diff --git a/.dockerignore b/.dockerignore index f4ceea7856..6ec026e904 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1 +1,7 @@ **/target/ +.github/ +!scripts/install_toolchain.sh +docker-compos +.gitignore +docker +README.md \ No newline at end of file diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index cc569a5487..8429e0298c 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2,6 +2,8 @@ ## Changes to .github .github/* @mustermeiszer @NunoAlexandre @lemunozm +.github/workflows @gpmayorga @wischli +.github/actions @gpmayorga @wischli ## Changes to ci ci/* @mustermeiszer @NunoAlexandre @lemunozm diff --git a/.github/actions/prep-ubuntu/action.yml b/.github/actions/prep-ubuntu/action.yml new file mode 100644 index 0000000000..61420caac3 --- /dev/null +++ b/.github/actions/prep-ubuntu/action.yml @@ -0,0 +1,40 @@ +name: Prepare Ubuntu for Rust builds +description: cleanup and Rust Tools setup +inputs: + cache: + description: cache type (enabled if set) + default: "disabled" + GWIP: + description: "Google Workload identity provider" + default: '' + GSA: + description: "Google Service Account" + default: '' +runs: + using: composite + steps: + - name: Prep build on Ubuntu + id: ubuntu_prep + shell: sh + run: | + echo "Pre cleanup" + df -h + sudo rm -rf "/usr/local/share/boost" + sudo rm -rf "$AGENT_TOOLSDIRECTORY" + echo "Post cleanup" + df -h + sudo apt-get install protobuf-compiler + + - name: Install toolchain from rust-toolchain.toml + shell: sh + run: scripts/install_toolchain.sh + + - name: SCcache setup + if: ${{ inputs.cache == 'enabled' }} + uses: ./.github/actions/sccache-gcloud + with: + GWIP: ${{ inputs.GWIP }} + GSA: ${{ inputs.GSA }} + + + diff --git a/.github/actions/sccache-gcloud/action.yml b/.github/actions/sccache-gcloud/action.yml new file mode 100644 index 0000000000..cd9b0accfb --- /dev/null +++ b/.github/actions/sccache-gcloud/action.yml @@ -0,0 +1,42 @@ +name: Install SCcache w/ GCloud bucket +description: Configure Scache to use a Gcloud bucket through workload identity + +inputs: + GWIP: + description: Google Workflow Identity provider + required: true + GSA: + description: Google Service Account + required: true +runs: + using: composite + steps: + + - name: Auth gcloud + id: gauth + uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033 # @v1.1.1 + with: + workload_identity_provider: ${{ inputs.GWIP }} + service_account: ${{ inputs.GSA }} + + - name: Run sccache-cache + uses: mozilla-actions/sccache-action@8417cffc2ec64127ad83077aceaa8631f7cdc83e #v0.0.3 + + - name: set GCS bucket sccache variables + shell: bash + run: | + echo "SCCACHE_GCS_BUCKET=centrifuge-chain-sccache-backend" >> $GITHUB_ENV + echo "SCCACHE_GCS_RW_MODE=READ_WRITE" >> $GITHUB_ENV + # The gauth step should already take care of this: + # echo "SCCACHE_GCS_KEY_PATH=${{ steps.gauth.credentials_file_path }}" >> $GITHUB_ENV + + - name: setup Rust sccache wrapper + if: ${{ inputs.cache == 'enabled' }} + shell: bash + run: | + echo "RUSTC_WRAPPER=sccache" >> $GITHUB_ENV + echo "CARGO_INCREMENTAL=false" >> $GITHUB_ENV # https://github.com/mozilla/sccache#rust + + - name: Run sccache stat for check + shell: bash + run: ${SCCACHE_PATH} --show-stats \ No newline at end of file diff --git a/.github/workflows/benchmark-check.yml b/.github/workflows/benchmark-check.yml deleted file mode 100644 index cca5343ae5..0000000000 --- a/.github/workflows/benchmark-check.yml +++ /dev/null @@ -1,40 +0,0 @@ -on: - push: - branches: [main, 'release-v**'] - pull_request: -name: Check Benchmarks -jobs: - tests: - name: ${{ matrix.target }} - strategy: - matrix: - os: [ubuntu-latest] - target: [benchmark-check] - runtime: [development, altair, centrifuge] - runs-on: ${{ matrix.os }} - env: - RUST_TOOLCHAIN: "nightly-2023-10-26" - steps: - - name: Prep build on Ubuntu - if: ${{ matrix.os }} == 'ubuntu-latest' - run: | - echo "Pre cleanup" - df -h - sudo rm -rf "/usr/local/share/boost" - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - echo "Post cleanup" - df -h - sudo apt-get install protobuf-compiler - - name: Check out code - uses: actions/checkout@v3 - - name: Install latest nightly - uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 - with: - toolchain: ${{ env.RUST_TOOLCHAIN }} - default: true - - uses: Swatinem/rust-cache@cb2cf0cc7c5198d3364b9630e2c3d457f160790c - - name: Run fast benchmarks - run: ./ci/script.sh - env: - TARGET: ${{ matrix.target }} - RUNTIME: ${{ matrix.runtime }} diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml deleted file mode 100644 index 468a202bac..0000000000 --- a/.github/workflows/benchmark.yml +++ /dev/null @@ -1,91 +0,0 @@ -name: Benchmark -on: - issue_comment: - types: [created] -jobs: - benchmark: - permissions: - pull-requests: write - name: benchmark - runs-on: ubuntu-latest-4-cores - if: ${{ startsWith(github.event.comment.body, '/benchmark ') && github.event.issue.pull_request && contains(github.event.comment.author_association, 'CONTRIBUTOR') }} - env: - RUST_TOOLCHAIN: "nightly-2023-10-26" - steps: - - uses: actions/github-script@v6 - name: Parse Runtime From Comment - id: parse-runtime - with: - result-encoding: string - script: | - console.log("Comment body", context.payload.comment.body) - const [, , runtime] = context.payload.comment.body.split(/\W+/) - if (!['centrifuge', 'altair'].includes(runtime)) throw new Error('Unsupported Runtime: ${runtime}') - return `${runtime}` - - uses: actions/github-script@v6 - name: Acknowledge Run Comment - id: ack-run-comment - with: - script: | - const comment = await github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: `:clock1: Running Benchmarks for \`${{steps.parse-runtime.outputs.result}}\` :clock1:` - }) - return comment.data.id - - name: Prep build on Ubuntu - run: | - echo "Pre cleanup" - df -h - sudo rm -rf "/usr/local/share/boost" - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - echo "Post cleanup" - df -h - sudo apt-get install protobuf-compiler - - name: Get PR Hash - id: get_pr_hash - uses: actions/github-script@v6 - with: - result-encoding: string - script: | - const number = context.payload.issue.number; - const pr = await github.rest.pulls.get({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: number - }); - return pr.data.head.sha - - name: Checkout code - uses: actions/checkout@v3 - with: - ref: ${{ steps.get_pr_hash.outputs.result }} - - name: Install latest nightly - uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 - with: - toolchain: ${{ env.RUST_TOOLCHAIN }} - default: true - - name: Run Benchmark ${{steps.parse-runtime.outputs.result}} - run: ./ci/script.sh - env: - TARGET: benchmark - RUNTIME: ${{steps.parse-runtime.outputs.result}} - - name: Upload artifact - uses: actions/upload-artifact@v3 - with: - name: ${{steps.parse-runtime.outputs.result}}-weights - path: runtime/${{steps.parse-runtime.outputs.result}}/src/weights/ - - uses: actions/github-script@v6 - name: Notify Benchmark finished - with: - script: | - const id = `${{steps.ack-run-comment.outputs.result}}` - await github.rest.issues.updateComment({ - comment_id: id, - owner: context.repo.owner, - repo: context.repo.repo, - body: ` - :white_check_mark: Uploaded benchmarks for: \`${{steps.parse-runtime.outputs.result}}\` :white_check_mark: - Find the artifact here: https://github.com/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId} - ` - }) diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml new file mode 100644 index 0000000000..f3b9181bbd --- /dev/null +++ b/.github/workflows/build-docker.yml @@ -0,0 +1,105 @@ +name: Docker Build +on: + # Keep in mind the Docker tagging on the "metadata" step if you add new triggers + push: + branches: [main] + release: + types: [unpublished] # GITHUB_REF == tag pushed with the release + pull_request: + paths: + - ".github/workflows/build-docker.yml" + - "docker/centrifuge-chain/Dockerfile" +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.head.label || github.head_ref || github.ref }}${{ github.ref == '/refs/heads/main' && github.sha || 'false' }} + cancel-in-progress: true +jobs: + docker: + strategy: + matrix: + target: [ release, test ] + runs-on: ubuntu-latest-8-cores + steps: + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac #v4 + with: + fetch-depth: 0 + - name: Free space + # https://github.com/actions/runner-images/issues/2840#issuecomment-1284059930 + run: | + sudo rm -rf /usr/share/dotnet + # sudo rm -rf "/usr/local/share/boost" + sudo rm -rf "$AGENT_TOOLSDIRECTORY" + + - name: check available docker space + run: | + docker volume ls + df -h + + - name: Install toolchain from rust-toolchain.toml + shell: sh + run: | + TOOLCHAIN_VERSION=$(grep 'channel =' rust-toolchain.toml | awk -F'"' '{print $2}') + rustup toolchain install "$TOOLCHAIN_VERSION" + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 #v3 + - name: DockerHub Login + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + + - run: echo "NOW=$(date -u +%y-%m-%d)" >> $GITHUB_ENV + + - name: Setup docker metadata + id: meta + uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 #v5 + with: + images: centrifugeio/centrifuge-chain + flavor: | + suffix=-${{ env.NOW }} + prefix=${{ matrix.target == 'test' && 'test-' || 'latest=auto' }} + tags: | + type=raw,event=branch,value={{branch}}-{{sha}} + type=semver,pattern={{raw}},suffix=,prefix=${{ matrix.target == 'test' && 'test-' || 'latest=auto' }} + type=semver,pattern={{major}},prefix=${{ matrix.target == 'test' && 'test-' || '' }},suffix= + type=edge + + - name: Configure sccache + uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 #v6 + with: + script: | + core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || ''); + core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || ''); + + - name: Build and push centrifugeio/centrifuge-chain + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 #v5 + with: + context: . + file: ./docker/centrifuge-chain/Dockerfile + build-args: | + FEATURES=${{ matrix.target == 'test' && 'fast-runtime' || '' }} + push: ${{ github.ref == '/refs/heads/main' && true || false }} + tags: ${{ steps.meta.outputs.tags }} + # Cache options: + # https://docs.docker.com/build/ci/github-actions/cache/ + cache-from: type=gha + # cache-from: type=registry,ref=centrifugeio/centrifuge-chain:${{ github.ref }} + # https://docs.docker.com/build/cache/backends/inline/ + cache-to: type=gha, mode=max + # cache-to: type=registry,ref=centrifugeio/centrifuge-chain:${{ github.ref }}, mode=max + + - name: Update DockerHub descriptions + if: contains(github.ref, 'refs/tags/release-v') + uses: peter-evans/dockerhub-description@dc67fad7001ef9e8e3c124cb7a64e16d0a63d864 #v3.4.2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + repository: centrifuge/centrifuge-chain + short-description: ${{ github.event.repository.description }} + enable-url-completion: true + + - if: failure() + name: Check available space after build failed + run: | + docker volume ls + df -h \ No newline at end of file diff --git a/.github/workflows/build-matrix.json b/.github/workflows/build-matrix.json deleted file mode 100644 index 529953f6d5..0000000000 --- a/.github/workflows/build-matrix.json +++ /dev/null @@ -1,48 +0,0 @@ -[ - { - "os": "ubuntu-latest", - "target": "build-node", - "run_on_event": "any", - "rust_toolchain": "nightly-2023-10-26" - }, - - { - "os": "ubuntu-latest", - "target": "build-runtime", - "package": "altair-runtime", - "run_on_event": "push", - "rust_toolchain": "1.64.0" - }, - - { - "os": "ubuntu-latest", - "target": "build-runtime", - "package": "centrifuge-runtime", - "run_on_event": "push", - "rust_toolchain": "1.64.0" - }, - - { - "os": "ubuntu-latest", - "target": "build-runtime-fast", - "package": "altair-runtime", - "run_on_event": "push", - "rust_toolchain": "1.64.0" - }, - - { - "os": "ubuntu-latest", - "target": "build-runtime-fast", - "package": "centrifuge-runtime", - "run_on_event": "push", - "rust_toolchain": "1.64.0" - }, - - { - "os": "ubuntu-latest", - "target": "build-runtime-testnet", - "package": "altair-runtime", - "run_on_event": "push", - "rust_toolchain": "1.64.0" - } -] diff --git a/.github/workflows/build-nix.yml b/.github/workflows/build-nix.yml deleted file mode 100644 index cbb02cf1e7..0000000000 --- a/.github/workflows/build-nix.yml +++ /dev/null @@ -1,25 +0,0 @@ -#### NOTE: This job is disabled until nix supports the latest cargo workspace features. -#### See: https://github.com/NixOS/nixpkgs/pull/217232 -# -#name: nix-build -#on: -# pull_request: -# push: -# branches: [main, 'release-v**'] -#jobs: -# build: -# runs-on: ubuntu-latest -# steps: -# - uses: actions/checkout@v3 -# with: -# # Nix Flakes doesn't work on shallow clones -# fetch-depth: 0 -# - uses: cachix/install-nix-action@v17 -# with: -# install_url: https://releases.nixos.org/nix/nix-2.10.3/install -# - uses: cachix/cachix-action@v10 -# with: -# name: centrifuge-chain -# authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" -# - name: Build centrifuge-chain -# run: nix build --no-allow-dirty -L \ No newline at end of file diff --git a/.github/workflows/build-wasm.yml b/.github/workflows/build-wasm.yml new file mode 100644 index 0000000000..1e0bee53a1 --- /dev/null +++ b/.github/workflows/build-wasm.yml @@ -0,0 +1,95 @@ +on: + push: + tags: + - '*' + pull_request: + paths: + - ".github/workflows/build-wasm.yml" +name: Build&Publish WASM +concurrency: + group: '${{ github.workflow }}-${{ github.event.pull_request.head.label || github.head_ref || github.ref }}' + cancel-in-progress: true +permissions: + id-token: write + contents: read +jobs: + build-runtime-wasms: + environment: production # It needs the production GCP credentials to upload WASM + # Benchmark (with cache hit) + # ubuntu-latest 50 min + # ubuntu-latest-4-cores 34 min + runs-on: ubuntu-latest-4-cores + strategy: + matrix: + target: [build-runtime] + package: [altair-runtime, centrifuge-runtime, development-runtime] + name: ${{ matrix.target }}-${{ matrix.package }} + steps: + # PREP + - name: Check out code + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #3.5.2 + + - name: Prep build on Ubuntu + uses: ./.github/actions/prep-ubuntu + + # sccache does not work inside the srtool container + - uses: Swatinem/rust-cache@e207df5d269b42b69c8bc5101da26f7d31feddb4 # 2.6.2 + with: + prefix-key: build + shared-key: wasm + workspaces: | + . + ./target/srtool + cache-directories: ./runtime + + # BUILD + - name: Run srtool # https://docs.substrate.io/reference/command-line-tools/srtool/ + run: > + docker run --rm --user root --platform=linux/amd64 + -e PACKAGE=${{ matrix.package }} -v /home/runner/.cargo:/cargo-home + -v ${{ github.workspace }}:/build paritytech/srtool:1.73.0-0.12.0 + /srtool/build --app + + # Alternative way of running SRTool that allows for "script-like" execution, + # extremely useful to debug: + + # - name: Run Docker SRTool + # uses: addnab/docker-run-action@4f65fabd2431ebc8d299f8e5a018d79a769ae185 #v3 + # with: + # image: paritytech/srtool:${{ matrix.rust_version }} + # options: --user root -v /home/runner/.cargo:/cargo-home -v ${{ github.workspace }}:/build -e BUILD_OPTS=${{ env.BUILD_OPTS || ''}} -e PACKAGE=${{ matrix.package }} + # run: | + # echo "---- Env VARS ----" + # echo "BUILD_OPT=${BUILD_OPT}" + # echo "PACKAGE=${PACKAGE}" + # echo "---- List Cache Folder ----" + # ls -la /cargo-home/ + # du -sh /cargo-home/* + # echo "---- RUNNING BUILD ----" + # /srtool/build --save + + - name: Upload srtool report + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 #v3.1.3 + with: + name: srtool-wasm-report.txt + path: ./${{ matrix.package }}-srtool-wasm-report.json + + - id: 'auth' + uses: 'google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033' # v1.1.1 + with: + workload_identity_provider: ${{ secrets.GWIP_ARTIFACTS }} + service_account: ${{ secrets.GSA_ARTIFACTS }} + + - name: Setup - gcloud / gsutil + if: ${{ steps.auth.outcome == 'success' }} + uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 + + - name: Publish artifacts to GCS + if: ${{ steps.auth.outcome == 'success' }} + shell: bash + run: | + runtime_name=$(echo "${{ matrix.package }}" | sed -e "s/-runtime$//" ) + filename=$(echo "${{ matrix.package }}" | sed -e 's/-/_/g' ) + gsutil cp \ + ./runtime/${runtime_name}/target/srtool/release/wbuild/${{ matrix.package }}/${filename}.compact.compressed.wasm \ + gs://centrifuge-wasm-repo/${runtime_name}/${runtime_name}-$(git rev-parse --short HEAD).wasm diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 573242bbaa..0000000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,82 +0,0 @@ -on: - push: - branches: [main, 'release-v**'] - pull_request: -name: Build -jobs: - matrix_prep: - name: matrix-prep - runs-on: 'ubuntu-latest' - outputs: - matrix: ${{ steps.set-matrix.outputs.matrix }} - steps: - # Required as the JSON input file needs to be read - - uses: actions/checkout@v3 - - id: set-matrix - uses: JoshuaTheMiller/conditional-build-matrix@9ff11e2cad4aa166e1d1d834097121a969da8276 - with: - inputFile: '.github/workflows/build-matrix.json' - # we run build-node on every workflow but build-runtime only on pushes to branches - filter: '[?run_on_event==`any` || run_on_event==`${{ github.event_name }}`]' - build: - needs: matrix_prep - strategy: - matrix: ${{fromJson(needs.matrix_prep.outputs.matrix)}} - name: ${{ matrix.target }} - runs-on: ${{ matrix.os }} - env: - RUST_TOOLCHAIN: "nightly-2023-10-26" - steps: - - name: Prep build on Ubuntu - if: ${{ matrix.os }} == 'ubuntu-latest' - run: | - echo "Pre cleanup" - df -h - sudo rm -rf "/usr/local/share/boost" - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - echo "Post cleanup" - df -h - sudo apt-get install protobuf-compiler - - name: Check out code - uses: actions/checkout@v3 - - name: Install latest nightly - uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 - with: - toolchain: ${{ env.RUST_TOOLCHAIN }} - default: true - - if: startsWith(matrix.target, 'build-runtime') - uses: Swatinem/rust-cache@cb2cf0cc7c5198d3364b9630e2c3d457f160790c - with: # cache the runtime target instead of root target for build-runtime - working-directory: './runtime' - target-dir: './target/srtool' - - if: matrix.target == 'build-node' - uses: Swatinem/rust-cache@cb2cf0cc7c5198d3364b9630e2c3d457f160790c - - name: ${{ matrix.target }} - run: ./ci/script.sh - env: - TARGET: ${{ matrix.target }} - RUST_TOOLCHAIN: ${{ matrix.rust_toolchain }} - PACKAGE: ${{matrix.package}} - - if: startsWith(matrix.target, 'build-runtime') - name: Setup - gcloud / gsutil - uses: google-github-actions/setup-gcloud@v0 - with: - service_account_key: ${{ secrets.GCS_SA_KEY }} - project_id: ${{ secrets.GCS_PROJECT }} - export_default_credentials: true - - if: ${{ matrix.target == 'build-runtime' && matrix.package == 'altair-runtime' }} - name: Publish to GCS - run: | - gsutil cp ./runtime/altair/target/srtool/release/wbuild/altair-runtime/altair_runtime.compact.compressed.wasm gs://centrifuge-artifact-releases/parachain/altair_runtime-$(git rev-parse --short HEAD).compact.compressed.wasm - - if: ${{ matrix.target == 'build-runtime-fast' && matrix.package == 'altair-runtime' }} - name: Publish to GCS - run: | - gsutil cp ./runtime/altair/target/srtool/release/wbuild/altair-runtime/altair_runtime.compact.compressed.wasm gs://centrifuge-artifact-releases/test-parachain/altair_runtime-$(git rev-parse --short HEAD).compact.compressed.wasm - - if: ${{ matrix.target == 'build-runtime' && matrix.package == 'centrifuge-runtime' }} - name: Publish to GCS - run: | - gsutil cp ./runtime/centrifuge/target/srtool/release/wbuild/centrifuge-runtime/centrifuge_runtime.compact.compressed.wasm gs://centrifuge-artifact-releases/parachain/centrifuge_runtime-$(git rev-parse --short HEAD).compact.compressed.wasm - - if: ${{ matrix.target == 'build-runtime-fast' && matrix.package == 'centrifuge-runtime' }} - name: Publish to GCS - run: | - gsutil cp ./runtime/centrifuge/target/srtool/release/wbuild/centrifuge-runtime/centrifuge_runtime.compact.compressed.wasm gs://centrifuge-artifact-releases/test-parachain/centrifuge_runtime-$(git rev-parse --short HEAD).compact.compressed.wasm \ No newline at end of file diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index 7a2fd2ec48..0000000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,73 +0,0 @@ -name: docker -on: - push: - branches: [main, 'release-v**'] - pull_request: - paths: - - ".github/workflows/docker.yml" - workflow_dispatch: - inputs: - docker_tag: - description: 'Docker Image tag' - required: true - default: '' -env: - RUST_TOOLCHAIN: "nightly-2023-10-26" -jobs: - docker: - strategy: - matrix: - os: [ ubuntu-latest-4-cores ] - target: [ release, test ] - runs-on: ${{ matrix.os }} - env: - WORKFLOW_TAG: ${{ github.event.inputs.docker_tag }} - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - name: Free space - # https://github.com/actions/runner-images/issues/2840#issuecomment-1284059930 - run: | - sudo rm -rf /usr/share/dotnet - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - - - name: check available docker space - run: | - docker volume ls - df -h - - - name: Set docker tag - run: | - if [ "${WORKFLOW_TAG}" != "" ]; then - echo "DOCKER_TAG=${WORKFLOW_TAG}" >> $GITHUB_ENV - else - echo "DOCKER_TAG=$(echo $GITHUB_REF | cut -d'/' -f 3)" >> $GITHUB_ENV - fi - - if: matrix.target == 'release' - name: Build docker release - run: docker build --build-arg RUST_TOOLCHAIN=${{ env.RUST_TOOLCHAIN }} -t centrifugeio/centrifuge-chain:${{ env.DOCKER_TAG }}-latest . - - if: matrix.target == 'test' - name: Build docker test - run: docker build --build-arg RUST_TOOLCHAIN=${{ env.RUST_TOOLCHAIN }} --build-arg OPTS="--features=fast-runtime" -t centrifugeio/centrifuge-chain:test-${{ env.DOCKER_TAG }}-latest . - - if: failure() - name: Check available space after build failed - run: | - docker volume ls - df -h - - name: Login to Docker Hub - uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_TOKEN }} - - if: matrix.target == 'release' - name: Tag image release - run: docker tag centrifugeio/centrifuge-chain:${{ env.DOCKER_TAG }}-latest "centrifugeio/centrifuge-chain:${{ env.DOCKER_TAG }}-$(date -u +%Y%m%d%H%M%S)-$(git rev-parse --short HEAD)" - - if: matrix.target == 'test' - name: Tag image test - run: docker tag centrifugeio/centrifuge-chain:test-${{ env.DOCKER_TAG }}-latest "centrifugeio/centrifuge-chain:test-${{ env.DOCKER_TAG }}-$(date -u +%Y%m%d%H%M%S)-$(git rev-parse --short HEAD)" - - name: List images - run: docker images - - name: Push image to Docker Hub - run: docker push --all-tags --quiet centrifugeio/centrifuge-chain - if: contains(github.ref, 'refs/tags/release-v') || github.ref == 'refs/heads/main' diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index eea4e63788..24c3972a43 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -3,41 +3,35 @@ on: push: branches: [main] pull_request: +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.head.label || github.head_ref || github.ref }} + cancel-in-progress: true jobs: docs: permissions: contents: write - runs-on: ubuntu-latest + id-token: write + runs-on: ubuntu-latest-4-cores env: - RUST_TOOLCHAIN: "nightly-2023-10-26" RUSTDOCFLAGS: "-D warnings" + RUSTC_WRAPPER: "sccache" steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac #v4 - name: Prep build on Ubuntu - if: ${{ matrix.os }} == 'ubuntu-latest' - run: | - echo "Pre cleanup" - df -h - sudo rm -rf "/usr/local/share/boost" - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - echo "Post cleanup" - df -h - sudo apt-get install protobuf-compiler - - - name: Install latest nightly - uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 + uses: ./.github/actions/prep-ubuntu with: - toolchain: ${{ env.RUST_TOOLCHAIN }} - default: true + RUST_TOOLCHAIN: ${{ env.RUST_TOOLCHAIN }} + cache: enabled + # Cache needs Google credentials: + GWIP: ${{ secrets.GWIP_SCCACHE }} + GSA: ${{ secrets.GSA_SCCACHE }} - - name: Build Documentation + - name: Build documentation id: build_docs - uses: actions-rs/cargo@v1 - with: - command: doc - args: --all --no-deps + run: cargo doc --all --no-deps + - name: Build Documentation failed if: always() && steps.build_docs.outcome == 'failure' @@ -46,10 +40,11 @@ jobs: - name: Create Index file if: github.ref == 'refs/heads/main' - run: ./ci/create_index_for_rust_docs.sh + run: | + echo "" \ > ./target/doc/index.html - name: Deploy Docs - uses: peaceiris/actions-gh-pages@v3 + uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # 3.9.3 if: github.ref == 'refs/heads/main' with: github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/lints.yml b/.github/workflows/lints.yml deleted file mode 100644 index 36b0253326..0000000000 --- a/.github/workflows/lints.yml +++ /dev/null @@ -1,39 +0,0 @@ -on: - push: - branches: [main, 'release-v**'] - pull_request: -name: Lints -jobs: - lints: - name: ${{ matrix.target }} - strategy: - matrix: - os: [ubuntu-latest] - target: [fmt, clippy] - runs-on: ${{ matrix.os }} - env: - RUST_TOOLCHAIN: "nightly-2023-10-26" - steps: - - name: Prep build on Ubuntu - if: ${{ matrix.os }} == 'ubuntu-latest' - run: | - echo "Pre cleanup" - df -h - sudo rm -rf "/usr/local/share/boost" - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - echo "Post cleanup" - df -h - sudo apt-get install protobuf-compiler - - name: Check out code - uses: actions/checkout@v3 - - name: Install latest nightly - uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 - with: - toolchain: ${{ env.RUST_TOOLCHAIN }} - default: true - - uses: Swatinem/rust-cache@cb2cf0cc7c5198d3364b9630e2c3d457f160790c - - name: Run lints - run: ./ci/script.sh - env: - TARGET: ${{ matrix.target }} - diff --git a/.github/workflows/run-benchmarks.yml b/.github/workflows/run-benchmarks.yml new file mode 100644 index 0000000000..a95cbd0dea --- /dev/null +++ b/.github/workflows/run-benchmarks.yml @@ -0,0 +1,42 @@ +name: Run benchmarks +on: + workflow_dispatch: # Manually triggered by an authorized repo contributor. + pull_request: + paths: + - '.github/workflows/run-benchmarks.yml' +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.head.label || github.head_ref || github.ref }} + cancel-in-progress: true +jobs: + benchmark: + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest-8-cores + strategy: + matrix: + runtimes: [centrifuge, altair, development] + steps: + - name: Checkout code + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac #v4 + + - name: Prep build on Ubuntu + uses: ./.github/actions/prep-ubuntu + with: + cache: enabled + # Cache needs Google credentials: + GWIP: ${{ secrets.GWIP_SCCACHE }} + GSA: ${{ secrets.GSA_SCCACHE }} + + - name: Run Benchmark ${{ matrix.runtimes }} + run: ./scripts/runtime_benchmarks.sh ${{ matrix.runtimes }} + env: + RUSTC_WRAPPER: "sccache" + + - run: echo "NOW=$(date -u +%Y-%m-%d)" >> $GITHUB_ENV + + - name: Upload artifact + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 #v3.1.3 + with: + name: ${{ matrix.runtimes }}-weights + path: runtime/${{ matrix.runtimes }}/src/weights/ diff --git a/.github/workflows/sanity-checks.yml b/.github/workflows/sanity-checks.yml new file mode 100644 index 0000000000..60f4abe409 --- /dev/null +++ b/.github/workflows/sanity-checks.yml @@ -0,0 +1,58 @@ +on: + pull_request: +name: Sanity checks +concurrency: + group: 'tests-${{ github.event.pull_request.head.label || github.head_ref || github.ref }}' + cancel-in-progress: true +permissions: + id-token: write + contents: read +jobs: + test-n-lint: + name: ${{ matrix.target }} + runs-on: ubuntu-latest-8-cores + strategy: + matrix: + target: [test-general, test-integration, + lint-fmt, lint-clippy, cargo-build] # ,lint-taplo] + steps: + - name: Check out code + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #3.5.2 + + - name: Prep build + uses: ./.github/actions/prep-ubuntu + with: + cache: enabled + # Cache needs Google credentials: + GWIP: ${{ secrets.GWIP_SCCACHE }} + GSA: ${{ secrets.GSA_SCCACHE }} + + - name: Runing cargo ${{ matrix.target }} + run: ./ci/run-check.sh + env: + TARGET: ${{ matrix.target }} + RUSTC_WRAPPER: "sccache" + + benchmark-check: + name: bench-check-${{ matrix.runtime }} + runs-on: ubuntu-latest #-4-cores + strategy: + matrix: + runtime: [altair, centrifuge] + steps: + - name: Check out code + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #3.5.2 + + - name: Prep build + uses: ./.github/actions/prep-ubuntu + with: + cache: enabled + GWIP: ${{ secrets.GWIP_SCCACHE }} + GSA: ${{ secrets.GSA_SCCACHE }} + + - name: Runing cargo ${{ matrix.target }} + run: ./ci/run-check.sh + env: + TARGET: benchmark-check + RUNTIME: ${{ matrix.runtime }} + RUSTC_WRAPPER: "sccache" diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml deleted file mode 100644 index f0ef790da7..0000000000 --- a/.github/workflows/tests.yml +++ /dev/null @@ -1,39 +0,0 @@ -on: - push: - branches: [main, 'release-v**'] - pull_request: -name: Tests -jobs: - tests: - name: ${{ matrix.target }} - strategy: - matrix: - os: [ubuntu-latest] - target: [tests, integration] - runs-on: ${{ matrix.os }} - env: - RUST_TOOLCHAIN: "nightly-2023-10-26" - steps: - - name: Prep build on Ubuntu - if: ${{ matrix.os }} == 'ubuntu-latest' - run: | - echo "Pre cleanup" - df -h - sudo rm -rf "/usr/local/share/boost" - sudo rm -rf "$AGENT_TOOLSDIRECTORY" - echo "Post cleanup" - df -h - sudo apt-get install protobuf-compiler - - name: Check out code - uses: actions/checkout@v3 - - name: Install latest nightly - uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 - with: - toolchain: ${{ env.RUST_TOOLCHAIN }} - default: true - - uses: Swatinem/rust-cache@cb2cf0cc7c5198d3364b9630e2c3d457f160790c - - name: Run tests - run: ./ci/script.sh - env: - TARGET: ${{ matrix.target }} - diff --git a/.github/workflows/xperimental-codecov.yml.commented b/.github/workflows/xperimental-codecov.yml.commented new file mode 100644 index 0000000000..6600aff7c0 --- /dev/null +++ b/.github/workflows/xperimental-codecov.yml.commented @@ -0,0 +1,44 @@ +## THIS IS A WORK IN PROGRESS +on: + # push: + # branches: [main, 'release-v**'] + pull_request: +name: Sanity checks +concurrency: + group: 'tests-${{ github.event.pull_request.head.label || github.head_ref || github.ref }}' + cancel-in-progress: true +permissions: + id-token: write + contents: read +jobs: + codecov: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + # Tarpaulin requires cargo 1.70.0: + - name: generate codecov reports + run: | + if ${{ contains(matrix.target, 'test' ) }}; then + echo "---- GENERATE CODE COVERAGE ----" + echo "# Install Tarpaulin" + cargo install --locked cargo-tarpaulin + # make Cargo.toml + echo "Generate code coverage for ${{ matrix.target }}" + cargo +nightly tarpaulin --verbose --no-fail-fast --workspace --timeout 300 --out Xml + fi + - name: Runing cargo ${{ matrix.target }} + run: ./ci/run-check.sh + env: + TARGET: ${{ matrix.target }} + RUSTC_WRAPPER: "sccache" + + # UPLOAD REPORTS (requires cargo 1.70.0) + - name: Upload codecov report + uses: codecov/codecov-action@v3 + with: + # token: ${{ secrets.CODECOV_TOKEN }} + # files: ./coverage1.xml,./coverage2.xml # optional + # flags: unittests # optional + # name: codecov-umbrella # optional + # fail_ci_if_error: true # optional (default = false) + verbose: true # optional (default = false) diff --git a/.github/workflows/docker-nix.yml b/.github/workflows/xperimental-nix.yml.commented similarity index 57% rename from .github/workflows/docker-nix.yml rename to .github/workflows/xperimental-nix.yml.commented index 31e285cedb..10e805d22d 100644 --- a/.github/workflows/docker-nix.yml +++ b/.github/workflows/xperimental-nix.yml.commented @@ -1,3 +1,29 @@ +#### NOTE: This job is disabled until nix supports the latest cargo workspace features. +#### See: https://github.com/NixOS/nixpkgs/pull/217232 +# +#name: nix-build +#on: +# pull_request: +# push: +# branches: [main, 'release-v**'] +#jobs: +# build: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v3 +# with: +# # Nix Flakes doesn't work on shallow clones +# fetch-depth: 0 +# - uses: cachix/install-nix-action@v17 +# with: +# install_url: https://releases.nixos.org/nix/nix-2.10.3/install +# - uses: cachix/cachix-action@v10 +# with: +# name: centrifuge-chain +# authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" +# - name: Build centrifuge-chain +# run: nix build --no-allow-dirty -L + # name: docker # on: # push: diff --git a/.gitignore b/.gitignore index 45adb64f1e..295aecc95f 100644 --- a/.gitignore +++ b/.gitignore @@ -38,3 +38,5 @@ Temporary Items # Node Modules **/node_modules +# Vistual studio +.vscode \ No newline at end of file diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 0dcf4af01c..0000000000 --- a/Dockerfile +++ /dev/null @@ -1,59 +0,0 @@ -# Based from https://github.com/paritytech/substrate/blob/master/.maintain/Dockerfile - -FROM phusion/baseimage:focal-1.0.0 as builder -LABEL maintainer="Centrifuge Team" -LABEL description="This is the build stage for the Centrifuge Chain client. Here the binary is created." - -ARG RUST_TOOLCHAIN=nightly -ENV DEBIAN_FRONTEND=noninteractive -ENV RUST_TOOLCHAIN=$RUST_TOOLCHAIN - -ARG PROFILE=release -ARG OPTS="" -WORKDIR /centrifuge-chain - -COPY . /centrifuge-chain - -RUN apt-get update && \ - apt-get dist-upgrade -y -o Dpkg::Options::="--force-confold" && \ - apt-get install -y cmake pkg-config libssl-dev git clang libclang-dev protobuf-compiler - -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y && \ - export PATH="$PATH:$HOME/.cargo/bin" && \ - rustup default $RUST_TOOLCHAIN && \ - rustup target add wasm32-unknown-unknown --toolchain $RUST_TOOLCHAIN && \ - cargo build "--$PROFILE" $OPTS - -# ===== SECOND STAGE ====== - -FROM phusion/baseimage:focal-1.0.0 -LABEL maintainer="Centrifuge Team" -LABEL description="This is the 2nd stage: a very small image that contains the centrifuge-chain binary and will be used by users." -ARG PROFILE=release - -RUN mv /usr/share/ca* /tmp && \ - rm -rf /usr/share/* && \ - mv /tmp/ca-certificates /usr/share/ && \ - mkdir -p /root/.local/share/centrifuge-chain && \ - ln -s /root/.local/share/centrifuge-chain /data - # && \ - # useradd -m -u 1000 -U -s /bin/sh -d /centrifuge-chain centrifuge-chain # commented out since users do not seem to work with PVCs we currently use: https://stackoverflow.com/questions/46873796/allowing-access-to-a-persistentvolumeclaim-to-non-root-user/46907452 - -COPY --from=builder /centrifuge-chain/target/$PROFILE/centrifuge-chain /usr/local/bin - -# checks -RUN ldd /usr/local/bin/centrifuge-chain && \ - /usr/local/bin/centrifuge-chain --version - -# Shrinking -RUN rm -rf /usr/lib/python* && \ - rm -rf /usr/bin /usr/sbin /usr/share/man - -# Add chain resources to image -COPY res /resources/ - -# USER centrifuge-chain # see above -EXPOSE 30333 9933 9944 -VOLUME ["/data"] - -ENTRYPOINT ["/usr/local/bin/centrifuge-chain"] diff --git a/ci/install-sccache-tarball.sh b/ci/install-sccache-tarball.sh new file mode 100644 index 0000000000..e9f47a6f1b --- /dev/null +++ b/ci/install-sccache-tarball.sh @@ -0,0 +1,45 @@ +#!/bin/bash +# Used by centrifuge Linux Docker image docker/centrifuge-chain/Dockerfile +set -eux +# Define URLs and file names +URL="https://github.com/mozilla/sccache/releases/download/v0.5.4/" +TARBALL_URL="${URL}/sccache-v0.5.4-aarch64-unknown-linux-musl.tar.gz" +CHECKSUM_URL="${URL}/sccache-v0.5.4-aarch64-unknown-linux-musl.tar.gz.sha256" +TARBALL_FILENAME="sccache.tar.gz" +CHECKSUM_FILENAME="sccache.sha256" + +# Define the target directory where you want to extract the binary +TARGET_DIR="/usr/local/cargo/bin" + +# Download the tarball and checksum +echo "Downloading tarball..." +curl -L "$TARBALL_URL" -o "$TARBALL_FILENAME" + +echo "Downloading checksum..." +curl -L "$CHECKSUM_URL" -o "$CHECKSUM_FILENAME" + +# Verify the checksum +echo "Verifying checksum..." +EXPECTED_SHA256=$(cat "$CHECKSUM_FILENAME" | awk '{print $1}') +ACTUAL_SHA256=$(sha256sum "$TARBALL_FILENAME" | awk '{print $1}') + +if [ "$ACTUAL_SHA256" != "$EXPECTED_SHA256" ]; then + echo "Checksum verification failed. Aborting." + rm "$TARBALL_FILENAME" "$CHECKSUM_FILENAME" + exit 1 +fi + +# Extract the tarball +echo "Extracting tarball..." +mkdir sccache +tar -vxzf sccache.tar.gz -C ./sccache/ --strip-components 1 + +# Copy the sccache binary to the target directory +echo "Copying sccache binary to $TARGET_DIR" +cp "sccache/sccache" "$TARGET_DIR/" + +# Clean up downloaded files and extracted folder +rm "$TARBALL_FILENAME" "$CHECKSUM_FILENAME" +rm -rf "sccache" + +echo "Installation completed successfully." diff --git a/ci/run-check.sh b/ci/run-check.sh new file mode 100755 index 0000000000..f3fe6b094b --- /dev/null +++ b/ci/run-check.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env bash + +set -eux + +# Enable warnings about unused extern crates +# export RUSTFLAGS=" -W unused-extern-crates" +rustc --version +rustup --version +cargo --version + +case $TARGET in + cargo-build) + cargo build --release "$@" + ;; + + test-general) + cargo test --workspace --release --features runtime-benchmarks,try-runtime --exclude runtime-integration-tests + ;; + + test-integration) + cargo test --release --package runtime-integration-tests --features fast-runtime + ;; + + lint-fmt) + cargo fmt -- --check + ;; + + lint-taplo) + taplo fmt --check + ;; + + lint-clippy) + cargo clippy --workspace -- -D warnings -A clippy::unnecessary-cast -A clippy::bool-to-int-with-if + ;; + benchmark-check) + ./scripts/check_benchmarks.sh $RUNTIME +esac diff --git a/ci/script.sh b/ci/script.sh deleted file mode 100755 index cf8a19f0f9..0000000000 --- a/ci/script.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env bash - -set -eux - -RUST_TOOLCHAIN="${RUST_TOOLCHAIN:-nightly-2023-10-26}" -SRTOOL_VERSION="${SRTOOL_VERSION:-1.70.0-0.11.0}" -PACKAGE="${PACKAGE:-centrifuge-runtime}" # Need to replicate job for all runtimes -RUNTIME="${RUNTIME:-centrifuge}" - -# Enable warnings about unused extern crates -export RUSTFLAGS=" -W unused-extern-crates" - -./scripts/init.sh install-toolchain - -rustc --version -rustup --version -cargo --version - -case $TARGET in - build-node) - cargo build --release "$@" - ;; - - build-runtime) - export RUSTC_VERSION=$RUST_TOOLCHAIN - docker run --rm -e PACKAGE=$PACKAGE -v $PWD:/build -v /tmp/cargo:/cargo-home paritytech/srtool:$SRTOOL_VERSION build - ;; - - build-runtime-fast) - export RUSTC_VERSION=$RUST_TOOLCHAIN - docker run --rm -e PACKAGE=$PACKAGE -e BUILD_OPTS="--features=fast-runtime" -v $PWD:/build -v /tmp/cargo:/cargo-home paritytech/srtool:$SRTOOL_VERSION build - ;; - - tests) - RUST_MIN_STACK=8388608 cargo test --workspace --release --features runtime-benchmarks,try-runtime --exclude runtime-integration-tests - ;; - - integration) - RUST_MIN_STACK=8388608 cargo test --release --package runtime-integration-tests --features fast-runtime - ;; - - fmt) - cargo fmt -- --check - ;; - - taplo) - taplo fmt --check - ;; - - clippy) - cargo clippy --workspace -- -D warnings -A clippy::unnecessary-cast -A clippy::bool-to-int-with-if - ;; - - benchmark) - ./scripts/runtime_benchmarks.sh $RUNTIME - ;; - - benchmark-check) - ./scripts/check_benchmarks.sh $RUNTIME - -esac diff --git a/docker/centrifuge-chain/Dockerfile b/docker/centrifuge-chain/Dockerfile new file mode 100644 index 0000000000..f401485280 --- /dev/null +++ b/docker/centrifuge-chain/Dockerfile @@ -0,0 +1,77 @@ +# Based on +# https://github.com/paritytech/polkadot-sdk/blob/master/docker/dockerfiles/polkadot/polkadot_injected_release.Dockerfile + +# ToDo: create a CI/builder image with preloaded tools +# FROM --platform=linux/amd64 docker.io/library/ubuntu:22.04 as builder +FROM --platform=linux/amd64 docker.io/library/rust:bookworm as builder + # Defaults + ENV RUST_BACKTRACE 1 + ENV DEBIAN_FRONTEND=noninteractive + + RUN apt-get update && \ + # apt-get dist-upgrade -y -o Dpkg::Options::="--force-confold" && \ + apt-get install -y \ + cmake \ + pkg-config \ + libssl-dev \ + git \ + clang \ + libclang-dev \ + protobuf-compiler \ + curl + + COPY ./scripts scripts + COPY rust-toolchain.toml ./ + # RUN rustup update && rustup default + ENV PATH=~/.cargo/bin:$PATH + RUN scripts/install_toolchain.sh + + # BUILD + ARG RUSTC_WRAPPER='' + ARG SCCACHE_GHA_ENABLED="false" + + RUN rustup target add wasm32-unknown-unknown + + COPY . centrifuge-chain + WORKDIR /centrifuge-chain + ARG FEATURES="" + RUN FEATURES=$(echo ${FEATURES} | tr -d '"') \ + cargo build "--release" --features=${FEATURES} + + +# ===== SECOND STAGE ====== +# ToDo: create a secure image as a base for the binary +FROM --platform=linux/amd64 docker.io/library/ubuntu:jammy + + LABEL io.centrifuge.image.authors="guillermo@k-f.co" \ + io.centrifuge.image.vendor="Centrifuge" \ + io.centrifuge.image.title="centrifugeio/centrifuge-chain" \ + io.centrifuge.image.description="Centrifuge, the layer 1 of RWA. This is the official Centrifuge image with an injected binary." \ + io.centrifuge.image.source="https://github.com/centrifuge/centrifuge-chain/blob/main/docker/centrifuge-chain/Dockerfile" \ + # io.centrifuge.image.revision="${VCS_REF}" \ + io.centrifuge.image.created="${BUILD_DATE}" + + # Add chain resources to image + COPY res /resources/ + + RUN useradd -m -u 1000 -U -s /bin/sh -d /centrifuge centrifuge && \ + mkdir -p /data /centrifuge/.local/share && \ + chown -R centrifuge:centrifuge /data && \ + ln -s /data /centrifuge/.local/share/centrifuge + + COPY --from=builder /centrifuge-chain/target/release/centrifuge-chain /usr/local/bin + # checks + RUN ldd /usr/local/bin/centrifuge-chain && \ + /usr/local/bin/centrifuge-chain --version + + RUN apt-get autoremove -y && apt-get clean && rm -rf /var/lib/apt/lists/* ; + RUN mkdir -p /root/.local/share/centrifuge-chain && \ + ln -s /root/.local/share/centrifuge-chain /data + + +ENV RUST_BACKTRACE 1 +USER centrifuge +EXPOSE 30333 9933 9944 +VOLUME ["/data"] + +ENTRYPOINT ["/usr/local/bin/centrifuge-chain"] diff --git a/docker-compose-local-chain.yml b/docker/docker-compose-local-chain.yml similarity index 100% rename from docker-compose-local-chain.yml rename to docker/docker-compose-local-chain.yml diff --git a/docker-compose-local-relay.yml b/docker/docker-compose-local-relay.yml similarity index 100% rename from docker-compose-local-relay.yml rename to docker/docker-compose-local-relay.yml diff --git a/pallets/pool-system/src/lib.rs b/pallets/pool-system/src/lib.rs index 36388430c0..e36312e1d9 100644 --- a/pallets/pool-system/src/lib.rs +++ b/pallets/pool-system/src/lib.rs @@ -12,7 +12,6 @@ // GNU General Public License for more details. #![cfg_attr(not(feature = "std"), no_std)] #![allow(clippy::or_fun_call)] -#![feature(thread_local)] use cfg_traits::{Permissions, PoolInspect, PoolMutate, PoolNAV, PoolReserve, Seconds, TimeAsSecs}; use cfg_types::{ diff --git a/scripts/install_toolchain.sh b/scripts/install_toolchain.sh index e31f30452a..5d924e8559 100755 --- a/scripts/install_toolchain.sh +++ b/scripts/install_toolchain.sh @@ -1,8 +1,9 @@ #!/usr/bin/env bash -set -eux +# set -eux + +RUST_TOOLCHAIN=$(grep 'channel =' rust-toolchain.toml | awk -F'"' '{print $2}') -RUST_TOOLCHAIN="${RUST_TOOLCHAIN:-nightly}" echo "Using rust toolchain: ${RUST_TOOLCHAIN}" echo "*** Initializing WASM build environment"