Skip to content

Create release draft #150

Create release draft

Create release draft #150

name: Create release draft
on:
workflow_dispatch:
inputs:
release_client:
type: boolean
description: parachain-client
required: true
default: true
release_runtime:
type: boolean
description: parachain-runtime
required: true
default: true
release_worker:
type: boolean
description: tee-worker
required: true
default: true
release_enclave:
type: boolean
description: tee-enclave
required: true
default: true
release_tag:
description: an existing tag for creating release (e.g. v1.2.3)
required: true
release_worker_tag:
description: an existing tag for creating release (e.g. v1.2.3)
required: true
diff_tag:
description: an existing tag to run diff against (e.g. v1.2.0)
default: ""
required: false
genesis_release:
type: choice
description: If any of the genesis artefacts should be released alongside
options:
- none
- litmus
- rococo
- litentry
env:
RELEASE_TAG: ${{ github.event.inputs.release_tag }}
RELEASE_WORKER_TAG: ${{ github.event.inputs.release_worker_tag }}
DIFF_TAG: ${{ github.event.inputs.diff_tag }}
GENESIS_RELEASE: ${{ github.event.inputs.genesis_release }}
DOCKER_BUILDKIT: 1
REF_VERSION: ${{ github.head_ref || github.ref_name }}
jobs:
set-release-type:
runs-on: ubuntu-latest
steps:
- name: set release_type
id: vars
run: |
# use something similar to mask to store the release type
t=0000
[ "${{ github.event.inputs.release_client }}" = "true" ] && t="${t:0:0}1${t:1}"
[ "${{ github.event.inputs.release_runtime }}" = "true" ] && t="${t:0:1}1${t:2}"
[ "${{ github.event.inputs.release_worker }}" = "true" ] && t="${t:0:2}1${t:3}"
[ "${{ github.event.inputs.release_enclave }}" = "true" ] && t="${t:0:3}1${t:4}"
if [ $t = "0000"]; then
echo "::error::Please select at least one release type."
exit 1
fi
echo "::group::print release type"
echo "release_type: $t"
echo "::endgroup::"
echo "release_type=$t" >> $GITHUB_OUTPUT
outputs:
release_type: ${{ steps.vars.outputs.release_type }}
## build parachain runtime wasm ##
build-wasm:
if: ${{ github.event.inputs.release_runtime == 'true' }}
runs-on: ubuntu-latest
strategy:
matrix:
chain:
- litmus
- rococo
- litentry
steps:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
fetch-depth: 0
- name: Build with srtool
id: srtool_build
uses: chevdor/[email protected]
env:
# optional: will override the parachain pallet ID and authorize_upgrade call ID,
# which will result in a different parachain_authorize_upgrade_hash
PARACHAIN_PALLET_ID: "0x1e"
AUTHORIZE_UPGRADE_PREFIX: "0x02"
with:
chain: ${{ matrix.chain }}-parachain
runtime_dir: runtime/${{ matrix.chain }}
tag: "1.66.0"
- name: Summary
run: |
echo '${{ steps.srtool_build.outputs.json }}' | jq . > ${{ matrix.chain }}-parachain-srtool-digest.json
echo "==============================================="
cat ${{ matrix.chain }}-parachain-srtool-digest.json
cp ${{ steps.srtool_build.outputs.wasm_compressed }} ${{ matrix.chain }}-parachain-runtime.compact.compressed.wasm
- name: Upload wasm artefacts
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.chain }}-parachain-runtime
path: |
${{ matrix.chain }}-parachain-srtool-digest.json
${{ matrix.chain }}-parachain-runtime.compact.compressed.wasm
## build docker image of parachain binary ##
build-docker:
if: ${{ github.event.inputs.release_client == 'true' }}
runs-on: ubuntu-latest
steps:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
fetch-depth: 0
- name: Set env
run: |
DOCKER_TAG=$(echo ${{ env.RELEASE_TAG }} | cut -d'-' -f1 | sed 's/p/v/')
echo "DOCKER_TAG=$DOCKER_TAG" >> $GITHUB_ENV
- name: Build docker image
run: |
./scripts/build-docker.sh production $DOCKER_TAG
echo "============================="
docker images
# - name: Dockerhub login
# uses: docker/login-action@v3
# with:
# username: ${{ secrets.DOCKERHUB_USERNAME }}
# password: ${{ secrets.DOCKERHUB_PASSWORD }}
# - name: Push docker image
# run: |
# docker push litentry/litentry-parachain:$DOCKER_TAG
# - name: Generate genesis artefacts if need
# if: github.event.inputs.genesis_release != 'none'
# run: |
# docker run --rm litentry/litentry-parachain:$DOCKER_TAG export-genesis-state --chain=${{ env.GENESIS_RELEASE }} > ${{ env.GENESIS_RELEASE }}-genesis-state
# docker run --rm litentry/litentry-parachain:$DOCKER_TAG export-genesis-wasm --chain=${{ env.GENESIS_RELEASE }} > ${{ env.GENESIS_RELEASE }}-genesis-wasm
# - name: Copy client binary to disk
# run: |
# docker cp $(docker create --rm litentry/litentry-parachain:$DOCKER_TAG):/usr/local/bin/litentry-collator .
# - name: Upload the client binary
# uses: actions/upload-artifact@v3
# with:
# name: litentry-collator
# if-no-files-found: ignore
# path: |
# litentry-collator
# ${{ env.GENESIS_RELEASE }}-genesis-state
# ${{ env.GENESIS_RELEASE }}-genesis-wasm
build-worker-docker:
if: ${{ github.event.inputs.release_client == 'true' }}
runs-on: ubuntu-latest
steps:
- name: Free up disk space
if: startsWith(runner.name, 'GitHub Actions')
uses: jlumbroso/free-disk-space@main
with:
tool-cache: true
swap-storage: false
large-packages: false
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
fetch-depth: 0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
# use the docker driver to access the local image
# we don't need external caches or multi platforms here
# see https://docs.docker.com/build/drivers/
driver: docker
- name: Cache worker-cache
uses: actions/cache@v3
with:
path: |
worker-cache
key: worker-cache-${{ env.REF_VERSION }}-${{ hashFiles('tee-worker/**/Cargo.lock', 'tee-worker/**/Cargo.toml') }}
restore-keys: |
worker-cache-${{ env.REF_VERSION }}-
worker-cache-
- name: Create cache folder if not exist
run: |
for i in 'git/db' 'registry/cache' 'registry/index' 'sccache'; do
[ ! -d "worker-cache/$i" ] && mkdir -p "worker-cache/$i" || true
echo "hello" > worker-cache/$i/nix
done
echo "::group::List worker-cache size"
du -sh worker-cache/*
echo "::endgroup::"
echo "::group::Show disk usage"
df -h .
echo "::endgroup::"
- name: Build local builder
uses: docker/build-push-action@v5
with:
context: .
file: tee-worker/build.Dockerfile
tags: local-builder:${{env.RELEASE_WORKER_TAG}}
target: builder
build-args: |
WORKER_MODE_ARG=sidechain
ADDITIONAL_FEATURES_ARG=
- name: Copy caches from the built image
run: |
echo "::group::Show disk usage"
df -h .
echo "::endgroup::"
echo "::group::docker images"
docker images --all
echo "::endgroup::"
echo "::group::copy cache out"
for i in 'git/db' 'registry/cache' 'registry/index'; do
b="${i%/*}"
rm -rf worker-cache/$i
docker cp "$(docker create --rm local-builder:${{env.RELEASE_WORKER_TAG}}):/opt/rust/$i" worker-cache/$b
done
rm -rf worker-cache/sccache
docker cp "$(docker create --rm local-builder:${{env.RELEASE_WORKER_TAG}}):/opt/rust/sccache" worker-cache
du -sh worker-cache/*
echo "::endgroup::"
echo "::group::df -h ."
df -h .
echo "::endgroup::"
- name: Build worker
uses: docker/build-push-action@v5
with:
context: .
file: tee-worker/build.Dockerfile
tags: litentry/litentry-worker:${{env.RELEASE_WORKER_TAG}}
target: deployed-worker
- name: Build cli
uses: docker/build-push-action@v5
with:
context: .
file: tee-worker/build.Dockerfile
tags: litentry/litentry-cli:${{env.RELEASE_WORKER_TAG}}
target: deployed-client
- run: docker images --all
# ## Build the enclave and package config files
# build-tee:
# if: ${{ github.event.inputs.release_worker == 'true' }} || ${{ github.event.inputs.release_enclave == 'true' }}
# runs-on: tee-prod-builder
# outputs:
# mrenclave: ${{ steps.mrenclave.outputs.mrenclave }}
# enclave_sha1sum: ${{ steps.shasum.outputs.enclave_sha1sum }}
# worker_sha1sum: ${{ steps.shasum.outputs.worker_sha1sum }}
# steps:
# - name: Checkout codes on ${{ env.RELEASE_TAG }}
# uses: actions/checkout@v4
# with:
# ref: ${{ env.RELEASE_TAG }}
# fetch-depth: 0
# - name: Build release artefacts
# run: |
# source /opt/intel/sgxsdk/environment
# ./tee-worker/scripts/litentry/release/build.sh ${{ github.event.inputs.release_worker }} ${{ github.event.inputs.release_enclave }}
# - name: Set MRENCLAVE
# id: mrenclave
# run: |
# MRENCLAVE=
# f="tee-worker/enclave_release/mrenclave.txt"
# [ -f "$f" ] && MRENCLAVE=$(cat "$f")
# echo "mrenclave=$MRENCLAVE" >> $GITHUB_OUTPUT
# - name: Set shasum
# id: shasum
# run: |
# ENCLAVE_SHA1SUM=
# WORKER_SHA1SUM=
# cd tee-worker/enclave_release
# [ -f "enclave.signed.so" ] && ENCLAVE_SHA1SUM=$(shasum enclave.signed.so | awk '{print $1}')
# [ -f "litentry-worker" ] && WORKER_SHA1SUM=$(shasum litentry-worker | awk '{print $1}')
# echo "enclave_sha1sum=$ENCLAVE_SHA1SUM" >> $GITHUB_OUTPUT
# echo "worker_sha1sum=$WORKER_SHA1SUM" >> $GITHUB_OUTPUT
# - name: Upload artefacts
# uses: actions/upload-artifact@v3
# with:
# name: litentry-tee
# path: ./tee-worker/enclave_release/*
# - name: Fail early
# if: failure()
# uses: andymckay/[email protected]
# ## test again the built docker image ##
# run-ts-tests:
# runs-on: ubuntu-latest
# needs: build-docker
# strategy:
# matrix:
# chain:
# - litmus
# - litentry
# steps:
# - name: Checkout codes
# uses: actions/checkout@v4
# with:
# fetch-depth: 0
# - name: Enable corepack and pnpm
# run: corepack enable && corepack enable pnpm
# - name: Download and tag docker image
# run: |
# export DOCKER_TAG=$(echo ${{ env.RELEASE_TAG }} | cut -d'-' -f1 | sed 's/p/v/')
# docker pull litentry/litentry-parachain:$DOCKER_TAG
# docker tag litentry/litentry-parachain:$DOCKER_TAG litentry/litentry-parachain:latest
# - name: Run ts tests for ${{ matrix.chain }}
# timeout-minutes: 20
# run: |
# make test-ts-docker-${{ matrix.chain }}
# - name: Archive logs if test fails
# uses: actions/upload-artifact@v3
# if: ${{ failure() }}
# with:
# name: ${{ matrix.chain }}-ts-tests-artifacts
# path: /tmp/parachain_dev/
# retention-days: 3
# - name: Clean up for ${{ matrix.chain }}
# if: ${{ always() }}
# run: |
# make clean-docker-${{ matrix.chain }}
# ## check extrinsic ##
# extrinsic-ordering-check-from-bin:
# runs-on: ubuntu-latest
# needs: build-docker
# strategy:
# matrix:
# chain: [rococo, litmus, litentry]
# include:
# - chain: rococo
# ref_url: wss://rpc.rococo-parachain-sg.litentry.io
# - chain: litmus
# ref_url: wss://rpc.litmus-parachain.litentry.io
# - chain: litentry
# ref_url: wss://rpc.litentry-parachain.litentry.io
# steps:
# - name: Checkout sources
# uses: actions/checkout@v4
# with:
# ref: ${{ env.RELEASE_TAG }}
# - name: Prepare output and compare the metadata
# timeout-minutes: 3
# run: |
# export DOCKER_TAG=$(echo ${{ env.RELEASE_TAG }} | cut -d'-' -f1 | sed 's/p/v/')
# PARACHAIN_NAME=local-parachain
# BASE_URL=ws://127.0.0.1:9944
# chain=${{ matrix.chain }}
# REF_URL=${{ matrix.ref_url }}
# echo "Metadata comparison:" > output-$chain.txt
# echo "Date: $(date)" >> output-$chain.txt
# echo "Base: $BASE_URL" >> output-$chain.txt
# echo "Reference: $REF_URL" >> output-$chain.txt
# echo "Target Tag: ${{ env.RELEASE_TAG }}" >> output-$chain.txt
# echo "Chain: $chain" >> output-$chain.txt
# echo "----------------------------------------------------------------------" >> output-$chain.txt
# echo "Running parachain: $chain"
# docker run --pull always --rm --name=$PARACHAIN_NAME -d -p 9944:9944 litentry/litentry-parachain:$DOCKER_TAG --chain=$chain-dev --rpc-cors=all --ws-external --tmp -- --dev
# sleep 3
# CMD="docker run --pull always --network host jacogr/polkadot-js-tools metadata $REF_URL $BASE_URL"
# echo -e "Running:\n$CMD"
# docker run --pull always --rm --network host jacogr/polkadot-js-tools metadata $REF_URL $BASE_URL | tee -a output-$chain.txt
# SUMMARY=$(./scripts/extrinsic-ordering-filter.sh output-$chain.txt)
# echo -e $SUMMARY >> output-$chain.txt
# docker stop $PARACHAIN_NAME
# content=$(< output-$chain.txt)
# echo "content<<EOF" >> $GITHUB_ENV
# echo "$content" >> $GITHUB_ENV
# echo "EOF" >> $GITHUB_ENV
# - name: Find issues
# uses: actions-cool/issues-helper@v3
# id: findissueid
# with:
# actions: 'find-issues'
# token: ${{ secrets.GITHUB_TOKEN }}
# issue-state: 'open'
# title-includes: Litentry-parachain ${{ env.RELEASE_TAG }} Release checklist
# - name: Create comment
# if: ${{ steps.findissueid.outputs.issues }} != '[]'
# uses: actions-cool/issues-helper@v3
# with:
# actions: 'create-comment'
# token: ${{ secrets.GITHUB_TOKEN }}
# issue-number: ${{ fromJson(steps.findissueid.outputs.issues)[0].number }}
# body: |
# ${{ env.content }}
# ## create the release draft ##
# create-release-draft:
# runs-on: ubuntu-latest
# # see https://github.com/actions/runner/issues/491
# # seems to be the only way to achieve this
# needs:
# - set-release-type
# - build-tee
# - run-ts-tests
# - build-wasm
# if: |
# !failure() &&
# (success('build-wasm') || success('run-ts-tests') || success('build-tee'))
# steps:
# - name: Checkout codes on ${{ env.RELEASE_TAG }}
# uses: actions/checkout@v4
# with:
# ref: ${{ env.RELEASE_TAG }}
# fetch-depth: 0
# - name: Download all artefacts
# uses: actions/download-artifact@v3
# - name: Generate release notes
# run: |
# export MRENCLAVE="${{ needs.build-tee.outputs.mrenclave }}"
# export ENCLAVE_SHA1SUM="${{ needs.build-tee.outputs.enclave_sha1sum }}"
# export WORKER_SHA1SUM="${{ needs.build-tee.outputs.worker_sha1sum }}"
# ./scripts/generate-release-notes.sh ${{ github.workspace }}/.github/release_notes.md ${{ needs.set-release-type.outputs.release_type }} ${{ env.DIFF_TAG }}
# env:
# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# - name: Create release draft
# id: create-release-draft
# uses: softprops/action-gh-release@v1
# with:
# tag_name: ${{ env.RELEASE_TAG }}
# name: Litentry-parachain ${{ env.RELEASE_TAG }}
# body_path: ${{ github.workspace }}/.github/release_notes.md
# draft: true
# files: |
# *-parachain-runtime/*-parachain-srtool-digest.json
# *-parachain-runtime/*-parachain-runtime.compact.compressed.wasm
# litentry-collator/*
# litentry-tee/*