-
Notifications
You must be signed in to change notification settings - Fork 596
193 lines (173 loc) · 8.26 KB
/
ci3.yml
File metadata and controls
193 lines (173 loc) · 8.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
# CI for Aztec. At a high-level, runs ./bootstrap.sh ci in root. See root README.md for more details.
# Only for internal devs. For external devs, see ci3-external.yml.
#
# CAREFUL! We use "exec" a lot to ensure signal propagation to the child process, to allow proper ec2 cleanup.
name: CI3
on:
workflow_dispatch:
push:
tags:
- "v*"
pull_request:
types: [opened, synchronize, reopened, ready_for_review, labeled]
merge_group: {}
concurrency:
# Allow full concurrency for merge-train PRs, one-run-per-branch for everything else.
group: ci3-${{ (startsWith(github.event.pull_request.head.ref, 'merge-train/') && github.run_id) || github.event.merge_group.head_ref || github.ref_name }}
cancel-in-progress: true
jobs:
ci:
runs-on: ubuntu-latest
# exclusive with ci3-external.yml: never run on forks
# (github.event.pull_request.head.repo.fork resolves to nil if not a pull request)
if: github.event.pull_request.head.repo.fork != true && github.event.pull_request.draft == false
environment: ${{ startsWith(github.ref, 'refs/tags/v') && 'master' || '' }}
steps:
#############
# Prepare Env
#############
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
# The commit to checkout. We want our actual commit, and not the result of merging the PR to the target.
ref: ${{ github.event.pull_request.head.sha || github.sha }}
- name: CI Merge Queue Override (grind on PR)
if: contains(github.event.pull_request.labels.*.name, 'ci-merge-queue')
run: echo "CI_MERGE_QUEUE=1" >> $GITHUB_ENV
- name: CI Full Override
if: contains(github.event.pull_request.labels.*.name, 'ci-full')
run: echo "CI_FULL=1" >> $GITHUB_ENV
- name: Cache Override
if: contains(github.event.pull_request.labels.*.name, 'ci-no-cache')
run: echo "NO_CACHE=1" >> $GITHUB_ENV
- name: Fail Fast Override
if: contains(github.event.pull_request.labels.*.name, 'ci-no-fail-fast')
run: echo "NO_FAIL_FAST=1" >> $GITHUB_ENV
- name: Barretenberg CI Override
if: contains(github.event.pull_request.labels.*.name, 'ci-barretenberg')
run: echo "BARRETENBERG_CI=1" >> $GITHUB_ENV
- name: Compute Target Branch
id: target_branch
run: |
if [ "${{ github.event_name }}" == "merge_group" ]; then
target_branch=${{ github.event.merge_group.base_ref }}
elif [ "${{ github.event_name }}" == "pull_request" ]; then
target_branch=${{ github.event.pull_request.base.ref }}
else
target_branch=${{ github.ref_name }}
fi
target_branch=${target_branch#refs/heads/}
echo "target_branch=$target_branch" >> $GITHUB_OUTPUT
echo "TARGET_BRANCH=${target_branch}" >> $GITHUB_ENV
- name: Docs CI Override
if: contains(github.event.pull_request.labels.*.name, 'ci-docs') || (steps.target_branch.outputs.target_branch == 'merge-train/docs')
run: echo "CI_DOCS=1" >> $GITHUB_ENV
- name: Barretenberg CI Override
if: contains(github.event.pull_request.labels.*.name, 'barretenberg-ci') || (github.event.pull_request.base.ref == 'merge-train/barretenberg')
run: echo "CI_BARRETENBERG=1" >> $GITHUB_ENV
# Allow full concurrency for merge-train PRs, one-run-per-branch for everything else.
- name: Set Instance Postfix for merge-train
if: startsWith(github.event.pull_request.head.ref, 'merge-train/')
run: echo "INSTANCE_POSTFIX=${{ github.event.pull_request.commits }}" >> $GITHUB_ENV
- name: Setup
run: |
# Ensure we can SSH into the spot instances we request.
mkdir -p ~/.ssh
echo ${{ secrets.BUILD_INSTANCE_SSH_KEY }} | base64 --decode > ~/.ssh/build_instance_key
chmod 600 ~/.ssh/build_instance_key
# Install required packages.
sudo apt update && sudo apt install -y redis-tools parallel
- name: Prepare GCP key
env:
GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
run: |
echo "$GCP_SA_KEY" | base64 -w 0 > gcp_sa_key.b64
echo "GCP_SA_KEY_B64=$(cat gcp_sa_key.b64)" >> $GITHUB_ENV
#############
# Run
#############
- name: Run
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
GITHUB_TOKEN: ${{ secrets.AZTEC_BOT_GITHUB_TOKEN }}
RUN_ID: ${{ github.run_id }}
NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
# Nightly test env vars.
GCP_SA_KEY_B64: ${{ env.GCP_SA_KEY_B64 }}
EXTERNAL_ETHEREUM_HOSTS: "https://json-rpc.${{ secrets.GCP_SEPOLIA_URL }}?key=${{ secrets.GCP_SEPOLIA_API_KEY }},${{ secrets.INFURA_SEPOLIA_URL }}"
EXTERNAL_ETHEREUM_CONSENSUS_HOST: "https://beacon.${{ secrets.GCP_SEPOLIA_URL }}"
EXTERNAL_ETHEREUM_CONSENSUS_HOST_API_KEY: ${{ secrets.GCP_SEPOLIA_API_KEY }}
EXTERNAL_ETHEREUM_CONSENSUS_HOST_API_KEY_HEADER: "X-goog-api-key"
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
run: |
if [ "${{ github.event_name }}" == "merge_group" ] || [ "${CI_MERGE_QUEUE:-0}" -eq 1 ]; then
exec ./ci.sh merge-queue
elif [ "${CI_FULL:-0}" -eq 1 ]; then
exec ./ci.sh full
elif [ "${CI_DOCS:-0}" -eq 1 ]; then
exec ./ci.sh docs
elif [ "${CI_BARRETENBERG:-0}" -eq 1 ]; then
exec ./ci.sh barretenberg
elif [ "${{ contains(github.ref, '-nightly.') }}" == "true" ]; then
exec ./ci.sh nightly
elif [ "${{ startsWith(github.ref, 'refs/tags/v') }}" == "true" ]; then
exec ./ci.sh release
else
exec ./ci.sh fast
fi
- name: Download benchmarks
if: github.event_name == 'merge_group'
run: ./ci.sh gh-bench
- name: Upload benchmarks
if: github.event_name == 'merge_group'
uses: benchmark-action/github-action-benchmark@4de1bed97a47495fc4c5404952da0499e31f5c29
with:
name: Aztec Benchmarks
benchmark-data-dir-path: "bench/${{ steps.target_branch.outputs.target_branch }}"
tool: "customSmallerIsBetter"
output-file-path: ./bench-out/bench.json
github-token: ${{ secrets.AZTEC_BOT_GITHUB_TOKEN }}
auto-push: true
ref: ${{ github.event.pull_request.head.sha || github.sha }}
alert-threshold: "105%"
comment-on-alert: false
fail-on-alert: false
max-items-in-chart: 100
notify:
runs-on: ubuntu-latest
if: github.event_name == 'push' && failure()
needs:
- ci
steps:
- name: Checkout Code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Get Context
id: get_context
run: |
authors=$(git log -1 --pretty=format:'%an <%ae>')
echo "authors=${authors}" >> $GITHUB_OUTPUT
# Note, we have to make sure double quotes don't break our JSON.
title=$(git log -1 --pretty=format:'%s' | sed s/\"/\'/g)
echo "commit_title=${title}" >> $GITHUB_OUTPUT
failed_jobs=""
[ "${{ needs.ci-grind.result }}" = "failure" ] && failed_jobs+="ci-grind"
[ "${{ needs.ci.result }}" = "failure" ] && failed_jobs+="ci"
echo "failed_jobs=${failed_jobs}" >> $GITHUB_OUTPUT
cat $GITHUB_OUTPUT
- name: Send Notification
uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001
with:
payload: |
{
"text": "Failure on ${{ github.ref_name }}\nCommit: ${{ steps.get_context.outputs.commit_title }}",
"url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}",
"authors": "${{ steps.get_context.outputs.authors }}",
"failed_jobs": "${{ steps.get_context.outputs.failed_jobs }}"
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_NOTIFY_WORKFLOW_TRIGGER_URL2 }}