Skip to content

Add websocket proxy release flow #396

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Aug 25, 2025
Merged

Add websocket proxy release flow #396

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
100 changes: 90 additions & 10 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: Release
on:
push:
tags:
- 'v*'
- 'rollup-boost/v*'

permissions:
contents: write
Expand All @@ -12,25 +12,101 @@ env:
REGISTRY_IMAGE: flashbots/rollup-boost

jobs:
release:
extract-version:
name: Extract version
runs-on: warp-ubuntu-latest-x64-16x
outputs:
VERSION: ${{ steps.extract_version.outputs.VERSION }}
steps:
- name: Extract version
id: extract_version
run: |
if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
VERSION="${GITHUB_REF#refs/tags/rollup-boost/}"
else
VERSION="$(echo ${GITHUB_SHA} | cut -c1-7)"
fi
echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
echo "| | |" >> $GITHUB_STEP_SUMMARY
echo "| ------------------- | ---------------------- |" >> $GITHUB_STEP_SUMMARY
echo "| \`GITHUB_REF_TYPE\` | \`${GITHUB_REF_TYPE}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`GITHUB_REF_NAME\` | \`${GITHUB_REF_NAME}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`GITHUB_REF\` | \`${GITHUB_REF}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`GITHUB_SHA\` | \`${GITHUB_SHA}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`VERSION\` | \`${VERSION}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`FEATURES\` | \`${{ github.event.inputs.features || 'none' }}\` |" >> $GITHUB_STEP_SUMMARY

build-binary:
name: Build binary
needs: extract-version
runs-on: ${{ matrix.configs.runner }}
container:
image: ubuntu:22.04
permissions:
contents: write
packages: write
strategy:
matrix:
configs:
- target: x86_64-unknown-linux-gnu
runner: warp-ubuntu-latest-x64-32x
- target: aarch64-unknown-linux-gnu
runner: warp-ubuntu-latest-arm64-32x
# Paused until docker is pre-installed https://github.com/actions/runner-images/blob/main/images/macos/macos-14-arm64-Readme.md
# - target: aarch64-apple-darwin
# runner: warp-macos-14-arm64-6x

steps:
- name: Install dependencies
run: |
apt-get update
apt-get install -y \
build-essential \
curl \
git \
libclang-dev \
libssl-dev \
libtss2-dev \
pkg-config \
protobuf-compiler
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
- uses: actions/checkout@v4 # must install git before checkout and set safe.directory after checkout because of container

- name: Build rollup-boost binary
run: |
git config --global --add safe.directory "$(pwd)"
. $HOME/.cargo/env
cargo build --release --target ${{ matrix.configs.target }} --package rollup-boost
mkdir -p artifacts
mv target/${{ matrix.configs.target }}/release/rollup-boost artifacts/rollup-boost-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.configs.target }}${{ matrix.features && '-' }}${{ matrix.features }}
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: rollup-boost-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.configs.target }}${{ matrix.features && '-' }}${{ matrix.features }}
path: artifacts

publish-docker-image:
name: Publish Docker Image
strategy:
matrix:
config:
configs:
- platform: linux/amd64
runner: warp-ubuntu-latest-x64-16x
runner: warp-ubuntu-latest-x64-32x
- platform: linux/arm64
runner: warp-ubuntu-latest-arm64-16x
runs-on: ${{ matrix.config.runner }}
runner: warp-ubuntu-latest-arm64-32x
# Paused until docker is pre-installed https://github.com/actions/runner-images/blob/main/images/macos/macos-14-arm64-Readme.md
# - target: aarch64-apple-darwin
# runner: warp-macos-14-arm64-6x
runs-on: ${{ matrix.configs.runner }}
steps:
- name: Checkout sources
uses: actions/checkout@v4.2.0

- name: Set env
run: |
platform=${{ matrix.config.platform }}
platform=${{ matrix.configs.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
echo "RELEASE_VERSION=${GITHUB_REF#refs/tags/rollup-boost/}" >> $GITHUB_ENV

- name: Print version
run: |
Expand All @@ -42,6 +118,10 @@ jobs:
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY_IMAGE }}
tags: |
type=sha
type=raw,value=${{ env.RELEASE_VERSION }}
type=raw,value=latest,enable=${{ !contains(env.RELEASE_VERSION, '-') }}

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
Expand All @@ -64,7 +144,7 @@ jobs:
context: .
build-args: |
VERSION=${{ env.RELEASE_VERSION }}
platforms: ${{ matrix.config.platform }}
platforms: ${{ matrix.configs.platform }}
labels: ${{ steps.meta.outputs.labels }}
outputs: type=registry,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true

Expand All @@ -85,7 +165,7 @@ jobs:
merge:
runs-on: warp-ubuntu-latest-x64-16x
needs:
- release
- publish-docker-image
steps:
- name: Download digests
uses: actions/download-artifact@v4
Expand Down
243 changes: 243 additions & 0 deletions .github/workflows/websocket-proxy-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,243 @@
name: Release

on:
push:
tags:
- 'websocket-proxy/v*'

permissions:
contents: write

env:
REGISTRY_IMAGE: flashbots/flashblocks-websocket-proxy

jobs:
extract-version:
name: Extract version
runs-on: warp-ubuntu-latest-x64-16x
outputs:
VERSION: ${{ steps.extract_version.outputs.VERSION }}
steps:
- name: Extract version
id: extract_version
run: |
if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
VERSION="${GITHUB_REF#refs/tags/websocket-proxy/}"
else
VERSION="$(echo ${GITHUB_SHA} | cut -c1-7)"
fi
echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
echo "| | |" >> $GITHUB_STEP_SUMMARY
echo "| ------------------- | ---------------------- |" >> $GITHUB_STEP_SUMMARY
echo "| \`GITHUB_REF_TYPE\` | \`${GITHUB_REF_TYPE}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`GITHUB_REF_NAME\` | \`${GITHUB_REF_NAME}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`GITHUB_REF\` | \`${GITHUB_REF}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`GITHUB_SHA\` | \`${GITHUB_SHA}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`VERSION\` | \`${VERSION}\` |" >> $GITHUB_STEP_SUMMARY
echo "| \`FEATURES\` | \`${{ github.event.inputs.features || 'none' }}\` |" >> $GITHUB_STEP_SUMMARY

build-binary:
name: Build binary
needs: extract-version
runs-on: ${{ matrix.configs.runner }}
container:
image: ubuntu:22.04
permissions:
contents: write
packages: write
strategy:
matrix:
configs:
- target: x86_64-unknown-linux-gnu
runner: warp-ubuntu-latest-x64-32x
- target: aarch64-unknown-linux-gnu
runner: warp-ubuntu-latest-arm64-32x
# Paused until docker is pre-installed https://github.com/actions/runner-images/blob/main/images/macos/macos-14-arm64-Readme.md
# - target: aarch64-apple-darwin
# runner: warp-macos-14-arm64-6x

steps:
- name: Install dependencies
run: |
apt-get update
apt-get install -y \
build-essential \
curl \
git \
libclang-dev \
libssl-dev \
libtss2-dev \
pkg-config \
protobuf-compiler
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
- uses: actions/checkout@v4 # must install git before checkout and set safe.directory after checkout because of container

- name: Build websocket-proxy binary
run: |
git config --global --add safe.directory "$(pwd)"
. $HOME/.cargo/env
cargo build --release --target ${{ matrix.configs.target }} --package flashblocks-websocket-proxy
mkdir -p artifacts
mv target/${{ matrix.configs.target }}/release/flashblocks-websocket-proxy artifacts/flashblocks-websocket-proxy-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.configs.target }}${{ matrix.features && '-' }}${{ matrix.features }}
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: flashblocks-websocket-proxy-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.configs.target }}${{ matrix.features && '-' }}${{ matrix.features }}
path: artifacts

publish-docker-image:
name: Publish Docker Image
strategy:
matrix:
configs:
- platform: linux/amd64
runner: warp-ubuntu-latest-x64-32x
- platform: linux/arm64
runner: warp-ubuntu-latest-arm64-32x
# Paused until docker is pre-installed https://github.com/actions/runner-images/blob/main/images/macos/macos-14-arm64-Readme.md
# - target: aarch64-apple-darwin
# runner: warp-macos-14-arm64-6x
runs-on: ${{ matrix.configs.runner }}
steps:
- name: Checkout sources
uses: actions/checkout@v4.2.0

- name: Set env
run: |
platform=${{ matrix.configs.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
echo "RELEASE_VERSION=${GITHUB_REF#refs/tags/websocket-proxy/}" >> $GITHUB_ENV

- name: Print version
run: |
echo $RELEASE_VERSION
echo ${{ env.RELEASE_VERSION }}

- name: Extract metadata (tags, labels) for Docker images
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY_IMAGE }}
tags: |
type=sha
type=raw,value=${{ env.RELEASE_VERSION }}
type=raw,value=latest,enable=${{ !contains(env.RELEASE_VERSION, '-') }}

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.FLASHBOTS_DOCKERHUB_USERNAME }}
password: ${{ secrets.FLASHBOTS_DOCKERHUB_TOKEN }}

- name: Build and push
id: build
uses: docker/build-push-action@v6
with:
cache-from: type=gha
cache-to: type=gha,mode=max
context: .
file: ./crates/websocket-proxy/Dockerfile
build-args: |
VERSION=${{ env.RELEASE_VERSION }}
platforms: ${{ matrix.configs.platform }}
labels: ${{ steps.meta.outputs.labels }}
outputs: type=registry,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true

- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"

- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1

merge:
runs-on: warp-ubuntu-latest-x64-16x
needs:
- publish-docker-image
steps:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true

- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.FLASHBOTS_DOCKERHUB_USERNAME }}
password: ${{ secrets.FLASHBOTS_DOCKERHUB_TOKEN }}

- name: Login to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.FLASHBOTS_GHCR_TOKEN }} # PAT required for Organization policy

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY_IMAGE }}
tags: |
type=sha
type=raw,value=${{ env.RELEASE_VERSION }}
type=raw,value=latest,enable=${{ !contains(env.RELEASE_VERSION, '-') }}

- name: Create manifest list and push
working-directory: /tmp/digests
run: |
image=$(
jq -cr '.tags | first' <<< "$DOCKER_METADATA_OUTPUT_JSON"
)

docker buildx imagetools create -t $image $(
printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *
)

- name: Install regctl
uses: regclient/actions/regctl-installer@main

- name: Push to GHCR
run: |
regctl image copy \
${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} \
ghcr.io/${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}

- name: Inspect image
run: |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}

github-release:
runs-on: warp-ubuntu-latest-x64-16x
steps:
- name: Checkout sources
uses: actions/checkout@v4.2.0

- name: Create release
id: create_release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: ${{ github.ref }}
draft: true
prerelease: false
Loading