Skip to content

Commit

Permalink
feat(cross-arch): add cross arch release pipeline
Browse files Browse the repository at this point in the history
  • Loading branch information
0xfourzerofour committed Dec 21, 2023
1 parent 79f55cd commit 42dd119
Show file tree
Hide file tree
Showing 10 changed files with 348 additions and 13 deletions.
53 changes: 53 additions & 0 deletions .github/workflows/docker-release.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Docker release

on:
workflow_dispatch:
push:
tags:
- v*.*.*

env:
CARGO_TERM_COLOR: always
DOCKER_IMAGE_NAME: alchemyplatform/rundler

jobs:
build:
name: build and push
runs-on: ubuntu-22.04
permissions:
packages: write
contents: read
steps:
- name: Checkout sources
uses: actions/checkout@v3
with:
submodules: recursive

- name: Install toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: clippy
toolchain: 1.71.0

- name: Install toolchain (nightly)
run: rustup toolchain add nightly --component rustfmt --profile minimal

- uses: Swatinem/rust-cache@v2
with:
cache-on-failure: true

- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: alchemyplatform
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Set up Docker builder
run: |
docker run --privileged --rm tonistiigi/binfmt --install arm64,amd64
docker buildx create --use --name cross-builder
- name: Build and push image
run: |
cargo install cross --git https://github.com/cross-rs/cross
sudo -E env "PATH=$PATH" make docker-build-latest
216 changes: 216 additions & 0 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,216 @@
## This release action is inspired from https://githug.com/paradigmxyz/reth

name: Release

on:
push:
tags:
- v*.*.*

jobs:
extract-version:
name: extract version
runs-on: ubuntu-latest
steps:
- name: Extract version
run: echo "VERSION=$(echo ${GITHUB_REF#refs/tags/})" >> $GITHUB_OUTPUT
id: extract_version
outputs:
VERSION: ${{ steps.extract_version.outputs.VERSION }}

build:
name: build release
strategy:
matrix:
arch:
[
aarch64-unknown-linux-gnu,
x86_64-unknown-linux-gnu,
x86_64-apple-darwin,
aarch64-apple-darwin,
x86_64-pc-windows-gnu,
]
include:
- arch: aarch64-unknown-linux-gnu
platform: ubuntu-latest
profile: maxperf
- arch: x86_64-unknown-linux-gnu
platform: ubuntu-latest
profile: maxperf
- arch: x86_64-apple-darwin
platform: macos-latest
profile: maxperf
- arch: aarch64-apple-darwin
platform: macos-latest
profile: maxperf
- arch: x86_64-pc-windows-gnu
platform: ubuntu-latest
profile: maxperf

runs-on: ${{ matrix.platform }}
needs: extract-version
steps:
- name: Checkout sources
uses: actions/checkout@v3
- name: Get latest version of stable Rust
run: rustup update stable
- name: Install target
run: rustup target add ${{ matrix.arch }}
- uses: Swatinem/rust-cache@v2
with:
cache-on-failure: true

# ==============================
# Apple Silicon SDK setup
# ==============================

- name: Apple Silicon setup
if: ${{ matrix.job.target == 'aarch64-apple-darwin' }}
run: |
echo "SDKROOT=$(xcrun -sdk macosx --show-sdk-path)" >> $GITHUB_ENV
echo "MACOSX_DEPLOYMENT_TARGET=$(xcrun -sdk macosx --show-sdk-platform-version)" >> $GITHUB_ENV
# ==============================
# Builds
# ==============================

- name: Build rundler for ${{ matrix.arch }}
run: |
cargo install cross
env PROFILE=${{ matrix.profile }} make build-${{ matrix.arch }}
- name: Move cross-compiled binary
if: matrix.arch != 'x86_64-pc-windows-gnu'
run: |
mkdir artifacts
mv target/${{ matrix.arch }}/${{ matrix.profile }}/rundler ./artifacts
- name: Move cross-compiled binary (Windows)
if: matrix.arch == 'x86_64-pc-windows-gnu'
run: |
mkdir artifacts
mv target/${{ matrix.arch }}/${{ matrix.profile }}/rundler.exe ./artifacts
# ==============================
# Signing
# ==============================

- name: Configure GPG and create artifacts
env:
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
export GPG_TTY=$(tty)
echo -n "$GPG_SIGNING_KEY" | gpg --batch --import
cd artifacts
tar -czf rundler-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz rundler*
echo "$GPG_PASSPHRASE" | gpg --passphrase-fd 0 --pinentry-mode loopback --batch -ab rundler-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz
mv *tar.gz* ..
shell: bash

# =======================================================================
# Upload artifacts
# This is required to share artifacts between different jobs
# =======================================================================
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: rundler-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz
path: rundler-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz

- name: Upload signature
uses: actions/upload-artifact@v3
with:
name: rundler-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz.asc
path: rundler-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.arch }}.tar.gz.asc

draft-release:
name: draft release
needs: [build, extract-version]
runs-on: ubuntu-latest
env:
VERSION: ${{ needs.extract-version.outputs.VERSION }}
permissions:
# Required to post the release
contents: write
steps:
# This is necessary for generating the changelog. It has to come before "Download Artifacts" or else it deletes the artifacts.
- name: Checkout sources
uses: actions/checkout@v3
with:
fetch-depth: 0

# ==============================
# Download artifacts
# ==============================
- name: Download artifacts
uses: actions/download-artifact@v3

# ==============================
# Create release draft
# ==============================
- name: Generate full changelog
id: changelog
run: |
echo "CHANGELOG<<EOF" >> $GITHUB_OUTPUT
echo "$(git log --pretty=format:"- %s" $(git describe --tags --abbrev=0 ${{ env.VERSION }}^)..${{ env.VERSION }})" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
- name: Create release draft
env:
GITHUB_USER: ${{ github.repository_owner }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

# The formatting here is borrowed from Reth & Lighthouse (which is borrowed from OpenEthereum):
# https://github.com/openethereum/openethereum/blob/main/.github/workflows/build.yml
run: |
body=$(cat <<- "ENDBODY"
<Release Name>
## Testing Checklist (DELETE ME)
- [ ] Run on testnet for 1-3 days.
- [ ] Ensure all CI checks pass.
## Release Checklist (DELETE ME)
- [ ] Ensure all crates have had their versions bumped.
- [ ] Write the summary.
- [ ] Ensure all binaries have been added.
- [ ] Prepare release posts (Twitter, ...).
## Summary
Add a summary, including:
- Critical bug fixes
- New features
- Any breaking changes (and what to expect)
## All Changes
${{ steps.changelog.outputs.CHANGELOG }}
## Binaries
The binaries are signed with the PGP key: `85C5 DEF0 37D3 FDE4 FC17 94B1 475B 35EA 9352 EB2`
| System | Architecture | Binary | PGP Signature |
|:---:|:---:|:---:|:---|
| <img src="https://simpleicons.org/icons/linux.svg" style="width: 32px;"/> | x86_64 | [rundler-${{ env.VERSION }}-x86_64-unknown-linux-gnu.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-x86_64-unknown-linux-gnu.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-x86_64-unknown-linux-gnu.tar.gz.asc) |
| <img src="https://simpleicons.org/icons/linux.svg" style="width: 32px;"/> | aarch64 | [rundler-${{ env.VERSION }}-aarch64-unknown-linux-gnu.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-aarch64-unknown-linux-gnu.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-aarch64-unknown-linux-gnu.tar.gz.asc) |
| <img src="https://simpleicons.org/icons/windows.svg" style="width: 32px;"/> | x86_64 | [rundler-${{ env.VERSION }}-x86_64-pc-windows-gnu.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-x86_64-pc-windows-gnu.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-x86_64-pc-windows-gnu.tar.gz.asc) |
| <img src="https://simpleicons.org/icons/apple.svg" style="width: 32px;"/> | x86_64 | [rundler-${{ env.VERSION }}-x86_64-apple-darwin.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-x86_64-apple-darwin.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-x86_64-apple-darwin.tar.gz.asc) |
| <img src="https://simpleicons.org/icons/apple.svg" style="width: 32px;"/> | aarch64 | [rundler-${{ env.VERSION }}-aarch64-apple-darwin.tar.gz](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-aarch64-apple-darwin.tar.gz) | [PGP Signature](https://github.com/${{ env.REPO_NAME }}/releases/download/${{ env.VERSION }}/rundler-${{ env.VERSION }}-aarch64-apple-darwin.tar.gz.asc) |
| | | | |
| **System** | **Option** | - | **Resource** |
| <img src="https://simpleicons.org/icons/docker.svg" style="width: 32px;"/> | Docker | [${{ env.VERSION }}](https://hub.docker.com/r/alchemyplatform/rundler) |
ENDBODY
)
assets=()
for asset in ./rundler-*.tar.gz*; do
assets+=("-a" "$asset/$asset")
done
tag_name="${{ env.VERSION }}"
echo "$body" | gh release create --draft "${assets[@]}" -F "-" "$tag_name"
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,6 @@
*.profraw
.DS_Store
.helix

# Release artifacts
dist/
2 changes: 2 additions & 0 deletions Cross.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
[build]
dockerfile = "Dockerfile.build"
6 changes: 3 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Adapted from https://github.com/paradigmxyz/reth/blob/main/Dockerfile
# syntax=docker/dockerfile:1.4

FROM rust:1.74.0 AS chef-builder
FROM --platform=$TARGETPLATFORM rust:1.74.0 AS chef-builder

# Install system dependencies
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
Expand Down Expand Up @@ -50,8 +50,8 @@ WORKDIR /app
# install curl for healthcheck
RUN apt-get -y update; apt-get -y install curl

# Copy reth over from the build stage
# Copy rundler over from the build stage
COPY --from=builder /app/target/release/rundler /usr/local/bin

EXPOSE 3000 8080
CMD ["/usr/local/bin/rundler", "node"]
ENTRYPOINT ["/usr/local/bin/rundler"]
18 changes: 18 additions & 0 deletions Dockerfile.build
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
ARG CROSS_BASE_IMAGE
# Dockerfile.forge
FROM ghcr.io/foundry-rs/foundry:latest as foundry

FROM $CROSS_BASE_IMAGE
COPY --from=foundry /usr/local/bin/forge /usr/local/bin/forge

ARG DEBIAN_FRONTEND=noninteractive

RUN apt-get update && apt-get install -y gnupg2 apt-transport-https ca-certificates software-properties-common
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
RUN mkdir -p /etc/apt/keyrings
RUN curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
RUN echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list
RUN apt-get update && apt-get -y upgrade && apt-get install -y libclang-dev pkg-config protobuf-compiler nodejs yarn
RUN add-apt-repository ppa:ethereum/ethereum
RUN apt-get update
RUN apt-get install -y solc
15 changes: 15 additions & 0 deletions Dockerfile.cross
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# This image is meant to enable cross-architecture builds.
# It assumes the rundler binary has already been compiled for `$TARGETPLATFORM` and is
# locatable in `./dist/bin/$TARGETARCH`
FROM --platform=$TARGETPLATFORM ubuntu:22.04

LABEL org.opencontainers.image.source=https://github.com/alchemyplatform/rundler
LABEL org.opencontainers.image.licenses="GNU Lesser General Public License v3.0"

# Filled by docker buildx
ARG TARGETARCH

COPY ./dist/bin/$TARGETARCH/rundler /usr/local/bin/rundler

EXPOSE 3000 8080
ENTRYPOINT ["/usr/local/bin/rundler"]
37 changes: 37 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,11 @@
##@ Test

UNIT_TEST_ARGS := --locked --workspace --all-features
PROFILE ?= release
DOCKER_IMAGE_NAME ?= alchemyplatform/rundler
BIN_DIR = "dist/bin"
BUILD_PATH = "target"
GIT_TAG ?= $(shell git describe --tags --abbrev=0)

.PHONY: build
build: ## Build the project.
Expand All @@ -28,4 +33,36 @@ test-spec-integrated: ## Run spec tests in integrated mode
.PHONY: test-spec-modular
test-spec-modular: ## Run spec tests in modular mode
test/spec-tests/remote/run-spec-tests.sh

.PHONY: submodule-update
submodule-update: ## Update git submodules
git submodule update

build-%:
cross build --bin rundler --target $* --profile "$(PROFILE)"

# Note: This requires a buildx builder with emulation support. For example:
#
# `docker run --privileged --rm tonistiigi/binfmt --install amd64,arm64`
# `docker buildx create --use --driver docker-container --name cross-builder`
.PHONY: docker-build-latest
docker-build-latest: ## Build and push a cross-arch Docker image tagged with the latest git tag and `latest`.
$(call build_docker_image,$(GIT_TAG),latest)

# Create a cross-arch Docker image with the given tags and push it
define build_docker_image
$(MAKE) build-aarch64-unknown-linux-gnu
mkdir -p $(BIN_DIR)/arm64
cp $(BUILD_PATH)/aarch64-unknown-linux-gnu/$(PROFILE)/rundler $(BIN_DIR)/arm64/rundler

$(MAKE) build-x86_64-unknown-linux-gnu
mkdir -p $(BIN_DIR)/amd64
cp $(BUILD_PATH)/x86_64-unknown-linux-gnu/$(PROFILE)/rundler $(BIN_DIR)/amd64/rundler

docker buildx build --file ./Dockerfile.cross . \
--platform linux/arm64,linux/amd64 \
--tag $(DOCKER_IMAGE_NAME):$(1) \
--tag $(DOCKER_IMAGE_NAME):$(2) \
--provenance=false
endef

Loading

0 comments on commit 42dd119

Please sign in to comment.