chore: bump Rust to 1.91.1 (#123) #102
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| permissions: | |
| id-token: write # This is required for requesting the JWT | |
| jobs: | |
| setup: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| VERSION: ${{ steps.output_version.outputs.VERSION }} | |
| conventional_changelog_tag: ${{ steps.conventional-changelog.outputs.tag }} | |
| conventional_changelog_body: ${{ steps.conventional-changelog.outputs.changelog }} | |
| steps: | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config | |
| persist-credentials: false | |
| # Pull all previous tags | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - name: Conventional Changelog Action | |
| if: github.ref_name == 'main' | |
| id: conventional-changelog | |
| uses: TriPSs/conventional-changelog-action@v6 | |
| with: | |
| github-token: ${{ steps.app-token.outputs.token }} | |
| skip-git-pull: true | |
| skip-version-file: true | |
| git-push: false | |
| skip-on-empty: false # Always create commit | |
| - name: Push Conventional Changelog | |
| if: github.ref_name == 'main' | |
| uses: ad-m/github-push-action@master | |
| id: push | |
| with: | |
| github_token: ${{ steps.app-token.outputs.token }} | |
| branch: ${{ github.ref }} | |
| - name: Set VERSION for main branch | |
| if: github.ref_name == 'main' | |
| run: echo "VERSION=${{ steps.conventional-changelog.outputs.version }}" >> $GITHUB_ENV | |
| - name: Set VERSION for development branch | |
| if: github.ref_name != 'main' | |
| run: echo "VERSION=${GITHUB_REF_NAME##*/}" >> $GITHUB_ENV | |
| - id: output_version | |
| run: echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT | |
| sxtnode_cargo: | |
| runs-on: large-8-core-32gb-22-04 | |
| needs: setup | |
| steps: | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| env: | |
| JF_URL: https://${{ secrets.REGISTRY_URL }} | |
| with: | |
| oidc-provider-name: ${{ secrets.OIDC_PROVIDER_NAME }} | |
| oidc-audience: ${{ secrets.OIDC_AUDIENCE }} | |
| - uses: ./.github/actions/free-disk-space | |
| - uses: ./.github/actions/ubuntu-dependencies | |
| - name: Build and Release SxT-Node Binaries | |
| env: | |
| VERSION: ${{ needs.setup.outputs.VERSION }} | |
| run: |- | |
| set -eux | |
| cargo build --locked --release | |
| b2sum -l 256 target/release/wbuild/sxt-runtime/sxt_runtime.compact.compressed.wasm | |
| jf rt u --flat target/release/sxt-node sxtnode-generic-local/sxt-node/$VERSION/; | |
| jf rt u --flat target/release/wbuild/sxt-runtime/sxt_runtime.compact.compressed.wasm sxtnode-generic-local/sxt-node/$VERSION/; | |
| timeout-minutes: 90 | |
| - name: Compute / Print hashes | |
| if: ${{ !contains(matrix.os, 'macos') }} | |
| run: | | |
| echo "Recent Git Commits:" | |
| git log --pretty=format:"%H %d %s" $(git describe --tags --abbrev=0)^..HEAD | |
| echo "Runtime Code Hash:" | |
| b2sum -l 256 target/release/wbuild/sxt-runtime/sxt_runtime.compact.compressed.wasm | |
| echo "Sudo Call Data:" | |
| cat <(echo -n "0x16000009") <(b2sum -l 256 target/release/wbuild/sxt-runtime/sxt_runtime.compact.compressed.wasm) | |
| echo "Call Hash:" | |
| cat <(echo -n "16000009") <(b2sum -l 256 target/release/wbuild/sxt-runtime/sxt_runtime.compact.compressed.wasm) | xxd -r -p | b2sum -l 256 | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact_sxtnode | |
| path: target/release/sxt-node | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact_watcher | |
| path: target/release/watcher | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact_eventforwarder | |
| path: target/release/event-forwarder | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact_translationlayer | |
| path: target/release/translation-layer | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact_canary | |
| path: target/release/canaries | |
| sxtnode_docker: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup | |
| - sxtnode_cargo | |
| steps: | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| env: | |
| JF_URL: https://${{ secrets.REGISTRY_URL }} | |
| with: | |
| oidc-provider-name: ${{ secrets.OIDC_PROVIDER_NAME }} | |
| oidc-audience: ${{ secrets.OIDC_AUDIENCE }} | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact_sxtnode | |
| path: target/release/ | |
| - name: Build and Release Dockerfile | |
| env: | |
| VERSION: ${{ needs.setup.outputs.VERSION }} | |
| run: |- | |
| set -eux | |
| DOCKERTAG=${{ secrets.REGISTRY_URL }}/sxtnode-docker-local/sxt-node:$VERSION | |
| docker buildx version | |
| docker buildx ls | |
| docker buildx build -f ./sxtnode.Dockerfile . -t $DOCKERTAG | |
| jf docker push $DOCKERTAG | |
| timeout-minutes: 90 | |
| sxtnodedev_cargo: | |
| runs-on: large-8-core-32gb-22-04 | |
| needs: setup | |
| steps: | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| env: | |
| JF_URL: https://${{ secrets.REGISTRY_URL }} | |
| with: | |
| oidc-provider-name: ${{ secrets.OIDC_PROVIDER_NAME }} | |
| oidc-audience: ${{ secrets.OIDC_AUDIENCE }} | |
| - uses: ./.github/actions/free-disk-space | |
| - uses: ./.github/actions/ubuntu-dependencies | |
| - name: Build and Release Development SxT-Node Binaries | |
| env: | |
| VERSION: ${{ needs.setup.outputs.VERSION }} | |
| run: |- | |
| set -eux | |
| cargo build --locked --release --features fast-runtime | |
| jf rt u --flat target/release/sxt-node sxtnode-generic-local/sxt-node/$VERSION-dev/; | |
| jf rt u --flat target/release/wbuild/sxt-runtime/sxt_runtime.compact.compressed.wasm sxtnode-generic-local/sxt-node/$VERSION-dev/; | |
| timeout-minutes: 90 | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact_sxtnodedev | |
| path: target/release/sxt-node | |
| sxtnodedev_docker: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup | |
| - sxtnodedev_cargo | |
| steps: | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| env: | |
| JF_URL: https://${{ secrets.REGISTRY_URL }} | |
| with: | |
| oidc-provider-name: ${{ secrets.OIDC_PROVIDER_NAME }} | |
| oidc-audience: ${{ secrets.OIDC_AUDIENCE }} | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact_sxtnodedev | |
| path: target/release/ | |
| - name: Build and Release Dev Dockerfile | |
| env: | |
| VERSION: ${{ needs.setup.outputs.VERSION }} | |
| run: |- | |
| set -eux | |
| DOCKERTAG=${{ secrets.REGISTRY_URL }}/sxtnode-docker-local/sxt-node:$VERSION-dev | |
| docker buildx version | |
| docker buildx ls | |
| docker buildx build -f ./sxtnode.Dockerfile . -t $DOCKERTAG | |
| jf docker push $DOCKERTAG | |
| timeout-minutes: 90 | |
| watcher: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup | |
| - sxtnode_cargo | |
| steps: | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| env: | |
| JF_URL: https://${{ secrets.REGISTRY_URL }} | |
| with: | |
| oidc-provider-name: ${{ secrets.OIDC_PROVIDER_NAME }} | |
| oidc-audience: ${{ secrets.OIDC_AUDIENCE }} | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact_watcher | |
| path: watcher/ | |
| - name: Build and Release Watcher Docker Image | |
| working-directory: watcher | |
| env: | |
| VERSION: ${{ needs.setup.outputs.VERSION }} | |
| run: |- | |
| set -eux | |
| DOCKERTAG=${{ secrets.REGISTRY_URL }}/sxt-node/watcher:$VERSION | |
| docker build . -t $DOCKERTAG | |
| jf docker push $DOCKERTAG | |
| eventforwarder: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup | |
| - sxtnode_cargo | |
| steps: | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| env: | |
| JF_URL: https://${{ secrets.REGISTRY_URL }} | |
| with: | |
| oidc-provider-name: ${{ secrets.OIDC_PROVIDER_NAME }} | |
| oidc-audience: ${{ secrets.OIDC_AUDIENCE }} | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact_eventforwarder | |
| path: event-forwarder/ | |
| - name: Build and Release event-forwarder Docker Image | |
| working-directory: event-forwarder | |
| env: | |
| VERSION: ${{ needs.setup.outputs.VERSION }} | |
| run: |- | |
| set -eux | |
| DOCKERTAG=${{ secrets.REGISTRY_URL }}/sxt-node/event-forwarder:$VERSION | |
| docker build . -t $DOCKERTAG | |
| jf docker push $DOCKERTAG | |
| translationlayer: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup | |
| - sxtnode_cargo | |
| steps: | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| env: | |
| JF_URL: https://${{ secrets.REGISTRY_URL }} | |
| with: | |
| oidc-provider-name: ${{ secrets.OIDC_PROVIDER_NAME }} | |
| oidc-audience: ${{ secrets.OIDC_AUDIENCE }} | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact_translationlayer | |
| path: translation-layer/ | |
| - name: Build and Release translation-layer Docker Image | |
| working-directory: translation-layer | |
| env: | |
| VERSION: ${{ needs.setup.outputs.VERSION }} | |
| run: |- | |
| set -eux | |
| DOCKERTAG=${{ secrets.REGISTRY_URL }}/sxt-node/translation-layer:$VERSION | |
| docker build . -t $DOCKERTAG | |
| jf docker push $DOCKERTAG | |
| canary: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup | |
| - sxtnode_cargo | |
| steps: | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| env: | |
| JF_URL: https://${{ secrets.REGISTRY_URL }} | |
| with: | |
| oidc-provider-name: ${{ secrets.OIDC_PROVIDER_NAME }} | |
| oidc-audience: ${{ secrets.OIDC_AUDIENCE }} | |
| - uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact_canary | |
| path: canaries/ | |
| - name: Build and Release canary Docker Image | |
| working-directory: canaries | |
| env: | |
| VERSION: ${{ needs.setup.outputs.VERSION }} | |
| run: |- | |
| set -eux | |
| DOCKERTAG=${{ secrets.REGISTRY_URL }}/sxt-node/canary:$VERSION | |
| docker build . -t $DOCKERTAG | |
| jf docker push $DOCKERTAG | |
| finalize: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - setup | |
| - sxtnode_docker | |
| - sxtnodedev_docker | |
| - watcher | |
| - eventforwarder | |
| - translationlayer | |
| - canary | |
| steps: | |
| # Need to regenerate Github App token as previous steps take more than 60 minutes to complete | |
| # and hence previous token expires. | |
| - name: Create GitHub App Token | |
| id: app-token | |
| uses: actions/create-github-app-token@v1 | |
| with: | |
| app-id: ${{ secrets.RELEASE_APP_ID }} | |
| private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| ref: ${{ github.head_ref }} | |
| # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config | |
| persist-credentials: false | |
| # Pull all previous tags | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - name: Create Release | |
| uses: ncipollo/release-action@v1 | |
| if: github.ref_name == 'main' | |
| with: | |
| tag: ${{ needs.setup.outputs.conventional_changelog_tag }} | |
| body: ${{ needs.setup.outputs.conventional_changelog_body }} | |
| token: ${{ steps.app-token.outputs.token }} # Using Github Auth token created in step above | |
| makeLatest: true |