test: add empty active set deadlock and bootstrap tests for audit module #799
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Release Workflow | |
| on: | |
| push: | |
| paths-ignore: | |
| - '**.md' | |
| - 'docs/**' | |
| - '.gitignore' | |
| pull_request: | |
| branches: [ master ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: write | |
| packages: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| - name: Configure Git Safe Directory | |
| uses: ./.github/actions/configure-git | |
| - name: Setup Go | |
| id: setup-go | |
| uses: ./.github/actions/setup-go | |
| - name: Prepare Build Variables | |
| id: vars | |
| run: | | |
| set -euo pipefail | |
| repo_name=${GITHUB_REPOSITORY##*/} | |
| # Default behavior for branch / PR runs: use short commit SHA | |
| build_id=${GITHUB_SHA::7} | |
| is_tag=false | |
| if [[ "${GITHUB_REF}" == refs/tags/* ]]; then | |
| # Tagged release: switch identifier to the tag itself (e.g. v1.8.0) | |
| build_id="${GITHUB_REF#refs/tags/}" | |
| is_tag=true | |
| fi | |
| tarball_prefix="${repo_name}_${build_id}" | |
| echo "build_id=$build_id" >> $GITHUB_OUTPUT | |
| echo "tarball_prefix=${tarball_prefix}" >> $GITHUB_OUTPUT | |
| echo "is_tag=${is_tag}" >> $GITHUB_OUTPUT | |
| # Debug output | |
| echo "Output variables:" | |
| echo "- build_id: $build_id" | |
| echo "- tarball_prefix: ${tarball_prefix}" | |
| echo "- is_tag: ${is_tag}" | |
| - name: Install Ignite CLI | |
| uses: ./.github/actions/install-ignite | |
| with: | |
| version: v29.4.1 | |
| arch: linux_amd64 | |
| - name: Install wasmvm library | |
| uses: ./.github/actions/install-wasmvm | |
| - name: Install buf CLI | |
| run: | | |
| set -euo pipefail | |
| BUF_VERSION="$(go list -m -f '{{.Version}}' github.com/bufbuild/buf)" | |
| if [ -z "${BUF_VERSION}" ]; then | |
| echo "Failed to resolve github.com/bufbuild/buf version from go.mod" >&2 | |
| exit 1 | |
| fi | |
| go install "github.com/bufbuild/buf/cmd/buf@${BUF_VERSION}" | |
| - name: Build with Ignite CLI | |
| run: | | |
| buf --version | |
| buf generate --template proto/buf.gen.gogo.yaml --verbose | |
| buf generate --template proto/buf.gen.swagger.yaml --verbose | |
| ./ignite version | |
| ./ignite generate openapi --yes | |
| ./ignite chain build --clear-cache --skip-proto --release --release.prefix ${{ steps.vars.outputs.tarball_prefix }} -y -t linux:amd64 #-t darwin:amd64 -t darwin:arm64 -y | |
| env: | |
| DO_NOT_TRACK: 1 | |
| GOFLAGS: "-trimpath -buildvcs=false" | |
| CGO_LDFLAGS: "-Wl,-rpath,/usr/lib -Wl,--disable-new-dtags" | |
| # Fix permissions | |
| - name: Fix Release Directory Permissions | |
| run: | | |
| sudo chown -R $USER:$USER release/ | |
| sudo chmod -R 755 release/ | |
| - name: Package Release Artifacts | |
| run: | | |
| cd release | |
| tar_file=$(ls *.tar.gz) | |
| file_path=$(tar -tzf "$tar_file" | head -n 2 | grep -v '/$' | grep lumerad | sed 's|^/||') | |
| echo "Binary: $file_path" | |
| tar xzf "$tar_file" -C . | |
| ls -l "$file_path" | |
| mkdir -p temp | |
| mv "$file_path" temp/ | |
| ls -l temp/ | |
| rm "$tar_file" | |
| cp /usr/lib/libwasmvm.x86_64.so temp/ | |
| cat > temp/install.sh << 'EOF' | |
| #!/bin/bash | |
| if [ "$EUID" -ne 0 ]; then | |
| echo "Please run as root or with sudo" | |
| exit 1 | |
| fi | |
| cp lumerad /usr/local/bin | |
| cp libwasmvm.x86_64.so /usr/lib/ | |
| ldconfig | |
| echo "WASM library installed successfully" | |
| EOF | |
| chmod +x temp/install.sh | |
| cd temp | |
| tar czf "../$tar_file" ./* | |
| cd .. | |
| rm -rf temp | |
| tar tvf "$tar_file" | |
| sha256sum "$tar_file" > release_checksum | |
| - name: Upload Release Artifacts | |
| if: ${{ github.actor != 'nektos/act' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: release-artifacts | |
| path: release | |
| if-no-files-found: error | |
| release: | |
| needs: build | |
| if: ${{ (github.actor != 'nektos/act') && startsWith(github.ref, 'refs/tags/v') && (github.ref_type == 'tag') && contains(github.ref, '.') && contains(github.ref, 'v') }} | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get tag information | |
| id: tag_info | |
| run: | | |
| # Get the tag name | |
| TAG_NAME="${GITHUB_REF#refs/tags/}" | |
| echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT | |
| # Get the tag message | |
| TAG_MESSAGE=$(git tag -l --format='%(contents)' $TAG_NAME) | |
| # If tag message is empty, use the tag name as message | |
| if [ -z "$TAG_MESSAGE" ]; then | |
| TAG_MESSAGE="Release $TAG_NAME" | |
| fi | |
| # Handle multiline tag messages | |
| TAG_MESSAGE="${TAG_MESSAGE//'%'/'%25'}" | |
| TAG_MESSAGE="${TAG_MESSAGE//$'\n'/'%0A'}" | |
| TAG_MESSAGE="${TAG_MESSAGE//$'\r'/'%0D'}" | |
| echo "tag_message=$TAG_MESSAGE" >> $GITHUB_OUTPUT | |
| # Get the annotated tag commit | |
| TAG_COMMIT=$(git rev-list -n 1 $TAG_NAME) | |
| echo "tag_commit=$TAG_COMMIT" >> $GITHUB_OUTPUT | |
| # Debug output | |
| echo "Tag name: $TAG_NAME" | |
| echo "Tag commit: $TAG_COMMIT" | |
| echo "Tag message:" | |
| git tag -l --format='%(contents)' $TAG_NAME | |
| - name: Prepare Release Variables | |
| id: vars | |
| run: | | |
| repo_name=${GITHUB_REPOSITORY##*/} | |
| echo "tarball_prefix=${repo_name}_${{ steps.tag_info.outputs.tag_name }}" >> $GITHUB_OUTPUT | |
| - name: Download Release Artifacts | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: release-artifacts | |
| path: release | |
| - name: Inspect Release Artifacts | |
| run: | | |
| ls -R release | |
| - name: Publish the Release | |
| uses: softprops/action-gh-release@v2 | |
| if: success() | |
| with: | |
| tag_name: ${{ steps.tag_info.outputs.tag_name }} | |
| files: release/* | |
| prerelease: ${{ contains(steps.tag_info.outputs.tag_name, '-beta') }} | |
| generate_release_notes: false | |
| body: | | |
| ${{ steps.tag_info.outputs.tag_message }} | |
| Tag: ${{ steps.tag_info.outputs.tag_name }} | |
| Commit: ${{ steps.tag_info.outputs.tag_commit }} | |
| Installation: | |
| 1. Extract the archive | |
| 2. Run `sudo ./install.sh` to install required libraries | |
| 3. Run the binary: `./lumerad` | |
| token: ${{ secrets.GITHUB_TOKEN }} |