From 750f708de7fcaec6a620354caed106ab0c05d6db Mon Sep 17 00:00:00 2001 From: Marcin Date: Thu, 27 Mar 2025 12:59:51 +0100 Subject: [PATCH 1/6] A0-4614: Chain bootstrapper should be pushed to S3 in CI and attach to the release --- .../action.yml | 44 +++++++++++-------- .../on-main-or-release-branch-commit.yml | 12 ++--- .github/workflows/on-release.yml | 21 ++++++--- 3 files changed, 48 insertions(+), 29 deletions(-) rename .github/actions/{store-node-and-runtime => store-artifacts-in-s3}/action.yml (67%) diff --git a/.github/actions/store-node-and-runtime/action.yml b/.github/actions/store-artifacts-in-s3/action.yml similarity index 67% rename from .github/actions/store-node-and-runtime/action.yml rename to .github/actions/store-artifacts-in-s3/action.yml index ffb01c3259..cb761a7c8f 100644 --- a/.github/actions/store-node-and-runtime/action.yml +++ b/.github/actions/store-artifacts-in-s3/action.yml @@ -1,7 +1,6 @@ --- -name: Store node and runtime -description: This workflow stores test or release version of aleph-node and aleph-runtime in S3, in - a given bucket +name: Store build artifacts in S3 +description: This workflow stores production version of CI build artifacts in S3 inputs: aleph-node-artifact-name: required: true @@ -9,9 +8,9 @@ inputs: aleph-runtime-artifact-name: required: true description: 'Name of artifact aleph-runtime' - profile: + chain-bootstrapper-artifact-name: required: true - description: 'test or production' + description: 'Name of artifact chain-bootstrapper' aws-access-key-id: required: true description: 'AWS Access Key ID to be used when storing artifacts' @@ -25,14 +24,6 @@ inputs: runs: using: "composite" steps: - - name: Validate workflow inputs - shell: bash - run: | - if [[ '${{ inputs.profile }}' != 'test' && '${{ inputs.profile }}' != 'production' ]]; then - echo 'Error: inputs.profile should be either test or production!' - exit 1 - fi - - name: Checkout aleph-node source code uses: actions/checkout@v4 @@ -52,6 +43,12 @@ runs: name: ${{ inputs.aleph-runtime-artifact-name }} path: target + - name: Download chain-bootstrapper from GH artifacts + uses: actions/download-artifact@v4 + with: + name: ${{ inputs.chain-bootstrapper-artifact-name }} + path: target + - name: Configure AWS credentials for S3 AWS uses: aws-actions/configure-aws-credentials@v4 env: @@ -72,19 +69,30 @@ runs: source-filename: aleph-node s3-bucket-path: # yamllint disable-line rule:line-length - builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/aleph-${{ inputs.profile }}-node + builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/aleph-production-node s3-bucket-filename: - aleph-${{ inputs.profile }}-node-${{ steps.get-ref-properties.outputs.sha }}.tar.gz + aleph-production-node-${{ steps.get-ref-properties.outputs.sha }}.tar.gz s3-bucket-name: ${{ inputs.aws-bucket }} - name: Copy runtime to S3 AWS bucket - uses: Cardinal-Cryptography/github-actions/copy-file-to-s3@v1 + uses: Cardinal-Cryptography/github-actions/copy-file-to-s3@v7 with: source-path: target source-filename: aleph_runtime.compact.compressed.wasm s3-bucket-path: # yamllint disable-line rule:line-length - builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/aleph-${{ inputs.profile }}-runtime + builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/aleph-production-runtime + s3-bucket-filename: + aleph-production-runtime-${{ steps.get-ref-properties.outputs.sha }}.tar.gz + s3-bucket-name: ${{ inputs.aws-bucket }} + + - name: Copy chain-bootstrapper to S3 AWS bucket + uses: Cardinal-Cryptography/github-actions/copy-file-to-s3@v7 + with: + source-path: target + source-filename: chain-bootstrapper + s3-bucket-path: + builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/chain-bootstrapper-production s3-bucket-filename: - aleph-${{ inputs.profile }}-runtime-${{ steps.get-ref-properties.outputs.sha }}.tar.gz + chain-bootstrapper-production-${{ steps.get-ref-properties.outputs.sha }}.tar.gz s3-bucket-name: ${{ inputs.aws-bucket }} diff --git a/.github/workflows/on-main-or-release-branch-commit.yml b/.github/workflows/on-main-or-release-branch-commit.yml index 42b31bf447..ef8532329a 100644 --- a/.github/workflows/on-main-or-release-branch-commit.yml +++ b/.github/workflows/on-main-or-release-branch-commit.yml @@ -39,7 +39,7 @@ jobs: ecr-chain-bootstrapper-repo: ${{ vars.ECR_CHAIN_BOOTSTRAPPER_REPO }} test-binary: 'false' - build-chain-bootstrapper: + build-production-chain-bootstrapper: needs: [check-vars-and-secrets] name: Build chain-bootstrapper uses: ./.github/workflows/_build-chain-bootstrapper.yml @@ -49,7 +49,7 @@ jobs: push-chain-bootstrapper-image-to-ecr: needs: - - build-chain-bootstrapper + - build-production-chain-bootstrapper - get-full-docker-image-path name: Push chain-bootstrapper docker image to ECR uses: ./.github/workflows/_push-image-to-ecr.yml @@ -101,13 +101,13 @@ jobs: uses: actions/checkout@v4 - name: Store production node and runtime - uses: ./.github/actions/store-node-and-runtime + uses: ./.github/actions/store-artifacts-in-s3 with: - profile: production - # yamllint disable-line rule:line-length + # yamllint disable rule:line-length aleph-node-artifact-name: ${{ needs.build-production-aleph-node.outputs.artifact-name-binary }} - # yamllint disable-line rule:line-length aleph-runtime-artifact-name: ${{ needs.build-production-runtime.outputs.aleph-runtime-artifact-name }} + chain-bootstrapper-artifact-name: ${{ needs.build-production-chain-bootstrapper.outputs.artifact-name-binary }} + # yamllint enable rule:line-length aws-access-key-id: ${{ secrets.AWS_MAINNET_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_MAINNET_SECRET_ACCESS_KEY }} aws-bucket: ${{ secrets.CI_MAINNET_S3BUCKET_NAME }} diff --git a/.github/workflows/on-release.yml b/.github/workflows/on-release.yml index 20e4616e6d..fd9217cb63 100644 --- a/.github/workflows/on-release.yml +++ b/.github/workflows/on-release.yml @@ -1,5 +1,5 @@ --- -name: Upload runtime and binary to GitHub Release +name: Upload CI artifacts to GitHub Release on: release: @@ -17,9 +17,9 @@ jobs: uses: ./.github/workflows/_check-vars-and-secrets.yml secrets: inherit - add-runtime-and-binary-to-release: + add-ci-artifacts-to-release: needs: [check-vars-and-secrets] - name: Add runtime and binary to release + name: Add CI artifacts to the release runs-on: ubuntu-20.04 steps: - name: Checkout source code @@ -58,6 +58,16 @@ jobs: aws s3 cp '${{ env.S3BUCKET_URL }}/${{ env.S3BUCKET_FILE }}' \ 'aleph-node-${{ steps.get-ref-properties.outputs.sha }}-linux-amd64.tar.gz' + - name: Download chain-bootstrapper binary from S3 bucket + shell: bash + env: + # yamllint disable-line rule:line-length + S3BUCKET_URL: s3://${{ secrets.CI_MAINNET_S3BUCKET_NAME }}/builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/chain-bootstrapper-production + S3BUCKET_FILE: chain-bootstrapper-production-${{ steps.get-ref-properties.outputs.sha }}.tar.gz + run: | + aws s3 cp '${{ env.S3BUCKET_URL }}/${{ env.S3BUCKET_FILE }}' \ + 'chain-bootstrapper-${{ steps.get-ref-properties.outputs.sha }}-linux-amd64.tar.gz' + - name: Generate release artifacts checksum (SHA256) uses: jmgilman/actions-generate-checksum@v1 with: @@ -66,18 +76,19 @@ jobs: patterns: | *.tar.gz - - name: Add runtime and binary to the release + - name: Add CI artifacts to the release uses: softprops/action-gh-release@v2 with: files: | checksums-${{ steps.get-ref-properties.outputs.sha }}-linux-amd64.tar.gz.SHA256.txt aleph-runtime-${{ steps.get-ref-properties.outputs.sha }}.tar.gz aleph-node-${{ steps.get-ref-properties.outputs.sha }}-linux-amd64.tar.gz + chain-bootstrapper-${{ steps.get-ref-properties.outputs.sha }}-linux-amd64.tar.gz slack: name: Slack notification runs-on: ubuntu-20.04 - needs: [add-runtime-and-binary-to-release] + needs: [add-ci-artifacts-to-release] if: always() steps: - name: Send Slack message From 31b712685c0015116a7a65903acdd46403aa0e53 Mon Sep 17 00:00:00 2001 From: Marcin Date: Thu, 27 Mar 2025 13:03:38 +0100 Subject: [PATCH 2/6] Missed job dependency --- .github/workflows/on-main-or-release-branch-commit.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/on-main-or-release-branch-commit.yml b/.github/workflows/on-main-or-release-branch-commit.yml index ef8532329a..41db48ac74 100644 --- a/.github/workflows/on-main-or-release-branch-commit.yml +++ b/.github/workflows/on-main-or-release-branch-commit.yml @@ -90,12 +90,13 @@ jobs: needs: [build-production-runtime] uses: ./.github/workflows/_check-runtime-determimism.yml - store-production-node-and-runtime-in-mainnet-s3: - name: Store production node and runtime in Mainnet bucket + store-ci-artifacts-in-mainnet-s3: + name: Store CI artifacts in Mainnet bucket runs-on: ubuntu-20.04 needs: - build-production-aleph-node - build-production-runtime + - build-production-chain-bootstrapper steps: - name: Checkout aleph-node source code uses: actions/checkout@v4 From 12eb65647f9627896ce3a1eb005741811f3e3900 Mon Sep 17 00:00:00 2001 From: Marcin Date: Thu, 27 Mar 2025 13:04:03 +0100 Subject: [PATCH 3/6] Testing, do not merge --- .github/workflows/on-main-or-release-branch-commit.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/on-main-or-release-branch-commit.yml b/.github/workflows/on-main-or-release-branch-commit.yml index 41db48ac74..95a2fc39ba 100644 --- a/.github/workflows/on-main-or-release-branch-commit.yml +++ b/.github/workflows/on-main-or-release-branch-commit.yml @@ -6,6 +6,7 @@ on: branches: - main - 'release-*' + - 'A0-4614-attach-chain-bootstrapper' jobs: check-vars-and-secrets: From ed9f3f7906e0e715058d922c2205c3ee36a8b993 Mon Sep 17 00:00:00 2001 From: Marcin Date: Thu, 27 Mar 2025 13:25:14 +0100 Subject: [PATCH 4/6] Fixed issue --- .github/workflows/on-main-or-release-branch-commit.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/on-main-or-release-branch-commit.yml b/.github/workflows/on-main-or-release-branch-commit.yml index 95a2fc39ba..e017b3419d 100644 --- a/.github/workflows/on-main-or-release-branch-commit.yml +++ b/.github/workflows/on-main-or-release-branch-commit.yml @@ -56,11 +56,11 @@ jobs: uses: ./.github/workflows/_push-image-to-ecr.yml secrets: inherit with: - binary-artifact-name: ${{ needs.build-chain-bootstrapper.outputs.artifact-name-binary }} - # yamllint disable-line rule:line-length + # yamllint disable rule:line-length + binary-artifact-name: ${{ needs.build-production-chain-bootstrapper.outputs.artifact-name-binary }} docker-image-name: ${{ needs.get-full-docker-image-path.outputs.chain-bootstrapper-fqdn-image }} - # yamllint disable-line rule:line-length docker-image-name-latest: ${{ needs.get-full-docker-image-path.outputs.chain-bootstrapper-fqdn-image-latest }} + # yamllint enable rule:line-length binary-name: chain-bootstrapper docker-file-path: ./bin/chain-bootstrapper/Dockerfile From 1d42f1e74ee2613c78d5a598662dc2bade3e39cd Mon Sep 17 00:00:00 2001 From: Marcin Date: Thu, 27 Mar 2025 13:45:12 +0100 Subject: [PATCH 5/6] Revert testing --- .github/workflows/on-main-or-release-branch-commit.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/on-main-or-release-branch-commit.yml b/.github/workflows/on-main-or-release-branch-commit.yml index e017b3419d..5ce180cfe1 100644 --- a/.github/workflows/on-main-or-release-branch-commit.yml +++ b/.github/workflows/on-main-or-release-branch-commit.yml @@ -6,7 +6,6 @@ on: branches: - main - 'release-*' - - 'A0-4614-attach-chain-bootstrapper' jobs: check-vars-and-secrets: From 2810884afabca83fd91e9a7c83137c57361be99d Mon Sep 17 00:00:00 2001 From: Marcin Date: Thu, 27 Mar 2025 13:47:05 +0100 Subject: [PATCH 6/6] Fixed yaml linter --- .github/actions/store-artifacts-in-s3/action.yml | 1 + .github/workflows/on-release.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/actions/store-artifacts-in-s3/action.yml b/.github/actions/store-artifacts-in-s3/action.yml index cb761a7c8f..c9252557f4 100644 --- a/.github/actions/store-artifacts-in-s3/action.yml +++ b/.github/actions/store-artifacts-in-s3/action.yml @@ -92,6 +92,7 @@ runs: source-path: target source-filename: chain-bootstrapper s3-bucket-path: + # yamllint disable-line rule:line-length builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/chain-bootstrapper-production s3-bucket-filename: chain-bootstrapper-production-${{ steps.get-ref-properties.outputs.sha }}.tar.gz diff --git a/.github/workflows/on-release.yml b/.github/workflows/on-release.yml index fd9217cb63..7cbb18d50d 100644 --- a/.github/workflows/on-release.yml +++ b/.github/workflows/on-release.yml @@ -63,6 +63,7 @@ jobs: env: # yamllint disable-line rule:line-length S3BUCKET_URL: s3://${{ secrets.CI_MAINNET_S3BUCKET_NAME }}/builds/aleph-node/commits/${{ steps.get-ref-properties.outputs.sha }}/chain-bootstrapper-production + # yamllint disable-line rule:line-length S3BUCKET_FILE: chain-bootstrapper-production-${{ steps.get-ref-properties.outputs.sha }}.tar.gz run: | aws s3 cp '${{ env.S3BUCKET_URL }}/${{ env.S3BUCKET_FILE }}' \