From 1aa90e92828db1ce3f6e21452a6626a8acf1cdae Mon Sep 17 00:00:00 2001 From: Jason Greathouse Date: Thu, 10 Oct 2024 15:35:23 -0500 Subject: [PATCH] DRY build/pubish jobs --- .github/actions/bootstrap-macos/action.yaml | 24 + .../actions/build-publish-charts/action.yaml | 40 ++ .../actions/build-publish-docker/action.yaml | 65 +++ .github/actions/build-rust/action.yaml | 15 +- .../action.yaml | 35 -- .../action.yaml | 33 -- .github/workflows/on-pr.yaml | 447 +++++++----------- 7 files changed, 316 insertions(+), 343 deletions(-) create mode 100644 .github/actions/bootstrap-macos/action.yaml create mode 100644 .github/actions/build-publish-charts/action.yaml create mode 100644 .github/actions/build-publish-docker/action.yaml delete mode 100644 .github/actions/mobilecoin-cache-cargo-package/action.yaml delete mode 100644 .github/actions/mobilecoin-cache-rust-binaries/action.yaml diff --git a/.github/actions/bootstrap-macos/action.yaml b/.github/actions/bootstrap-macos/action.yaml new file mode 100644 index 0000000000..e197310242 --- /dev/null +++ b/.github/actions/bootstrap-macos/action.yaml @@ -0,0 +1,24 @@ +name: Bootstrap MacOS Rust +description: Bootstrap MacOS environment for Rust build + +runs: + using: composite + steps: + - name: Bootstrap macOS + shell: bash + run: | + echo "-- install brew dependencies" + rm -rf "$(brew --prefix)/var/homebrew/locks" + brew bundle --quiet + + echo "-- install rust toolchain" + rm -rf /Users/runner/.cargo + rm -rf /Users/runner/.rustup + rustup toolchain install "$(cat rust-toolchain)" + + echo "-- add cargo to path" + rustup_cargo=$(rustup which cargo) + echo "CARGO_HOME=${HOME}/.cargo" >> "${GITHUB_ENV}" + echo "RUSTUP_HOME=${HOME}/.rustup" >> "${GITHUB_ENV}" + echo "${HOME}/.cargo/bin" >> "${GITHUB_PATH}" + echo "$(dirname "${rustup_cargo}")" >> "${GITHUB_PATH}" diff --git a/.github/actions/build-publish-charts/action.yaml b/.github/actions/build-publish-charts/action.yaml new file mode 100644 index 0000000000..adf7e401a7 --- /dev/null +++ b/.github/actions/build-publish-charts/action.yaml @@ -0,0 +1,40 @@ +name: Build and Publish Docker +description: Build docker containers + +inputs: + version: + description: "version of the build" + required: true + repo: + description: "chart repo to publish to" + required: false + default: "https://harbor.mobilecoin.com/chartrepo/mobilecoinofficial-public" + + +runs: + using: composite + steps: + - name: Checkout + uses: mobilecoinofficial/gh-actions/checkout@v0 + + - name: Publish helm chart full-service + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: helm-publish + chart_app_version: ${{ inputs.version }} + chart_path: .internal-ci/helm/full-service + chart_repo: ${{ inputs.repo }} + chart_repo_password: ${{ secrets.HARBOR_PASSWORD }} + chart_repo_username: ${{ secrets.HARBOR_USERNAME }} + chart_version: ${{ inputs.version }} + + - name: Publish helm chart full-service-mirror + uses: mobilecoinofficial/gha-k8s-toolbox@v1 + with: + action: helm-publish + chart_app_version: ${{ inputs.version }} + chart_path: .internal-ci/helm/full-service-mirror + chart_repo: ${{ inputs.repo }} + chart_repo_password: ${{ secrets.HARBOR_PASSWORD }} + chart_repo_username: ${{ secrets.HARBOR_USERNAME }} + chart_version: ${{ inputs.version }} diff --git a/.github/actions/build-publish-docker/action.yaml b/.github/actions/build-publish-docker/action.yaml new file mode 100644 index 0000000000..a11cf0b280 --- /dev/null +++ b/.github/actions/build-publish-docker/action.yaml @@ -0,0 +1,65 @@ +name: Build and Publish Docker +description: Build docker containers + +inputs: + network: + description: "network to download sigstruct from main|test" + required: true + version: + description: "version of the build" + required: true + +runs: + using: composite + steps: + - name: Setup ENV + shell: bash + run: | + # Set the MobileCoin network details for "batteries included" builds. + if [[ "${{ inputs.network }}" == "main" ]]; then + MC_PEER=mc://node1.prod.mobilecoinww.com/,mc://node2.prod.mobilecoinww.co + MC_TX_SOURCE_URL=https://ledger.mobilecoinww.com/node1.prod.mobilecoinww.com/,https://ledger.mobilecoinww.com/node2.prod.mobilecoinww.com + else + MC_PEER=mc://node1.test.mobilecoin.com/,mc://node2.test.mobilecoin.com/ + MC_TX_SOURCE_URL=https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.test.mobilecoin.com/,https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.test.mobilecoin.com + fi + + ARTIFACT_NAME="full-service-${{ inputs.network }}net-${{ runner.os }}-${{ runner.arch }}-${{ version }}" + + echo "MC_PEER=${MC_PEER}" >> "${GITHUB_ENV}" + echo "MC_TX_SOURCE_URL=${MC_TX_SOURCE_URL}" >> "${GITHUB_ENV}" + echo "ARTIFACT_NAME=${ARTIFACT_NAME}" >> "${GITHUB_ENV}" + echo "RUST_BIN_PATH=build-artifacts/${ARTIFACT_NAME}" >> "${GITHUB_ENV}" + + - name: Checkout + uses: mobilecoinofficial/gh-actions/checkout@v0 + + - name: Restore Artifacts + uses: mobilecoinofficial/gh-actions/download-artifact@v0 + with: + name: ${{ env.ARTIFACT_NAME }} + path: build-artifacts + + - name: check artifacts + shell: bash + run: | + ls -alR build-artifacts + # fix mirror binaries path + cp ${RUST_BIN_PATH}/mirror/* ${RUST_BIN_PATH} + + - name: Docker - build and publish full-service + uses: mobilecoinofficial/gh-actions/docker@v0 + with: + dockerfile: .internal-ci/docker/Dockerfile.full-service + images: mobilecoin/full-service + build_args: | + RUST_BIN_PATH=${{ env.RUST_BIN_PATH }} + MC_CHAIN_ID=${{ inputs.network }} + MC_PEER=${{ env.MC_PEER }} + MC_TX_SOURCE_URL=${{ env.MC_TX_SOURCE_URL }} + flavor: | + latest=false + tags: | + ${{ inputs.version}} + password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_USERNAME }} diff --git a/.github/actions/build-rust/action.yaml b/.github/actions/build-rust/action.yaml index 2aaabf48c8..69a8925ade 100644 --- a/.github/actions/build-rust/action.yaml +++ b/.github/actions/build-rust/action.yaml @@ -5,6 +5,9 @@ inputs: network: description: "network to download sigstruct from main|test" required: true + version: + description: "version of the build" + required: true runs: using: composite @@ -12,11 +15,6 @@ runs: - name: Setup ENV shell: bash run: | - set -e -o pipefail - - echo "GH_SHORT_SHA=sha-$(echo "${GITHUB_SHA}" | cut -c1-7)" >> "${GITHUB_ENV}" - echo "RUST_BACKTRACE=full" >> "${GITHUB_ENV}" - echo "SGX_MODE=HW" >> "${GITHUB_ENV}" echo "CONSENSUS_ENCLAVE_CSS=/var/tmp/consensus-enclave.css" >> "${GITHUB_ENV}" echo "INGEST_ENCLAVE_CSS=/var/tmp/ingest-enclave.css" >> "${GITHUB_ENV}" @@ -36,13 +34,16 @@ runs: - name: Cargo Build shell: bash + env: + RUST_BACKTRACE: full + SGX_MODE: HW run: | cargo build --release --locked - name: Copy binaries to artifact directory shell: bash run: | - ARTIFACT_DIR="build_artifacts/full-service-${{ inputs.network }}net-${{ runner.os }}-${{ runner.arch }}-${GH_SHORT_SHA}" + ARTIFACT_DIR="build_artifacts/full-service-${{ inputs.network }}net-${{ runner.os }}-${{ runner.arch }}-${{ inputs.version }}" mkdir -p "${ARTIFACT_DIR}/mirror" cp "${INGEST_ENCLAVE_CSS}" "${ARTIFACT_DIR}" @@ -59,5 +60,5 @@ runs: - name: Upload artifacts uses: mobilecoinofficial/gh-actions/upload-artifact@v0 with: - name: full-service-${{ inputs.network }}net-${{ runner.os }}-${{ runner.arch }}-${{ env.GH_SHORT_SHA }} + name: full-service-${{ inputs.network }}net-${{ runner.os }}-${{ runner.arch }}-${{ inputs.version }} path: build_artifacts diff --git a/.github/actions/mobilecoin-cache-cargo-package/action.yaml b/.github/actions/mobilecoin-cache-cargo-package/action.yaml deleted file mode 100644 index 9a1bde26ee..0000000000 --- a/.github/actions/mobilecoin-cache-cargo-package/action.yaml +++ /dev/null @@ -1,35 +0,0 @@ -name: Mobilecoin Cargo Package Cache -description: Standardized rust cargo package cache setup - -inputs: - cache_buster: - description: "string to make cache unique" - required: false - path: - description: "path to mount cache" - required: false - default: | - /opt/cargo/git - /opt/cargo/registry/index - /opt/cargo/registry/cache - additional_keys: - description: "additional values to add to the cache key" - required: false - default: "" - -outputs: - cache-hit: - description: "did we get a cache hit?" - value: ${{ steps.rust_artifact_cache.outputs.cache-hit }} - -runs: - using: composite - steps: - - name: Cache rust build binaries - id: rust_artifact_cache - uses: actions/cache@v3 - with: - path: ${{ inputs.path }} - # Key is a hash of all the Cargo.toml and Cargo.lock files. - # if packages change, invalidate cache and rebuild - key: ${{ inputs.cache_buster }}${{ inputs.additional_keys }}-${{ runner.os }}-${{ hashFiles('**/Cargo.toml', '**/Cargo.lock') }}-cargo-cache diff --git a/.github/actions/mobilecoin-cache-rust-binaries/action.yaml b/.github/actions/mobilecoin-cache-rust-binaries/action.yaml deleted file mode 100644 index 63ab007318..0000000000 --- a/.github/actions/mobilecoin-cache-rust-binaries/action.yaml +++ /dev/null @@ -1,33 +0,0 @@ -name: Mobilecoin Rust Binary Cache -description: Standardized rust binary cache setup - -inputs: - cache_buster: - description: "string to make cache unique" - required: false - path: - description: "path to mount cache" - required: false - default: | - rust_build_artifacts - additional_keys: - description: "additional values to add to the cache key" - required: false - default: "" - -outputs: - cache-hit: - description: "did we get a cache hit?" - value: ${{ steps.rust_artifact_cache.outputs.cache-hit }} - -runs: - using: composite - steps: - - name: Cache rust build binaries - id: rust_artifact_cache - uses: actions/cache@v3 - with: - path: ${{ inputs.path }} - # Key is a hash of all the .rs, .proto and Cargo.toml files. - # if code changes, invalidate cache and rebuild - key: ${{ inputs.cache_buster }}${{ inputs.additional_keys }}-${{ runner.os }}-${{ hashFiles('**/*.rs', '**/*.proto', '**/Cargo.toml', '**/*.edl', '.cargo/config') }}-rust-build-artifacts diff --git a/.github/workflows/on-pr.yaml b/.github/workflows/on-pr.yaml index 31241671d4..b66e7e7592 100644 --- a/.github/workflows/on-pr.yaml +++ b/.github/workflows/on-pr.yaml @@ -1,4 +1,10 @@ -# Placeholder for the PR workflow. +# On PR workflow +# CBB List: +# - Rust artifact caching +# - Lint Shell +# - CodeCov +# - Integration tests + name: on-pr on: @@ -14,113 +20,119 @@ permissions: env: ARTIFACT_NAME: placeholder - CONSENSUS_ENCLAVE_CSS: /tmp/consensus-enclave.css GH_SHORT_SHA: placeholder - INGEST_ENCLAVE_CSS: /tmp/ingest-enclave.css - RUST_BACKTRACE: full RUST_BIN_PATH: placeholder + CONSENSUS_ENCLAVE_CSS: /var/tmp/consensus-enclave.css + INGEST_ENCLAVE_CSS: /var/tmp/ingest-enclave.css jobs: + meta: + runs-on: mco-dev-small-x64 + outputs: + version: ${{ steps.version.outputs.version }} + steps: + - name: Set Version + id: version + run: | + echo "version=v0-${{ github.run_number }}.sha-${GITHUB_SHA::7}" >> "${GITHUB_OUTPUT}" + lint-actions: runs-on: mco-dev-small-x64 steps: - name: Lint GitHub Actions - uses: mobilecoinofficial/gh-actions/lint-actions@27a8d66eb4dcb10910cc8560563391e64238634a + uses: mobilecoinofficial/gh-actions/lint-actions@v0 # CBB: Need to clean up repo shell scripts to pass shellcheck # lint-shell: # runs-on: mco-dev-small-x64 # steps: # - name: Lint shell with Shellcheck - # uses: mobilecoinofficial/gh-actions/lint-shell@27a8d66eb4dcb10910cc8560563391e64238634a + # uses: mobilecoinofficial/gh-actions/lint-shell@v0 lint-helm: runs-on: mco-dev-small-x64 steps: - name: Lint Helm Charts - uses: mobilecoinofficial/gh-actions/lint-helm@bf0be2f50d73f7be52b5519f2bc248b5db558aae + uses: mobilecoinofficial/gh-actions/lint-helm@v0 lint-docker: runs-on: mco-dev-small-x64 steps: - name: Lint Dockerfiles with Hadolint - uses: mobilecoinofficial/gh-actions/lint-docker@27a8d66eb4dcb10910cc8560563391e64238634a - - - - # lint-rust: - # runs-on: mco-dev-large-x64 - # container: - # image: mobilecoin/rust-sgx-base:v0.0.36 - # env: - # SGX_MODE: SW - # steps: - # - name: Checkout - # uses: mobilecoinofficial/gh-actions/checkout@v0 - - # - name: Consensus SigStruct - # uses: ./.github/actions/download-sigstruct - # with: - # sigstruct: consensus - # network: test - # download_path: ${{ env.CONSENSUS_ENCLAVE_CSS }} - - # - name: Ingest SigStruct - # uses: ./.github/actions/download-sigstruct - # with: - # sigstruct: ingest - # network: test - # download_path: ${{ env.INGEST_ENCLAVE_CSS }} - - # - name: Cargo sort - # shell: bash - # run: | - # cargo install cargo-sort --force - # cargo sort --workspace --grouped --check - - # - name: Cargo fmt - # shell: bash - # run: | - # cargo fmt -- --unstable-features --check - - # - name: Cargo Clippy - # shell: bash - # run: | - # cargo clippy --all --all-features - - # test-rust: - # runs-on: mco-dev-large-x64 - # container: - # image: mobilecoin/rust-sgx-base:v0.0.36 - # env: - # SGX_MODE: SW - - # steps: - # - name: Checkout - # uses: mobilecoinofficial/gh-actions/checkout@v0 - - # - name: Consensus SigStruct - # uses: ./.github/actions/download-sigstruct - # with: - # sigstruct: consensus - # network: test - # download_path: ${{ env.CONSENSUS_ENCLAVE_CSS }} - - # - name: Ingest SigStruct - # uses: ./.github/actions/download-sigstruct - # with: - # sigstruct: ingest - # network: test - # download_path: ${{ env.INGEST_ENCLAVE_CSS }} - - # - name: Cargo Test - # shell: bash - # env: - # CARGO_INCREMENTAL: "0" - # RUSTFLAGS: "-Zprofile -Ccodegen-units=1 -Cinline-threshold=0 -Clink-dead-code -Coverflow-checks=off -Cpanic=abort -Zpanic_abort_tests" - # RUSTDOCFLAGS: "-Zprofile -Ccodegen-units=1 -Cinline-threshold=0 -Clink-dead-code -Coverflow-checks=off -Cpanic=abort -Zpanic_abort_tests" - # run: | - # cargo test + uses: mobilecoinofficial/gh-actions/lint-docker@v0 + + lint-rust: + runs-on: mco-dev-large-x64 + container: + image: mobilecoin/rust-sgx-base:v0.0.36 + env: + SGX_MODE: SW + steps: + - name: Checkout + uses: mobilecoinofficial/gh-actions/checkout@v0 + + - name: Consensus SigStruct + uses: ./.github/actions/download-sigstruct + with: + sigstruct: consensus + network: test + download_path: ${{ env.CONSENSUS_ENCLAVE_CSS }} + + - name: Ingest SigStruct + uses: ./.github/actions/download-sigstruct + with: + sigstruct: ingest + network: test + download_path: ${{ env.INGEST_ENCLAVE_CSS }} + + - name: Cargo sort + shell: bash + run: | + cargo install cargo-sort --force + cargo sort --workspace --grouped --check + + - name: Cargo fmt + shell: bash + run: | + cargo fmt -- --unstable-features --check + + - name: Cargo Clippy + shell: bash + run: | + cargo clippy --all --all-features + + test-rust: + runs-on: mco-dev-large-x64 + container: + image: mobilecoin/rust-sgx-base:v0.0.36 + env: + SGX_MODE: SW + steps: + - name: Checkout + uses: mobilecoinofficial/gh-actions/checkout@v0 + + - name: Consensus SigStruct + uses: ./.github/actions/download-sigstruct + with: + sigstruct: consensus + network: test + download_path: ${{ env.CONSENSUS_ENCLAVE_CSS }} + + - name: Ingest SigStruct + uses: ./.github/actions/download-sigstruct + with: + sigstruct: ingest + network: test + download_path: ${{ env.INGEST_ENCLAVE_CSS }} + + - name: Cargo Test + shell: bash + env: + CARGO_INCREMENTAL: "0" + RUSTFLAGS: "-Zprofile -Ccodegen-units=1 -Cinline-threshold=0 -Clink-dead-code -Coverflow-checks=off -Cpanic=abort -Zpanic_abort_tests" + RUSTDOCFLAGS: "-Zprofile -Ccodegen-units=1 -Cinline-threshold=0 -Clink-dead-code -Coverflow-checks=off -Cpanic=abort -Zpanic_abort_tests" + run: | + cargo test # skip coverage for now, old actions-rs/grcov is deprecated # need to learn how to generate .xml reports for codecov below @@ -138,187 +150,86 @@ jobs: # env: # CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - # build-rust-linux: - # strategy: - # matrix: - # runner: - # - mco-dev-large-x64 - # network: - # - main - # - test - # runs-on: ${{ matrix.runner }} - # container: - # image: mobilecoin/rust-sgx-base:v0.0.36 - # steps: - # - name: Checkout - # uses: mobilecoinofficial/gh-actions/checkout@v0 - - # - name: Build Rust - # uses: ./.github/actions/build-rust - # with: - # network: ${{ matrix.network }} - - # build-rust-macos: - # strategy: - # fail-fast: false - # matrix: - # runner: - # - [self-hosted, macOS, X64] - # - [self-hosted, macOS, ARM64] - # network: - # - main - # - test - # runs-on: ${{ matrix.runner }} - # steps: - # - name: Checkout - # uses: mobilecoinofficial/gh-actions/checkout@v0 - - # - name: Bootstrap macOS - # shell: bash - # run: | - # echo "-- install brew dependencies" - # rm -rf "$(brew --prefix)/var/homebrew/locks" - # brew bundle --quiet - - # echo "-- install rust toolchain" - # rm -rf /Users/runner/.cargo - # rm -rf /Users/runner/.rustup - # rustup toolchain install "$(cat rust-toolchain)" - - # echo "-- add cargo to path" - # rustup_cargo=$(rustup which cargo) - # echo "CARGO_HOME=${HOME}/.cargo" >> "${GITHUB_ENV}" - # echo "RUSTUP_HOME=${HOME}/.rustup" >> "${GITHUB_ENV}" - # echo "${HOME}/.cargo/bin" >> "${GITHUB_PATH}" - # echo "$(dirname "${rustup_cargo}")" >> "${GITHUB_PATH}" - - # - name: Build Rust - # uses: ./.github/actions/build-rust - # with: - # network: ${{ matrix.network }} - - # build-publish-containers: - # needs: - # - build-rust-linux - # strategy: - # matrix: - # runner: - # - mco-dev-small-x64 - # network: - # - chain_id: main - # peer: mc://node1.prod.mobilecoinww.com/,mc://node2.prod.mobilecoinww.com/ - # tx_source_url: https://ledger.mobilecoinww.com/node1.prod.mobilecoinww.com/,https://ledger.mobilecoinww.com/node2.prod.mobilecoinww.com - # - chain_id: test - # peer: mc://node1.test.mobilecoin.com/,mc://node2.test.mobilecoin.com/ - # tx_source_url: https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node1.test.mobilecoin.com/,https://s3-us-west-1.amazonaws.com/mobilecoin.chain/node2.test.mobilecoin.com/ - # runs-on: ${{ matrix.runner }} - # steps: - # - name: Checkout - # uses: mobilecoinofficial/gh-actions/checkout@v0 - - # - name: Setup Env - # shell: bash - # run: | - # set -e -o pipefail - - # # Set vars so we can use them in this step - # GH_SHORT_SHA="sha-$(echo "${GITHUB_SHA}" | cut -c1-7)" - # ARTIFACT_NAME="full-service-${{ matrix.network.chain_id }}net-${{ runner.os }}-${{ runner.arch }}-${GH_SHORT_SHA}" - - # echo "GH_SHORT_SHA=${GH_SHORT_SHA}" >> "${GITHUB_ENV}" - # echo "ARTIFACT_NAME=${ARTIFACT_NAME}" >> "${GITHUB_ENV}" - # echo "RUST_BIN_PATH=build-artifacts/${ARTIFACT_NAME}" >> "${GITHUB_ENV}" - - # # CBB: Move this to gh-actions - # - name: Restore Artifacts - # uses: actions/download-artifact@v4 - # with: - # name: ${{ env.ARTIFACT_NAME }} - # path: build-artifacts - - # - name: check artifacts - # shell: bash - # run: | - # ls -alR build-artifacts - # # fix mirror binaries path - # cp ${RUST_BIN_PATH}/mirror/* ${RUST_BIN_PATH} - - # - name: Docker - build and publish full-service - # uses: mobilecoinofficial/gh-actions/docker@v0 - # with: - # dockerfile: .internal-ci/docker/Dockerfile.full-service - # images: mobilecoin/full-service - # build_args: | - # RUST_BIN_PATH=${{ env.RUST_BIN_PATH }} - # MC_CHAIN_ID=${{ matrix.network.chain_id }} - # MC_PEER=${{ matrix.network.peer }} - # MC_TX_SOURCE_URL=${{ matrix.network.tx_source_url }} - # flavor: | - # latest=false - # tags: | - # v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net - # password: ${{ secrets.DOCKERHUB_TOKEN }} - # username: ${{ secrets.DOCKERHUB_USERNAME }} - - # build-publish-charts: - # needs: - # - build-rust-linux - # strategy: - # matrix: - # network: - # - chain_id: main - # - chain_id: test - # runs-on: mco-dev-small-x64 - # env: - # CHART_REPO: https://harbor.mobilecoin.com/chartrepo/mobilecoinofficial-public - # steps: - # - name: Checkout - # uses: mobilecoinofficial/gh-actions/checkout@v0 - - # - name: Setup Env - # shell: bash - # run: | - # set -e -o pipefail - # echo "GH_SHORT_SHA=sha-$(echo "${GITHUB_SHA}" | cut -c1-7)" >> "${GITHUB_ENV}" - - # - name: Publish helm chart full-service - # uses: mobilecoinofficial/gha-k8s-toolbox@v1 - # with: - # action: helm-publish - # chart_app_version: v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net - # chart_path: .internal-ci/helm/full-service - # chart_repo: ${{ env.CHART_REPO }} - # chart_repo_password: ${{ secrets.HARBOR_PASSWORD }} - # chart_repo_username: ${{ secrets.HARBOR_USERNAME }} - # chart_version: v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net - - # - name: Publish helm chart full-service-mirror - # uses: mobilecoinofficial/gha-k8s-toolbox@v1 - # with: - # action: helm-publish - # chart_app_version: v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net - # chart_path: .internal-ci/helm/full-service-mirror - # chart_repo: ${{ env.CHART_REPO }} - # chart_repo_password: ${{ secrets.HARBOR_PASSWORD }} - # chart_repo_username: ${{ secrets.HARBOR_USERNAME }} - # chart_version: v0-${{ env.GH_SHORT_SHA }}.${{ matrix.network.chain_id }}net - -# build binaries: -# testnet, mainnet -# linux amd64 arm64 -# macos intel, apple - -# containers: -# linux arm64, amd64 - -# test: -# lint -# docker (hadolint) -# shellcheck -# actionlint -# helm lint -# rust/cargo fmt -# rust/cargo clippy -# rust/cargo sort -# unit -# integration - testnet, mainnet + build-rust-linux: + needs: + - meta + strategy: + matrix: + runner: + - mco-dev-large-x64 + network: + - main + - test + runs-on: ${{ matrix.runner }} + container: + image: mobilecoin/rust-sgx-base:v0.0.36 + steps: + - name: Checkout + uses: mobilecoinofficial/gh-actions/checkout@v0 + + - name: Build Rust + uses: ./.github/actions/build-rust + with: + network: ${{ matrix.network }} + version: ${{ needs.meta.outputs.version }}.${{ matrix.network }}net + + build-rust-macos: + needs: + - meta + strategy: + fail-fast: false + matrix: + runner: + - [self-hosted, macOS, X64] + - [self-hosted, macOS, ARM64] + network: + - main + - test + runs-on: ${{ matrix.runner }} + steps: + - name: Checkout + uses: mobilecoinofficial/gh-actions/checkout@v0 + + - name: Bootstrap MacOS Rust + uses: ./.github/actions/bootstrap-macos + + - name: Build Rust + uses: ./.github/actions/build-rust + with: + network: ${{ matrix.network }} + version: ${{ needs.meta.outputs.version }}.${{ matrix.network }}net + + build-publish-containers: + needs: + - meta + - build-rust-linux + strategy: + matrix: + runner: + - mco-dev-small-x64 + network: + - main + - test + runs-on: ${{ matrix.runner }} + steps: + - name: Build and Publish Docker + uses: ./.github/actions/build-publish-docker + with: + network: ${{ matrix.network }} + version: ${{ needs.meta.outputs.version }}.${{ matrix.network }}net + + build-publish-charts: + needs: + - meta + - build-publish-containers + strategy: + matrix: + network: + - main + - test + runs-on: mco-dev-small-x64 + steps: + - name: Build and Publish Helm Charts + uses: ./.github/actions/build-publish-helm + with: + version: ${{ needs.meta.outputs.version }}.${{ matrix.network }}net