Skip to content

daily

daily #42

Workflow file for this run

name: daily
on:
schedule:
- cron: "14 14 * * *"
# Uncomment below to test.
#push:
# branches: [gha-test-*, canary, auto]
jobs:
audit:
runs-on: ubuntu-latest
container:
image: diem/build_environment:latest
volumes:
- "${{github.workspace}}:/opt/git/diem"
strategy:
fail-fast: false
matrix:
#this is a painful solution since it doesn't pick up new branches, other option is lotsa shell in one job....
#to test in canary add in canary here.....
target-branch: [latest, release-1.3, release-1.4]
env:
AUDIT_SUMMARY_FILE: /tmp/summary
steps:
- uses: actions/[email protected]
with:
ref: ${{ matrix.target-branch }}
- uses: ./.github/actions/build-setup
- name: install cargo-audit
run: cargo install --force cargo-audit
- name: audit crates
# List of ignored RUSTSEC
# 1. RUSTSEC-2021-0073 - Not impacted.
# 2. RUSTSEC-2021-0072 - Not impacted.
# 3. RUSTSEC-2020-0071 - Not impacted.
run: |
cargo audit --color never --ignore RUSTSEC-2021-0073 --ignore RUSTSEC-2021-0072 --ignore RUSTSEC-2020-0071 > $AUDIT_SUMMARY_FILE
- name: set issue body content
if: ${{ failure() }}
env:
JOB_URL: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
run: |
echo "ISSUE_BODY<<EOF" >> $GITHUB_ENV
echo "Found RUSTSEC in dependencies in job ${JOB_URL}" >> $GITHUB_ENV
echo "\`\`\`" >> $GITHUB_ENV
head -100 $AUDIT_SUMMARY_FILE >> $GITHUB_ENV
echo "\`\`\`" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
- uses: diem/actions/create-issue@faadd16607b77dfa2231a8f366883e01717b3225
if: ${{ failure() }}
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
title: "RUSTSEC in dependencies in branch ${{ matrix.target-branch }}"
body: ${{ env.ISSUE_BODY }}
labels: "dependecies"
- uses: ./.github/actions/build-teardown
coverage:
runs-on: testnet-runner-ubuntu
container:
image: diem/build_environment:latest
volumes:
- "${{github.workspace}}:/opt/git/diem"
environment:
name: Sccache
env:
CODECOV_OUTPUT: codecov
MESSAGE_PAYLOAD_FILE: /tmp/message
steps:
- uses: actions/[email protected]
- uses: ./.github/actions/build-setup
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ENV_DIEM_S3_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ENV_DIEM_S3_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.ENV_DIEM_S3_AWS_REGION }}
- name: produce coverage
run: cargo xtest --html-cov-dir=$CODECOV_OUTPUT/grcovhtml/ --html-lcov-dir=$CODECOV_OUTPUT/lcovhtml/ --no-fail-fast -j 16 || true
- name: Push Coverage Reports to S3
run: |
set -x
SUFFIX="$(date +"%Y-%m-%d")-$(git rev-parse --short=8 HEAD)"
PREFIX="ci-artifacts.diem.com/coverage";
#Push grcov
aws s3 cp --recursive ${CODECOV_OUTPUT}/grcovhtml "s3://${PREFIX}/unit-coverage/${SUFFIX}/";
aws s3 cp --recursive ${CODECOV_OUTPUT}/grcovhtml "s3://${PREFIX}/unit-coverage/latest/";
echo "Grcov available in s3 https://${PREFIX}/unit-coverage/${SUFFIX}/index.html" >> ${MESSAGE_PAYLOAD_FILE}
#Push lcov
aws s3 cp --recursive ${CODECOV_OUTPUT}/lcovhtml "s3://${PREFIX}/lcov-unit-coverage/${SUFFIX}/";
aws s3 cp --recursive ${CODECOV_OUTPUT}/lcovhtml "s3://${PREFIX}/lcov-unit-coverage/latest/";
echo "lcov available in s3 https://${PREFIX}/lcov-unit-coverage/${SUFFIX}/index.html" >> ${MESSAGE_PAYLOAD_FILE}
- name: "Send Message"
uses: ./.github/actions/slack-file
with:
payload-file: ${{ env.MESSAGE_PAYLOAD_FILE }}
webhook: ${{ secrets.WEBHOOK_COVERAGE }}
# Disabling for now as this is not critical for job success. TODO: fix it up.
#- name: publish to codecov.io
# run: bash <(curl -s https://codecov.io/bash) -f $CODECOV_OUTPUT/lcovhtml/lcov.info -F unittest;
#- uses: ./.github/actions/build-teardown
json-rpc-backward-compat-test:
# Test old client from release (prod) and pre-release (rc) branches
# against new server in the latest branch through cluster-test's
# json-rpc interface.
runs-on: testnet-runner-ubuntu
container:
image: diem/build_environment:latest
volumes:
- "${{github.workspace}}:/opt/git/diem"
env:
DEVNET_MINT_TEST_KEY: ${{ secrets.DEVNET_MINT_TEST_KEY }}
DEVNET_ENDPOINT: dev.testnet.diem.com
MESSAGE_PAYLOAD_FILE: /tmp/message
strategy:
fail-fast: false
matrix:
release-branch: [release-1.3, release-1.4]
steps:
- uses: actions/[email protected]
with:
ref: ${{ matrix.release-branch }}
- uses: ./.github/actions/build-setup
- name: Run cluster test diag on devnet
run: |
echo ${DEVNET_MINT_TEST_KEY} | base64 -d > /tmp/mint_test.key
RUST_BACKTRACE=full cargo run -p cluster-test -- --diag --swarm --mint-file=/tmp/mint_test.key --peers=dev.testnet.diem.com:80:80 --chain-id=TESTNET > ${MESSAGE_PAYLOAD_FILE}
- name: Run cluster test to submit random txn to devnet
run: |
RUST_BACKTRACE=full cargo run -p cluster-test -- --emit-tx --swarm --mint-file=/tmp/mint_test.key --peers=dev.testnet.diem.com:80:80 --chain-id=DEVNET --accounts-per-client=2 --workers-per-ac=2 --duration=30 >> ${MESSAGE_PAYLOAD_FILE}
- uses: ./.github/actions/slack-file
with:
webhook: ${{ secrets.WEBHOOK_BREAKING_CHANGE }}
payload-file: ${{ env.MESSAGE_PAYLOAD_FILE }}
if: ${{ failure() }}
- uses: ./.github/actions/build-teardown
prover-inconsistency-test:
runs-on: testnet-runner-ubuntu
container:
image: diem/build_environment:${{ matrix.target-branch }}
volumes:
- "${{github.workspace}}:/opt/git/diem"
env:
MESSAGE_PAYLOAD_FILE: /tmp/message
strategy:
fail-fast: false
matrix:
target-branch: [latest]
steps:
- uses: actions/[email protected]
with:
ref: ${{ matrix.target-branch }}
- uses: ./.github/actions/build-setup
- uses: actions/[email protected]
with:
path: "/opt/cargo/git\n/opt/cargo/registry\n/opt/cargo/.package-cache"
key: crates-${{ runner.os }}-${{ hashFiles('Cargo.lock') }}
restore-keys: "crates-${{ runner.os }}"
- name: Run the prover tests with the inconsistency check and other nightly checks
shell: bash
run: |
cd /opt/git/diem/
set -o pipefail
MVP_TEST_INCONSISTENCY=1 cargo test -p move-prover --release 2>&1 | tee -a $MESSAGE_PAYLOAD_FILE
MVP_TEST_FEATURE=cvc4 cargo test -p move-prover --release 2>&1 | tee -a $MESSAGE_PAYLOAD_FILE
- uses: ./.github/actions/slack-file
with:
webhook: ${{ secrets.WEBHOOK_MOVE_PROVER }}
payload-file: ${{ env.MESSAGE_PAYLOAD_FILE }}
if: ${{ failure() }}
- uses: ./.github/actions/build-teardown
prune-docker-images:
runs-on: ubuntu-latest
environment:
name: Docker
url: https://hub.docker.com/u/diem
steps:
- uses: actions/[email protected]
- name: sign in to DockerHub; install image signing cert
uses: ./.github/actions/dockerhub_login
with:
username: ${{ secrets.ENV_DOCKERHUB_USERNAME }}
password: ${{ secrets.ENV_DOCKERHUB_PASSWORD }}
key_material: ${{ secrets.ENV_DOCKERHUB_KEY_MATERIAL }}
key_name: ${{ secrets.ENV_DOCKERHUB_KEY_NAME }}
key_password: ${{ secrets.ENV_DOCKERHUB_KEY_PASSWORD }}
- name: prune Docker image
if: ${{ github.ref != 'refs/heads/auto' }}
run: |
scripts/dockerhub_prune.sh -u "${{ secrets.ENV_DOCKERHUB_USERNAME }}" -p "${{ secrets.ENV_DOCKERHUB_PASSWORD }}" -x