Skip to content

Static Build

Static Build #9

Workflow file for this run

name: Static Build
on:
push:
branches:
- main
- release-*
- nix*
tags:
# YYYYMMDD
- "20[0-9][0-9][0-1][0-9][0-3][0-9]*"
schedule:
- cron: "0 0 * * 1"
pull_request:
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
static-build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
arch:
- amd
- arm
steps:
- name: Prepare AMD
if: ${{ matrix.arch == 'amd' }}
run: |
echo "TARGET_TRIPLET=x86_64-unknown-linux-musl" >> $GITHUB_ENV
echo "DEVSHELL=.#crossShell" >> $GITHUB_ENV
- name: Prepare ARM
if: ${{ matrix.arch == 'arm' }}
run: |
echo "TARGET_TRIPLET=aarch64-unknown-linux-musl" >> $GITHUB_ENV
echo "DEVSHELL=.#armCrossShell" >> $GITHUB_ENV
- name: Checkout Repository
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v26
- name: Enable Cachix
uses: cachix/cachix-action@v14
# If PR is from a non-collaborator (e. g. dependabot) the secrets are missing and the login to cachix fails.
continue-on-error: true
with:
name: espresso-systems-private
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
extraPullNames: nix-community
skipPush: ${{ github.actor == 'dependabot[bot]' }}
- name: Enable Rust Cache
uses: Swatinem/rust-cache@v2
with:
key: "v1-${{ matrix.arch }}"
- name: Initialize Nix Environment
run: |
nix develop $DEVSHELL --accept-flake-config --option sandbox relaxed -c echo Nix Setup Complete
nix develop $DEVSHELL --accept-flake-config --option sandbox relaxed -c sh -c 'echo "CARGO_TARGET_DIR=$CARGO_TARGET_DIR"' | tee -a $GITHUB_ENV
- name: Compile all executables
# timeout-minutes: 120
run: |
nix develop $DEVSHELL --accept-flake-config --option sandbox relaxed -c cargo build --release
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: ${{ env.TARGET_TRIPLET }}-services
path: |
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/orchestrator
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/web-server
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/state-relay-server
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/state-prover
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/sequencer
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/cli
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/commitment-task
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/submit-transactions
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/reset-storage
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/deploy
${{ env.CARGO_TARGET_DIR }}/${{ env.TARGET_TRIPLET }}/release/keygen
static-dockers:
runs-on: ubuntu-latest
needs: static-build
steps:
- name: Checkout Repository
uses: actions/checkout@v4
with:
submodules: recursive
- name: Download executables AMD
uses: actions/download-artifact@v3
with:
name: x86_64-unknown-linux-musl-services
path: target/amd64/release
- name: Download executables ARM
uses: actions/download-artifact@v3
with:
name: aarch64-unknown-linux-musl-services
path: target/arm64/release
- name: Setup Docker BuildKit (buildx)
uses: docker/setup-buildx-action@v3
- name: Login to Github Container Repo
uses: docker/login-action@v3
if: github.event_name != 'pull_request'
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate sequencer docker metadata
uses: docker/metadata-action@v5
id: sequencer
with:
images: ghcr.io/espressosystems/espresso-sequencer/sequencer
flavor: suffix=musl
- name: Generate web-server docker metadata
uses: docker/metadata-action@v5
id: web-server
with:
images: ghcr.io/espressosystems/espresso-sequencer/web-server
flavor: suffix=musl
- name: Generate state-relay-server docker metadata
uses: docker/metadata-action@v5
id: state-relay-server
with:
images: ghcr.io/espressosystems/espresso-sequencer/state-relay-server
flavor: suffix=musl
- name: Generate prover-service docker metadata
uses: docker/metadata-action@v5
id: prover-service
with:
images: ghcr.io/espressosystems/espresso-sequencer/prover-service
flavor: suffix=musl
- name: Generate orchestrator docker metadata
uses: docker/metadata-action@v5
id: orchestrator
with:
images: ghcr.io/espressosystems/espresso-sequencer/orchestrator
flavor: suffix=musl
- name: Generate commitment task docker metadata
uses: docker/metadata-action@v5
id: commitment-task
with:
images: ghcr.io/espressosystems/espresso-sequencer/commitment-task
flavor: suffix=musl
- name: Generate submit-transactions docker metadata
uses: docker/metadata-action@v5
id: submit-transactions
with:
images: ghcr.io/espressosystems/espresso-sequencer/submit-transactions
flavor: suffix=musl
- name: Generate deploy rollup metadata
uses: docker/metadata-action@v5
id: deploy
with:
images: ghcr.io/espressosystems/espresso-sequencer/deploy
flavor: suffix=musl
- name: Build and push sequencer docker
uses: docker/build-push-action@v5
with:
context: ./
file: ./docker/sequencer.Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.sequencer.outputs.tags }}
labels: ${{ steps.sequencer.outputs.labels }}
- name: Build and push web-server docker
uses: docker/build-push-action@v5
with:
context: ./
file: ./docker/web-server.Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.web-server.outputs.tags }}
labels: ${{ steps.web-server.outputs.labels }}
- name: Build and push state-relay-server docker
uses: docker/build-push-action@v5
with:
context: ./
file: ./docker/state-relay-server.Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.state-relay-server.outputs.tags }}
labels: ${{ steps.state-relay-server.outputs.labels }}
- name: Build and push prover-service docker
uses: docker/build-push-action@v5
with:
context: ./
file: ./docker/prover-service.Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.prover-service.outputs.tags }}
labels: ${{ steps.prover-service.outputs.labels }}
- name: Build and push orchestrator docker
uses: docker/build-push-action@v5
with:
context: ./
file: ./docker/orchestrator.Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.orchestrator.outputs.tags }}
labels: ${{ steps.orchestrator.outputs.labels }}
- name: Build and push commitment-task docker
uses: docker/build-push-action@v5
with:
context: ./
file: ./docker/commitment-task.Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.commitment-task.outputs.tags }}
labels: ${{ steps.commitment-task.outputs.labels }}
- name: Build and push submit-transactions docker
uses: docker/build-push-action@v5
with:
context: ./
file: ./docker/submit-transactions.Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.submit-transactions.outputs.tags }}
labels: ${{ steps.submit-transactions.outputs.labels }}
- name: Build and push deploy docker
uses: docker/build-push-action@v5
with:
context: ./
file: ./docker/deploy.Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.deploy.outputs.tags }}
labels: ${{ steps.deploy.outputs.labels }}