Skip to content

Create release draft #195

Create release draft

Create release draft #195

name: Create release draft
on:
workflow_dispatch:
inputs:
release_client:
type: boolean
description: parachain-client
required: true
default: true
release_runtime:
type: boolean
description: parachain-runtime
required: true
default: true
release_worker:
type: boolean
description: tee-worker
required: true
default: true
release_enclave:
type: boolean
description: tee-enclave
required: true
default: true
release_tag:
description: an existing tag for creating release (e.g. p1.2.0-w0.0.1-101)
required: true
diff_tag:
description: an existing tag to run diff against (e.g. p1.1.0-w0.0.1-100)
default: ""
required: false
genesis_release:
type: choice
description: If any of the genesis artefacts should be released alongside
options:
- none
- litmus
- rococo
- litentry
env:
RELEASE_TAG: ${{ github.event.inputs.release_tag }}
DIFF_TAG: ${{ github.event.inputs.diff_tag }}
GENESIS_RELEASE: ${{ github.event.inputs.genesis_release }}
DOCKER_BUILDKIT: 1
REF_VERSION: ${{ github.head_ref || github.ref_name }}
jobs:
set-release-type:
runs-on: ubuntu-latest
steps:
- name: set release_type
id: vars
run: |
# use something similar to mask to store the release type
t=0000
[ "${{ github.event.inputs.release_client }}" = "true" ] && t="${t:0:0}1${t:1}"
[ "${{ github.event.inputs.release_runtime }}" = "true" ] && t="${t:0:1}1${t:2}"
[ "${{ github.event.inputs.release_worker }}" = "true" ] && t="${t:0:2}1${t:3}"
[ "${{ github.event.inputs.release_enclave }}" = "true" ] && t="${t:0:3}1${t:4}"
if [ $t = "0000"]; then
echo "::error::Please select at least one release type."
exit 1
fi
echo "::group::print release type"
echo "release_type: $t"
echo "::endgroup::"
echo "release_type=$t" >> $GITHUB_OUTPUT
outputs:
release_type: ${{ steps.vars.outputs.release_type }}
## build parachain runtime wasm ##
build-wasm:
if: ${{ github.event.inputs.release_runtime == 'true' }}
runs-on: ubuntu-latest
strategy:
matrix:
chain:
- litmus
- rococo
- litentry
steps:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
fetch-depth: 0
- name: Build with srtool
id: srtool_build
uses: chevdor/[email protected]
env:
# optional: will override the parachain pallet ID and authorize_upgrade call ID,
# which will result in a different parachain_authorize_upgrade_hash
PARACHAIN_PALLET_ID: "0x1e"
AUTHORIZE_UPGRADE_PREFIX: "0x02"
with:
chain: ${{ matrix.chain }}-parachain
runtime_dir: runtime/${{ matrix.chain }}
tag: "1.66.0"
- name: Summary
run: |
echo '${{ steps.srtool_build.outputs.json }}' | jq . > ${{ matrix.chain }}-parachain-srtool-digest.json
echo "==============================================="
cat ${{ matrix.chain }}-parachain-srtool-digest.json
cp ${{ steps.srtool_build.outputs.wasm_compressed }} ${{ matrix.chain }}-parachain-runtime.compact.compressed.wasm
- name: Upload wasm artefacts
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.chain }}-parachain-runtime
path: |
${{ matrix.chain }}-parachain-srtool-digest.json
${{ matrix.chain }}-parachain-runtime.compact.compressed.wasm
## build docker image of parachain binary ##
build-parachain-docker:
if: ${{ github.event.inputs.release_client == 'true' }}
runs-on: ubuntu-latest
steps:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
fetch-depth: 0
- name: Set env
run: |
PARACHAIN_DOCKER_TAG=$(echo ${{ env.RELEASE_TAG }} | sed 's/p/v/;s/\(.*\)-w.*/\1/')
echo "PARACHAIN_DOCKER_TAG=$PARACHAIN_DOCKER_TAG" >> $GITHUB_ENV
- name: Build docker image
run: |
./scripts/build-docker.sh production $PARACHAIN_DOCKER_TAG
echo "============================="
docker images
- name: Dockerhub login
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Push docker image
run: |
docker push litentry/litentry-parachain:$PARACHAIN_DOCKER_TAG
- name: Generate genesis artefacts if need
if: github.event.inputs.genesis_release != 'none'
run: |
docker run --rm litentry/litentry-parachain:$PARACHAIN_DOCKER_TAG export-genesis-state --chain=${{ env.GENESIS_RELEASE }} > ${{ env.GENESIS_RELEASE }}-genesis-state
docker run --rm litentry/litentry-parachain:$PARACHAIN_DOCKER_TAG export-genesis-wasm --chain=${{ env.GENESIS_RELEASE }} > ${{ env.GENESIS_RELEASE }}-genesis-wasm
- name: Copy client binary to disk
run: |
docker cp $(docker create --rm litentry/litentry-parachain:$PARACHAIN_DOCKER_TAG):/usr/local/bin/litentry-collator .
- name: Upload the client binary
uses: actions/upload-artifact@v4
with:
name: litentry-collator
if-no-files-found: ignore
path: |
litentry-collator
${{ env.GENESIS_RELEASE }}-genesis-state
${{ env.GENESIS_RELEASE }}-genesis-wasm
build-worker-docker:
if: ${{ github.event.inputs.release_worker == 'true' }}
runs-on: ubuntu-latest
steps:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
fetch-depth: 0
- name: Free up disk space
if: startsWith(runner.name, 'GitHub Actions')
uses: jlumbroso/free-disk-space@main
with:
tool-cache: true
swap-storage: false
large-packages: false
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
# use the docker driver to access the local image
# we don't need external caches or multi platforms here
# see https://docs.docker.com/build/drivers/
driver: docker
- name: Set env
run: |
WORKER_DOCKER_TAG=$(echo ${{ env.RELEASE_TAG }} | sed 's/.*\(w.*\)/\1/;s/w/v/')
echo "WORKER_DOCKER_TAG=$WORKER_DOCKER_TAG" >> $GITHUB_ENV
- name: Build local builder
uses: docker/build-push-action@v5
with:
context: .
file: tee-worker/build.Dockerfile
tags: local-builder:latest
target: builder
build-args: |
WORKER_MODE_ARG=sidechain
ADDITIONAL_FEATURES_ARG=
IMAGE_FOR_RELEASE=true
- name: Build worker
uses: docker/build-push-action@v5
with:
context: .
file: tee-worker/build.Dockerfile
tags: litentry/litentry-worker:${{ env.WORKER_DOCKER_TAG }}
target: deployed-worker
- name: Build cli
uses: docker/build-push-action@v5
with:
context: .
file: tee-worker/build.Dockerfile
tags: litentry/litentry-cli:${{ env.WORKER_DOCKER_TAG }}
target: deployed-client
- run: docker images --all
- name: Dockerhub login
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Push worker image
run: |
docker push litentry/litentry-worker:$WORKER_DOCKER_TAG
docker push litentry/litentry-cli:$WORKER_DOCKER_TAG
## Build the enclave and package config files
build-tee:
if: ${{ github.event.inputs.release_worker == 'true' }} || ${{ github.event.inputs.release_enclave == 'true' }}
runs-on: tee-prod-builder
outputs:
mrenclave: ${{ steps.mrenclave.outputs.mrenclave }}
enclave_sha1sum: ${{ steps.shasum.outputs.enclave_sha1sum }}
worker_sha1sum: ${{ steps.shasum.outputs.worker_sha1sum }}
steps:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
fetch-depth: 0
- name: Build release artefacts
run: |
source /opt/intel/sgxsdk/environment
./tee-worker/scripts/litentry/release/build.sh ${{ github.event.inputs.release_worker }} ${{ github.event.inputs.release_enclave }}
- name: Set MRENCLAVE
id: mrenclave
run: |
MRENCLAVE=
f="tee-worker/enclave_release/mrenclave.txt"
[ -f "$f" ] && MRENCLAVE=$(cat "$f")
echo "mrenclave=$MRENCLAVE" >> $GITHUB_OUTPUT
- name: Set shasum
id: shasum
run: |
ENCLAVE_SHA1SUM=
WORKER_SHA1SUM=
cd tee-worker/enclave_release
[ -f "enclave.signed.so" ] && ENCLAVE_SHA1SUM=$(shasum enclave.signed.so | awk '{print $1}')
[ -f "litentry-worker" ] && WORKER_SHA1SUM=$(shasum litentry-worker | awk '{print $1}')
echo "enclave_sha1sum=$ENCLAVE_SHA1SUM" >> $GITHUB_OUTPUT
echo "worker_sha1sum=$WORKER_SHA1SUM" >> $GITHUB_OUTPUT
- name: Upload artefacts
uses: actions/upload-artifact@v4
with:
name: litentry-tee
path: ./tee-worker/enclave_release/*
- name: Fail early
if: failure()
uses: andymckay/[email protected]
## test again the built docker image ##
run-ts-tests:
runs-on: ubuntu-latest
needs: build-parachain-docker
strategy:
matrix:
chain:
- litmus
- litentry
steps:
- name: Checkout codes
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Enable corepack and pnpm
run: corepack enable && corepack enable pnpm
- name: Download and tag docker image
run: |
export DOCKER_TAG=$(echo ${{ env.RELEASE_TAG }} | sed 's/p/v/;s/\(.*\)-w.*/\1/')
docker pull litentry/litentry-parachain:$DOCKER_TAG
docker tag litentry/litentry-parachain:$DOCKER_TAG litentry/litentry-parachain:latest
- name: Run ts tests for ${{ matrix.chain }}
timeout-minutes: 20
run: |
make test-ts-docker-${{ matrix.chain }}
- name: Archive logs if test fails
uses: actions/upload-artifact@v4
if: ${{ failure() }}
with:
name: ${{ matrix.chain }}-ts-tests-artifacts
path: /tmp/parachain_dev/
retention-days: 3
- name: Clean up for ${{ matrix.chain }}
if: ${{ always() }}
run: |
make clean-docker-${{ matrix.chain }}
## check extrinsic ##
extrinsic-ordering-check-from-bin:
runs-on: ubuntu-latest
needs: build-parachain-docker
strategy:
matrix:
chain: [rococo, litmus, litentry]
include:
- chain: rococo
ref_url: wss://rpc.rococo-parachain.litentry.io
- chain: litmus
ref_url: wss://rpc.litmus-parachain.litentry.io
- chain: litentry
ref_url: wss://rpc.litentry-parachain.litentry.io
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
- name: Prepare output and compare the metadata
timeout-minutes: 3
run: |
export DOCKER_TAG=$(echo ${{ env.RELEASE_TAG }} | sed 's/p/v/;s/\(.*\)-w.*/\1/')
PARACHAIN_NAME=local-parachain
BASE_URL=ws://127.0.0.1:9944
chain=${{ matrix.chain }}
REF_URL=${{ matrix.ref_url }}
echo "Metadata comparison:" > output-$chain.txt
echo "Date: $(date)" >> output-$chain.txt
echo "Base: $BASE_URL" >> output-$chain.txt
echo "Reference: $REF_URL" >> output-$chain.txt
echo "Target Tag: ${{ env.RELEASE_TAG }}" >> output-$chain.txt
echo "Chain: $chain" >> output-$chain.txt
echo "----------------------------------------------------------------------" >> output-$chain.txt
echo "Running parachain: $chain"
docker run --pull always --rm --name=$PARACHAIN_NAME -d -p 9944:9944 litentry/litentry-parachain:$DOCKER_TAG --chain=$chain-dev --rpc-cors=all --ws-external --tmp -- --dev
sleep 3
CMD="docker run --pull always --network host jacogr/polkadot-js-tools metadata $REF_URL $BASE_URL"
echo -e "Running:\n$CMD"
docker run --pull always --rm --network host jacogr/polkadot-js-tools metadata $REF_URL $BASE_URL | tee -a output-$chain.txt
SUMMARY=$(./scripts/extrinsic-ordering-filter.sh output-$chain.txt)
echo -e $SUMMARY >> output-$chain.txt
docker stop $PARACHAIN_NAME
content=$(< output-$chain.txt)
echo "content<<EOF" >> $GITHUB_ENV
echo "$content" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
- name: Find issues
uses: actions-cool/issues-helper@v3
id: findissueid
with:
actions: "find-issues"
token: ${{ secrets.GITHUB_TOKEN }}
issue-state: "open"
title-includes: Litentry-parachain ${{ env.RELEASE_TAG }} Release checklist
- name: Create comment
if: ${{ steps.findissueid.outputs.issues }} != '[]'
uses: actions-cool/issues-helper@v3
with:
actions: "create-comment"
token: ${{ secrets.GITHUB_TOKEN }}
issue-number: ${{ fromJson(steps.findissueid.outputs.issues)[0].number }}
body: |
${{ env.content }}
## create the release draft ##
create-release-draft:
runs-on: ubuntu-latest
# see https://github.com/actions/runner/issues/491
# seems to be the only way to achieve this
needs:
- set-release-type
- build-tee
- run-ts-tests
- build-wasm
if: |
!failure() &&
(success('build-wasm') || success('run-ts-tests') || success('build-tee'))
steps:
- name: Checkout codes on ${{ env.RELEASE_TAG }}
uses: actions/checkout@v4
with:
ref: ${{ env.RELEASE_TAG }}
fetch-depth: 0
- name: Download all artefacts
uses: actions/download-artifact@v4
- name: Generate release notes
run: |
export MRENCLAVE="${{ needs.build-tee.outputs.mrenclave }}"
export ENCLAVE_SHA1SUM="${{ needs.build-tee.outputs.enclave_sha1sum }}"
export WORKER_SHA1SUM="${{ needs.build-tee.outputs.worker_sha1sum }}"
./scripts/generate-release-notes.sh ${{ github.workspace }}/.github/release_notes.md ${{ needs.set-release-type.outputs.release_type }} ${{ env.DIFF_TAG }}
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create release draft
id: create-release-draft
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ env.RELEASE_TAG }}
name: Litentry-parachain ${{ env.RELEASE_TAG }}
body_path: ${{ github.workspace }}/.github/release_notes.md
draft: true
files: |
*-parachain-runtime/*-parachain-srtool-digest.json
*-parachain-runtime/*-parachain-runtime.compact.compressed.wasm
litentry-collator/*
litentry-tee/*