mirror of
https://github.com/digital-asset/daml.git
synced 2024-09-20 09:17:43 +03:00
c44f33736e
This PR drops two things: 1. The check that the benchmark hasn’t been modified. This hasn’t ever been useful and it keeps being annoying. 2. It stops the comparison against the old version and instead just benchmarks the current version. We really only care about the day to day changes. Comparing against an arbitrary year old version has lost all meaning at this point. changelog_begin changelog_end
219 lines
7.8 KiB
YAML
219 lines
7.8 KiB
YAML
# Copyright (c) 2021 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
# Azure Pipelines file, see https://aka.ms/yaml
|
|
|
|
# Enable builds on all branches
|
|
trigger:
|
|
# Build every commit as our release process relies on
|
|
# the release process being built alone.
|
|
batch: false
|
|
branches:
|
|
include:
|
|
- main
|
|
- release/*
|
|
|
|
# Enable PR triggers that target the main branch
|
|
pr: none
|
|
|
|
jobs:
|
|
- template: ci/build.yml
|
|
|
|
- job: release
|
|
dependsOn: [ "check_for_release", "Linux", "macOS", "Windows" ]
|
|
condition: and(succeeded(),
|
|
eq(dependencies.check_for_release.outputs['out.is_release'], 'true'),
|
|
eq(variables['Build.SourceBranchName'], 'main'))
|
|
pool:
|
|
name: 'ubuntu_20_04'
|
|
demands: assignment -equals default
|
|
variables:
|
|
release_sha: $[ dependencies.check_for_release.outputs['out.release_sha'] ]
|
|
release_tag: $[ dependencies.check_for_release.outputs['out.release_tag'] ]
|
|
trigger_sha: $[ dependencies.check_for_release.outputs['out.trigger_sha'] ]
|
|
steps:
|
|
- template: ci/report-start.yml
|
|
- checkout: self
|
|
persistCredentials: true
|
|
- bash: |
|
|
set -euo pipefail
|
|
git checkout $(release_sha)
|
|
name: checkout_release
|
|
- template: ci/bash-lib.yml
|
|
parameters:
|
|
var_name: bash-lib
|
|
- bash: |
|
|
set -euo pipefail
|
|
source $(bash-lib)
|
|
if git tag v$(release_tag) $(release_sha); then
|
|
git push origin v$(release_tag)
|
|
mkdir $(Build.StagingDirectory)/release-artifacts
|
|
else
|
|
setvar skip-github TRUE
|
|
fi
|
|
- task: DownloadPipelineArtifact@0
|
|
inputs:
|
|
artifactName: linux-release
|
|
targetPath: $(Build.StagingDirectory)/release-artifacts
|
|
condition: and(succeeded(), not(eq(variables['skip-github'], 'TRUE')))
|
|
- task: DownloadPipelineArtifact@0
|
|
inputs:
|
|
artifactName: macos-release
|
|
targetPath: $(Build.StagingDirectory)/release-artifacts
|
|
condition: and(succeeded(), not(eq(variables['skip-github'], 'TRUE')))
|
|
- task: DownloadPipelineArtifact@0
|
|
inputs:
|
|
artifactName: windows-release
|
|
targetPath: $(Build.StagingDirectory)/release-artifacts
|
|
condition: and(succeeded(), not(eq(variables['skip-github'], 'TRUE')))
|
|
- bash: |
|
|
set -euo pipefail
|
|
KEY_FILE=$(mktemp)
|
|
GPG_DIR=$(mktemp -d)
|
|
cleanup() {
|
|
rm -rf $KEY_FILE $GPG_DIR
|
|
}
|
|
trap cleanup EXIT
|
|
echo "$GPG_KEY" | base64 -d > $KEY_FILE
|
|
gpg --homedir $GPG_DIR --no-tty --quiet --import $KEY_FILE
|
|
cd $(Build.StagingDirectory)/release-artifacts/github
|
|
sha256sum $(find . -type f | sort) > sha256sums
|
|
# Note: relies on our release artifacts not having spaces in their
|
|
# names. Creates a ${f}.asc with the signature for each $f.
|
|
for f in *; do
|
|
gpg --homedir $GPG_DIR -ab $f
|
|
done
|
|
cd ../artifactory
|
|
for f in *; do
|
|
gpg --homedir $GPG_DIR -ab $f
|
|
done
|
|
env:
|
|
GPG_KEY: $(gpg-code-signing)
|
|
- task: GitHubRelease@0
|
|
inputs:
|
|
gitHubConnection: 'garyverhaegen-da'
|
|
repositoryName: '$(Build.Repository.Name)'
|
|
action: 'create'
|
|
target: '$(release_sha)'
|
|
tagSource: 'manual'
|
|
tag: 'v$(release_tag)'
|
|
assets: $(Build.StagingDirectory)/release-artifacts/github/*
|
|
assetUploadMode: 'replace'
|
|
title: '$(release_tag)'
|
|
addChangeLog: false
|
|
isPrerelease: true
|
|
releaseNotesSource: 'input'
|
|
releaseNotes: "This is a pre-release. Use at your own risk."
|
|
condition: and(succeeded(), not(eq(variables['skip-github'], 'TRUE')))
|
|
- bash: |
|
|
set -euo pipefail
|
|
./ci/publish-artifactory.sh $(Build.StagingDirectory) $(release_tag)
|
|
env:
|
|
AUTH: $(ARTIFACTORY_USERNAME):$(ARTIFACTORY_PASSWORD)
|
|
condition: and(succeeded(), not(eq(variables['skip-github'], 'TRUE')))
|
|
- bash: |
|
|
set -euo pipefail
|
|
|
|
source $(bash-lib)
|
|
|
|
cd $(Build.StagingDirectory)/release-artifacts/github
|
|
for f in *; do
|
|
gcs "$GCRED" cp "$f" "gs://daml-data/releases/$(release_tag)/github/$f"
|
|
done
|
|
|
|
cd $(Build.StagingDirectory)/release-artifacts/artifactory
|
|
for f in *; do
|
|
gcs "$GCRED" cp "$f" "gs://daml-data/releases/$(release_tag)/artifactory/$f"
|
|
done
|
|
name: backup_to_gcs
|
|
env:
|
|
GCRED: $(GOOGLE_APPLICATION_CREDENTIALS_CONTENT)
|
|
condition: and(succeeded(), not(eq(variables['skip-github'], 'TRUE')))
|
|
- bash: |
|
|
set -euo pipefail
|
|
msg=$(git log -n1 --format=%b HEAD | head -1)
|
|
# Keep this line in sync with RELEASE_PR_NOTIF in ci/cron/wednesday.yml
|
|
if [ "$msg" = "This PR has been created by a script, which is not very smart" ]; then
|
|
pr_handler="<@$(head -1 release/rotation | awk '{print $1}')>"
|
|
else
|
|
pr_handler=""
|
|
fi
|
|
curl -XPOST \
|
|
-i \
|
|
-H 'Content-Type: application/json' \
|
|
--data "{\"text\":\"${pr_handler} Release \`$(release_tag)\` is ready for testing. See <https://github.com/digital-asset/daml/blob/main/release/RELEASE.md|release instructions>. (<https://dev.azure.com/digitalasset/daml/_build/results?buildId=$(Build.BuildId)|build>, <https://github.com/digital-asset/daml/commit/$(trigger_sha)|trigger commit>, <https://github.com/digital-asset/daml/commit/$(release_sha)|target commit>)\"}" \
|
|
$(Slack.team-daml)
|
|
- template: ci/tell-slack-failed.yml
|
|
parameters:
|
|
trigger_sha: '$(trigger_sha)'
|
|
- template: ci/report-end.yml
|
|
|
|
- job: compat_versions_pr
|
|
dependsOn:
|
|
- git_sha
|
|
- release
|
|
- check_for_release
|
|
pool:
|
|
name: ubuntu_20_04
|
|
demands: assignment -equals default
|
|
variables:
|
|
release_tag: $[ dependencies.check_for_release.outputs['out.release_tag'] ]
|
|
branch_sha: $[ dependencies.git_sha.outputs['out.branch'] ]
|
|
steps:
|
|
- checkout: self
|
|
persistCredentials: true
|
|
- bash: ci/dev-env-install.sh
|
|
- template: ci/bash-lib.yml
|
|
parameters:
|
|
var_name: bash_lib
|
|
- bash: |
|
|
set -euo pipefail
|
|
eval "$(./dev-env/bin/dade-assist)"
|
|
|
|
## refresh tags, in case someone deleted one
|
|
git fetch --prune --prune-tags
|
|
|
|
source $(bash_lib)
|
|
|
|
DELAY=1
|
|
while ! curl --fail -I https://repo1.maven.org/maven2/com/daml/ledger-api-test-tool/$(release_tag)/ledger-api-test-tool-$(release_tag).jar; do
|
|
sleep $DELAY
|
|
DELAY=$(( DELAY * 2 ))
|
|
if (( $DELAY > 2000 )); then
|
|
echo "Too many attempts waiting for Maven."
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
trap "git checkout $(branch_sha)" EXIT
|
|
git checkout origin/main
|
|
cp .bazelrc compatibility/
|
|
compatibility/update-versions.sh
|
|
git add compatibility/versions.bzl compatibility/maven_install.json
|
|
|
|
BRANCH=update-compat-versions-for-$(release_tag)-$(Build.BuildId)
|
|
TITLE="update compat versions for $(release_tag)"
|
|
open_pr "$BRANCH" "$TITLE"
|
|
|
|
setvar "branch" "$BRANCH"
|
|
name: out
|
|
|
|
- template: ci/tell-slack-failed.yml
|
|
parameters:
|
|
trigger_sha: '$(trigger_sha)'
|
|
|
|
- job: compat_versions_pr_trigger_daily
|
|
dependsOn: compat_versions_pr
|
|
pool:
|
|
vmImage: "ubuntu-18.04"
|
|
variables:
|
|
branch: $[ dependencies.compat_versions_pr.outputs['out.branch'] ]
|
|
steps:
|
|
- checkout: none
|
|
- bash: |
|
|
set -euo pipefail
|
|
az extension add --name azure-devops
|
|
echo "$(System.AccessToken)" | az devops login --org "https://dev.azure.com/digitalasset"
|
|
az pipelines build queue --branch $(branch) --definition-name "digital-asset.daml-daily-compat" --org "https://dev.azure.com/digitalasset" --project daml
|
|
az pipelines build queue --branch $(branch) --definition-name "PRs" --org "https://dev.azure.com/digitalasset" --project daml
|