Skip to content

Commit

Permalink
try again
Browse files Browse the repository at this point in the history
  • Loading branch information
BillyWooo committed Sep 29, 2024
1 parent ef0b2df commit 5c536ac
Show file tree
Hide file tree
Showing 2 changed files with 115 additions and 111 deletions.
212 changes: 108 additions & 104 deletions .github/workflows/create-release-draft.yml
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ jobs:

- name: Build docker image
run: |
./parachain/scripts/build-docker.sh production ${{ env.RELEASE_TAG }}
docker pull litentry/litentry-parachain:v0.9.20-04
echo "============================="
docker images
Expand Down Expand Up @@ -163,7 +163,7 @@ jobs:
build-identity-worker:
if: ${{ github.event.inputs.identity_worker == 'true' }}
runs-on: ubuntu-latest
environment: production
# environment: production
steps:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
Expand All @@ -184,38 +184,40 @@ jobs:
driver: docker

# the key for identity worker enclave shall be renewed when switching to sdk-v2.0.0
- name: Write enclave signing key
run: |
cat << EOF > tee-worker/identity/enclave_key.pem
${{ secrets.IDENTITY_ENCLAVE_STAGING_SIGNING_KEY }}
EOF
- name: Build local builder
uses: docker/build-push-action@v6
env:
DOCKER_BUILD_RECORD_UPLOAD: false
with:
context: .
file: tee-worker/identity/build.Dockerfile
tags: local-builder:latest
target: builder
build-args: |
WORKER_MODE_ARG=sidechain
ADDITIONAL_FEATURES_ARG=
SGX_PRODUCTION=1
SGX_MODE=HW
IMAGE_FOR_RELEASE=true
SGX_COMMERCIAL_KEY=enclave_key.pem
- name: Build worker
uses: docker/build-push-action@v6
env:
DOCKER_BUILD_RECORD_UPLOAD: false
with:
context: .
file: tee-worker/identity/build.Dockerfile
tags: litentry/identity-worker:${{ env.RELEASE_TAG }}
target: worker-release
# - name: Write enclave signing key
# run: |
# cat << EOF > tee-worker/identity/enclave_key.pem
# ${{ secrets.IDENTITY_ENCLAVE_STAGING_SIGNING_KEY }}
# EOF

# - name: Build local builder
# uses: docker/build-push-action@v6
# env:
# DOCKER_BUILD_RECORD_UPLOAD: false
# with:
# context: .
# file: tee-worker/identity/build.Dockerfile
# tags: local-builder:latest
# target: builder
# build-args: |
# WORKER_MODE_ARG=sidechain
# ADDITIONAL_FEATURES_ARG=
# SGX_PRODUCTION=1
# SGX_MODE=HW
# IMAGE_FOR_RELEASE=true
# SGX_COMMERCIAL_KEY=enclave_key.pem

# - name: Build worker
# uses: docker/build-push-action@v6
# env:
# DOCKER_BUILD_RECORD_UPLOAD: false
# with:
# context: .
# file: tee-worker/identity/build.Dockerfile
# tags: litentry/identity-worker:${{ env.RELEASE_TAG }}
# target: worker-release

- run: docker pull litentry/identity-worker:v0.9.20-04

- run: docker images --all

Expand All @@ -232,7 +234,7 @@ jobs:
build-bitacross-worker:
if: ${{ github.event.inputs.bitacross_worker == 'true' }}
runs-on: ubuntu-latest
environment: production
# environment: production
steps:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
Expand All @@ -252,38 +254,40 @@ jobs:
# see https://docs.docker.com/build/drivers/
driver: docker

- name: Write enclave signing key
run: |
cat << EOF > tee-worker/bitacross/enclave_key.pem
${{ secrets.BITACROSS_ENCLAVE_PROD_SIGNING_KEY }}
EOF
- name: Build local builder
uses: docker/build-push-action@v6
env:
DOCKER_BUILD_RECORD_UPLOAD: false
with:
context: .
file: tee-worker/bitacross/build.Dockerfile
tags: local-builder:latest
target: builder
build-args: |
WORKER_MODE_ARG=offchain-worker
ADDITIONAL_FEATURES_ARG=
SGX_PRODUCTION=1
SGX_MODE=HW
IMAGE_FOR_RELEASE=true
SGX_COMMERCIAL_KEY=enclave_key.pem
- name: Build worker
uses: docker/build-push-action@v6
env:
DOCKER_BUILD_RECORD_UPLOAD: false
with:
context: .
file: tee-worker/bitacross/build.Dockerfile
tags: litentry/bitacross-worker:${{ env.RELEASE_TAG }}
target: worker-release
# - name: Write enclave signing key
# run: |
# cat << EOF > tee-worker/bitacross/enclave_key.pem
# ${{ secrets.BITACROSS_ENCLAVE_PROD_SIGNING_KEY }}
# EOF

# - name: Build local builder
# uses: docker/build-push-action@v6
# env:
# DOCKER_BUILD_RECORD_UPLOAD: false
# with:
# context: .
# file: tee-worker/bitacross/build.Dockerfile
# tags: local-builder:latest
# target: builder
# build-args: |
# WORKER_MODE_ARG=offchain-worker
# ADDITIONAL_FEATURES_ARG=
# SGX_PRODUCTION=1
# SGX_MODE=HW
# IMAGE_FOR_RELEASE=true
# SGX_COMMERCIAL_KEY=enclave_key.pem

# - name: Build worker
# uses: docker/build-push-action@v6
# env:
# DOCKER_BUILD_RECORD_UPLOAD: false
# with:
# context: .
# file: tee-worker/bitacross/build.Dockerfile
# tags: litentry/bitacross-worker:${{ env.RELEASE_TAG }}
# target: worker-release

- run: docker pull litentry/bitacross-worker:v0.9.20-04

- run: docker images --all

Expand Down Expand Up @@ -315,42 +319,42 @@ jobs:
with:
name: litentry-collator

- name: Load docker image
run: |
docker load < litentry-parachain-dev.tar.gz
docker tag litentry/litentry-parachain:${{ env.RELEASE_TAG }} litentry/litentry-parachain:latest
docker images
- name: Enable corepack and pnpm
run: corepack enable && corepack enable pnpm

- name: Run ts tests for ${{ matrix.chain }}
timeout-minutes: 30
run: |
make test-ts-${{ matrix.chain }}
- name: Archive logs if test fails
uses: actions/upload-artifact@v4
if: ${{ failure() }}
with:
name: ${{ matrix.chain }}-ts-tests-artifacts
path: /tmp/parachain_dev/
retention-days: 3

- name: Dockerhub login
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}

- name: Push docker image
run: |
docker push litentry/litentry-parachain:${{ env.RELEASE_TAG }}
- name: Clean up for ${{ matrix.chain }}
if: ${{ always() }}
run: |
make clean-network
# - name: Load docker image
# run: |
# docker load < litentry-parachain-dev.tar.gz
# docker tag litentry/litentry-parachain:${{ env.RELEASE_TAG }} litentry/litentry-parachain:latest
# docker images

# - name: Enable corepack and pnpm
# run: corepack enable && corepack enable pnpm

# - name: Run ts tests for ${{ matrix.chain }}
# timeout-minutes: 30
# run: |
# make test-ts-${{ matrix.chain }}

# - name: Archive logs if test fails
# uses: actions/upload-artifact@v4
# if: ${{ failure() }}
# with:
# name: ${{ matrix.chain }}-ts-tests-artifacts
# path: /tmp/parachain_dev/
# retention-days: 3

# - name: Dockerhub login
# uses: docker/login-action@v3
# with:
# username: ${{ secrets.DOCKERHUB_USERNAME }}
# password: ${{ secrets.DOCKERHUB_PASSWORD }}

# - name: Push docker image
# run: |
# docker push litentry/litentry-parachain:${{ env.RELEASE_TAG }}

# - name: Clean up for ${{ matrix.chain }}
# if: ${{ always() }}
# run: |
# make clean-network

## create the release draft ##
create-release-draft:
Expand All @@ -370,7 +374,7 @@ jobs:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
ref: try-again
fetch-depth: 0

- name: Download all artefacts
Expand Down
14 changes: 7 additions & 7 deletions parachain/scripts/generate-release-notes.sh
Original file line number Diff line number Diff line change
Expand Up @@ -41,29 +41,29 @@ is_bitacross_worker_release() {
[ "${type:3:1}" = "1" ]
}

cd "$ROOTDIR/parachain"
cd "$ROOTDIR"

if is_client_release; then
# base image used to build the node binary
NODE_BUILD_BASE_IMAGE=$(grep FROM docker/Dockerfile | head -n1 | sed 's/^FROM //;s/ as.*//')
NODE_BUILD_BASE_IMAGE=$(grep FROM parachain/docker/Dockerfile | head -n1 | sed 's/^FROM //;s/ as.*//')

# somehow `docker inspect` doesn't pull our litentry-parachain image sometimes
docker pull "$NODE_BUILD_BASE_IMAGE"
docker pull "litentry/litentry-parachain:$PARACHAIN_DOCKER_TAG"

NODE_VERSION=$(grep version node/Cargo.toml | head -n1 | sed "s/'$//;s/.*'//")
NODE_VERSION=$(grep version parachain/node/Cargo.toml | head -n1 | sed "s/'$//;s/.*'//")
NODE_BIN=litentry-collator
# if is_client_release, files are downloaded in the upper layer
NODE_SHA1SUM=$(shasum ../litentry-collator/"$NODE_BIN" | awk '{print $1}')
NODE_SHA1SUM=$(shasum litentry-collator/"$NODE_BIN" | awk '{print $1}')
if [ -f rust-toolchain.toml ]; then
NODE_RUSTC_VERSION=$(rustc --version)
else
NODE_RUSTC_VERSION=$(docker run --rm "$NODE_BUILD_BASE_IMAGE" rustup default nightly 2>&1 | grep " installed" | sed 's/.*installed - //')
fi
fi

SUBSTRATE_DEP=$(grep 'frame-system' ./Cargo.toml | head -n1 | sed 's/.*branch = "//;s/".*//')
FRONTIER_DEP=$(grep 'fc-api' ./Cargo.toml | head -n1 | sed 's/.*branch = "//;s/".*//')
SUBSTRATE_DEP=$(grep 'frame-system' parachain/Cargo.toml | head -n1 | sed 's/.*branch = "//;s/".*//')
FRONTIER_DEP=$(grep 'fc-api' parachain/Cargo.toml | head -n1 | sed 's/.*branch = "//;s/".*//')

echo > "$1"
echo "## This is a release for:" >> "$1"
Expand Down Expand Up @@ -121,7 +121,7 @@ if is_runtime_release; then
echo "## Parachain runtime" >> "$1"
for CHAIN in rococo litentry paseo; do
SRTOOL_DIGEST_FILE=$CHAIN-parachain-runtime/$CHAIN-parachain-srtool-digest.json
RUNTIME_VERSION=$(grep spec_version runtime/$CHAIN/src/lib.rs | sed 's/.*version: //;s/,//')
RUNTIME_VERSION=$(grep spec_version parachain/runtime/$CHAIN/src/lib.rs | sed 's/.*version: //;s/,//')
RUNTIME_COMPRESSED_SIZE=$(cat "$SRTOOL_DIGEST_FILE" | jq .runtimes.compressed.size | sed 's/"//g')
RUNTIME_RUSTC_VERSION=$(cat "$SRTOOL_DIGEST_FILE" | jq .rustc | sed 's/"//g')
RUNTIME_COMPRESSED_SHA256=$(cat "$SRTOOL_DIGEST_FILE" | jq .runtimes.compressed.sha256 | sed 's/"//g')
Expand Down

0 comments on commit 5c536ac

Please sign in to comment.