fix: bump to latest cometbft #74
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Nolus-Core | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - "**" # any branch | |
| tags: | |
| # triggers the final 'release' job | |
| - "v*.*.*" # this is protected tag pattern | |
| env: | |
| VERSION_TAG: ${{ github.ref_name }} | |
| ARTIFACT_BIN: "nolus.tar.gz" | |
| CHECKSUM_FILE: "sha256sum.txt" | |
| METADATA_FILE: "${{ github.ref_name }}_binaries.json" | |
| # docker images | |
| CONTAINER_REGISTRY: ghcr.io | |
| BUILDER_IMAGE_TAG: "1.23.0" | |
| BUILDER_IMAGE_NAME: "builder" | |
| BUILDER_DOCKERFILE: ".github/images/builder.Dockerfile" | |
| PROTOGEN_IMAGE_TAG: "0.2.0" | |
| PROTOGEN_IMAGE_NAME: "protogen" | |
| PROTOGEN_DOCKERFILE: ".github/images/protogen.Dockerfile" | |
| permissions: | |
| contents: read | |
| jobs: | |
| protogen-image: | |
| name: Ensure protogen image exists | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| outputs: | |
| tag: ${{ steps.ensure.outputs.tag }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: "./.github/actions/ensure-docker-image" | |
| id: ensure | |
| with: | |
| gh-token: ${{ secrets.GITHUB_TOKEN }} | |
| dockerfile: ${{ env.PROTOGEN_DOCKERFILE }} | |
| image-name: ${{ env.PROTOGEN_IMAGE_NAME }} | |
| image-tag: ${{ env.PROTOGEN_IMAGE_TAG }} | |
| proto-lint: | |
| name: Lint protobuf files | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: bufbuild/[email protected] | |
| - uses: bufbuild/buf-lint-action@v1 | |
| with: | |
| input: "proto" | |
| proto-break-check: | |
| name: Detect protobuf breaking changes | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: bufbuild/[email protected] | |
| - uses: bufbuild/[email protected] | |
| with: | |
| input: "proto" | |
| against: "https://github.com/${{ github.repository }}.git#branch=main,ref=HEAD~1,subdir=proto" | |
| builder-image: | |
| name: Ensure builder image exists | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| outputs: | |
| tag: ${{ steps.ensure.outputs.tag }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: "./.github/actions/ensure-docker-image" | |
| id: ensure | |
| with: | |
| gh-token: ${{ secrets.GITHUB_TOKEN }} | |
| dockerfile: ${{ env.BUILDER_DOCKERFILE }} | |
| image-name: ${{ env.BUILDER_IMAGE_NAME }} | |
| image-tag: ${{ env.BUILDER_IMAGE_TAG }} | |
| golang-lint: | |
| name: Lint Go files | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.23 | |
| cache: false | |
| - uses: actions/checkout@v4 | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@v6 | |
| with: | |
| version: v1.61.0 | |
| # Optional: if set to true, then all caching functionality will be completely disabled, | |
| # takes precedence over all other caching options. | |
| skip-cache: true | |
| # Optional: The mode to install golangci-lint. It can be 'binary' or 'goinstall'. | |
| install-mode: "goinstall" | |
| test-unit: | |
| name: Run unit tests | |
| runs-on: ubuntu-latest | |
| needs: [golang-lint, builder-image, protogen-image, proto-lint, proto-break-check] | |
| steps: | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.23 | |
| cache: false | |
| - uses: actions/checkout@v4 | |
| - run: | | |
| make test-unit | |
| - name: Archive code coverage results | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-results-out | |
| path: | | |
| cover.out | |
| retention-days: 1 | |
| test-unit-coverage: | |
| name: Code coverage reports | |
| needs: test-unit | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: 1.23 | |
| cache: false | |
| - uses: actions/checkout@v4 | |
| - name: Download coverage result | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: coverage-results-out | |
| - run: | | |
| make test-unit-coverage | |
| make test-unit-coverage-report | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-reports | |
| path: | | |
| coverage.xml | |
| coverage.html | |
| build-binary: | |
| name: Build binary | |
| runs-on: ubuntu-latest | |
| needs: [test-unit-coverage, builder-image] | |
| container: | |
| # image name needs to be hardcoded: https://github.com/orgs/community/discussions/26324 | |
| image: "ghcr.io/nolus-protocol/nolus-core/builder:1.23.0" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # This is to fix GIT not liking owner of the checkout dir | |
| # Happens when executing not into the default container | |
| - name: Set ownership | |
| run: | | |
| chown -R $(id -u):$(id -g) $PWD | |
| - name: Run build binary | |
| run: | | |
| make build | |
| echo "Ensuring binary is statically linked ..." | |
| file target/release/nolusd | grep "statically linked" | |
| - name: Prepare binary tar | |
| run: | | |
| tar -C target/release/ -czvf $ARTIFACT_BIN . | |
| - name: Upload binary tar | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: nolusd-tar-${{ env.VERSION_TAG }} | |
| path: ${{ env.ARTIFACT_BIN }} | |
| - name: Upload binary | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: nolusd-${{ env.VERSION_TAG }} | |
| path: target/release/nolusd | |
| # Add metadata for cosmovisor | |
| add-meta: | |
| name: Add metadata | |
| runs-on: ubuntu-latest | |
| needs: build-binary | |
| steps: | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| - name: Get binary checksum | |
| run: | | |
| CHECKSUM=$(shasum -a 256 nolusd-"${VERSION_TAG}"/nolusd) | |
| echo "$CHECKSUM" > $CHECKSUM_FILE | |
| HASH=$(echo "$CHECKSUM" | cut -d' ' -f1) | |
| JSON="{\"binaries\": {\"linux/amd64\": \"https://github.com/nolus-protocol/nolus-core/releases/download/${VERSION_TAG}/nolusd?checksum=sha256:$HASH\"}}" | |
| echo $JSON > $METADATA_FILE | |
| - name: Upload metadata | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: metadata | |
| path: | | |
| ${{ env.METADATA_FILE }} | |
| ${{ env.CHECKSUM_FILE }} | |
| # Drafts a Github release | |
| # Only tags which match the protected tag pattern will trigger this job | |
| # Tag pattern: v*.*.* | |
| release: | |
| name: Draft release | |
| if: github.ref_type == 'tag' | |
| runs-on: ubuntu-latest | |
| needs: add-meta | |
| permissions: write-all | |
| steps: | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| - name: Display structure of downloaded files | |
| run: ls -R | |
| # temporary using commit as version until it is merged. Updates node version v12 -> v16 | |
| - uses: "marvinpinto/action-automatic-releases@6273874b61ebc8c71f1a61b2d98e234cf389b303" | |
| with: | |
| repo_token: "${{ secrets.GITHUB_TOKEN }}" | |
| prerelease: false | |
| draft: true | |
| files: | | |
| nolusd-tar-${{ env.VERSION_TAG }} | |
| nolusd-${{ env.VERSION_TAG }} | |
| metadata |