diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 57487842c47..97d349357b5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -128,7 +128,7 @@ jobs: uses: actions/checkout@v4 - name: Setup private build environment - if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} + if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} uses: ./actions/private-setup with: cadence_deploy_key: ${{ secrets.CADENCE_DEPLOY_KEY }} @@ -212,7 +212,7 @@ jobs: uses: actions/checkout@v4 - name: Setup private build environment - if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} + if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} uses: ./actions/private-setup with: cadence_deploy_key: ${{ secrets.CADENCE_DEPLOY_KEY }} @@ -258,7 +258,7 @@ jobs: uses: actions/checkout@v4 - name: Setup private build environment - if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} + if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} uses: ./actions/private-setup with: cadence_deploy_key: ${{ secrets.CADENCE_DEPLOY_KEY }} @@ -303,7 +303,7 @@ jobs: fetch-depth: 0 - name: Setup private build environment - if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} + if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} uses: ./actions/private-setup with: cadence_deploy_key: ${{ secrets.CADENCE_DEPLOY_KEY }} @@ -324,11 +324,11 @@ jobs: # this docker auth is exclusively for higher rate limits. continue unauthenticated if it fails continue-on-error: true - - name: Docker build env: CADENCE_DEPLOY_KEY: ${{ secrets.CADENCE_DEPLOY_KEY }} run: make docker-native-build-flow docker-native-build-flow-corrupt + - name: Save Docker images run: | docker save \ @@ -342,6 +342,7 @@ jobs: gcr.io/flow-container-registry/access-corrupted:latest \ gcr.io/flow-container-registry/execution-corrupted:latest \ gcr.io/flow-container-registry/verification-corrupted:latest > flow-docker-images.tar + - name: Cache Docker images uses: actions/cache@v4 with: @@ -349,6 +350,66 @@ jobs: # use the workflow run id as part of the cache key to ensure these docker images will only be used for a single workflow run key: flow-docker-images-${{ hashFiles('**/Dockerfile') }}-${{ github.run_id }} + docker-build-cadence-vm: + name: Docker Build (with Cadence VM) + runs-on: buildjet-16vcpu-ubuntu-2204 + env: + CADENCE_DEPLOY_KEY: ${{ secrets.CADENCE_DEPLOY_KEY }} + steps: + - name: Checkout repo + uses: actions/checkout@v4 + with: + # all tags are needed for integration tests + fetch-depth: 0 + + - name: Setup private build environment + if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} + uses: ./actions/private-setup + with: + cadence_deploy_key: ${{ secrets.CADENCE_DEPLOY_KEY }} + + - name: Setup Go + uses: actions/setup-go@v5 + timeout-minutes: 10 # fail fast. sometimes this step takes an extremely long time + with: + go-version: ${{ env.GO_VERSION }} + cache: true + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + if: ${{ (github.event_name == 'merge_group' || (github.event.pull_request && (github.event.pull_request.author_association == 'MEMBER' || github.event.pull_request.author_association == 'COLLABORATOR'))) }} + # this docker auth is exclusively for higher rate limits. continue unauthenticated if it fails + continue-on-error: true + + - name: Docker build + env: + CADENCE_DEPLOY_KEY: ${{ secrets.CADENCE_DEPLOY_KEY }} + run: make docker-native-build-flow docker-native-build-flow-corrupt CADENCE_VM=true + + - name: Save Docker images + run: | + docker save \ + gcr.io/flow-container-registry/access:latest \ + gcr.io/flow-container-registry/collection:latest \ + gcr.io/flow-container-registry/consensus:latest \ + gcr.io/flow-container-registry/execution:latest \ + gcr.io/flow-container-registry/ghost:latest \ + gcr.io/flow-container-registry/observer:latest \ + gcr.io/flow-container-registry/verification:latest \ + gcr.io/flow-container-registry/access-corrupted:latest \ + gcr.io/flow-container-registry/execution-corrupted:latest \ + gcr.io/flow-container-registry/verification-corrupted:latest > flow-docker-images.tar + + - name: Cache Docker images + uses: actions/cache@v4 + with: + path: flow-docker-images.tar + # use the workflow run id as part of the cache key to ensure these docker images will only be used for a single workflow run + key: flow-docker-images-${{ hashFiles('**/Dockerfile') }}-${{ github.run_id }}-cadence-vm + integration-test-others: name: Integration Tests Others (${{ matrix.targets.name }}) needs: create-integration-dynamic-test-matrix @@ -362,9 +423,9 @@ jobs: steps: - name: Checkout repo uses: actions/checkout@v4 - + - name: Setup private build environment - if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} + if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} uses: ./actions/private-setup with: cadence_deploy_key: ${{ secrets.CADENCE_DEPLOY_KEY }} @@ -398,7 +459,9 @@ jobs: integration-test: name: Integration Tests - needs: docker-build + needs: + - docker-build + - docker-build-cadence-vm strategy: fail-fast: false matrix: @@ -406,6 +469,10 @@ jobs: - name: Access Cohort1 Integration Tests make: make -C integration access-cohort1-tests runner: buildjet-4vcpu-ubuntu-2204 + - name: Access Cohort1 Integration Tests (Cadence VM) + make: make -C integration access-cohort1-tests + runner: buildjet-4vcpu-ubuntu-2204 + cadence_vm: true - name: Access Cohort2 Integration Tests make: make -C integration access-cohort2-tests runner: ubuntu-latest @@ -434,27 +501,55 @@ jobs: - name: Epoch Cohort1 Integration Tests make: make -C integration epochs-cohort1-tests runner: buildjet-8vcpu-ubuntu-2204 + - name: Epoch Cohort1 Integration Tests (Cadence VM) + make: make -C integration epochs-cohort1-tests + runner: buildjet-8vcpu-ubuntu-2204 + cadence_vm: true - name: Epoch Cohort2 Integration Tests make: make -C integration epochs-cohort2-tests runner: buildjet-4vcpu-ubuntu-2204 + - name: Epoch Cohort2 Integration Tests (Cadence VM) + make: make -C integration epochs-cohort2-tests + runner: buildjet-4vcpu-ubuntu-2204 + cadence_vm: true - name: Execution Integration Tests make: make -C integration execution-tests runner: ubuntu-latest + - name: Execution Integration Tests (Cadence VM) + make: make -C integration execution-tests + runner: ubuntu-latest + cadence_vm: true - name: Ghost Integration Tests make: make -C integration ghost-tests runner: ubuntu-latest + - name: Ghost Integration Tests (Cadence VM) + make: make -C integration ghost-tests + runner: ubuntu-latest + cadence_vm: true - name: MVP Integration Tests make: make -C integration mvp-tests runner: ubuntu-latest + - name: MVP Integration Tests (Cadence VM) + make: make -C integration mvp-tests + runner: ubuntu-latest + cadence_vm: true - name: Network Integration Tests make: make -C integration network-tests runner: ubuntu-latest - name: Verification Integration Tests make: make -C integration verification-tests runner: ubuntu-latest + - name: Verification Integration Tests (Cadence VM) + make: make -C integration verification-tests + runner: ubuntu-latest + cadence_vm: true - name: Upgrade Integration Tests make: make -C integration upgrades-tests runner: ubuntu-latest + - name: Upgrade Integration Tests (Cadence VM) + make: make -C integration upgrades-tests + runner: ubuntu-latest + cadence_vm: true runs-on: ${{ matrix.runner }} steps: - name: Checkout repo @@ -464,7 +559,7 @@ jobs: fetch-depth: 0 - name: Setup private build environment - if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} + if: ${{ vars.PRIVATE_BUILDS_SUPPORTED == 'true' }} uses: ./actions/private-setup with: cadence_deploy_key: ${{ secrets.CADENCE_DEPLOY_KEY }} @@ -479,8 +574,8 @@ jobs: uses: actions/cache@v4 with: path: flow-docker-images.tar - # use the same cache key as the docker-build job - key: flow-docker-images-${{ hashFiles('**/Dockerfile') }}-${{ github.run_id }} + # use the same cache key as the docker-build / docker-build-cadence-vm job + key: flow-docker-images-${{ hashFiles('**/Dockerfile') }}-${{ github.run_id }}${{ matrix.cadence_vm && '-cadence-vm' || '' }} - name: Load Docker images run: docker load -i flow-docker-images.tar - name: Run tests (${{ matrix.name }}) diff --git a/Makefile b/Makefile index 592469a2f6f..55ee197f5df 100644 --- a/Makefile +++ b/Makefile @@ -43,6 +43,12 @@ export DOCKER_BUILDKIT := 1 # set `CRYPTO_FLAG` when building natively (not cross-compiling) include crypto_adx_flag.mk +ifeq ($(CADENCE_VM),true) +CADENCE_VM_TAG:=cadence_vm +else +CADENCE_VM_TAG:= +endif + # needed for CI .PHONY: noop noop: @@ -254,7 +260,7 @@ install-cross-build-tools: .PHONY: docker-native-build-collection docker-native-build-collection: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ -t "$(CONTAINER_REGISTRY)/collection:latest" \ @@ -262,41 +268,41 @@ docker-native-build-collection: .PHONY: docker-build-collection-with-adx docker-build-collection-with-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG)" \ -t "$(CONTAINER_REGISTRY)/collection:$(IMAGE_TAG)" . .PHONY: docker-build-collection-without-adx docker-build-collection-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/collection:$(IMAGE_TAG_NO_ADX)" . .PHONY: docker-build-collection-without-netgo-without-adx docker-build-collection-without-netgo-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_NETGO_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/collection:$(IMAGE_TAG_NO_NETGO_NO_ADX)" . .PHONY: docker-cross-build-collection-arm docker-cross-build-collection-arm: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg CC=aarch64-linux-gnu-gcc --build-arg GOARCH=arm64 --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg CC=aarch64-linux-gnu-gcc --build-arg GOARCH=arm64 --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_ARM)" \ -t "$(CONTAINER_REGISTRY)/collection:$(IMAGE_TAG_ARM)" . .PHONY: docker-native-build-collection-debug docker-native-build-collection-debug: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/collection --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ -t "$(CONTAINER_REGISTRY)/collection-debug:latest" \ -t "$(CONTAINER_REGISTRY)/collection-debug:$(IMAGE_TAG)" . .PHONY: docker-native-build-consensus docker-native-build-consensus: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ -t "$(CONTAINER_REGISTRY)/consensus:latest" \ @@ -304,28 +310,28 @@ docker-native-build-consensus: .PHONY: docker-build-consensus-with-adx docker-build-consensus-with-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG)" \ -t "$(CONTAINER_REGISTRY)/consensus:$(IMAGE_TAG)" . .PHONY: docker-build-consensus-without-adx docker-build-consensus-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/consensus:$(IMAGE_TAG_NO_ADX)" . .PHONY: docker-build-consensus-without-netgo-without-adx docker-build-consensus-without-netgo-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_NETGO_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/consensus:$(IMAGE_TAG_NO_NETGO_NO_ADX)" . .PHONY: docker-cross-build-consensus-arm docker-cross-build-consensus-arm: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG_ARM}" \ -t "$(CONTAINER_REGISTRY)/consensus:$(IMAGE_TAG_ARM)" . @@ -333,13 +339,13 @@ docker-cross-build-consensus-arm: .PHONY: docker-native-build-consensus-debug docker-build-native-consensus-debug: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/consensus --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ -t "$(CONTAINER_REGISTRY)/consensus-debug:latest" \ -t "$(CONTAINER_REGISTRY)/consensus-debug:$(IMAGE_TAG)" . .PHONY: docker-native-build-execution docker-native-build-execution: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ -t "$(CONTAINER_REGISTRY)/execution:latest" \ @@ -347,35 +353,35 @@ docker-native-build-execution: .PHONY: docker-build-execution-with-adx docker-build-execution-with-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG)" \ -t "$(CONTAINER_REGISTRY)/execution:$(IMAGE_TAG)" . .PHONY: docker-build-execution-without-adx docker-build-execution-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/execution:$(IMAGE_TAG_NO_ADX)" . .PHONY: docker-build-execution-without-netgo-without-adx docker-build-execution-without-netgo-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_NETGO_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/execution:$(IMAGE_TAG_NO_NETGO_NO_ADX)" . .PHONY: docker-cross-build-execution-arm docker-cross-build-execution-arm: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG_ARM}" \ -t "$(CONTAINER_REGISTRY)/execution:$(IMAGE_TAG_ARM)" . .PHONY: docker-native-build-execution-debug docker-native-build-execution-debug: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ -t "$(CONTAINER_REGISTRY)/execution-debug:latest" \ -t "$(CONTAINER_REGISTRY)/execution-debug:$(IMAGE_TAG)" . @@ -384,7 +390,7 @@ docker-native-build-execution-debug: docker-native-build-execution-corrupt: # temporarily make insecure/ a non-module to allow Docker to use corrupt builders there ./insecure/cmd/mods_override.sh - docker build -f cmd/Dockerfile --build-arg TARGET=./insecure/cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./insecure/cmd/execution --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ -t "$(CONTAINER_REGISTRY)/execution-corrupted:latest" \ @@ -393,7 +399,7 @@ docker-native-build-execution-corrupt: .PHONY: docker-native-build-verification docker-native-build-verification: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ -t "$(CONTAINER_REGISTRY)/verification:latest" \ @@ -401,35 +407,35 @@ docker-native-build-verification: .PHONY: docker-build-verification-with-adx docker-build-verification-with-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG)" \ -t "$(CONTAINER_REGISTRY)/verification:$(IMAGE_TAG)" . .PHONY: docker-build-verification-without-adx docker-build-verification-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/verification:$(IMAGE_TAG_NO_ADX)" . .PHONY: docker-build-verification-without-netgo-without-adx docker-build-verification-without-netgo-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_NETGO_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/verification:$(IMAGE_TAG_NO_NETGO_NO_ADX)" . .PHONY: docker-cross-build-verification-arm docker-cross-build-verification-arm: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG_ARM}" \ -t "$(CONTAINER_REGISTRY)/verification:$(IMAGE_TAG_ARM)" . .PHONY: docker-native-build-verification-debug docker-native-build-verification-debug: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ -t "$(CONTAINER_REGISTRY)/verification-debug:latest" \ -t "$(CONTAINER_REGISTRY)/verification-debug:$(IMAGE_TAG)" . @@ -438,7 +444,7 @@ docker-native-build-verification-debug: docker-native-build-verification-corrupt: # temporarily make insecure/ a non-module to allow Docker to use corrupt builders there ./insecure/cmd/mods_override.sh - docker build -f cmd/Dockerfile --build-arg TARGET=./insecure/cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./insecure/cmd/verification --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ -t "$(CONTAINER_REGISTRY)/verification-corrupted:latest" \ @@ -447,7 +453,7 @@ docker-native-build-verification-corrupt: .PHONY: docker-native-build-access docker-native-build-access: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ -t "$(CONTAINER_REGISTRY)/access:latest" \ @@ -455,28 +461,28 @@ docker-native-build-access: .PHONY: docker-build-access-with-adx docker-build-access-with-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG)" \ -t "$(CONTAINER_REGISTRY)/access:$(IMAGE_TAG)" . .PHONY: docker-build-access-without-adx docker-build-access-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/access:$(IMAGE_TAG_NO_ADX)" . .PHONY: docker-build-access-without-netgo-without-adx docker-build-access-without-netgo-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_NETGO_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/access:$(IMAGE_TAG_NO_NETGO_NO_ADX)" . .PHONY: docker-cross-build-access-arm docker-cross-build-access-arm: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG_ARM}" \ -t "$(CONTAINER_REGISTRY)/access:$(IMAGE_TAG_ARM)" . @@ -484,7 +490,7 @@ docker-cross-build-access-arm: .PHONY: docker-native-build-access-debug docker-native-build-access-debug: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/access --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ -t "$(CONTAINER_REGISTRY)/access-debug:latest" \ -t "$(CONTAINER_REGISTRY)/access-debug:$(IMAGE_TAG)" . @@ -494,7 +500,7 @@ docker-native-build-access-debug: docker-native-build-access-corrupt: #temporarily make insecure/ a non-module to allow Docker to use corrupt builders there ./insecure/cmd/mods_override.sh - docker build -f cmd/Dockerfile --build-arg TARGET=./insecure/cmd/access --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./insecure/cmd/access --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ -t "$(CONTAINER_REGISTRY)/access-corrupted:latest" \ @@ -511,7 +517,7 @@ docker-native-build-access-binary: docker-native-build-access .PHONY: docker-native-build-observer docker-native-build-observer: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ -t "$(CONTAINER_REGISTRY)/observer:latest" \ @@ -519,28 +525,28 @@ docker-native-build-observer: .PHONY: docker-build-observer-with-adx docker-build-observer-with-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=amd64 --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG)" \ -t "$(CONTAINER_REGISTRY)/observer:$(IMAGE_TAG)" . .PHONY: docker-build-observer-without-adx docker-build-observer-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_ADX) --build-arg GOARCH=amd64 --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/observer:$(IMAGE_TAG_NO_ADX)" . .PHONY: docker-build-observer-without-netgo-without-adx docker-build-observer-without-netgo-without-adx: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_NO_NETGO_NO_ADX) --build-arg GOARCH=amd64 --build-arg TAGS="" --build-arg CGO_FLAG=$(DISABLE_ADX) --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=$(IMAGE_TAG_NO_NETGO_NO_ADX)" \ -t "$(CONTAINER_REGISTRY)/observer:$(IMAGE_TAG_NO_NETGO_NO_ADX)" . .PHONY: docker-cross-build-observer-arm docker-cross-build-observer-arm: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/observer --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG_ARM) --build-arg GOARCH=arm64 --build-arg CC=aarch64-linux-gnu-gcc --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG_ARM}" \ -t "$(CONTAINER_REGISTRY)/observer:$(IMAGE_TAG_ARM)" . @@ -548,7 +554,7 @@ docker-cross-build-observer-arm: .PHONY: docker-native-build-ghost docker-native-build-ghost: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/ghost --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/ghost --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target production \ --label "git_commit=${COMMIT}" --label "git_tag=${IMAGE_TAG}" \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY --build-arg GOPRIVATE=$(GOPRIVATE) \ -t "$(CONTAINER_REGISTRY)/ghost:latest" \ @@ -556,7 +562,7 @@ docker-native-build-ghost: .PHONY: docker-native-build-ghost-debug docker-native-build-ghost-debug: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/ghost --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/ghost --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(IMAGE_TAG) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --target debug \ -t "$(CONTAINER_REGISTRY)/ghost-debug:latest" \ -t "$(CONTAINER_REGISTRY)/ghost-debug:$(IMAGE_TAG)" . @@ -574,7 +580,7 @@ tool-bootstrap: docker-build-bootstrap .PHONY: docker-build-bootstrap-transit docker-build-bootstrap-transit: - docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/bootstrap/transit --build-arg COMMIT=$(COMMIT) --build-arg VERSION=$(VERSION) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --no-cache \ + docker build -f cmd/Dockerfile --build-arg TARGET=./cmd/bootstrap/transit --build-arg COMMIT=$(COMMIT) --build-arg CADENCE_VM_TAG=$(CADENCE_VM_TAG) --build-arg VERSION=$(VERSION) --build-arg GOARCH=$(GOARCH) --build-arg CGO_FLAG=$(CRYPTO_FLAG) --no-cache \ --target production \ --secret id=cadence_deploy_key,env=CADENCE_DEPLOY_KEY \ -t "$(CONTAINER_REGISTRY)/bootstrap-transit:latest" \ diff --git a/cmd/Dockerfile b/cmd/Dockerfile index b0e5398fb36..bdaf3670c5e 100644 --- a/cmd/Dockerfile +++ b/cmd/Dockerfile @@ -42,6 +42,8 @@ ARG TAGS="netgo,osusergo" ARG CC="" # CGO_FLAG uses ADX instructions by default, flag can be overwritten to build without ADX ARG CGO_FLAG="" +# CADENCE_VM_TAG should be empty to disable the Cadene VM, or "cadence_vm" to enable it +ARG CADENCE_VM_TAG="" # Keep Go's build cache between builds. # https://github.com/golang/go/issues/27719#issuecomment-514747274 @@ -51,7 +53,7 @@ RUN --mount=type=cache,sharing=locked,target=/go/pkg/mod \ # We evaluate the SSH agent to safely pass in a key for cloning dependencies # We explicitly use ";" rather than && as we want to safely pass if it is unavailable eval `ssh-agent -s` && printf "%s\n" "$(cat /run/secrets/cadence_deploy_key)" | ssh-add - ; \ - CGO_ENABLED=1 GOOS=linux GOARCH=${GOARCH} CC="${CC}" CGO_CFLAGS="${CGO_FLAG}" go build --tags "${TAGS}" -ldflags "-extldflags -static \ + CGO_ENABLED=1 GOOS=linux GOARCH=${GOARCH} CC="${CC}" CGO_CFLAGS="${CGO_FLAG}" go build --tags "${TAGS},${CADENCE_VM_TAG}" -ldflags "-extldflags -static \ -X 'github.com/onflow/flow-go/cmd/build.commit=${COMMIT}' -X 'github.com/onflow/flow-go/cmd/build.semver=${VERSION}'" \ -o ./app ${TARGET} @@ -69,8 +71,18 @@ ENTRYPOINT ["/bin/app"] FROM build-env as build-debug WORKDIR /app ARG GOARCH=amd64 + +# TAGS can be overriden to modify the go build tags (e.g. build without netgo) +ARG TAGS="netgo,osusergo" +# CC flag can be overwritten to specify a C compiler ARG CC="" +# CGO_FLAG uses ADX instructions by default, flag can be overwritten to build without ADX ARG CGO_FLAG="" +# CADENCE_VM_TAG should be empty to disable the Cadene VM, or "cadence_vm" to enable it +ARG CADENCE_VM_TAG="" + +# Keep Go's build cache between builds. +# https://github.com/golang/go/issues/27719#issuecomment-514747274 RUN --mount=type=ssh \ --mount=type=cache,sharing=locked,target=/go/pkg/mod \ --mount=type=cache,target=/root/.cache/go-build \ @@ -78,7 +90,7 @@ RUN --mount=type=ssh \ # We evaluate the SSH agent to safely pass in a key for cloning dependencies # We explicitly use ";" rather than && as we want to safely pass if it is unavailable eval `ssh-agent -s` && printf "%s\n" "$(cat /run/secrets/cadence_deploy_key)" | ssh-add - ; \ - CGO_ENABLED=1 GOOS=linux GOARCH=${GOARCH} CC="${CC}" CGO_CFLAGS="${CGO_FLAG}" go build --tags "netgo" -ldflags "-extldflags -static \ + CGO_ENABLED=1 GOOS=linux GOARCH=${GOARCH} CC="${CC}" CGO_CFLAGS="${CGO_FLAG}" go build --tags "${TAGS},${CADENCE_VM_TAG}" -ldflags "-extldflags -static \ -X 'github.com/onflow/flow-go/cmd/build.commit=${COMMIT}' -X 'github.com/onflow/flow-go/cmd/build.semver=${VERSION}'" \ -gcflags="all=-N -l" -o ./app ${TARGET} diff --git a/fvm/script.go b/fvm/script.go index 75d2fdcf18b..abbe4317f33 100644 --- a/fvm/script.go +++ b/fvm/script.go @@ -238,6 +238,10 @@ func (executor *scriptExecutor) execute() error { } func (executor *scriptExecutor) executeScript() error { + if executor.ctx.CadenceVMEnabled { + return fmt.Errorf("Cadence VM execution is disabled for testing purposes") + } + rt := executor.env.BorrowCadenceRuntime() defer executor.env.ReturnCadenceRuntime(rt) diff --git a/fvm/transactionInvoker.go b/fvm/transactionInvoker.go index f4a9e5843fb..f5b8e4cad97 100644 --- a/fvm/transactionInvoker.go +++ b/fvm/transactionInvoker.go @@ -378,6 +378,11 @@ func (executor *transactionExecutor) normalExecution() ( return } + if executor.ctx.CadenceVMEnabled { + err = fmt.Errorf("Cadence VM execution is disabled for testing purposes") + return + } + err = executor.txnBodyExecutor.Execute() if err != nil { err = fmt.Errorf("transaction execute failed: %w", err)