From ab041023dcf56bfbe2f6c807f4d49aa634227859 Mon Sep 17 00:00:00 2001
From: Justin Florentine <justin+github@florentine.us>
Date: Wed, 29 Nov 2023 09:48:40 -0500
Subject: [PATCH] removes circle config and gates big tests behind pr approval

Signed-off-by: Justin Florentine <justin+github@florentine.us>
---
 .circleci/config.yml                   | 503 -------------------------
 .github/workflows/acceptance-tests.yml |  10 +-
 .github/workflows/reference-tests.yml  |   8 +-
 3 files changed, 10 insertions(+), 511 deletions(-)
 delete mode 100644 .circleci/config.yml

diff --git a/.circleci/config.yml b/.circleci/config.yml
deleted file mode 100644
index d91ccb64d0af..000000000000
--- a/.circleci/config.yml
+++ /dev/null
@@ -1,503 +0,0 @@
----
-version: 2.1
-orbs:
-  win: circleci/windows@5.0
-
-executors:
-  besu_executor_med: # 2cpu, 4G ram
-    docker:
-      - image: cimg/openjdk:17.0
-    resource_class: medium
-    working_directory: ~/project
-    environment:
-      architecture: "amd64"
-      GRADLE_OPTS: -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true -Dorg.gradle.workers.max=2
-
-  besu_arm64_executor_med: # 2cpu, 8G ram
-    machine: #https://circleci.com/developer/machine/image/ubuntu-2204
-      image: ubuntu-2204:2022.10.2
-    resource_class: arm.medium
-    working_directory: ~/project
-    environment:
-      architecture: "arm64"
-      GRADLE_OPTS: -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true -Dorg.gradle.workers.max=2
-
-  besu_executor_xl: # 8cpu, 16G ram
-    docker:
-      - image: cimg/openjdk:17.0
-    resource_class: xlarge
-    working_directory: ~/project
-    environment:
-      GRADLE_OPTS: -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true -Dorg.gradle.workers.max=4
-
-  xl_machine_executor:
-    machine: #https://circleci.com/developer/machine/image/ubuntu-2204
-      image: ubuntu-2204:2022.10.2
-    resource_class: xlarge
-
-  trivy_executor:
-    docker:
-      - image: docker:stable-git
-    resource_class: small
-    working_directory: ~/project
-
-commands:
-  prepare:
-    description: "Prepare"
-    steps:
-      - checkout
-      - run:
-          name: Install Packages - LibSodium, nssdb
-          command: |
-            sudo apt-get update
-            sudo apt-get install -y libsodium23 libsodium-dev libjemalloc-dev apt-transport-https haveged libnss3-tools
-            sudo service haveged restart
-            java --version
-      - restore_gradle_cache
-  restore_gradle_cache:
-    description: "Restore Gradle cache"
-    steps:
-      - restore_cache:
-          name: Restore cached gradle dependencies
-          keys:
-            - deps-{{ checksum "gradle/versions.gradle" }}-{{ .Branch }}-{{ .Revision }}
-            - deps-{{ checksum "gradle/versions.gradle" }}
-            - deps-
-
-  capture_test_results:
-    description: "Capture test results"
-    steps:
-      - run:
-          name: Jacoco
-          command: |
-            ./gradlew --no-daemon jacocoTestReport
-      - run:
-          name: Gather test results
-          when: always
-          command: |
-            FILES=`find . -name test-results`
-            for FILE in $FILES
-            do
-              MODULE=`echo "$FILE" | sed -e 's@./\(.*\)/build/test-results@\1@'`
-              TARGET="build/test-results/$MODULE"
-              mkdir -p "$TARGET"
-              cp -rf ${FILE}/*/* "$TARGET"
-            done
-      - store_test_results:
-          path: build/test-results
-      - store_artifacts:
-          path: besu/build/reports/jacoco
-
-  capture_test_logs:
-    description: "Capture test logs"
-    steps:
-      - store_artifacts:
-          path: acceptance-tests/tests/build/acceptanceTestLogs
-          destination: acceptance-tests-logs
-      - store_artifacts:
-          path: acceptance-tests/tests/build/jvmErrorLogs
-
-jobs:
-  assemble:
-    executor: besu_executor_xl
-    steps:
-      - prepare
-      - run:
-          name: Assemble
-          command: |
-            ./gradlew --no-daemon clean compileJava compileTestJava assemble
-      - save_cache:
-          name: Caching gradle dependencies
-          key: deps-{{ checksum "gradle/versions.gradle" }}-{{ .Branch }}-{{ .Revision }}
-          paths:
-            - .gradle
-            - ~/.gradle
-      - persist_to_workspace:
-          root: ~/project
-          paths:
-            - ./
-      - store_artifacts:
-          name: Distribution artifacts
-          path: build/distributions
-          destination: distributions
-          when: always
-
-  testWindows:
-    executor: win/default
-    steps:
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: Unzip Windows build
-          no_output_timeout: 20m
-          command: |
-            cd build/distributions
-            unzip besu-*.zip -d besu-tmp
-            cd besu-tmp
-            mv besu-* ../besu
-      - run:
-          name: Test Besu Windows executable
-          no_output_timeout: 10m
-          command: |
-            build\distributions\besu\bin\besu.bat --help
-            build\distributions\besu\bin\besu.bat --version
-
-  dockerScan:
-    executor: trivy_executor
-    steps:
-      - checkout
-      - restore_gradle_cache
-      - setup_remote_docker:
-          docker_layer_caching: true
-      - run:
-          name: Install trivy
-          command: |
-            apk add --update-cache --upgrade curl bash
-            curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
-      - run:
-          name: Scan with trivy
-          shell: /bin/sh
-          command: |
-            for FILE in $(ls docker)
-            do
-              if [[ $FILE == "test.sh" || $FILE == "tests" ]]; then
-                continue
-              fi
-              docker pull -q "hyperledger/besu:develop-$FILE"
-              trivy -q image --exit-code 1 --no-progress --severity HIGH,CRITICAL "hyperledger/besu:develop-$FILE"
-            done
-
-  unitTests:
-    executor: besu_executor_xl
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: Build
-          no_output_timeout: 20m
-          command: |
-            ./gradlew --no-daemon build
-      - capture_test_results
-
-  integrationTests:
-    executor: xl_machine_executor # needs the machine executor since privacy test uses container tests (docker)
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: IntegrationTests
-          command: |
-            ./gradlew --no-daemon integrationTest
-      - run:
-          name: CompileJmh
-          command: |
-            ./gradlew --no-daemon compileJmh
-      - capture_test_results
-
-  referenceTests:
-    executor: besu_executor_xl
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: ReferenceTests
-          no_output_timeout: 30m
-          command: |
-            git submodule update --init --recursive
-            ./gradlew --no-daemon referenceTest
-      - capture_test_results
-
-  acceptanceTests:
-    parallelism: 2
-    executor: xl_machine_executor # needs the machine executor since privacy test uses container tests (docker)
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: AcceptanceTests (Mainnet)
-          no_output_timeout: 20m
-          command: |
-            CLASSNAMES=$(circleci tests glob "acceptance-tests/tests/src/test/java/**/*.java" \
-              | sed 's@.*/src/test/java/@@' \
-              | sed 's@/@.@g' \
-              | sed 's/.\{5\}$//' \
-              | circleci tests split --split-by=timings --timings-type=classname)
-            # Format the arguments to "./gradlew test"
-            GRADLE_ARGS=$(echo $CLASSNAMES | awk '{for (i=1; i<=NF; i++) print "--tests",$i}')
-            ./gradlew --no-daemon acceptanceTestMainnet $GRADLE_ARGS
-      - capture_test_results
-      - capture_test_logs
-
-  acceptanceTestsCliqueBft:
-    executor: besu_executor_xl
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: AcceptanceTests (Non-Mainnet)
-          no_output_timeout: 20m
-          command: |
-            ./gradlew --no-daemon acceptanceTestCliqueBft
-      - capture_test_results
-      - capture_test_logs
-
-  acceptanceTestsPrivacy:
-    parallelism: 4
-    executor: xl_machine_executor # needs the machine executor since it uses container tests (docker)
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: AcceptanceTests (Non-Mainnet)
-          no_output_timeout: 20m
-          command: |
-            CLASSNAMES=$(circleci tests glob "acceptance-tests/tests/src/test/java/**/*.java" \
-              | sed 's@.*/src/test/java/@@' \
-              | sed 's@/@.@g' \
-              | sed 's/.\{5\}$//' \
-              | circleci tests split --split-by=timings --timings-type=classname)
-            # Format the arguments to "./gradlew test"
-            GRADLE_ARGS=$(echo $CLASSNAMES | awk '{for (i=1; i<=NF; i++) print "--tests",$i}')
-            ./gradlew --no-daemon acceptanceTestPrivacy $GRADLE_ARGS
-      - capture_test_results
-      - capture_test_logs
-
-  acceptanceTestsPermissioning:
-    executor: besu_executor_xl
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: AcceptanceTests (Non-Mainnet)
-          no_output_timeout: 20m
-          command: |
-            ./gradlew --no-daemon acceptanceTestPermissioning
-      - capture_test_results
-      - capture_test_logs
-
-  buildDocker:
-    executor: besu_executor_med
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - setup_remote_docker
-      - run:
-          name: hadoLint_openjdk_17
-          command: |
-            docker run --rm -i hadolint/hadolint < docker/openjdk-17/Dockerfile
-      - run:
-          name: hadoLint_openjdk_17_debug
-          command: |
-            docker run --rm -i hadolint/hadolint < docker/openjdk-17-debug/Dockerfile
-      - run:
-          name: hadoLint_openjdk_latest
-          command: |
-            docker run --rm -i hadolint/hadolint < docker/openjdk-latest/Dockerfile
-      - run:
-          name: hadoLint_graalvm
-          command: |
-            docker run --rm -i hadolint/hadolint < docker/graalvm/Dockerfile
-      - run:
-          name: build image
-          command: |
-            ./gradlew --no-daemon distDocker
-      - run:
-          name: test image
-          command: |
-            mkdir -p docker/reports
-            curl -L https://github.com/aelsabbahy/goss/releases/download/v0.3.9/goss-linux-amd64 -o ./docker/tests/goss-linux-amd64
-            ./gradlew --no-daemon testDocker
-
-  buildArm64Docker:
-    executor: besu_arm64_executor_med
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: hadoLint_openjdk_17
-          command: |
-            docker run --rm -i hadolint/hadolint < docker/openjdk-17/Dockerfile
-      - run:
-          name: hadoLint_openjdk_latest
-          command: |
-            docker run --rm -i hadolint/hadolint < docker/openjdk-latest/Dockerfile
-      - run:
-          name: hadoLint_graalvm
-          command: |
-            docker run --rm -i hadolint/hadolint < docker/graalvm/Dockerfile
-      - run:
-          name: Java_17
-          command: |
-            sudo apt install -q --assume-yes openjdk-17-jre-headless openjdk-17-jdk-headless
-            sudo update-java-alternatives -a
-      - run:
-          name: build image
-          command: |
-            ./gradlew --no-daemon distDocker
-      - run:
-          name: test image
-          command: |
-            mkdir -p docker/reports
-            curl -L https://github.com/aelsabbahy/goss/releases/download/v0.3.9/goss-linux-arm -o ./docker/tests/goss-linux-arm64
-            ./gradlew --no-daemon testDocker
-
-  publish:
-    executor: besu_executor_med
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: Publish
-          command: |
-            ./gradlew --no-daemon artifactoryPublish
-
-  publishDocker:
-    executor: besu_executor_med
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - setup_remote_docker
-      - run:
-          name: Publish Docker
-          command: |
-            docker login --username "${DOCKER_USER_RW}" --password "${DOCKER_PASSWORD_RW}"
-            ./gradlew --no-daemon "-Pbranch=${CIRCLE_BRANCH}" dockerUpload
-
-  publishArm64Docker:
-    executor: besu_arm64_executor_med
-    steps:
-      - prepare
-      - attach_workspace:
-          at: ~/project
-      - run:
-          name: Java_17
-          command: |
-            sudo apt install -q --assume-yes openjdk-17-jre-headless openjdk-17-jdk-headless
-            sudo update-java-alternatives -a
-      - run:
-          name: Publish Docker
-          command: |
-            docker login --username "${DOCKER_USER_RW}" --password "${DOCKER_PASSWORD_RW}"
-            ./gradlew --no-daemon "-Pbranch=${CIRCLE_BRANCH}" dockerUpload
-  manifestDocker:
-    executor: besu_executor_med
-    steps:
-      - prepare
-      - setup_remote_docker
-      - run:
-          name: Create and publish docker manifest
-          command: |
-            docker login --username "${DOCKER_USER_RW}" --password "${DOCKER_PASSWORD_RW}"
-            ./gradlew --no-daemon "-Pbranch=${CIRCLE_BRANCH}" --parallel manifestDocker
-
-workflows:
-  version: 2
-  default:
-    jobs:
-      - assemble
-      - unitTests:
-           requires:
-            - assemble
-      - testWindows:
-          requires:
-            - assemble
-      - referenceTests:
-          requires:
-            - assemble
-      - integrationTests:
-          requires:
-            - assemble
-      - acceptanceTests:
-          requires:
-            - assemble
-      - acceptanceTestsCliqueBft:
-          requires:
-            - assemble
-      - acceptanceTestsPermissioning:
-          requires:
-            - assemble
-      - buildDocker:
-          requires:
-            - assemble
-      - buildArm64Docker:
-          requires:
-            - assemble
-      - publish:
-          filters:
-            branches:
-              only:
-                - main
-                - /^release-.*/
-          requires:
-            - assemble
-            - integrationTests
-            - unitTests
-            - acceptanceTests
-            - referenceTests
-            - buildDocker
-      - publishDocker:
-          filters:
-            branches:
-              only:
-                - main
-                - /^release-.*/
-          requires:
-            - assemble
-            - integrationTests
-            - unitTests
-            - acceptanceTests
-            - referenceTests
-            - buildDocker
-          context:
-            - besu-dockerhub-rw
-      - publishArm64Docker:
-          filters:
-            branches:
-              only:
-                - main
-                - /^release-.*/
-          requires:
-            - integrationTests
-            - unitTests
-            - acceptanceTests
-            - referenceTests
-            - buildArm64Docker
-          context:
-            - besu-dockerhub-rw
-      - manifestDocker:
-          filters:
-            branches:
-              only:
-                - main
-                - /^release-.*/
-          requires:
-            - publishDocker
-            - publishArm64Docker
-          context:
-            - besu-dockerhub-rw
-
-  nightly:
-    triggers:
-      - schedule:
-          cron: "0 19 * * *"
-          filters:
-            branches:
-              only:
-                - main
-    jobs:
-      - assemble
-      - dockerScan
-      - acceptanceTestsPrivacy:
-          requires:
-            - assemble
diff --git a/.github/workflows/acceptance-tests.yml b/.github/workflows/acceptance-tests.yml
index ccf371fb808d..36e0b8b0e1e3 100644
--- a/.github/workflows/acceptance-tests.yml
+++ b/.github/workflows/acceptance-tests.yml
@@ -1,6 +1,7 @@
 name: acceptance-tests
 on:
-  workflow_call:
+  pull_request_review:
+    types: [ submitted ]
 
 
 env:
@@ -9,7 +10,8 @@ env:
 
 jobs:
   runner-indexes:
-    runs-on: ubuntu-22.04
+    if: github.event.review.state == 'APPROVED'
+    runs-on: besu-research-ubuntu-16
     name: Generate runner indexes
     outputs:
       json: ${{ steps.generate-index-list.outputs.json }}
@@ -21,11 +23,11 @@ jobs:
           INDEX_JSON=$(jq --null-input --compact-output '. |= [inputs]' <<< ${INDEX_LIST})
           echo "::set-output name=json::${INDEX_JSON}"
   acceptanceTestEthereum:
-    runs-on: [ self-hosted, X64, Linux ]
+    runs-on: besu-research-ubuntu-16
     name: "Acceptance Runner #${{ matrix.runner-index }}: Run acceptance tests in parallel"
     needs:
       - runner-indexes
-    if: ${{ github.actor != 'dependabot[bot]' }}
+    if: ${{ github.actor != 'dependabot[bot]' && github.event.review.state == 'APPROVED'}}
     strategy:
       fail-fast: false
       matrix:
diff --git a/.github/workflows/reference-tests.yml b/.github/workflows/reference-tests.yml
index 5a55f6aefe92..3d5149c0bbc4 100644
--- a/.github/workflows/reference-tests.yml
+++ b/.github/workflows/reference-tests.yml
@@ -9,7 +9,7 @@ env:
 
 jobs:
   runner-indexes:
-    runs-on: ubuntu-22.04
+    runs-on: besu-research-ubuntu-8
     name: Generate runner indexes
     outputs:
       json: ${{ steps.generate-index-list.outputs.json }}
@@ -21,7 +21,7 @@ jobs:
           INDEX_JSON=$(jq --null-input --compact-output '. |= [inputs]' <<< ${INDEX_LIST})
           echo "::set-output name=json::${INDEX_JSON}"
   prepareReferenceTestEthereum:
-    runs-on: [ self-hosted, Linux, X64 ]
+    runs-on: besu-research-ubuntu-8
     timeout-minutes: 30
     if: ${{ github.actor != 'dependabot[bot]' }}
     steps:
@@ -57,7 +57,7 @@ jobs:
           path: "ethereum/referencetests/build/generated/sources/reference-test/**"
           key: ${{ runner.os }}-reftests-${{ github.sha }}
   referenceTestEthereum:
-    runs-on: [ self-hosted, X64, Linux ]
+    runs-on: besu-research-ubuntu-8
     needs:
       - prepareReferenceTestEthereum
       - runner-indexes
@@ -110,7 +110,7 @@ jobs:
           path: '**/build/test-results/referenceTests/TEST-*.xml'
           retention-days: 1
   referenceTestQbft:
-    runs-on: [ self-hosted, Linux, X64 ]
+    runs-on: besu-research-ubuntu-8
     timeout-minutes: 30
     if: ${{ github.actor != 'dependabot[bot]' }}
     steps: