refactor(SwingSet): Simplify conditions in mapVatSlotToKernelSlot (#1… #3750
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build release Docker Images | |
| on: | |
| push: | |
| branches: | |
| # $default-branch | |
| - master | |
| - 'release-*' | |
| - 'dev-*' | |
| tags: | |
| - '@agoric/sdk@*' | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| DOCKER_PLATFORMS: linux/amd64,linux/arm64/v8 | |
| GCE_ZONE: us-central1-a | |
| jobs: | |
| snapshot: | |
| if: ${{ github.repository_owner == 'agoric' }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| tag: '${{ steps.snapshot-tag.outputs.tag }}' | |
| steps: | |
| - name: Generate Snapshot Tag | |
| id: snapshot-tag | |
| run: | | |
| COMMIT_TIME=$(curl --fail --silent \ | |
| --url https://api.github.com/repos/${{ github.repository }}/commits/${{ github.sha }} \ | |
| --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \ | |
| --header 'content-type: application/json' \ | |
| | jq '(.commit.committer.date | fromdate)') | |
| TIMESTAMP=`date +%Y%m%d%H%M%S --date="@${COMMIT_TIME}"` | |
| SHORT_SHA=$(echo "${GITHUB_SHA}" | cut -c1-6) | |
| SNAPSHOT_TAG="${TIMESTAMP}-${SHORT_SHA}" | |
| echo "tag=$SNAPSHOT_TAG" >> $GITHUB_OUTPUT | |
| docker-sdk: | |
| permissions: | |
| # allow issuing OIDC tokens for this workflow run | |
| id-token: write | |
| # allow at least reading the repo contents, add other permissions if necessary | |
| contents: read | |
| # to push the resulting images | |
| packages: write | |
| needs: snapshot | |
| runs-on: 'depot-ubuntu-22.04-16' # ubuntu-latest | |
| outputs: | |
| tag: '${{ steps.docker-tags.outputs.tags }}' | |
| tags: '${{ steps.docker-tags.outputs.tags }} ${{ needs.snapshot.outputs.tag }}' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: depot/setup-action@v1 | |
| with: | |
| oidc: true # to set DEPOT_TOKEN for later steps | |
| - run: depot configure-docker | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| # see https://docs.github.com/en/actions/publishing-packages/publishing-docker-images | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| - name: Save BUILD_TAG | |
| run: | | |
| echo "BUILD_TAG=${{ needs.snapshot.outputs.tag }}" >> $GITHUB_ENV | |
| - name: Save GIT_REVISION | |
| run: echo "GIT_REVISION=$(git rev-parse HEAD)" >> $GITHUB_ENV | |
| - name: Save GIT_COMMIT | |
| run: echo "GIT_COMMIT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV | |
| - name: Save commit hash, url of submodules to environment | |
| run: | | |
| node packages/xsnap/src/build.js --show-env >> $GITHUB_ENV | |
| - name: Build and Push ssh-node | |
| uses: depot/build-push-action@v1 | |
| with: | |
| file: packages/deployment/Dockerfile.ssh-node | |
| context: packages/deployment/docker | |
| platforms: ${{ env.DOCKER_PLATFORMS }} | |
| push: true | |
| tags: '${{ env.REGISTRY }}/agoric/ssh-node:${{ env.BUILD_TAG }}' | |
| - name: Compute tags | |
| id: docker-tags | |
| run: | | |
| set -ex | |
| SDK_TAG=$(echo "$GITHUB_REF_NAME" | sed -ne 's!^@agoric/sdk@!!p') | |
| case $SDK_TAG in | |
| "") | |
| case $GITHUB_REF_NAME in | |
| release-*) | |
| # A pre-release. | |
| DOCKER_TAGS=${GITHUB_REF_NAME#release-}-dev | |
| ;; | |
| dev-*) | |
| # A pre-release while our release branch is straying from master | |
| DOCKER_TAGS=${GITHUB_REF_NAME#dev-}-dev | |
| ;; | |
| master) | |
| # A trunk dev release. | |
| DOCKER_TAGS=dev | |
| ;; | |
| *) | |
| # Some other dev release. | |
| DOCKER_TAGS=other-dev | |
| ;; | |
| esac | |
| ;; | |
| *) | |
| # A tagged SDK release. | |
| # The commit may or may not be a descendant of the current master branch | |
| DOCKER_TAGS="latest $SDK_TAG" | |
| ;; | |
| esac | |
| DOCKER_TAGS="$DOCKER_TAGS $BUILD_TAG" | |
| echo "tags=$DOCKER_TAGS" >> $GITHUB_OUTPUT | |
| - name: Prefix tags | |
| id: prefix-tags | |
| run: | | |
| IMAGE="$REGISTRY/agoric/agoric-sdk" | |
| for TAG in ${{ steps.docker-tags.outputs.tags }}; do | |
| PREFIXED="$PREFIXED$sep$IMAGE:$TAG" | |
| sep=, | |
| done | |
| echo "tags=$PREFIXED" >> $GITHUB_OUTPUT | |
| - name: Build and Push sdk | |
| uses: depot/build-push-action@v1 | |
| with: | |
| file: packages/deployment/Dockerfile.sdk | |
| context: ./ | |
| platforms: ${{ env.DOCKER_PLATFORMS }} | |
| push: true | |
| tags: '${{ steps.prefix-tags.outputs.tags }}' | |
| # When changing/adding entries here, make sure to search the whole | |
| # project for `@@AGORIC_DOCKER_SUBMODULES@@` | |
| build-args: | | |
| GIT_COMMIT=${{env.GIT_COMMIT}} | |
| MODDABLE_COMMIT_HASH=${{env.MODDABLE_COMMIT_HASH}} | |
| MODDABLE_URL=${{env.MODDABLE_URL}} | |
| XSNAP_NATIVE_COMMIT_HASH=${{env.XSNAP_NATIVE_COMMIT_HASH}} | |
| XSNAP_NATIVE_URL=${{env.XSNAP_NATIVE_URL}} | |
| GIT_REVISION=${{env.GIT_REVISION}} | |
| - name: Build and Push setup | |
| uses: depot/build-push-action@v1 | |
| with: | |
| file: packages/deployment/Dockerfile | |
| context: packages/deployment | |
| platforms: ${{ env.DOCKER_PLATFORMS }} | |
| tags: '${{ env.REGISTRY }}/agoric/cosmic-swingset-setup:${{ env.BUILD_TAG }}' | |
| push: true | |
| build-args: | | |
| TAG=${{ env.BUILD_TAG }} | |
| - name: notify on failure | |
| if: failure() | |
| uses: ./.github/actions/notify-status | |
| with: | |
| webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
| to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
| password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
| docker-solo: | |
| needs: [docker-sdk, snapshot] | |
| runs-on: 'depot-ubuntu-22.04-16' # ubuntu-latest | |
| permissions: | |
| # allow issuing OIDC tokens for this workflow run | |
| id-token: write | |
| # allow at least reading the repo contents, add other permissions if necessary | |
| contents: read | |
| # to push the resulting images | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Save SDK_TAG | |
| run: echo "SDK_TAG=${{ needs.snapshot.outputs.tag }}" >> $GITHUB_ENV | |
| - name: Prefix tags | |
| id: prefix-tags | |
| run: | | |
| IMAGE="$REGISTRY/agoric/cosmic-swingset-solo" | |
| for TAG in ${{ needs.docker-sdk.outputs.tags }}; do | |
| PREFIXED="$PREFIXED$sep$IMAGE:$TAG" | |
| sep=, | |
| done | |
| echo "tags=$PREFIXED" >> $GITHUB_OUTPUT | |
| - uses: depot/setup-action@v1 | |
| with: | |
| oidc: true # to set DEPOT_TOKEN for later steps | |
| - run: depot configure-docker | |
| - name: Login to Docker Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| - name: Build and Push | |
| uses: depot/build-push-action@v1 | |
| with: | |
| file: packages/solo/Dockerfile | |
| context: packages/solo | |
| platforms: ${{ env.DOCKER_PLATFORMS }} | |
| push: true | |
| tags: '${{ steps.prefix-tags.outputs.tags }}' | |
| build-args: | | |
| TAG=${{env.SDK_TAG}} | |
| - name: notify on failure | |
| if: failure() | |
| uses: ./.github/actions/notify-status | |
| with: | |
| webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
| to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
| password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
| docker-ymax: | |
| if: github.ref == 'refs/heads/master' || github.event_name == 'workflow_dispatch' | |
| permissions: | |
| # allow issuing OIDC tokens for this workflow run | |
| id-token: write | |
| # allow at least reading the repo contents, add other permissions if necessary | |
| contents: read | |
| # to push the resulting images | |
| packages: write | |
| needs: snapshot | |
| runs-on: 'depot-ubuntu-latest' | |
| outputs: | |
| tag: '${{ steps.docker-tags.outputs.tags }}' | |
| tags: '${{ steps.docker-tags.outputs.tags }} ${{ needs.snapshot.outputs.tag }}' | |
| digest: ${{ steps.build.outputs.digest }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: depot/setup-action@v1 | |
| with: | |
| oidc: true # to set DEPOT_TOKEN for later steps | |
| - run: depot configure-docker | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| # see https://docs.github.com/en/actions/publishing-packages/publishing-docker-images | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| - name: Save BUILD_TAG | |
| run: | | |
| echo "BUILD_TAG=${{ needs.snapshot.outputs.tag }}" >> $GITHUB_ENV | |
| - name: Build and Push ymax-planner | |
| uses: depot/build-push-action@v1 | |
| id: build | |
| with: | |
| file: services/ymax-planner/Dockerfile | |
| context: ./ | |
| platforms: ${{ env.DOCKER_PLATFORMS }} | |
| push: true | |
| tags: | | |
| ${{ env.REGISTRY }}/agoric/agoric-sdk:ymax-planner | |
| ${{ env.REGISTRY }}/agoric/agoric-sdk:${{ env.BUILD_TAG }} | |
| - name: notify on failure | |
| if: failure() | |
| uses: ./.github/actions/notify-status | |
| with: | |
| webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
| to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
| password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
| # it only actually deploys if there is a change in the Docker digest | |
| deploy-ymax0-planner: | |
| needs: docker-ymax | |
| if: needs.docker-ymax.result == 'success' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Auth to Google Cloud (SA key) | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_KEY }} | |
| - name: Set up gcloud | |
| uses: google-github-actions/setup-gcloud@v2 | |
| - name: Write .env file from JSON | |
| shell: bash | |
| run: | | |
| jq -r 'to_entries[] | "\(.key)=\(.value)"' \ | |
| <<< '${{ secrets.YMAX0_PLANNER_ENV }}' > .env.gcp | |
| - name: Check if VM already has docker image digest | |
| id: decide | |
| shell: bash | |
| env: | |
| # ymax0-planner vm: https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-a/instances/ymax-planner-template-20250903-125004?inv=1&invt=Ab56Cw&project=simulationlab | |
| GCE_INSTANCE: ymax-planner-template-20250903-125004 | |
| GCE_ZONE: ${{ env.GCE_ZONE }} | |
| run: | | |
| TARGET="ghcr.io/agoric/agoric-sdk:ymax-planner@${{ needs.docker-ymax.outputs.digest }}" | |
| .github/scripts/check_digest.sh "$GCE_INSTANCE" "$GCE_ZONE" "$TARGET" | |
| - name: Update GCE Ymax0 container (by digest) | |
| if: steps.decide.outputs.should_deploy == 'true' | |
| shell: bash | |
| env: | |
| GCE_INSTANCE: ymax-planner-template-20250903-125004 | |
| GCE_ZONE: ${{ env.GCE_ZONE }} | |
| run: | | |
| IMAGE="ghcr.io/agoric/agoric-sdk:ymax-planner@${{ needs.docker-ymax.outputs.digest }}" | |
| .github/scripts/deploy_vm.sh "$GCE_INSTANCE" "$GCE_ZONE" "$IMAGE" "./.env.gcp" |