forked from aptos-labs/aptos-core
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.yml
498 lines (486 loc) · 18.9 KB
/
config.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
version: 2.1
orbs:
aws-cli: circleci/[email protected]
aws-ecr: circleci/[email protected]
gcp-gcr: circleci/[email protected]
kubernetes: circleci/[email protected]
slack: circleci/[email protected]
executors:
ubuntu-medium:
machine:
image: ubuntu-2004:current
resource_class: medium
ubuntu-xl:
machine:
image: ubuntu-2004:current
resource_class: xlarge
ubuntu-2xl:
machine:
image: ubuntu-2004:current
resource_class: 2xlarge
jobs:
build-benchmarks:
executor: ubuntu-xl
steps:
- dev-setup
- run: cargo x bench --no-run
lint:
executor: ubuntu-xl
steps:
- dev-setup
- run: sudo apt-get install shellcheck --assume-yes --no-install-recommends
- run: shellcheck scripts/dev_setup.sh
- run: shellcheck scripts/dockerhub_prune.sh
- run: shellcheck docker/build_push.sh
- run: shellcheck docker/docker_republish.sh
- run: shellcheck scripts/weekly-dep-report.sh
- run: cargo x lint
- run: cargo xclippy --workspace --all-targets
- run: cargo xfmt --check
# Temporary workaround for unsorted hakari generated Cargo files (https://github.com/DevinR528/cargo-sort/issues/38).
- run: cargo sort --grouped crates/aptos-workspace-hack
- run: cargo sort --grouped --check --workspace
e2e-test:
executor: ubuntu-2xl
steps:
- dev-setup
- run: docker run --detach -p 5432:5432 cimg/postgres:14.2
- run: echo "export RUST_BACKTRACE=full" >> $BASH_ENV
- run: echo "export INDEXER_DATABASE_URL=postgresql://postgres@localhost/postgres" >> $BASH_ENV
# --test-threads is intentionally set to reduce resource contention in ci jobs. Increasing this, increases job failures and retries
- run: cargo nextest --nextest-profile ci --partition hash:1/1 --package smoke-test --test-threads 6 --retries 3
unit-test:
executor: ubuntu-2xl
steps:
- dev-setup
- run: cargo xtest --doc --unit --changed-since "origin/main"
- run: docker run --detach -p 5432:5432 cimg/postgres:14.2
- run: echo "export INDEXER_DATABASE_URL=postgresql://postgres@localhost/postgres" >> $BASH_ENV
- run: cargo nextest --nextest-profile ci --partition hash:1/1 --unit --exclude backup-cli --changed-since "origin/main"
docker-build-push:
executor: ubuntu-medium
parameters:
addl_tag:
description: Additional image tag
type: string
default: latest
steps:
- checkout
- aws-setup
- run: echo "export IMAGE_TAG=dev_$(git rev-parse --short=8 HEAD)" >> $BASH_ENV
- run: echo "export ADDL_IMAGE_TAG=<<parameters.addl_tag>>_$(git rev-parse --short=8 HEAD)" >> $BASH_ENV
- run:
name: Build or skip
shell: /bin/bash
command: |
# Check if an image is already built at this image tag
MANIFEST=$(aws ecr batch-get-image --repository-name aptos/validator --image-ids imageTag=$IMAGE_TAG --query 'images[].imageManifest' --output text)
echo $MANIFEST
if [ -z "$MANIFEST" ]; then
echo "Image tag $IMAGE_TAG not present. Starting build all..."
./docker/build-aws.sh --build-all --version $(git rev-parse --short=8 HEAD) --addl_tags "<<parameters.addl_tag>>,${ADDL_IMAGE_TAG}"
else
echo "Image tag $IMAGE_TAG already present. Skipping build..."
echo "Continue retagging to <<parameters.addl_tag>>"
ret=0
for img in "${AWS_ECR_IMAGES[@]}"
do
# Get the image manifest for the already-built image and put it at different image tags
MANIFEST=$(aws ecr batch-get-image --repository-name aptos/${img} --image-ids imageTag=$IMAGE_TAG --query 'images[].imageManifest' --output text)
put_img_out=$(aws ecr put-image --repository-name aptos/${img} --image-tag "<<parameters.addl_tag>>" --image-manifest "$MANIFEST" 2>&1)
put_img_out_addl=$(aws ecr put-image --repository-name aptos/${img} --image-tag "${ADDL_IMAGE_TAG}" --image-manifest "$MANIFEST" 2>&1)
ret=$?
# ok if image tag exists and cannot overwrite
echo $put_img_out $put_img_out_addl | grep 'ImageAlreadyExistsException' && ret=0
done
exit $ret
fi
build-push-community-platform:
executor: ubuntu-medium
steps:
- checkout
- aws-setup
- aws-ecr-setup
- gcp-gcr/gcr-auth:
registry-url: us-west1-docker.pkg.dev
- run: echo $GITHUB_CONTAINER_REGISTRY_TOKEN | docker login ghcr.io -u USERNAME --password-stdin
- run:
name: Build or skip
shell: /bin/bash
command: |
set -e
cd ecosystem/platform/server
docker buildx create --use
GIT_SHA1=${CIRCLE_SHA1} docker buildx bake --progress=plain --push -f ./docker-bake.hcl
ecr-dockerhub-mirror:
executor: ubuntu-medium
parameters:
addl_tag:
description: Additional image tag
type: string
default: main
steps:
- checkout
- aws-setup
- aws-ecr-setup
- run: echo "export IMAGE_TAG=dev_$(git rev-parse --short=8 HEAD)" >> $BASH_ENV
- run: echo "export ADDL_IMAGE_TAG=<<parameters.addl_tag>>_$(git rev-parse --short=8 HEAD)" >> $BASH_ENV
- run:
name: Get latest built main image
shell: /bin/bash
command: |
ret=0
for img in "${AWS_ECR_IMAGES[@]}"
do
docker pull "${AWS_ECR_ACCOUNT_URL}/aptos/${img}:${IMAGE_TAG}" || ret=$?
done
exit $ret
- dockerhub-setup
- run:
name: Tag image
shell: /bin/bash
command: |
ret=0
for img in "${DOCKERHUB_IMAGES[@]}"
do
docker tag "${AWS_ECR_ACCOUNT_URL}/aptos/${img}:${IMAGE_TAG}" "${DOCKERHUB_ORG}/${img}:${IMAGE_TAG}"
docker tag "${AWS_ECR_ACCOUNT_URL}/aptos/${img}:${IMAGE_TAG}" "${DOCKERHUB_ORG}/${img}:<<parameters.addl_tag>>"
docker tag "${AWS_ECR_ACCOUNT_URL}/aptos/${img}:${IMAGE_TAG}" "${DOCKERHUB_ORG}/${img}:${ADDL_IMAGE_TAG}" || ret=$?
done
exit $ret
- run:
name: Push image to Dockerhub
shell: /bin/bash
command: |
ret=0
for img in "${DOCKERHUB_IMAGES[@]}"
do
docker push "${DOCKERHUB_ORG}/${img}:${IMAGE_TAG}"
docker push "${DOCKERHUB_ORG}/${img}:<<parameters.addl_tag>>"
docker push "${DOCKERHUB_ORG}/${img}:${ADDL_IMAGE_TAG}" || ret=$?
done
exit $ret
forge-k8s-test:
executor: ubuntu-medium
steps:
- run:
name: Check Forge killswitch
shell: /bin/bash
command: |
if [ -n "$FORGE_ENABLED" ]; then
exit 0
fi
circleci-agent step halt
- checkout
- aws-setup
- deploy-setup
- run: echo "export IMAGE_TAG=dev_$(git rev-parse --short=8 HEAD)" >> $BASH_ENV
# since we're running with `--build-all`, assume that if it passes, we have all images required for Forge
- run: aws ecr describe-images --repository-name="aptos/validator" --image-ids=imageTag=$IMAGE_TAG
# XXX: make forge non-blocking for now
- run:
name: Run Forge
shell: /bin/bash
command: |
FGI_REPRO_CMD="./scripts/fgi/run --tag $IMAGE_TAG --suite land_blocking --report forge_report.json"
eval $FGI_REPRO_CMD
FGI_EXIT_CODE=$?
echo "export FGI_REPRO_CMD='$FGI_REPRO_CMD'" >> $BASH_ENV
echo "export FGI_EXIT_CODE=$FGI_EXIT_CODE" >> $BASH_ENV
- run:
name: Post Forge test results
shell: /bin/bash
command: |
commit_message=$(git log -1 --pretty=%B)
PR_NUMBER=$(echo "${commit_message}" | grep 'Closes: #' | tail -1 | sed 's/Closes: #//')
echo "Repro: $FGI_REPRO_CMD"
FORGE_REPORT_TXT=$(cat forge_report.json | jq -r .text)
echo "export FORGE_REPORT_TXT='$FORGE_REPORT_TXT'" >> $BASH_ENV
cat \<<EOF > forge_comment.txt
Forge run: ${CIRCLE_BUILD_URL}
Forge test result: \`${FORGE_REPORT_TXT}\`
EOF
# replace all newlines
FORGE_COMMENT=$(awk '{printf "%s\\n", $0}' forge_comment.txt)
# post github comment on the PR
curl -s -H "Authorization: token ${FORGE_GH_TOKEN}" \
-X POST -d "{\"body\": \"${FORGE_COMMENT}\"}" \
"https://api.github.com/repos/${CIRCLE_PROJECT_USERNAME}/${CIRCLE_PROJECT_REPONAME}/issues/${PR_NUMBER}/comments"
exit 0
- slack/notify:
custom: |
{
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "[fgi($FGI_EXIT_CODE)] <$CIRCLE_BUILD_URL|Forge run> for $IMAGE_TAG: `$FORGE_REPORT_TXT`"
}
}
]
}
- run:
name: Check Forge status
shell: /bin/bash
command: |
if [ -n "$FORGE_BLOCKING" ]; then
exit $FGI_EXIT_CODE
fi
exit 0
ecosystem-lint:
executor: ubuntu-medium
steps:
- ecosystem-setup
# install packages for examples
- run: cd ./ecosystem/typescript/sdk/examples/typescript && yarn install
- run: cd ./ecosystem/typescript/sdk/examples/javascript && yarn install
# Run package build+lint + tests
- run: cd ./ecosystem/typescript/sdk && yarn install
- run: cd ./ecosystem/typescript/sdk && yarn lint
- run: cd ./ecosystem/typescript/sdk && yarn fmt:check
ecosystem-test:
executor: ubuntu-xl
steps:
- run:
name: Check docker compose killswitch
shell: /bin/bash
command: |
if [ -n "$DOCKER_COMPOSE_ENABLED" ]; then
exit 0
fi
circleci-agent step halt
- docker-compose-setup
- run:
name: Check docker-compose status
shell: /bin/bash
command: |
if [ -n "$DOCKER_COMPOSE_BLOCKING" ]; then
exit $DOCKER_COMPOSE_EXIT_CODE
fi
circleci-agent step halt
- ecosystem-setup
# Run package install, test, build
- run: cd ./ecosystem/typescript/sdk && yarn install
- run: cd ./ecosystem/typescript/sdk && yarn test
- run: cd ./ecosystem/typescript/sdk && yarn build
workflows:
### on bors action ###
# Build the PR binaries and run various tests
# Build the Docker images and run Forge tests
build-push-community-platform:
jobs:
- build-push-community-platform:
context:
- aws-dev
- gcp-global
build-test-deploy:
when:
not:
equal: [main, << pipeline.git.branch >>]
jobs:
# - build-benchmarks
- e2e-test
- lint
- ecosystem-lint
- unit-test
- docker-build-push:
context: aws-dev
- ecosystem-test:
context: aws-dev
requires:
- docker-build-push
- forge-k8s-test:
context: aws-dev
requires:
- docker-build-push
### on devnet branch update ###
# Ensure the latest is built on the "devnet" branch, and mirror from ECR to Dockerhub
devnet-branch-cut:
when:
equal: [devnet, << pipeline.git.branch >>]
jobs:
- docker-build-push:
context: aws-dev
addl_tag: devnet
- ecr-dockerhub-mirror:
context:
- aws-dev
- docker-aptoslabsbots
addl_tag: devnet
requires:
- docker-build-push
### on testnet branch update ###
# Ensure the latest is built on the "testnet" branch, and mirror from ECR to Dockerhub
testnet-branch-cut:
when:
equal: [testnet, << pipeline.git.branch >>]
jobs:
- docker-build-push:
context: aws-dev
addl_tag: testnet
- ecr-dockerhub-mirror:
context:
- aws-dev
- docker-aptoslabsbots
addl_tag: testnet
requires:
- docker-build-push
### on continuous_push scheduled pipeline ###
# Build the latest on "main" branch
continuous-push:
when:
and:
- equal: [scheduled_pipeline, << pipeline.trigger_source >>]
- equal: ["continuous_push", << pipeline.schedule.name >>]
jobs:
- docker-build-push:
context: aws-dev
addl_tag: main
### on nightly scheduled pipeline ###
# Ensure the latest on "main" branch is built, and mirror from ECR to Dockerhub
nightly:
when:
and:
- equal: [scheduled_pipeline, << pipeline.trigger_source >>]
- equal: ["nightly", << pipeline.schedule.name >>]
jobs:
- docker-build-push:
context: aws-dev
addl_tag: main
- ecr-dockerhub-mirror:
context:
- aws-dev
- docker-aptoslabsbots
addl_tag: main
requires:
- docker-build-push
commands:
dev-setup:
steps:
- checkout
- run: sudo apt-get update
- run: sudo apt-get install build-essential ca-certificates clang curl git libpq-dev libssl-dev pkg-config --no-install-recommends --assume-yes
- run: curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain stable
- run: cat $HOME/.cargo/env >> $BASH_ENV
- run: cargo install cargo-sort
deploy-setup:
steps:
- kubernetes/install-kubectl:
kubectl-version: v1.23.4
- run:
name: Install Helm
# https://helm.sh/docs/intro/install/#from-apt-debianubuntu
command: |
curl https://baltocdn.com/helm/signing.asc | sudo apt-key add -
sudo apt-get install apt-transport-https --yes
echo "deb https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm
local-deploy-setup:
steps:
- run:
name: Install Docker Compose
command: |
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version
### Sets up the permissions required for accessing AWS resources
aws-setup:
steps:
- aws-cli/install
# uses envs AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION
- aws-cli/setup
### Sets up the permissions for using AWS ECR from Docker
aws-ecr-setup:
steps:
- run:
name: Compose AWS Env Variables
command: |
echo 'export AWS_ECR_ACCOUNT_URL="${AWS_ECR_ACCOUNT_NUM}.dkr.ecr.${AWS_REGION}.amazonaws.com"' >> $BASH_ENV
echo "export AWS_ECR_IMAGES=( validator forge init validator_tcb tools faucet txn-emitter indexer )" >> $BASH_ENV
- aws-ecr/ecr-login
### Sets up the permissions for using Dockerhub
dockerhub-setup:
steps:
- run:
name: Docker login
command: |
echo $DOCKERHUB_PASSWORD | docker login -u $DOCKERHUB_USERNAME --password-stdin
- run:
name: Compose DockerHub Env Variables
command: |
# the images that exist in dockerhub org
echo "export DOCKERHUB_ORG=aptoslab" >> $BASH_ENV
echo "export DOCKERHUB_IMAGES=( validator forge init validator_tcb tools faucet indexer )" >> $BASH_ENV
ecosystem-setup:
steps:
- checkout
- run:
name: Install Node + Yarn
command: |
# Set up Node
export NODE_VERSION=16.14.2
curl -L -o node.tar.xz "https://nodejs.org/dist/v${NODE_VERSION}/node-v${NODE_VERSION}-linux-x64.tar.xz"
sudo tar -xJf node.tar.xz -C /usr/local --strip-components=1
rm node.tar.xz
sudo ln -s /usr/local/bin/node /usr/local/bin/nodejs
# Set up Yarn
export PATH=~/.yarn/bin:$PATH
export YARN_VERSION=1.22.17
curl -L -o yarn.tar.gz "https://yarnpkg.com/downloads/${YARN_VERSION}/yarn-v${YARN_VERSION}.tar.gz"
sudo tar -xzf yarn.tar.gz -C /opt/
rm yarn.tar.gz
sudo ln -s /opt/yarn-v${YARN_VERSION}/bin/yarn /usr/local/bin/yarn
sudo ln -s /opt/yarn-v${YARN_VERSION}/bin/yarnpkg /usr/local/bin/yarnpkg
docker-compose-setup:
steps:
- checkout
- aws-setup
- aws-ecr-setup
- local-deploy-setup
- run: echo "export IMAGE_TAG=dev_$(git rev-parse --short=8 HEAD)" >> $BASH_ENV
# since we're running with `--build-all`, assume that if it passes, we have all images required for Forge
- run: aws ecr describe-images --repository-name="aptos/validator" --image-ids=imageTag=$IMAGE_TAG
- run:
name: Set Node/Faucet URLs
command: |
echo 'export APTOS_NODE_URL="http://localhost:8080"' >> $BASH_ENV
echo 'export APTOS_FAUCET_URL="http://localhost:8000"' >> $BASH_ENV
- run:
name: Start local testnet docker-compose and verify up
shell: /bin/bash
working_directory: docker/compose/validator-testnet
command: |
export VALIDATOR_IMAGE_REPO=${AWS_ECR_ACCOUNT_URL}/aptos/validator
export FAUCET_IMAGE_REPO=${AWS_ECR_ACCOUNT_URL}/aptos/faucet
DOCKER_COMPOSE_EXIT_CODE=1
# try a total of 5 times (5 min timeout) to bring up a docker-compose testnet
for i in $(seq 1 5); do
docker-compose down || true # try bringing down ay existing testnets
docker-compose up -d
for j in $(seq 60); do
curl -s -w "\n%{http_code}\n" localhost:8080 | tee >(tail -1 > validator_ret.txt)
curl -s -w "\n%{http_code}\n" -X POST 'localhost:8000/mint?pub_key=459c77a38803bd53f3adee52703810e3a74fd7c46952c497e75afb0a7932586d&amount=20000000' \
| tee >(tail -1 > faucet_ret.txt)
if [ "$(cat validator_ret.txt)" = "200" ] && [ "$(cat faucet_ret.txt)" = "200" ]; then
echo "Both validator and faucet healthy"
DOCKER_COMPOSE_EXIT_CODE=0
break
fi
sleep 1
done
if [ "$DOCKER_COMPOSE_EXIT_CODE" = "0" ]; then
break
fi
echo "DOCKER_COMPOSE_EXIT_CODE = $DOCKER_COMPOSE_EXIT_CODE, trying compose again..."
done
echo "export DOCKER_COMPOSE_EXIT_CODE=$DOCKER_COMPOSE_EXIT_CODE" >> $BASH_ENV
- run:
name: Check docker-compose resources
shell: /bin/bash
working_directory: docker/compose/validator-testnet
command: |
set -x
docker container ls -a
docker-compose logs