Skip to content

feat: re-enabling authwit constraint #8412

feat: re-enabling authwit constraint

feat: re-enabling authwit constraint #8412

Workflow file for this run

name: CI
on:
push:
branches: [master]
pull_request: {}
workflow_dispatch:
inputs:
username:
description: "Defaults to GitHub Actor"
required: false
runner_action:
description: "The action to take with the self-hosted runner (start, stop, restart)."
required: false
concurrency:
# force parallelism in master
group: ci-${{ github.ref_name == 'master' && github.run_id || github.ref_name }}
cancel-in-progress: true
jobs:
setup:
uses: ./.github/workflows/setup-runner.yml
with:
runner_label: ${{ inputs.username || github.actor }}-x86
ebs_cache_size_gb: 256
runner_concurrency: 50
subaction: ${{ inputs.runner_action || 'start' }}
# Use instance types with low interruption rate in us-east-2 https://aws.amazon.com/ec2/spot/instance-advisor/
ec2_instance_type: r6in.32xlarge r6a.32xlarge i4i.32xlarge r7iz.32xlarge
ec2_ami_id: ami-04d8422a9ba4de80f
ec2_spot_instance_strategy: None
ec2_instance_ttl: 40 # refreshed by jobs
secrets: inherit
build:
needs: setup
runs-on: ${{ inputs.username || github.actor }}-x86
outputs:
e2e_list: ${{ steps.e2e_list.outputs.list }}
bench_list: ${{ steps.bench_list.outputs.list }}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ github.event.pull_request.head.sha }}" }
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: build-${{ inputs.username || github.actor }}-x86
# prepare images locally, tagged by commit hash
- name: "Build E2E Image"
timeout-minutes: 40
run: earthly-ci ./yarn-project+export-e2e-test-images
# We base our e2e list used in e2e-x86 off the targets in ./yarn-project/end-to-end
# (Note ARM uses just 2 tests as a smoketest)
- name: Create list of non-bench end-to-end jobs
id: e2e_list
run: echo "list=$(earthly ls ./yarn-project/end-to-end | grep -v '+base' | grep -v '+bench' | sed 's/+//' | jq -R . | jq -cs .)" >> $GITHUB_OUTPUT
- name: Create list of bench end-to-end jobs
id: bench_list
run: echo "list=$(earthly ls ./yarn-project/end-to-end | grep '+bench' | sed 's/+//' | jq -R . | jq -cs .)" >> $GITHUB_OUTPUT
# all the non-bench end-to-end integration tests for aztec
e2e:
needs: build
runs-on: ${{ inputs.username || github.actor }}-x86
strategy:
fail-fast: false
matrix:
test: ${{ fromJson( needs.build.outputs.e2e_list )}}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ github.event.pull_request.head.sha }}" }
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
# must be globally unique for build x runner
concurrency_key: e2e-${{ inputs.username || github.actor }}-x86-${{ matrix.test }}
- name: Test
working-directory: ./yarn-project/end-to-end/
timeout-minutes: 25
run: earthly-ci -P \
--secret AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \
--secret AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \
--no-output \
+${{ matrix.test }} --skip_build=true
# all the benchmarking end-to-end integration tests for aztec (not required to merge)
bench-e2e:
needs: build
runs-on: ${{ inputs.username || github.actor }}-x86
strategy:
fail-fast: false
matrix:
test: ${{ fromJson( needs.build.outputs.bench_list )}}
steps:
- uses: actions/checkout@v4
with: { ref: "${{ github.event.pull_request.head.sha }}" }
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
# must be globally unique for build x runner
concurrency_key: e2e-${{ inputs.username || github.actor }}-x86-${{ matrix.test }}
- name: Test
working-directory: ./yarn-project/end-to-end/
timeout-minutes: 25
run: earthly-ci -P \
--secret AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \
--secret AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \
--no-output \
+${{ matrix.test }} --skip_build=true
# bench-summary:
# needs: e2e
# runs-on: ${{ inputs.username || github.actor }}-x86
# steps:
# - uses: actions/checkout@v4
# with:
# fetch-depth: 100 # Downloading base benchmark from master requires access to history
# ref: "${{ github.event.pull_request.head.sha }}"
# - uses: ./.github/ci-setup-action
# with:
# dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
# concurrency_key: build-${{ inputs.username || github.actor }}-x86
# - name: "Build and upload bench aggregate file"
# working-directory: ./yarn-project/scripts
# run: earthly-ci -P --secret AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} --secret AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} +bench-aggregate
# - name: "Download base benchmark"
# if: ${{ github.event_name == 'pull_request' }}
# run: scripts/logs/download_base_benchmark_from_s3.sh
# env:
# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# BENCH_FOLDER: ./yarn-project/scripts/bench
# PULL_REQUEST: "${{ github.event.pull_request.number }}"
# - name: "Generate summary comment if pull request"
# if: ${{ github.event_name == 'pull_request' }}
# working-directory: ./yarn-project/scripts
# run: earthly-ci -P --secret AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} --secret AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} --secret AZTEC_BOT_COMMENTER_GITHUB_TOKEN=${{ secrets.AZTEC_BOT_GITHUB_TOKEN }} +bench-comment
noir-format:
needs: setup
runs-on: ${{ inputs.username || github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: noir-format-${{ inputs.username || github.actor }}-x86
- name: "Format Noir"
working-directory: ./noir/
timeout-minutes: 25
run: earthly-ci --no-output ./+format
- name: "Format noir-projects"
working-directory: ./noir-projects/
timeout-minutes: 25
run: earthly-ci --no-output ./+format
# barretenberg (prover) native and AVM (public VM) tests
# only ran on x86 for resource reasons (memory intensive)
bb-native-tests:
needs: setup
runs-on: ${{ inputs.username || github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
# Only allow one memory-hunger prover test to use this runner
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
# must be globally unique for build x runner
concurrency_key: bb-native-tests-${{ inputs.username || github.actor }}-x86
- name: "Native Prover Tests"
working-directory: ./barretenberg/cpp/
timeout-minutes: 25
# limit our parallelism to half our cores
run: earthly-ci --no-output +test --hardware_concurrency=64
bb-js-test:
needs: setup
runs-on: ${{ github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: bb-js-test-${{ github.actor }}-x86
- name: "bb.js Tests"
working-directory: ./barretenberg/ts/
timeout-minutes: 25
run: earthly-ci --no-output ./+test
noir-test:
needs: setup
runs-on: ${{ inputs.username || github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: noir-${{ inputs.username || github.actor }}-x86
- name: "Test Noir JS packages"
run: earthly-ci --no-output ./noir+test
noir-packages-test:
needs: setup
runs-on: ${{ inputs.username || github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: noir-${{ inputs.username || github.actor }}-x86
- name: "Test Noir JS packages"
run: earthly-ci --no-output ./noir+packages-test
noir-projects:
needs: setup
runs-on: ${{ inputs.username || github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: noir-projects-${{ inputs.username || github.actor }}-x86
- name: "Noir Projects"
timeout-minutes: 25
run: earthly-ci --no-output ./noir-projects/+test
yarn-project-formatting:
needs: noir-projects
runs-on: ${{ github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
# Only allow one memory-hunger prover test to use this runner
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: yarn-project-formatting-${{ github.actor }}-x86
- name: "Yarn Project Tests"
timeout-minutes: 25
run: earthly-ci --no-output ./yarn-project/+format-check
yarn-project-test:
needs: noir-projects
runs-on: ${{ github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
# Only allow one memory-hunger prover test to use this runner
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: yarn-project-test-${{ github.actor }}-x86
- name: "Yarn Project Tests"
timeout-minutes: 30
run: earthly-ci --no-output ./yarn-project/+test
prover-client-test:
needs: noir-projects
runs-on: ${{ github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: prover-client-test-${{ github.actor }}-x86
- name: "Prover Client Tests"
timeout-minutes: 25
run: earthly-ci --no-output ./yarn-project/+prover-client-test
client-proof-tests:
needs: build
runs-on: ${{ github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: client-proof-tests-${{ github.actor }}-x86
- name: "Client Proof Tests"
timeout-minutes: 25
run: earthly-ci --no-output ./yarn-project/+run-e2e --test=client_prover_integration/client_prover_integration.test.ts
build-acir-tests:
needs: build
runs-on: ${{ github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: build-acir-tests-${{ github.actor }}-x86
- name: "Build Acir Tests"
timeout-minutes: 25
run: earthly-ci --no-output ./noir/+build-acir-tests
barretenberg-acir-tests-bb:
needs: build-acir-tests
runs-on: ${{ github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: barretenberg-acir-tests-bb-${{ github.actor }}-x86
- name: "BB Native Acir Tests"
working-directory: ./noir/
timeout-minutes: 25
run: earthly-ci --no-output ./+barretenberg-acir-tests-bb
barretenberg-acir-tests-sol:
needs: build-acir-tests
runs-on: ${{ github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: barretenberg-acir-tests-sol-${{ github.actor }}-x86
- name: "BB Solidity Acir Tests"
working-directory: ./noir/
timeout-minutes: 25
run: earthly-ci --no-output ./+barretenberg-acir-tests-sol
barretenberg-acir-tests-bb-js:
needs: build-acir-tests
runs-on: ${{ github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: barretenberg-acir-tests-bb-js-${{ github.actor }}-x86
- name: "BB JS Acir Tests"
working-directory: ./noir/
timeout-minutes: 25
run: earthly-ci --no-output ./+barretenberg-acir-tests-bb.js
docs-preview:
needs: build
runs-on: ${{ inputs.username || github.actor }}-x86
if: github.event.number
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: docs-preview-${{ inputs.username || github.actor }}-x86
- name: "Docs Preview"
timeout-minutes: 30
run: earthly --no-output ./docs/+deploy-preview --PR=${{ github.event.number }} --AZTEC_BOT_COMMENTER_GITHUB_TOKEN=${{ secrets.AZTEC_BOT_GITHUB_TOKEN }} --NETLIFY_AUTH_TOKEN=${{ secrets.NETLIFY_AUTH_TOKEN }} --NETLIFY_SITE_ID=${{ secrets.NETLIFY_SITE_ID }}
# push benchmarking binaries to dockerhub registry
bb-bench-binaries:
needs: build
runs-on: ${{ inputs.username || github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: bb-bench-binaries-${{ inputs.username || github.actor }}-x86
- name: Build and Push Binaries
timeout-minutes: 15
working-directory: ./barretenberg/cpp/
run: earthly-ci --push +bench-binaries
setup-bench:
uses: ./.github/workflows/setup-runner.yml
needs: bb-bench-binaries
with:
runner_label: ${{ inputs.username || github.actor }}-bench-x86
ebs_cache_size_gb: 64
runner_concurrency: 1
subaction: ${{ inputs.runner_action || 'start' }}
ec2_instance_type: m6a.4xlarge
ec2_ami_id: ami-04d8422a9ba4de80f
ec2_instance_ttl: 15 # refreshed by jobs
secrets: inherit
bb-bench:
runs-on: ${{ inputs.username || github.actor }}-bench-x86
needs: setup-bench
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: bb-bench-${{ inputs.username || github.actor }}-bench-x86
# Use bench_mode=cache to read the pushed build above
- name: Client IVC Bench
working-directory: ./barretenberg/cpp/
timeout-minutes: 15
run: earthly-ci --no-output +bench-client-ivc --bench_mode=cache
- name: Ultrahonk Bench
working-directory: ./barretenberg/cpp/
timeout-minutes: 15
run: earthly-ci --no-output +bench-ultra-honk --bench_mode=cache
protocol-circuits-gates-report:
needs: setup
runs-on: ${{ inputs.username || github.actor }}-x86
steps:
- {
uses: actions/checkout@v4,
with: { ref: "${{ github.event.pull_request.head.sha }}" },
}
# Only allow one memory-hunger prover test to use this runner
- uses: ./.github/ci-setup-action
with:
dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
concurrency_key: protocol-circuits-gates-report-${{ inputs.username || github.actor }}-x86
- name: "Noir Protocol Circuits Report"
working-directory: ./noir-projects/
timeout-minutes: 25
run: |
earthly-ci --artifact +gates-report/gates_report.json
mv gates_report.json ../protocol_circuits_report.json
- name: Compare gates reports
id: gates_diff
uses: vezenovm/noir-gates-diff@acf12797860f237117e15c0d6e08d64253af52b6
with:
report: protocol_circuits_report.json
summaryQuantile: 0 # Display any diff in gate count
- name: Add gates diff to sticky comment
if: github.event_name == 'pull_request' || github.event_name == 'pull_request_target'
uses: marocchino/sticky-pull-request-comment@v2
with:
# delete the comment in case changes no longer impact circuit sizes
delete: ${{ !steps.gates_diff.outputs.markdown }}
message: ${{ steps.gates_diff.outputs.markdown }}
merge-check:
runs-on: ubuntu-latest
needs:
[
e2e,
bb-native-tests,
bb-bench,
yarn-project-formatting,
yarn-project-test,
prover-client-test,
bb-js-test,
barretenberg-acir-tests-bb-js,
barretenberg-acir-tests-bb,
barretenberg-acir-tests-sol,
noir-test,
noir-packages-test,
client-proof-tests,
]
if: always()
steps:
- run: |
failed=${{ contains(needs.*.result, 'failure') }}
if $failed
then
echo "At least one job failed, merging not allowed."
exit 1
fi
echo "All jobs succeeded, merge allowed."
notify:
needs:
- merge-check
runs-on: ubuntu-latest
if: ${{ github.ref == 'refs/heads/master' && failure() }}
steps:
- name: Send notification to aztec3-ci channel if workflow failed on master
uses: slackapi/slack-github-action@v1.25.0
with:
payload: |
{
"url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_NOTIFY_WORKFLOW_TRIGGER_URL }}