Merge branch 'main' into feat/bls-glue

Author: ivokub

.github/actions/linea-besu-package/assemble/action.yml

@@ -0,0 +1,137 @@
+---
+name: 'assemble'
+description: 'Composite action to assemble the artifacts for the targer environment'
+
+inputs:
+  release_tag_prefix:
+    description: 'Custom release tag prefix'
+    required: true
+  compile_release_notes:
+    description: 'Compile release notes or not'
+    required: false
+    default: 'false'
+
+outputs:
+  workflow_id:
+    description: workflow id
+    value: ${{ steps.workflowdetails.outputs.id }}
+
+  build_date:
+    description: build date
+    value: ${{ steps.workflowdetails.outputs.build_date }}
+
+  dockertag:
+    description: docker tag
+    value: ${{ steps.dockertag.outputs.dockertag }}
+
+  dockerimage:
+    description: docker image
+    value: ${{ steps.dockerimage.outputs.dockerimage }}
+
+  releasetag:
+    description: release tag
+    value: ${{ steps.releasetag.outputs.releasetag }}
+  
+  tracer_plugin_version:
+    description: tracer plugin version
+    value: ${{ steps.dotenv.outputs.LINEA_TRACER_PLUGIN_VERSION }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Checkout tools repo
+      uses: actions/checkout@v4
+      with:
+        repository: Consensys/docs-gha
+        path: .docs-gha
+
+    - name: get workflow_details
+      id: workflowdetails
+      shell: bash      
+      run: |
+        echo "id=${{ github.run_id }}" >> $GITHUB_OUTPUT
+        echo "build_date=$(date --rfc-3339=date)" >> $GITHUB_OUTPUT
+    
+    - name: get versions via dotenv
+      id: dotenv
+      uses: falti/dotenv-action@v1
+      with:
+        path: linea-besu-package/versions.env
+        mode: development
+        keys-case: lower
+        log-variables: true
+        load-mode: strict
+    
+    - name: Set timestamp
+      id: timestamp
+      shell: bash     
+      run: |
+        echo "TIMESTAMP=$(date -u +%Y%m%d%H%M%S)" >> $GITHUB_OUTPUT
+
+    - name: Compute commit hash
+      id: commithash
+      shell: bash
+      run: |
+        # For PR, GITHUB_SHA is NOT the last commit pushed onto the PR branch - https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#pull_request
+        if [[ "${{ github.event_name }}" == "pull_request" ]]; then
+          echo "commithash=$(git rev-parse --short=7 ${{ github.event.pull_request.head.sha }})" >> $GITHUB_OUTPUT
+        else
+          echo "commithash=$(git rev-parse --short=7 $GITHUB_SHA)" >> $GITHUB_OUTPUT
+        fi
+
+    - name: set docker tag
+      id: dockertag
+      shell: bash
+      run: |
+        if [ -n "${{ inputs.release_tag_prefix }}" ]; then
+          echo "dockertag=${{ inputs.release_tag_prefix }}-${{ steps.timestamp.outputs.TIMESTAMP }}-${{ steps.commithash.outputs.commithash }}" >> $GITHUB_OUTPUT
+        else
+          echo "dockertag=${{ steps.dotenv.outputs.LINEA_TRACER_PLUGIN_VERSION }}-${{ steps.timestamp.outputs.TIMESTAMP }}-${{ steps.commithash.outputs.commithash }}" >> $GITHUB_OUTPUT
+        fi
+    
+    - name: set release tag
+      id: releasetag
+      shell: bash
+      run: |
+        echo "releasetag=${{ steps.dockertag.outputs.dockertag }}" >> $GITHUB_OUTPUT
+
+    - name: set docker image
+      id: dockerimage
+      shell: bash
+      run: |
+        echo "dockerimage=consensys/linea-besu-package:${{ steps.dockertag.outputs.dockertag }}" >> "$GITHUB_OUTPUT"
+
+    - name: assemble the packages to linea-besu and show folder structure
+      shell: bash    
+      run: |
+        cd linea-besu-package
+        make assemble
+        mv ./tmp/besu ./linea-besu
+        sudo apt update
+        sudo apt-get install --no-install-recommends --assume-yes tree
+        tree .
+
+    - name: compile release notes
+      id: release_create_artifacts
+      if: ${{ inputs.compile_release_notes == 'true' }}
+      shell: bash
+      run: |
+        mkdir release && cd release
+        tar -czvf linea-besu-package-${{ steps.dockertag.outputs.dockertag }}.tar.gz ../linea-besu-package/linea-besu/
+
+        echo "# Release Artifact: Linea Besu Package" > output.md
+        echo "**Name:** linea-besu-package-${{ steps.dockertag.outputs.dockertag }}.tar.gz" >> output.md
+        echo "**SHA256:** $(sha256sum linea-besu-package-${{ steps.dockertag.outputs.dockertag }}.tar.gz | awk '{ print $1 }' )" >> output.md
+        echo "**From:** [${{ github.ref_name }} (${{ github.event_name }})](https://github.com/Consensys/linea-monorepo/actions/runs/${{ github.run_id }})" >> output.md
+        echo "" >> output.md
+
+        echo "### Besu and Plugin Details" >> output.md
+        echo "| Module | Version | SHA-256 |" >> output.md
+        echo "|--------|---------|--------------|" >> output.md
+        echo "| linea-besu | ${{ steps.dotenv.outputs.LINEA_BESU_TAR_GZ }} | $(sha256sum /tmp/${{ steps.dotenv.outputs.LINEA_BESU_FILENAME_PREFIX }}-${{ steps.dotenv.outputs.LINEA_BESU_TAR_GZ }}.tar.gz | awk '{ print $1 }' ) |" >> output.md
+        echo "| linea-sequencer-plugin | ${{ steps.dotenv.outputs.LINEA_SEQUENCER_PLUGIN_VERSION }} | $(sha256sum ../linea-besu-package/linea-besu/besu/plugins/linea-sequencer-v${{ steps.dotenv.outputs.LINEA_SEQUENCER_PLUGIN_VERSION }}.jar | awk '{ print $1 }' ) |" >> output.md    
+        echo "| linea-tracer-plugin | ${{ steps.dotenv.outputs.LINEA_TRACER_PLUGIN_VERSION }} | $(sha256sum ../linea-besu-package/linea-besu/besu/plugins/linea-tracer-${{ steps.dotenv.outputs.LINEA_TRACER_PLUGIN_VERSION }}.jar | awk '{ print $1 }' ) |" >> output.md    
+        echo "| linea-finalized-tag-updater-plugin | ${{ steps.dotenv.outputs.LINEA_FINALIZED_TAG_UPDATER_PLUGIN_VERSION }} | $(sha256sum ../linea-besu-package/linea-besu/besu/plugins/linea-finalized-tag-updater-v${{ steps.dotenv.outputs.LINEA_FINALIZED_TAG_UPDATER_PLUGIN_VERSION }}.jar | awk '{ print $1 }' ) |" >> output.md    
+        echo "| linea-staterecovery-plugin | ${{ steps.dotenv.outputs.LINEA_STATERECOVERY_PLUGIN_VERSION }} | $(sha256sum ../linea-besu-package/linea-besu/besu/plugins/linea-staterecovery-besu-plugin-v${{ steps.dotenv.outputs.LINEA_STATERECOVERY_PLUGIN_VERSION }}.jar | awk '{ print $1 }' ) |" >> output.md    
+        echo "| shomei-plugin | ${{ steps.dotenv.outputs.SHOMEI_PLUGIN_VERSION }} | $(sha256sum ../linea-besu-package/linea-besu/besu/plugins/besu-shomei-plugin-v${{ steps.dotenv.outputs.SHOMEI_PLUGIN_VERSION }}.jar | awk '{ print $1 }' ) |" >> output.md    
+        echo "" >> output.md

.github/workflows/bridge-ui-e2e-tests.yml

@@ -58,7 +58,9 @@ jobs:
           NEXT_PUBLIC_QUICKNODE_ID: ${{ secrets.PUBLIC_BRIDGE_UI_QUICKNODE_ID }}
           NEXT_PUBLIC_DYNAMIC_ENVIRONMENT_ID: ${{ secrets.PUBLIC_DYNAMIC_SANDBOX_ENVIRONMENT_ID }}
           NEXT_PUBLIC_LIFI_API_KEY: ${{ secrets.PUBLIC_LIFI_API_KEY }}
+          NEXT_PUBLIC_LIFI_INTEGRATOR_NAME: ${{ secrets.PUBLIC_LIFI_INTEGRATOR_NAME }}
           NEXT_PUBLIC_ONRAMPER_API_KEY: ${{ secrets.PUBLIC_ONRAMPER_API_KEY }}
+          NEXT_PUBLIC_LAYERSWAP_API_KEY: ${{ secrets.PUBLIC_LAYERSWAP_API_KEY }}
 
       - name: Install linux dependencies
         run: |
@@ -79,6 +81,7 @@ jobs:
           CI: "false"
           NEXT_PUBLIC_INFURA_ID: ${{ secrets.PUBLIC_BRIDGE_UI_INFURA_ID }}
           NEXT_PUBLIC_LIFI_API_KEY: "placeholder"
+          NEXT_PUBLIC_LIFI_INTEGRATOR_NAME: "placeholder"
           NEXT_PUBLIC_WALLET_CONNECT_ID: "placeholder"
           NEXT_PUBLIC_DYNAMIC_ENVIRONMENT_ID: "placeholder"
           NEXT_PUBLIC_QUICKNODE_ID: "placeholder"

.github/workflows/bridge-ui-publish.yml

@@ -54,7 +54,7 @@ jobs:
         with:
           context: .
           file: ./bridge-ui/Dockerfile
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64
           push: ${{ env.DOCKERHUB_USERNAME != '' && env.DOCKERHUB_TOKEN != '' }}
           tags: consensys/linea-bridge-ui:${{ env.DOCKER_TAG }}
           build-args: |
@@ -64,7 +64,9 @@ jobs:
             NEXT_PUBLIC_QUICKNODE_ID=${{ env.NEXT_PUBLIC_QUICKNODE_ID }}
             NEXT_PUBLIC_DYNAMIC_ENVIRONMENT_ID=${{ env.NEXT_PUBLIC_DYNAMIC_ENVIRONMENT_ID }}
             NEXT_PUBLIC_LIFI_API_KEY=${{ env.NEXT_PUBLIC_LIFI_API_KEY }}
+            NEXT_PUBLIC_LIFI_INTEGRATOR_NAME=${{ env.NEXT_PUBLIC_LIFI_INTEGRATOR_NAME }}
             NEXT_PUBLIC_ONRAMPER_API_KEY=${{ env.NEXT_PUBLIC_ONRAMPER_API_KEY }}
+            NEXT_PUBLIC_LAYERSWAP_API_KEY=${{ env.NEXT_PUBLIC_LAYERSWAP_API_KEY }}
           cache-from: type=registry,ref=consensys/linea-bridge-ui:buildcache
           cache-to: type=registry,ref=consensys/linea-bridge-ui:buildcache,mode=max
         env:
@@ -73,7 +75,9 @@ jobs:
           NEXT_PUBLIC_QUICKNODE_ID: ${{ secrets.PUBLIC_BRIDGE_UI_QUICKNODE_ID }}
           NEXT_PUBLIC_DYNAMIC_ENVIRONMENT_ID: ${{ secrets.PUBLIC_DYNAMIC_ENVIRONMENT_ID }}
           NEXT_PUBLIC_LIFI_API_KEY: ${{ secrets.PUBLIC_LIFI_API_KEY }}
+          NEXT_PUBLIC_LIFI_INTEGRATOR_NAME: ${{ secrets.PUBLIC_LIFI_INTEGRATOR_NAME }}
           NEXT_PUBLIC_ONRAMPER_API_KEY: ${{ secrets.PUBLIC_ONRAMPER_API_KEY }}
+          NEXT_PUBLIC_LAYERSWAP_API_KEY: ${{ secrets.PUBLIC_LAYERSWAP_API_KEY }}
 
   test-build:
     if: github.event.pull_request.head.repo.fork == true
@@ -92,3 +96,5 @@ jobs:
 
       - name: Test Build Bridge UI
         run: pnpm run -F bridge-ui build;
+        env:
+          NODE_OPTIONS: --max-old-space-size=8192 # Temporary fix for out of memory error

.github/workflows/build-and-publish.yml

@@ -22,9 +22,6 @@ on:
       prover_changed:
         required: true
         type: string
-      traces_api_facade_changed:
-        required: true
-        type: string
       transaction_exclusion_api_changed:
         required: true
         type: string
@@ -37,9 +34,6 @@ on:
       postman_image_tagged:
         required: true
         type: string
-      traces_api_facade_image_tagged:
-        required: true
-        type: string
       transaction_exclusion_api_image_tagged:
         required: true
         type: string
@@ -80,16 +74,6 @@ jobs:
       push_image: ${{ inputs.push_image }}
     secrets: inherit
 
-  traces-api-facade:
-    uses: ./.github/workflows/traces-api-facade-build-and-publish.yml
-    if: ${{ always() && (inputs.traces_api_facade_changed == 'true' || inputs.traces_api_facade_image_tagged != 'true') }}
-    with:
-      commit_tag: ${{ inputs.commit_tag }}
-      develop_tag: ${{ inputs.develop_tag }}
-      image_name: consensys/linea-traces-api-facade
-      push_image: ${{ inputs.push_image }}
-    secrets: inherit
-
   transaction_exclusion_api:
     uses: ./.github/workflows/transaction-exclusion-api-build-and-publish.yml
     if: ${{ always() && (inputs.transaction_exclusion_api_changed == 'true' || inputs.transaction_exclusion_api_image_tagged != 'true') }}

.github/workflows/codecov-external-pr.yml

@@ -6,69 +6,66 @@ on:
     types:
       - completed
 
+permissions:
+  # Required to read uploaded artifact from another workflow run
+  actions: read
+  contents: read
+
 jobs:
-  filter-commit-changes:
-    if: github.event.pull_request.head.repo.fork == true
+  get-commit-tag:
+    if: github.event.workflow_run.head_repository.fork == true
     runs-on: gha-runner-scale-set-ubuntu-22.04-amd64-small
-    name: Filter commit changes
+    name: get-commit-tag
     outputs:
-      coordinator: ${{ steps.filter.outputs.coordinator }}
-      smart-contracts: ${{ steps.filter.outputs.smart-contracts }}
+      commit-tag: ${{ steps.compute-commit-tag.outputs.COMMIT_TAG }}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
-      - name: Filter commit changes
-        uses: dorny/paths-filter@v3
-        id: filter
         with:
-          base: ${{ github.ref }}
-          list-files: "json"
-          filters: |
-            coordinator:
-              - 'coordinator/**'
-              - 'testdata/**'
-              - 'buildSrc/**'
-              - 'jvm-libs/**'
-              - 'gradle/**'
-              - 'build.gradle'
-              - 'gradle.properties'
-              - 'settings.gradle'
-              - '.github/workflows/coordinator-*.yml'
-              - '.github/workflows/build-and-publish.yml'
-              - '.github/workflows/main.yml'
-              - '.github/workflows/reuse-*.yml'
-              - 'config/common/traces-limits-v1.toml'
-              - 'config/common/traces-limits-v2.toml'
-              - 'config/coordinator/**'
-              - 'e2e/**'
-              - 'docker/compose-*.yml'
-            smart-contracts:
-              - 'contracts/**'
-              - 'testdata/**'
-              - 'prover/**'
-              - '.github/workflows/main.yml'
-              - '.github/workflows/run-smc-tests.yml'
+          repository: ${{ github.event.workflow_run.head_repository.full_name }}
+          ref:        ${{ github.event.workflow_run.head_sha }}
+          fetch-depth: 0
+      - name: Compute commit tag
+        shell: bash
+        id: compute-commit-tag
+        # COMMIT_TAG will be the commit SHA of the workflow run that triggered this workflow
+        # - For a new commit on a PR branch, COMMIT_TAG = head of PR branch
+        #
+        # Note that we cannot use GITHUB_SHA here because it will always reference the head of main branch
+        # Since we intend for this workflow to run only for PRs from an external fork, we want COMMIT_TAG to match the PR branch head
+        run: |
+          echo "COMMIT_TAG=$(git rev-parse --short=7 ${{ github.event.workflow_run.head_sha }})" >> $GITHUB_OUTPUT
+      - name: Show commit tag
+        run: |
+          echo "COMMIT_TAG: ${{ steps.compute-commit-tag.outputs.COMMIT_TAG }}"
+
+  # Ideally we would use dorny/paths-filter@v3 to conditionally trigger an upload job based on file changes
+  # However there is a limitation in Github Actions where workflows triggered by a `workflow_run` event have no access to metadata on external fork PRs - https://github.com/orgs/community/discussions/25220
+  # Hence we are unable to find the base commit (the common ancestor commit between the PR branch and main branch) without using very clunky workarounds
+  # Hence we cannot provide the correct set of 'before' and 'after' commits for dorny/paths-filter@v3 to accurately assess PR file changes
+  # So instead we unconditionally use 'continue-on-error: true' and try to download every possible test coverage report that we want to upload to Codecov
 
   upload-codecov-coordinator:
-    needs: [ filter-commit-changes ]
-    if: ${{ needs.filter-commit-changes.outputs.coordinator == 'true' }}
+    needs: [ get-commit-tag ]
     runs-on: gha-runner-scale-set-ubuntu-22.04-amd64-small
     name: upload-codecov-coordinator
     env:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: Compute and save COMMIT_TAG
-        run: |
-          echo COMMIT_TAG=$(git rev-parse --short "$GITHUB_SHA") >> $GITHUB_ENV
       - name: Download Jacoco test coverage report (from coordinator-testing.yml)
+        continue-on-error: true
         uses: actions/download-artifact@v4
+        id: coordinator-report-download
         with:
-          name: jacocoRootReport-${{ env.COMMIT_TAG }}.xml
+          name: jacocoRootReport-${{ needs.get-commit-tag.outputs.commit-tag }}.xml
           path: |
-            ${{ github.workspace }}/jacocoRootReport.xml
+            ${{ github.workspace }}
+          # Required to download artifacts from another workflow run
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          # Gets run id of the precedeing workflow that triggered this workflow_run
+          run-id: ${{ github.event.workflow_run.id }}
       - uses: codecov/codecov-action@v5
+        if: ${{ steps.coordinator-report-download.outcome == 'success' }}
         with:
           fail_ci_if_error: true
           files: ${{ github.workspace }}/jacocoRootReport.xml
@@ -79,25 +76,26 @@ jobs:
           token: ${{ secrets.CODECOV_TOKEN }}
 
   upload-codecov-smart-contracts:
-    needs: [ filter-commit-changes ]
-    if: ${{ needs.filter-commit-changes.outputs.smart-contracts == 'true' }}
+    needs: [ get-commit-tag ]
     runs-on: gha-runner-scale-set-ubuntu-22.04-amd64-small
     name: upload-codecov-smart-contracts
     env:
       CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: Compute and save COMMIT_TAG
-        run: |
-          echo COMMIT_TAG=$(git rev-parse --short "$GITHUB_SHA") >> $GITHUB_ENV
       - name: Download smart contract coverage report (from run-smc.tests.yml)
+        id: smc-report-download
+        continue-on-error: true
         uses: actions/download-artifact@v4
         with:
-          name: smart-contract-coverage-${{ env.COMMIT_TAG }}.json
+          name: smart-contract-coverage-${{ needs.get-commit-tag.outputs.commit-tag }}.json
           path: |
-            ${{ github.workspace }}/coverage-final.json
+            ${{ github.workspace }}
+          # Required to download artifacts from another workflow run
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          # Gets run id of the precedeing workflow that triggered this workflow_run
+          run-id: ${{ github.event.workflow_run.id }}
       - uses: codecov/codecov-action@v5
+        if: ${{ steps.smc-report-download.outcome == 'success' }}
         with:
           fail_ci_if_error: true
           files: ${{ github.workspace }}/coverage-final.json

.github/workflows/coordinator-build-and-publish.yml

@@ -75,7 +75,7 @@ jobs:
       - name: Setup Gradle
         # Configure Gradle for optimal use in GiHub Actions, including caching of downloaded dependencies.
         # See: https://github.com/gradle/actions/blob/main/setup-gradle/README.md
-        uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 #v4.2.1
+        uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # 4.4.0
       - name: Build dist
         run: |
           ./gradlew coordinator:app:installDist

.github/workflows/coordinator-testing.yml

@@ -36,7 +36,7 @@ jobs:
       - name: Setup Gradle
         # Configure Gradle for optimal use in GiHub Actions, including caching of downloaded dependencies.
         # See: https://github.com/gradle/actions/blob/main/setup-gradle/README.md
-        uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 #v4.2.1
+        uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # 4.4.0
       # Install pnpm to compile smart contracts
       - name: Setup nodejs environment
         uses: ./.github/actions/setup-nodejs