Fix #2035 #6079
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Smoldot | |
# Copyright (C) 2019-2022 Parity Technologies (UK) Ltd. | |
# SPDX-License-Identifier: GPL-3.0-or-later WITH Classpath-exception-2.0 | |
# | |
# This program is free software: you can redistribute it and/or modify | |
# it under the terms of the GNU General Public License as published by | |
# the Free Software Foundation, either version 3 of the License, or | |
# (at your option) any later version. | |
# | |
# This program is distributed in the hope that it will be useful, | |
# but WITHOUT ANY WARRANTY; without even the implied warranty of | |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
# GNU General Public License for more details. | |
# | |
# You should have received a copy of the GNU General Public License | |
# along with this program. If not, see <http://www.gnu.org/licenses/>. | |
name: deploy | |
on: | |
pull_request: # All deployment steps are tested on PRs, but the actual deployment doesn't happen. | |
merge_group: | |
push: | |
branches: | |
- main | |
# TODO: improve the security of this module | |
permissions: read-all | |
jobs: | |
build-push-docker-image: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: docker/setup-qemu-action@v3 | |
- uses: docker/setup-buildx-action@v3 | |
- uses: actions/checkout@v4 | |
- uses: docker/login-action@v3 | |
# This `if` adds an additional safety against accidental pushes. | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- uses: docker/[email protected] | |
with: | |
context: . | |
file: ./full-node/Dockerfile | |
load: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
tags: ghcr.io/smol-dot/full-node:main | |
- run: docker push ghcr.io/smol-dot/full-node:main | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
build-js-doc: | |
runs-on: ubuntu-latest | |
container: | |
image: rust:1.82 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
path: repo | |
- run: rustup target add wasm32-unknown-unknown | |
- uses: actions/[email protected] | |
with: | |
node-version: current | |
- run: npm install | |
working-directory: ./repo/wasm-node/javascript | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
workspaces: ./repo -> target | |
- run: npm run doc | |
working-directory: ./repo/wasm-node/javascript | |
- run: | | |
mkdir -p ./doc | |
mv ./repo/wasm-node/javascript/dist/doc/* ./doc | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: javascript-documentation | |
path: ./doc/ | |
build-rust-doc: | |
runs-on: ubuntu-latest | |
container: | |
image: rust:1.82 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
path: repo | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
workspaces: ./repo -> target | |
- run: cargo doc --verbose --all-features --no-deps --package smoldot --package smoldot-light --package smoldot-full-node | |
working-directory: ./repo | |
- run: | | |
mkdir -p ./doc | |
mv ./repo/target/doc/* ./doc | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: rust-documentation | |
path: ./doc/ | |
build-tests-coverage: | |
runs-on: ubuntu-latest | |
container: | |
image: rust:1.82 | |
steps: | |
- run: apt update && apt install -y jq | |
- run: rustup component add llvm-tools-preview | |
- uses: actions/checkout@v4 | |
with: | |
path: repo | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
workspaces: ./repo -> target | |
- run: | | |
mkdir -p ../coverage | |
RUSTFLAGS="-C instrument-coverage" LLVM_PROFILE_FILE="`pwd`/../coverage/default_%m_%p.profraw" cargo test --workspace --tests | |
RUSTFLAGS="-C instrument-coverage" cargo test --workspace --tests --no-run --message-format=json | jq -r "select(.profile.test == true) | .filenames[]" | grep -v dSYM > ../coverage/binaries-list | |
working-directory: ./repo | |
- run: | | |
`rustc --print sysroot`/lib/rustlib/x86_64-unknown-linux-gnu/bin/llvm-profdata merge -sparse ./coverage/default_*.profraw -o ./coverage/tests-coverage.profdata | |
`rustc --print sysroot`/lib/rustlib/x86_64-unknown-linux-gnu/bin/llvm-cov show --format=html --output-dir=./html-out --instr-profile=./coverage/tests-coverage.profdata --ignore-filename-regex='cargo/registry' --ignore-filename-regex='/rustc/' --show-instantiations --show-line-counts-or-regions $(for file in `cat ./coverage/binaries-list`; do printf "%s %s " -object $file; done) | |
`rustc --print sysroot`/lib/rustlib/x86_64-unknown-linux-gnu/bin/llvm-cov report --instr-profile=./coverage/tests-coverage.profdata --ignore-filename-regex='cargo/registry' --ignore-filename-regex='/rustc/' $(for file in `cat ./coverage/binaries-list`; do printf "%s %s " -object $file; done) | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: code-coverage-report | |
path: ./html-out/ | |
docs-publish: | |
runs-on: ubuntu-latest | |
needs: [build-js-doc, build-rust-doc, build-tests-coverage] | |
permissions: | |
contents: write # Necessary to push on the `gh-pages` branch. | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
path: repo | |
- run: | | |
mkdir -p ./upload/doc-javascript | |
mkdir -p ./upload/doc-rust | |
mkdir -p ./upload/tests-coverage | |
touch ./upload/.nojekyll | |
- uses: actions/download-artifact@v4 | |
with: | |
name: javascript-documentation | |
path: ./upload/doc-javascript | |
- uses: actions/download-artifact@v4 | |
with: | |
name: rust-documentation | |
path: ./upload/doc-rust | |
- uses: actions/download-artifact@v4 | |
with: | |
name: code-coverage-report | |
path: ./upload/tests-coverage | |
- run: | | |
git config user.email "[email protected]" | |
git config user.name "GitHub Action" | |
git config user.password ${{ secrets.GITHUB_TOKEN }} | |
git checkout --orphan gh-pages | |
git rm -rf . | |
git clean -d --force | |
shopt -s dotglob | |
mv ../upload/* . | |
git add --all | |
git commit -m "Documentation" | |
working-directory: ./repo | |
shell: bash # Necessary for `shopt` | |
- run: git push -f origin gh-pages:gh-pages | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
working-directory: ./repo | |
npm-publish: | |
runs-on: ubuntu-latest | |
container: | |
image: rust:1.82 | |
steps: | |
- uses: actions/checkout@v4 | |
- run: rustup target add wasm32-unknown-unknown | |
- uses: actions/[email protected] | |
with: | |
# Set to the oldest version still maintained, in order to ensure compatibility. See <https://nodejs.dev/en/about/releases/> | |
node-version: 18 | |
- uses: Swatinem/rust-cache@v2 | |
- run: npm install | |
working-directory: ./wasm-node/javascript | |
- run: npm publish --unsafe-perm --dry-run | |
working-directory: ./wasm-node/javascript | |
- uses: JS-DevTools/npm-publish@v3 | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
# Warning: this GitHub action doesn't seem to run prepublish scripts, hence | |
# the `npm publish --dry-run` done right above is important to ensure this. | |
with: | |
token: ${{ secrets.NPM_TOKEN }} | |
package: ./wasm-node/javascript/package.json | |
access: public | |
deno-publish: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write # Necessary in order to push tags. | |
# This action checks if a certain git tag exists. If not, it compiles the JavaScript package, | |
# then commits the compilation artifacts, tags the commit, and pushes the tag. | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Necessary below for checking if the tag exists. | |
- run: rustup target add wasm32-unknown-unknown | |
- uses: actions/[email protected] | |
with: | |
# Set to the oldest version still maintained, in order to ensure compatibility. See <https://nodejs.dev/en/about/releases/> | |
node-version: 18 | |
- uses: denoland/setup-deno@v2 | |
with: | |
deno-version: v1.x | |
# TODO: do not use `actions-rs/toolchain` but instead use `image: rust:...` like all the other stages; unfortunately this causes incomprehensible `detected dubious ownership in repository` git errors | |
- uses: actions-rs/toolchain@v1 | |
with: | |
# Ideally we don't want to install any toolchain, but the GH action doesn't support this. | |
toolchain: 1.82 | |
profile: minimal | |
- uses: Swatinem/rust-cache@v2 | |
- id: compute-tag # Compute the tag that we might push. | |
run: echo "tag=light-js-deno-v`jq -r .version ./wasm-node/javascript/package.json`" >> $GITHUB_OUTPUT | |
- id: check-tag-exists # Check whether the tag already exists. | |
run: echo "num-existing=`git tag -l | grep ${{ steps.compute-tag.outputs.tag }} | wc -l`" >> $GITHUB_OUTPUT | |
- run: npm install | |
working-directory: ./wasm-node/javascript | |
- run: npm publish --unsafe-perm --dry-run | |
working-directory: ./wasm-node/javascript | |
- run: cp ./README.md ./dist/mjs | |
working-directory: ./wasm-node/javascript | |
- run: | | |
git add --force ./wasm-node/javascript/dist/mjs # --force bypasses the .gitignore | |
git config --local user.email "github-actions[bot]@users.noreply.github.com" | |
git config --local user.name "github-actions[bot]" | |
git commit -m "Deno version publishing" | |
- run: | | |
git tag ${{ steps.compute-tag.outputs.tag }} | |
if: ${{ steps.check-tag-exists.outputs.num-existing == 0 }} | |
- run: git push origin ${{ steps.compute-tag.outputs.tag }} | |
if: ${{ steps.check-tag-exists.outputs.num-existing == 0 && github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
crates-io-publish: | |
runs-on: ubuntu-latest | |
container: | |
image: rust:1.82 | |
steps: | |
- uses: actions/checkout@v4 | |
- run: cargo publish --dry-run --locked | |
working-directory: ./lib | |
# Note that no dry run is performed for the crates that have dependencies towards the | |
# library, as `cargo publish --dry-run` tries to build them against the version on | |
# `crates.io`, which causes build failures if its public API has changed. | |
# TODO: is there a way to solve that? ^ | |
- run: cargo login ${{ secrets.CRATES_IO_TOKEN }} | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
- run: cargo publish --no-verify | |
working-directory: ./lib | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
continue-on-error: true | |
- run: cargo publish --no-verify | |
working-directory: ./light-base | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
continue-on-error: true | |
- run: cargo publish --no-verify | |
working-directory: ./full-node | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
continue-on-error: true | |
all-deploy: | |
# This dummy job depends on all the mandatory checks. It succeeds if and only if CI is | |
# considered successful. | |
needs: [build-push-docker-image, docs-publish, npm-publish, deno-publish, crates-io-publish] | |
runs-on: ubuntu-latest | |
steps: | |
- run: echo Success |