-
Notifications
You must be signed in to change notification settings - Fork 0
194 lines (188 loc) · 7.98 KB
/
daily.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
name: daily
on:
schedule:
- cron: "14 14 * * *"
# Uncomment below to test.
#push:
# branches: [gha-test-*, canary, auto]
jobs:
audit:
runs-on: ubuntu-latest
container:
image: diem/build_environment:latest
volumes:
- "${{github.workspace}}:/opt/git/diem"
strategy:
fail-fast: false
matrix:
#this is a painful solution since it doesn't pick up new branches, other option is lotsa shell in one job....
#to test in canary add in canary here.....
target-branch: [latest, release-1.3, release-1.4]
env:
AUDIT_SUMMARY_FILE: /tmp/summary
steps:
- uses: actions/checkout@v2.3.4
with:
ref: ${{ matrix.target-branch }}
- uses: ./.github/actions/build-setup
- name: install cargo-audit
run: cargo install --force cargo-audit
- name: audit crates
# List of ignored RUSTSEC
# 1. RUSTSEC-2021-0073 - Not impacted.
# 2. RUSTSEC-2021-0072 - Not impacted.
# 3. RUSTSEC-2020-0071 - Not impacted.
run: |
cargo audit --color never --ignore RUSTSEC-2021-0073 --ignore RUSTSEC-2021-0072 --ignore RUSTSEC-2020-0071 > $AUDIT_SUMMARY_FILE
- name: set issue body content
if: ${{ failure() }}
env:
JOB_URL: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
run: |
echo "ISSUE_BODY<<EOF" >> $GITHUB_ENV
echo "Found RUSTSEC in dependencies in job ${JOB_URL}" >> $GITHUB_ENV
echo "\`\`\`" >> $GITHUB_ENV
head -100 $AUDIT_SUMMARY_FILE >> $GITHUB_ENV
echo "\`\`\`" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
- uses: diem/actions/create-issue@faadd16607b77dfa2231a8f366883e01717b3225
if: ${{ failure() }}
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
title: "RUSTSEC in dependencies in branch ${{ matrix.target-branch }}"
body: ${{ env.ISSUE_BODY }}
labels: "dependecies"
- uses: ./.github/actions/build-teardown
coverage:
runs-on: testnet-runner-ubuntu
container:
image: diem/build_environment:latest
volumes:
- "${{github.workspace}}:/opt/git/diem"
environment:
name: Sccache
env:
CODECOV_OUTPUT: codecov
MESSAGE_PAYLOAD_FILE: /tmp/message
steps:
- uses: actions/checkout@v2.3.4
- uses: ./.github/actions/build-setup
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ENV_DIEM_S3_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ENV_DIEM_S3_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.ENV_DIEM_S3_AWS_REGION }}
- name: produce coverage
run: cargo xtest --html-cov-dir=$CODECOV_OUTPUT/grcovhtml/ --html-lcov-dir=$CODECOV_OUTPUT/lcovhtml/ --no-fail-fast -j 16 || true
- name: Push Coverage Reports to S3
run: |
set -x
SUFFIX="$(date +"%Y-%m-%d")-$(git rev-parse --short=8 HEAD)"
PREFIX="ci-artifacts.diem.com/coverage";
#Push grcov
aws s3 cp --recursive ${CODECOV_OUTPUT}/grcovhtml "s3://${PREFIX}/unit-coverage/${SUFFIX}/";
aws s3 cp --recursive ${CODECOV_OUTPUT}/grcovhtml "s3://${PREFIX}/unit-coverage/latest/";
echo "Grcov available in s3 https://${PREFIX}/unit-coverage/${SUFFIX}/index.html" >> ${MESSAGE_PAYLOAD_FILE}
#Push lcov
aws s3 cp --recursive ${CODECOV_OUTPUT}/lcovhtml "s3://${PREFIX}/lcov-unit-coverage/${SUFFIX}/";
aws s3 cp --recursive ${CODECOV_OUTPUT}/lcovhtml "s3://${PREFIX}/lcov-unit-coverage/latest/";
echo "lcov available in s3 https://${PREFIX}/lcov-unit-coverage/${SUFFIX}/index.html" >> ${MESSAGE_PAYLOAD_FILE}
- name: "Send Message"
uses: ./.github/actions/slack-file
with:
payload-file: ${{ env.MESSAGE_PAYLOAD_FILE }}
webhook: ${{ secrets.WEBHOOK_COVERAGE }}
# Disabling for now as this is not critical for job success. TODO: fix it up.
#- name: publish to codecov.io
# run: bash <(curl -s https://codecov.io/bash) -f $CODECOV_OUTPUT/lcovhtml/lcov.info -F unittest;
#- uses: ./.github/actions/build-teardown
json-rpc-backward-compat-test:
# Test old client from release (prod) and pre-release (rc) branches
# against new server in the latest branch through cluster-test's
# json-rpc interface.
runs-on: testnet-runner-ubuntu
container:
image: diem/build_environment:latest
volumes:
- "${{github.workspace}}:/opt/git/diem"
env:
DEVNET_MINT_TEST_KEY: ${{ secrets.DEVNET_MINT_TEST_KEY }}
DEVNET_ENDPOINT: dev.testnet.diem.com
MESSAGE_PAYLOAD_FILE: /tmp/message
strategy:
fail-fast: false
matrix:
release-branch: [release-1.3, release-1.4]
steps:
- uses: actions/checkout@v2.3.4
with:
ref: ${{ matrix.release-branch }}
- uses: ./.github/actions/build-setup
- name: Run cluster test diag on devnet
run: |
echo ${DEVNET_MINT_TEST_KEY} | base64 -d > /tmp/mint_test.key
RUST_BACKTRACE=full cargo run -p cluster-test -- --diag --swarm --mint-file=/tmp/mint_test.key --peers=dev.testnet.diem.com:80:80 --chain-id=TESTNET > ${MESSAGE_PAYLOAD_FILE}
- name: Run cluster test to submit random txn to devnet
run: |
RUST_BACKTRACE=full cargo run -p cluster-test -- --emit-tx --swarm --mint-file=/tmp/mint_test.key --peers=dev.testnet.diem.com:80:80 --chain-id=DEVNET --accounts-per-client=2 --workers-per-ac=2 --duration=30 >> ${MESSAGE_PAYLOAD_FILE}
- uses: ./.github/actions/slack-file
with:
webhook: ${{ secrets.WEBHOOK_BREAKING_CHANGE }}
payload-file: ${{ env.MESSAGE_PAYLOAD_FILE }}
if: ${{ failure() }}
- uses: ./.github/actions/build-teardown
prover-inconsistency-test:
runs-on: testnet-runner-ubuntu
container:
image: diem/build_environment:${{ matrix.target-branch }}
volumes:
- "${{github.workspace}}:/opt/git/diem"
env:
MESSAGE_PAYLOAD_FILE: /tmp/message
strategy:
fail-fast: false
matrix:
target-branch: [latest]
steps:
- uses: actions/checkout@v2.3.4
with:
ref: ${{ matrix.target-branch }}
- uses: ./.github/actions/build-setup
- uses: actions/cache@v2.1.6
with:
path: "/opt/cargo/git\n/opt/cargo/registry\n/opt/cargo/.package-cache"
key: crates-${{ runner.os }}-${{ hashFiles('Cargo.lock') }}
restore-keys: "crates-${{ runner.os }}"
- name: Run the prover tests with the inconsistency check and other nightly checks
shell: bash
run: |
cd /opt/git/diem/
set -o pipefail
MVP_TEST_INCONSISTENCY=1 cargo test -p move-prover --release 2>&1 | tee -a $MESSAGE_PAYLOAD_FILE
MVP_TEST_FEATURE=cvc4 cargo test -p move-prover --release 2>&1 | tee -a $MESSAGE_PAYLOAD_FILE
- uses: ./.github/actions/slack-file
with:
webhook: ${{ secrets.WEBHOOK_MOVE_PROVER }}
payload-file: ${{ env.MESSAGE_PAYLOAD_FILE }}
if: ${{ failure() }}
- uses: ./.github/actions/build-teardown
prune-docker-images:
runs-on: ubuntu-latest
environment:
name: Docker
url: https://hub.docker.com/u/diem
steps:
- uses: actions/checkout@v2.3.4
- name: sign in to DockerHub; install image signing cert
uses: ./.github/actions/dockerhub_login
with:
username: ${{ secrets.ENV_DOCKERHUB_USERNAME }}
password: ${{ secrets.ENV_DOCKERHUB_PASSWORD }}
key_material: ${{ secrets.ENV_DOCKERHUB_KEY_MATERIAL }}
key_name: ${{ secrets.ENV_DOCKERHUB_KEY_NAME }}
key_password: ${{ secrets.ENV_DOCKERHUB_KEY_PASSWORD }}
- name: prune Docker image
if: ${{ github.ref != 'refs/heads/auto' }}
run: |
scripts/dockerhub_prune.sh -u "${{ secrets.ENV_DOCKERHUB_USERNAME }}" -p "${{ secrets.ENV_DOCKERHUB_PASSWORD }}" -x