Merge branch 'develop' into chore/grafana-credentials-go

.github/workflows/automation-ondemand-tests.yml

@@ -20,6 +20,16 @@ on:
         required: true
         default: public.ecr.aws/chainlink/chainlink
         type: string
+      enableChaos:
+        description: Check to enable chaos tests
+        type: boolean
+        default: false
+        required: true
+      enableReorg:
+        description: Check to enable reorg tests
+        type: boolean
+        default: false
+        required: true
 
 env:
   ENV_JOB_IMAGE: ${{ secrets.QA_AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.QA_AWS_REGION }}.amazonaws.com/chainlink-tests:${{ github.sha }}
@@ -104,6 +114,7 @@ jobs:
         with:
           ref: ${{ github.head_ref || github.ref_name }}
       - name: Build Test Image
+        if: inputs.enableChaos || inputs.enableReorg
         uses: ./.github/actions/build-test-image
         with:
           QA_AWS_ROLE_TO_ASSUME: ${{ secrets.QA_AWS_ROLE_TO_ASSUME }}
@@ -130,34 +141,42 @@ jobs:
             suite: chaos
             nodes: 15
             os: ubuntu-latest
+            enabled: ${{ inputs.enableChaos }}
             pyroscope_env: ci-automation-on-demand-chaos
             network: SIMULATED
             command: -run ^TestAutomationChaos$ ./chaos
           - name: reorg
             suite: reorg
             nodes: 5
             os: ubuntu-latest
+            enabled: ${{ inputs.enableReorg }}
             pyroscope_env: ci-automation-on-demand-reorg
             network: SIMULATED_NONDEV
             command: -run ^TestAutomationReorg$ ./reorg
           - name: upgrade 2.0
+            type: upgrade
             suite: smoke
             nodes: 1
             os: ubuntu20.04-8cores-32GB
+            enabled: true
             pyroscope_env: ci-automation-on-demand-upgrade
             network: SIMULATED
             command: -run ^TestAutomationNodeUpgrade/registry_2_0 ./smoke
           - name: upgrade 2.1
+            type: upgrade
             suite: smoke
-            nodes: 1
+            nodes: 5
             os: ubuntu20.04-8cores-32GB
+            enabled: true
             pyroscope_env: ci-automation-on-demand-upgrade
             network: SIMULATED
             command: -run ^TestAutomationNodeUpgrade/registry_2_1 ./smoke
           - name: upgrade 2.2
+            type: upgrade
             suite: smoke
-            nodes: 1
+            nodes: 5
             os: ubuntu20.04-8cores-32GB
+            enabled: true
             pyroscope_env: ci-automation-on-demand-upgrade
             network: SIMULATED
             command: -run ^TestAutomationNodeUpgrade/registry_2_2 ./smoke
@@ -185,7 +204,7 @@ jobs:
             echo "upgrade_version=${{ inputs.chainlinkVersion }}" >>$GITHUB_OUTPUT
             echo "upgrade_image=$READ_CL_IMAGE" >>$GITHUB_OUTPUT
           fi
-          if [[ "${{ matrix.tests.name }}" == "upgrade" ]]; then
+          if [[ "${{ matrix.tests.type }}" == "upgrade" ]]; then
             READ_CL_UPGR_IMAGE=$(jq -r '.inputs.chainlinkImageUpdate' $GITHUB_EVENT_PATH)
             echo ::add-mask::$READ_CL_UPGR_IMAGE
             echo "image=$READ_CL_UPGR_IMAGE" >>$GITHUB_OUTPUT
@@ -240,6 +259,7 @@ jobs:
           echo "BASE64_CONFIG_OVERRIDE=$BASE64_CONFIG_OVERRIDE" >> $GITHUB_ENV               
       - name: Run Tests
         uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@c67a09566412d153ff7640d99f96b43aa03abc04 # v2.3.6
+        if: ${{ matrix.tests.enabled == true }}
         env:
           TEST_SUITE: ${{ matrix.tests.suite }}
         with:

.goreleaser.devspace.yaml

@@ -0,0 +1,92 @@
+## goreleaser <1.14.0
+project_name: chainlink
+
+env:
+  - ZIG_EXEC={{ if index .Env "ZIG_EXEC"  }}{{ .Env.ZIG_EXEC }}{{ else }}zig{{ end }}
+  - IMAGE_PREFIX={{ if index .Env "IMAGE_PREFIX"  }}{{ .Env.IMAGE_PREFIX }}{{ else }}localhost:5001{{ end }}
+  - IMAGE_LABEL_DESCRIPTION="node of the decentralized oracle network, bridging on and off-chain computation"
+  - IMAGE_LABEL_LICENSES="MIT"
+  - IMAGE_LABEL_SOURCE="https://github.com/smartcontractkit/{{ .ProjectName }}"
+
+before:
+  hooks:
+    - go mod tidy
+    - ./tools/bin/goreleaser_utils before_hook
+
+
+# See https://goreleaser.com/customization/build/
+builds:
+  - binary: chainlink
+    id: linux-amd64
+    goos:
+      - linux
+    goarch:
+      - amd64
+    hooks:
+      post: ./tools/bin/goreleaser_utils build_post_hook {{ dir .Path }} {{ .Os }} {{ .Arch }}
+    env:
+      - CGO_ENABLED=1
+      - CC=$ZIG_EXEC cc -target x86_64-linux-gnu
+      - CCX=$ZIG_EXEC c++ -target x86_64-linux-gnu
+    flags:
+      - -trimpath
+      - -buildmode=pie
+    ldflags:
+      - -s -w -r=$ORIGIN/libs
+      - -X github.com/smartcontractkit/chainlink/v2/core/static.Version={{ .Env.CHAINLINK_VERSION }}
+      - -X github.com/smartcontractkit/chainlink/v2/core/static.Sha={{ .FullCommit }}
+# See https://goreleaser.com/customization/docker/
+dockers:
+  - id: linux-amd64
+    dockerfile: core/chainlink.goreleaser.Dockerfile
+    use: buildx
+    goos: linux
+    goarch: amd64
+    extra_files:
+      - tmp/linux_amd64/libs
+      - tools/bin/ldd_fix
+    build_flag_templates:
+      - "--platform=linux/amd64"
+      - "--pull"
+      - "--build-arg=CHAINLINK_USER=chainlink"
+      - "--build-arg=COMMIT_SHA={{ .FullCommit }}"
+      - "--label=org.opencontainers.image.created={{ .Date }}"
+      - "--label=org.opencontainers.image.description={{ .Env.IMAGE_LABEL_DESCRIPTION }}"
+      - "--label=org.opencontainers.image.licenses={{ .Env.IMAGE_LABEL_LICENSES }}"
+      - "--label=org.opencontainers.image.revision={{ .FullCommit }}"
+      - "--label=org.opencontainers.image.source={{ .Env.IMAGE_LABEL_SOURCE }}"
+      - "--label=org.opencontainers.image.title={{ .ProjectName }}"
+      - "--label=org.opencontainers.image.version={{ .Env.CHAINLINK_VERSION }}"
+      - "--label=org.opencontainers.image.url={{ .Env.IMAGE_LABEL_SOURCE }}"
+    image_templates:
+      - "{{ .Env.IMAGE_PREFIX }}/{{ .ProjectName }}-develop:develop-amd64"
+      - "{{ .Env.IMAGE_PREFIX }}/{{ .ProjectName }}-develop:sha-{{ .ShortCommit }}-amd64"
+# See https://goreleaser.com/customization/docker_manifest/
+docker_manifests:
+  - name_template: "{{ .Env.IMAGE_PREFIX }}/{{ .ProjectName }}-develop:develop"
+    image_templates:
+      - "{{ .Env.IMAGE_PREFIX }}/{{ .ProjectName }}-develop:develop-amd64"
+  - name_template: "{{ .Env.IMAGE_PREFIX }}/{{ .ProjectName }}-develop:sha-{{ .ShortCommit }}"
+    image_templates:
+      - "{{ .Env.IMAGE_PREFIX }}/{{ .ProjectName }}-develop:sha-{{ .ShortCommit }}-amd64"
+
+# See https://goreleaser.com/customization/docker_sign/
+docker_signs:
+  - artifacts: all
+    stdin: "{{ .Env.COSIGN_PASSWORD }}"
+
+checksum:
+  name_template: "checksums.txt"
+
+snapshot:
+  name_template: "{{ .Env.CHAINLINK_VERSION }}-{{ .ShortCommit }}"
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"
+# modelines, feel free to remove those if you don't want/use them:
+# yaml-language-server: $schema=https://goreleaser.com/static/schema.json
+# vim: set ts=2 sw=2 tw=0 fo=cnqoj

GNUmakefile

@@ -55,10 +55,6 @@ chainlink-dev: ## Build a dev build of chainlink binary.
 chainlink-test: ## Build a test build of chainlink binary.
 	go build $(GOFLAGS) .
 
-.PHONY: chainlink-local-start
-chainlink-local-start:
-	./chainlink -c /etc/node-secrets-volume/default.toml -c /etc/node-secrets-volume/overrides.toml -secrets /etc/node-secrets-volume/secrets.toml node start -d -p /etc/node-secrets-volume/node-password -a /etc/node-secrets-volume/apicredentials --vrfpassword=/etc/node-secrets-volume/apicredentials
-
 .PHONY: install-medianpoc
 install-medianpoc: ## Build & install the chainlink-medianpoc binary.
 	go install $(GOFLAGS) ./plugins/cmd/chainlink-medianpoc

charts/chainlink-cluster/README.md

@@ -19,10 +19,9 @@ We are using [devspace](https://www.devspace.sh/docs/getting-started/installatio
 
 Configure the cluster, see `deployments.app.helm.values` and [values.yaml](./values.yaml) comments for more details
 
-Configure your `cluster` setup (one time setup, internal usage only)
+Set up your K8s access
 ```
 export DEVSPACE_IMAGE="..."
-cd charts/chainlink-cluster
 ./setup.sh ${my-personal-namespace-name-crib}
 ```
 
@@ -38,12 +37,12 @@ Valid values are `1h`, `2m`, `3s`, etc. Go time format is invalid `1h2m3s`
 devspace run ttl ${namespace} 120h
 ```
 
-If you don't need a build use
+If you don't need to build use
 ```
 devspace deploy --skip-build
 ```
 
-To deploy particular commit (must be in registry) use
+To deploy particular commit (must be in the registry) use
 ```
 devspace deploy --skip-build ${short_sha_of_image}
 ```
@@ -53,22 +52,12 @@ Forward ports to check UI or run tests
 devspace run connect ${my-personal-namespace-name-crib}
 ```
 
-Connect to your environment, by replacing container with label `node-1` with your local repository files
+Update some Go code of Chainlink node and quickly sync your cluster
 ```
-devspace dev -p node
-make chainlink
-make chainlink-local-start
-```
-Fix something in the code locally, it'd automatically sync, rebuild it inside container and run again
-```
-make chainlink
-make chainlink-local-start
+devspace dev
 ```
 
-Reset the pod to original image
-```
-devspace reset pods
-```
+To reset pods to original image just checkout needed commit and do `devspace deploy` again
 
 Destroy the cluster
 ```

charts/chainlink-cluster/devspace.yaml

@@ -15,14 +15,19 @@ vars:
   # This is a comma separated list of CIDR blocks that will be allowed to access the ingress.
   DEVSPACE_INGRESS_CIDRS:
     source: env
+  # Time to wait for pods to be in `Ready` condition
+  DEVSPACE_K8S_POD_WAIT_TIMEOUT: 600s
 
 # This is a list of `pipelines` that DevSpace can execute (you can define your own)
 pipelines:
   dev:
+    # We don't need a rollout here and image haven't been really changed,
+    # may not deserve to be commited, so we are just rebooting the app pods
     run: |-
-      run_dependencies --all       # 1. Deploy any projects this project needs (see "dependencies")
-      ensure_pull_secrets --all    # 2. Ensure pull secrets
-      start_dev app                # 3. Start dev mode "app" (see "dev" section)
+      devspace run-pipeline deploy
+      kubectl get pods -n ${DEVSPACE_NAMESPACE} --no-headers=true | grep '^app-node-' | awk '{print $1}' | xargs kubectl delete pod -n ${DEVSPACE_NAMESPACE}
+      kubectl wait pods -n ${DEVSPACE_NAMESPACE} --selector=app=app --for=condition=Ready --timeout=${DEVSPACE_K8S_POD_WAIT_TIMEOUT}
+  # You can run this pipeline via `devspace deploy` (or `devspace run-pipeline deploy`)
   deploy:
     run: |-
       set -o pipefail
@@ -101,7 +106,7 @@ images:
         pushd $TOPLEVEL
         pwd
         goreleaser --version
-        MACOS_SDK_DIR=$(pwd)/tools/bin/MacOSX12.3.sdk ./tools/bin/goreleaser_wrapper release --snapshot --clean --config .goreleaser.develop.yaml
+        MACOS_SDK_DIR=$(pwd)/tools/bin/MacOSX12.3.sdk ./tools/bin/goreleaser_wrapper release --snapshot --clean --config .goreleaser.devspace.yaml
         popd
         BUILT_IMAGE=$(cat $TOPLEVEL/dist/artifacts.json | jq -r '.[] | select(.type == "Docker Image" and .goarch == "amd64" and (.name | contains("sha")) and ( .name | contains("root") | not) ) | .name')
 
@@ -280,36 +285,6 @@ deployments:
             limits:
               cpu: 1
               memory: 1024Mi
-        runner:
-          securityContext:
-            capabilities:
-              drop:
-                - ALL
-            readOnlyRootFilesystem: false
-            runAsNonRoot: true
-            runAsUser: 999
-            runAsGroup: 999
-          stateful: false
-          resources:
-            requests:
-              cpu: 1
-              memory: 512Mi
-            limits:
-              cpu: 1
-              memory: 512Mi
-          affinity: {}
-          tolerations: []
-          nodeSelector: {}
-          ingress:
-            enabled: false
-            className: ""
-            hosts: []
-            tls: []
-            annotations: {}
-          service:
-            type: NodePort
-            port: 8080
-
         # monitoring.coreos.com/v1 PodMonitor for each node
         prometheusMonitor: true
 
@@ -429,72 +404,4 @@ deployments:
         podAnnotations:
         nodeSelector:
         tolerations:
-        affinity:
-
-profiles:
-  # this replaces only "runner" pod, usable when you'd like to run some system level tests inside k8s
-  - name: runner
-    patches:
-      - op: replace
-        path: dev.app.workingDir
-        value: /home/chainlink/integration-tests
-      - op: replace
-        path: dev.app.container
-        value: runner
-      - op: replace
-        path: dev.app.labelSelector.instance
-        value: runner-1
-      - op: remove
-        path: dev.app.sync[1].uploadExcludePaths[0]
-      - op: remove
-        path: dev.app.open
-      - op: remove
-        path: dev.app.ports[1]
-  - name: node
-    patches:
-      - op: replace
-        path: dev.app.container
-        value: node
-      - op: replace
-        path: dev.app.labelSelector.instance
-        value: node-1
-
-# This is a list of `dev` containers that are based on the containers created by your deployments
-dev:
-  app:
-    workingDir: /home/chainlink
-    container: node
-    labelSelector:
-      instance: node-1
-    # Sync files between the local filesystem and the development container
-    sync:
-      - path: ../../core/services/chainlink:/home/chainlink/core/services/chainlink
-        printLogs: true
-        disableDownload: true
-      - path: ../..:/home/chainlink
-        printLogs: true
-        disableDownload: true
-        uploadExcludePaths:
-          - integration-tests/
-          - .github/
-          - belt/
-          - charts/
-          - contracts/
-          - node_modules/
-          - integration/
-          - integration-scripts/
-          - testdata/
-          - evm-test-helpers/
-    # Open a terminal and use the following command
-    terminal:
-      command: bash
-    ssh:
-      enabled: true
-    proxyCommands:
-      #       TODO: access issues
-      #      - command: devspace
-      #      - command: kubectl
-      #      - command: helm
-      - gitCredentials: true
-    ports:
-      - port: "2345"
+        affinity: