ci: add fuzz jobs #365
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Lint 🧹 Build 🛠️ Test 🚦 | |
on: | |
push: | |
branches: | |
- main | |
# Run in PRs with conflicts (https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request) | |
pull_request_target: | |
branches: | |
- main | |
types: [opened, synchronize, reopened, ready_for_review] | |
workflow_dispatch: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number }} | |
cancel-in-progress: true | |
permissions: | |
id-token: write | |
contents: read | |
packages: read | |
env: | |
RUSTC_WRAPPER: sccache | |
SCCACHE_S3_USE_SSL: false | |
GIT_LFS_SKIP_SMUDGE: 1 | |
CARGO_INCREMENTAL: 0 | |
RUST_BACKTRACE: full | |
CACHE_BUCKET: github-runners-remote-cache-shared | |
SCCACHE_BUCKET: github-runners-remote-cache-shared | |
AWS_REGION: us-west-2 | |
NIGHTLY: nightly-2024-05-15 | |
NAMADA_MASP_PARAMS_DIR: /masp/.masp-params | |
jobs: | |
changelog: | |
runs-on: [ubuntu-latest] | |
if: github.event_name == 'pull_request_target' && github.event.pull_request.draft == false | |
timeout-minutes: 15 | |
steps: | |
- name: Checkout repo | |
if: ${{ github.event_name != 'pull_request_target' }} | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Checkout PR | |
if: ${{ github.event_name == 'pull_request_target' }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
fetch-depth: 0 | |
- name: Check changelog | |
run: bash .github/workflows/scripts/check-changelog.sh | |
env: | |
SHA: ${{ github.event.pull_request.head.sha }} | |
lints: | |
container: | |
image: ghcr.io/heliaxdev/namada-ci:namada-main | |
runs-on: [self-hosted, 8vcpu-16ram-ubuntu22-namada-x86] | |
timeout-minutes: 15 | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'pull_request_target' }} | |
- name: Checkout PR | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Configure AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE }} | |
- name: Cache cargo | |
id: cache | |
uses: runs-on/cache@v4 | |
env: | |
RUNS_ON_S3_BUCKET_CACHE: ${{ env.CACHE_BUCKET }} | |
with: | |
path: /usr/local/cargo | |
key: /cache/${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Start sccache server | |
id: sccache | |
run: sccache --start-server | |
- name: Clippy lints | |
run: make clippy | |
env: | |
RUSTFLAGS: "-Z threads=8" | |
- name: Check format | |
run: make fmt-check | |
env: | |
RUSTFLAGS: "-Z threads=8" | |
- name: Clean cargo cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cargo cache --autoclean-expensive | |
- name: Stop sccache | |
if: always() && steps.sccache.conclusion == 'success' | |
run: sccache --stop-server || true | |
build-wasm: | |
timeout-minutes: 10 | |
runs-on: [self-hosted, 4vcpu-8ram-ubuntu22-namada-x86] | |
container: | |
image: ghcr.io/heliaxdev/namada-ci:wasm-main | |
strategy: | |
fail-fast: true | |
matrix: | |
make: | |
- name: wasm | |
command: build-wasm-scripts | |
files: | | |
wasm/tx_*.wasm | |
wasm/vp_*.wasm | |
wasm/checksums.json | |
- name: wasm-for-tests | |
command: build-wasm-tests-scripts | |
files: | |
wasm_for_tests/*.wasm | |
env: | |
RUSTC_WRAPPER: "" | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'pull_request_target' }} | |
- name: Checkout PR | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Configure AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE }} | |
- name: Cache cargo | |
id: cache | |
uses: runs-on/cache@v4 | |
env: | |
RUNS_ON_S3_BUCKET_CACHE: ${{ env.CACHE_BUCKET }} | |
with: | |
path: /usr/local/cargo | |
key: /cache/${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Build ${{ matrix.make.name }} | |
run: make ${{ matrix.make.command }} | |
- name: Upload ${{ matrix.make.name }} artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ matrix.make.name }}-${{ github.event.pull_request.head.sha || github.sha }} | |
path: ${{ matrix.make.files }} | |
- name: Clean cargo cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cargo cache --autoclean-expensive | |
test-wasm: | |
timeout-minutes: 30 | |
container: | |
image: ghcr.io/heliaxdev/namada-ci:namada-main | |
runs-on: [self-hosted, 4vcpu-8ram-ubuntu22-namada-x86] | |
needs: [build-wasm] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'pull_request_target' }} | |
- name: Checkout PR | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Configure AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE }} | |
- name: Cache cargo | |
id: cache | |
uses: runs-on/cache@v4 | |
env: | |
RUNS_ON_S3_BUCKET_CACHE: ${{ env.CACHE_BUCKET }} | |
with: | |
path: /usr/local/cargo | |
key: /cache/${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Download wasm artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm | |
- name: Download wasm-for-tests artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-for-tests-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm_for_tests | |
- name: Test Wasm | |
run: cargo +${{ env.NIGHTLY }} nextest run --manifest-path wasm/Cargo.toml | |
env: | |
RUSTFLAGS: "-C linker=clang -C link-arg=-fuse-ld=/usr/local/bin/mold" | |
- name: Clean cargo cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cargo cache --autoclean-expensive | |
test-unit: | |
runs-on: [self-hosted, 8vcpu-16ram-ubuntu22-namada-x86] | |
container: | |
image: ghcr.io/heliaxdev/namada-ci:namada-main | |
timeout-minutes: 20 | |
needs: [build-wasm] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'pull_request_target' }} | |
- name: Checkout PR | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Configure AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE }} | |
- name: Cache cargo | |
id: cache | |
uses: runs-on/cache@v4 | |
env: | |
RUNS_ON_S3_BUCKET_CACHE: ${{ env.CACHE_BUCKET }} | |
with: | |
path: /usr/local/cargo | |
key: /cache/${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Start sccache server | |
id: sccache | |
run: sccache --start-server | |
- name: Download wasm artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm | |
- name: Download wasm-for-tests artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-for-tests-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm_for_tests | |
- name: Run unit tests with coverage | |
run: make test-unit-with-coverage | |
# run: cargo +${{ env.NIGHTLY }} llvm-cov nextest run -E 'not test(e2e)' -E 'not test(integration)' -E 'not test(pos_state_machine_test)' --features namada/testing --no-fail-fast --lcov --output-path lcov.info | |
env: | |
RUSTFLAGS: "-C linker=clang -C link-arg=-fuse-ld=/usr/local/bin/mold -Z threads=8" | |
- name: Upload coverage | |
uses: codecov/codecov-action@v4 | |
with: | |
files: lcov.info | |
fail_ci_if_error: true | |
token: ${{ secrets.CODECOV_TOKEN }} | |
- name: Clean cargo cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cargo cache --autoclean-expensive | |
- name: Stop sccache | |
if: always() && steps.sccache.conclusion == 'success' | |
run: sccache --stop-server || true | |
check-packages: | |
runs-on: [self-hosted, 8vcpu-16ram-ubuntu22-namada-x86] | |
container: | |
image: ghcr.io/heliaxdev/namada-ci:namada-main | |
timeout-minutes: 15 | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'pull_request_target' }} | |
- name: Checkout PR | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Configure AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE }} | |
- name: Cache cargo | |
id: cache | |
uses: runs-on/cache@v4 | |
env: | |
RUNS_ON_S3_BUCKET_CACHE: ${{ env.CACHE_BUCKET }} | |
with: | |
path: /usr/local/cargo | |
key: /cache/${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Start sccache server | |
id: sccache | |
run: sccache --start-server | |
- name: Check crates build with default features | |
run: make check-crates | |
env: | |
RUSTFLAGS: "-C linker=clang -C link-arg=-fuse-ld=/usr/local/bin/mold" | |
- name: Clean cargo cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cargo cache --autoclean-expensive | |
- name: Stop sccache | |
if: always() && steps.sccache.conclusion == 'success' | |
run: sccache --stop-server || true | |
test-integration: | |
runs-on: [self-hosted, 8vcpu-16ram-ubuntu22-namada-x86] | |
container: | |
image: ghcr.io/heliaxdev/namada-ci:namada-main | |
timeout-minutes: 15 | |
needs: [build-wasm] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'pull_request_target' }} | |
- name: Checkout PR | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Configure AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE }} | |
- name: Cache cargo | |
id: cache | |
uses: runs-on/cache@v4 | |
env: | |
RUNS_ON_S3_BUCKET_CACHE: ${{ env.CACHE_BUCKET }} | |
with: | |
path: /usr/local/cargo | |
key: /cache/${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Start sccache server | |
id: sccache | |
run: sccache --start-server | |
- name: Download wasm artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm | |
- name: Download wasm-for-tests artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-for-tests-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm_for_tests | |
- name: Run integration tests | |
run: cargo +${{ env.NIGHTLY }} nextest run -E 'test(integration)' --test-threads 1 --no-fail-fast --features integration | |
env: | |
RUSTFLAGS: "-C linker=clang -C link-arg=-fuse-ld=/usr/local/bin/mold -Z threads=8" | |
- name: Clean cargo cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cargo cache --autoclean-expensive | |
- name: Stop sccache | |
if: always() && steps.sccache.conclusion == 'success' | |
run: sccache --stop-server || true | |
check-benchmarks: | |
runs-on: [self-hosted, 8vcpu-16ram-ubuntu22-namada-x86] | |
container: | |
image: ghcr.io/heliaxdev/namada-ci:namada-main | |
if: github.event.pull_request.draft == false || contains(github.head_ref, 'mergify/merge-queue') || contains(github.ref_name, 'mergify/merge-queue') | |
timeout-minutes: 25 | |
needs: [build-wasm] | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'pull_request_target' }} | |
- name: Checkout PR | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Configure AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE }} | |
- name: Cache cargo | |
id: cache | |
uses: runs-on/cache@v4 | |
env: | |
RUNS_ON_S3_BUCKET_CACHE: ${{ env.CACHE_BUCKET }} | |
with: | |
path: /usr/local/cargo | |
key: /cache/${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Start sccache server | |
id: sccache | |
run: sccache --start-server | |
- name: Download wasm artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm | |
- name: Download wasm-for-tests artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-for-tests-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm_for_tests | |
- name: Run benchmarks tests | |
run: make test-benches | |
env: | |
RUSTFLAGS: "-C linker=clang -C link-arg=-fuse-ld=/usr/local/bin/mold -Z threads=8" | |
- name: Clean cargo cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cargo cache --autoclean-expensive | |
- name: Stop sccache | |
if: always() && steps.sccache.conclusion == 'success' | |
run: sccache --stop-server || true | |
build-binaries: | |
runs-on: [self-hosted, 16vcpu-32ram-ubuntu22-namada-x86] | |
container: | |
image: ghcr.io/heliaxdev/namada-ci:namada-main | |
timeout-minutes: 20 | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'pull_request_target' }} | |
- name: Checkout PR | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Configure AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE }} | |
- name: Cache cargo | |
id: cache | |
uses: runs-on/cache@v4 | |
env: | |
RUNS_ON_S3_BUCKET_CACHE: ${{ env.CACHE_BUCKET }} | |
with: | |
path: /usr/local/cargo | |
key: /cache/${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Start sccache server | |
id: sccache | |
run: sccache --start-server | |
- name: Release build | |
run: make build-release | |
env: | |
RUSTFLAGS: "-C linker=clang -C debug_assertions=true -C link-arg=-fuse-ld=/usr/local/bin/mold" | |
- name: Upload binaries | |
uses: actions/upload-artifact@v4 | |
with: | |
name: binaries-${{ github.event.pull_request.head.sha || github.sha }} | |
path: | | |
target/release/namada | |
target/release/namadac | |
target/release/namadaw | |
target/release/namadan | |
- name: Upload build timing report | |
uses: actions/upload-artifact@v4 | |
with: | |
name: build-timings-${{ github.event.pull_request.head.sha || github.sha }} | |
path: target/cargo-timings/cargo-timing.html | |
retention-days: 7 | |
- name: Clean cargo cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cargo cache --autoclean-expensive | |
- name: Stop sccache | |
if: always() && steps.sccache.conclusion == 'success' | |
run: sccache --stop-server || true | |
test-e2e: | |
runs-on: [self-hosted, 4vcpu-8ram-ubuntu22-namada-x86] | |
container: | |
image: ghcr.io/heliaxdev/namada-ci:namada-main | |
if: github.event.pull_request.draft == false || contains(github.head_ref, 'mergify/merge-queue') || contains(github.ref_name, 'mergify/merge-queue') | |
needs: [build-wasm, build-binaries] | |
timeout-minutes: 50 | |
strategy: | |
fail-fast: false | |
matrix: | |
make: | |
- index: 0 | |
- index: 1 | |
- index: 2 | |
- index: 3 | |
- index: 4 | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'pull_request_target' }} | |
- name: Checkout PR | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'pull_request_target' }} | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- name: Configure AWS | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-to-assume: ${{ secrets.AWS_ROLE }} | |
- name: Cache cargo | |
id: cache | |
uses: runs-on/cache@v4 | |
env: | |
RUNS_ON_S3_BUCKET_CACHE: ${{ env.CACHE_BUCKET }} | |
with: | |
path: /usr/local/cargo | |
key: /cache/${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/Cargo.lock') }} | |
- name: Start sccache server | |
id: sccache | |
run: sccache --start-server | |
- name: Download wasm artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm | |
- name: Download wasm-for-tests artifacts | |
uses: actions/download-artifact@v4 | |
with: | |
name: wasm-for-tests-${{ github.event.pull_request.head.sha|| github.sha }} | |
path: wasm_for_tests | |
- name: Download namada binaries | |
uses: actions/download-artifact@v4 | |
with: | |
name: binaries-${{ github.event.pull_request.head.sha || github.sha }} | |
path: ./target/release/ | |
- name: Download Hermes | |
run: | | |
HERMES_VERSION=$(cat .github/workflows/scripts/hermes.txt) | |
echo "Using hermes version: ${HERMES_VERSION}" | |
curl -o hermes.zip -LO https://github.com/heliaxdev/hermes/releases/download/v${HERMES_VERSION}/hermes-v${HERMES_VERSION}-x86_64-unknown-linux-gnu.zip | |
unzip hermes.zip | |
mv hermes /usr/local/bin | |
- name: Change permissions | |
run: | | |
chmod +x target/release/namada | |
chmod +x target/release/namadaw | |
chmod +x target/release/namadan | |
chmod +x target/release/namadac | |
chmod +x /usr/local/bin/hermes | |
- name: Run e2e test | |
id: e2e | |
run: python3 .github/workflows/scripts/schedule-e2e.py | |
env: | |
NAMADA_E2E_USE_PREBUILT_BINARIES: "true" | |
NAMADA_E2E_KEEP_TEMP: "true" | |
NAMADA_TM_STDOUT: "false" | |
NAMADA_LOG_COLOR: "false" | |
NAMADA_LOG: "info" | |
RUSTFLAGS: "-C linker=clang -C debug_assertions=true -C link-arg=-fuse-ld=/usr/local/bin/mold" | |
N_OF_MACHINES: 5 | |
INDEX: ${{ matrix.make.index }} | |
- name: Upload e2e logs | |
if: success() || steps.e2e.conclusion == 'failure' || steps.e2e.conclusion == 'success' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: logs-e2e-${{ matrix.make.index }}-${{ github.event.pull_request.head.sha || github.sha }} | |
path: | | |
/tmp/.*/logs/ | |
/tmp/.*/setup/validator-*/logs/ | |
/tmp/.*/setup/valiator-*/e2e-test.*/*.toml | |
retention-days: 5 | |
- name: Clean cargo cache | |
if: steps.cache.outputs.cache-hit != 'true' | |
run: cargo cache --autoclean-expensive | |
- name: Stop sccache | |
if: always() && steps.sccache.conclusion == 'success' | |
run: sccache --stop-server || true |