feat(release): add run-kurtosis-assertor job after build-release #234
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | ||
env: | ||
APPLICATION: "erigon" | ||
BUILDER_IMAGE: "ghcr.io/goreleaser/goreleaser-cross:v1.22.7" | ||
DOCKER_BASE_IMAGE: "alpine:3.20.3" | ||
APP_REPO: "erigontech/erigon" | ||
PACKAGE: "github.com/erigontech/erigon" | ||
DOCKERHUB_REPOSITORY: "erigontech/erigon" | ||
DOCKERFILE_PATH: "./Dockerfile.release" | ||
GITHUB_AUTOMATION_EMAIL: "github-automation@erigon.tech" | ||
GITHUB_AUTOMATION_NAME: "Erigon Github Automation" | ||
LABEL_DESCRIPTION: "Erigon is an implementation of Ethereum (execution layer with embeddable consensus layer), on the efficiency frontier. Archive Node by default." | ||
on: | ||
push: | ||
branches-ignore: | ||
- '**' | ||
#branches: | ||
# - 'master' | ||
#tags: | ||
## only trigger on release tags: | ||
#- 'v*.*.*' | ||
#- 'v*.*.*-*' | ||
workflow_dispatch: | ||
inputs: | ||
checkout_ref: | ||
required: true | ||
type: string | ||
default: 'main' | ||
description: 'The branch to checkout and build artifacts from. By default "main".' | ||
release_version: | ||
required: true | ||
type: string | ||
description: 'Release version number (Pattern - v#.#.# , f.e. v2.60.8 or v3.0.0 or v3.0.0-alpha1 for pre-releases. Prefix it with "v".)' | ||
perform_release: | ||
required: false | ||
type: boolean | ||
default: false | ||
description: 'perform_release: when set then all artifacts will be published and the DRAFT of the release | ||
notes will be created.' | ||
publish_latest_tag: | ||
required: false | ||
type: boolean | ||
default: false | ||
description: 'publish_latest_tag: when set then docker image with tag :latest will be also published' | ||
with_assertor: | ||
required: false | ||
type: boolean | ||
default: false | ||
description: 'with_assertor: when set then the workflow will run the Kurtosis Assertor' | ||
enable_pectra_assertor: | ||
required: false | ||
type: boolean | ||
default: false | ||
description: 'enable_pectra_assertor: when set then the workflow will run the Pectra Assertor tests' | ||
jobs: | ||
build-release: | ||
## runs-on: ubuntu-22.04 | ||
runs-on: ubuntu-latest-devops-xxlarge | ||
timeout-minutes: 60 | ||
name: Build Artifacts and multi-platform Docker image, publish draft of the Release Notes | ||
steps: | ||
- name: Checkout git repository ${{ env.APP_REPO }} | ||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 ## 4.1.7 release | ||
with: | ||
repository: ${{ env.APP_REPO }} | ||
fetch-depth: 0 | ||
ref: ${{ inputs.checkout_ref }} | ||
- name: Check if tag ${{ inputs.release_version }} already exists in case perform_release is set. | ||
if: ${{ (inputs.perform_release) && (inputs.release_version != '') }} | ||
run: | | ||
if git ls-remote --exit-code --quiet --tags origin '${{ inputs.release_version }}'; then | ||
echo "ERROR: tag ${{ inputs.release_version }} exists and workflow is performing release. Exit." | ||
exit 1 | ||
else | ||
echo "OK: tag ${{ inputs.release_version }} does not exists. Proceeding." | ||
fi | ||
- name: Get commit id | ||
id: getCommitId | ||
run: | | ||
echo "id=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT | ||
echo "short_commit_id=$(git rev-parse --short=7 HEAD)" >> $GITHUB_OUTPUT | ||
- name: Login to Docker Hub | ||
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 ## v3.3.0 | ||
with: | ||
username: ${{ secrets.ORG_DOCKERHUB_ERIGONTECH_USERNAME }} | ||
password: ${{ secrets.ORG_DOCKERHUB_ERIGONTECH_TOKEN }} | ||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf ## v3.2.0 | ||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db ## v3.6.1 | ||
- name: Build binaries with goreleaser | ||
env: | ||
BUILD_VERSION: ${{ inputs.release_version }} | ||
DOCKER_URL: ${{ env.DOCKERHUB_REPOSITORY }} | ||
run: | | ||
docker run --rm \ | ||
-w /${{ env.APPLICATION }}/ \ | ||
-e BUILD_VERSION=${{ env.BUILD_VERSION }} \ | ||
-e GIT_COMMIT=${{ steps.getCommitId.outputs.id }} \ | ||
-e GIT_BRANCH=${{ inputs.checkout_ref }} \ | ||
-e GIT_TAG=${{ inputs.release_version }} \ | ||
-e PACKAGE=${{ env.PACKAGE }} \ | ||
-e APPLICATION=${{ env.APPLICATION }} \ | ||
-v $(pwd):/${{ env.APPLICATION}} \ | ||
-v /var/run/docker.sock:/var/run/docker.sock \ | ||
${{ env.BUILDER_IMAGE }} release --timeout 60m0s --clean --skip=validate,announce,publish | ||
echo "DEBUG: ls -lao in the working directory" | ||
ls -lao | ||
echo "DEBUG: content of the dist/ directory" | ||
find dist/ -ls | ||
- name: Build and push multi-platform docker images (${{ env.BUILD_VERSION }} and latest) in case perform_release is true | ||
if: ${{ inputs.perform_release }} | ||
env: | ||
BUILD_VERSION: ${{ inputs.release_version }} | ||
DOCKER_URL: ${{ env.DOCKERHUB_REPOSITORY }} | ||
DOCKER_PUBLISH_LATEST_CONDITION: ${{ inputs.publish_latest_tag && format('--tag {0}:latest ',env.DOCKERHUB_REPOSITORY) || '' }} | ||
run: | | ||
docker buildx build \ | ||
--file ${{ env.DOCKERFILE_PATH }} \ | ||
--build-arg RELEASE_DOCKER_BASE_IMAGE=${{ env.DOCKER_BASE_IMAGE }} \ | ||
--build-arg VERSION=${{ env.BUILD_VERSION }} \ | ||
--build-arg APPLICATION=${{ env.APPLICATION }} \ | ||
--tag ${{ env.DOCKER_URL }}:${{ env.BUILD_VERSION }} \ | ||
--target release \ | ||
--attest type=provenance,mode=max \ | ||
--sbom=true \ | ||
${{ env.DOCKER_PUBLISH_LATEST_CONDITION }} \ | ||
--label org.opencontainers.image.created=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \ | ||
--label org.opencontainers.image.authors="https://github.com/erigontech/erigon/graphs/contributors" \ | ||
--label org.opencontainers.image.url="https://github.com/erigontech/erigon/blob/main/Dockerfile" \ | ||
--label org.opencontainers.image.documentation="https://github.com/erigontech/erigon/blob/main/Dockerfile" \ | ||
--label org.opencontainers.image.source="https://github.com/erigontech/erigon/blob/main/Dockerfile" \ | ||
--label org.opencontainers.image.version=${{ inputs.release_version }} \ | ||
--label org.opencontainers.image.revision=${{ steps.getCommitId.outputs.id }} \ | ||
--label org.opencontainers.image.vcs-ref-short=${{ steps.getCommitId.outputs.short_commit_id }} \ | ||
--label org.opencontainers.image.vendor="${{ github.repository_owner }}" \ | ||
--label org.opencontainers.image.description="${{ env.LABEL_DESCRIPTION }}" \ | ||
--label org.opencontainers.image.base.name="${{ env.DOCKER_BASE_IMAGE }}" \ | ||
--push \ | ||
--platform linux/amd64,linux/amd64/v2,linux/arm64 . | ||
- name: Upload artifact -- linux/arm64 | ||
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a ## v4.3.6 | ||
with: | ||
name: ${{ env.APPLICATION }}_${{ inputs.release_version }}_linux_arm64.tar.gz | ||
path: ./dist/${{ env.APPLICATION }}_${{ inputs.release_version }}_linux_arm64.tar.gz | ||
retention-days: 1 | ||
compression-level: 0 | ||
if-no-files-found: error | ||
- name: Upload artifact -- linux/amd64 | ||
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a ## v4.3.6 | ||
with: | ||
name: ${{ env.APPLICATION }}_${{ inputs.release_version }}_linux_amd64.tar.gz | ||
path: ./dist/${{ env.APPLICATION }}_${{ inputs.release_version }}_linux_amd64.tar.gz | ||
retention-days: 1 | ||
compression-level: 0 | ||
if-no-files-found: error | ||
- name: Upload artifact -- linux/amd64/v2 | ||
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a ## v4.3.6 | ||
with: | ||
name: ${{ env.APPLICATION }}_${{ inputs.release_version }}_linux_amd64v2.tar.gz | ||
path: ./dist/${{ env.APPLICATION }}_${{ inputs.release_version }}_linux_amd64v2.tar.gz | ||
retention-days: 1 | ||
compression-level: 0 | ||
if-no-files-found: error | ||
- name: Upload artifact -- darwin/arm64 | ||
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a ## v4.3.6 | ||
with: | ||
name: ${{ env.APPLICATION }}_${{ inputs.release_version }}_darwin_arm64.tar.gz | ||
path: ./dist/${{ env.APPLICATION }}_${{ inputs.release_version }}_darwin_arm64.tar.gz | ||
retention-days: 1 | ||
compression-level: 0 | ||
if-no-files-found: error | ||
- name: Upload artifact -- darwin/amd64 | ||
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a ## v4.3.6 | ||
with: | ||
name: ${{ env.APPLICATION }}_${{ inputs.release_version }}_darwin_amd64.tar.gz | ||
path: ./dist/${{ env.APPLICATION }}_${{ inputs.release_version }}_darwin_amd64.tar.gz | ||
retention-days: 1 | ||
compression-level: 0 | ||
if-no-files-found: error | ||
## not required for now -- commented: | ||
# - name: Create and push a git tag for the released version in case perform_release is set | ||
# if: ${{ inputs.perform_release }} | ||
# run: | | ||
# git config --global user.email ${{ env.GITHUB_AUTOMATION_EMAIL }} | ||
# git config --global user.name "${{ env.GITHUB_AUTOMATION_NAME }}" | ||
# git tag -a ${{ inputs.release_version }} -m "Release ${{ inputs.release_version }}" | ||
# git push origin ${{ inputs.release_version }} | ||
- name: Publish draft of the Release notes with assets in case perform_release is set | ||
if: ${{ inputs.perform_release }} | ||
env: | ||
GH_TOKEN: ${{ github.token }} | ||
GH_REPO: ${{ github.repository }} | ||
DOCKER_TAGS: ${{ env.DOCKERHUB_REPOSITORY }}:${{ inputs.release_version }} | ||
GITHUB_RELEASE_TARGET: ${{ inputs.checkout_ref }} | ||
run: | | ||
cd dist | ||
sha256sum *.tar.gz > ${HOME}/${{ env.APPLICATION }}_${{ inputs.release_version }}_checksums.txt | ||
gh release create \ | ||
--generate-notes \ | ||
--target ${GITHUB_RELEASE_TARGET} \ | ||
--draft=true \ | ||
--title "${{ inputs.release_version }}" \ | ||
--notes "**Improvements:**<br>- ...coming soon <br><br>**Bugfixes:**<br><br>- ...coming soon<br><br>**Docker images:**<br><br>Docker image released:<br> ${{ env.DOCKER_TAGS }}<br><br>... coming soon<br>" \ | ||
"${{ inputs.release_version }}" \ | ||
*.tar.gz ${HOME}/${{ env.APPLICATION }}_${{ inputs.release_version }}_checksums.txt | ||
run-kurtosis-assertoor: | ||
if: ${{ inputs.with_assertor }} | ||
needs: build-release | ||
# TODO: change the branch to main before merging | ||
uses: erigontech/erigon/.github/workflows/test-kurtosis-assertoor.yml@feat/assertor-release-workflow | ||
with: | ||
checkout_ref: ${{ github.sha }} | ||
os: "ubuntu-latest" | ||
docker_build_tag: ${{ inputs.release_version }} | ||
enable_pectra_tests: ${{ inputs.enable_pectra_assertor }} |