diff --git a/.github/workflows/acceptance-tests.yml b/.github/workflows/acceptance-tests.yml index 39af80ba6e6..74ba75c2f91 100644 --- a/.github/workflows/acceptance-tests.yml +++ b/.github/workflows/acceptance-tests.yml @@ -1,62 +1,26 @@ name: acceptance-tests on: workflow_dispatch: - pull_request_target: + pull_request: branches: - main - release-* - pull_request_review: - types: [submitted] + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true env: GRADLE_OPTS: "-Xmx6g -Dorg.gradle.daemon=false" total-runners: 16 jobs: - shouldRun: - name: checks to ensure we should run - # necessary because there is no single PR approved event, need to check all comments/approvals/denials - runs-on: ubuntu-22.04 - outputs: - shouldRun: ${{steps.shouldRun.outputs.result}} - steps: - - name: required check - id: shouldRun - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea - env: - # fun fact, this changes based on incoming event, it will be different when we run this on pushes to main - RELEVANT_SHA: ${{ github.event.pull_request.head.sha || github.sha }} - with: - script: | - const { RELEVANT_SHA } = process.env; - const { data: { statuses } } = await github.rest.repos.getCombinedStatusForRef({ - owner: context.repo.owner, - repo: context.repo.repo, - ref: RELEVANT_SHA, - }); - const acceptanceTested = statuses && statuses.filter(({ context }) => context === 'accepttests-passed'); - const alreadyRun = acceptanceTested && acceptanceTested.find(({ state }) => state === 'success') > 0; - const { data: reviews } = await github.rest.pulls.listReviews({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: context.issue.number, - }); - const approvingReviews = reviews && reviews.filter(review => review.state === 'APPROVED'); - const shouldRun = !alreadyRun && github.actor != 'dependabot[bot]' && (approvingReviews.length > 0); - - console.log("tests should be run = %j", shouldRun); - console.log("alreadyRun = %j", alreadyRun); - console.log("approvingReviews = %j", approvingReviews.length); - - return shouldRun; acceptanceTestEthereum: runs-on: ubuntu-22.04 name: "Acceptance Runner" - needs: shouldRun permissions: statuses: write checks: write - if: ${{ needs.shouldRun.outputs.shouldRun == 'true'}} strategy: fail-fast: true matrix: @@ -81,6 +45,8 @@ jobs: if_no_artifact_found: true - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 + with: + cache-disabled: true - name: Split tests id: split-tests uses: r7kamura/split-tests-by-timings@9322bd292d9423e2bc5a65bec548901801341e3f @@ -104,18 +70,22 @@ jobs: with: name: acceptance-node-${{matrix.runner_index}}-test-results path: 'acceptance-tests/tests/build/test-results/**/TEST-*.xml' - - name: Publish Test Report - uses: mikepenz/action-junit-report@5f47764eec0e1c1f19f40c8e60a5ba47e47015c5 - if: (success() || failure()) # always run even if the build step fails - with: - report_paths: 'acceptance-tests/tests/build/test-results/**/TEST-*.xml' - annotate_only: true accepttests-passed: + name: "accepttests-passed" runs-on: ubuntu-22.04 needs: [ acceptanceTestEthereum ] permissions: checks: write statuses: write + if: always() steps: - - name: consolidation - run: echo "consolidating statuses" + # Fail if any `needs` job was not a success. + # Along with `if: always()`, this allows this job to act as a single required status check for the entire workflow. + - name: Fail on workflow error + run: exit 1 + if: >- + ${{ + contains(needs.*.result, 'failure') + || contains(needs.*.result, 'cancelled') + || contains(needs.*.result, 'skipped') + }} \ No newline at end of file diff --git a/.github/workflows/artifacts.yml b/.github/workflows/artifacts.yml index 6923a43a94e..26beeed9cd0 100644 --- a/.github/workflows/artifacts.yml +++ b/.github/workflows/artifacts.yml @@ -1,11 +1,12 @@ -name: artifacts +name: release artifacts on: - workflow_dispatch: release: types: - prereleased +env: + GRADLE_OPTS: "-Dorg.gradle.parallel=true -Dorg.gradle.caching=true" jobs: artifacts: @@ -22,9 +23,11 @@ jobs: java-version: '17' - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 - - name: assemble distributions + with: + cache-disabled: true + - name: assemble release run: - ./gradlew -Prelease.releaseVersion=${{github.ref_name}} -Pversion=${{github.ref_name}} assemble -Dorg.gradle.parallel=true -Dorg.gradle.caching=true + ./gradlew -Prelease.releaseVersion=${{github.event.release.name}} -Pversion=${{github.event.release.name}} assemble - name: hashes id: hashes run: | @@ -35,29 +38,19 @@ jobs: uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 with: path: 'build/distributions/besu*.tar.gz' - name: besu-${{ github.ref_name }}.tar.gz + name: besu-${{ github.event.release.name }}.tar.gz compression-level: 0 - name: upload zipfile uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 with: path: 'build/distributions/besu*.zip' - name: besu-${{ github.ref_name }}.zip + name: besu-${{ github.event.release.name }}.zip compression-level: 0 - - name: Upload Release assets - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 - with: - append_body: true - files: | - build/distributions/besu*.tar.gz - build/distributions/besu*.zip - body: | - ${{steps.hashes.outputs.tarSha}} - ${{steps.hashes.outputs.zipSha}} + testWindows: runs-on: windows-2022 needs: artifacts timeout-minutes: 10 - if: ${{ github.actor != 'dependabot[bot]' }} steps: - name: Set up Java uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 @@ -67,13 +60,43 @@ jobs: - name: Download zip uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe with: - name: besu-${{ github.ref_name }}.zip + pattern: besu-*.zip + merge-multiple: true - name: test Besu run: | + dir unzip besu-*.zip -d besu-tmp cd besu-tmp mv besu-* ../besu cd .. besu\bin\besu.bat --help besu\bin\besu.bat --version - + publish: + runs-on: ubuntu-22.04 + needs: testWindows + steps: + - name: Download archives + uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe + with: + pattern: besu-* + merge-multiple: true + path: 'build/distributions' + - name: Upload Release assets + uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 + with: + append_body: true + files: | + build/distributions/besu*.tar.gz + build/distributions/besu*.zip + body: | + ${{steps.hashes.outputs.tarSha}} + ${{steps.hashes.outputs.zipSha}} + arifactoryPublish: + runs-on: ubuntu-22.04 + needs: artifacts + steps: + - name: Artifactory Publish + env: + ARTIFACTORY_USER: ${{ secrets.BESU_ARTIFACTORY_USER }} + ARTIFACTORY_KEY: ${{ secrets.BESU_ARTIFACTORY_TOKEN }} + run: ./gradlew -Prelease.releaseVersion=${{ github.event.release.name }} -Pversion=${{github.event.release.name}} artifactoryPublish \ No newline at end of file diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f0340e168c7..0a50ec57c2d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,15 +13,11 @@ name: "CodeQL" on: workflow_dispatch: - push: - branches: [ main ] - pull_request: - branches: [ main ] - paths-ignore: - - '**/*.json' - - '**/*.md' - - '**/*.properties' - - '**/*.txt' + schedule: + # * is a special character in YAML so you have to quote this string + # expression evaluates to midnight every night + - cron: '0 0 * * *' + jobs: analyze: name: Analyze @@ -50,6 +46,8 @@ jobs: - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 + with: + cache-disabled: true - name: compileJava noscan run: | JAVA_OPTS="-Xmx2048M" ./gradlew --no-scan compileJava diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 8889b0dc7ad..5cb78f215d4 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -19,16 +19,10 @@ jobs: java-version: 17 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 - - name: hadoLint_openj9-jdk_17 - run: docker run --rm -i hadolint/hadolint < docker/openj9-jdk-17/Dockerfile - - name: hadoLint_openjdk_17 - run: docker run --rm -i hadolint/hadolint < docker/openjdk-17/Dockerfile - - name: hadoLint_openjdk_17_debug - run: docker run --rm -i hadolint/hadolint < docker/openjdk-17-debug/Dockerfile - - name: hadoLint_openjdk_latest - run: docker run --rm -i hadolint/hadolint < docker/openjdk-latest/Dockerfile - - name: hadoLint_graalvm - run: docker run --rm -i hadolint/hadolint < docker/graalvm/Dockerfile + with: + cache-disabled: true + - name: hadoLint + run: docker run --rm -i hadolint/hadolint < docker/Dockerfile buildDocker: needs: hadolint permissions: @@ -66,6 +60,8 @@ jobs: java-version: 17 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 + with: + cache-disabled: true - name: install goss run: | mkdir -p docker/reports @@ -81,11 +77,12 @@ jobs: env: architecture: ${{ steps.prep.outputs.ARCH }} with: - arguments: testDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{github.ref_name}} -Prelease.releaseVersion=${{ github.ref_name }} + cache-disabled: true + arguments: testDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{github.event.release.name}} -Prelease.releaseVersion=${{ github.event.release.name }} - name: publish env: architecture: ${{ steps.prep.outputs.ARCH }} - run: ./gradlew --no-daemon dockerUpload -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{github.ref_name}} -Prelease.releaseVersion=${{ github.ref_name }} + run: ./gradlew --no-daemon dockerUpload -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{github.event.release.name}} -Prelease.releaseVersion=${{ github.event.release.name }} multiArch: needs: buildDocker runs-on: ubuntu-22.04 @@ -102,6 +99,8 @@ jobs: java-version: 17 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 + with: + cache-disabled: true - name: login to ${{ env.registry }} uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d with: @@ -109,7 +108,7 @@ jobs: username: ${{ secrets.DOCKER_USER_RW }} password: ${{ secrets.DOCKER_PASSWORD_RW }} - name: multi-arch docker - run: ./gradlew manifestDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{github.ref_name}} -Prelease.releaseVersion=${{ github.ref_name }} + run: ./gradlew manifestDocker -PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }} -Pversion=${{github.event.release.name}} -Prelease.releaseVersion=${{ github.event.release.name }} amendNotes: needs: multiArch runs-on: ubuntu-22.04 @@ -121,4 +120,4 @@ jobs: with: append_body: true body: | - `docker pull ${{env.registry}}/${{secrets.DOCKER_ORG}}/besu:${{github.ref_name}}` + `docker pull ${{env.registry}}/${{secrets.DOCKER_ORG}}/besu:${{github.event.release.name}}` diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 80a2eca1e27..8a60d09017d 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -1,58 +1,22 @@ name: integration-tests on: workflow_dispatch: - pull_request_target: + pull_request: branches: - main - release-* - pull_request_review: - types: - - submitted + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true env: - GRADLE_OPTS: "-Xmx6g -Dorg.gradle.daemon=false" + GRADLE_OPTS: "-Xmx6g -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true -Dorg.gradle.caching=true" jobs: - shouldRun: - name: checks to ensure we should run - runs-on: ubuntu-22.04 - outputs: - shouldRun: ${{steps.shouldRun.outputs.result}} - steps: - - name: required check - id: shouldRun - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea - env: - # fun fact, this changes based on incoming event, it will be different when we run this on pushes to main - RELEVANT_SHA: ${{ github.event.pull_request.head.sha || github.sha }} - with: - script: | - const { RELEVANT_SHA } = process.env; - const { data: { statuses } } = await github.rest.repos.getCombinedStatusForRef({ - owner: context.repo.owner, - repo: context.repo.repo, - ref: RELEVANT_SHA, - }); - - const intTested = statuses && statuses.filter(({ context }) => context === 'integration-tests'); - const alreadyRun = intTested && intTested.find(({ state }) => state === 'success') > 0; - const { data: reviews } = await github.rest.pulls.listReviews({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: context.issue.number, - }); - const approvingReviews = reviews && reviews.filter(review => review.state === 'APPROVED'); - const shouldRun = !alreadyRun && github.actor != 'dependabot[bot]' && (approvingReviews.length > 0); - - console.log("tests should be run = %j", shouldRun); - console.log("alreadyRun = %j", alreadyRun); - console.log("approvingReviews = %j", approvingReviews.length); - - return shouldRun; integration-tests: + name: "integration-passed" runs-on: ubuntu-22.04 - needs: shouldRun - if: ${{ needs.shouldRun.outputs.shouldRun == 'true' }} permissions: statuses: write checks: write @@ -68,13 +32,9 @@ jobs: java-version: 17 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 - - name: run integration tests - run: ./gradlew integrationTest compileJmh -Dorg.gradle.parallel=true -Dorg.gradle.caching=true - - name: Publish Test Report - uses: mikepenz/action-junit-report@5f47764eec0e1c1f19f40c8e60a5ba47e47015c5 - if: (success() || failure()) with: - report_paths: '**/build/test-results/integrationTest/TEST-*.xml' - annotate_only: true + cache-disabled: true + - name: run integration tests + run: ./gradlew integrationTest compileJmh diff --git a/.github/workflows/pre-review.yml b/.github/workflows/pre-review.yml index 0d3a3e6c900..1fa7d3d31d8 100644 --- a/.github/workflows/pre-review.yml +++ b/.github/workflows/pre-review.yml @@ -1,11 +1,18 @@ name: pre-review on: - pull_request_target: + pull_request: branches: - main - release-* +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +env: + GRADLE_OPTS: "-Xmx6g -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true" + jobs: repolint: name: "Repository Linting" @@ -28,7 +35,6 @@ jobs: - uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 spotless: runs-on: ubuntu-22.04 - if: ${{ github.actor != 'dependabot[bot]' }} steps: - name: Checkout Repo uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 @@ -41,8 +47,10 @@ jobs: java-version: 17 - name: Setup Gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 + with: + cache-disabled: true - name: run spotless - run: ./gradlew spotlessCheck -Dorg.gradle.parallel=true -Dorg.gradle.caching=true + run: ./gradlew spotlessCheck compile: runs-on: ubuntu-22.04 timeout-minutes: 30 @@ -59,8 +67,10 @@ jobs: java-version: 17 - name: Setup Gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 + with: + cache-disabled: true - name: Gradle Compile - run: ./gradlew build -x test -x spotlessCheck -Dorg.gradle.parallel=true -Dorg.gradle.caching=true + run: ./gradlew build -x test -x spotlessCheck unitTests: env: GRADLEW_UNIT_TEST_ARGS: ${{matrix.gradle_args}} @@ -80,6 +90,22 @@ jobs: - "ethereum:api:testRemainder" - "ethereum:eth:test" - "ethereum:core:test" + #includes will need exact strings from gradle args above + include: + - gradle_args: "test -x besu:test -x consensus:test -x crypto:test -x ethereum:eth:test -x ethereum:api:test -x ethereum:core:test" + filename: "everythingElse" + - gradle_args: "besu:test consensus:test crypto:test" + filename: "consensusCrypto" + - gradle_args: "ethereum:api:testBonsai" + filename: "apiBonsai" + - gradle_args: "ethereum:api:testRemainder" + filename: "apiForest" + - gradle_args: "ethereum:api:testRemainder" + filename: "apiRemainder" + - gradle_args: "ethereum:eth:test" + filename: "eth" + - gradle_args: "ethereum:core:test" + filename: "core" steps: - name: Checkout Repo uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 @@ -92,21 +118,32 @@ jobs: java-version: 17 - name: Setup Gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 + with: + cache-disabled: true - name: run unit tests id: unitTest - run: ./gradlew $GRADLEW_UNIT_TEST_ARGS -Dorg.gradle.parallel=true -Dorg.gradle.caching=true - - name: Publish Test Report - uses: mikepenz/action-junit-report@5f47764eec0e1c1f19f40c8e60a5ba47e47015c5 - if: success() || failure() # always run even if the build step fails + run: ./gradlew $GRADLEW_UNIT_TEST_ARGS + - name: Upload Unit Test Results + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 with: - report_paths: '**/test-results/**/TEST-*.xml' - annotate_only: true + name: unit-${{matrix.filename}}-test-results + path: '**/test-results/**/TEST-*.xml' unittests-passed: + name: "unittests-passed" runs-on: ubuntu-22.04 needs: [unitTests] permissions: checks: write statuses: write + if: always() steps: - - name: consolidation - run: echo "consolidating statuses" + # Fail if any `needs` job was not a success. + # Along with `if: always()`, this allows this job to act as a single required status check for the entire workflow. + - name: Fail on workflow error + run: exit 1 + if: >- + ${{ + contains(needs.*.result, 'failure') + || contains(needs.*.result, 'cancelled') + || contains(needs.*.result, 'skipped') + }} diff --git a/.github/workflows/reference-tests.yml b/.github/workflows/reference-tests.yml index ccb03632db3..68310944af4 100644 --- a/.github/workflows/reference-tests.yml +++ b/.github/workflows/reference-tests.yml @@ -1,67 +1,26 @@ name: reference-tests on: workflow_dispatch: - pull_request_target: + pull_request: branches: - main - release-* - pull_request_review: - types: [ submitted ] env: - GRADLE_OPTS: "-Xmx6g -Dorg.gradle.daemon=false" + GRADLE_OPTS: "-Xmx6g -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true -Dorg.gradle.caching=true" total-runners: 10 -jobs: - shouldRun: - name: checks to ensure we should run - # necessary because there is no single PR approved event, need to check all comments/approvals/denials - # might also be a job running, and additional approvals - runs-on: ubuntu-22.04 - outputs: - shouldRun: ${{steps.shouldRun.outputs.result}} - steps: - - name: required check - id: shouldRun - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea - env: - # fun fact, this changes based on incoming event, it will be different when we run this on pushes to main - RELEVANT_SHA: ${{ github.event.pull_request.head.sha || github.sha }} - with: - script: | - const { RELEVANT_SHA } = process.env; - const { data: { statuses } } = await github.rest.repos.getCombinedStatusForRef({ - owner: context.repo.owner, - repo: context.repo.repo, - ref: RELEVANT_SHA, - }); - - - const refTested = statuses && statuses.filter(({ context }) => context === 'reftests-passed'); - const alreadyRun = refTested && refTested.find(({ state }) => state === 'success') > 0; - const { data: reviews } = await github.rest.pulls.listReviews({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: context.issue.number, - }); - const approvingReviews = reviews && reviews.filter(review => review.state === 'APPROVED'); - const shouldRun = !alreadyRun && github.actor != 'dependabot[bot]' && (approvingReviews.length > 0); - - console.log("tests should be run = %j", shouldRun); - console.log("alreadyRun = %j", alreadyRun); - console.log("approvingReviews = %j", approvingReviews.length); - - return shouldRun; +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true +jobs: referenceTestEthereum: runs-on: ubuntu-22.04 permissions: statuses: write checks: write packages: read - needs: - - shouldRun - if: ${{ needs.shouldRun.outputs.shouldRun == 'true' }} strategy: fail-fast: true matrix: @@ -79,7 +38,8 @@ jobs: java-version: 17 - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 - #shame the test generation isn't less redundant, we used to do this in a dependent job, but artifact downloading broke + with: + cache-disabled: true - name: execute generate reference tests run: ./gradlew ethereum:referencetests:blockchainReferenceTests ethereum:referencetests:generalstateReferenceTests ethereum:referencetests:generalstateRegressionReferenceTests -Dorg.gradle.parallel=true -Dorg.gradle.caching=true - name: list test files generated @@ -95,26 +55,29 @@ jobs: - name: refTestArgs.txt run: cat refTestArgs.txt - name: run reference tests - run: ./gradlew ethereum:referenceTests:referenceTests `cat refTestArgs.txt` -Dorg.gradle.parallel=true -Dorg.gradle.caching=true + run: ./gradlew ethereum:referenceTests:referenceTests `cat refTestArgs.txt` - name: Upload Test Report uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 if: always() # always run even if the previous step fails with: name: reference-test-node-${{matrix.runner_index}}-results path: '**/build/test-results/referenceTests/TEST-*.xml' - - name: Publish Test Report - uses: mikepenz/action-junit-report@5f47764eec0e1c1f19f40c8e60a5ba47e47015c5 - if: success() || failure() # always run even if the build step fails - with: - report_paths: '**/build/test-results/referenceTests/TEST-*.xml' - annotate_only: true reftests-passed: + name: "reftests-passed" runs-on: ubuntu-22.04 needs: [ referenceTestEthereum ] permissions: checks: write statuses: write + if: always() steps: - - name: consolidation - run: echo "consolidating statuses" - + # Fail if any `needs` job was not a success. + # Along with `if: always()`, this allows this job to act as a single required status check for the entire workflow. + - name: Fail on workflow error + run: exit 1 + if: >- + ${{ + contains(needs.*.result, 'failure') + || contains(needs.*.result, 'cancelled') + || contains(needs.*.result, 'skipped') + }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ceb8ba602cb..8d8b4c8e79c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,6 +1,5 @@ name: release besu on: - workflow_dispatch: release: types: [released] env: @@ -23,7 +22,9 @@ jobs: password: ${{ secrets.DOCKER_PASSWORD_RW }} - name: Setup Gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 + with: + cache-disabled: true - name: Docker upload - run: ./gradlew "-Prelease.releaseVersion=${{ github.ref_name }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" dockerUploadRelease + run: ./gradlew "-Prelease.releaseVersion=${{ github.event.release.name }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" dockerUploadRelease - name: Docker manifest - run: ./gradlew "-Prelease.releaseVersion=${{ github.ref_name }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" manifestDockerRelease + run: ./gradlew "-Prelease.releaseVersion=${{ github.event.release.name }}" "-PdockerOrgName=${{ env.registry }}/${{ secrets.DOCKER_ORG }}" manifestDockerRelease diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 7891a6819db..9f70e699178 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -30,10 +30,12 @@ jobs: restore-keys: ${{ runner.os }}-sonar - name: setup gradle uses: gradle/actions/setup-gradle@9e899d11ad247ec76be7a60bc1cf9d3abbb9e7f1 + with: + cache-disabled: true - name: Build and analyze env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_ORGANIZATION: ${{ env.SONAR_ORGANIZATION }} - SONAR_PROJECT_KEY: $ {{ env.SONAR_PROJECT_KEY }} + SONAR_ORGANIZATION: ${{ vars.SONAR_ORGANIZATION }} + SONAR_PROJECT_KEY: ${{ vars.SONAR_PROJECT_KEY }} run: ./gradlew build sonarqube --continue --info -Dorg.gradle.parallel=true -Dorg.gradle.caching=true