TrustEVM Contract CI #293
TrustEVM Contract CI #293
Conversation
kj4ezj
added
the
CICD
kj4ezj
force-pushed
the
zach-contract-ci
branch
from
a4daeae
to
36b72ae
Compare
kj4ezj
force-pushed
the
zach-contract-ci
branch
from
ef40551
to
f022552
Compare
kj4ezj
force-pushed
the
zach-contract-ci
branch
from
cbf3b51
to
052aee3
Compare
…ll pipelines can coexist in a folder without name conflicts
…vate repos, then use it to clone private submodules
This reverts commit 539e41c.
kj4ezj
force-pushed
the
zach-contract-ci
branch
from
052aee3
to
16f8456
Compare
|
Yeah, I do wonder if we should go ahead and let it run to failure now, just so we have a history. Or even |
| ee mkdir -p contract/tests/build | ||
| ee pushd contract/tests | ||
| ee pushd build | ||
| ee "cmake -Deosio_DIR=$Deosio_DIR .." |
There was a problem hiding this comment.
I would recommend adding -DCMAKE_BUILD_TYPE=Release. It shouldn't matter much, but every little bit helps.
Also, did you need the -Deosio_DIR thing? afaik that should not be required
There was a problem hiding this comment.
Actually just tested, the difference is more on the order of 25%, so highly recommend doing Release here
There was a problem hiding this comment.
Also, did you need the
-Deosio_DIRthing? afaik that should not be required
Apparently not, though my previous testing had indicated otherwise. Removed.
There was a problem hiding this comment.
I would recommend adding
-DCMAKE_BUILD_TYPE=Release. It shouldn't matter much, but every little bit helps.
Done. Thank you!
|
Not sure if it should be part of this PR, but alone with unittests would like to have |
Remove "-Deosio_DIR" cmake Flag from Contract Tests
… to CI logs so devs don't have to go searching for them
|
I have opened pull request 312 for test work. |
From TrustEVM issue 242, this pull request adds a GitHub Actions workflow to build the TrustEVM contract and contract unit test(s) per the instructions in the
README.md. This also includes pipeline documentation, which is linked to from the rootREADME.mdand is attached at the bottom of the build summary in each build.Example Builds
This is a separate GitHub Actions workflow from the TrustEVM node because these builds do not depend upon each other, so they can be run in parallel and their build outcomes can be considered independently.
github-app-token-action
This workflow uses the AntelopeIO/github-app-token-action GitHub action to assume the role of a GitHub application installed to the AntelopeIO organization to clone the private submodules. It requests an API key from the GitHub app, clones everything, then the key expires. This is advantageous over a persistent API key from a GitHub service account because this does not consume a paid user seat, the "account" associated with the app cannot be logged into in the GitHub web UI, the app is scoped to exactly the permissions it needs to perform the clones for this repo and nothing more, and the API key expires very quickly so a bad actor who exfiltrates this key from the CI system will find it is not useful.
The downside is that if TrustEVM adds additional private submodules, the GitHub app must be granted permissions to these new submodules. The CI system will not work until this happens. Please reach out to me via IM in the
#help-automationengineering channel to have this done.Future Work
There are several potential avenues for potential follow-up work.
Runners
This CI system currently uses the "free" and public GitHub Actions runners. This workflow completes in five to six minutes, which is reasonable but not ideal. It may complete much faster running on our own VMs but this comes at the expense of effort to implement this and cloud compute costs. Another thing is the node build took ~80 minutes on the public runners. If we put that on private runners, it may still take longer than six minutes. In that case, there is no point paying to run these builds.
In any case, this can be done in a future pull request.
Tests
The tests do not pass for me and I was informed on 2023-01-12 they are not expected to pass, so they are built but not run by CI.
If the TrustEVM contract unit test(s) end up in a good state and the team wants me to add them to CI, please open a new follow-up issue and shoot me a link via IM.
See Also
.gitignore.gitignore-Deosio_DIRcmakeFlag from Contract Tests