forked from MystenLabs/walrus
-
Notifications
You must be signed in to change notification settings - Fork 0
352 lines (325 loc) · 14.2 KB
/
code.yml
File metadata and controls
352 lines (325 loc) · 14.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
name: Code
on:
# Run workflow on every PR.
pull_request:
# Run workflow on the main branch after every merge.
# This is important to fill the GitHub Actions cache in a way that PRs can see it.
push:
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
CLICOLOR_FORCE: 1
# Incremental compilation is useful as part of an edit-build-test-edit cycle, as it lets the
# compiler avoid recompiling code that hasn't changed. The setting does not improve the current
# compilation but instead saves additional information to speed up future compilations (see
# https://doc.rust-lang.org/cargo/reference/profiles.html#incremental). Thus, this is only useful
# in CI if the result is cached, which we only do on the `main` branch.
CARGO_INCREMENTAL: ${{ github.ref == 'refs/heads/main' && '1' || '0' }}
# Allow more retries for network requests in cargo (downloading crates) and
# rustup (installing toolchains). This should help to reduce flaky CI failures
# from transient network timeouts or other issues.
CARGO_NET_RETRY: 10
RUSTUP_MAX_RETRIES: 10
# Don't emit giant backtraces in the CI logs.
RUST_BACKTRACE: short
RUSTDOCFLAGS: -D warnings
SUI_TAG: testnet-v1.53.2
jobs:
diff:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: read
outputs:
isRust: ${{ steps.diff.outputs.isRust }}
isMove: ${{ steps.diff.outputs.isMove }}
isDenyConfig: ${{ steps.diff.outputs.isDenyConfig }}
isTestConfig: ${{ steps.diff.outputs.isTestConfig }}
isOpenapi: ${{ steps.diff.outputs.isOpenapi }}
isRelevantForRustTests: ${{ steps.diff.outputs.isRust == 'true' || steps.diff.outputs.isMove == 'true' || steps.diff.outputs.isTestConfig
== 'true' || steps.diff.outputs.isTestnetContracts == 'true' }}
isTestnetContracts: ${{ steps.diff.outputs.isTestnetContracts }}
isMainnetContracts: ${{ steps.diff.outputs.isMainnetContracts }}
isExampleConfig: ${{ steps.diff.outputs.isExampleConfig }}
isCLI: ${{ steps.diff.outputs.isCLI }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Detect Changes
uses: "./.github/actions/diffs"
id: diff
dependencies:
name: Check dependencies
needs: diff
if: ${{ needs.diff.outputs.isRust == 'true' || needs.diff.outputs.isDenyConfig == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- uses: taiki-e/install-action@970d55e3ce02a46d60ffae7b4fab3dedace6e769 # pin@v2.49.13
with:
tool: cargo-deny@0.17.0
- name: Check dependencies
run: cargo deny check bans licenses sources
lint:
name: Lint Rust code
needs: diff
if: ${{ needs.diff.outputs.isRust == 'true' }}
runs-on: ubuntu-ghcloud
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Check formatting with rustfmt
run: >
cargo fmt --all -- --check
--config group_imports=StdExternalCrate,imports_granularity=Crate,imports_layout=HorizontalVertical
- name: Lint using clippy (w/o tests)
run: cargo clippy --workspace --all-features --no-deps -- -D warnings
- name: Lint using clippy (w/ tests)
run: cargo clippy --workspace --all-features --tests --no-deps -- -D warnings
- name: Check documentation
run: cargo doc --workspace --no-deps
build:
name: Build Rust code
needs: diff
if: ${{ needs.diff.outputs.isRust == 'true' }}
env:
OPENSSL_STATIC: "1"
OPENSSL_NO_VENDOR: "0"
runs-on: ubuntu-ghcloud
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libssl-dev pkg-config zlib1g-dev libpq-dev build-essential cmake
- name: Build Rust code
run: cargo build --workspace --features "walrus-service/backup" --verbose
test:
name: Test Rust code
needs: diff
if: ${{ needs.diff.outputs.isRelevantForRustTests == 'true' }}
runs-on: ubuntu-ghcloud
env:
RUST_LOG: walrus=info,error,sui_=off,consensus_core=off
OPENSSL_STATIC: "1"
OPENSSL_NO_VENDOR: "0"
steps:
- uses: taiki-e/install-action@970d55e3ce02a46d60ffae7b4fab3dedace6e769 # pin@v2.49.13
with:
tool: cargo-nextest
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # pin@v2.8.0
with:
save-if: ${{ github.ref == 'refs/heads/main' && 'true' || 'false' }}
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libssl-dev pkg-config zlib1g-dev libpq-dev build-essential cmake
- name: Run tests
run: cargo nextest run --workspace --features "walrus-service/backup" --profile ci --run-ignored all
- name: Run doctests
run: cargo test --doc
test-coverage:
name: Run all Rust tests and report coverage
if: contains(github.event.pull_request.labels.*.name, 'report_coverage')
runs-on: ubuntu-ghcloud
permissions:
contents: read
pull-requests: write
env:
RUSTC_BOOTSTRAP: 1
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- uses: ./.github/actions/run_tarpaulin
- name: Add coverage PR comment
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405 # pin@v2
if: ${{ github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' }}
with:
path: code-coverage-results.md
simtests:
name: Run all simtests
needs: diff
if: ${{ needs.diff.outputs.isRelevantForRustTests == 'true' }}
runs-on: ubuntu-ghcloud
env:
MSIM_TEST_NUM: 5
# Turn off Sui logging since it can be very distractive in CI
RUST_LOG: simtest=info,error,sui_=off,consensus_core=off
steps:
- uses: taiki-e/install-action@970d55e3ce02a46d60ffae7b4fab3dedace6e769 # pin@v2.49.13
with:
tool: cargo-nextest
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # pin@v2.8.0
with:
save-if: ${{ github.ref == 'refs/heads/main' && 'true' || 'false' }}
- run: ./scripts/simtest/install.sh
- name: Run tests
run: cargo simtest simtest --profile simtest
simtests-build:
name: Build all simtests
needs: diff
# if: ${{ needs.diff.outputs.isRelevantForRustTests == 'true' }}
if: false
runs-on: ubuntu-ghcloud
steps:
- uses: taiki-e/install-action@970d55e3ce02a46d60ffae7b4fab3dedace6e769 # pin@v2.49.13
with:
tool: cargo-nextest
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- run: ./scripts/simtest/install.sh
- name: Build simtests
run: cargo simtest build
test-move:
name: Test Move code
needs: diff
if: ${{ needs.diff.outputs.isMove == 'true' }}
runs-on: ubuntu-ghcloud
env:
SUI_BIN: "/home/runner/.cargo/bin/sui"
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Restore cached sui binary
id: cache-sui-restore
uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # pin@v4
with:
path: ${{ env.SUI_BIN }}
key: ${{ runner.os }}-${{ runner.arch }}-${{ env.SUI_TAG }}
- name: Install correct Rust toolchain
run: rustup update && rustup toolchain install
if: steps.cache-sui-restore.outputs.cache-hit != 'true'
- name: Install sui
if: steps.cache-sui-restore.outputs.cache-hit != 'true'
run: cargo install --locked --git https://github.com/MystenLabs/sui.git --tag $SUI_TAG --debug --features tracing
sui
- name: Run Move tests and check coverage
run: bash ./scripts/move_coverage.sh
- name: Cache sui binary
if: ${{ github.ref == 'refs/heads/main' && steps.cache-sui-restore.outputs.cache-hit != 'true' }}
uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # pin@v4
with:
path: ${{ env.SUI_BIN }}
key: ${{ steps.cache-sui-restore.outputs.cache-primary-key }}
test-contracts-warning:
name: Check if the PR touches the testnet-contracts directory
runs-on: ubuntu-latest
needs: diff
if: ${{ needs.diff.outputs.isTestnetContracts == 'true' && github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'}}
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Post a warning if the PR touches the testnet-contracts directory
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405 # pin@v2
with:
message: >
**Warning:** This PR touches the `testnet-contracts` directory. This should only be
done if the Testnet contracts are updated.
cc @karlwuest @mlegner
mainnet-contracts-warning:
name: Check if the PR touches the mainnet-contracts directory
runs-on: ubuntu-latest
needs: diff
if: ${{ needs.diff.outputs.isMainnetContracts == 'true' && github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'}}
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Post a warning if the PR touches the mainnet-contracts directory
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405 # pin@v2
with:
message: >
**Warning:** This PR touches the `mainnet-contracts` directory. This should only be
done if the Mainnet contracts are updated.
cc @karlwuest @mlegner
example-config-warning:
name: Check if the PR touches any of the example config files
runs-on: ubuntu-latest
needs: diff
if: ${{ needs.diff.outputs.isExampleConfig == 'true' && github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'}}
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Post a warning if the PR touches an example config file
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405 # pin@v2
with:
message: |
**Warning:** This PR modifies one of the example config files. Please consider the
following:
- Make sure the changes are backwards compatible with the current configuration.
- Make sure any added parameters follow the conventions of the existing parameters; in
particular, durations should take seconds or milliseconds using the naming convention
`_secs` or `_millis`, respectively.
- If there are added optional parameter sections, it should be possible to specify them
partially. A useful pattern there is to implement `Default` for the struct and derive
`#[serde(default)]` on it, see `BlobRecoveryConfig` as an example.
- You may need to update the documentation to reflect the changes.
cli-warning:
name: Check if the PR touches any of the CLI files
runs-on: ubuntu-latest
needs: diff
if: ${{ needs.diff.outputs.isCLI == 'true' && github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'}}
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Post a warning if the PR modifies the Walrus CLI
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405 # pin@v2
with:
message: |
**Warning:** This PR modifies the Walrus CLI. Please consider the following:
- Make sure the changes are backwards compatible. Consider deprecating options before
removing them.
- Generally only use `long` CLI options, not `short` ones to avoid conflicts in the
future.
- If you added new options or features, or modified the behavior, please document the
changes in the release notes of the PR and update the documentation in the `docs/book`
directory.
openapi-warning:
name: Check if the PR touches any of the OpenAPI files
runs-on: ubuntu-latest
needs: diff
if: ${{ needs.diff.outputs.isOpenapi == 'true' && github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'}}
permissions:
contents: read
pull-requests: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4
- name: Post a warning if the PR touches an OpenAPI file
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405 # pin@v2
with:
message: |
**Warning:** This PR modifies one of the OpenAPI files. Please consider the
following:
- Make sure the API changes are backwards compatible.
- Make sure to follow existing conventions for any added parameters, requests, and
responses.
- Make sure the generated HTML files do not contain errors.
- This probably requires release notes and maybe changes to the documentation.
cc @jpcsmith @mlegner
check-all:
name: Check if all code checks succeeded
if: always()
needs:
- diff
- dependencies
- lint
- build
- test
- simtests-build
- simtests
- test-move
runs-on: ubuntu-latest
steps:
- name: Decide whether all needed jobs succeeded
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # pin@v1.2.2
with:
allowed-skips: ${{ toJSON(needs) }}
jobs: ${{ toJSON(needs) }}