diff --git a/.github/workflows/main-build.yml b/.github/workflows/main-build.yml index 7bf1dea89..ba60c567a 100644 --- a/.github/workflows/main-build.yml +++ b/.github/workflows/main-build.yml @@ -13,23 +13,17 @@ jobs: build-push-container: runs-on: ubuntu-latest steps: - - name: install ignite - # TODO_TECHDEBT: upgrade to the latest Ignite (the latest at the moment of creating a note is 0.28). Need to downgrade to fix CI pipelines. Might be done in scope of #240. - run: | - # curl https://get.ignite.com/cli! | bash - wget https://github.com/ignite/cli/releases/download/v28.2.0/ignite_28.2.0_linux_amd64.tar.gz - tar -xzf ignite_28.2.0_linux_amd64.tar.gz - sudo mv ignite /usr/local/bin/ignite - ignite version - - uses: actions/checkout@v3 with: fetch-depth: "0" # Per https://github.com/ignite/cli/issues/1674#issuecomment-1144619147 + - name: install ignite + run: make ignite_install + - name: Set up Go uses: actions/setup-go@v4 with: - go-version: "1.21.6" + go-version: "1.22.2" - name: Install CI dependencies run: make install_ci_deps @@ -54,7 +48,7 @@ jobs: images: | ghcr.io/pokt-network/poktrolld tags: | - type=ref,event=branch + type=ref,event=branch,suffix=-dev type=ref,event=pr type=sha type=sha,format=long diff --git a/.github/workflows/release-artifacts.yml b/.github/workflows/release-artifacts.yml new file mode 100644 index 000000000..38ddf0e2c --- /dev/null +++ b/.github/workflows/release-artifacts.yml @@ -0,0 +1,86 @@ +name: Release artifacts + +on: + push: + tags: + - "v*.*.*" + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }} + cancel-in-progress: true + +jobs: + release-artifacts: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: "0" # Per https://github.com/ignite/cli/issues/1674#issuecomment-1144619147 + + - name: install ignite + run: | + make ignite_install + + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version: "1.22.2" + + - name: Install CI dependencies + run: make install_ci_deps + + - name: Generate protobufs + run: make proto_regen + + - name: Generate mocks + run: make go_mockgen + + - name: Build and extract binaries for container build + run: | + make ignite_update_ldflags + make ignite_release + make ignite_release_extract_binaries + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Docker Metadata action + id: meta + uses: docker/metadata-action@v5 + env: + DOCKER_METADATA_PR_HEAD_SHA: "true" + with: + images: | + ghcr.io/pokt-network/poktrolld + tags: | + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=ref,event=tag,suffix=-prod + type=sha,suffix=-prod + type=sha,format=long,suffix=-prod + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + platforms: linux/amd64,linux/arm64 + file: Dockerfile.release + cache-from: type=gha + cache-to: type=gha,mode=max + context: . + + # TODO(@okdas): use for releases (also change the "on" part at the top so it only tgirrered for tags/releases) + - name: Add release and publish binaries + uses: softprops/action-gh-release@v1 + with: + files: | + release/* diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index c327b6617..40b019040 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -69,5 +69,4 @@ jobs: reporter: github-check level: warning locale: "US" - -# TODO_IMPROVE: Enforce using k.Logger() when logging in the `x/` directory code. \ No newline at end of file +# TODO_IMPROVE: Enforce using k.Logger() when logging in the `x/` directory code. diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index ea7f2edd3..d082af05a 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -17,23 +17,17 @@ jobs: go-test: runs-on: ubuntu-latest steps: - - name: install ignite - # TODO_TECHDEBT: upgrade to the latest Ignite (the latest at the moment of creating a note is 0.28). Need to downgrade to fix CI pipelines. Might be done in scope of #240. - run: | - # curl https://get.ignite.com/cli! | bash - wget https://github.com/ignite/cli/releases/download/v28.2.0/ignite_28.2.0_linux_amd64.tar.gz - tar -xzf ignite_28.2.0_linux_amd64.tar.gz - sudo mv ignite /usr/local/bin/ignite - ignite version - - uses: actions/checkout@v3 with: fetch-depth: "0" # Per https://github.com/ignite/cli/issues/1674#issuecomment-1144619147 + - name: install ignite + run: make ignite_install + - name: Set up Go uses: actions/setup-go@v4 with: - go-version: "1.21.6" + go-version: "1.22.2" - name: Install CI dependencies run: make install_ci_deps diff --git a/.gitignore b/.gitignore index 9fa71d3d6..fa84de8b0 100644 --- a/.gitignore +++ b/.gitignore @@ -67,6 +67,7 @@ api/poktroll/**/*.go-E # Relase artifacts produced by `ignite chain build --release` release +release_binaries # Only keep one go module in our codebase go.work.sum diff --git a/.tool-versions b/.tool-versions index 9b7a6107e..99b01e2e6 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,4 +1,4 @@ # Run `asdf plugin add golang` and `asdf install` to install the dependencies, # and `asdf current` to switch to the versions of dependencies listed below -golang 1.21.6 -go 1.21.6 +golang 1.22.2 +go 1.22.2 diff --git a/Dockerfile.dev b/Dockerfile.dev index 4b803af34..89f2e19e1 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -1,7 +1,7 @@ # This Dockerfile is used to build container image for development purposes. # It intentionally contains no security features, ships with code and troubleshooting tools. -FROM golang:1.21.6 as base +FROM golang:1.22.2 as base RUN apt update && \ apt-get install -y \ diff --git a/Dockerfile.release b/Dockerfile.release new file mode 100644 index 000000000..5273a918c --- /dev/null +++ b/Dockerfile.release @@ -0,0 +1,13 @@ +# This Dockerfile is used to build container image for production workloads. +# It relies on the binaries produced by `ignite_release` and `ignite_release_extract_binaries` make targets. +FROM alpine:3.19 +ARG TARGETARCH + +# Use `1025` G/UID so users can switch between this and `heighliner` image without a need to chown the files. +RUN addgroup --gid 1025 -S pocket && adduser --uid 1025 -S pocket -G pocket + +COPY --chown=pocket:pocket release_binaries/poktroll_linux_$TARGETARCH /bin/poktrolld + +USER pocket + +ENTRYPOINT ["poktrolld"] diff --git a/Makefile b/Makefile index c575aa599..ef6dce4d2 100644 --- a/Makefile +++ b/Makefile @@ -21,15 +21,35 @@ SUPPLIER_MODULE_ADDRESS = pokt1j40dzzmn6cn9kxku7a5tjnud6hv37vesr5ccaa GATEWAY_MODULE_ADDRESS = pokt1f6j7u6875p2cvyrgjr0d2uecyzah0kget9vlpl SERVICE_MODULE_ADDRESS = pokt1nhmtqf4gcmpxu0p6e53hpgtwj0llmsqpxtumcf -# Detect operating system -OS := $(shell uname -s) +BRANCH := $(shell git rev-parse --abbrev-ref HEAD) +COMMIT := $(shell git log -1 --format='%H') + +# don't override user values +ifeq (,$(VERSION)) + # Remove 'v' prefix from git tag and assign to VERSION + VERSION := $(shell git describe --tags 2>/dev/null | sed 's/^v//') + # if VERSION is empty, then populate it with branch's name and raw commit hash + ifeq (,$(VERSION)) + VERSION := $(BRANCH)-$(COMMIT) + endif +endif + +# Detect operating system and arch +OS := $(shell uname -s | tr A-Z a-z) +ARCH := $(shell uname -m) +ifeq ($(ARCH),x86_64) + ARCH := amd64 +endif +ifeq ($(ARCH),aarch64) + ARCH := arm64 +endif # Set default commands, will potentially be overridden on macOS SED := sed GREP := grep # macOS-specific adjustments -ifeq ($(OS),Darwin) +ifeq ($(OS),darwin) # Check for gsed and ggrep, suggest installation with Homebrew if not found FOUND_GSED := $(shell command -v gsed) FOUND_GGREP := $(shell command -v ggrep) @@ -809,6 +829,42 @@ trigger_ci: ## Trigger the CI pipeline by submitting an empty commit; See https: git commit --allow-empty -m "Empty commit" git push +.PHONY: ignite_install +ignite_install: ## Install ignite. Used by CI and heighliner. + # Determine if sudo is available and use it if it is + if command -v sudo &>/dev/null; then \ + SUDO="sudo"; \ + else \ + SUDO=""; \ + fi; \ + echo "Downloading Ignite CLI..."; \ + wget https://github.com/ignite/cli/releases/download/v28.3.0/ignite_28.3.0_$(OS)_$(ARCH).tar.gz; \ + echo "Extracting Ignite CLI..."; \ + tar -xzf ignite_28.3.0_$(OS)_$(ARCH).tar.gz; \ + echo "Moving Ignite CLI to /usr/local/bin..."; \ + $$SUDO mv ignite /usr/local/bin/ignite; \ + echo "Cleaning up..."; \ + rm ignite_28.3.0_$(OS)_$(ARCH).tar.gz; \ + ignite version + +.PHONY: ignite_update_ldflags +ignite_update_ldflags: + yq eval '.build.ldflags = ["-X main.Version=$(VERSION)", "-X main.Date=$(shell date -u +%Y-%m-%dT%H:%M:%SZ)"]' -i config.yml + +.PHONY: ignite_release +ignite_release: ## Builds production binaries + ignite chain build --release -t linux:amd64 -t linux:arm64 -t darwin:amd64 -t darwin:arm64 + +.PHONY: ignite_release_extract_binaries +ignite_release_extract_binaries: ## Extracts binaries from the release archives + mkdir -p release_binaries + + for archive in release/*.tar.gz; do \ + binary_name=$$(basename "$$archive" .tar.gz); \ + tar -zxvf "$$archive" -C release_binaries "poktrolld"; \ + mv release_binaries/poktrolld "release_binaries/$$binary_name"; \ + done + ##################### ### Documentation ### ##################### diff --git a/Tiltfile b/Tiltfile index 5d8cca35b..12b657473 100644 --- a/Tiltfile +++ b/Tiltfile @@ -179,7 +179,7 @@ local_resource( docker_build_with_restart( "poktrolld", ".", - dockerfile_contents="""FROM golang:1.21.6 + dockerfile_contents="""FROM golang:1.22.2 RUN apt-get -q update && apt-get install -qyy curl jq less RUN go install github.com/go-delve/delve/cmd/dlv@latest COPY bin/poktrolld /usr/local/bin/poktrolld diff --git a/go.mod b/go.mod index 23c6c27f9..b028d2537 100644 --- a/go.mod +++ b/go.mod @@ -1,8 +1,6 @@ module github.com/pokt-network/poktroll -go 1.21.1 - -toolchain go1.21.6 +go 1.22.2 replace ( // fix upstream GHSA-h395-qcrw-5vmq vulnerability.