo
force-pushed
the
febo/refactor-ci
branch
from
c2ad80e to
6be0456
Compare
febo
force-pushed
the
febo/refactor-ci
branch
from
8bb36fb to
20e4cfb
Compare
febo
force-pushed
the
febo/refactor-ci
branch
from
20e4cfb to
4f7ad78
Compare
|
Just realised that the "filter" is not as precise as it should be. For example, when the main Update: The conditional filter was removed. |
| - name: build-sbf | ||
| run: pnpm build ${{ matrix.member }} |
There was a problem hiding this comment.
nit: How about calling the script build-sbf to make things clearer?
There was a problem hiding this comment.
Yep, definitely clearer.
| - name: Set Git Author | ||
| run: | | ||
| git config --global user.email "github-actions@github.com" | ||
| git config --global user.name "github-actions" |
There was a problem hiding this comment.
Sorry for fish brain: this is used so that the github-actions bot doesn't appear as a contributor, correct? Why was this a problem again?
There was a problem hiding this comment.
Yes, using these labels, the "github-actions" does not appear as a contributor. It does not solve a particular problem, it is a cosmetic thing. Happy to revert the change.
| @@ -17,5 +17,14 @@ repository = "https://github.com/anza-xyz/pinocchio" | |||
|
|
|||
| [workspace.dependencies] | |||
| five8_const = "0.1.3" | |||
| pinocchio = { path = "sdk/pinocchio", version = ">= 0.6, <= 0.7" } | |||
| pinocchio-pubkey = { path = "sdk/pubkey", version = "0.2.1" } | |||
| pinocchio = { path = "sdk/pinocchio", version = ">= 0.6" } | |||
There was a problem hiding this comment.
Why is the version specified like that?
There was a problem hiding this comment.
This is probably me not using the workspace dependencies correctly. I was trying to avoid bumping dependencies on other packages unnecessarily. For example, if pinocchio-pubkey can work with multiple versions of pinocchio and pinocchio has been bumped to 0.7, I still want to specify that pinocchio-pubkey works with anything from >= 0.6.
But perhaps this is not the correct way to do that.
| "private": true, | ||
| "scripts": { | ||
| "audit": "tsx ./scripts/audit.mjs", | ||
| "build": "tsx ./scripts/build.mjs", |
There was a problem hiding this comment.
nit: mentioned earlier, but build-sbf would probably be clearer
|
|
||
| const [folder, ...args] = cliArguments(); | ||
|
|
||
| const buildArgs = [...args, '--', '--all-targets', '--all-features']; |
There was a problem hiding this comment.
I'm surprised to see --all-targets here -- I tried building a couple of programs with cargo build-sbf -- --all-targets and it fails because some dependencies that are incompatible with the chain are probably brought in.
Is that what you're trying to test here? It's pretty cool!
There was a problem hiding this comment.
Yeah, it is a sanity check.
|
|
||
| - name: Check semver | ||
| uses: obi1kenobi/cargo-semver-checks-action@v2 | ||
| run: | | ||
| pnpm semver ${{ inputs.crate }} --release-type ${{ inputs.level }} |
There was a problem hiding this comment.
That's really neat, I didn't know it could do that!
| - name: Push Commit and Tag | ||
| if: github.event.inputs.dry_run != 'true' | ||
| run: git push origin --follow-tags |
There was a problem hiding this comment.
It's up to you, but I prefer to use the functionality from cargo release to tag and push, ie: https://github.com/solana-program/token-2022/blob/a46685f457db8e5c68d7f43e1c032500b7cd258b/scripts/rust/publish.mjs#L24
There was a problem hiding this comment.
Oh, that is better, I will change it so it does the same thing.
| // Soft reset the last commit so we can create our own commit and tag. | ||
| await $`git reset --soft HEAD~1`; | ||
|
|
||
| // Commit the new version. | ||
| await $`git commit -am "Publish ${crate} v${version}"`; | ||
|
|
||
| // Tag the new version. | ||
| await $`git tag -a ${crate}@v${version} -m "${crate} v${version}"`; |
There was a problem hiding this comment.
As flagged earlier, if you decide to update the flags to cargo release, you don't need to do any of this: https://github.com/solana-program/token-2022/blob/a46685f457db8e5c68d7f43e1c032500b7cd258b/scripts/rust/publish.mjs#L24
Be careful to specify two curly braces around {{version}} since that actually interpolates the version that the repo will be bumped to
Problem
CI currently has limited checks and the
publish.ymlworkflow is limited to a couple of crates.Solution
Refactor the CI. This involved using a new set of supporting scripts, which can also be used from the command-line:
audit: audit dependencies of the workspacebuild: build a crate withbuild-sbf(useful to detect issues with code under thetarget = solanaconfigurationclippy: run clippydoc: linting of doc sectionsformat: runcargo fmthack: linting of feature powersetlint: executeclippy && doc && hackin sequencesemver: semantic versioning validationtest: runcargo testCI make use of these scripts to run:
auditformatclippydochackbuildtestThe
publish.ymlworkflow was updated to work with any crate of the reposiroty and incorporatessemver-checksbased on the version level. If the version level selected for publishing violates semantic versioning, the publishing fails. For example, if the code to be published under apatchversion contains breaking changes, thesemver-checkwill fail and the publish workflow will abort.Note
The code in main is currently failing the
doclinting - #64 fixes these issues.