release #1675
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| permissions: {} | |
| on: | |
| push: | |
| tags: | |
| - "stable" | |
| - "rc" | |
| - "rc-*" | |
| - "v*.*.*" | |
| schedule: | |
| - cron: "0 6 * * *" | |
| workflow_dispatch: | |
| env: | |
| CARGO_TERM_COLOR: always | |
| IS_NIGHTLY: ${{ github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }} | |
| PROFILE: maxperf | |
| STABLE_VERSION: "v1.4.3" | |
| jobs: | |
| prepare: | |
| name: Prepare release | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| permissions: | |
| contents: write | |
| pull-requests: read | |
| outputs: | |
| tag_name: ${{ steps.release_info.outputs.tag_name }} | |
| release_name: ${{ steps.release_info.outputs.release_name }} | |
| changelog: ${{ steps.build_changelog.outputs.changelog }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| persist-credentials: false | |
| fetch-depth: 0 | |
| - name: Compute release name and tag | |
| id: release_info | |
| run: | | |
| if [[ ${IS_NIGHTLY} == 'true' ]]; then | |
| printf 'tag_name=%s\n' "nightly-${GITHUB_SHA}" >> "$GITHUB_OUTPUT" | |
| printf 'release_name=%s\n' "Nightly ($(date '+%Y-%m-%d'))" >> "$GITHUB_OUTPUT" | |
| else | |
| printf 'tag_name=%s\n' "$GITHUB_REF_NAME" >> "$GITHUB_OUTPUT" | |
| printf 'release_name=%s\n' "$GITHUB_REF_NAME" >> "$GITHUB_OUTPUT" | |
| fi | |
| # Creates a `nightly-SHA` tag for this specific nightly | |
| # This tag is used for this specific nightly version's release | |
| # which allows users to roll back. It is also used to build | |
| # the changelog. | |
| - name: Create build-specific nightly tag | |
| if: ${{ env.IS_NIGHTLY == 'true' }} | |
| uses: actions/github-script@v8 | |
| env: | |
| TAG_NAME: ${{ steps.release_info.outputs.tag_name }} | |
| with: | |
| script: | | |
| const createTag = require('./.github/scripts/create-tag.js') | |
| await createTag({ github, context }, process.env.TAG_NAME) | |
| - name: Build changelog | |
| id: build_changelog | |
| uses: mikepenz/release-changelog-builder-action@d702b5bb7c23735c8afc130dac9c4c8b8eb669e8 # v6 | |
| with: | |
| configuration: "./.github/changelog.json" | |
| fromTag: ${{ env.IS_NIGHTLY == 'true' && 'nightly' || env.STABLE_VERSION }} | |
| toTag: ${{ steps.release_info.outputs.tag_name }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| release-docker: | |
| name: Release Docker | |
| needs: prepare | |
| uses: ./.github/workflows/docker-publish.yml | |
| permissions: | |
| contents: read | |
| id-token: write | |
| packages: write | |
| with: | |
| tag_name: ${{ needs.prepare.outputs.tag_name }} | |
| release: | |
| permissions: | |
| id-token: write | |
| contents: write | |
| attestations: write | |
| name: ${{ matrix.target }} (${{ matrix.runner }}) | |
| runs-on: ${{ matrix.runner }} | |
| timeout-minutes: 240 | |
| needs: prepare | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| # `runner`: GHA runner label | |
| # `target`: Rust build target triple | |
| # `platform` and `arch`: Used in tarball names | |
| # `svm`: target platform to use for the Solc binary: https://github.com/roynalnaruto/svm-rs/blob/84cbe0ac705becabdc13168bae28a45ad2299749/svm-builds/build.rs#L4-L24 | |
| # These are pinned to the oldest runner versions to support old libc/SDK versions. | |
| - runner: depot-ubuntu-22.04-16 | |
| target: x86_64-unknown-linux-gnu | |
| svm_target_platform: linux-amd64 | |
| platform: linux | |
| arch: amd64 | |
| - runner: depot-ubuntu-22.04-16 | |
| target: x86_64-unknown-linux-musl | |
| svm_target_platform: linux-amd64 | |
| platform: alpine | |
| arch: amd64 | |
| - runner: depot-ubuntu-22.04-arm-16 | |
| target: aarch64-unknown-linux-gnu | |
| svm_target_platform: linux-aarch64 | |
| platform: linux | |
| arch: arm64 | |
| - runner: depot-ubuntu-22.04-16 | |
| target: aarch64-unknown-linux-musl | |
| svm_target_platform: linux-aarch64 | |
| platform: alpine | |
| arch: arm64 | |
| - runner: macos-13-large | |
| target: x86_64-apple-darwin | |
| svm_target_platform: macosx-amd64 | |
| platform: darwin | |
| arch: amd64 | |
| - runner: macos-latest-large | |
| target: aarch64-apple-darwin | |
| svm_target_platform: macosx-aarch64 | |
| platform: darwin | |
| arch: arm64 | |
| - runner: depot-windows-latest-16 | |
| target: x86_64-pc-windows-msvc | |
| svm_target_platform: windows-amd64 | |
| platform: win32 | |
| arch: amd64 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| persist-credentials: false | |
| - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master | |
| with: | |
| toolchain: stable | |
| targets: ${{ matrix.target }} | |
| - uses: rui314/setup-mold@725a8794d15fc7563f59595bd9556495c0564878 # v1 | |
| - name: Apple M1 setup | |
| if: matrix.target == 'aarch64-apple-darwin' | |
| run: | | |
| printf 'SDKROOT=%s\n' "$(xcrun -sdk macosx --show-sdk-path)" >> "$GITHUB_ENV" | |
| printf 'MACOSX_DEPLOYMENT_TARGET=%s\n' "$(xcrun -sdk macosx --show-sdk-platform-version)" >> "$GITHUB_ENV" | |
| - name: cross setup | |
| if: contains(matrix.target, 'musl') | |
| run: | | |
| cargo install cross --git https://github.com/cross-rs/cross --rev baf457efc2555225af47963475bd70e8d2f5993f | |
| - name: Build binaries | |
| env: | |
| TAG_NAME: ${{ (env.IS_NIGHTLY == 'true' && 'nightly') || needs.prepare.outputs.tag_name }} | |
| SVM_TARGET_PLATFORM: ${{ matrix.svm_target_platform }} | |
| PLATFORM_NAME: ${{ matrix.platform }} | |
| TARGET: ${{ matrix.target }} | |
| OUT_DIR: target/${{ matrix.target }}/${{ env.PROFILE }} | |
| shell: bash | |
| run: | | |
| set -eo pipefail | |
| flags=(--target $TARGET --profile $PROFILE --bins | |
| --no-default-features --features aws-kms,gcp-kms,cli,asm-keccak,js-tracer) | |
| # `jemalloc` is not fully supported on MSVC or aarch64 Linux. | |
| if [[ "$TARGET" != *msvc* && "$TARGET" != "aarch64-unknown-linux-gnu" ]]; then | |
| flags+=(--features jemalloc) | |
| fi | |
| [[ "$TARGET" == *windows* ]] && ext=".exe" | |
| if [[ "$TARGET" == *-musl ]]; then | |
| cross build "${flags[@]}" | |
| else | |
| cargo build "${flags[@]}" | |
| fi | |
| bins=(anvil cast chisel forge) | |
| for name in "${bins[@]}"; do | |
| bin="$OUT_DIR/$name$ext" | |
| printf '\n' | |
| file "$bin" || true | |
| du -h "$bin" || true | |
| ldd "$bin" || true | |
| $bin --version || true | |
| printf '%s_bin_path=%s\n' "$name" "$bin" >> "$GITHUB_ENV" | |
| done | |
| - name: Archive binaries | |
| id: artifacts | |
| env: | |
| PLATFORM_NAME: ${{ matrix.platform }} | |
| OUT_DIR: target/${{ matrix.target }}/${{ env.PROFILE }} | |
| VERSION_NAME: ${{ (env.IS_NIGHTLY == 'true' && 'nightly') || needs.prepare.outputs.tag_name }} | |
| ARCH: ${{ matrix.arch }} | |
| shell: bash | |
| run: | | |
| if [[ "$PLATFORM_NAME" == "linux" || "$PLATFORM_NAME" == "alpine" ]]; then | |
| tar -czvf "foundry_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.tar.gz" -C "$OUT_DIR" forge cast anvil chisel | |
| printf "file_name=%s\n" "foundry_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.tar.gz" >> "$GITHUB_OUTPUT" | |
| elif [ "$PLATFORM_NAME" == "darwin" ]; then | |
| # We need to use gtar here otherwise the archive is corrupt. | |
| # See: https://github.com/actions/virtual-environments/issues/2619 | |
| gtar -czvf "foundry_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.tar.gz" -C "$OUT_DIR" forge cast anvil chisel | |
| printf "file_name=%s\n" "foundry_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.tar.gz" >> "$GITHUB_OUTPUT" | |
| else | |
| cd "$OUT_DIR" | |
| 7z a -tzip "foundry_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.zip" forge.exe cast.exe anvil.exe chisel.exe | |
| mv "foundry_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.zip" ../../../ | |
| printf "file_name=%s\n" "foundry_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.zip" >> "$GITHUB_OUTPUT" | |
| fi | |
| printf "foundry_attestation=%s\n" "foundry_${VERSION_NAME}_${PLATFORM_NAME}_${ARCH}.attestation.txt" >> "$GITHUB_OUTPUT" | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| retention-days: 1 | |
| name: ${{ steps.artifacts.outputs.file_name }} | |
| path: ${{ steps.artifacts.outputs.file_name }} | |
| - name: Build man page | |
| id: man | |
| if: matrix.target == 'x86_64-unknown-linux-gnu' | |
| env: | |
| OUT_DIR: target/${{ matrix.target }}/${{ env.PROFILE }} | |
| VERSION_NAME: ${{ (env.IS_NIGHTLY == 'true' && 'nightly') || needs.prepare.outputs.tag_name }} | |
| shell: bash | |
| run: | | |
| sudo apt-get -y install help2man | |
| help2man -N $OUT_DIR/forge > forge.1 | |
| help2man -N $OUT_DIR/cast > cast.1 | |
| help2man -N $OUT_DIR/anvil > anvil.1 | |
| help2man -N $OUT_DIR/chisel > chisel.1 | |
| gzip forge.1 | |
| gzip cast.1 | |
| gzip anvil.1 | |
| gzip chisel.1 | |
| tar -czvf "foundry_man_${VERSION_NAME}.tar.gz" forge.1.gz cast.1.gz anvil.1.gz chisel.1.gz | |
| printf 'foundry_man=%s\n' "foundry_man_${VERSION_NAME}.tar.gz" >> "$GITHUB_OUTPUT" | |
| - name: Binaries attestation | |
| id: attestation | |
| uses: actions/attest-build-provenance@v3 | |
| with: | |
| subject-path: | | |
| ${{ env.anvil_bin_path }} | |
| ${{ env.cast_bin_path }} | |
| ${{ env.chisel_bin_path }} | |
| ${{ env.forge_bin_path }} | |
| - name: Record attestation URL | |
| env: | |
| ATTESTATION_URL: ${{ steps.attestation.outputs.attestation-url }} | |
| FOUNDRY_ATTESTATION: ${{ steps.artifacts.outputs.foundry_attestation }} | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| printf '%s\n' "$ATTESTATION_URL" > "$FOUNDRY_ATTESTATION" | |
| # Creates the release for this specific version | |
| - name: Create release | |
| uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 | |
| with: | |
| name: ${{ needs.prepare.outputs.release_name }} | |
| tag_name: ${{ needs.prepare.outputs.tag_name }} | |
| prerelease: ${{ env.IS_NIGHTLY == 'true' }} | |
| body: ${{ needs.prepare.outputs.changelog }} | |
| files: | | |
| ${{ steps.artifacts.outputs.file_name }} | |
| ${{ steps.artifacts.outputs.foundry_attestation }} | |
| ${{ steps.man.outputs.foundry_man }} | |
| # If this is a nightly release, it also updates the release | |
| # tagged `nightly` for compatibility with `foundryup` | |
| - name: Update nightly release | |
| if: ${{ env.IS_NIGHTLY == 'true' }} | |
| uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 | |
| with: | |
| name: "Nightly" | |
| tag_name: "nightly" | |
| prerelease: true | |
| body: ${{ needs.prepare.outputs.changelog }} | |
| files: | | |
| ${{ steps.artifacts.outputs.file_name }} | |
| ${{ steps.artifacts.outputs.foundry_attestation }} | |
| ${{ steps.man.outputs.foundry_man }} | |
| cleanup: | |
| name: Release cleanup | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| permissions: | |
| contents: write | |
| needs: release | |
| if: always() | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| persist-credentials: false | |
| # Moves the `nightly` tag to `HEAD` | |
| - name: Move nightly tag | |
| if: ${{ env.IS_NIGHTLY == 'true' }} | |
| uses: actions/github-script@v8 | |
| with: | |
| script: | | |
| const moveTag = require('./.github/scripts/move-tag.js') | |
| await moveTag({ github, context }, 'nightly') | |
| - name: Delete old nightlies | |
| uses: actions/github-script@v8 | |
| with: | |
| script: | | |
| const prunePrereleases = require('./.github/scripts/prune-prereleases.js') | |
| await prunePrereleases({github, context}) | |
| # If any of the jobs fail, this will create a high-priority issue to signal so. | |
| issue: | |
| name: Open an issue | |
| runs-on: ubuntu-latest | |
| needs: [prepare, release-docker, release, cleanup] | |
| if: failure() | |
| permissions: | |
| contents: read | |
| issues: write | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| persist-credentials: false | |
| - uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| WORKFLOW_URL: | | |
| ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} | |
| with: | |
| update_existing: true | |
| filename: .github/RELEASE_FAILURE_ISSUE_TEMPLATE.md |