chore: bump secp256k1 patch (#1826) #252
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Reference: https://github.com/foundry-rs/foundry/blob/master/.github/workflows/release.yml | |
name: release | |
on: | |
push: | |
branches: | |
- main | |
tags: | |
- "v*.*.*" | |
workflow_dispatch: | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
prepare: | |
name: Prepare release | |
runs-on: [runs-on, runner=8cpu-linux-x64, "run-id=${{ github.run_id }}"] | |
timeout-minutes: 30 | |
outputs: | |
tag_name: ${{ steps.release_info.outputs.tag_name }} | |
release_name: ${{ steps.release_info.outputs.release_name }} | |
changelog: ${{ steps.build_changelog.outputs.changelog }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup CI | |
uses: ./.github/actions/setup | |
with: | |
pull_token: ${{ secrets.PULL_TOKEN }} | |
# If it's a nightly release, tag with the release time. If the tag is `main`, we want to use | |
# `latest` as the tag name. Else, use the tag name as is. | |
- name: Compute release name and tag | |
id: release_info | |
run: | | |
if [[ $IS_NIGHTLY ]]; then | |
echo "tag_name=nightly-${GITHUB_SHA}" >> $GITHUB_OUTPUT | |
echo "release_name=Nightly ($(date '+%Y-%m-%d'))" >> $GITHUB_OUTPUT | |
elif [[ "${GITHUB_REF_NAME}" == "main" ]]; then | |
echo "tag_name=latest" >> $GITHUB_OUTPUT | |
echo "release_name=Latest" >> $GITHUB_OUTPUT | |
else | |
echo "tag_name=${GITHUB_REF_NAME}" >> $GITHUB_OUTPUT | |
echo "release_name=${GITHUB_REF_NAME}" >> $GITHUB_OUTPUT | |
fi | |
# Creates a `nightly-SHA` tag for this specific nightly | |
# This tag is used for this specific nightly version's release | |
# which allows users to roll back. It is also used to build | |
# the changelog. | |
- name: Create build-specific nightly tag | |
if: ${{ env.IS_NIGHTLY }} | |
uses: actions/github-script@v7 | |
env: | |
TAG_NAME: ${{ steps.release_info.outputs.tag_name }} | |
with: | |
script: | | |
const createTag = require('./.github/scripts/create-tag.js') | |
await createTag({ github, context }, process.env.TAG_NAME) | |
- name: Build changelog | |
id: build_changelog | |
uses: mikepenz/release-changelog-builder-action@v4 | |
with: | |
configuration: "./.github/changelog.json" | |
fromTag: ${{ env.IS_NIGHTLY && 'nightly' || '' }} | |
toTag: ${{ steps.release_info.outputs.tag_name }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
release: | |
name: ${{ matrix.target }} (${{ matrix.runner }}) | |
runs-on: ${{ matrix.runner }} | |
timeout-minutes: 240 | |
needs: prepare | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
# `runner`: GHA runner label | |
# `target`: Rust build target triple | |
# `platform` and `arch`: Used in tarball names | |
# `svm`: target platform to use for the Solc binary: https://github.com/roynalnaruto/svm-rs/blob/84cbe0ac705becabdc13168bae28a45ad2299749/svm-builds/build.rs#L4-L24 | |
- runner: ubuntu-latest | |
target: x86_64-unknown-linux-gnu | |
svm_target_platform: linux-amd64 | |
platform: linux | |
arch: amd64 | |
- runner: warp-ubuntu-latest-arm64-4x | |
target: aarch64-unknown-linux-gnu | |
svm_target_platform: linux-aarch64 | |
platform: linux | |
arch: arm64 | |
- runner: macos-latest-large | |
target: x86_64-apple-darwin | |
svm_target_platform: macosx-amd64 | |
platform: darwin | |
arch: amd64 | |
- runner: macos-latest-xlarge | |
target: aarch64-apple-darwin | |
svm_target_platform: macosx-aarch64 | |
platform: darwin | |
arch: arm64 | |
# - runner: windows-latest | |
# target: x86_64-pc-windows-msvc | |
# svm_target_platform: windows-amd64 | |
# platform: win32 | |
# arch: amd64 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install nightly toolchain | |
id: rustc-toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: 1.81.0 | |
profile: minimal | |
override: true | |
targets: ${{ matrix.target }} | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
key: ${{ matrix.target }} | |
cache-on-failure: true | |
- name: Install go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: "^1.22.1" | |
- name: Check go installation | |
run: | | |
go version | |
- name: Set up git private repo access | |
run: | | |
git config --global url."https://${{ secrets.PRIVATE_PULL_TOKEN }}@github.com/".insteadOf ssh://[email protected] | |
git config --global url."https://${{ secrets.PRIVATE_PULL_TOKEN }}@github.com".insteadOf https://github.com | |
- name: Apple M1 setup | |
if: matrix.target == 'aarch64-apple-darwin' | |
run: | | |
echo "SDKROOT=$(xcrun -sdk macosx --show-sdk-path)" >> $GITHUB_ENV | |
echo "MACOSX_DEPLOYMENT_TARGET=$(xcrun -sdk macosx --show-sdk-platform-version)" >> $GITHUB_ENV | |
- name: Linux ARM setup | |
if: matrix.target == 'aarch64-unknown-linux-gnu' | |
run: | | |
sudo apt-get update -y | |
sudo apt-get install -y gcc-aarch64-linux-gnu | |
echo "CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=aarch64-linux-gnu-gcc" >> $GITHUB_ENV | |
- name: Build binaries | |
env: | |
SVM_TARGET_PLATFORM: ${{ matrix.svm_target_platform }} | |
shell: bash | |
run: | | |
set -eo pipefail | |
target="${{ matrix.target }}" | |
flags=() | |
[[ "$target" == *windows* ]] && exe=".exe" | |
RUSTFLAGS='-C target-feature=+crt-static' cargo build --release -p sp1-cli --target "$target" "${flags[@]}" | |
bins=(cargo-prove) | |
for name in "${bins[@]}"; do | |
bin=./target/$target/release/$name$exe | |
file "$bin" || true | |
ldd "$bin" || true | |
$bin --version || true | |
done | |
- name: Archive binaries | |
id: artifacts | |
env: | |
PLATFORM_NAME: ${{ matrix.platform }} | |
TARGET: ${{ matrix.target }} | |
ARCH: ${{ matrix.arch }} | |
VERSION_NAME: ${{ (env.IS_NIGHTLY && 'nightly') || needs.prepare.outputs.tag_name }} | |
shell: bash | |
run: | | |
if [ "$PLATFORM_NAME" == "linux" ]; then | |
tar -czvf "cargo_prove_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.tar.gz" -C ./target/${TARGET}/release cargo-prove | |
echo "file_name=cargo_prove_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.tar.gz" >> $GITHUB_OUTPUT | |
elif [ "$PLATFORM_NAME" == "darwin" ]; then | |
# We need to use gtar here otherwise the archive is corrupt. | |
# See: https://github.com/actions/virtual-environments/issues/2619 | |
gtar -czvf "cargo_prove_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.tar.gz" -C ./target/${TARGET}/release cargo-prove | |
echo "file_name=cargo_prove_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.tar.gz" >> $GITHUB_OUTPUT | |
else | |
cd ./target/${TARGET}/release | |
7z a -tzip "cargo_prove_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.zip" cargo-prove.exe | |
mv "cargo_prove_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.zip" ../../../ | |
echo "file_name=cargo_prove_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.zip" >> $GITHUB_OUTPUT | |
fi | |
# Creates the release for this specific version | |
- name: Create release | |
uses: softprops/action-gh-release@v2 | |
with: | |
name: ${{ needs.prepare.outputs.release_name }} | |
tag_name: ${{ needs.prepare.outputs.tag_name }} | |
prerelease: ${{ env.IS_NIGHTLY || needs.prepare.outputs.tag_name == 'latest' }} | |
body: ${{ needs.prepare.outputs.changelog }} | |
files: | | |
${{ steps.artifacts.outputs.file_name }} | |
${{ steps.man.outputs.cargo_prove_man }} | |
# If this is a nightly release, it also updates the release | |
# tagged `nightly` for compatibility with `sp1up` | |
- name: Update nightly release | |
if: ${{ env.IS_NIGHTLY }} | |
uses: softprops/action-gh-release@v2 | |
with: | |
name: "Nightly" | |
tag_name: "nightly" | |
prerelease: true | |
body: ${{ needs.prepare.outputs.changelog }} | |
files: | | |
${{ steps.artifacts.outputs.file_name }} | |
${{ steps.man.outputs.cargo_prove_man }} | |
cleanup: | |
name: Release cleanup | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
needs: release | |
if: always() | |
steps: | |
- uses: actions/checkout@v4 | |
# Moves the `nightly` tag to `HEAD` | |
- name: Move nightly tag | |
if: ${{ env.IS_NIGHTLY }} | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
const moveTag = require('./.github/scripts/move-tag.js') | |
await moveTag({ github, context }, 'nightly') | |
- name: Delete old nightlies | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
const prunePrereleases = require('./.github/scripts/prune-prereleases.js') | |
await prunePrereleases({github, context}) | |
# If any of the jobs fail, this will create a high-priority issue to signal so. | |
issue: | |
name: Open an issue | |
runs-on: ubuntu-latest | |
needs: [prepare, release, cleanup] | |
if: failure() | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: JasonEtco/create-an-issue@v2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
WORKFLOW_URL: | | |
${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
with: | |
update_existing: true | |
filename: .github/RELEASE_FAILURE_ISSUE_TEMPLATE.md |