From 110da921a6d2842dec8e7dd34f8a2f4132000a94 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Mon, 23 Sep 2024 18:03:56 +0200 Subject: [PATCH 01/13] chore: make build-ledger --- Makefile | 4 ++++ README.md | 8 +++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 2873caa1..db6a4c41 100644 --- a/Makefile +++ b/Makefile @@ -27,6 +27,10 @@ REQUIRE_GO_VERSION = 1.21 export GO111MODULE = on export CGO_ENABLED = 0 +build-ledger: check_version go.sum $(BUILDDIR)/ + @echo "WARNING: Ledger build involves enabling cgo, which disables the ability to have reproducible builds." + CGO_ENABLED=1 go build -mod=readonly $(BUILD_FLAGS) $(BUILD_ARGS) -o $(BUILDDIR)/ ./... + # process build tags build_tags = netgo diff --git a/README.md b/README.md index 267d2cec..a28747d8 100644 --- a/README.md +++ b/README.md @@ -12,10 +12,16 @@ The following modifications have been made to the Cosmos Hub software to create 5. Changed Bech32 prefixes to `atone` (see `cmd/atomoned/cmd/config.go`) 6. Removed ability for validators to vote on proposals with delegations, they can only use their own stake -## Reproducible builds (TODO) +## Reproducible builds An effort has been made to make it possible to build the exact same binary locally as the Github Release section. To do this, checkout to the expected version and then simply run `make build` (which will output the binary to the `build` directory) or `make install`. The resulted binary should have the same sha256 hash than the one from the Github Release section. + +## Ledger support + +Run `make build-ledger` to have ledger support in `./build/atomoned` binary. +Note that this will disable reproducible builds, as it introduces OS +dependencies. From 713336f8b29ac27bb7a11ccfdef392950a23c5f8 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Mon, 23 Sep 2024 18:13:54 +0200 Subject: [PATCH 02/13] fix gh release action --- .github/workflows/release.yml | 2 +- .goreleaser.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 205994bf..e6c93780 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -30,6 +30,6 @@ jobs: uses: goreleaser/goreleaser-action@v5 with: version: latest - args: release --clean --release-notes ./RELEASE_NOTES.md + args: release --clean env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.goreleaser.yml b/.goreleaser.yml index 51d5da2d..98476c7e 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -53,7 +53,7 @@ snapshot: name_template: "{{ .Version }}-{{ .ShortCommit }}" changelog: - skip: false + disable: true git: # What should be used to sort tags when gathering the current and previous From 6e13a5de6fa9b98a3e177729108ccbfa835130af Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Mon, 23 Sep 2024 20:08:42 +0200 Subject: [PATCH 03/13] fix bad formatted makefile --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index db6a4c41..7bbccebb 100644 --- a/Makefile +++ b/Makefile @@ -28,8 +28,8 @@ export GO111MODULE = on export CGO_ENABLED = 0 build-ledger: check_version go.sum $(BUILDDIR)/ - @echo "WARNING: Ledger build involves enabling cgo, which disables the ability to have reproducible builds." - CGO_ENABLED=1 go build -mod=readonly $(BUILD_FLAGS) $(BUILD_ARGS) -o $(BUILDDIR)/ ./... + @echo "WARNING: Ledger build involves enabling cgo, which disables the ability to have reproducible builds." + CGO_ENABLED=1 go build -mod=readonly $(BUILD_FLAGS) $(BUILD_ARGS) -o $(BUILDDIR)/ ./... # process build tags From 83cfefbfb8d12fd4e04f5ac7f779656613726ac6 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Tue, 24 Sep 2024 11:11:13 +0200 Subject: [PATCH 04/13] downgrade go --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e6c93780..e7f72ab5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: - uses: actions/setup-go@v5 with: - go-version: "1.21" + go-version: "1.20" - name: Set Env run: echo "TM_VERSION=$(go list -m github.com/tendermint/tendermint | sed 's:.* ::')" >> $GITHUB_ENV From fc4722f3969d78c2165c98e35c6622b19d945998 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Tue, 24 Sep 2024 11:32:41 +0200 Subject: [PATCH 05/13] Revert "downgrade go" This reverts commit 83cfefbfb8d12fd4e04f5ac7f779656613726ac6. --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e7f72ab5..e6c93780 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: - uses: actions/setup-go@v5 with: - go-version: "1.20" + go-version: "1.21" - name: Set Env run: echo "TM_VERSION=$(go list -m github.com/tendermint/tendermint | sed 's:.* ::')" >> $GITHUB_ENV From cfdf618f8bed9d39fe8ee192a00c5d5e45989fa2 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Tue, 24 Sep 2024 11:39:44 +0200 Subject: [PATCH 06/13] downgrade setup-go --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e6c93780..1baef92e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: fetch-depth: 0 - run: git fetch --force --tags - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v4 with: go-version: "1.21" From 869120ae6902013560f001e28dc644982b82ba4c Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Tue, 24 Sep 2024 11:44:52 +0200 Subject: [PATCH 07/13] fix set TM_VERSION --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1baef92e..bb62ef1e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,12 +19,12 @@ jobs: fetch-depth: 0 - run: git fetch --force --tags - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: "1.21" - name: Set Env - run: echo "TM_VERSION=$(go list -m github.com/tendermint/tendermint | sed 's:.* ::')" >> $GITHUB_ENV + run: echo "TM_VERSION=$(go list -m github.com/cometbft/cometbft | sed 's:.* ::')" >> $GITHUB_ENV - name: Release uses: goreleaser/goreleaser-action@v5 From d9e73f7802fd52b2f2bf803c7c7d85e60f36254a Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Tue, 24 Sep 2024 15:16:36 +0200 Subject: [PATCH 08/13] try with full go version --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bb62ef1e..d5bd6ad7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: - uses: actions/setup-go@v5 with: - go-version: "1.21" + go-version: "1.21.13" - name: Set Env run: echo "TM_VERSION=$(go list -m github.com/cometbft/cometbft | sed 's:.* ::')" >> $GITHUB_ENV From 3cd2079ec3f8b635f5c30eeeff2056e867ae2056 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Tue, 24 Sep 2024 15:30:45 +0200 Subject: [PATCH 09/13] attempt to share constant for go version --- .github/workflows/release.yml | 4 +++- Makefile | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d5bd6ad7..50427e87 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,10 +18,12 @@ jobs: with: fetch-depth: 0 - run: git fetch --force --tags + - name: Set Go version + run: echo "GO_VERSION=$(make required_go_version_full)" >> $GITHUB_ENV - uses: actions/setup-go@v5 with: - go-version: "1.21.13" + go-version: $GO_VERSION - name: Set Env run: echo "TM_VERSION=$(go list -m github.com/cometbft/cometbft | sed 's:.* ::')" >> $GITHUB_ENV diff --git a/Makefile b/Makefile index 7bbccebb..0464cba7 100644 --- a/Makefile +++ b/Makefile @@ -23,6 +23,7 @@ TEST_DOCKER_REPO=cosmos/contrib-atomonetest GO_SYSTEM_VERSION = $(shell go version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f1-2) REQUIRE_GO_VERSION = 1.21 +REQUIRE_GO_VERSION_FULL = 1.21.13 export GO111MODULE = on export CGO_ENABLED = 0 @@ -101,6 +102,9 @@ include contrib/devtools/Makefile ### Build ### ############################################################################### +required_go_version_full: + @echo $(REQUIRE_GO_VERSION_FULL) + check_version: ifneq ($(GO_SYSTEM_VERSION), $(REQUIRE_GO_VERSION)) @echo "ERROR: Go version $(REQUIRE_GO_VERSION) is required for $(VERSION) of AtomOne." From 2fa6036fc2fa8bacf54504ea5f814f3cee4e91f1 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Tue, 24 Sep 2024 15:32:30 +0200 Subject: [PATCH 10/13] attempt 2 --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 50427e87..c30aa194 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: - uses: actions/setup-go@v5 with: - go-version: $GO_VERSION + go-version: "$GO_VERSION" - name: Set Env run: echo "TM_VERSION=$(go list -m github.com/cometbft/cometbft | sed 's:.* ::')" >> $GITHUB_ENV From 0eb17ba1922c8e3c65528cc2eb5765fcdde3ac66 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Tue, 24 Sep 2024 15:34:02 +0200 Subject: [PATCH 11/13] attempt 3 --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c30aa194..6fb3fe4b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: - uses: actions/setup-go@v5 with: - go-version: "$GO_VERSION" + go-version: "${{ env.GO_VERSION }}" - name: Set Env run: echo "TM_VERSION=$(go list -m github.com/cometbft/cometbft | sed 's:.* ::')" >> $GITHUB_ENV From 74a6299ed5d842ef0376c8c55fb0f57562e34291 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Tue, 24 Sep 2024 17:26:14 +0200 Subject: [PATCH 12/13] chore: reinforce go version for building AtomOne Require precisely go1.21.13 to enable reproducible builds with CI. Store version 1.21.13 in Makefile and make it available for CI. --- .github/workflows/release.yml | 5 +++-- Makefile | 24 ++++++++++++++---------- 2 files changed, 17 insertions(+), 12 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6fb3fe4b..8d988660 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,8 +18,9 @@ jobs: with: fetch-depth: 0 - run: git fetch --force --tags - - name: Set Go version - run: echo "GO_VERSION=$(make required_go_version_full)" >> $GITHUB_ENV + + - name: Set go version + run: echo "GO_VERSION=$(make print_required_go_version)" >> $GITHUB_ENV - uses: actions/setup-go@v5 with: diff --git a/Makefile b/Makefile index 0464cba7..2d44a0a6 100644 --- a/Makefile +++ b/Makefile @@ -21,17 +21,12 @@ DOCKER := $(shell which docker) BUILDDIR ?= $(CURDIR)/build TEST_DOCKER_REPO=cosmos/contrib-atomonetest -GO_SYSTEM_VERSION = $(shell go version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f1-2) -REQUIRE_GO_VERSION = 1.21 -REQUIRE_GO_VERSION_FULL = 1.21.13 +GO_SYSTEM_VERSION = $(shell go version | cut -c 14- | cut -d' ' -f1) +REQUIRE_GO_VERSION = 1.21.13 export GO111MODULE = on export CGO_ENABLED = 0 -build-ledger: check_version go.sum $(BUILDDIR)/ - @echo "WARNING: Ledger build involves enabling cgo, which disables the ability to have reproducible builds." - CGO_ENABLED=1 go build -mod=readonly $(BUILD_FLAGS) $(BUILD_ARGS) -o $(BUILDDIR)/ ./... - # process build tags build_tags = netgo @@ -102,12 +97,17 @@ include contrib/devtools/Makefile ### Build ### ############################################################################### -required_go_version_full: - @echo $(REQUIRE_GO_VERSION_FULL) +print_required_go_version: + @echo $(REQUIRE_GO_VERSION) check_version: ifneq ($(GO_SYSTEM_VERSION), $(REQUIRE_GO_VERSION)) - @echo "ERROR: Go version $(REQUIRE_GO_VERSION) is required for $(VERSION) of AtomOne." + @echo 'ERROR: Go version $(REQUIRE_GO_VERSION) is required for building AtomOne' + @echo '--> You can install it using:' + @echo 'go install golang.org/dl/go$(REQUIRE_GO_VERSION)@latest && go$(REQUIRE_GO_VERSION) download' + @echo '--> Then prefix your make command with:' + @echo 'GOROOT=$$(go$(REQUIRE_GO_VERSION) env GOROOT) PATH=$$GOROOT/bin:$$PATH' + exit 1 endif all: install lint run-tests test-e2e vulncheck @@ -119,6 +119,10 @@ build: BUILD_ARGS=-o $(BUILDDIR)/ $(BUILD_TARGETS): check_version go.sum $(BUILDDIR)/ go $@ -mod=readonly $(BUILD_FLAGS) $(BUILD_ARGS) ./... +build-ledger: go.sum $(BUILDDIR)/ + @echo "WARNING: Ledger build involves enabling cgo, which disables the ability to have reproducible builds." + CGO_ENABLED=1 go build -mod=readonly $(BUILD_FLAGS) $(BUILD_ARGS) -o $(BUILDDIR)/ ./... + $(BUILDDIR)/: mkdir -p $(BUILDDIR)/ From d13bc863075680432341607fb1af7a7b1d845684 Mon Sep 17 00:00:00 2001 From: Thomas Bruyelle Date: Wed, 25 Sep 2024 10:57:15 +0200 Subject: [PATCH 13/13] doc: mention the fixed go binary version in README --- README.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index a28747d8..abf43b50 100644 --- a/README.md +++ b/README.md @@ -15,10 +15,13 @@ The following modifications have been made to the Cosmos Hub software to create ## Reproducible builds An effort has been made to make it possible to build the exact same binary -locally as the Github Release section. To do this, checkout to the expected -version and then simply run `make build` (which will output the binary to the -`build` directory) or `make install`. The resulted binary should have the same -sha256 hash than the one from the Github Release section. +locally as the Github Release section. To do this: +- Checkout to the expected released version +- Run `make build` (which will output the binary to the `build` directory) or +`make install`. Note that a fixed version of the `go` binary is required, +follow the command instructions to install this specific version if needed. +- The resulted binary should have the same sha256 hash than the one from the +Github Release section. ## Ledger support