diff --git a/.github/actions/dockerfiles/Dockerfile.alpine-binary b/.github/actions/dockerfiles/Dockerfile.alpine-binary deleted file mode 100644 index 691d39ee3dd..00000000000 --- a/.github/actions/dockerfiles/Dockerfile.alpine-binary +++ /dev/null @@ -1,39 +0,0 @@ -FROM --platform=${TARGETPLATFORM} alpine as builder -# Use a small image to download and extract the release archive - -ARG TAG -ARG BIN_ARCH -ARG TARGETPLATFORM -ARG BUILDPLATFORM -ARG TARGETARCH -ARG TARGETVARIANT -ARG REPO - -RUN case ${TARGETPLATFORM} in \ - linux/amd64*) BIN_ARCH=linux-musl-x64 ;; \ - linux/arm64*) BIN_ARCH=linux-musl-arm64 ;; \ - linux/arm/v7) BIN_ARCH=linux-musl-armv7 ;; \ - *) exit 1 ;; \ - esac \ - && echo "TARGETPLATFORM: $TARGETPLATFORM" \ - && echo "BIN_ARCH: $BIN_ARCH" \ - && echo "wget -q https://github.com/${REPO}/releases/download/${TAG}/${BIN_ARCH}.zip -O /${BIN_ARCH}.zip" \ - && wget -q https://github.com/${REPO}/releases/download/${TAG}/${BIN_ARCH}.zip -O /${BIN_ARCH}.zip \ - && unzip ${BIN_ARCH}.zip -d /out - -FROM --platform=${TARGETPLATFORM} alpine -COPY --from=builder /out/* /bin/ -ARG TAG - -RUN case "${TAG}" in \ - signer-*) \ - echo "/bin/stacks-signer run --config /signer-config.toml" > /tmp/command.sh \ - ;; \ - *) \ - echo "/bin/stacks-node mainnet" > /tmp/command.sh && \ - rm /bin/stacks-cli /bin/clarity-cli /bin/stacks-inspect \ - ;; \ - esac && \ - chmod +x /tmp/command.sh - -CMD ["sh", "-c", "/tmp/command.sh"] diff --git a/.github/actions/dockerfiles/Dockerfile.debian-binary b/.github/actions/dockerfiles/Dockerfile.debian-binary deleted file mode 100644 index 83687722d3a..00000000000 --- a/.github/actions/dockerfiles/Dockerfile.debian-binary +++ /dev/null @@ -1,39 +0,0 @@ -FROM --platform=${TARGETPLATFORM} alpine as builder -# Use a small image to download and extract the release archive - -ARG TAG -ARG BIN_ARCH -ARG TARGETPLATFORM -ARG BUILDPLATFORM -ARG TARGETARCH -ARG TARGETVARIANT -ARG REPO - -RUN case ${TARGETPLATFORM} in \ - linux/amd64*) BIN_ARCH=linux-glibc-x64 ;; \ - linux/arm64*) BIN_ARCH=linux-glibc-arm64 ;; \ - linux/arm/v7) BIN_ARCH=linux-glibc-armv7 ;; \ - *) exit 1 ;; \ - esac \ - && echo "TARGETPLATFORM: $TARGETPLATFORM" \ - && echo "BIN_ARCH: $BIN_ARCH" \ - && echo "wget -q https://github.com/${REPO}/releases/download/${TAG}/${BIN_ARCH}.zip -O /${BIN_ARCH}.zip" \ - && wget -q https://github.com/${REPO}/releases/download/${TAG}/${BIN_ARCH}.zip -O /${BIN_ARCH}.zip \ - && unzip ${BIN_ARCH}.zip -d /out - -FROM --platform=${TARGETPLATFORM} debian:bookworm -COPY --from=builder /out/* /bin/ -ARG TAG - -RUN case "${TAG}" in \ - signer-*) \ - echo "/bin/stacks-signer run --config /signer-config.toml" > /tmp/command.sh \ - ;; \ - *) \ - echo "/bin/stacks-node mainnet" > /tmp/command.sh && \ - rm /bin/stacks-cli /bin/clarity-cli /bin/stacks-inspect \ - ;; \ - esac && \ - chmod +x /tmp/command.sh - -CMD ["sh", "-c", "/tmp/command.sh"] diff --git a/.github/actions/dockerfiles/alpine/Dockerfile.release b/.github/actions/dockerfiles/alpine/Dockerfile.release new file mode 100644 index 00000000000..935881b547e --- /dev/null +++ b/.github/actions/dockerfiles/alpine/Dockerfile.release @@ -0,0 +1,18 @@ +FROM alpine AS builder + +ARG TARGETPLATFORM +ENV ARCHIVE_ROOT="/release" + +# upload the release artifacts downloaded to /tmp/release to /release in the build stage +COPY ./release/ $ARCHIVE_ROOT + +RUN case ${TARGETPLATFORM} in \ + linux/amd64*) ARCHIVE=${ARCHIVE_ROOT}/linux-musl-x64.zip ;; \ + linux/arm64*) ARCHIVE=${ARCHIVE_ROOT}/linux-musl-arm64.zip ;; \ + *) exit 1 ;; \ + esac \ + && unzip "$ARCHIVE" "stacks-node" -d /out + +FROM alpine +COPY --from=builder /out/* /bin/ +CMD ["/bin/stacks-node mainnet"] diff --git a/.github/actions/dockerfiles/alpine/Dockerfile.release.signer b/.github/actions/dockerfiles/alpine/Dockerfile.release.signer new file mode 100644 index 00000000000..1eb57543a35 --- /dev/null +++ b/.github/actions/dockerfiles/alpine/Dockerfile.release.signer @@ -0,0 +1,20 @@ +FROM alpine AS builder + +LABEL org.opencontainers.image.description="Stacks Signer CLI" + +ARG TARGETPLATFORM +ENV ARCHIVE_ROOT="/release" + +# upload the release artifacts downloaded to /tmp/release to /release in the build stage +COPY ./release/ $ARCHIVE_ROOT + +RUN case ${TARGETPLATFORM} in \ + linux/amd64*) ARCHIVE=${ARCHIVE_ROOT}/linux-musl-x64.zip ;; \ + linux/arm64*) ARCHIVE=${ARCHIVE_ROOT}/linux-musl-arm64.zip ;; \ + *) exit 1 ;; \ + esac \ + && unzip "$ARCHIVE" "stacks-signer" -d /out + +FROM alpine +COPY --from=builder /out/* /bin/ +CMD ["/bin/stacks-signer run --config /signer-config.toml"] diff --git a/.github/actions/dockerfiles/debian/Dockerfile b/.github/actions/dockerfiles/debian/Dockerfile new file mode 100644 index 00000000000..5340ad64fef --- /dev/null +++ b/.github/actions/dockerfiles/debian/Dockerfile @@ -0,0 +1,19 @@ +# Dockerfile used to build an image including all binaries +FROM alpine AS builder + +ARG TARGETPLATFORM +ENV ARCHIVE_ROOT="/release" + +# upload the release artifacts downloaded to /tmp/release to /release in the build stage +COPY ./release/ $ARCHIVE_ROOT + +RUN case ${TARGETPLATFORM} in \ + linux/amd64*) ARCHIVE=${ARCHIVE_ROOT}/linux-glibc-x64.zip ;; \ + linux/arm64*) ARCHIVE=${ARCHIVE_ROOT}/linux-glibc-arm64.zip ;; \ + *) exit 1 ;; \ + esac \ + && unzip "$ARCHIVE" -d /out + +FROM debian:stable-slim +COPY --from=builder /out/* /bin/ +CMD ["/bin/stacks-node mainnet"] diff --git a/.github/actions/dockerfiles/debian/Dockerfile.release b/.github/actions/dockerfiles/debian/Dockerfile.release new file mode 100644 index 00000000000..1ec84e10552 --- /dev/null +++ b/.github/actions/dockerfiles/debian/Dockerfile.release @@ -0,0 +1,18 @@ +FROM alpine AS builder + +ARG TARGETPLATFORM +ENV ARCHIVE_ROOT="/release" + +# upload the release artifacts downloaded to /tmp/release to /release in the build stage +COPY ./release/ $ARCHIVE_ROOT + +RUN case ${TARGETPLATFORM} in \ + linux/amd64*) ARCHIVE=${ARCHIVE_ROOT}/linux-glibc-x64.zip ;; \ + linux/arm64*) ARCHIVE=${ARCHIVE_ROOT}/linux-glibc-arm64.zip ;; \ + *) exit 1 ;; \ + esac \ + && unzip "$ARCHIVE" "stacks-node" -d /out + +FROM debian:stable-slim +COPY --from=builder /out/* /bin/ +CMD ["/bin/stacks-node mainnet"] diff --git a/.github/actions/dockerfiles/debian/Dockerfile.release.signer b/.github/actions/dockerfiles/debian/Dockerfile.release.signer new file mode 100644 index 00000000000..9a305673ab6 --- /dev/null +++ b/.github/actions/dockerfiles/debian/Dockerfile.release.signer @@ -0,0 +1,19 @@ +FROM alpine AS builder +LABEL org.opencontainers.image.description="Stacks Signer CLI" + +ARG TARGETPLATFORM +ENV ARCHIVE_ROOT="/release" + +# upload the release artifacts downloaded to /tmp/release to /release in the build stage +COPY ./release/ $ARCHIVE_ROOT + +RUN case ${TARGETPLATFORM} in \ + linux/amd64*) ARCHIVE=${ARCHIVE_ROOT}/linux-glibc-x64.zip ;; \ + linux/arm64*) ARCHIVE=${ARCHIVE_ROOT}/linux-glibc-arm64.zip ;; \ + *) exit 1 ;; \ + esac \ + && unzip "$ARCHIVE" "stacks-signer" -d /out + +FROM debian:stable-slim +COPY --from=builder /out/* /bin/ +CMD ["/bin/stacks-signer run --config /signer-config.toml"] diff --git a/.github/workflows/atlas-tests.yml b/.github/workflows/atlas-tests.yml deleted file mode 100644 index 1ea78e54112..00000000000 --- a/.github/workflows/atlas-tests.yml +++ /dev/null @@ -1,70 +0,0 @@ -## Github workflow to run atlas tests - -name: Tests::Atlas - -on: - workflow_call: - -## env vars are transferred to composite action steps -env: - BITCOIND_TEST: 1 - RUST_BACKTRACE: full - SEGMENT_DOWNLOAD_TIMEOUT_MINS: 15 - TEST_TIMEOUT: 30 - -concurrency: - group: atlas-tests-${{ github.head_ref || github.ref || github.run_id}} - ## Only cancel in progress if this is for a PR - cancel-in-progress: ${{ github.event_name == 'pull_request' }} - -jobs: - # Atlas integration tests with code coverage - atlas-tests: - name: Atlas Test - runs-on: ubuntu-latest - strategy: - ## Continue with the test matrix even if we've had a failure - fail-fast: false - ## Run a maximum of 2 concurrent tests from the test matrix - max-parallel: 2 - matrix: - test-name: - - tests::neon_integrations::atlas_integration_test - - tests::neon_integrations::atlas_stress_integration_test - steps: - ## Setup test environment - - name: Setup Test Environment - id: setup_tests - uses: stacks-network/actions/stacks-core/testenv@main - with: - btc-version: "25.0" - - ## Run test matrix using restored cache of archive file - ## - Test will timeout after env.TEST_TIMEOUT minutes - - name: Run Tests - id: run_tests - timeout-minutes: ${{ fromJSON(env.TEST_TIMEOUT) }} - uses: stacks-network/actions/stacks-core/run-tests@main - with: - test-name: ${{ matrix.test-name }} - - ## Create and upload code coverage file - - name: Code Coverage - id: codecov - uses: stacks-network/actions/codecov@main - with: - test-name: ${{ matrix.test-name }} - - check-tests: - name: Check Tests - runs-on: ubuntu-latest - if: always() - needs: - - atlas-tests - steps: - - name: Check Tests Status - id: check_tests_status - uses: stacks-network/actions/check-jobs-status@main - with: - jobs: ${{ toJson(needs) }} - summary_print: "true" diff --git a/.github/workflows/bitcoin-tests.yml b/.github/workflows/bitcoin-tests.yml index 9571af8ed3c..93072351a83 100644 --- a/.github/workflows/bitcoin-tests.yml +++ b/.github/workflows/bitcoin-tests.yml @@ -105,6 +105,7 @@ jobs: tests::nakamoto_integrations::large_mempool_next_constant_fee tests::nakamoto_integrations::large_mempool_next_random_fee tests::nakamoto_integrations::larger_mempool + tests::nakamoto_integrations::check_block_info_rewards tests::signer::v0::larger_mempool EOF diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1d892d8d515..fc3f00cb6a7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,252 +2,235 @@ name: CI on: - merge_group: - types: - - checks_requested - push: - branches: - - master - - develop - - next - paths-ignore: - - "**.md" - - "**.yml" - workflow_dispatch: - pull_request: - types: - - opened - - reopened - - synchronize + merge_group: + types: + - checks_requested + push: + branches: + - master + - develop + paths-ignore: + - "**.md" + - "**.yml" + workflow_dispatch: + pull_request: + types: + - opened + - reopened + - synchronize defaults: - run: - shell: bash + run: + shell: bash concurrency: - group: ci-${{ github.head_ref || github.ref || github.run_id }} - ## Always cancel duplicate jobs - cancel-in-progress: true + group: ci-${{ github.head_ref || github.ref || github.run_id }} + ## Always cancel duplicate jobs + cancel-in-progress: true run-name: ${{ github.ref_name }} jobs: - ## - ## Jobs to execute everytime workflow runs - ## do not run if the trigger is any of the following: - ## - PR review submitted (not approved) - ## and any of: - ## - PR review comment - ## - PR change is requested - rustfmt: - name: Rust Format - runs-on: ubuntu-latest - steps: - - name: Rustfmt - id: rustfmt - uses: stacks-network/actions/rustfmt@main + ## + ## Jobs to execute everytime workflow runs + ## do not run if the trigger is any of the following: + ## - PR review submitted (not approved) + ## and any of: + ## - PR review comment + ## - PR change is requested + rustfmt: + name: Rust Format + runs-on: ubuntu-latest + steps: + - name: Rustfmt + id: rustfmt + uses: stacks-network/actions/rustfmt@main + with: + alias: "fmt-stacks" + + ###################################################################################### + ## Check if the branch that this workflow is being run against is a release branch + ## + ## Outputs: + ## - node_tag: Tag of the stacks-node if the branch is a release one (example: release/3.4.0.0.1), null otherwise + ## - node_docker_tag: Version of the stacks-node if the branch is a release one (example: 3.4.0.0.1), null otherwise + ## - signer_tag: Tag of the stacks-signer if the branch is a release one (example: release/3.4.0.0.1.0), null otherwise + ## - signer_docker_tag: Version of the stacks-signer if the branch is a release one (example: 3.4.0.0.1.0), null otherwise + ## - is_node_release: True if the branch represents a 'stacks-node' release, false otherwise. + ## If this is true, 'is_signer_release' will also be true, since a 'stacks-signer' binary + ## is always released alongside 'stacks-node'. + ## - is_signer_release: True if the branch represents a 'stacks-signer' release, false otherwise. + check-release: + name: Check Release + needs: + - rustfmt + runs-on: ubuntu-latest + outputs: + node_tag: ${{ steps.check_release.outputs.node_tag }} + node_docker_tag: ${{ steps.check_release.outputs.node_docker_tag }} + signer_tag: ${{ steps.check_release.outputs.signer_tag }} + signer_docker_tag: ${{ steps.check_release.outputs.signer_docker_tag }} + is_node_release: ${{ steps.check_release.outputs.is_node_release }} + is_signer_release: ${{ steps.check_release.outputs.is_signer_release }} + steps: + - name: Check Release + id: check_release + uses: stacks-network/actions/stacks-core/release/check-release@main + with: + tag: ${{ github.ref_name }} + + ###################################################################################### + ## Create a tagged github release + ## + ## Runs when: + ## - it is either a node release or a signer release + + ## create-workflow will call the reusable workflows to: + # - build the binary artifacts + # - create the release docker images + # - create the github release. + create-workflow: + if: | + needs.check-release.outputs.is_node_release == 'true' || + needs.check-release.outputs.is_signer_release == 'true' + name: Create Release + needs: + - rustfmt + - check-release + secrets: inherit + uses: ./.github/workflows/release-github.yml with: - alias: "fmt-stacks" - - ###################################################################################### - ## Check if the branch that this workflow is being run against is a release branch - ## - ## Outputs: - ## - node_tag: Tag of the stacks-node if the branch is a release one (example: release/3.4.0.0.1), null otherwise - ## - node_docker_tag: Version of the stacks-node if the branch is a release one (example: 3.4.0.0.1), null otherwise - ## - signer_tag: Tag of the stacks-signer if the branch is a release one (example: release/3.4.0.0.1.0), null otherwise - ## - signer_docker_tag: Version of the stacks-signer if the branch is a release one (example: 3.4.0.0.1.0), null otherwise - ## - is_node_release: True if the branch represents a 'stacks-node' release, false otherwise. - ## If this is true, 'is_signer_release' will also be true, since a 'stacks-signer' binary - ## is always released alongside 'stacks-node'. - ## - is_signer_release: True if the branch represents a 'stacks-signer' release, false otherwise. - check-release: - name: Check Release - needs: - - rustfmt - runs-on: ubuntu-latest - outputs: - node_tag: ${{ steps.check_release.outputs.node_tag }} - node_docker_tag: ${{ steps.check_release.outputs.node_docker_tag }} - signer_tag: ${{ steps.check_release.outputs.signer_tag }} - signer_docker_tag: ${{ steps.check_release.outputs.signer_docker_tag }} - is_node_release: ${{ steps.check_release.outputs.is_node_release }} - is_signer_release: ${{ steps.check_release.outputs.is_signer_release }} - steps: - - name: Check Release - id: check_release - uses: stacks-network/actions/stacks-core/release/check-release@main - with: - tag: ${{ github.ref_name }} - - ###################################################################################### - ## Create a tagged github release - ## - ## Runs when: - ## - it is either a node release or a signer release - create-release: - if: | - needs.check-release.outputs.is_node_release == 'true' || - needs.check-release.outputs.is_signer_release == 'true' - name: Create Release(s) - needs: - - rustfmt - - check-release - secrets: inherit - uses: ./.github/workflows/github-release.yml - with: - node_tag: ${{ needs.check-release.outputs.node_tag }} - node_docker_tag: ${{ needs.check-release.outputs.node_docker_tag }} - signer_tag: ${{ needs.check-release.outputs.signer_tag }} - signer_docker_tag: ${{ needs.check-release.outputs.signer_docker_tag }} - is_node_release: ${{ needs.check-release.outputs.is_node_release }} - is_signer_release: ${{ needs.check-release.outputs.is_signer_release }} - - ## Create a reusable cache for tests - ## - ## Runs when: - ## - it is a node release run - ## or any of: - ## - this workflow is called manually - ## - PR is opened - ## - PR added to merge queue - create-cache: - if: | - needs.check-release.outputs.is_node_release == 'true' || - github.event_name == 'workflow_dispatch' || - github.event_name == 'pull_request' || - github.event_name == 'merge_group' - name: Create Test Cache - needs: - - rustfmt - - check-release - uses: ./.github/workflows/create-cache.yml - - ## Tests to run regularly - ## - ## Runs when: - ## - it is a node or signer-only release run - ## or any of: - ## - this workflow is called manually - ## - PR is opened - ## - PR added to merge queue - stacks-core-tests: - if: | - needs.check-release.outputs.is_node_release == 'true' || - needs.check-release.outputs.is_signer_release == 'true' || - github.event_name == 'workflow_dispatch' || - github.event_name == 'pull_request' || - github.event_name == 'merge_group' - name: Stacks Core Tests - needs: - - rustfmt - - create-cache - - check-release - uses: ./.github/workflows/stacks-core-tests.yml - - ## Validate constants dumped by stacks-inspect - ## - ## Runs when: - ## - it is a node or signer-only release run - ## or any of: - ## - this workflow is called manually - ## - PR is opened - ## - PR added to merge queue - constants-check: - if: | - needs.check-release.outputs.is_node_release == 'true' || - needs.check-release.outputs.is_signer_release == 'true' || - github.event_name == 'workflow_dispatch' || - github.event_name == 'pull_request' || - github.event_name == 'merge_group' - name: Constants Check - needs: - - rustfmt - - check-release - uses: ./.github/workflows/constants-check.yml - - ## Checks to run on built binaries - ## - ## Runs when: - ## - it is a node or signer-only release run - ## or any of: - ## - this workflow is called manually - ## - PR is opened - ## - PR added to merge queue - cargo-hack-check: - if: | - needs.check-release.outputs.is_node_release == 'true' || - needs.check-release.outputs.is_signer_release == 'true' || - github.event_name == 'workflow_dispatch' || - github.event_name == 'pull_request' || - github.event_name == 'merge_group' - name: Cargo Hack Check - needs: - - rustfmt - - check-release - uses: ./.github/workflows/cargo-hack-check.yml - - ## Checks to run on built binaries - ## - ## Runs when: - ## - it is a node release run - ## or any of: - ## - this workflow is called manually - ## - PR is opened - ## - PR added to merge queue - bitcoin-tests: - if: | - needs.check-release.outputs.is_node_release == 'true' || - github.event_name == 'workflow_dispatch' || - github.event_name == 'pull_request' || - github.event_name == 'merge_group' - name: Bitcoin Tests - needs: - - rustfmt - - create-cache - - check-release - uses: ./.github/workflows/bitcoin-tests.yml - - p2p-tests: - if: | - needs.check-release.outputs.is_node_release == 'true' || - github.event_name == 'workflow_dispatch' || - github.event_name == 'pull_request' || - github.event_name == 'merge_group' - name: P2P Tests - needs: - - rustfmt - - create-cache - - check-release - uses: ./.github/workflows/p2p-tests.yml - - ## Test to run on a tagged release - ## - ## Runs when: - ## - it is a node release run - atlas-tests: - if: needs.check-release.outputs.is_node_release == 'true' - name: Atlas Tests - needs: - - rustfmt - - create-cache - - check-release - uses: ./.github/workflows/atlas-tests.yml - - epoch-tests: - if: needs.check-release.outputs.is_node_release == 'true' - name: Epoch Tests - needs: - - rustfmt - - create-cache - - check-release - uses: ./.github/workflows/epoch-tests.yml - - slow-tests: - if: needs.check-release.outputs.is_node_release == 'true' - name: Slow Tests - needs: - - rustfmt - - create-cache - - check-release - uses: ./.github/workflows/slow-tests.yml + node_tag: ${{ needs.check-release.outputs.node_docker_tag }} # 5 place version format like x.x.x.x.x + signer_tag: ${{ needs.check-release.outputs.signer_docker_tag }} # 6 place version format like x.x.x.x.x.x + is_node_release: ${{ needs.check-release.outputs.is_node_release }} # used in matrix conitional in release-github.yml + + ## Create a reusable cache for tests + ## + ## Runs when: + ## - it is a node release run + ## or any of: + ## - this workflow is called manually + ## - PR is opened + ## - PR added to merge queue + create-cache: + if: | + needs.check-release.outputs.is_node_release == 'true' || + github.event_name == 'workflow_dispatch' || + github.event_name == 'pull_request' || + github.event_name == 'merge_group' + name: Create Test Cache + needs: + - rustfmt + - check-release + uses: ./.github/workflows/create-cache.yml + + ## Tests to run regularly + ## + ## Runs when: + ## - it is a node or signer-only release run + ## or any of: + ## - this workflow is called manually + ## - PR is opened + ## - PR added to merge queue + stacks-core-tests: + if: | + needs.check-release.outputs.is_node_release == 'true' || + needs.check-release.outputs.is_signer_release == 'true' || + github.event_name == 'workflow_dispatch' || + github.event_name == 'pull_request' || + github.event_name == 'merge_group' + name: Stacks Core Tests + needs: + - rustfmt + - create-cache + - check-release + uses: ./.github/workflows/stacks-core-tests.yml + + ## Validate constants dumped by stacks-inspect + ## + ## Runs when: + ## - it is a node or signer-only release run + ## or any of: + ## - this workflow is called manually + ## - PR is opened + ## - PR added to merge queue + constants-check: + if: | + needs.check-release.outputs.is_node_release == 'true' || + needs.check-release.outputs.is_signer_release == 'true' || + github.event_name == 'workflow_dispatch' || + github.event_name == 'pull_request' || + github.event_name == 'merge_group' + name: Constants Check + needs: + - rustfmt + - check-release + uses: ./.github/workflows/constants-check.yml + + ## Checks to run on built binaries + ## + ## Runs when: + ## - it is a node or signer-only release run + ## or any of: + ## - this workflow is called manually + ## - PR is opened + ## - PR added to merge queue + cargo-hack-check: + if: | + needs.check-release.outputs.is_node_release == 'true' || + needs.check-release.outputs.is_signer_release == 'true' || + github.event_name == 'workflow_dispatch' || + github.event_name == 'pull_request' || + github.event_name == 'merge_group' + name: Cargo Hack Check + needs: + - rustfmt + - check-release + uses: ./.github/workflows/cargo-hack-check.yml + + ## Checks to run on built binaries + ## + ## Runs when: + ## - it is a node release run + ## or any of: + ## - this workflow is called manually + ## - PR is opened + ## - PR added to merge queue + bitcoin-tests: + if: | + needs.check-release.outputs.is_node_release == 'true' || + github.event_name == 'workflow_dispatch' || + github.event_name == 'pull_request' || + github.event_name == 'merge_group' + name: Bitcoin Tests + needs: + - rustfmt + - create-cache + - check-release + uses: ./.github/workflows/bitcoin-tests.yml + + p2p-tests: + if: | + needs.check-release.outputs.is_node_release == 'true' || + github.event_name == 'workflow_dispatch' || + github.event_name == 'pull_request' || + github.event_name == 'merge_group' + name: P2P Tests + needs: + - rustfmt + - create-cache + - check-release + uses: ./.github/workflows/p2p-tests.yml + + ## Test to run on a tagged release + ## + ## Runs when: + ## - it is a node release run + epoch-tests: + if: needs.check-release.outputs.is_node_release == 'true' + name: Epoch Tests + needs: + - rustfmt + - create-cache + - check-release + uses: ./.github/workflows/epoch-tests.yml diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml new file mode 100644 index 00000000000..39bcfcb5a0e --- /dev/null +++ b/.github/workflows/docker-image.yml @@ -0,0 +1,256 @@ +## Github workflow to build a docker image from source +# - first builds the binaries from source for x86_64 and arm64 +# - then builds the docker image from the binary artifacts + +name: Docker Image + +on: + workflow_dispatch: + +env: + # build for both x64 and arm64 arch + DOCKER_PLATFORMS: "linux/amd64,linux/arm64" + # publish images to ghcr + DOCKER_REGISTRY: "ghcr.io" + # set a default command to build. we'll define specific build config options later per arch. + CMD: "cargo build --features monitoring_prom,slog_json --profile release --workspace" + # do not generate provenance from the docker build step, instead attest the image specifically + PROVENANCE: false + # set the build target statically, since we only need to build for linux-glibc + ARCH: linux-glibc + +concurrency: + group: docker-image-${{ github.head_ref || github.ref || github.run_id }} + ## Always cancel duplicate jobs + cancel-in-progress: true +jobs: + ## Build arch dependent binaries from source + build-binaries: + name: Build Binaries + runs-on: ubuntu-latest + permissions: + id-token: write + attestations: write + strategy: + max-parallel: 2 + matrix: + arch: + - linux-glibc + cpu: + - x86-64 + - arm64 + steps: + ## Checkout the code + - name: Checkout the latest code + id: git_checkout + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + with: + ref: ${{ github.ref }} + + ## Set target env var based on the type of arch build + ## - simplified from ./release-build.yml configure_target_platform step (only 2 target triples to build in this workflow) + - name: Configure Target Platform + id: configure_target_platform + shell: bash + run: | + case ${{ matrix.cpu }} in + x86-64*) + ARCHIVE_NAME="$(echo "${{ matrix.cpu }}" | sed -e 's|86-||g')" # if matrix.cpu ever changes to a different x86 version, this will set the archive naming appropriately. + # set the CPU to build for. if the matrix defines x86-64, default to -v3, else use what's defined in the matrix + case ${{ matrix.cpu }} in + x86-64) + TARGET_CPU="${{ matrix.cpu }}-v3" # default to x86-64-v3 if generic x86-64 is used for the build + ;; + *) + TARGET_CPU="${{ matrix.cpu }}" # if matrix.cpu is specifically v3/v4, we should target that + ;; + esac + # install dependencies for the x86-64 architecture, and set the rust target for the build step + sudo apt-get update && sudo apt-get install -y git libclang-dev llvm || exit 1 + TARGET="x86_64-unknown-linux-gnu" + ;; + arm64) + # install dependencies for the arm64 architecture, and set the rust target for the build step + ARCHIVE_NAME=${{ matrix.cpu }} + sudo apt-get update && sudo apt-get install -y git gcc-aarch64-linux-gnu libclang-dev llvm || exit 1 + TARGET="aarch64-unknown-linux-gnu" + ;; + *) + echo "Unsupported architecture: ${{ matrix.cpu }}" + exit 1 + ;; + esac + if [[ -z "$TARGET" ]]; then + echo "[ERROR] TARGET Variable is empty for ${{ env.ARCH }}-${{ matrix.cpu }}"; + exit 1 + fi + echo "TARGET=${TARGET}" >> "$GITHUB_ENV" + echo "TARGET_CPU=${TARGET_CPU}" >> "$GITHUB_ENV" + echo "ZIPFILE_NAME=${{ env.ARCH }}-${ARCHIVE_NAME}" >> "$GITHUB_ENV" + + ## Install rust toolchain for the target being built + - name: Setup Rust Toolchain + id: setup_rust_toolchain + uses: actions-rust-lang/setup-rust-toolchain@1780873c7b576612439a134613cc4cc74ce5538c # v1.15.2 + with: + toolchain: stable + cache: false + target: ${{ env.TARGET }} + + ## Build the binaries + - name: Build Binaries + id: build_binaries + shell: bash + run: | + # + # for each target, we will also echo the command being run so it's easier to see in the logs what command was run + # + case "${{ env.TARGET }}" in + # linux glibc aarch64 + aarch64-unknown-linux-gnu) + LINKER=aarch64-linux-gnu-gcc + echo "$CMD --target $TARGET --config \"target.${TARGET}.linker=\\\"${LINKER}\\\"\" " + ${{ env.CMD }} --target $TARGET --config "target.${{ env.TARGET }}.linker=\"${LINKER}\"" || exit 1 + ;; + # linux glibc x64 + x86_64-unknown-linux-gnu) + # use the default linker + echo "$CMD --target $TARGET --config build.rustflags=\"\\\"-C target-cpu=${TARGET_CPU}\\\"\" " + ${{ env.CMD }} --target $TARGET --config build.rustflags="\"-C target-cpu=${TARGET_CPU}\"" || exit 1 + ;; + *) + echo "No matrix match for build target ($TARGET). using defaults" + ${{ env.CMD }} || exit 1 + ;; + esac + exit 0 + + ## Compress the binary artifacts + - name: Compress binaries + id: compress_artifacts + shell: bash + run: | + # compress all binaries in the target directory for any architecture + file -0 ./target/${{ env.TARGET }}/release/* | sed -nE 's/\x0:\s*(ELF|PE32+|Mach).*//p' | zip --junk-paths ${{ env.ZIPFILE_NAME }}.zip -@ + + ## Upload the binary archive using the commit sha as the key + - name: Upload Artifact + id: upload_artifact + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + with: + name: ${{ github.sha }}-${{ env.ZIPFILE_NAME }} + path: ${{ env.ZIPFILE_NAME }}.zip + + ## Attest the binary archive + - name: Attest Artifact + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 + with: + subject-path: ${{ env.ZIPFILE_NAME }}.zip + + image: + name: Build Image + runs-on: ubuntu-latest + needs: + - build-binaries + permissions: + id-token: write + attestations: write + packages: write + steps: + ## set local env vars + - name: Set Local Vars + id: set_vars + shell: bash + run: | + var_default_image="${{ env.DOCKER_REGISTRY }}/${{ github.repository }}" + echo "DOCKER_IMAGES=${var_default_image}" >> $GITHUB_ENV + + ## Setup Docker for the builds + - name: Docker setup + id: docker_setup + uses: stacks-network/actions/docker@main + with: + registry: ${{ env.DOCKER_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + ## Checkout the code + - name: Checkout the latest code + id: git_checkout + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + with: + ref: ${{ github.ref }} + sparse-checkout: | + .github + + - name: Download Artifacts + id: download_artifacts + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + with: + pattern: ${{ github.sha }}-* # linux-glibc variants are the only artifacts produced, download for both architectures (Dockerfile will choose specific architecture arhive) + path: /tmp/release + merge-multiple: true + + ## Set docker metatdata + - name: Docker Metadata + id: docker_metadata + uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 #v5.9.0 + env: + DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index + with: + images: ${{ env.DOCKER_IMAGES }} + labels: | + org.opencontainers.image.created={{commit_date 'YYYY-MM-DDTHH:mm:ss.SSS[Z]'}} + tags: | + type=raw,value=${{ env.BRANCH_NAME }} + type=ref,event=pr + + - name: Build and Push + id: docker_build + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + with: + sbom: false + provenance: ${{ env.PROVENANCE }} + context: /tmp + file: ./.github/actions/dockerfiles/debian/Dockerfile + platforms: ${{ env.DOCKER_PLATFORMS }} + tags: ${{ steps.docker_metadata.outputs.tags }} + labels: ${{ steps.docker_metadata.outputs.labels }} + annotations: ${{ steps.docker_metadata.outputs.annotations }} # Note: annotations are used for multi-architecture ghcr images + push: ${{ env.DOCKER_PUSH }} + + ## Generate docker image attestation(s) + - name: Attest Image + if: | + env.PROVENANCE != true + id: attest_artifact + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 + with: + subject-name: | + ${{ env.DOCKER_IMAGES }} + subject-digest: ${{ steps.docker_build.outputs.digest }} + push-to-registry: ${{ env.DOCKER_PUSH }} + + ## Sign the images with GitHub OIDC Token + ## - https://github.blog/security/supply-chain-security/safeguard-container-signing-capability-actions/ + ## - annotations show as null per https://github.com/sigstore/cosign/pull/4508 until a future release (or tagging this specific commit) + - name: Install Cosign + id: cosign_install + uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 + + - name: Sign the images OIDC Token + id: cosign_image + shell: bash + env: + DIGEST: ${{ steps.docker_build.outputs.digest }} + TAGS: ${{ steps.docker_metadata.outputs.tags }} + run: | + images="" + for tag in ${TAGS}; do + images+="${tag}@${DIGEST} " + done + cosign sign \ + -a "repo=${{ github.repository }}" \ + -a "ref=${{ github.sha }}" \ + --yes \ + ${images} diff --git a/.github/workflows/epoch-tests.yml b/.github/workflows/epoch-tests.yml index bccedf7056e..ba2e75c6547 100644 --- a/.github/workflows/epoch-tests.yml +++ b/.github/workflows/epoch-tests.yml @@ -33,9 +33,6 @@ jobs: - tests::epoch_205::test_dynamic_db_method_costs - tests::epoch_205::test_exact_block_costs - tests::epoch_205::transition_empty_blocks - - tests::epoch_21::test_pox_missing_five_anchor_blocks - - tests::epoch_21::test_pox_reorg_one_flap - - tests::epoch_21::test_pox_reorgs_three_flaps - tests::epoch_21::test_sortition_divergence_pre_21 - tests::epoch_21::test_v1_unlock_height_with_current_stackers - tests::epoch_21::test_v1_unlock_height_with_delay_and_current_stackers @@ -43,13 +40,11 @@ jobs: - tests::epoch_21::transition_adds_burn_block_height - tests::epoch_21::transition_adds_get_pox_addr_recipients - tests::epoch_21::transition_adds_mining_from_segwit - - tests::epoch_21::transition_adds_pay_to_contract - tests::epoch_21::transition_empty_blocks - tests::epoch_21::transition_fixes_bitcoin_rigidity - tests::epoch_21::transition_removes_pox_sunset - tests::epoch_22::disable_pox - tests::epoch_22::pox_2_unlock_all - - tests::epoch_22::test_pox_reorg_one_flap - tests::epoch_23::trait_invocation_behavior - tests::epoch_24::fix_to_pox_contract - tests::epoch_24::verify_auto_unlock_behavior @@ -60,7 +55,7 @@ jobs: uses: stacks-network/actions/stacks-core/testenv@main with: btc-version: "25.0" - + ## Run test matrix using restored cache of archive file ## - Test will timeout after env.TEST_TIMEOUT minutes - name: Run Tests diff --git a/.github/workflows/github-release.yml b/.github/workflows/github-release.yml deleted file mode 100644 index ccff1185fd3..00000000000 --- a/.github/workflows/github-release.yml +++ /dev/null @@ -1,194 +0,0 @@ -## Github workflow to create a github release and upload binary artifacts - -name: Github Release - -on: - workflow_call: - inputs: - node_tag: - description: "Node Release Tag" - required: true - type: string - node_docker_tag: - description: "Node Docker Release Tag" - required: true - type: string - signer_tag: - description: "Signer Release Tag" - required: true - type: string - signer_docker_tag: - description: "Signer Docker Release Tag" - required: true - type: string - is_node_release: - description: "True if it is a node release" - required: true - type: string - is_signer_release: - description: "True if it is a signer release" - required: true - type: string - -concurrency: - group: github-release-${{ github.head_ref || github.ref }} - ## Always cancel duplicate jobs - cancel-in-progress: true - -run-name: ${{ inputs.node_tag || inputs.signer_tag }} - -jobs: - ## This job's sole purpose is trigger a secondary approval outside of the matrix jobs below. - ## - If this job isn't approved to run, then the subsequent jobs will also not run - for this reason, we always exit 0 - ## - `andon-cord` requires the repo environment "Build Release", which will trigger a secondary approval step before running this workflow. - andon-cord: - if: | - inputs.node_tag != '' || - inputs.signer_tag != '' - name: Andon Cord - runs-on: ubuntu-latest - environment: "Build Release" - steps: - - name: Check Approval - id: check - run: | - exit 0 - ## Build arch dependent binaries from source - ## - ## Runs when the following is true: - ## - either node or signer tag is provided - build-binaries: - if: | - inputs.node_tag != '' || - inputs.signer_tag != '' - name: Build Binaries - runs-on: ubuntu-latest-m - needs: - - andon-cord - permissions: - id-token: write - attestations: write - strategy: - ## Run a maximum of 10 builds concurrently, using the matrix defined in inputs.arch - max-parallel: 10 - matrix: - arch: - - linux-musl - - linux-glibc - - macos - - windows - cpu: - - arm64 - - x86-64 ## defaults to x86-64-v3 variant - intel haswell (2013) and newer - # - x86-64-v2 ## intel nehalem (2008) and newer - # - x86-64-v3 ## intel haswell (2013) and newer - # - x86-64-v4 ## intel skylake (2017) and newer - exclude: - - arch: windows # excludes windows-arm64 - cpu: arm64 - - arch: windows # excludes windows-armv7 - cpu: armv7 - - arch: macos # excludes macos-armv7 - cpu: armv7 - - arch: macos # excludes macos-x64 - cpu: x86-64 - steps: - - name: Build Binary (${{ matrix.arch }}_${{ matrix.cpu }}) - uses: stacks-network/actions/stacks-core/release/create-source-binary@main - with: - arch: ${{ matrix.arch }} - cpu: ${{ matrix.cpu }} - node_tag: ${{ inputs.node_tag }} - signer_tag: ${{ inputs.signer_tag }} - signer_docker_tag: ${{ inputs.signer_docker_tag }} - is_node_release: ${{ inputs.is_node_release }} - - ## Runs when the following is true: - ## - either node or signer tag is provided - create-release: - if: | - inputs.node_tag != '' || - inputs.signer_tag != '' - name: Create Release - runs-on: ubuntu-latest - needs: - - andon-cord - - build-binaries - permissions: - contents: write - steps: - ## Creates releases - - name: Create Release - uses: stacks-network/actions/stacks-core/release/create-releases@main - with: - node_tag: ${{ inputs.node_tag }} - node_docker_tag: ${{ inputs.node_docker_tag }} - signer_tag: ${{ inputs.signer_tag }} - signer_docker_tag: ${{ inputs.signer_docker_tag }} - is_node_release: ${{ inputs.is_node_release }} - is_signer_release: ${{ inputs.is_signer_release }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - ## Builds arch dependent Docker images from binaries - ## - ## Note: this step requires the binaries in the create-release step to be uploaded - ## Runs when the following is true: - ## - either node or signer tag is provided - docker-image: - if: | - inputs.node_tag != '' || - inputs.signer_tag != '' - name: Docker Image (Binary) - runs-on: ubuntu-latest - environment: "Push to Docker" - permissions: - id-token: write - attestations: write - needs: - - andon-cord - - build-binaries - - create-release - strategy: - fail-fast: false - ## Build a maximum of 2 images concurrently based on matrix.dist - max-parallel: 2 - matrix: - dist: - - alpine - - debian - steps: - - name: Create Docker Image - uses: stacks-network/actions/stacks-core/release/docker-images@main - with: - node_tag: ${{ inputs.node_tag }} - node_docker_tag: ${{ inputs.node_docker_tag }} - signer_tag: ${{ inputs.signer_tag }} - signer_docker_tag: ${{ inputs.signer_docker_tag }} - is_node_release: ${{ inputs.is_node_release }} - is_signer_release: ${{ inputs.is_signer_release }} - DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} - dist: ${{ matrix.dist }} - - ## Create the downstream PR for the release branch to master,develop - create-pr: - if: | - ( - inputs.node_tag != '' || - inputs.signer_tag != '' - ) - name: Create Downstream PR (${{ github.ref_name }}) - runs-on: ubuntu-latest - needs: - - andon-cord - - build-binaries - - create-release - - docker-image - permissions: - pull-requests: write - steps: - - name: Open Downstream PR - id: create-pr - uses: stacks-network/actions/stacks-core/release/downstream-pr@main - with: - token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/image-build-source.yml b/.github/workflows/image-build-source.yml deleted file mode 100644 index 6cf7bd3cd36..00000000000 --- a/.github/workflows/image-build-source.yml +++ /dev/null @@ -1,91 +0,0 @@ -## Github workflow to build a docker image from source - -name: Docker Image (Source) - -on: - workflow_dispatch: - workflow_call: - -## Define which docker arch to build for -env: - docker_platforms: "linux/amd64,linux/arm64" - docker-org: blockstack - -concurrency: - group: docker-image-source-${{ github.head_ref || github.ref || github.run_id }} - ## Always cancel duplicate jobs - cancel-in-progress: true - -jobs: - ## Runs anytime `ci.yml` runs or when manually called - image: - name: Build Image - runs-on: ubuntu-latest - ## Requires the repo environment "Push to Docker", which will trigger a secondary approval step before running this workflow. - environment: "Push to Docker" - permissions: - id-token: write - attestations: write - steps: - ## Setup Docker for the builds - - name: Docker setup - id: docker_setup - uses: stacks-network/actions/docker@main - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} - - ## if the repo owner is not `stacks-network`, default to a docker-org of the repo owner (i.e. github user id) - ## this allows forks to run the docker push workflows without having to hardcode a dockerhub org (but it does require docker hub user to match github username) - - name: Set Local env vars - id: set_env - if: | - github.repository_owner != 'stacks-network' - run: | - echo "docker-org=${{ github.repository_owner }}" >> "$GITHUB_ENV" - - ## Set docker metatdata - - name: Docker Metadata ( ${{matrix.dist}} ) - id: docker_metadata - uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 #v5.6.1 - with: - images: | - ${{env.docker-org}}/${{ github.event.repository.name }} - ${{env.docker-org}}/stacks-blockchain - tags: | - type=raw,value=${{ env.BRANCH_NAME }} - type=ref,event=pr - - ## Build docker image - - name: Build and Push ( ${{matrix.dist}} ) - id: docker_build - uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0 - with: - file: ./Dockerfile - platforms: ${{ env.docker_platforms }} - tags: ${{ steps.docker_metadata.outputs.tags }} - labels: ${{ steps.docker_metadata.outputs.labels }} - build-args: | - STACKS_NODE_VERSION=${{ env.GITHUB_SHA_SHORT }} - GIT_BRANCH=${{ env.GITHUB_REF_SHORT }} - GIT_COMMIT=${{ env.GITHUB_SHA_SHORT }} - push: ${{ env.DOCKER_PUSH }} - - ## Generate docker image attestation(s) - - name: Generate artifact attestation (${{ github.event.repository.name }}) - id: attest_primary - uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v2.2.3 - with: - subject-name: | - index.docker.io/${{env.docker-org}}/${{ github.event.repository.name }} - subject-digest: ${{ steps.docker_build.outputs.digest }} - push-to-registry: true - - - name: Generate artifact attestation (stacks-blockchain) - id: attest_secondary - uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v2.2.3 - with: - subject-name: | - index.docker.io/${{env.docker-org}}/stacks-blockchain - subject-digest: ${{ steps.docker_build.outputs.digest }} - push-to-registry: true diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml new file mode 100644 index 00000000000..389b2714702 --- /dev/null +++ b/.github/workflows/release-build.yml @@ -0,0 +1,298 @@ +## Github workflow to create reusable caches + +name: Build Release Binaries + +on: + workflow_call: + inputs: + node_tag: + description: "Node Release Tag" + required: true + type: string + signer_tag: + description: "Signer Release Tag" + required: true + type: string + +concurrency: + group: release-build-${{ github.head_ref || github.ref }} + ## Always cancel duplicate jobs + cancel-in-progress: true + +run-name: Build Release Binaries + +env: + # set a default command to build. we'll define specific build config options later per arch. + CMD: "cargo build --features monitoring_prom,slog_json --profile release --workspace" + # ensure these env vars have no values since they will be explicitly set later + TARGET_CPU: "" + LINKER: "" +jobs: + build-binaries: + name: Build Binaries + runs-on: ${{ matrix.os }} + permissions: + id-token: write + attestations: write + strategy: + ## Run a maximum of 10 builds concurrently + max-parallel: 10 + matrix: + arch: + - linux-glibc + - linux-musl + - macos + - windows + cpu: + - x86-64 + - arm64 + os: + - ubuntu-latest + - macos-latest-large + exclude: + ## exclude linux-musl on macos + - arch: linux-musl + os: macos-latest-large + ## exclude linux-glibc on macos + - arch: linux-glibc + os: macos-latest-large + ## excludes macos on ubuntu + - arch: macos + os: ubuntu-latest + ## excludes windows on macos + - arch: windows + os: macos-latest-large + ## excludes windows-arm64 + - arch: windows + cpu: arm64 + ## excludes macos-x64 + - arch: macos + cpu: x86-64 + steps: + ## Checkout the code + - name: Checkout the latest code + id: git_checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + ref: ${{ github.ref }} + + ## Set target env var based on the type of arch build + - name: Configure Target Platform + id: configure_target_platform + shell: bash + run: | + case ${{ matrix.cpu }} in + x86-64*) + # if matrix.cpu ever changes to a different x86 version, this will set the archive naming appropriately to `*-x64` + ARCHIVE_NAME="$(echo "${{ matrix.cpu }}" | sed -e 's|86-||g')" + # set the CPU to build for. if the matrix defines x86-64, default to -v3, else use what's defined in the matrix + case ${{ matrix.cpu }} in + x86-64) + TARGET_CPU="${{ matrix.cpu }}-v3" # default to x86-64-v3 if generic x86-64 is used for the build + ;; + *) + TARGET_CPU="${{ matrix.cpu }}" # if matrix.cpu is specifically v3/v4, we should target that + ;; + esac + + # install dependencies for the x86-64 architecture, and set the rust target for the build step + case ${{ matrix.arch }} in + linux-musl) + sudo apt-get update && sudo apt-get install -y musl-tools || exit 1 + TARGET="x86_64-unknown-linux-musl" + ;; + linux-glibc) + sudo apt-get update && sudo apt-get install -y git libclang-dev llvm || exit 1 + TARGET="x86_64-unknown-linux-gnu" + ;; + windows) + sudo apt-get update && sudo apt-get install -y git gcc-mingw-w64-x86-64 || exit 1 + TARGET="x86_64-pc-windows-gnu" + ;; + *) + ;; + esac + ;; + arm64) + ARCHIVE_NAME=${{ matrix.cpu }} + # install dependencies for the arm64 architecture, and set the rust target for the build step + case ${{ matrix.arch }} in + linux-musl) + sudo apt-get update && sudo apt-get install -y gcc-aarch64-linux-gnu musl-dev || exit 1 + # this download is required, and must come from a mirror as musl.cc has aggressive rate limits from azure ips (hosted github runners) + curl -LSf -# https://github.com/musl-cc/musl.cc/releases/download/v0.0.1/aarch64-linux-musl-cross.tgz | tar zxf - -C /tmp || exit 1 + TARGET="aarch64-unknown-linux-musl" + ;; + linux-glibc) + sudo apt-get update && sudo apt-get install -y git gcc-aarch64-linux-gnu libclang-dev llvm || exit 1 + TARGET="aarch64-unknown-linux-gnu" + ;; + macos) + TARGET="aarch64-apple-darwin" + ;; + *) + ;; + esac + ;; + *) + ;; + esac + if [[ -z "$TARGET" ]]; then + echo "[ERROR] TARGET Variable is empty for ${{ matrix.arch }}-${{ matrix.cpu }}"; + exit 1 + fi + ## Add vars to env for later steps + # set the rust target arch for build + echo "TARGET=${TARGET}" >> "$GITHUB_ENV" + # set the target cpu for build + echo "TARGET_CPU=${TARGET_CPU}" >> "$GITHUB_ENV" + # set the zipfile archive name + echo "ZIPFILE_NAME=${{ matrix.arch }}-${ARCHIVE_NAME}" >> "$GITHUB_ENV" + + ## Install rust toolchain for the target being built + - name: Setup Rust Toolchain + id: setup_rust_toolchain + uses: actions-rust-lang/setup-rust-toolchain@11df97af8e8102fd60b60a77dfbf58d40cd843b8 # v1.10.1 + with: + toolchain: stable + cache: false + target: ${{ env.TARGET }} + + ## Build the release binaries + - name: Build Release + id: build_release + shell: bash + run: | + # + # for each target, we will also echo the command being run so it's easier to see in the logs what command was run + # + BINS="" + # only build the stacks-signer binary if node_tag is not defined - this is a signer only release (reduce time compiling) + if [ "${{ inputs.node_tag }}" == '' ]; then + BINS="--bin stacks-signer" + fi + case "${{ env.TARGET }}" in + # linux glibc aarch64 + aarch64-unknown-linux-gnu) + LINKER=aarch64-linux-gnu-gcc + echo "${CMD} ${BINS} --target $TARGET --config \"target.${TARGET}.linker=\\\"${LINKER}\\\"\" " + ${{ env.CMD }} ${BINS} --target $TARGET --config "target.${{ env.TARGET }}.linker=\"${LINKER}\"" || exit 1 + ;; + # linux glibc x64 + x86_64-unknown-linux-gnu) + # use the default linker + echo "${CMD} ${BINS} --target $TARGET --config build.rustflags=\"\\\"-C target-cpu=${TARGET_CPU}\\\"\" " + ${{ env.CMD }} ${BINS} --target $TARGET --config build.rustflags="\"-C target-cpu=${TARGET_CPU}\"" || exit 1 + ;; + # windows glibc x64 + x86_64-pc-windows-gnu) + LINKER=x86_64-w64-mingw32-gcc + echo "${CMD} ${BINS} --target $TARGET --config \"target.${TARGET}.linker=\\\"${LINKER}\\\"\" --config build.rustflags="\"-C target-cpu=${TARGET_CPU}\"" " + ${{ env.CMD }} ${BINS} --target $TARGET --config "target.${{ env.TARGET }}.linker=\"${LINKER}\"" --config build.rustflags="\"-C target-cpu=${TARGET_CPU}\"" || exit 1 + ;; + # linux musl x64 + x86_64-unknown-linux-musl) + echo "${CMD} ${BINS} --target $TARGET --config build.rustflags=\"\\\"-C target-cpu=${TARGET_CPU}\\\"\" " + ${{ env.CMD }} ${BINS} --target $TARGET --config build.rustflags="\"-C target-cpu=${TARGET_CPU}\"" || exit 1 + ;; + # linux musl aarch64 + aarch64-unknown-linux-musl) + # use the musl linker installed in previous step + LINKER=/tmp/aarch64-linux-musl-cross/bin/aarch64-linux-musl-gcc + echo "${CMD} ${BINS} --target $TARGET --config \"target.${TARGET}.linker=\\\"${LINKER}\\\"\" " + ${{ env.CMD }} ${BINS} --target $TARGET --config "target.${{ env.TARGET }}.linker=\"${LINKER}\"" || exit 1 + ;; + # macos aarch64 + aarch64-apple-darwin) + TARGET_CPU=native + echo "${CMD} ${BINS}--target $TARGET --config build.rustflags=\"\\\"-C target-cpu=${TARGET_CPU}\\\"\" " + ${{ env.CMD }} ${BINS} --target $TARGET --config build.rustflags="\"-C target-cpu=${TARGET_CPU}\"" || exit 1 + ;; + # catchall - run the default command if no matching target triple + *) + echo "No matrix match for build target ($TARGET). using defaults" + ${{ env.CMD }} ${BINS} || exit 1 + ;; + esac + exit 0 + + ## For macOS,install the GNU version of sed used in compress_artifacts_stacks_node + ## - Included BSD version of sed returns an error: `sed: first RE may not be empty` + - name: Install GNU sed on macOS + if: | + runner.os == 'macOS' + run: | + brew install gnu-sed + + echo "/usr/local/bin" >> $GITHUB_PATH + echo "$(brew --prefix)/opt/gnu-sed/libexec/gnubin" >> $GITHUB_PATH + + ############################################################################## + ## Stacks core release artifact steps + ## - binary archive includes stacks-signer binary + # - all steps are conditional on if a node_tag input is provided (will not run for signer releases) + + ## Compress the binaries in the target directory + - name: Compress binaries (stacks-core) + if: | + inputs.node_tag != '' + id: compress_artifacts_stacks_node + shell: bash + run: | + # compress all binaries in the target directory for any architecture + file -0 ./target/${{ env.TARGET }}/release/* | sed -nE 's/\x0:\s*(ELF|PE32+|Mach).*//p' | zip --junk-paths ${{ env.ZIPFILE_NAME }}.zip -@ + + ## Upload the binary archive using the commit sha as the key + - name: Upload Artifact (stacks-core) + if: | + inputs.node_tag != '' + id: upload_artifact_stacks_node + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + with: + name: ${{ github.sha }}-stacks-core-${{ env.ZIPFILE_NAME }} + path: ${{ env.ZIPFILE_NAME }}.zip + + ## Attest the binary archive + - name: Attest Artifact (stacks-core) + if: | + inputs.node_tag != '' + id: attest_artifact_stacks_node + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 + with: + subject-path: ${{ env.ZIPFILE_NAME }}.zip + + ############################################################################## + ## Stacks signer release artifact steps + ## - all steps are conditional on if a signer_tag input is provided + + ## Compress the stacks-signer binary in the target directory + - name: Compress binaries (stacks-signer) + if: | + inputs.signer_tag != '' + id: compress_artifacts_stacks_signer + shell: bash + run: | + # since the archives are named generically and identically for both stacks-core and stacks-signer: + # - remove the stacks-core zipfile and recreate for the signer + [ -e "${{ env.ZIPFILE_NAME }}.zip" ] && rm -f "${{ env.ZIPFILE_NAME }}.zip" + # compress all binaries in the target directory for any architecture + file -0 ./target/${{ env.TARGET }}/release/stacks-signer* | sed -nE 's/\x0:\s*(ELF|PE32+|Mach).*//p' | zip --junk-paths ${{ env.ZIPFILE_NAME }}.zip -@ + + ## Upload the binary archive using the commit sha as the key + - name: Upload Artifact (stacks-signer) + if: | + inputs.signer_tag != '' + id: upload_artifact_stacks_signer + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + with: + name: ${{ github.sha }}-stacks-signer-${{ env.ZIPFILE_NAME }} + path: ${{ env.ZIPFILE_NAME }}.zip + + ## Attest the binary archive + - name: Attest Artifact (stacks-signer) + if: | + inputs.signer_tag != '' + id: attest_artifact_stacks_signer + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 + with: + subject-path: ${{ env.ZIPFILE_NAME }}.zip diff --git a/.github/workflows/release-docker.yml b/.github/workflows/release-docker.yml new file mode 100644 index 00000000000..92a8f981044 --- /dev/null +++ b/.github/workflows/release-docker.yml @@ -0,0 +1,202 @@ +## Github workflow to create release docker images +## - uses binary archives produced by the ./release-build.yml workflow + +name: Docker Release Images + +on: + workflow_call: + inputs: + node_tag: + description: "Node Docker Release Tag" + required: true + type: string + signer_tag: + description: "Signer Docker Release Tag" + required: true + type: string + release_type: + description: "Release type (one of stacks-core, stacks-signer" + required: true + type: string +concurrency: + group: ${{ inputs.release_type }}-${{ github.head_ref || github.ref }} + ## Always cancel duplicate jobs + cancel-in-progress: true + +run-name: ${{ inputs.node_tag || inputs.signer_tag }} + +env: + # build for both x64 and arm64 arch + DOCKER_PLATFORMS: "linux/amd64,linux/arm64" + # publish images to ghcr + DOCKER_REGISTRY: "ghcr.io" + # do not generate provenance from the docker build step, instead attest the image specifically + PROVENANCE: false + +jobs: + release-images: + if: | + ( inputs.release_type == 'stacks-core' || inputs.release_type == 'stacks-signer') && + ( inputs.signer_tag != '' || inputs.node_tag != '' ) + name: Docker Image (${{ inputs.release_type }}, ${{ matrix.dist }}) + runs-on: ubuntu-latest + permissions: + id-token: write + attestations: write + packages: write + strategy: + fail-fast: false + ## Build a maximum of 2 images concurrently based on matrix.dist + max-parallel: 2 + matrix: + dist: + - alpine + - debian + steps: + - name: Set Local Vars + id: set_vars + shell: bash + run: | + var_dockerfile_name="Dockerfile.release" + if [ "${{ inputs.release_type }}" == "stacks-signer" ]; then + var_dockerfile_name="Dockerfile.release.signer" + fi + if [ "${{ matrix.dist }}" == "alpine" ]; then + var_build_arch=musl + else + var_build_arch=glibc + fi + echo "var_build_arch: ${var_build_arch}" + + # set a default docker image: registry/repo/release_type + var_default_image="${{ env.DOCKER_REGISTRY }}/${{ github.repository_owner }}/${{ inputs.release_type }}" + var_artifact_pattern="${{ github.sha }}-${{ inputs.release_type }}-linux-${var_build_arch}*" + if [ "${{ inputs.release_type }}" == "stacks-signer" ]; then + # stacks-signer + var_images="${var_default_image}" # use default, set in conditional to allow for individual changes based on release type + var_docker_tag=${{ inputs.signer_tag }} # use the input signer_tag if this is the stacks-signer build + else + # stacks-core + var_images="${var_default_image}" # use default, set in conditional to allow for individual changes based on release type + var_docker_tag=${{ inputs.node_tag }} # use the input node_tag if this is the stacks-node build + fi + + # Add vars to github env for later steps + echo "DOCKER_IMAGES=${var_images}" >> $GITHUB_ENV + echo "DOCKER_TAG=${var_docker_tag}" >> $GITHUB_ENV + echo "ARTIFACT_PATTERN=${var_artifact_pattern}" >> $GITHUB_ENV + echo "DOCKERFILE_NAME=${var_dockerfile_name}" >> "$GITHUB_ENV" + + - name: Set Docker Tag RC Flag + id: docker_tag_rc_flag + shell: bash + run: | + var_docker_tag_rc=false + if [[ "${docker_tag}" =~ -rc[0-9]*$ ]]; then + # is a release candidate + var_docker_tag_rc=true + fi + echo "DOCKER_TAG_RC=${var_docker_tag_rc}" >> "$GITHUB_ENV" + + - name: Download Artifacts + id: download_artifacts + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 + with: + pattern: ${{ env.ARTIFACT_PATTERN }} + path: /tmp/release + merge-multiple: true + + ## Setup Docker for the builds + - name: Docker setup + id: docker_setup + uses: stacks-network/actions/docker@main + with: + registry: ${{ env.DOCKER_REGISTRY }} # set the registry to ghcr (default is docker.io) + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + ## Checkout the code + - name: Checkout the latest code + id: git_checkout + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + with: + ref: ${{ env.BRANCH_NAME }} + sparse-checkout: | + .github + + - name: Docker Metadata ( ${{ matrix.dist }} ) + id: docker_metadata + uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 #v5.9.0 + with: + images: | + ${{ env.DOCKER_IMAGES }} + labels: | + org.opencontainers.image.created={{commit_date 'YYYY-MM-DDTHH:mm:ss.SSS[Z]'}} + org.opencontainers.image.version=${{ env.DOCKER_TAG }} + tags: | + # debian tags # + # latest tag + type=raw,value=latest,enable=${{ env.DOCKER_TAG != '' && env.DOCKER_TAG_RC != 'true' && matrix.dist == 'debian' }} + # latest-debian tag + type=raw,value=latest,suffix=-${{ matrix.dist }},enable=${{ env.DOCKER_TAG != '' && env.DOCKER_TAG_RC != 'true' && matrix.dist == 'debian' }} + # version tag + type=raw,value=${{ env.DOCKER_TAG }},enable=${{ env.DOCKER_TAG != '' && matrix.dist == 'debian'}} + # version-dist tag + type=raw,value=${{ env.DOCKER_TAG }},suffix=-${{ matrix.dist }},enable=${{ env.DOCKER_TAG != '' && matrix.dist == 'debian' }} + # + # alpine tags # + # latest-alpine tag + type=raw,value=latest,suffix=-${{ matrix.dist }},enable=${{ env.DOCKER_TAG != '' && env.DOCKER_TAG_RC != 'true' && matrix.dist == 'alpine' }} + # version-dist tag + type=raw,value=${{ env.DOCKER_TAG }},suffix=-${{ matrix.dist }},enable=${{ env.DOCKER_TAG != '' && matrix.dist == 'alpine' }} + + ## Build docker image for release + - name: Build and Push ( ${{matrix.dist}} ) + id: docker_build + uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + with: + sbom: false + provenance: ${{ env.PROVENANCE }} + context: /tmp + file: ./.github/actions/dockerfiles/${{ matrix.dist }}/${{ env.DOCKERFILE_NAME }} + platforms: ${{ env.DOCKER_PLATFORMS }} + tags: ${{ steps.docker_metadata.outputs.tags }} + labels: ${{ steps.docker_metadata.outputs.labels }} + annotations: ${{ steps.docker_metadata.outputs.annotations }} # Note: annotations are used for multi-architecture ghcr images + push: ${{ env.DOCKER_PUSH }} + + ## Generate docker image attestation(s) + - name: Attest Image (${{ github.event.repository.name }}) + if: | + env.PROVENANCE != true + id: attest_image + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 + with: + subject-name: ${{ env.DOCKER_REGISTRY }}/${{ github.repository_owner }}/${{ inputs.release_type }} + subject-digest: ${{ steps.docker_build.outputs.digest }} + push-to-registry: ${{ env.DOCKER_PUSH }} + + ## Sign the images with GitHub OIDC Token + ## - https://github.blog/security/supply-chain-security/safeguard-container-signing-capability-actions/ + ## - annotations show as null per https://github.com/sigstore/cosign/pull/4508 until a future release (or tagging this specific commit) + - name: Install Cosign + id: cosign_install + uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 + + - name: Sign the images with OIDC Token + id: cosign_artifact + shell: bash + env: + DIGEST: ${{ steps.docker_build.outputs.digest }} + TAGS: ${{ steps.docker_metadata.outputs.tags }} + run: | + images="" + for tag in ${TAGS}; do + images+="${tag}@${DIGEST} " + done + cosign sign \ + -a "repo=${{ github.repository }}" \ + -a "ref=${{ github.sha }}" \ + -a "dist=${{ matrix.dist }}" \ + --yes \ + ${images} diff --git a/.github/workflows/release-github.yml b/.github/workflows/release-github.yml new file mode 100644 index 00000000000..66e815a35c6 --- /dev/null +++ b/.github/workflows/release-github.yml @@ -0,0 +1,107 @@ +## Github workflow to create a github release and upload binary artifacts + +name: Github Release + +on: + workflow_call: + inputs: + node_tag: + description: "Node Docker Release Tag" + required: true + type: string + signer_tag: + description: "Signer Docker Release Tag" + required: true + type: string + is_node_release: + description: "True if it is a node release" + required: true + type: string + +concurrency: + group: release-github-${{ github.head_ref || github.ref }} + ## Always cancel duplicate jobs + cancel-in-progress: true + +run-name: ${{ inputs.node_tag || inputs.signer_tag }} + +jobs: + ## Build arch dependent binaries from source + ## + ## Runs when the following is true: + ## - either node or signer tag is provided + andon-cord: + if: | + inputs.node_tag != '' || + inputs.signer_tag != '' + name: Andon Cord + runs-on: ubuntu-latest + environment: "Build Release" + steps: + - name: Check Approval + id: check + run: | + exit 0 + + build-binaries: + if: | + inputs.node_tag != '' || + inputs.signer_tag != '' + name: Build Binaries + needs: + - andon-cord + uses: ./.github/workflows/release-build.yml + with: + node_tag: ${{ inputs.node_tag }} # used to conditionally run step in release-build.yml + signer_tag: ${{ inputs.signer_tag }} # used to conditionally run step in release-build.yml + + docker-images: + if: | + inputs.node_tag != '' || + inputs.signer_tag != '' + name: Build Docker Images + needs: + - andon-cord + - build-binaries + strategy: + fail-fast: false + ## Build a maximum of 2 images concurrently based on matrix.dist + max-parallel: 2 + matrix: + type: + - stacks-core + - stacks-signer + exclude: + - type: ${{ inputs.is_node_release == 'false' && 'stacks-core' }} # exclude stacks-core if node release is false + ## Creates the node docker image + uses: ./.github/workflows/release-docker.yml + with: + node_tag: ${{ inputs.node_tag }} # node_tag will contains the 5 char node version, i.e. 3.3.0.0.0 + signer_tag: ${{ inputs.signer_tag }} # signer_tag contains 6 char signer version, i.e. 3.3.0.0.0.1 + release_type: ${{ matrix.type }} # one of stacks-signer or stacks-core + + ## + ## Runs when the following is true: + ## - either node or signer tag is provided + create-release: + if: | + inputs.node_tag != '' || + inputs.signer_tag != '' + name: Create Release + runs-on: ubuntu-latest + needs: + - andon-cord + - build-binaries + - docker-images + permissions: + contents: write + steps: + ## Creates releases + - name: Create Release + id: check + uses: stacks-network/actions/stacks-core/release/create-releases@main + with: + node_tag: ${{ inputs.node_tag }} # name used for release (use the version by itself + signer_tag: signer-${{ inputs.signer_tag }} # name used for release (prefix with 'signer-') + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + diff --git a/.github/workflows/sbtc-tests.yml b/.github/workflows/sbtc-tests.yml index 7d9e7abbdfa..82466f77c42 100644 --- a/.github/workflows/sbtc-tests.yml +++ b/.github/workflows/sbtc-tests.yml @@ -29,8 +29,6 @@ jobs: max-parallel: 32 matrix: test-name: - - tests::neon_integrations::test_submit_and_observe_sbtc_ops - - tests::signer::test_stackerdb_dkg - tests::stackerdb::test_stackerdb_event_observer - tests::stackerdb::test_stackerdb_load_store steps: @@ -54,4 +52,3 @@ jobs: uses: stacks-network/actions/codecov@main with: test-name: ${{ matrix.test-name }} - diff --git a/.github/workflows/slow-tests.yml b/.github/workflows/slow-tests.yml deleted file mode 100644 index 02c5bdf552d..00000000000 --- a/.github/workflows/slow-tests.yml +++ /dev/null @@ -1,73 +0,0 @@ -## Github workflow to run slow tests - -name: Tests::Slow - -on: - workflow_call: - -## env vars are transferred to composite action steps -env: - BITCOIND_TEST: 1 - RUST_BACKTRACE: full - SEGMENT_DOWNLOAD_TIMEOUT_MINS: 15 - TEST_TIMEOUT: 30 - -concurrency: - group: slow-tests-${{ github.head_ref || github.ref || github.run_id }} - ## Only cancel in progress if this is for a PR - cancel-in-progress: ${{ github.event_name == 'pull_request' }} - -jobs: - # Slow integration tests with code coverage - slow-tests: - name: Slow Tests - runs-on: ubuntu-latest - strategy: - ## Continue with the test matrix even if we've had a failure - fail-fast: false - ## Run a maximum of 2 concurrent tests from the test matrix - max-parallel: 2 - matrix: - ## Each of these tests should take ~20 minutes if they are successful - test-name: - - tests::epoch_21::test_pox_reorg_flap_duel - - tests::epoch_21::test_pox_reorg_flap_reward_cycles - - tests::nakamoto_integrations::check_block_info_rewards - steps: - ## Setup test environment - - name: Setup Test Environment - id: setup_tests - uses: stacks-network/actions/stacks-core/testenv@main - with: - btc-version: "25.0" - - ## Run test matrix using restored cache of archive file - ## - Test will timeout after env.TEST_TIMEOUT minutes - - name: Run Tests - id: run_tests - timeout-minutes: ${{ fromJSON(env.TEST_TIMEOUT) }} - uses: stacks-network/actions/stacks-core/run-tests@main - with: - test-name: ${{ matrix.test-name }} - threads: 1 - - ## Create and upload code coverage file - - name: Code Coverage - id: codecov - uses: stacks-network/actions/codecov@main - with: - test-name: ${{ matrix.test-name }} - - check-tests: - name: Check Tests - runs-on: ubuntu-latest - if: always() - needs: - - slow-tests - steps: - - name: Check Tests Status - id: check_tests_status - uses: stacks-network/actions/check-jobs-status@main - with: - jobs: ${{ toJson(needs) }} - summary_print: "true" diff --git a/.github/workflows/standalone-tests.yml b/.github/workflows/standalone-tests.yml index 8a56acc3ec6..38eec941366 100644 --- a/.github/workflows/standalone-tests.yml +++ b/.github/workflows/standalone-tests.yml @@ -18,11 +18,9 @@ on: options: - Release Tests - CI Tests - - Atlas Tests - Bitcoin Tests - Epoch Tests - P2P Tests - - Slow Tests - Stacks-Core Tests - SBTC Tests @@ -87,22 +85,6 @@ jobs: - create-cache uses: ./.github/workflows/p2p-tests.yml - ##################################################### - ## Runs when: - ## either or of the following: - ## - workflow is 'Release Tests' - ## - workflow is 'Atlas Tests' - atlas-tests: - if: | - ( - inputs.workflow == 'Release Tests' || - inputs.workflow == 'Atlas Tests' - ) - name: Atlas Tests - needs: - - create-cache - uses: ./.github/workflows/atlas-tests.yml - ## Runs when: ## either or of the following: ## - workflow is 'Release Tests' @@ -118,21 +100,6 @@ jobs: - create-cache uses: ./.github/workflows/epoch-tests.yml - ## Runs when: - ## either or of the following: - ## - workflow is 'Release Tests' - ## - workflow is 'Slow Tests' - slow-tests: - if: | - ( - inputs.workflow == 'Release Tests' || - inputs.workflow == 'Slow Tests' - ) - name: Slow Tests - needs: - - create-cache - uses: ./.github/workflows/slow-tests.yml - ## Runs when: ## either or of the following: ## - workflow is 'Release Tests' @@ -147,4 +114,3 @@ jobs: needs: - create-cache uses: ./.github/workflows/sbtc-tests.yml -