Skip to content

CI: Validate IDs against release-v* #4306

CI: Validate IDs against release-v*

CI: Validate IDs against release-v* #4306

Workflow file for this run

name: Checks
# On Rust, GitHub Actions, and caching
# ===========
# Here's a list of things to keep in mind if you find yourself maintaining this
# CI:
#
# https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#matching-a-cache-key
#
# - Always install and select the desired Rust toolchain *before* running
# `Swatinem/rust-cache`. This is because the active Rust toolchain is used as
# a cache key.
# - You can use `rustup show` to install and select the right Rust toolchain if
# you have a `rust-toolchain.toml` file:
# https://github.com/rust-lang/rustup/issues/1397.
# - When caching Rust compilation artifacts, keep in mind that different `cargo`
# commands will use different profiles
# (https://doc.rust-lang.org/cargo/reference/profiles.html). Learn what you
# can reuse between one job and another and don't assume two commands will
# just share caches without conflicts.
# - Be extremely aware of cache thrashing a.k.a. churning. GitHub Actions' cache
# allows for 10GiB of data which is easily exceeded if not careful.
# Sometimes it's better not to cache than cache excessively.
# Disabling cache writes for non-default branches altogether if cache churning
# is unacceptably high is supposed to help with this.
# - Learn cache invalidation rules of `Swatinem/rust-cache` before making
# changes, e.g. what happens when `rustc --version` changes or `Cargo.lock`
# changes (or is missing).
# - The jobs dependency tree is the way it is to accommodate for sharing caches,
# not necessarily because it makes logical sense to run one job after the
# other. This is due to the fact that we can't share caches between jobs that
# run in parallel.
# - `sccache` is a good alternative to `Swatinem/rust-cache`, but it behaves
# poorly with GHA and often incurs into cache requests rate limits. We should
# probably explore `sccache` with a different backend.
# - If a job makes good use of extra cores, consider give it a bigger machine.
# GHA larger runners increase in cost linearly with the number of cores
# (https://docs.github.com/en/billing/managing-billing-for-github-actions/about-billing-for-github-actions),
# so you're not wasting money unless several cores are sitting idle for long.
on:
workflow_dispatch:
inputs:
custom_name:
description: 'Custom run name (optional)'
required: false
type: string
RUST_LOG:
description: 'Set RUST_LOG level (optional)'
required: false
type: string
merge_group:
types: ["checks_requested"]
push:
branches: ["nightly", "devnet-freeze", "release-v*"]
pull_request:
branches: ["nightly", "devnet-freeze", "release-v*"]
types: [opened, synchronize, reopened, ready_for_review]
run-name: ${{ inputs.custom_name || github.event.pull_request.title || github.sha }}
env:
CARGO_TERM_COLOR: always
RUSTFLAGS: -D warnings
FOUNDRY_PROFILE: ci
TEST_BITCOIN_DOCKER: "bitcoin/bitcoin:28.0"
# Automatically cancels a job if a new commit if pushed to the same PR, branch, or tag.
# Source: <https://stackoverflow.com/a/72408109/5148606>
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
# Except in `nightly` and `stable` branches! Any cancelled job will cause the
# CI run to fail, and we want to keep a clean history for major branches.
cancel-in-progress: ${{ (github.ref != 'refs/heads/nightly') && (github.ref != 'refs/heads/devnet-freeze') && (github.ref != 'refs/heads/main') }}
jobs:
build:
name: build
runs-on: ubicloud-standard-30
timeout-minutes: 60
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- uses: rui314/setup-mold@v1
- name: Install Protoc
uses: arduino/setup-protoc@v3
with:
version: "23.2"
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Toolchain
uses: dtolnay/rust-toolchain@nightly
- name: Rust Cache
uses: ubicloud/rust-cache@v2
- name: Install risc0
uses: ./.github/actions/install-risc0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Build citrea
run: make build-release
env:
REPR_GUEST_BUILD: 1
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: citrea-build
path: |
target/release/citrea
target/release/**/methods.rs
retention-days: 1
check:
name: check
runs-on: ubicloud-standard-16
timeout-minutes: 60
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- uses: rui314/setup-mold@v1
- name: Install Protoc
uses: arduino/setup-protoc@v3
with:
version: "23.2"
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Toolchain
uses: dtolnay/rust-toolchain@nightly
with:
components: rustfmt, clippy
- name: Install risc0
uses: ./.github/actions/install-risc0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Check TOML
uses: dprint/[email protected]
- name: Build guests
run: make build-risc0
- name: Run lint
run: |
if ! make lint ; then
echo "Linting or formatting errors detected, please run 'make lint-fix' to fix it";
exit 1
fi
env:
SKIP_GUEST_BUILD: 1
udeps:
name: udeps
runs-on: ubicloud-standard-8
timeout-minutes: 60
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- uses: rui314/setup-mold@v1
- name: Install Protoc
uses: arduino/setup-protoc@v3
with:
version: "23.2"
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: nightly-2024-07-27
override: true
- name: Install risc0
uses: ./.github/actions/install-risc0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Build guests
run: make build-risc0
- name: Run cargo-udeps
env:
RUSTFLAGS: -A warnings
SKIP_GUEST_BUILD: 1
uses: aig787/cargo-udeps-action@v1
with:
version: "latest"
args: "--workspace --all-features --all-targets"
deny:
runs-on: ubuntu-latest
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- name: Run cargo-deny
uses: EmbarkStudios/cargo-deny-action@v1
with:
command: check
coverage:
needs: docker-setup
runs-on: ubicloud-standard-16
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- uses: dtolnay/[email protected]
with:
components: llvm-tools-preview
- name: Rust Cache
uses: ubicloud/rust-cache@v2
- name: Setup env
if: ${{ github.event.inputs.RUST_LOG != '' }}
run: echo "RUST_LOG=${{ github.event.inputs.RUST_LOG }}" >> $GITHUB_ENV
- uses: taiki-e/install-action@nextest
- uses: taiki-e/install-action@cargo-llvm-cov
- name: Install risc0
uses: ./.github/actions/install-risc0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Cache ethereum-tests
uses: actions/cache@v4
with:
key: "eth-tests-1c23e3c"
path: crates/evm/ethereum-tests
- name: Restore cached Docker image
uses: actions/cache@v4
with:
path: /tmp/docker
key: ${{ runner.os }}-docker-${{ env.TEST_BITCOIN_DOCKER }}
- name: Load Docker image
run: docker load < /tmp/docker/bitcoin.tar
- name: Run coverage
run: make coverage
env:
RUST_BACKTRACE: 1
TEST_BITCOIN_DOCKER: 1
RISC0_DEV_MODE: 1 # This is needed to generate mock proofs and verify them
CITREA_E2E_TEST_BINARY: ${{ github.workspace }}/target/debug/citrea
PARALLEL_PROOF_LIMIT: 1
TEST_OUT_DIR: ${{ runner.temp }}/coverage
- name: Upload e2e test dir
if: failure() || cancelled()
uses: actions/upload-artifact@v4
with:
name: e2e-test-dir
path: ${{ runner.temp }}/coverage
- name: Upload coverage
uses: codecov/codecov-action@v4
with:
fail_ci_if_error: true # optional (default = false)
files: ./lcov.info
token: ${{ secrets.CODECOV_TOKEN }}
uniswap:
runs-on: ubicloud-standard-16
needs: build
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 18
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: citrea-build
path: target/release
- name: Make citrea executable
run: chmod +x target/release/citrea
- name: Install node dependencies
working-directory: ./bin/citrea/tests/evm/uniswap
run: npm install
- name: Run uniswap tests
run: |
RUST_LOG=off ./target/release/citrea --da-layer mock --rollup-config-path resources/configs/mock/sequencer_rollup_config.toml --sequencer resources/configs/mock/sequencer_config.toml --genesis-paths resources/genesis/mock/ &
sleep 2
RUST_LOG=off ./target/release/citrea --rollup-config-path resources/configs/mock/rollup_config.toml --genesis-paths resources/genesis/mock/ &
sleep 2
cd ./bin/citrea/tests/evm/uniswap
npx hardhat run --network citrea scripts/01_deploy.js
npx hardhat run --network citrea scripts/02_swap.js
seqnHeight=$(curl -s 0.0.0.0:12345/ -H "Content-Type: application/json" --data '{"method":"eth_getBlockByNumber","params":["latest"],"id":1,"jsonrpc":"2.0"}' | jq -e .result.number) || (echo "Couldn't get sequencer block"; exit 1)
nodeHeight=$(curl -s 0.0.0.0:12346/ -H "Content-Type: application/json" --data '{"method":"eth_getBlockByNumber","params":["latest"],"id":1,"jsonrpc":"2.0"}' | jq -e .result.number) || (echo "Couldn't get full node block"; exit 1)
echo seqnHeight: $seqnHeight
echo nodeHeight: $nodeHeight
sleep 10
seqnRoot=$(curl -s 0.0.0.0:12345/ -H "Content-Type: application/json" --data '{"method":"eth_getBlockByNumber","params":['${seqnHeight}'],"id":1,"jsonrpc":"2.0"}' | jq -e .result.stateRoot) || (echo "Couldn't get sequencer state root"; exit 1)
nodeRoot=$(curl -s 0.0.0.0:12346/ -H "Content-Type: application/json" --data '{"method":"eth_getBlockByNumber","params":['${seqnHeight}'],"id":1,"jsonrpc":"2.0"}' | jq -e .result.stateRoot) || (echo "Couldn't get full node state root"; exit 1)
echo seqnRoot: $seqnRoot
echo nodeRoot: $nodeRoot
if [ "$seqnRoot" != "$nodeRoot" ]; then
echo "State root mismatch";
exit 1
fi
web3_py:
runs-on: ubicloud-standard-16
needs: build
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.x"
- uses: dcarbone/install-jq-action@v2
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: citrea-build
path: target/release
- name: Make citrea executable
run: chmod +x target/release/citrea
- name: Install dependencies
working-directory: ./bin/citrea/tests/evm/web3_py
run: pip install -r requirements.txt
- name: Run web3.py tests
run: |
RUST_LOG=off ./target/release/citrea --da-layer mock --rollup-config-path resources/configs/mock/sequencer_rollup_config.toml --sequencer resources/configs/mock/sequencer_config.toml --genesis-paths resources/genesis/mock/ &
sleep 2
RUST_LOG=off ./target/release/citrea --da-layer mock --rollup-config-path resources/configs/mock/rollup_config.toml --genesis-paths resources/genesis/mock/ &
sleep 2
cd ./bin/citrea/tests/evm/web3_py
python test.py
ethers_js:
runs-on: ubicloud-standard-16
needs: build
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 18
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: citrea-build
path: target/release
- name: Make citrea executable
run: chmod +x target/release/citrea
- name: Install node dependencies
working-directory: ./bin/citrea/tests/evm/ethers_js
run: npm install
- name: Run ethers_js tests
run: |
RUST_LOG=off ./target/release/citrea --da-layer mock --rollup-config-path resources/configs/mock/sequencer_rollup_config.toml --sequencer resources/configs/mock/sequencer_config.toml --genesis-paths resources/genesis/mock/ &
sleep 2
RUST_LOG=off ./target/release/citrea --da-layer mock --rollup-config-path resources/configs/mock/rollup_config.toml --genesis-paths resources/genesis/mock/ &
sleep 2
cd ./bin/citrea/tests/evm/ethers_js
npm install
npx mocha test.js
cd ../../../../..
check_no_std:
runs-on: ubicloud-standard-4
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- name: Install Rust Bare Metal
uses: actions-rs/toolchain@v1
with:
toolchain: 1.81.0
target: thumbv6m-none-eabi
override: true
- name: Install Rust WASM
uses: actions-rs/toolchain@v1
with:
toolchain: 1.81.0
target: wasm32-unknown-unknown
override: true
- name: cargo install cargo-hack
uses: taiki-e/install-action@cargo-hack
- uses: ubicloud/rust-cache@v2
with:
save-if: ${{ github.ref == 'refs/heads/nightly' }}
- name: Run check
run: make check-no-std
nextest:
needs: docker-setup
name: nextest
runs-on: ubicloud-standard-16
timeout-minutes: 60
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
- uses: rui314/setup-mold@v1
- name: Install Protoc
uses: arduino/setup-protoc@v3
with:
version: "23.2"
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Toolchain
uses: dtolnay/[email protected]
- name: Rust Cache
uses: ubicloud/rust-cache@v2
- name: Setup env
if: ${{ github.event.inputs.RUST_LOG != '' }}
run: echo "RUST_LOG=${{ github.event.inputs.RUST_LOG }}" >> $GITHUB_ENV
- name: Install risc0
uses: ./.github/actions/install-risc0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
# `cargo-nextest` is much faster than standard `cargo test`.
- uses: taiki-e/install-action@nextest
- name: Cache ethereum-tests
uses: actions/cache@v4
with:
key: "eth-tests-1c23e3c"
path: crates/evm/ethereum-tests
- name: Restore cached Docker image
uses: actions/cache@v4
with:
path: /tmp/docker
key: ${{ runner.os }}-docker-${{ env.TEST_BITCOIN_DOCKER }}
- name: Load Docker image
run: docker load < /tmp/docker/bitcoin.tar
- name: Run nextest
run: make test
env:
RUST_BACKTRACE: 1
RISC0_DEV_MODE: 1 # This is needed to generate mock proofs and verify them
TEST_BITCOIN_DOCKER: 1
CITREA_E2E_TEST_BINARY: ${{ github.workspace }}/target/debug/citrea
PARALLEL_PROOF_LIMIT: 1
TEST_OUT_DIR: ${{ runner.temp }}/test
- name: Upload e2e test dir
if: failure() || cancelled()
uses: actions/upload-artifact@v4
with:
name: e2e-test-dir
path: ${{ runner.temp }}/test
system-contracts:
strategy:
fail-fast: true
name: Foundry project
runs-on: ubicloud-standard-2
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly
- name: Run Forge build
run: |
cd crates/evm/src/evm/system_contracts
forge --version
forge build --sizes
id: build
- name: Run Forge tests
run: |
cd crates/evm/src/evm/system_contracts
forge test -vvv
id: test
check_genesis_files:
strategy:
fail-fast: true
name: Check Genesis Files
runs-on: ubicloud-standard-2
if: github.event.pull_request.draft == false
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
# https://github.com/foundry-rs/foundry/releases/tag/nightly-25f24e677a6a32a62512ad4f561995589ac2c7dc
# This is the latest version known to work for us
version: nightly-25f24e677a6a32a62512ad4f561995589ac2c7dc
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.x"
- name: Run check_genesis.sh
run: ./.github/scripts/check_genesis.sh
shell: bash
validate_and_check_DA_ID:
runs-on: ubicloud-standard-2
needs: build
continue-on-error: true
steps:
- uses: actions/checkout@v4
- name: Validate EXPECTED_BITCOIN_DA_ID format
uses: ./.github/actions/validate-bitcoin-da
with:
expected_da_id: ${{ vars.EXPECTED_BITCOIN_DA_ID }}
action: validate_format
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: citrea-build
path: target/release
- name: Check BATCH_PROOF_BITCOIN_ID
id: check-id
uses: ./.github/actions/validate-bitcoin-da
with:
expected_da_id: ${{ vars.EXPECTED_BITCOIN_DA_ID }}
action: check_binary
docker-setup:
runs-on: ubicloud-standard-2
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Cache Docker images
id: cache-docker
uses: actions/cache@v4
with:
path: /tmp/docker
key: ${{ runner.os }}-docker-${{ env.TEST_BITCOIN_DOCKER }}
- name: Pull Docker image
if: steps.cache-docker.outputs.cache-hit != 'true'
run: |
docker pull ${{ env.TEST_BITCOIN_DOCKER }}
mkdir -p /tmp/docker
docker save ${{ env.TEST_BITCOIN_DOCKER }} > /tmp/docker/bitcoin.tar
- name: Load Docker image from cache
if: steps.cache-docker.outputs.cache-hit == 'true'
run: |
docker load < /tmp/docker/bitcoin.tar