diff --git a/.github/workflows/audit-check.yml b/.github/workflows/audit-check.yml deleted file mode 100644 index 81cf42616..000000000 --- a/.github/workflows/audit-check.yml +++ /dev/null @@ -1,13 +0,0 @@ -name: Security audit -on: - pull_request: - branches: - - '**' - -jobs: - security_audit: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: cargo audit - run: cargo audit --ignore RUSTSEC-2023-0071 diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml deleted file mode 100644 index 90786580e..000000000 --- a/.github/workflows/benchmark.yml +++ /dev/null @@ -1,137 +0,0 @@ - -name: Tests - -on: - push: - branches: - - main - tags: - - '**' - pull_request: - branches: - - '**' - -jobs: - tests: - name: Unit Tests - runs-on: ${{ matrix.os }} - strategy: - fail-fast: false - matrix: - os: [macos-latest, ubuntu-latest, windows-latest] - python-version: ['3.8', '3.9', '3.10', '3.11'] - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - - uses: chia-network/actions/setup-python@main - name: Install Python ${{ matrix.python-version }} - with: - python-version: ${{ matrix.python-version }} - - - name: Update pip - run: | - python -m pip install --upgrade pip - - - name: Set up rust - uses: dtolnay/rust-toolchain@stable - - - name: setup venv - run: | - python -m venv venv - - - uses: chia-network/actions/activate-venv@main - - - name: Install dependencies - run: | - python -m pip install maturin - rustup target add x86_64-unknown-linux-musl - python -m pip install pytest pytest-xdist - python -m pip install mypy - python -m pip install black - - - name: Build - run: | - python -m pip install clvm_tools colorama blspy chia-blockchain==2.1.2 clvm==0.9.8 - maturin develop --release -m wheel/Cargo.toml - - - name: python mypy - run: | - mypy --ignore-missing-imports tests - - - name: python black - run: | - black --check tests - black --check wheel/generate_type_stubs.py - - - name: python tests - run: | - pytest tests - - generator-benchmarks: - name: Generator performance - runs-on: benchmark - strategy: - fail-fast: false - matrix: - python-version: ['3.10', '3.11'] - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - - uses: chia-network/actions/setup-python@main - name: Install Python ${{ matrix.python-version }} - with: - python-version: ${{ matrix.python-version }} - - - name: Set up rust - uses: dtolnay/rust-toolchain@stable - - - name: setup venv - run: | - python -m venv venv - - - uses: chia-network/actions/activate-venv@main - - - name: Install dependencies - run: | - python -m pip install --upgrade pip - python -m pip install maturin colorama clvm_tools - rustup target add x86_64-unknown-linux-musl - - - name: Build - run: | - maturin develop --release -m wheel/Cargo.toml - - - name: test generators - run: | - cd tests - ./test-generators.py - - - name: Run cost checks - run: | - cd tests - ./generate-programs.py - ./run-programs.py - - benchmarks: - name: rust benchmarks - runs-on: benchmark - strategy: - fail-fast: false - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - - name: Set up rust - uses: dtolnay/rust-toolchain@stable - - - name: cargo bench - run: | - cargo bench --workspace --exclude chia_rs diff --git a/.github/workflows/build-crate-and-npm.yml b/.github/workflows/build-crate-and-npm.yml deleted file mode 100644 index 45c16ca10..000000000 --- a/.github/workflows/build-crate-and-npm.yml +++ /dev/null @@ -1,71 +0,0 @@ -name: Build crate and npm package - -on: - push: - branches: - - main - tags: - - '**' - pull_request: - branches: - - '**' - -jobs: - build_crate: - name: Crate & NPM - runs-on: ubuntu-latest - strategy: - fail-fast: false - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Set up rusts - uses: dtolnay/rust-toolchain@stable - with: - components: rustfmt, clippy - - - name: fmt - run: cargo fmt -- --files-with-diff --check - - name: clippy - run: cargo clippy - - name: tests - run: cargo test && cargo test --release - - name: build - run: cargo build --release - - - name: Upload crate artifacts - uses: actions/upload-artifact@v4 - with: - name: crate - path: ./target/package/*-*.crate - - - name: install wasm-pack - run: cargo install wasm-pack --locked - - - name: wasm-pack build and pack - run: cd wasm && wasm-pack build && wasm-pack pack - - - name: Upload npm pkg artifacts - uses: actions/upload-artifact@v4 - with: - name: npm-pkg - path: ./wasm/pkg/*-*.tgz - - - name: publish to crates.io if tagged - if: startsWith(github.event.ref, 'refs/tags') - env: - CARGO_REGISTRY_TOKEN: ${{ secrets.cargo_registry_token }} - run: | - cargo install cargo-workspaces --locked - cargo ws publish --publish-as-is - - # this has not been tested, so probably needs to be debugged next time a tag is created - - name: publish to npmjs.com if tagged - if: startsWith(github.event.ref, 'refs/tags') - uses: JS-DevTools/npm-publish@v3 - with: - token: ${{ secrets.node_auth_token }} - package: wasm/pkg/package.json diff --git a/.github/workflows/build-riscv64.yml b/.github/workflows/build-riscv64.yml deleted file mode 100644 index 4099724be..000000000 --- a/.github/workflows/build-riscv64.yml +++ /dev/null @@ -1,151 +0,0 @@ -name: QEMU Build and test riscv64 crate - -on: - push: - branches: - - main - release: - types: [published] - pull_request: - branches: - - "**" - -permissions: - id-token: write - contents: read - -jobs: - build_crate: - name: Build riscv64 crate and run tests - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest] - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - - name: Set up QEMU on x86_64 - id: qemu - uses: docker/setup-qemu-action@v3 - with: - platforms: riscv64 - - - name: Build and Test - run: | - docker run --rm --platform linux/riscv64 \ - -v ${{ github.workspace }}:/ws --workdir=/ws \ - chianetwork/ubuntu-22.04-risc-builder:latest \ - bash -exc '\ - cargo test --release -p chia-consensus - ' - - build_wheels: - name: ${{ matrix.os }} 📦 Build Wheel ${{ matrix.python.major-dot-minor }} - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest] - python: - - major-dot-minor: "3.8" - matrix: "3.8" - - major-dot-minor: "3.9" - matrix: "3.9" - - major-dot-minor: "3.10" - matrix: "3.10" - - major-dot-minor: "3.11" - matrix: "3.11" - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - - name: Set up QEMU on x86_64 - id: qemu - uses: docker/setup-qemu-action@v3 - with: - platforms: riscv64 - - - name: Build and Test - run: | - docker run --rm --platform linux/riscv64 \ - -v ${{ github.workspace }}:/ws --workdir=/ws \ - chianetwork/ubuntu-22.04-risc-builder:latest \ - bash -exc '\ - pyenv global ${{ matrix.python.matrix }} - python -m venv venv && \ - source ./venv/bin/activate && \ - pip install --upgrade pip && \ - pip install --extra-index-url https://pypi.chia.net/simple/ maturin==1.2.3 && \ - maturin build -i python --release -m wheel/Cargo.toml \ - ' - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: packages-${{ matrix.os }}-${{ matrix.python.major-dot-minor }} - path: ./target/wheels - if-no-files-found: error - upload: - name: Upload to Chia PyPI - runs-on: ubuntu-latest - needs: - - build_wheels - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Set Env - uses: Chia-Network/actions/setjobenv@main - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Download artifacts - if: env.RELEASE == 'true' - uses: actions/download-artifact@v4 - with: - merge-multiple: true - pattern: packages-* - path: ./target/wheels - - - name: Configure AWS credentials - if: env.RELEASE == 'true' - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: arn:aws:iam::${{ secrets.CHIA_AWS_ACCOUNT_ID }}:role/installer-upload - aws-region: us-west-2 - - - name: List existing wheels - if: env.RELEASE == 'true' - shell: sh - run: | - aws s3 ls s3://download.chia.net/simple/chia-rs/ > existing_wheel_list_raw - cat existing_wheel_list_raw - cat existing_wheel_list_raw | tr -s ' ' | cut -d ' ' -f 4 > existing_wheel_list - - - name: List new wheels - if: env.RELEASE == 'true' - shell: sh - run: | - (cd target/wheels/; ls chia_rs-*.whl) > new_wheel_list - cat new_wheel_list | xargs -I % sh -c 'ls -l target/wheels/%' - - - name: Choose wheels to upload - if: env.RELEASE == 'true' - shell: sh - run: | - grep -F -x -v -f existing_wheel_list new_wheel_list > upload_wheel_list - cat upload_wheel_list - - - name: Upload wheels - if: env.RELEASE == 'true' - shell: sh - run: | - cat upload_wheel_list | xargs -I % sh -c 'aws s3 cp target/wheels/% s3://download.chia.net/simple/chia-rs/' diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 34e081ed8..24c10f5f7 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -26,6 +26,7 @@ jobs: strategy: fail-fast: false matrix: + repeat: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24] os: - name: macOS matrix: macos @@ -106,8 +107,6 @@ jobs: arch: - name: ARM matrix: arm - - name: Intel - matrix: intel exclude: # Only partial entries are required here by GitHub Actions so generally I # only specify the `matrix:` entry. The super linter complains so for now @@ -126,337 +125,6 @@ jobs: - name: Clean workspace uses: Chia-Network/actions/clean-workspace@main - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - uses: Chia-Network/actions/setup-python@main + - uses: Chia-Network/actions/setup-python@setup_python_pyenv_diagnostics with: python-version: ${{ matrix.python.major-dot-minor }} - - - name: Update pip - run: | - python -m pip install --upgrade pip - - - name: Set up rust - uses: dtolnay/rust-toolchain@stable - - - name: Install dependencies - run: | - python -m pip install maturin - - - name: Build MacOs with maturin on Python ${{ matrix.python }} - if: matrix.os.matrix == 'macos' - env: - MACOSX_DEPLOYMENT_TARGET: '11.0' - run: | - python${{ matrix.python.major-dot-minor }} -m venv venv - . venv/bin/activate - maturin build -i python --release -m wheel/Cargo.toml - - - name: Build Linux with maturin on Python ${{ matrix.python }} - if: matrix.os.matrix == 'ubuntu' - run: | - docker run --rm --pull always \ - -v ${{ github.workspace }}:/ws --workdir=/ws \ - ${{ matrix.python.by-arch[matrix.arch.matrix].docker-url }} \ - bash -exc '\ - yum -y install openssl-devel && \ - source $HOME/.cargo/env && \ - rustup target add ${{ matrix.python.by-arch[matrix.arch.matrix].rustup-target }} && \ - python${{ matrix.python.major-dot-minor }} -m venv /venv && \ - . /venv/bin/activate && \ - pip install --upgrade pip && \ - pip install maturin && \ - CC=gcc maturin build --release --manylinux ${{ matrix.python.by-arch[matrix.arch.matrix].manylinux-version }} -m wheel/Cargo.toml \ - ' - - - name: Build Windows with maturin on Python ${{ matrix.python }} - if: matrix.os.matrix == 'windows' - env: - CC: 'clang' - CFLAGS: "-D__BLST_PORTABLE__" - run: | - py -${{ matrix.python.major-dot-minor }} -m venv venv - . .\venv\Scripts\Activate.ps1 - maturin build -i python --release -m wheel/Cargo.toml - - - uses: Chia-Network/actions/create-venv@main - id: create-venv - - - uses: Chia-Network/actions/activate-venv@main - with: - directories: ${{ steps.create-venv.outputs.activate-venv-directories }} - - - name: Install chia_rs wheel - run: | - pip install --no-index --find-links target/wheels/ chia_rs - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: packages-${{ matrix.os.name }}-${{ matrix.python.major-dot-minor }}-${{ matrix.arch.name }} - path: ./target/wheels/ - - check-typestubs: - name: Check chia_rs.pyi - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - uses: Chia-Network/actions/setup-python@main - - - name: check generated chia_rs.pyi - run: | - python wheel/generate_type_stubs.py - git diff --exit-code - - build-tools: - name: build chia-tools - runs-on: ubuntu-latest - steps: - - name: Clean workspace - uses: Chia-Network/actions/clean-workspace@main - - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: cargo build - run: | - cd crates/chia-tools - cargo build - - build-sdist: - name: sdist - ${{ matrix.os.name }} ${{ matrix.python.major-dot-minor }} ${{ matrix.arch.name }} - runs-on: ${{ matrix.os.runs-on[matrix.arch.matrix] }} - strategy: - fail-fast: false - matrix: - os: - - name: Ubuntu - matrix: ubuntu - runs-on: - arm: [Linux, ARM64] - intel: [ubuntu-latest] - python: - - major-dot-minor: '3.8' - matrix: '3.8' - arch: - - name: Intel - matrix: intel - - steps: - - name: Clean workspace - uses: Chia-Network/actions/clean-workspace@main - - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - uses: Chia-Network/actions/setup-python@main - with: - python-version: ${{ matrix.python.major-dot-minor }} - - - name: Build source distribution - run: | - pip install maturin - maturin sdist -m wheel/Cargo.toml - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: packages-sdist-${{ matrix.os.name }}-${{ matrix.python.major-dot-minor }}-${{ matrix.arch.name }} - path: ./target/wheels/ - - fmt: - runs-on: ubuntu-latest - name: cargo fmt - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - - name: Install rust - uses: dtolnay/rust-toolchain@stable - with: - components: rustfmt, clippy - - - name: fmt - run: | - cargo fmt --all -- --files-with-diff --check - cd wheel - cargo fmt -- --files-with-diff --check - - clippy: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: dtolnay/rust-toolchain@stable - with: - components: clippy - - - name: workspace - run: | - cargo clippy --workspace --all-features --all-targets - - fuzz_targets: - runs-on: ubuntu-latest - env: - CARGO_PROFILE_RELEASE_LTO: false - steps: - - uses: actions/checkout@v4 - - uses: dtolnay/rust-toolchain@nightly - - name: cargo-fuzz - run: cargo +nightly install cargo-fuzz - - name: cargo fuzz (chia-consensus) - run: | - cd crates/chia-consensus - cargo fuzz list | xargs -I "%" sh -c "cargo +nightly fuzz run % -- -max_total_time=20 || exit 255" - - name: cargo fuzz (chia-bls) - env: - # we disable leak reports here because blspy appears to be allocating - # memory that's not freed. It might be a false positive since python is - # not unloaded before exiting - LSAN_OPTIONS: detect_leaks=0 - run: | - cd crates/chia-bls - python -m pip install blspy - cargo fuzz list | xargs -I "%" sh -c "cargo +nightly fuzz run % -- -max_total_time=10 || exit 255" - - name: cargo fuzz (clvm-utils) - run: | - cd crates/clvm-utils - cargo fuzz list | xargs -I "%" sh -c "cargo +nightly fuzz run % -- -max_total_time=20 || exit 255" - - name: cargo fuzz (chia-protocol) - run: | - cd crates/chia-protocol - cargo +nightly fuzz build - cargo fuzz list | xargs -I "%" sh -c "cargo +nightly fuzz run % -- -max_total_time=20 || exit 255" - - name: cargo fuzz (chia-puzzles) - run: | - cd crates/chia-puzzles - cargo +nightly fuzz build - cargo fuzz list | xargs -I "%" sh -c "cargo +nightly fuzz run % -- -max_total_time=20 || exit 255" - - unit_tests: - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [macos-latest, ubuntu-latest, windows-latest] - name: Unit tests - steps: - # the test files are read verbatim, making it problematic if git is - # allowed to insert \r when checking out files - - name: disable git autocrlf - run: | - git config --global core.autocrlf false - - - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - uses: dtolnay/rust-toolchain@stable - - name: Prepare for coverage - if: matrix.os == 'ubuntu-latest' - run: | - cargo install grcov --locked - echo "RUSTFLAGS=-Cinstrument-coverage" >> "$GITHUB_ENV" - echo "LLVM_PROFILE_FILE=$(pwd)/target/chia_rs-%p-%m.profraw" >> "$GITHUB_ENV" - echo "CARGO_TARGET_DIR=$(pwd)/target" >> "$GITHUB_ENV" - - name: cargo test - run: cargo test --workspace --all-features - - name: cargo test (release) - run: cargo test --workspace --all-features --release - - name: Continue with coverage - if: matrix.os == 'ubuntu-latest' - run: | - sudo apt-get update - sudo apt-get install lcov -y - rustup component add llvm-tools-preview - python -m venv venv - source venv/bin/activate - git clone https://github.com/Chia-Network/clvm_tools.git --branch=main --single-branch - pip install ./clvm_tools - pip install colorama maturin pytest pytest-xdist chia-blockchain==2.1.2 clvm==0.9.8 - maturin develop --release -m wheel/Cargo.toml - pytest tests - grcov . --binary-path target -s . --branch --ignore-not-existing --ignore='*/.cargo/*' --ignore='tests/*' --ignore='venv/*' -o rust_cov.info - python -c 'with open("rust_cov.info") as f: lines = [l for l in f if not (l.startswith("DA:") and int(l.split(",")[1].strip()) >= 2**63)]; open("lcov.info", "w").writelines(lines)' - - name: Upload to Coveralls - uses: coverallsapp/github-action@v2 - if: matrix.os == 'ubuntu-latest' - env: - COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }} - with: - path-to-lcov: './lcov.info' - - upload: - name: Upload to PyPI - ${{ matrix.os.name }} ${{ matrix.python.major-dot-minor }} ${{ matrix.arch.name }} - runs-on: ${{ matrix.os.runs-on[matrix.arch.matrix] }} - needs: - - build-wheels - - build-sdist - - fmt - - clippy - - unit_tests - strategy: - fail-fast: false - matrix: - os: - - name: Ubuntu - matrix: ubuntu - runs-on: - arm: [Linux, ARM64] - intel: [ubuntu-latest] - python: - - major-dot-minor: '3.9' - matrix: '3.9' - arch: - - name: Intel - matrix: intel - - steps: - - name: Clean workspace - uses: Chia-Network/actions/clean-workspace@main - - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - uses: Chia-Network/actions/setup-python@main - with: - python-version: ${{ matrix.python.major-dot-minor }} - - - name: Download artifacts - uses: actions/download-artifact@v4 - with: - merge-multiple: true - pattern: packages-* - path: ./dist - - - name: Set Env - uses: Chia-Network/actions/setjobenv@main - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: publish (PyPi) - if: env.RELEASE == 'true' - uses: pypa/gh-action-pypi-publish@release/v1 - with: - packages-dir: dist/ - skip-existing: true - - - name: publish (Test PyPi) - if: env.PRE_RELEASE == 'true' - uses: pypa/gh-action-pypi-publish@release/v1 - with: - repository-url: https://test.pypi.org/legacy/ - packages-dir: dist/ - skip-existing: true diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml deleted file mode 100644 index 3bc3e1a77..000000000 --- a/.github/workflows/dependency-review.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Managed by repo-content-updater -# Dependency Review Action -# -# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging. -# -# Source repository: https://github.com/actions/dependency-review-action -# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement -name: "🚨 Dependency Review" -on: [pull_request] - -permissions: - contents: read - -jobs: - dependency-review: - runs-on: ubuntu-latest - steps: - - name: "Checkout Repository" - uses: actions/checkout@v4 - - - name: "Dependency Review" - uses: actions/dependency-review-action@v4 - with: - deny-licenses: AGPL-1.0-only, AGPL-1.0-or-later, AGPL-1.0-or-later, AGPL-3.0-or-later, GPL-1.0-only, GPL-1.0-or-later, GPL-2.0-only, GPL-2.0-or-later, GPL-3.0-only, GPL-3.0-or-later