From c7d517a7e735ff3c2971832e6c7196eb55e8b579 Mon Sep 17 00:00:00 2001 From: Philip Monk Date: Wed, 18 Jan 2023 12:19:54 -0700 Subject: [PATCH 1/4] ci: download runtime --- .github/workflows/build.yml | 16 +--- .github/workflows/merge-master.yml | 27 ------- .github/workflows/merge-release.yml | 17 ---- .github/workflows/vere.yml | 120 +--------------------------- default.nix | 4 - nix/lib/boot-fake-ship.nix | 6 +- nix/lib/test-fake-ship.nix | 9 +-- vere-version | 1 + 8 files changed, 13 insertions(+), 187 deletions(-) delete mode 100644 .github/workflows/merge-master.yml delete mode 100644 .github/workflows/merge-release.yml create mode 100644 vere-version diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c3878bd88b..34f280a270 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,21 +16,7 @@ on: - 'bin/**' - 'nix/**' - 'default.nix' - pull_request: - paths: - - '.github/workflows/build.yml' - - '.github/workflows/vere.yml' - - 'pkg/arvo/**' - - 'pkg/docker-image/**' - - 'pkg/ent/**' - - 'pkg/ge-additions/**' - - 'pkg/libaes_siv/**' - - 'pkg/urbit/**' - - 'pkg/urcrypt/**' - - 'tests/**' - - 'bin/**' - - 'nix/**' - - 'default.nix' + - 'vere-version' jobs: call-vere: diff --git a/.github/workflows/merge-master.yml b/.github/workflows/merge-master.yml deleted file mode 100644 index 48d0abf9fb..0000000000 --- a/.github/workflows/merge-master.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: merge -on: - push: - branches: - - 'master' -jobs: - merge-to-next-js: - runs-on: ubuntu-latest - name: "Merge master to release/next-userspace" - steps: - - uses: actions/checkout@v2 - - uses: devmasx/merge-branch@v1.3.1 - with: - type: now - target_branch: release/next-userspace - github_token: ${{ secrets.JANEWAY_BOT_TOKEN }} - - merge-to-group-timer: - runs-on: ubuntu-latest - name: "Merge master to ops/group-timer" - steps: - - uses: actions/checkout@v2 - - uses: devmasx/merge-branch@v1.3.1 - with: - type: now - target_branch: ops/group-timer - github_token: ${{ secrets.JANEWAY_BOT_TOKEN }} diff --git a/.github/workflows/merge-release.yml b/.github/workflows/merge-release.yml deleted file mode 100644 index eb7df325ab..0000000000 --- a/.github/workflows/merge-release.yml +++ /dev/null @@ -1,17 +0,0 @@ -name: ops-merge -on: - push: - branches: - - 'release/*' -jobs: - merge-release-to-ops: - runs-on: ubuntu-latest - name: "Merge to ops-tlon" - steps: - - uses: actions/checkout@v2 - - uses: devmasx/merge-branch@v1.3.1 - with: - type: now - target_branch: ops-tlon - github_token: ${{ secrets.JANEWAY_BOT_TOKEN }} - diff --git a/.github/workflows/vere.yml b/.github/workflows/vere.yml index 7827c4b67b..2ee287e105 100644 --- a/.github/workflows/vere.yml +++ b/.github/workflows/vere.yml @@ -51,8 +51,6 @@ jobs: matrix: include: - { os: ubuntu-latest, type: linux } - - { os: macos-latest, type: macos } - - { os: buildjet-4vcpu-ubuntu-2204-arm, type: linux } runs-on: ${{ matrix.os }} @@ -76,122 +74,12 @@ jobs: name: ares authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - # run unit tests early on linux (x-compilation will skip them) - - name: build dynamic binary (and run tests) - if: ${{ matrix.type == 'linux' }} - run: nix-build -A urbit - - - name: build static binary - run: | - nix-build -A urbit \ - --arg enableStatic true \ - --argstr verePace ${{ env.VERE_PACE }} > ./urbit-derivation - cat ./urbit-derivation - echo -n "urbit_static=" >> $GITHUB_ENV - cat ./urbit-derivation >> $GITHUB_ENV - cat ./urbit-derivation - - - name: confirm binary is mostly static - if: matrix.type == 'macos' - run: | - bin="${{ env.urbit_static }}/bin/urbit" - - if [ ! -f "$bin" ]; then - echo "no binary at $bin" - exit 1; - fi - - libs="$(otool -L "${{ env.urbit_static }}/bin/urbit" | tail -n +2)" - - # XX CoreFoundation? - if [ -z "$(echo "$libs" | grep -v libSystem)" ]; then - echo "it's mostly static" - echo "$libs" - exit 0 - else - echo "dynamic links found:" - echo "$libs" - exit 1 - fi - - - name: get version string - run: | - if [ "real" == "$VERSION_TYPE" ]; then - version="$(cat ./pkg/urbit/version)" - else - version="${GITHUB_SHA:0:9}" - fi - - echo -n "$version" > ./version-string - - - name: upload version string artifact - if: matrix.type == 'linux' - uses: actions/upload-artifact@v3 - with: - name: version-string - path: version-string - - - uses: google-github-actions/auth@v1 - with: - credentials_json: ${{ secrets.GCP_CREDENTIALS }} - - - uses: google-github-actions/setup-gcloud@v1 - if: inputs.upload - with: - project_id: ${{ secrets.GCS_PROJECT }} - - - name: upload binary to bootstrap.urbit.org - if: inputs.upload - run: | - version="$(cat ./version-string)" - system="$(nix-instantiate --eval --expr 'builtins.currentSystem')" - system=${system:1:${#system}-2} - target="gs://${UPLOAD_BASE}/${VERE_PACE}/${version}/vere-v${version}-${system}" - - gsutil cp -n "${{ env.urbit_static }}/bin/urbit" "$target" - exitcode=$? - - test $exitcode -eq 0 && - echo "upload to $target complete." || - echo "upload to $target failed."; - exit $exitcode - - if: ${{ matrix.os == 'ubuntu-latest' }} name: run urbit-tests run: | cp -RL tests pkg/arvo/tests + vere="$(cat ./vere-version | sed -e 's/\([^ ]*\) \([^ ]*\)/\1\/\2\/vere-\2/g' | tr -d '\n')" + url="$(echo https://bootstrap.urbit.org/vere/${vere}-linux-x86_64)" + curl -Lo pkg/arvo/urbit.jam "$url" + chmod +x pkg/arvo/urbit.jam nix-build -A urbit-tests - - - if: ${{ matrix.os == 'ubuntu-latest' }} - run: nix-build -A docker-image - - after: - runs-on: ubuntu-latest - needs: [urbit] - if: inputs.upload - steps: - - uses: google-github-actions/setup-gcloud@v0.2.0 - with: - version: '290.0.1' - service_account_key: ${{ secrets.GCS_SERVICE_ACCOUNT_KEY }} - project_id: ${{ secrets.GCS_PROJECT }} - export_default_credentials: true - - - name: download version-string - uses: actions/download-artifact@v3 - with: - name: version-string - - - name: update latest deployed version - run: | - target="gs://${UPLOAD_BASE}/${VERE_PACE}/last" - - # *not* -n, as we want to overwrite the latest version-string - # - gsutil cp ./version-string "$target" - exitcode=$? - - test $exitcode -eq 0 && - echo "upload to $target complete." || - echo "upload to $target failed."; - exit $exitcode diff --git a/default.nix b/default.nix index cde49c4755..3c5ca44c9e 100644 --- a/default.nix +++ b/default.nix @@ -100,8 +100,6 @@ let marsSources = callPackage ./nix/pkgs/marsSources { }; - urbit = callPackage ./nix/pkgs/urbit { inherit enableStatic verePace; }; - urcrypt = callPackage ./nix/pkgs/urcrypt { inherit enableStatic; }; docker-image = callPackage ./nix/pkgs/docker-image { }; @@ -112,11 +110,9 @@ let # Expose packages with local customisations (like patches) for dev access. inherit (pkgsStatic) libsigsegv lmdb; - urbit-debug = urbit.override { enableDebug = true; }; urbit-tests = libLocal.testFakeShip { inherit arvo; - urbit = urbit-debug; pill = solid.lfs; }; diff --git a/nix/lib/boot-fake-ship.nix b/nix/lib/boot-fake-ship.nix index 2b955c85fd..d1d90b169e 100644 --- a/nix/lib/boot-fake-ship.nix +++ b/nix/lib/boot-fake-ship.nix @@ -1,6 +1,6 @@ { lib, stdenvNoCC, curl }: -{ urbit, arvo ? null, pill, ship, arguments ? [ "-l" ] }: +{ arvo ? null, pill, ship, arguments ? [ "-l" ] }: let @@ -10,14 +10,14 @@ let in stdenvNoCC.mkDerivation { name = "fake-${ship}"; - buildInputs = [ curl urbit ]; + buildInputs = [ curl ]; phases = [ "buildPhase" "installPhase " ]; buildPhase = '' set -xeuo pipefail - urbit ${lib.concatStringsSep " " args} ./pier + ${arvo}/urbit.jam ${lib.concatStringsSep " " args} ./pier cleanup () { if [ -f ./pier/.vere.lock ]; then diff --git a/nix/lib/test-fake-ship.nix b/nix/lib/test-fake-ship.nix index f9fc7e2fa0..7728a44376 100644 --- a/nix/lib/test-fake-ship.nix +++ b/nix/lib/test-fake-ship.nix @@ -1,16 +1,15 @@ { lib, stdenvNoCC, curl, python3, bootFakeShip }: -{ urbit, arvo ? null, pill, ship ? "bus", arguments ? urbit.meta.arguments -, doCheck ? true }: +{ arvo ? null, pill, ship ? "bus", doCheck ? true }: stdenvNoCC.mkDerivation { name = "test-${ship}"; - src = bootFakeShip { inherit urbit arvo pill ship; }; + src = bootFakeShip { inherit arvo pill ship; }; phases = [ "unpackPhase" "buildPhase" "checkPhase" ]; - buildInputs = [ curl python3 urbit ]; + buildInputs = [ curl python3 ]; unpackPhase = '' cp -R $src ./pier @@ -20,7 +19,7 @@ stdenvNoCC.mkDerivation { buildPhase = '' set -x - urbit ${lib.concatStringsSep " " arguments} -d ./pier 2> urbit-output + ${arvo}/urbit.jam -d ./pier 2> urbit-output # Sledge Hammer! # See: https://github.com/travis-ci/travis-ci/issues/4704#issuecomment-348435959 diff --git a/vere-version b/vere-version new file mode 100644 index 0000000000..1101d53597 --- /dev/null +++ b/vere-version @@ -0,0 +1 @@ +edge v1.17-1429d53 From 31a6ff2ec861a5a6177afa6d1604be984d273309 Mon Sep 17 00:00:00 2001 From: Philip Monk Date: Wed, 18 Jan 2023 15:45:55 -0700 Subject: [PATCH 2/4] ci: re-add pr flow --- .github/workflows/build.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 34f280a270..400845174d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,6 +17,22 @@ on: - 'nix/**' - 'default.nix' - 'vere-version' + pull_request: + paths: + - '.github/workflows/build.yml' + - '.github/workflows/vere.yml' + - 'pkg/arvo/**' + - 'pkg/docker-image/**' + - 'pkg/ent/**' + - 'pkg/ge-additions/**' + - 'pkg/libaes_siv/**' + - 'pkg/urbit/**' + - 'pkg/urcrypt/**' + - 'tests/**' + - 'bin/**' + - 'nix/**' + - 'default.nix' + - 'vere-version' jobs: call-vere: From d2468c01788f8428d16224a6a057a09934828408 Mon Sep 17 00:00:00 2001 From: Philip Monk Date: Wed, 18 Jan 2023 15:48:29 -0700 Subject: [PATCH 3/4] ci: comment --- .github/workflows/vere.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/vere.yml b/.github/workflows/vere.yml index 2ee287e105..3b7169916e 100644 --- a/.github/workflows/vere.yml +++ b/.github/workflows/vere.yml @@ -80,6 +80,7 @@ jobs: cp -RL tests pkg/arvo/tests vere="$(cat ./vere-version | sed -e 's/\([^ ]*\) \([^ ]*\)/\1\/\2\/vere-\2/g' | tr -d '\n')" url="$(echo https://bootstrap.urbit.org/vere/${vere}-linux-x86_64)" + # put in .jam so it doesn't crash when it gets -A'd in curl -Lo pkg/arvo/urbit.jam "$url" chmod +x pkg/arvo/urbit.jam nix-build -A urbit-tests From 47a5f5c9a955e5375df42df43ded963e827384f0 Mon Sep 17 00:00:00 2001 From: Philip Monk Date: Thu, 19 Jan 2023 13:34:34 -0700 Subject: [PATCH 4/4] ci: urbit -> vere --- .github/workflows/vere.yml | 4 ++-- nix/lib/boot-fake-ship.nix | 2 +- nix/lib/test-fake-ship.nix | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/vere.yml b/.github/workflows/vere.yml index 3b7169916e..9edc1c51b7 100644 --- a/.github/workflows/vere.yml +++ b/.github/workflows/vere.yml @@ -81,6 +81,6 @@ jobs: vere="$(cat ./vere-version | sed -e 's/\([^ ]*\) \([^ ]*\)/\1\/\2\/vere-\2/g' | tr -d '\n')" url="$(echo https://bootstrap.urbit.org/vere/${vere}-linux-x86_64)" # put in .jam so it doesn't crash when it gets -A'd in - curl -Lo pkg/arvo/urbit.jam "$url" - chmod +x pkg/arvo/urbit.jam + curl -Lo pkg/arvo/vere.jam "$url" + chmod +x pkg/arvo/vere.jam nix-build -A urbit-tests diff --git a/nix/lib/boot-fake-ship.nix b/nix/lib/boot-fake-ship.nix index d1d90b169e..e5f4d32102 100644 --- a/nix/lib/boot-fake-ship.nix +++ b/nix/lib/boot-fake-ship.nix @@ -17,7 +17,7 @@ in stdenvNoCC.mkDerivation { buildPhase = '' set -xeuo pipefail - ${arvo}/urbit.jam ${lib.concatStringsSep " " args} ./pier + ${arvo}/vere.jam ${lib.concatStringsSep " " args} ./pier cleanup () { if [ -f ./pier/.vere.lock ]; then diff --git a/nix/lib/test-fake-ship.nix b/nix/lib/test-fake-ship.nix index 7728a44376..a7cb31e330 100644 --- a/nix/lib/test-fake-ship.nix +++ b/nix/lib/test-fake-ship.nix @@ -19,7 +19,7 @@ stdenvNoCC.mkDerivation { buildPhase = '' set -x - ${arvo}/urbit.jam -d ./pier 2> urbit-output + ${arvo}/vere.jam -d ./pier 2> urbit-output # Sledge Hammer! # See: https://github.com/travis-ci/travis-ci/issues/4704#issuecomment-348435959