Pre-release #102
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pre-release | |
| on: | |
| push: | |
| tags: | |
| - "[0-9][0-9][0-9][0-9].[0-9]+" | |
| - "[0-9][0-9][0-9][0-9].[0-9]+-**" | |
| workflow_dispatch: | |
| inputs: | |
| mithril_image_id: | |
| description: | | |
| Mithril Docker image id of a distribution to deploy. (Must exist in the Docker images registry) | |
| required: true | |
| type: string | |
| dry_run: | |
| description: Dry run will not deploy the distribution to the Mithril network | |
| required: true | |
| type: boolean | |
| default: true | |
| jobs: | |
| create-pre-release: | |
| if: github.event_name == 'push' | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout sources | |
| uses: actions/checkout@v5 | |
| - name: Prepare packaging | |
| run: mkdir package | |
| - name: Download built artifacts (Linux-x64) | |
| uses: dawidd6/action-download-artifact@v11 | |
| with: | |
| name: mithril-distribution-Linux-X64 | |
| path: ./package-Linux-X64 | |
| commit: ${{ github.sha }} | |
| workflow: ci.yml | |
| workflow_conclusion: success | |
| - name: Download Debian packages (Linux-X64) | |
| uses: dawidd6/action-download-artifact@v11 | |
| with: | |
| name: mithril-deb-packages-Linux-X64 | |
| path: ./package | |
| commit: ${{ github.sha }} | |
| workflow: ci.yml | |
| workflow_conclusion: success | |
| - name: Download built artifacts (Linux-ARM64) | |
| uses: dawidd6/action-download-artifact@v11 | |
| with: | |
| name: mithril-distribution-Linux-ARM64 | |
| path: ./package-Linux-ARM64 | |
| commit: ${{ github.sha }} | |
| workflow: ci.yml | |
| workflow_conclusion: success | |
| - name: Download Debian packages (Linux-ARM64) | |
| uses: dawidd6/action-download-artifact@v11 | |
| with: | |
| name: mithril-deb-packages-Linux-ARM64 | |
| path: ./package | |
| commit: ${{ github.sha }} | |
| workflow: ci.yml | |
| workflow_conclusion: success | |
| - name: Download built artifacts (macOS-ARM64) | |
| uses: dawidd6/action-download-artifact@v11 | |
| with: | |
| name: mithril-distribution-macOS-ARM64 | |
| path: ./package-macOS-ARM64 | |
| commit: ${{ github.sha }} | |
| workflow: ci.yml | |
| workflow_conclusion: success | |
| - name: Download built artifacts (Windows-x64) | |
| uses: dawidd6/action-download-artifact@v11 | |
| with: | |
| name: mithril-distribution-Windows-X64 | |
| path: ./package-Windows-X64 | |
| commit: ${{ github.sha }} | |
| workflow: ci.yml | |
| workflow_conclusion: success | |
| - name: Download built artifacts (Explorer) | |
| uses: dawidd6/action-download-artifact@v11 | |
| with: | |
| name: explorer-build | |
| path: ./package-explorer | |
| commit: ${{ github.sha }} | |
| workflow: ci.yml | |
| workflow_conclusion: success | |
| - name: Append VERSION file | |
| run: | | |
| echo ${{ github.ref_name }} >> ./package/VERSION | |
| - name: Prepare distribution package | |
| uses: ./.github/workflows/actions/prepare-distribution | |
| with: | |
| tag: ${{ github.ref_name }} | |
| download-url-base: ${{ github.server_url }}/${{ github.repository }}/releases/download/${{ github.ref_name }} | |
| gpg-secret-key: ${{ secrets.GPG_SECRET_KEY }} | |
| compatibility-table: '{ "release-mainnet": "⛔", "release-preprod": "⛔", "pre-release-preview": "✔", "testing-preview": "⛔" }' | |
| - name: Create pre-release ${{ github.ref_name }} | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| tag_name: ${{ github.ref_name }} | |
| prerelease: true | |
| name: Mithril v${{ github.ref_name }} | |
| files: package/* | |
| body_path: ./release-notes-addon.txt | |
| append_body: true | |
| build-push-docker: | |
| if: github.event_name == 'push' | |
| runs-on: ubuntu-24.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| project: [mithril-aggregator, mithril-client-cli, mithril-signer] | |
| include: | |
| - project: mithril-client-cli | |
| package: mithril-client | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| REGISTRY: ghcr.io | |
| PACKAGE: ${{ github.repository_owner }}/${{ matrix.package != '' && matrix.package || matrix.project }} | |
| DOCKER_FILE: ./${{ matrix.project }}/Dockerfile.ci | |
| CONTEXT: . | |
| GITHUB_REF: ${{ github.ref}} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| - name: Get short SHA | |
| id: slug | |
| run: echo "sha8=$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_OUTPUT | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.PACKAGE }} | |
| tags: | | |
| pre-release | |
| type=raw,value=${{ github.ref_name }}-${{ steps.slug.outputs.sha8 }} | |
| - name: Download built artifacts (Linux-x64) | |
| uses: dawidd6/action-download-artifact@v11 | |
| with: | |
| name: mithril-distribution-Linux-X64 | |
| path: ${{ matrix.project }}/bin-linux-amd64 | |
| commit: ${{ github.sha }} | |
| workflow: ci.yml | |
| workflow_conclusion: success | |
| - name: Download built artifacts (Linux-arm64) | |
| uses: dawidd6/action-download-artifact@v11 | |
| with: | |
| name: mithril-distribution-Linux-ARM64 | |
| path: ${{ matrix.project }}/bin-linux-arm64 | |
| commit: ${{ github.sha }} | |
| workflow: ci.yml | |
| workflow_conclusion: success | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ${{ env.CONTEXT }} | |
| file: ${{ env.DOCKER_FILE }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| platforms: linux/amd64,linux/arm64 | |
| provenance: false | |
| deploy-pre-release: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| environment: [pre-release-preview] | |
| include: | |
| - environment: pre-release-preview | |
| environment_prefix: pre-release | |
| cardano_network: preview | |
| mithril_use_p2p_network: true | |
| mithril_p2p_use_dmq_protocol: true | |
| mithril_p2p_use_real_dmq_node: true | |
| mithril_api_domain: api.mithril.network | |
| mithril_protocol_parameters: | | |
| { | |
| k = 5 | |
| m = 100 | |
| phi_f = 0.70 | |
| } | |
| mithril_signers: | | |
| { | |
| "2" = { | |
| type = "verified", | |
| pool_id = "", | |
| }, | |
| } | |
| terraform_backend_bucket: hydra-terraform-admin | |
| google_region: europe-west1 | |
| google_zone: europe-west1-b | |
| google_machine_type: e2-highmem-4 | |
| google_compute_instance_boot_disk_size: 200 | |
| google_compute_instance_boot_disk_type: pd-standard | |
| google_compute_instance_data_disk_size: 250 | |
| google_compute_instance_data_disk_type: pd-standard | |
| environment: ${{ matrix.environment }} | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - build-push-docker | |
| # The 'needs' field ensures ordering on push (wait for Docker build). | |
| # On workflow_dispatch, build-push-docker is skipped which would skip this job too. | |
| # The '!cancelled()' override prevents that while still respecting cancellation. | |
| if: "!cancelled() && (github.event_name == 'push' && needs.build-push-docker.result == 'success' || github.event_name == 'workflow_dispatch')" | |
| defaults: | |
| run: | |
| working-directory: mithril-infra | |
| steps: | |
| - name: Checkout sources | |
| uses: actions/checkout@v5 | |
| - name: Get Docker image id | |
| run: | | |
| if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then | |
| echo "DOCKER_IMAGE_ID=${{ inputs.mithril_image_id }}" >> $GITHUB_ENV | |
| else | |
| echo "DOCKER_IMAGE_ID=${{ github.ref_name }}-$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_ENV | |
| fi | |
| - name: ${{ github.event_name == 'workflow_dispatch' && inputs.dry_run == true && 'Plan' || 'Apply' }} terraform infrastructure | |
| uses: ./.github/workflows/actions/deploy-terraform-infrastructure | |
| with: | |
| dry_run: ${{ github.event_name == 'workflow_dispatch' && inputs.dry_run || false }} | |
| terraform_backend_bucket: ${{ matrix.terraform_backend_bucket }} | |
| environment_prefix: ${{ matrix.environment_prefix }} | |
| environment: ${{ matrix.environment }} | |
| cardano_network: ${{ matrix.cardano_network }} | |
| cardano_node_version: ${{ vars.CARDANO_NODE_VERSION }} | |
| cardano_node_docker_registry: ${{ vars.CARDANO_NODE_DOCKER_REGISTRY }} | |
| dmq_node_version: ${{ vars.DMQ_NODE_VERSION }} | |
| dmq_node_docker_registry: ${{ vars.DMQ_NODE_DOCKER_REGISTRY }} | |
| google_region: ${{ matrix.google_region }} | |
| google_zone: ${{ matrix.google_zone }} | |
| google_machine_type: ${{ matrix.google_machine_type }} | |
| google_compute_instance_boot_disk_size: ${{ matrix.google_compute_instance_boot_disk_size }} | |
| google_compute_instance_boot_disk_type: ${{ matrix.google_compute_instance_boot_disk_type }} | |
| google_compute_instance_data_disk_size: ${{ matrix.google_compute_instance_data_disk_size }} | |
| google_compute_instance_data_disk_type: ${{ matrix.google_compute_instance_data_disk_type }} | |
| google_compute_instance_data_disk_snapshot: ${{ vars.GOOGLE_COMPUTE_INSTANCE_DATA_DISK_SNAPSHOT }} | |
| google_compute_instance_ssh_keys_environment: testing | |
| google_application_credentials: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} | |
| mithril_use_p2p_network: ${{ matrix.mithril_use_p2p_network }} | |
| mithril_p2p_use_dmq_protocol: ${{ matrix.mithril_p2p_use_dmq_protocol }} | |
| mithril_p2p_use_real_dmq_node: ${{ matrix.mithril_p2p_use_real_dmq_node }} | |
| mithril_p2p_network_bootstrap_peer: ${{ vars.MITHRIL_P2P_NETWORK_BOOTSTRAP_PEER }} | |
| mithril_api_domain: ${{ matrix.mithril_api_domain }} | |
| mithril_image_id: ${{ env.DOCKER_IMAGE_ID }} | |
| mithril_protocol_parameters: ${{ toJSON(matrix.mithril_protocol_parameters) }} | |
| mithril_signers: ${{ toJSON(matrix.mithril_signers) }} | |
| mithril_genesis_secret_key: ${{ secrets.GENESIS_SECRET_KEY }} | |
| mithril_genesis_verification_key_url: ${{ vars.GENESIS_VERIFICATION_KEY_URL }} | |
| mithril_era_reader_address_url: ${{ vars.ERA_READER_ADDRESS_URL }} | |
| mithril_era_reader_verification_key_url: ${{ vars.ERA_READER_VERIFICATION_KEY_URL }} | |
| mithril_era_reader_secret_key: ${{ secrets.ERA_READER_SECRET_KEY }} | |
| mithril_aggregator_signed_entity_types: ${{ vars.AGGREGATOR_SIGNED_ENTITY_TYPES }} | |
| mithril_aggregator_aggregate_signature_type: ${{ vars.AGGREGATOR_AGGREGATE_SIGNATURE_TYPE }} | |
| mithril_aggregator_cdn_cname: ${{ vars.AGGREGATOR_CDN_CNAME }} | |
| mithril_aggregator_snapshot_use_cdn_domain: ${{ vars.AGGREGATOR_USE_CDN_DOMAIN }} | |
| mithril_aggregator_snapshot_compression_algorithm: ${{ vars.AGGREGATOR_SNAPSHOT_COMPRESSION_ALGORITHM }} | |
| mithril_aggregator_zstandard_parameters_level: ${{ vars.AGGREGATOR_SNAPSHOT_ZSTANDARD_LEVEL }} | |
| mithril_aggregator_zstandard_parameters_workers: ${{ vars.AGGREGATOR_SNAPSHOT_ZSTANDARD_WORKERS }} | |
| mithril_aggregator_blockfrost_parameters: ${{ secrets.AGGREGATOR_BLOCKFROST_PARAMETERS }} | |
| mithril_aggregator_cardano_blocks_transactions_prover_cache_pool_size: ${{ vars.AGGREGATOR_CARDANO_BLOCKS_TRANSACTIONS_PROVER_CACHE_POOL_SIZE }} | |
| mithril_aggregator_cardano_blocks_transactions_database_connection_pool_size: ${{ vars.AGGREGATOR_CARDANO_BLOCKS_TRANSACTIONS_DATABASE_CONNECTION_POOL_SIZE }} | |
| mithril_aggregator_cardano_blocks_transactions_signing_config_security_parameter: ${{ vars.AGGREGATOR_CARDANO_BLOCKS_TRANSACTIONS_SIGNING_CONFIG_SECURITY_PARAMETER }} | |
| mithril_aggregator_cardano_blocks_transactions_signing_config_step: ${{ vars.AGGREGATOR_CARDANO_BLOCKS_TRANSACTIONS_SIGNING_CONFIG_STEP }} | |
| mithril_aggregator_cardano_transactions_prover_cache_pool_size: ${{ vars.AGGREGATOR_CARDANO_TRANSACTIONS_PROVER_CACHE_POOL_SIZE }} | |
| mithril_aggregator_cardano_transactions_database_connection_pool_size: ${{ vars.AGGREGATOR_CARDANO_TRANSACTIONS_DATABASE_CONNECTION_POOL_SIZE }} | |
| mithril_aggregator_cardano_transactions_signing_config_security_parameter: ${{ vars.AGGREGATOR_CARDANO_TRANSACTIONS_SIGNING_CONFIG_SECURITY_PARAMETER }} | |
| mithril_aggregator_cardano_transactions_signing_config_step: ${{ vars.AGGREGATOR_CARDANO_TRANSACTIONS_SIGNING_CONFIG_STEP }} | |
| mithril_aggregator_ancillary_signer_type: ${{ vars.AGGREGATOR_ANCILLARY_SIGNER_TYPE }} | |
| mithril_aggregator_ancillary_signer_secret_key: ${{ secrets.AGGREGATOR_ANCILLARY_SIGNER_SECRET_KEY }} | |
| mithril_aggregator_ancillary_signer_gcp_kms_resource_name: ${{ secrets.AGGREGATOR_ANCILLARY_SIGNER_GCP_KMS_RESOURCE_NAME }} | |
| mithril_aggregator_ancillary_signer_gcp_kms_credentials: ${{ secrets.AGGREGATOR_ANCILLARY_SIGNER_GCP_KMS_CREDENTIALS }} | |
| mithril_aggregator_custom_origin_tag_white_list: ${{ vars.AGGREGATOR_CUSTOM_ORIGIN_TAG_WHITE_LIST }} | |
| prometheus_auth_username: ${{ secrets.PROMETHEUS_AUTH_USERNAME }} | |
| prometheus_auth_password: ${{ secrets.PROMETHEUS_AUTH_PASSWORD }} | |
| prometheus_ingest_host: ${{ vars.PROMETHEUS_INGEST_HOST }} | |
| prometheus_ingest_username: ${{ secrets.PROMETHEUS_INGEST_USERNAME }} | |
| prometheus_ingest_password: ${{ secrets.PROMETHEUS_INGEST_PASSWORD }} | |
| loki_auth_username: ${{ secrets.LOKI_AUTH_USERNAME }} | |
| loki_auth_password: ${{ secrets.LOKI_AUTH_PASSWORD }} | |
| loki_ingest_host: ${{ vars.LOKI_INGEST_HOST }} | |
| loki_ingest_username: ${{ secrets.LOKI_INGEST_USERNAME }} | |
| loki_ingest_password: ${{ secrets.LOKI_INGEST_PASSWORD }} | |
| publish-crate-test: | |
| if: github.event_name == 'push' | |
| strategy: | |
| fail-fast: false | |
| max-parallel: 1 | |
| matrix: | |
| package: | |
| [ | |
| mithril-stm, | |
| mithril-build-script, | |
| mithril-common, | |
| mithril-aggregator-client, | |
| mithril-aggregator-discovery, | |
| mithril-cardano-node-internal-database, | |
| mithril-client, | |
| ] | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout sources | |
| uses: actions/checkout@v5 | |
| - name: Install stable toolchain | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: stable | |
| - name: Publish package to crates.io | |
| uses: ./.github/workflows/actions/publish-crate-package | |
| with: | |
| dry_run: "true" | |
| package: ${{ matrix.package }} | |
| publish-next-wasm-package: | |
| if: github.event_name == 'push' | |
| strategy: | |
| fail-fast: false | |
| max-parallel: 1 | |
| matrix: | |
| package: [mithril-client-wasm] | |
| include: | |
| - package: mithril-client-wasm | |
| tag: next | |
| access: public | |
| api_token_secret_name: NPM_API_TOKEN_MITHRIL_CLIENT_WASM | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout sources | |
| uses: actions/checkout@v5 | |
| - name: Install stable toolchain, tools, and restore cache | |
| uses: ./.github/workflows/actions/toolchain-and-cache | |
| with: | |
| cache-version: ${{ vars.CACHE_VERSION }}-wasm | |
| cargo-tools: wasm-pack | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Publish package to npm | |
| uses: ./.github/workflows/actions/publish-npm-package | |
| with: | |
| dry_run: "false" | |
| package_dir: ${{ matrix.package }} | |
| tag: next | |
| access: ${{ matrix.access }} | |
| api_token: ${{ secrets[matrix.api_token_secret_name] }} |