From 6d5cf3019685ad1b2eba61670f200e8972d2f4bf Mon Sep 17 00:00:00 2001 From: Conor Schaefer Date: Thu, 2 Nov 2023 16:43:59 -0700 Subject: [PATCH 1/7] ci: use apply rather than sync for deploys This reverts commit 155df60540ada18f8c4315d41b1a3bfad11dd76d, which itself reverted commit 25c4e6fd531136f97bbdee71aef269f05c35ccf0. ci: use helmfile gha helper For including helm-diff, required for running "helmfile apply" Refs #3279. (cherry picked from commit c088e35d566a6dc89a892db80dad101765f6f92a) --- .github/workflows/deploy-preview.yml | 14 +++----------- deployments/ci.sh | 3 +-- 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml index 09461420e8..0a2ff0c65d 100644 --- a/.github/workflows/deploy-preview.yml +++ b/.github/workflows/deploy-preview.yml @@ -55,17 +55,9 @@ jobs: location: us-central1 - name: install helmfile - run: | - helmfile_version="0.157.0" - helmfile_url="https://github.com/helmfile/helmfile/releases/download/v${helmfile_version}/helmfile_${helmfile_version}_linux_amd64.tar.gz" - mkdir -p /tmp/helmfile-download - cd /tmp/helmfile-download || exit 1 - curl -SfL -O "$helmfile_url" - tar -xzf helmfile*.tar.gz - mkdir -p "$HOME/bin" - cp helmfile "$HOME/bin/" - export PATH="$HOME/bin:$PATH" - which helmfile + uses: mamezou-tech/setup-helmfile@v1.3.0 + with: + helmfile-version: "v0.157.0" - name: deploy run: |- diff --git a/deployments/ci.sh b/deployments/ci.sh index 7c059716a6..e1d584f415 100755 --- a/deployments/ci.sh +++ b/deployments/ci.sh @@ -49,8 +49,7 @@ function helm_uninstall() { # as necessary. Will *not* replace certain durable resources like # the LoadBalancer Service objects, which are annotated with helm.sh/resource-policy=keep. function helm_install() { - # TODO: make sure helmfile is present in ci environemnt. - helmfile sync -f "$HELMFILE_MANIFEST" --args \ + helmfile apply -f "$HELMFILE_MANIFEST" --args \ --set="image.tag=${PENUMBRA_VERSION}" } From 7c0d1b667b821a5093ab06e8f181e018fe29c8dc Mon Sep 17 00:00:00 2001 From: Conor Schaefer Date: Fri, 3 Nov 2023 09:23:12 -0700 Subject: [PATCH 2/7] ci: helmfile apply support for testnet Follow-up to c088e35d566a6dc89a892db80dad101765f6f92a, ensuring that the "testnet" workflow matches the "preview" change. (cherry picked from commit 4f912f73ea8d8565493777167f841fcfa89396f7) --- .github/workflows/deploy-testnet.yml | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/.github/workflows/deploy-testnet.yml b/.github/workflows/deploy-testnet.yml index 5a8b2d05bd..08f7b7dce2 100644 --- a/.github/workflows/deploy-testnet.yml +++ b/.github/workflows/deploy-testnet.yml @@ -49,17 +49,9 @@ jobs: location: us-central1 - name: install helmfile - run: | - helmfile_version="0.157.0" - helmfile_url="https://github.com/helmfile/helmfile/releases/download/v${helmfile_version}/helmfile_${helmfile_version}_linux_amd64.tar.gz" - mkdir -p /tmp/helmfile-download - cd /tmp/helmfile-download || exit 1 - curl -SfL -O "$helmfile_url" - tar -xzf helmfile*.tar.gz - mkdir -p "$HOME/bin" - cp helmfile "$HOME/bin/" - export PATH="$HOME/bin:$PATH" - which helmfile + uses: mamezou-tech/setup-helmfile@v1.3.0 + with: + helmfile-version: "v0.157.0" - name: deploy run: |- From aa74b6abb0b3734a3d4a246fc4ab058285d154a5 Mon Sep 17 00:00:00 2001 From: Conor Schaefer Date: Fri, 3 Nov 2023 09:35:19 -0700 Subject: [PATCH 3/7] ci: fix remote container builds for bot images There are two changes here: 1. Ensure that the PENUMBRA_VERSION is submitted to remote repo build jobs, so that a matching container version is created, e.g. "ghcr.io/penumbra-zone/galileo:penumbra-v0.63.1". 2. Ensure that the PENUMBRA_VERSION var is populated when bouncing the deployment on the cluster, so the newly created tag is referenced. Crucially, we needed to switch from "repository_dispatch" events (which support a `client_payload` dict in the posted JSON) to "workflow_dispatch" events (which support an `inputs` dict, allowing us to set the required `penumbra_version` field). Refs #3279. (cherry picked from commit 80401e3451621c892dcb5d591e3d743cf8087e3c) --- .github/workflows/deploy-testnet.yml | 2 ++ deployments/scripts/gha-repository-dispatch | 22 +++++++++++++++------ 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/.github/workflows/deploy-testnet.yml b/.github/workflows/deploy-testnet.yml index 08f7b7dce2..081b0934d1 100644 --- a/.github/workflows/deploy-testnet.yml +++ b/.github/workflows/deploy-testnet.yml @@ -67,6 +67,7 @@ jobs: - name: bounce osiris shell: bash run: |- + export PENUMBRA_VERSION='${{ github.event.inputs.image_tag || github.ref_name }}' # Set the exact version for the current testnet for Osiris, so deps match. kubectl set image deployments \ -l "app.kubernetes.io/instance=osiris-testnet" \ @@ -78,6 +79,7 @@ jobs: - name: bounce galileo shell: bash run: |- + export PENUMBRA_VERSION='${{ github.event.inputs.image_tag || github.ref_name }}' # Set the exact version for the current testnet for Galileo, so deps match. kubectl set image deployments \ -l "app.kubernetes.io/instance=galileo" \ diff --git a/deployments/scripts/gha-repository-dispatch b/deployments/scripts/gha-repository-dispatch index 9fcad01e29..93c7caa96a 100755 --- a/deployments/scripts/gha-repository-dispatch +++ b/deployments/scripts/gha-repository-dispatch @@ -2,7 +2,10 @@ # Utility script to trigger GitHub Action workflows across different repositories [0]. # Requires a GitHub Personal Access Token (PAT), exported as GITHUB_PAT env var [1]. # -# [0] https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#repository_dispatch +# Uses event `workflow_dispatch`, rather than `repository_dispatch`, because the latter +# does not support passing `inputs`, which we need to set a specific version of Penumbra. +# +# [0] https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch # [1] https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens set -euo pipefail @@ -19,11 +22,15 @@ elif [[ -z "$github_pat" ]] ; then exit 1 fi +# The workflow id is the filename containing the job YAML. +# https://docs.github.com/en/rest/actions/workflows?apiVersion=2022-11-28#get-a-workflow +workflow_id="container.yml" + # Support overriding the upstream version of Penumbra, but default to 'main'. penumbra_version="${PENUMBRA_VERSION:-main}" -# Build URL for repository dispatch API endpoint. -github_repository_url="https://api.github.com/repos/${github_repo}/dispatches" +# Build URL for workflow dispatch API endpoint. +github_workflow_url="https://api.github.com/repos/${github_repo}/actions/workflows/${workflow_id}/dispatches" # Accept arguments for workflow, and emit valid JSON for curl request. # Using printf allows us to interpolate bash variables in JSON, @@ -32,12 +39,15 @@ function format_json_payload() { local v v="${1:-}" shift - printf '{"event_type": "container-build", "client_payload": { "penumbra_version": "%s" }}' "$v" + # N.B. the "ref" value here is the gitref on the remote repo, not the calling repo. + printf '{"ref": "main", "inputs": { "penumbra_version": "%s" }}' "$v" } json_payload="$(format_json_payload "$penumbra_version")" -curl -f -X POST "$github_repository_url" \ - -H 'Accept: application/vnd.github.v3+json' \ +>&2 printf 'Sending JSON blob:\n%s\nto URL: %s\n' "$json_payload" "$github_workflow_url" +curl -f -L -X POST \ + -H 'Accept: application/vnd.github+json' \ -H 'Content-Type: application/json' \ -H "Authorization: token $github_pat" \ + "$github_workflow_url" \ --data "$json_payload" From aa0b1fc3c78e1e15c81b91f81076ff6d682ea573 Mon Sep 17 00:00:00 2001 From: Conor Schaefer Date: Mon, 13 Nov 2023 16:06:50 -0800 Subject: [PATCH 4/7] ci: update cargo-dist for performing releases In this commit we move from cargo-dist 0.0.4 to 0.4.2. The tooling updates are considerable, as the version number implies. To test, I regenerated the workflow YAML and run it many times in a private fork of the repo. With the notable change that we're no longer building binaries for Windows (#3298), everything else looks to work pretty well. Even better, the runtime for the workflow has decreased from ~60m to ~20m, with the biggest win skipping Windows builds. Refs #3279, #3298. (cherry picked from commit ed6ced12a6a9ac1080c8cbd0629961c944c324fb) --- .github/workflows/release.yml | 210 ++++++++++++++++++++-------------- Cargo.toml | 15 ++- 2 files changed, 135 insertions(+), 90 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f6a0613ee4..a7340278c4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,143 +1,183 @@ +# Copyright 2022-2023, axodotdev +# SPDX-License-Identifier: MIT or Apache-2.0 +# # CI that: # # * checks for a Git Tag that looks like a release -# * creates a Github Release™ and fills in its text -# * builds artifacts with cargo-dist (executable-zips, installers) -# * uploads those artifacts to the Github Release™ +# * builds artifacts with cargo-dist (archives, installers, hashes) +# * uploads those artifacts to temporary workflow zip +# * on success, uploads the artifacts to a Github Release™ # -# Note that the Github Release™ will be created before the artifacts, -# so there will be a few minutes where the release has no artifacts -# and then they will slowly trickle in, possibly failing. To make -# this more pleasant we mark the release as a "draft" until all -# artifacts have been successfully uploaded. This allows you to -# choose what to do with partial successes and avoids spamming -# anyone with notifications before the release is actually ready. +# Note that the Github Release™ will be created with a generated +# title/body based on your changelogs. name: Release permissions: contents: write # This task will run whenever you push a git tag that looks like a version -# like "v1", "v1.2.0", "v0.1.0-prerelease01", "my-app-v1.0.0", etc. -# The version will be roughly parsed as ({PACKAGE_NAME}-)?v{VERSION}, where +# like "1.0.0", "v0.1.0-prerelease.1", "my-app/0.1.0", "releases/v1.0.0", etc. +# Various formats will be parsed into a VERSION and an optional PACKAGE_NAME, where # PACKAGE_NAME must be the name of a Cargo package in your workspace, and VERSION -# must be a Cargo-style SemVer Version. +# must be a Cargo-style SemVer Version (must have at least major.minor.patch). # -# If PACKAGE_NAME is specified, then we will create a Github Release™ for that +# If PACKAGE_NAME is specified, then the release will be for that # package (erroring out if it doesn't have the given version or isn't cargo-dist-able). # -# If PACKAGE_NAME isn't specified, then we will create a Github Release™ for all -# (cargo-dist-able) packages in the workspace with that version (this is mode is +# If PACKAGE_NAME isn't specified, then the release will be for all +# (cargo-dist-able) packages in the workspace with that version (this mode is # intended for workspaces with only one dist-able package, or with all dist-able # packages versioned/released in lockstep). # # If you push multiple tags at once, separate instances of this workflow will -# spin up, creating an independent Github Release™ for each one. +# spin up, creating an independent Github Release™ for each one. However Github +# will hard limit this to 3 tags per commit, as it will assume more tags is a +# mistake. # -# If there's a prerelease-style suffix to the version then the Github Release™ +# If there's a prerelease-style suffix to the version, then the Github Release™ # will be marked as a prerelease. on: push: tags: - - '*-?v[0-9]+*' + - '**[0-9]+.[0-9]+.[0-9]+*' jobs: - # Create the Github Release™ so the packages have something to be uploaded to - create-release: + # Run 'cargo dist plan' to determine what tasks we need to do + plan: runs-on: ubuntu-latest outputs: - has-releases: ${{ steps.create-release.outputs.has-releases }} + val: ${{ steps.plan.outputs.manifest }} + tag: ${{ !github.event.pull_request && github.ref_name || '' }} + tag-flag: ${{ !github.event.pull_request && format('--tag={0}', github.ref_name) || '' }} + publishing: ${{ !github.event.pull_request }} env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 + with: + submodules: recursive - name: Install Rust - run: rustup update 1.73.0 --no-self-update && rustup default 1.73.0 + run: rustup update "1.73" --no-self-update && rustup default "1.73" - name: Install cargo-dist - run: curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.0.5/cargo-dist-v0.0.5-installer.sh | sh - - id: create-release + run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.4.2/cargo-dist-installer.sh | sh" + - id: plan run: | - cargo dist manifest --tag=${{ github.ref_name }} --artifacts=all --no-local-paths --output-format=json > dist-manifest.json - echo "dist manifest ran successfully" + cargo dist plan ${{ !github.event.pull_request && format('--tag={0}', github.ref_name) || '' }} --output-format=json > dist-manifest.json + echo "cargo dist plan ran successfully" cat dist-manifest.json + echo "manifest=$(jq -c "." dist-manifest.json)" >> "$GITHUB_OUTPUT" + - name: "Upload dist-manifest.json" + uses: actions/upload-artifact@v3 + with: + name: artifacts + path: dist-manifest.json - # Create the Github Release™ based on what cargo-dist thinks it should be - ANNOUNCEMENT_TITLE=$(cat dist-manifest.json | jq --raw-output ".announcement_title") - IS_PRERELEASE=$(cat dist-manifest.json | jq --raw-output ".announcement_is_prerelease") - cat dist-manifest.json | jq --raw-output ".announcement_github_body" > new_dist_announcement.md - gh release create ${{ github.ref_name }} --draft --prerelease="$IS_PRERELEASE" --title="$ANNOUNCEMENT_TITLE" --notes-file=new_dist_announcement.md - echo "created announcement!" - - # Upload the manifest to the Github Release™ - gh release upload ${{ github.ref_name }} dist-manifest.json - echo "uploaded manifest!" - - # Disable all the upload-artifacts tasks if we have no actual releases - HAS_RELEASES=$(cat dist-manifest.json | jq --raw-output ".releases != null") - echo "has-releases=$HAS_RELEASES" >> "$GITHUB_OUTPUT" - - # Build and packages all the things - upload-artifacts: + # Build and packages all the platform-specific things + upload-local-artifacts: # Let the initial task tell us to not run (currently very blunt) - needs: create-release - if: ${{ needs.create-release.outputs.has-releases == 'true' }} + needs: plan + if: ${{ fromJson(needs.plan.outputs.val).releases != null && (needs.plan.outputs.publishing == 'true' || fromJson(needs.plan.outputs.val).ci.github.pr_run_mode == 'upload') }} strategy: + fail-fast: false + # We override the generated `matrix` so we can specify custom runners, + # for faster build times. This works for Linux & macOS. To generate the base template, run: + # `cargo dist plan --output-format json`. That JSON content has been adapted to YAML below. + # matrix: ${{ fromJson(needs.plan.outputs.val).ci.github.artifacts_matrix }} matrix: - # For Linux, we override with a custom runner, for faster build times. - # We don't have a comparable setup for mac/win, so those builds will be - # much slower, effectively making the whole matrix run slow. Punting for now. include: - - os: macos-12-xl - dist-args: --artifacts=local --target=aarch64-apple-darwin --target=x86_64-apple-darwin - install-dist: curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.0.5/cargo-dist-v0.0.5-installer.sh | sh - - os: buildjet-16vcpu-ubuntu-2004 - dist-args: --artifacts=local --target=x86_64-unknown-linux-gnu - install-dist: curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.0.5/cargo-dist-v0.0.5-installer.sh | sh - - os: windows-2019 - dist-args: --artifacts=local --target=x86_64-pc-windows-msvc - install-dist: irm https://github.com/axodotdev/cargo-dist/releases/download/v0.0.5/cargo-dist-v0.0.5-installer.ps1 | iex + - runner: buildjet-16vcpu-ubuntu-2004 + dist_args: --artifacts=local --target=x86_64-unknown-linux-gnu + install_dist: curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.4.2/cargo-dist-installer.sh | sh + targets: + - x86_64-unknown-linux-gnu + - runner: macos-12-xl + dist_args: --artifacts=local --target=aarch64-apple-darwin + install_dist: curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.4.2/cargo-dist-installer.sh | sh + targets: + - aarch64-apple-darwin + - runner: macos-12-xl + dist_args: --artifacts=local --target=x86_64-apple-darwin + install_dist: curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.4.2/cargo-dist-installer.sh | sh + targets: + - x86_64-apple-darwin - runs-on: ${{ matrix.os }} + runs-on: ${{ matrix.runner }} env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # Setting RUSTFLAGS to duplicate .cargo/config.toml, because cargo-dist doesn't support config.toml. + BUILD_MANIFEST_NAME: target/distrib/${{ join(matrix.targets, '-') }}-dist-manifest.json RUSTFLAGS: "--cfg tokio_unstable" steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: lfs: true - name: Install Rust - run: rustup update 1.73.0 --no-self-update && rustup default 1.73.0 + run: rustup update "1.73" --no-self-update && rustup default "1.73" + - uses: swatinem/rust-cache@v2 - name: Install cargo-dist - run: ${{ matrix.install-dist }} - - name: Run cargo-dist - # This logic is a bit janky because it's trying to be a polyglot between - # powershell and bash since this will run on windows, macos, and linux! - # The two platforms don't agree on how to talk about env vars but they - # do agree on 'cat' and '$()' so we use that to marshal values between commands. + run: ${{ matrix.install_dist }} + - name: Install dependencies + run: | + ${{ matrix.packages_install }} + - name: Build artifacts run: | # Actually do builds and make zips and whatnot - cargo dist build --tag=${{ github.ref_name }} --output-format=json ${{ matrix.dist-args }} > dist-manifest.json - echo "dist ran successfully" - cat dist-manifest.json - + cargo dist build ${{ needs.plan.outputs.tag-flag }} --print=linkage --output-format=json ${{ matrix.dist_args }} > dist-manifest.json + echo "cargo dist ran successfully" + - id: cargo-dist + name: Post-build + # We force bash here just because github makes it really hard to get values up + # to "real" actions without writing to env-vars, and writing to env-vars has + # inconsistent syntax between shell and powershell. + shell: bash + run: | # Parse out what we just built and upload it to the Github Release™ - cat dist-manifest.json | jq --raw-output ".artifacts[]?.path | select( . != null )" > uploads.txt - echo "uploading..." - cat uploads.txt - gh release upload ${{ github.ref_name }} $(cat uploads.txt) - echo "uploaded!" + echo "paths<> "$GITHUB_OUTPUT" + jq --raw-output ".artifacts[]?.path | select( . != null )" dist-manifest.json >> "$GITHUB_OUTPUT" + echo "EOF" >> "$GITHUB_OUTPUT" + + cp dist-manifest.json "$BUILD_MANIFEST_NAME" + - name: "Upload artifacts" + uses: actions/upload-artifact@v3 + with: + name: artifacts + path: | + ${{ steps.cargo-dist.outputs.paths }} + ${{ env.BUILD_MANIFEST_NAME }} - # Mark the Github Release™ as a non-draft now that everything has succeeded! + should-publish: + needs: + - plan + - upload-local-artifacts + if: ${{ needs.plan.outputs.publishing == 'true' }} + runs-on: ubuntu-latest + steps: + - name: print tag + run: echo "ok we're publishing!" + + # Create a Github Release with all the results once everything is done publish-release: - # Only run after all the other tasks, but it's ok if upload-artifacts was skipped - needs: [create-release, upload-artifacts] - if: ${{ always() && needs.create-release.result == 'success' && (needs.upload-artifacts.result == 'skipped' || needs.upload-artifacts.result == 'success') }} + needs: [plan, should-publish] runs-on: ubuntu-latest env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v3 - - name: mark release as non-draft + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: "Download artifacts" + uses: actions/download-artifact@v3 + with: + name: artifacts + path: artifacts + - name: Cleanup run: | - gh release edit ${{ github.ref_name }} --draft=false + # Remove the granular manifests + rm artifacts/*-dist-manifest.json + - name: Create Release + uses: ncipollo/release-action@v1 + with: + tag: ${{ needs.plan.outputs.tag }} + name: ${{ fromJson(needs.plan.outputs.val).announcement_title }} + body: ${{ fromJson(needs.plan.outputs.val).announcement_github_body }} + prerelease: ${{ fromJson(needs.plan.outputs.val).announcement_is_prerelease }} + artifacts: "artifacts/*" diff --git a/Cargo.toml b/Cargo.toml index d0eda1a1b3..88965b81b2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -58,14 +58,19 @@ opt-level = "s" # Config for 'cargo dist' [workspace.metadata.dist] # The preferred cargo-dist version to use in CI (Cargo.toml SemVer syntax) -cargo-dist-version = "0.0.5" -# The preferred Rust toolchain to use in CI (rustup toolchain syntax). -# We use the same value as the MSRV in crates/bin/pd/Cargo.toml. +cargo-dist-version = "0.4.2" +# The preferred Rust toolchain to use in CI (rustup toolchain syntax) rust-toolchain-version = "1.73" -# CI backends to support (see 'cargo dist generate-ci') +# CI backends to support ci = ["github"] # Target platforms to build apps for (Rust target-triple syntax) -targets = ["x86_64-unknown-linux-gnu", "x86_64-apple-darwin", "x86_64-pc-windows-msvc", "aarch64-apple-darwin"] +targets = ["x86_64-unknown-linux-gnu", "aarch64-apple-darwin", "x86_64-apple-darwin"] +# The installers to generate for each app +installers = [] +# Publish jobs to run in CI +pr-run-mode = "skip" +# We override RUSTFLAGS, so we must permit changes from the default template. +allow-dirty = ["ci"] # The profile that 'cargo dist' will build with [profile.dist] From babdbf01b02c265d50ee36d109bddeecb7fe8bdd Mon Sep 17 00:00:00 2001 From: Conor Schaefer Date: Wed, 8 Nov 2023 14:46:34 -0800 Subject: [PATCH 5/7] ci: only run buf lint on PRs against main Also ensures we're using the most recent stable version of buf across all workflows, via the `v1` version specifier. Closes #3292. (cherry picked from commit 78a85fd8b74c8aee45e59dd72a9649d49700396f) --- .github/workflows/buf-pull-request.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/buf-pull-request.yml b/.github/workflows/buf-pull-request.yml index 4593874e18..478d9cf44f 100644 --- a/.github/workflows/buf-pull-request.yml +++ b/.github/workflows/buf-pull-request.yml @@ -1,5 +1,11 @@ name: Protobuf -on: pull_request +on: + # Exclude feature branches, only run if the PR is targeting main. + pull_request_target: + types: + - opened + branches: + - "main" jobs: lint: name: Lint protobuf @@ -55,7 +61,7 @@ jobs: toolchain: stable override: false - - uses: bufbuild/buf-setup-action@v1.27.1 + - uses: bufbuild/buf-setup-action@v1 with: buf_api_token: ${{ secrets.BUF_TOKEN }} github_token: ${{ secrets.GITHUB_TOKEN }} From f86851610a005f2c7fa5139dc578341f47b1fda7 Mon Sep 17 00:00:00 2001 From: Henry de Valence Date: Mon, 13 Nov 2023 16:25:21 -0800 Subject: [PATCH 6/7] pcli: show sender and memo in list-tx-hashes In the future, once the MemoView has an AddressView, we can change this to show the AddressView and show the address structure. (cherry picked from commit a041ea453bd630ce121d3a2797ce78e37dcef97c) --- .../bin/pcli/src/command/view/transaction_hashes.rs | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/crates/bin/pcli/src/command/view/transaction_hashes.rs b/crates/bin/pcli/src/command/view/transaction_hashes.rs index c8557746c5..7b04c1f776 100644 --- a/crates/bin/pcli/src/command/view/transaction_hashes.rs +++ b/crates/bin/pcli/src/command/view/transaction_hashes.rs @@ -1,6 +1,7 @@ use anyhow::Result; use comfy_table::{presets, Table}; use penumbra_keys::FullViewingKey; +use penumbra_transaction::MemoView; use penumbra_view::ViewClient; #[derive(Debug, clap::Args)] @@ -26,12 +27,20 @@ impl TransactionHashesCmd { .transaction_info(self.start_height, self.end_height) .await?; - table.set_header(vec!["Block Height", "Transaction Hash"]); + table.set_header(vec!["Height", "Transaction Hash", "Sender", "Memo"]); for tx_info in txs { + let (sender, memo) = match tx_info.view.body_view.memo_view { + Some(MemoView::Visible { plaintext, .. }) => { + (plaintext.sender.display_short_form(), plaintext.text) + } + _ => (String::new(), String::new()), + }; table.add_row(vec![ format!("{}", tx_info.height), format!("{}", hex::encode(tx_info.id)), + format!("{}", sender), + format!("{}", memo), ]); } From 7fa3121a33ed3f11beeceed39dee46b4f301646f Mon Sep 17 00:00:00 2001 From: Conor Schaefer Date: Mon, 13 Nov 2023 17:18:32 -0800 Subject: [PATCH 7/7] fix(pcli): remove archives from debug output Since we moved to new pcli config file in #3239, we don't use the archives anymore. If a machine doesn't have archive dirs, then pcli will throw an error, which is bad. Stop looking for archive dirs. Similar, we shouldn't look for a custody.json file, we should look for the new config.toml file. Closes #3321. (cherry picked from commit f83958223ede08a009cdfa517be41987cf081da8) --- crates/bin/pcli/src/command/debug.rs | 37 +++++----------------------- 1 file changed, 6 insertions(+), 31 deletions(-) diff --git a/crates/bin/pcli/src/command/debug.rs b/crates/bin/pcli/src/command/debug.rs index 676a85140f..9b5cf7652f 100644 --- a/crates/bin/pcli/src/command/debug.rs +++ b/crates/bin/pcli/src/command/debug.rs @@ -1,9 +1,7 @@ use anyhow::Result; -use directories::ProjectDirs; use serde::Serialize; use std::path::PathBuf; use std::process::Command; -use walkdir::WalkDir; #[derive(Debug, clap::Subcommand)] pub enum DebugCmd { @@ -53,10 +51,8 @@ pub struct DebugInfo { uname: Option, /// Status of directory for storing view info locally. pcli_data_directory: Option, - /// Status of custody keyfile, containing key material for pcli. - pcli_keyfile: Option, - /// Historical custody keyfiles, archived for safekeeping. - pcli_keyfiles_archived: Vec, + /// Status of pcli config TOML, containing key material for pcli. + pcli_config_file: Option, } impl DebugInfo { @@ -69,8 +65,7 @@ impl DebugInfo { pcli_version: Self::get_pcli_version(), uname: Self::get_uname(), pcli_data_directory: dd.clone(), - pcli_keyfile: Self::get_pcli_custody_file(dd), - pcli_keyfiles_archived: Self::get_pcli_custody_files_archived(), + pcli_config_file: Self::get_pcli_config_file(dd), } } /// Attempt to retrieve version info for Tendermint by running @@ -136,12 +131,12 @@ impl DebugInfo { false => None, } } - /// Check whether custody JSON file exists. - fn get_pcli_custody_file(data_dir: Option) -> Option { + /// Check pcli config TOML file exists. + fn get_pcli_config_file(data_dir: Option) -> Option { match data_dir { Some(dd) => { let mut k = dd; - k.push("custody.json"); + k.push("config.toml"); if k.exists() { Some(k) } else { @@ -151,24 +146,4 @@ impl DebugInfo { None => None, } } - /// Check whether archived custody keyfiles are available on the system. - fn get_pcli_custody_files_archived() -> Vec { - // Here we re-implement the path-building logic from - // `pcli::command::keys::archive_wallet`. - let archive_dir = ProjectDirs::from("zone", "penumbra", "penumbra-testnet-archive") - .expect("can build archive directory path"); - let dd = archive_dir.data_dir(); - - // Walk archive directory and collect all "custody.json" files. - let mut archived_files = Vec::::new(); - for entry in WalkDir::new(dd.to_str().expect("can convert data dir to string")) { - let entry = entry.expect("have permissions to read directory from WalkDir"); - if let Some(f) = entry.path().file_name() { - if f.to_str().unwrap_or("") == "custody.json" { - archived_files.push(format!("{}", entry.path().display())); - } - } - } - archived_files - } }