Skip to content

Commit f85846f

Browse files
v2.2.0 release candidate (#3836)
2 parents 406cb89 + fc9e0f6 commit f85846f

File tree

18 files changed

+411
-285
lines changed

18 files changed

+411
-285
lines changed

.github/workflows/client.yml

Lines changed: 27 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -28,15 +28,15 @@ on:
2828
required: false
2929
default: "main"
3030

31-
# TODO: Implement automatic releases creation on tags push with https://github.com/softprops/action-gh-release
31+
# Automatic releases are now handled by the dedicated release.yml workflow
3232

3333
jobs:
3434
client-detect-changes:
3535
runs-on: ubuntu-latest
3636
outputs:
3737
path-filter: ${{ steps.filter.outputs.path-filter }}
3838
steps:
39-
- uses: actions/checkout@v3
39+
- uses: actions/checkout@v4
4040
if: github.event_name == 'pull_request'
4141

4242
- uses: dorny/paths-filter@v2
@@ -52,7 +52,7 @@ jobs:
5252
outputs:
5353
path-filter: ${{ steps.filter.outputs.path-filter }}
5454
steps:
55-
- uses: actions/checkout@v3
55+
- uses: actions/checkout@v4
5656
if: github.event_name == 'pull_request'
5757

5858
- uses: dorny/paths-filter@v2
@@ -71,7 +71,7 @@ jobs:
7171
|| needs.client-detect-changes.outputs.path-filter == 'true'
7272
runs-on: ubuntu-latest
7373
steps:
74-
- uses: actions/checkout@v3
74+
- uses: actions/checkout@v4
7575
with:
7676
# Fetch the whole history for the `git describe` command to work.
7777
fetch-depth: 0
@@ -88,18 +88,18 @@ jobs:
8888
environment: ${{ github.event.inputs.environment }}
8989

9090
- name: Set up Docker Buildx
91-
uses: docker/setup-buildx-action@v2
91+
uses: docker/setup-buildx-action@v3
9292

9393
- name: Cache Docker layers
94-
uses: actions/cache@v3
94+
uses: actions/cache@v4
9595
with:
9696
path: /tmp/.buildx-cache
9797
key: ${{ runner.os }}-buildx-${{ github.sha }}
9898
restore-keys: |
9999
${{ runner.os }}-buildx-
100100
101101
- name: Build Docker Build Image
102-
uses: docker/build-push-action@v3
102+
uses: docker/build-push-action@v5
103103
with:
104104
target: build-docker
105105
tags: go-build-env
@@ -123,7 +123,7 @@ jobs:
123123
docker save --output /tmp/go-build-env-image.tar go-build-env
124124
125125
- name: Upload Docker Build Image
126-
uses: actions/upload-artifact@v3
126+
uses: actions/upload-artifact@v4
127127
with:
128128
name: go-build-env-image
129129
path: /tmp/go-build-env-image.tar
@@ -133,11 +133,11 @@ jobs:
133133
docker run \
134134
--workdir /go/src/github.com/keep-network/keep-core \
135135
go-build-env \
136-
gotestsum
136+
gotestsum -- -timeout 15m
137137
138138
- name: Build Docker Runtime Image
139139
if: github.event_name != 'workflow_dispatch'
140-
uses: docker/build-push-action@v3
140+
uses: docker/build-push-action@v5
141141
with:
142142
target: runtime-docker
143143
labels: |
@@ -148,15 +148,15 @@ jobs:
148148

149149
- name: Login to Google Container Registry
150150
if: github.event_name == 'workflow_dispatch'
151-
uses: docker/login-action@v2
151+
uses: docker/login-action@v3
152152
with:
153153
registry: ${{ env.GCR_REGISTRY_URL }}
154154
username: _json_key
155155
password: ${{ secrets.KEEP_TEST_GCR_JSON_KEY }}
156156

157157
- name: Build and publish Docker Runtime Image
158158
if: github.event_name == 'workflow_dispatch'
159-
uses: docker/build-push-action@v3
159+
uses: docker/build-push-action@v5
160160
env:
161161
IMAGE_NAME: "keep-client"
162162
with:
@@ -177,7 +177,7 @@ jobs:
177177
context: .
178178

179179
- name: Build Client Binaries
180-
uses: docker/build-push-action@v3
180+
uses: docker/build-push-action@v5
181181
with:
182182
target: output-bins
183183
outputs: type=local,dest=./out/bin/
@@ -189,7 +189,7 @@ jobs:
189189
context: .
190190

191191
- name: Archive Client Binaries
192-
uses: actions/upload-artifact@v3
192+
uses: actions/upload-artifact@v4
193193
with:
194194
name: binaries
195195
path: |
@@ -240,10 +240,11 @@ jobs:
240240
env:
241241
GO111MODULE: on
242242
steps:
243-
- uses: actions/checkout@v3
243+
- uses: actions/checkout@v4
244244
- uses: securego/gosec@master
245245
with:
246246
args: |
247+
-exclude=G115
247248
-exclude-dir=pkg/chain/ethereum/beacon/gen
248249
-exclude-dir=pkg/chain/ethereum/ecdsa/gen
249250
-exclude-dir=pkg/chain/ethereum/threshold/gen
@@ -257,8 +258,8 @@ jobs:
257258
|| needs.client-detect-changes.outputs.path-filter == 'true'
258259
runs-on: ubuntu-latest
259260
steps:
260-
- uses: actions/checkout@v3
261-
- uses: actions/setup-go@v3
261+
- uses: actions/checkout@v4
262+
- uses: actions/setup-go@v5
262263
with:
263264
go-version-file: "go.mod"
264265
- name: gofmt
@@ -275,8 +276,8 @@ jobs:
275276
|| needs.client-detect-changes.outputs.path-filter == 'true'
276277
runs-on: ubuntu-latest
277278
steps:
278-
- uses: actions/checkout@v3
279-
- uses: actions/setup-go@v3
279+
- uses: actions/checkout@v4
280+
- uses: actions/setup-go@v5
280281
with:
281282
go-version-file: "go.mod"
282283
- run: go vet
@@ -288,15 +289,16 @@ jobs:
288289
|| needs.client-detect-changes.outputs.path-filter == 'true'
289290
runs-on: ubuntu-latest
290291
steps:
291-
- uses: actions/checkout@v3
292-
- uses: actions/setup-go@v3
292+
- uses: actions/checkout@v4
293+
- uses: actions/setup-go@v5
293294
with:
294295
go-version-file: "go.mod"
295296
- name: Staticcheck
296-
uses: dominikh/staticcheck-action@v1.3.0
297+
uses: dominikh/staticcheck-action@v1.4.0
297298
with:
298-
version: "2023.1.6"
299+
version: "2025.1.1"
299300
install-go: false
301+
checks: "-SA1019"
300302

301303
client-integration-test:
302304
needs: [electrum-integration-detect-changes, client-build-test-publish]
@@ -306,10 +308,10 @@ jobs:
306308
runs-on: ubuntu-latest
307309
steps:
308310
- name: Set up Docker Buildx
309-
uses: docker/setup-buildx-action@v2
311+
uses: docker/setup-buildx-action@v3
310312

311313
- name: Download Docker Build Image
312-
uses: actions/download-artifact@v3
314+
uses: actions/download-artifact@v4
313315
with:
314316
name: go-build-env-image
315317
path: /tmp

.github/workflows/release.yml

Lines changed: 116 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,116 @@
1+
name: Release
2+
3+
on:
4+
push:
5+
tags:
6+
- 'v*'
7+
8+
permissions:
9+
contents: write
10+
11+
jobs:
12+
build-and-release:
13+
runs-on: ubuntu-latest
14+
steps:
15+
- uses: actions/checkout@v4
16+
with:
17+
# Fetch the whole history for the `git describe` command to work.
18+
fetch-depth: 0
19+
20+
- name: Resolve versions
21+
run: |
22+
echo "version=$(git describe --tags --match 'v[0-9]*' HEAD)" \
23+
>> $GITHUB_ENV
24+
echo "revision=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
25+
26+
- name: Set up Docker Buildx
27+
uses: docker/setup-buildx-action@v3
28+
29+
- name: Cache Docker layers
30+
uses: actions/cache@v4
31+
with:
32+
path: /tmp/.buildx-cache
33+
key: ${{ runner.os }}-buildx-${{ github.sha }}
34+
restore-keys: |
35+
${{ runner.os }}-buildx-
36+
37+
- name: Build Docker Build Image
38+
uses: docker/build-push-action@v5
39+
with:
40+
target: build-docker
41+
tags: go-build-env
42+
build-args: |
43+
VERSION=${{ env.version }}
44+
REVISION=${{ env.revision }}
45+
# load image to local registry to use it in next steps
46+
load: true
47+
cache-from: type=local,src=/tmp/.buildx-cache
48+
cache-to: type=local,dest=/tmp/.buildx-cache-new
49+
context: .
50+
51+
- name: Run Go tests
52+
run: |
53+
docker run \
54+
--workdir /go/src/github.com/keep-network/keep-core \
55+
go-build-env \
56+
gotestsum -- -timeout 15m
57+
58+
- name: Build Client Binaries
59+
uses: docker/build-push-action@v5
60+
with:
61+
target: output-bins
62+
outputs: type=local,dest=./out/bin/
63+
build-args: |
64+
ENVIRONMENT=mainnet
65+
VERSION=${{ env.version }}
66+
REVISION=${{ env.revision }}
67+
push: false
68+
context: .
69+
70+
- name: Generate release notes
71+
id: release_notes
72+
run: |
73+
# Get the previous tag for release notes
74+
PREV_TAG=$(git describe --tags --abbrev=0 --match 'v[0-9]*' \
75+
HEAD^ 2>/dev/null || echo "")
76+
77+
# Create release notes
78+
echo "RELEASE_NOTES<<EOF" >> $GITHUB_OUTPUT
79+
echo "## Keep Core ${{ env.version }}" >> $GITHUB_OUTPUT
80+
echo "" >> $GITHUB_OUTPUT
81+
echo "Built from commit: ${{ env.revision }}" >> $GITHUB_OUTPUT
82+
echo "" >> $GITHUB_OUTPUT
83+
echo "### Downloads" >> $GITHUB_OUTPUT
84+
echo "- **Linux AMD64**: \`keep-client-mainnet-${{ env.version }}-linux-amd64.tar.gz\`" \
85+
>> $GITHUB_OUTPUT
86+
echo "- **macOS AMD64**: \`keep-client-mainnet-${{ env.version }}-darwin-amd64.tar.gz\`" \
87+
>> $GITHUB_OUTPUT
88+
echo "" >> $GITHUB_OUTPUT
89+
echo "### Verification" >> $GITHUB_OUTPUT
90+
echo "All binaries include MD5 and SHA256 checksums for verification." \
91+
>> $GITHUB_OUTPUT
92+
echo "" >> $GITHUB_OUTPUT
93+
if [ -n "$PREV_TAG" ]; then
94+
echo "### Changes since $PREV_TAG" >> $GITHUB_OUTPUT
95+
git log --oneline --no-merges "$PREV_TAG..HEAD" | head -20 \
96+
>> $GITHUB_OUTPUT
97+
fi
98+
echo "EOF" >> $GITHUB_OUTPUT
99+
100+
- name: Create GitHub Release
101+
uses: softprops/action-gh-release@v2
102+
with:
103+
name: Release ${{ env.version }}
104+
body: ${{ steps.release_notes.outputs.RELEASE_NOTES }}
105+
files: |
106+
out/bin/*.tar.gz
107+
out/bin/*.md5
108+
out/bin/*.sha256
109+
draft: false
110+
prerelease: ${{ contains(env.version, '-') }}
111+
generate_release_notes: false
112+
113+
- name: Move cache
114+
run: |
115+
rm -rf /tmp/.buildx-cache
116+
mv /tmp/.buildx-cache-new /tmp/.buildx-cache

.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,8 @@ yarn-error.log
5555
/solidity*/**/export.json
5656

5757
# Go bindings generator
58+
# Note: Some specific _address files are committed as empty placeholders
59+
# to satisfy //go:embed directives during CI builds that don't run go generate
5860
/pkg/chain/**/gen/_address/
5961
/pkg/chain/**/gen/_contracts/
6062
/pkg/chain/**/gen/abi/*.abi

Dockerfile

Lines changed: 15 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM golang:1.20.13-alpine3.19 AS build-sources
1+
FROM golang:1.24-alpine3.21 AS build-sources
22

33
ENV GOPATH=/go \
44
GOBIN=/go/bin \
@@ -10,7 +10,7 @@ ENV GOPATH=/go \
1010

1111
# TODO: Remove perl once go-ethereum is upgraded to 1.11.
1212
# See pkg/chain/ethereum/tbtc/gen/Makefile and after_abi_hook for details.
13-
RUN apk add --update --no-cache \
13+
RUN apk update && apk upgrade && apk add --update --no-cache \
1414
g++ \
1515
linux-headers \
1616
protobuf-dev \
@@ -26,7 +26,7 @@ RUN apk add --update --no-cache \
2626
rm -rf /var/cache/apk/ && mkdir /var/cache/apk/ && \
2727
rm -rf /usr/share/man
2828

29-
RUN go install gotest.tools/gotestsum@latest
29+
RUN go install gotest.tools/gotestsum@v1.10.1
3030

3131
RUN mkdir -p $APP_DIR $TEST_RESULTS_DIR
3232

@@ -36,9 +36,6 @@ WORKDIR $APP_DIR
3636
COPY go.mod go.sum $APP_DIR/
3737
RUN go mod download
3838

39-
# Install code generators.
40-
RUN go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.32.0
41-
4239
# Copy source code for generation.
4340
COPY ./pkg/beacon/dkg/result/gen $APP_DIR/pkg/beacon/dkg/result/gen
4441
COPY ./pkg/beacon/entry/gen $APP_DIR/pkg/beacon/entry/gen
@@ -57,6 +54,10 @@ COPY ./pkg/tecdsa/gen $APP_DIR/pkg/tecdsa/gen
5754
COPY ./pkg/protocol/announcer/gen $APP_DIR/pkg/protocol/announcer/gen
5855
COPY ./pkg/protocol/inactivity/gen $APP_DIR/pkg/protocol/inactivity/gen
5956

57+
58+
# Install code generators.
59+
RUN go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.32.0
60+
6061
# Environment is to download published and tagged NPM packages versions.
6162
ARG ENVIRONMENT
6263

@@ -69,6 +70,9 @@ RUN make generate environment=$ENVIRONMENT
6970

7071
COPY ./ $APP_DIR/
7172

73+
# Update go.sum with any missing dependencies
74+
RUN go mod tidy && go mod download
75+
7276
#
7377
# Build Docker Image
7478
#
@@ -84,12 +88,15 @@ RUN GOOS=linux make build \
8488
version=$VERSION \
8589
revision=$REVISION
8690

87-
FROM alpine:3.19 as runtime-docker
91+
FROM alpine:3.21 as runtime-docker
8892

8993
ENV APP_NAME=keep-client \
9094
APP_DIR=/go/src/github.com/keep-network/keep-core \
9195
BIN_PATH=/usr/local/bin
9296

97+
# Update Alpine packages to get latest security patches
98+
RUN apk update && apk upgrade && rm -rf /var/cache/apk/*
99+
93100
COPY --from=build-docker $APP_DIR/$APP_NAME $BIN_PATH
94101

95102
# ENTRYPOINT cant handle ENV variables.
@@ -101,7 +108,7 @@ CMD []
101108
#
102109
# Build Binaries
103110
#
104-
FROM golang:1.20.13-bullseye AS build-bins
111+
FROM golang:1.24-bullseye AS build-bins
105112

106113
ENV APP_DIR=/go/src/github.com/keep-network/keep-core
107114

0 commit comments

Comments
 (0)