Skip to content

Commit

Permalink
ci: move to Nix
Browse files Browse the repository at this point in the history
ci: update Flake.lock automatically

ci: test electrsd with optional download

ci: bitcoind no download option for Nix build

ci: esplora pkg

same setup as fedimint

fix(readme): add explainer about external deps

ci: add cachix cache

ci(nix): add rust audit capabilities

ci: WASM checks

ci(nix): add code coverage

ci(nix): add rust nightly docs

ci(nix): pre-commit-checks with typos fixed

chore: add Nix instructions

ci: move to DeterminateSystems/magic-nix-cache-action

ci(nix): pin crane

ci: remove `--keep-failed` in CI

ci(nix): refactor checks

ci: use cargo ci profile for build deps

refactor(nix): libsDarwin inline check

ci: update flake.lock
  • Loading branch information
realeinherjar committed Nov 17, 2023
1 parent cc552c5 commit 41fab99
Show file tree
Hide file tree
Showing 26 changed files with 5,723 additions and 256 deletions.
19 changes: 0 additions & 19 deletions .github/workflows/audit.yml

This file was deleted.

68 changes: 26 additions & 42 deletions .github/workflows/code_coverage.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,52 +6,36 @@ jobs:
Codecov:
name: Code Coverage
runs-on: ubuntu-latest
env:
RUSTFLAGS: "-Cinstrument-coverage"
RUSTDOCFLAGS: "-Cinstrument-coverage"
LLVM_PROFILE_FILE: "./target/coverage/%p-%m.profraw"

steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install lcov tools
run: sudo apt-get install lcov -y
- name: Install Rust toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
profile: minimal
components: llvm-tools-preview
- name: Rust Cache
uses: Swatinem/[email protected]
- name: Install grcov
run: if [[ ! -e ~/.cargo/bin/grcov ]]; then cargo install grcov; fi
# TODO: re-enable the hwi tests
- name: Build simulator image
run: docker build -t hwi/ledger_emulator ./ci -f ci/Dockerfile.ledger
- name: Run simulator image
run: docker run --name simulator --network=host hwi/ledger_emulator &
- name: Install Python
uses: actions/setup-python@v4
with:
python-version: '3.9'
- name: Install python dependencies
run: pip install hwi==2.1.1 protobuf==3.20.1
- name: Test
run: cargo test --all-features
- name: Make coverage directory
run: mkdir coverage
- name: Run grcov
run: grcov . --binary-path ./target/debug/ -s . -t lcov --branch --ignore-not-existing --keep-only '**/crates/**' --ignore '**/tests/**' --ignore '**/examples/**' -o ./coverage/lcov.info
- name: Generate HTML coverage report
run: genhtml -o coverage-report.html --ignore-errors source ./coverage/lcov.info
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v5
# Cache Nix artifacts
- uses: DeterminateSystems/magic-nix-cache-action@v2
# Code Coverage
- name: Code Coverage
run: nix build -L .#ci.codeCoverage
- name: Ensure lcov.info exists
# it is result because of the $out in Nix
run: |
test -f result
cp result lcov.info
ls -lah lcov.info
- name: Coveralls upload
uses: coverallsapp/github-action@master
uses: coverallsapp/github-action@v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Upload artifact
uses: actions/upload-artifact@v2
file: ./lcov.info
format: lcov
allow-empty: true
fail-on-error: true
compare-ref: ${{ github.base_ref }}
compare-sha: ${{ github.event.pull_request.base.sha}}
- name: Generate HTML coverage report
run: nix develop -L .#lcov --command bash -c "genhtml -o coverage-report.html --ignore-errors source lcov.info"
- name: Upload HTML coverage report
uses: actions/upload-artifact@v3
with:
name: coverage-report
path: coverage-report.html
246 changes: 120 additions & 126 deletions .github/workflows/cont_integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,143 +4,137 @@ name: CI

jobs:

build-test:
name: Build and test
self-care:
name: Flake self-check
runs-on: ubuntu-latest
strategy:
matrix:
rust:
- version: stable
clippy: true
- version: 1.57.0 # MSRV
features:
- --no-default-features
- --all-features
steps:
- name: checkout
uses: actions/checkout@v2
- name: Install Rust toolchain
uses: actions-rs/toolchain@v1
- uses: actions/checkout@v4
- name: Check Nix flake inputs
uses: DeterminateSystems/flake-checker-action@v5
with:
toolchain: ${{ matrix.rust.version }}
override: true
profile: minimal
- name: Rust Cache
uses: Swatinem/[email protected]
- name: Pin dependencies for MSRV
if: matrix.rust.version == '1.57.0'
run: |
cargo update -p log --precise "0.4.18"
cargo update -p tempfile --precise "3.6.0"
cargo update -p rustls:0.21.8 --precise "0.21.1"
cargo update -p rustls:0.20.9 --precise "0.20.8"
cargo update -p tokio --precise "1.29.1"
cargo update -p tokio-util --precise "0.7.8"
cargo update -p flate2 --precise "1.0.26"
cargo update -p reqwest --precise "0.11.18"
cargo update -p h2 --precise "0.3.20"
cargo update -p rustls-webpki:0.100.3 --precise "0.100.1"
cargo update -p rustls-webpki:0.101.7 --precise "0.101.1"
cargo update -p zip --precise "0.6.2"
cargo update -p time --precise "0.3.13"
cargo update -p byteorder --precise "1.4.3"
cargo update -p webpki --precise "0.22.2"
cargo update -p os_str_bytes --precise 6.5.1
cargo update -p sct --precise 0.7.0
cargo update -p cc --precise "1.0.81"
cargo update -p jobserver --precise "0.1.26"
- name: Build
run: cargo build ${{ matrix.features }}
- name: Test
run: cargo test ${{ matrix.features }}
fail-mode: true

check-no-std:
name: Check no_std
pre-commit-checks:
name: "Pre-commit checks: typos, pgp-signed and conventional commits"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install Rust toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
profile: minimal
# target: "thumbv6m-none-eabi"
- name: Rust Cache
uses: Swatinem/[email protected]
- name: Check bdk_chain
working-directory: ./crates/chain
# TODO "--target thumbv6m-none-eabi" should work but currently does not
run: cargo check --no-default-features --features bitcoin/no-std,miniscript/no-std,hashbrown
- name: Check bdk
working-directory: ./crates/bdk
# TODO "--target thumbv6m-none-eabi" should work but currently does not
run: cargo check --no-default-features --features bitcoin/no-std,miniscript/no-std,bdk_chain/hashbrown
- name: Check esplora
working-directory: ./crates/esplora
# TODO "--target thumbv6m-none-eabi" should work but currently does not
run: cargo check --no-default-features --features bitcoin/no-std,miniscript/no-std,bdk_chain/hashbrown
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v5
# Cache Nix artifacts
- uses: DeterminateSystems/magic-nix-cache-action@v2
# Commit checks
- name: Pre-commit checks
run: nix build -L .#ci.pre-commit-check

check-wasm:
name: Check WASM
runs-on: ubuntu-20.04
env:
CC: clang-10
CFLAGS: -I/usr/include
rustfmt:
name: rustfmt
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
# Install a recent version of clang that supports wasm32
- run: wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - || exit 1
- run: sudo apt-get update || exit 1
- run: sudo apt-get install -y libclang-common-10-dev clang-10 libc6-dev-i386 || exit 1
- name: Install Rust toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
profile: minimal
target: "wasm32-unknown-unknown"
- name: Rust Cache
uses: Swatinem/[email protected]
- name: Check bdk
working-directory: ./crates/bdk
run: cargo check --target wasm32-unknown-unknown --no-default-features --features bitcoin/no-std,miniscript/no-std,bdk_chain/hashbrown,dev-getrandom-wasm
- name: Check esplora
working-directory: ./crates/esplora
run: cargo check --target wasm32-unknown-unknown --no-default-features --features bitcoin/no-std,miniscript/no-std,bdk_chain/hashbrown,async
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v5
# Cache Nix artifacts
- uses: DeterminateSystems/magic-nix-cache-action@v2
# Rustfmt
- name: Rustfmt
run: nix build -L .#ci.fmt

fmt:
name: Rust fmt
clippy:
name: clippy
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install Rust toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
profile: minimal
components: rustfmt
- name: Check fmt
run: cargo fmt --all -- --config format_code_in_doc_comments=true --check
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v5
# Cache Nix artifacts
- uses: DeterminateSystems/magic-nix-cache-action@v2
# Clippy
- name: Clippy
run: nix build -L .#ci.clippy

clippy_check:
test-latest:
name: Build, test, check latest Rust
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions-rs/toolchain@v1
with:
# we pin clippy instead of using "stable" so that our CI doesn't break
# at each new cargo release
toolchain: "1.67.0"
components: clippy
override: true
- name: Rust Cache
uses: Swatinem/[email protected]
- uses: actions-rs/clippy-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
args: --all-features --all-targets -- -D warnings
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v5
# Cache Nix artifacts
- uses: DeterminateSystems/magic-nix-cache-action@v2
# Cache Builds
- name: Build and Cache latest Rust
run: nix build -L .
# Tests: latest
- name: Test workspace all-features latest
run: nix build -L .#ci.latest.all
- name: Test workspace no-default-features latest
run: nix build -L .#ci.latest.noDefault
- name: Test bdk no-std latest
run: nix build -L .#ci.latest.noStdBdk
- name: Test bdk_chain no-std latest
run: nix build -L .#ci.latest.noStdChain
- name: Test bdk_esplora no-std latest
run: nix build -L .#ci.latest.noStdEsplora

test-MSRV:
name: Build, test, check MSRV
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v5
# Cache Nix artifacts
- uses: DeterminateSystems/magic-nix-cache-action@v2
# Cache Builds
- name: Build and Cache MSRV
run: nix build -L .#MSRV
# Tests: MSRV
- name: Test workspace all-features MSRV
run: nix build -L .#ci.MSRV.all
- name: Test workspace no-default-features MSRV
run: nix build -L .#ci.MSRV.noDefault
- name: Test bdk no-std MSRV
run: nix build -L .#ci.MSRV.noStdBdk
- name: Test bdk_chain no-std MSRV
run: nix build -L .#ci.MSRV.noStdChain
- name: Test bdk_esplora no-std MSRV
run: nix build -L .#ci.MSRV.noStdEsplora

check-WASM:
name: Build and check WASM
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v5
# Cache Nix artifacts
- uses: DeterminateSystems/magic-nix-cache-action@v2
# Cache Builds
- name: Build and Cache WASM
run: nix build -L .#WASM
# Checks: WASM
- name: Check bdk WASM
run: nix build -L .#ci.WASM.bdk
- name: Check bdk_esplora WASM
run: nix build -L .#ci.WASM.esplora

audit:
name: Audit based on rustsec/advisory-db
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v5
# Cache Nix artifacts
- uses: DeterminateSystems/magic-nix-cache-action@v2
# Audit
- name: Audit
run: nix build -L .#ci.audit
Loading

0 comments on commit 41fab99

Please sign in to comment.