From eefe3cf5fdc664904bc4250b5868bfa9cbd847e7 Mon Sep 17 00:00:00 2001 From: Michael FIG Date: Thu, 12 Sep 2024 11:21:06 -0600 Subject: [PATCH 1/3] build(deps): upgrade `@agoric/synthetic-chain` --- ...synthetic-chain-npm-0.1.0-148de716a6.patch | 13 -- a3p-integration/package.json | 2 +- a3p-integration/yarn.lock | 205 +++++++++++------- 3 files changed, 122 insertions(+), 98 deletions(-) delete mode 100644 a3p-integration/.yarn/patches/@agoric-synthetic-chain-npm-0.1.0-148de716a6.patch diff --git a/a3p-integration/.yarn/patches/@agoric-synthetic-chain-npm-0.1.0-148de716a6.patch b/a3p-integration/.yarn/patches/@agoric-synthetic-chain-npm-0.1.0-148de716a6.patch deleted file mode 100644 index 3d01386399d..00000000000 --- a/a3p-integration/.yarn/patches/@agoric-synthetic-chain-npm-0.1.0-148de716a6.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/dist/upgrade-test-scripts/env_setup.sh b/dist/upgrade-test-scripts/env_setup.sh -index 617a0fbe7efdfa457e28fc52806dba1b323930d8..25f52a6cf133dca830bd0dcd47c91700e6a8effe 100755 ---- a/dist/upgrade-test-scripts/env_setup.sh -+++ b/dist/upgrade-test-scripts/env_setup.sh -@@ -100,7 +100,7 @@ killAgd() { - AGD_PID=$(cat $HOME/.agoric/agd.pid) - kill $AGD_PID - rm $HOME/.agoric/agd.pid -- wait $AGD_PID || true -+ tail --pid=$AGD_PID -f /dev/null || true - } - - provisionSmartWallet() { diff --git a/a3p-integration/package.json b/a3p-integration/package.json index eb6673bd00a..12cee1cf696 100644 --- a/a3p-integration/package.json +++ b/a3p-integration/package.json @@ -12,7 +12,7 @@ "doctor": "yarn synthetic-chain doctor" }, "dependencies": { - "@agoric/synthetic-chain": "patch:@agoric/synthetic-chain@npm%3A0.1.0#~/.yarn/patches/@agoric-synthetic-chain-npm-0.1.0-148de716a6.patch", + "@agoric/synthetic-chain": "^0.3.0", "@types/better-sqlite3": "^7.6.9" }, "packageManager": "yarn@4.2.2", diff --git a/a3p-integration/yarn.lock b/a3p-integration/yarn.lock index c5c8e80616e..c5a6485757f 100644 --- a/a3p-integration/yarn.lock +++ b/a3p-integration/yarn.lock @@ -5,38 +5,25 @@ __metadata: version: 8 cacheKey: 10c0 -"@agoric/synthetic-chain@npm:0.1.0": - version: 0.1.0 - resolution: "@agoric/synthetic-chain@npm:0.1.0" +"@agoric/synthetic-chain@npm:^0.3.0": + version: 0.3.0 + resolution: "@agoric/synthetic-chain@npm:0.3.0" dependencies: - "@endo/zip": "npm:^1.0.1" - better-sqlite3: "npm:^9.4.0" + "@endo/zip": "npm:^1.0.7" + better-sqlite3: "npm:^9.6.0" chalk: "npm:^5.3.0" - execa: "npm:^8.0.1" + cosmjs-types: "npm:^0.9.0" + execa: "npm:^9.3.1" bin: synthetic-chain: dist/cli/cli.js - checksum: 10c0/8305293d085cde9cbf94670134216e06337c5624c45faf5dfebb86762042abe7b4340cf3205e671dfce54e888bd4e9b3428400756833fa06f2bbb21b44668c44 + checksum: 10c0/17c6241bdc48b8a2a7608c9d4d7c0a0c76fb10d4ee44a31a1150104a792bcd1133f4b1a7e8ab26673a07450b3ceabccd9911999117568221b49221b6ee4306a1 languageName: node linkType: hard -"@agoric/synthetic-chain@patch:@agoric/synthetic-chain@npm%3A0.1.0#~/.yarn/patches/@agoric-synthetic-chain-npm-0.1.0-148de716a6.patch": - version: 0.1.0 - resolution: "@agoric/synthetic-chain@patch:@agoric/synthetic-chain@npm%3A0.1.0#~/.yarn/patches/@agoric-synthetic-chain-npm-0.1.0-148de716a6.patch::version=0.1.0&hash=4a65eb" - dependencies: - "@endo/zip": "npm:^1.0.1" - better-sqlite3: "npm:^9.4.0" - chalk: "npm:^5.3.0" - execa: "npm:^8.0.1" - bin: - synthetic-chain: dist/cli/cli.js - checksum: 10c0/e974038161b1a9570912a02d9366c6680bc13ee3dfd0e49d06e5ce5e93dbcddf04d1d4cd453af0969bf29ccfe96ce3e141a214539722449add90b13f0785f1f7 - languageName: node - linkType: hard - -"@endo/zip@npm:^1.0.1": - version: 1.0.1 - resolution: "@endo/zip@npm:1.0.1" - checksum: 10c0/1074bdc10287f4c94b3423e130da88f9c6ba09c999483c1164b3eed061350a060d2dbe377cfa3b8d4a86b3f1c3aed5cbf0cdd78ee2bf2cb9b837caa2ebbf712f +"@endo/zip@npm:^1.0.7": + version: 1.0.7 + resolution: "@endo/zip@npm:1.0.7" + checksum: 10c0/a1c0d155448ce877012b34c8fe8cd3a58de9eb807514c81cddeebb802ee8e552b27d8a9a40fab3f3e4c49e0cb7fea6902fa1dd12a23ff6f30b56161fc3edc1f8 languageName: node linkType: hard @@ -83,6 +70,20 @@ __metadata: languageName: node linkType: hard +"@sec-ant/readable-stream@npm:^0.4.1": + version: 0.4.1 + resolution: "@sec-ant/readable-stream@npm:0.4.1" + checksum: 10c0/64e9e9cf161e848067a5bf60cdc04d18495dc28bb63a8d9f8993e4dd99b91ad34e4b563c85de17d91ffb177ec17a0664991d2e115f6543e73236a906068987af + languageName: node + linkType: hard + +"@sindresorhus/merge-streams@npm:^4.0.0": + version: 4.0.0 + resolution: "@sindresorhus/merge-streams@npm:4.0.0" + checksum: 10c0/482ee543629aa1933b332f811a1ae805a213681ecdd98c042b1c1b89387df63e7812248bb4df3910b02b3cc5589d3d73e4393f30e197c9dde18046ccd471fc6b + languageName: node + linkType: hard + "@types/better-sqlite3@npm:^7.6.9": version: 7.6.9 resolution: "@types/better-sqlite3@npm:7.6.9" @@ -171,14 +172,14 @@ __metadata: languageName: node linkType: hard -"better-sqlite3@npm:^9.4.0": - version: 9.4.0 - resolution: "better-sqlite3@npm:9.4.0" +"better-sqlite3@npm:^9.6.0": + version: 9.6.0 + resolution: "better-sqlite3@npm:9.6.0" dependencies: bindings: "npm:^1.5.0" node-gyp: "npm:latest" prebuild-install: "npm:^7.1.1" - checksum: 10c0/42b2edfa46d62763514b87122245a3513a5ff20f05fef4fb49fec33f3de0a51a29025596178f57c634b8013f16bbdf8169a308fb3e3b8d126d715788d72d1e74 + checksum: 10c0/8db9b38f414e26a56d4c40fc16e94a253118491dae0e2c054338a9e470f1a883c7eb4cb330f2f5737db30f704d4f2e697c59071ca04e03364ee9fe04375aa9c8 languageName: node linkType: hard @@ -285,6 +286,13 @@ __metadata: languageName: node linkType: hard +"cosmjs-types@npm:^0.9.0": + version: 0.9.0 + resolution: "cosmjs-types@npm:0.9.0" + checksum: 10c0/bc20f4293fb34629d7c5f96bafe533987f753df957ff68eb078d0128ae5a418320cb945024441769a07bb9bc5dde9d22b972fd40d485933e5706ea191c43727b + languageName: node + linkType: hard + "cross-spawn@npm:^7.0.0, cross-spawn@npm:^7.0.3": version: 7.0.3 resolution: "cross-spawn@npm:7.0.3" @@ -384,20 +392,23 @@ __metadata: languageName: node linkType: hard -"execa@npm:^8.0.1": - version: 8.0.1 - resolution: "execa@npm:8.0.1" +"execa@npm:^9.3.1": + version: 9.3.1 + resolution: "execa@npm:9.3.1" dependencies: + "@sindresorhus/merge-streams": "npm:^4.0.0" cross-spawn: "npm:^7.0.3" - get-stream: "npm:^8.0.1" - human-signals: "npm:^5.0.0" - is-stream: "npm:^3.0.0" - merge-stream: "npm:^2.0.0" - npm-run-path: "npm:^5.1.0" - onetime: "npm:^6.0.0" + figures: "npm:^6.1.0" + get-stream: "npm:^9.0.0" + human-signals: "npm:^8.0.0" + is-plain-obj: "npm:^4.1.0" + is-stream: "npm:^4.0.1" + npm-run-path: "npm:^5.2.0" + pretty-ms: "npm:^9.0.0" signal-exit: "npm:^4.1.0" - strip-final-newline: "npm:^3.0.0" - checksum: 10c0/2c52d8775f5bf103ce8eec9c7ab3059909ba350a5164744e9947ed14a53f51687c040a250bda833f906d1283aa8803975b84e6c8f7a7c42f99dc8ef80250d1af + strip-final-newline: "npm:^4.0.0" + yoctocolors: "npm:^2.0.0" + checksum: 10c0/113979ff56575f6cb69fd021eb3894a674fb59b264f5e8c2b9b30e301629abc4f44cee881e680f9fb3b7d4956645df76a2d8c0006869dea985f96ec65f07b226 languageName: node linkType: hard @@ -415,6 +426,15 @@ __metadata: languageName: node linkType: hard +"figures@npm:^6.1.0": + version: 6.1.0 + resolution: "figures@npm:6.1.0" + dependencies: + is-unicode-supported: "npm:^2.0.0" + checksum: 10c0/9159df4264d62ef447a3931537de92f5012210cf5135c35c010df50a2169377581378149abfe1eb238bd6acbba1c0d547b1f18e0af6eee49e30363cedaffcfe4 + languageName: node + linkType: hard + "file-uri-to-path@npm:1.0.0": version: 1.0.0 resolution: "file-uri-to-path@npm:1.0.0" @@ -457,10 +477,13 @@ __metadata: languageName: node linkType: hard -"get-stream@npm:^8.0.1": - version: 8.0.1 - resolution: "get-stream@npm:8.0.1" - checksum: 10c0/5c2181e98202b9dae0bb4a849979291043e5892eb40312b47f0c22b9414fc9b28a3b6063d2375705eb24abc41ecf97894d9a51f64ff021511b504477b27b4290 +"get-stream@npm:^9.0.0": + version: 9.0.1 + resolution: "get-stream@npm:9.0.1" + dependencies: + "@sec-ant/readable-stream": "npm:^0.4.1" + is-stream: "npm:^4.0.1" + checksum: 10c0/d70e73857f2eea1826ac570c3a912757dcfbe8a718a033fa0c23e12ac8e7d633195b01710e0559af574cbb5af101009b42df7b6f6b29ceec8dbdf7291931b948 languageName: node linkType: hard @@ -520,10 +543,10 @@ __metadata: languageName: node linkType: hard -"human-signals@npm:^5.0.0": - version: 5.0.0 - resolution: "human-signals@npm:5.0.0" - checksum: 10c0/5a9359073fe17a8b58e5a085e9a39a950366d9f00217c4ff5878bd312e09d80f460536ea6a3f260b5943a01fe55c158d1cea3fc7bee3d0520aeef04f6d915c82 +"human-signals@npm:^8.0.0": + version: 8.0.0 + resolution: "human-signals@npm:8.0.0" + checksum: 10c0/e4dac4f7d3eb791ed04129fc6a85bd454a9102d3e3b76c911d0db7057ebd60b2956b435b5b5712aec18960488ede3c21ef7c56e42cdd70760c0d84d3c05cd92e languageName: node linkType: hard @@ -592,10 +615,24 @@ __metadata: languageName: node linkType: hard -"is-stream@npm:^3.0.0": - version: 3.0.0 - resolution: "is-stream@npm:3.0.0" - checksum: 10c0/eb2f7127af02ee9aa2a0237b730e47ac2de0d4e76a4a905a50a11557f2339df5765eaea4ceb8029f1efa978586abe776908720bfcb1900c20c6ec5145f6f29d8 +"is-plain-obj@npm:^4.1.0": + version: 4.1.0 + resolution: "is-plain-obj@npm:4.1.0" + checksum: 10c0/32130d651d71d9564dc88ba7e6fda0e91a1010a3694648e9f4f47bb6080438140696d3e3e15c741411d712e47ac9edc1a8a9de1fe76f3487b0d90be06ac9975e + languageName: node + linkType: hard + +"is-stream@npm:^4.0.1": + version: 4.0.1 + resolution: "is-stream@npm:4.0.1" + checksum: 10c0/2706c7f19b851327ba374687bc4a3940805e14ca496dc672b9629e744d143b1ad9c6f1b162dece81c7bfbc0f83b32b61ccc19ad2e05aad2dd7af347408f60c7f + languageName: node + linkType: hard + +"is-unicode-supported@npm:^2.0.0": + version: 2.1.0 + resolution: "is-unicode-supported@npm:2.1.0" + checksum: 10c0/a0f53e9a7c1fdbcf2d2ef6e40d4736fdffff1c9f8944c75e15425118ff3610172c87bf7bc6c34d3903b04be59790bb2212ddbe21ee65b5a97030fc50370545a5 languageName: node linkType: hard @@ -661,20 +698,6 @@ __metadata: languageName: node linkType: hard -"merge-stream@npm:^2.0.0": - version: 2.0.0 - resolution: "merge-stream@npm:2.0.0" - checksum: 10c0/867fdbb30a6d58b011449b8885601ec1690c3e41c759ecd5a9d609094f7aed0096c37823ff4a7190ef0b8f22cc86beb7049196ff68c016e3b3c671d0dac91ce5 - languageName: node - linkType: hard - -"mimic-fn@npm:^4.0.0": - version: 4.0.0 - resolution: "mimic-fn@npm:4.0.0" - checksum: 10c0/de9cc32be9996fd941e512248338e43407f63f6d497abe8441fa33447d922e927de54d4cc3c1a3c6d652857acd770389d5a3823f311a744132760ce2be15ccbf - languageName: node - linkType: hard - "mimic-response@npm:^3.1.0": version: 3.1.0 resolution: "mimic-response@npm:3.1.0" @@ -859,12 +882,12 @@ __metadata: languageName: node linkType: hard -"npm-run-path@npm:^5.1.0": - version: 5.2.0 - resolution: "npm-run-path@npm:5.2.0" +"npm-run-path@npm:^5.2.0": + version: 5.3.0 + resolution: "npm-run-path@npm:5.3.0" dependencies: path-key: "npm:^4.0.0" - checksum: 10c0/7963c1f98e42afebe9524a08b0881477ec145aab34f6018842a315422b25ad40e015bdee709b697571e5efda2ecfa2640ee917d92674e4de1166fa3532a211b1 + checksum: 10c0/124df74820c40c2eb9a8612a254ea1d557ddfab1581c3e751f825e3e366d9f00b0d76a3c94ecd8398e7f3eee193018622677e95816e8491f0797b21e30b2deba languageName: node linkType: hard @@ -877,15 +900,6 @@ __metadata: languageName: node linkType: hard -"onetime@npm:^6.0.0": - version: 6.0.0 - resolution: "onetime@npm:6.0.0" - dependencies: - mimic-fn: "npm:^4.0.0" - checksum: 10c0/4eef7c6abfef697dd4479345a4100c382d73c149d2d56170a54a07418c50816937ad09500e1ed1e79d235989d073a9bade8557122aee24f0576ecde0f392bb6c - languageName: node - linkType: hard - "p-map@npm:^4.0.0": version: 4.0.0 resolution: "p-map@npm:4.0.0" @@ -895,6 +909,13 @@ __metadata: languageName: node linkType: hard +"parse-ms@npm:^4.0.0": + version: 4.0.0 + resolution: "parse-ms@npm:4.0.0" + checksum: 10c0/a7900f4f1ebac24cbf5e9708c16fb2fd482517fad353aecd7aefb8c2ba2f85ce017913ccb8925d231770404780df46244ea6fec598b3bde6490882358b4d2d16 + languageName: node + linkType: hard + "path-key@npm:^3.1.0": version: 3.1.1 resolution: "path-key@npm:3.1.1" @@ -941,6 +962,15 @@ __metadata: languageName: node linkType: hard +"pretty-ms@npm:^9.0.0": + version: 9.1.0 + resolution: "pretty-ms@npm:9.1.0" + dependencies: + parse-ms: "npm:^4.0.0" + checksum: 10c0/fd111aad8800a04dfd654e6016da69bdaa6fc6a4c280f8e727cffd8b5960558e94942f1a94d4aa6e4d179561a0fbb0366a9ebe0ccefbbb0f8ff853b129cdefb9 + languageName: node + linkType: hard + "proc-log@npm:^3.0.0": version: 3.0.0 resolution: "proc-log@npm:3.0.0" @@ -1004,7 +1034,7 @@ __metadata: version: 0.0.0-use.local resolution: "root-workspace-0b6124@workspace:." dependencies: - "@agoric/synthetic-chain": "patch:@agoric/synthetic-chain@npm%3A0.1.0#~/.yarn/patches/@agoric-synthetic-chain-npm-0.1.0-148de716a6.patch" + "@agoric/synthetic-chain": "npm:^0.3.0" "@types/better-sqlite3": "npm:^7.6.9" languageName: unknown linkType: soft @@ -1161,10 +1191,10 @@ __metadata: languageName: node linkType: hard -"strip-final-newline@npm:^3.0.0": - version: 3.0.0 - resolution: "strip-final-newline@npm:3.0.0" - checksum: 10c0/a771a17901427bac6293fd416db7577e2bc1c34a19d38351e9d5478c3c415f523f391003b42ed475f27e33a78233035df183525395f731d3bfb8cdcbd4da08ce +"strip-final-newline@npm:^4.0.0": + version: 4.0.0 + resolution: "strip-final-newline@npm:4.0.0" + checksum: 10c0/b0cf2b62d597a1b0e3ebc42b88767f0a0d45601f89fd379a928a1812c8779440c81abba708082c946445af1d6b62d5f16e2a7cf4f30d9d6587b89425fae801ff languageName: node linkType: hard @@ -1312,3 +1342,10 @@ __metadata: checksum: 10c0/2286b5e8dbfe22204ab66e2ef5cc9bbb1e55dfc873bbe0d568aa943eb255d131890dfd5bf243637273d31119b870f49c18fcde2c6ffbb7a7a092b870dc90625a languageName: node linkType: hard + +"yoctocolors@npm:^2.0.0": + version: 2.1.1 + resolution: "yoctocolors@npm:2.1.1" + checksum: 10c0/85903f7fa96f1c70badee94789fade709f9d83dab2ec92753d612d84fcea6d34c772337a9f8914c6bed2f5fc03a428ac5d893e76fab636da5f1236ab725486d0 + languageName: node + linkType: hard From 99b3d93b6112765de8f37a82ff7ef4ae0e6097af Mon Sep 17 00:00:00 2001 From: Michael FIG Date: Thu, 12 Sep 2024 17:06:20 -0600 Subject: [PATCH 2/3] ci(docker): use Depot for multiarch images --- .github/workflows/docker.yml | 204 +++++++++++++----------------- .github/workflows/integration.yml | 2 +- 2 files changed, 91 insertions(+), 115 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 21054c163d3..3958d197af0 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -12,6 +12,7 @@ on: workflow_dispatch: env: REGISTRY: ghcr.io + DOCKER_PLATFORMS: linux/amd64,linux/arm64/v8 jobs: snapshot: @@ -33,23 +34,35 @@ jobs: SNAPSHOT_TAG="${TIMESTAMP}-${SHORT_SHA}" echo "tag=$SNAPSHOT_TAG" >> $GITHUB_OUTPUT - docker-parallel-build: - needs: snapshot - runs-on: ubuntu-latest + docker-sdk: permissions: + # allow issuing OIDC tokens for this workflow run + id-token: write + # allow at least reading the repo contents, add other permissions if necessary contents: read + # to push the resulting images packages: write - strategy: - matrix: - platform: - - linux/amd64 - - linux/arm64/v8 + needs: snapshot + runs-on: 'depot-ubuntu-22.04-16' # ubuntu-latest + outputs: + tag: '${{ steps.docker-tags.outputs.tags }}' + tags: '${{ steps.docker-tags.outputs.tags }} ${{ needs.snapshot.outputs.tag }}' steps: - uses: actions/checkout@v4 + - uses: depot/setup-action@v1 + with: + oidc: true # to set DEPOT_TOKEN for later steps + - run: depot configure-docker + - name: Log in to the Container registry + uses: docker/login-action@v3 + # see https://docs.github.com/en/actions/publishing-packages/publishing-docker-images + with: + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + registry: ${{ env.REGISTRY }} - name: Save BUILD_TAG run: | - ARCH=$(echo '${{ matrix.platform }}' | tr / _) - echo "BUILD_TAG=${{ needs.snapshot.outputs.tag }}-$ARCH" >> $GITHUB_ENV + echo "BUILD_TAG=${{ needs.snapshot.outputs.tag }}" >> $GITHUB_ENV - name: Save GIT_REVISION run: echo "GIT_REVISION=$(git rev-parse HEAD)" >> $GITHUB_ENV - name: Save GIT_COMMIT @@ -57,85 +70,14 @@ jobs: - name: Save commit hash, url of submodules to environment run: | node packages/xsnap/src/build.js --show-env >> $GITHUB_ENV - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - with: - buildkitd-flags: --debug - - name: Login to Docker Registry - uses: docker/login-action@v2 - with: - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - registry: ${{ env.REGISTRY }} - name: Build and Push ssh-node - uses: docker/build-push-action@v4 + uses: depot/build-push-action@v1 with: file: packages/deployment/Dockerfile.ssh-node context: packages/deployment/docker - platforms: ${{ matrix.platform }} + platforms: ${{ env.DOCKER_PLATFORMS }} push: true tags: '${{ env.REGISTRY }}/agoric/ssh-node:${{ env.BUILD_TAG }}' - - name: Build and Push sdk - uses: docker/build-push-action@v4 - with: - file: packages/deployment/Dockerfile.sdk - context: ./ - platforms: ${{ matrix.platform }} - push: true - tags: '${{ env.REGISTRY }}/agoric/agoric-sdk:${{ env.BUILD_TAG }}' - # When changing/adding entries here, make sure to search the whole - # project for `@@AGORIC_DOCKER_SUBMODULES@@` - build-args: | - GIT_COMMIT=${{env.GIT_COMMIT}} - MODDABLE_COMMIT_HASH=${{env.MODDABLE_COMMIT_HASH}} - MODDABLE_URL=${{env.MODDABLE_URL}} - XSNAP_NATIVE_COMMIT_HASH=${{env.XSNAP_NATIVE_COMMIT_HASH}} - XSNAP_NATIVE_URL=${{env.XSNAP_NATIVE_URL}} - GIT_REVISION=${{env.GIT_REVISION}} - - name: Build and Push setup - uses: docker/build-push-action@v4 - with: - file: packages/deployment/Dockerfile - context: packages/deployment - platforms: ${{ matrix.platform }} - tags: '${{ env.REGISTRY }}/agoric/cosmic-swingset-setup:${{ env.BUILD_TAG }}' - push: true - build-args: | - TAG=${{ env.BUILD_TAG }} - - name: notify on failure - if: failure() - uses: ./.github/actions/notify-status - with: - webhook: ${{ secrets.SLACK_WEBHOOK_URL }} - from: ${{ secrets.NOTIFY_EMAIL_FROM }} - to: ${{ secrets.NOTIFY_EMAIL_TO }} - password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} - - # Publish the build's multiarch images to Docker Registry. - docker-sdk: - needs: [docker-parallel-build, snapshot] - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - outputs: - tag: '${{ steps.docker-tags.outputs.tags }}' - tags: '${{ steps.docker-tags.outputs.tags }} ${{ needs.snapshot.outputs.tag }}' - steps: - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - with: - buildkitd-flags: --debug - - name: Login to Docker Registry - uses: docker/login-action@v2 - with: - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - registry: ${{ env.REGISTRY }} - name: Compute tags id: docker-tags run: | @@ -168,30 +110,64 @@ jobs: DOCKER_TAGS="latest $SDK_TAG" ;; esac + DOCKER_TAGS="$DOCKER_TAGS $BUILD_TAG" echo "tags=$DOCKER_TAGS" >> $GITHUB_OUTPUT - - - name: Push SDK multiarch + - name: Prefix tags + id: prefix-tags run: | - set -ex - for IMAGE in agoric/agoric-sdk agoric/ssh-node agoric/cosmic-swingset-setup; do - for TAG in ${{ steps.docker-tags.outputs.tags }} ${{ needs.snapshot.outputs.tag }}; do - sources= - for ARCH in linux/amd64 linux/arm64/v8; do - uarch=$(echo "$ARCH" | tr / _) - BUILD_TAG="${{ needs.snapshot.outputs.tag }}-$uarch" - sources="$sources $REGISTRY/$IMAGE:$BUILD_TAG" - done - docker buildx imagetools create --tag "$REGISTRY/$IMAGE:$TAG"$sources - done + IMAGE="$REGISTRY/agoric/agoric-sdk" + for TAG in ${{ steps.docker-tags.outputs.tags }}; do + PREFIXED="$PREFIXED$sep$IMAGE:$TAG" + sep=, done + echo "tags=$PREFIXED" >> $GITHUB_OUTPUT + - name: Build and Push sdk + uses: depot/build-push-action@v1 + with: + file: packages/deployment/Dockerfile.sdk + context: ./ + platforms: ${{ env.DOCKER_PLATFORMS }} + push: true + tags: '${{ steps.prefix-tags.outputs.tags }}' + # When changing/adding entries here, make sure to search the whole + # project for `@@AGORIC_DOCKER_SUBMODULES@@` + build-args: | + GIT_COMMIT=${{env.GIT_COMMIT}} + MODDABLE_COMMIT_HASH=${{env.MODDABLE_COMMIT_HASH}} + MODDABLE_URL=${{env.MODDABLE_URL}} + XSNAP_NATIVE_COMMIT_HASH=${{env.XSNAP_NATIVE_COMMIT_HASH}} + XSNAP_NATIVE_URL=${{env.XSNAP_NATIVE_URL}} + GIT_REVISION=${{env.GIT_REVISION}} + - name: Build and Push setup + uses: depot/build-push-action@v1 + with: + file: packages/deployment/Dockerfile + context: packages/deployment + platforms: ${{ env.DOCKER_PLATFORMS }} + tags: '${{ env.REGISTRY }}/agoric/cosmic-swingset-setup:${{ env.BUILD_TAG }}' + push: true + build-args: | + TAG=${{ env.BUILD_TAG }} + - name: notify on failure + if: failure() + uses: ./.github/actions/notify-status + with: + webhook: ${{ secrets.SLACK_WEBHOOK_URL }} + from: ${{ secrets.NOTIFY_EMAIL_FROM }} + to: ${{ secrets.NOTIFY_EMAIL_TO }} + password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} # This is currently needed for the relayer integration test framework. # It just runs agoric/agoric-sdk with a "single-node" argument. docker-ibc-alpha: needs: [docker-sdk, snapshot] - runs-on: ubuntu-latest + runs-on: 'depot-ubuntu-22.04-16' # ubuntu-latest permissions: + # allow issuing OIDC tokens for this workflow run + id-token: write + # allow at least reading the repo contents, add other permissions if necessary contents: read + # to push the resulting images packages: write if: ${{ needs.docker-sdk.outputs.tag }} != dev steps: @@ -207,24 +183,22 @@ jobs: sep=, done echo "tags=$PREFIXED" >> $GITHUB_OUTPUT - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + - uses: depot/setup-action@v1 with: - buildkitd-flags: --debug + oidc: true # to set DEPOT_TOKEN for later steps + - run: depot configure-docker - name: Login to Docker Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - name: Build and Push - uses: docker/build-push-action@v4 + uses: depot/build-push-action@v1 with: file: packages/deployment/Dockerfile.ibc-alpha context: packages/deployment/docker - platforms: linux/amd64,linux/arm64/v8 + platforms: ${{ env.DOCKER_PLATFORMS }} push: true tags: '${{ steps.prefix-tags.outputs.tags }}' build-args: | @@ -240,9 +214,13 @@ jobs: docker-solo: needs: [docker-sdk, snapshot] - runs-on: ubuntu-latest + runs-on: 'depot-ubuntu-22.04-16' # ubuntu-latest permissions: + # allow issuing OIDC tokens for this workflow run + id-token: write + # allow at least reading the repo contents, add other permissions if necessary contents: read + # to push the resulting images packages: write steps: - uses: actions/checkout@v4 @@ -257,24 +235,22 @@ jobs: sep=, done echo "tags=$PREFIXED" >> $GITHUB_OUTPUT - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + - uses: depot/setup-action@v1 with: - buildkitd-flags: --debug + oidc: true # to set DEPOT_TOKEN for later steps + - run: depot configure-docker - name: Login to Docker Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} registry: ${{ env.REGISTRY }} - name: Build and Push - uses: docker/build-push-action@v4 + uses: depot/build-push-action@v1 with: file: packages/solo/Dockerfile context: packages/solo - platforms: linux/amd64,linux/arm64/v8 + platforms: ${{ env.DOCKER_PLATFORMS }} push: true tags: '${{ steps.prefix-tags.outputs.tags }}' build-args: | diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index 2590ef712a3..a01d25ebad1 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -248,7 +248,7 @@ jobs: with: node-version: '18.x' # Rebuilding the SDK image with resolved endo packages is not currently supported - # and since we can't build core eval submissions form the SDK using a newer endo, + # and since we can't build core eval submissions from the SDK using a newer endo, # simply ignore any endo branch integration (this means we don't have full coverage) ignore-endo-branch: 'true' id: restore-node From 91d29901b62d4039af3f54fa04609e9816a4355f Mon Sep 17 00:00:00 2001 From: Michael FIG Date: Thu, 12 Sep 2024 17:24:00 -0600 Subject: [PATCH 3/3] ci(docker): stop building obsolete `ibc-alpha` --- .github/workflows/docker.yml | 55 ------------------------------------ 1 file changed, 55 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 3958d197af0..bbc34f77819 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -157,61 +157,6 @@ jobs: to: ${{ secrets.NOTIFY_EMAIL_TO }} password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} - # This is currently needed for the relayer integration test framework. - # It just runs agoric/agoric-sdk with a "single-node" argument. - docker-ibc-alpha: - needs: [docker-sdk, snapshot] - runs-on: 'depot-ubuntu-22.04-16' # ubuntu-latest - permissions: - # allow issuing OIDC tokens for this workflow run - id-token: write - # allow at least reading the repo contents, add other permissions if necessary - contents: read - # to push the resulting images - packages: write - if: ${{ needs.docker-sdk.outputs.tag }} != dev - steps: - - uses: actions/checkout@v4 - - name: Save SDK_TAG - run: echo "SDK_TAG=${{ needs.snapshot.outputs.tag }}" >> $GITHUB_ENV - - name: Prefix tags - id: prefix-tags - run: | - IMAGE="$REGISTRY/agoric/agoric-sdk" - for TAG in ibc-alpha; do - PREFIXED="$PREFIXED$sep$IMAGE:$TAG" - sep=, - done - echo "tags=$PREFIXED" >> $GITHUB_OUTPUT - - uses: depot/setup-action@v1 - with: - oidc: true # to set DEPOT_TOKEN for later steps - - run: depot configure-docker - - name: Login to Docker Registry - uses: docker/login-action@v3 - with: - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - registry: ${{ env.REGISTRY }} - - name: Build and Push - uses: depot/build-push-action@v1 - with: - file: packages/deployment/Dockerfile.ibc-alpha - context: packages/deployment/docker - platforms: ${{ env.DOCKER_PLATFORMS }} - push: true - tags: '${{ steps.prefix-tags.outputs.tags }}' - build-args: | - SDK_TAG=${{env.SDK_TAG}} - - name: notify on failure - if: failure() - uses: ./.github/actions/notify-status - with: - webhook: ${{ secrets.SLACK_WEBHOOK_URL }} - from: ${{ secrets.NOTIFY_EMAIL_FROM }} - to: ${{ secrets.NOTIFY_EMAIL_TO }} - password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} - docker-solo: needs: [docker-sdk, snapshot] runs-on: 'depot-ubuntu-22.04-16' # ubuntu-latest