diff --git a/.circleci/config.yml b/.circleci/config.yml index 9fbed7bde44d8..5eaf7b198a716 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -41,6 +41,9 @@ parameters: publish_contract_artifacts_dispatch: type: boolean default: false + stale_check_dispatch: + type: boolean + default: false orbs: go: circleci/go@1.8.0 @@ -347,7 +350,7 @@ jobs: machine: image: <> resource_class: "<>" - docker_layer_caching: true # we rely on this for faster builds, and actively warm it up for builds with common stages + docker_layer_caching: true # we rely on this for faster builds, and actively warm it up for builds with common stages steps: - checkout - attach_workspace: @@ -458,7 +461,7 @@ jobs: docker save -o /tmp/docker_images/<>.tar $IMAGE_NAME - persist_to_workspace: root: /tmp/docker_images - paths: # only write the one file, to avoid concurrent workspace-file additions + paths: # only write the one file, to avoid concurrent workspace-file additions - "<>.tar" - when: condition: "<>" @@ -471,11 +474,11 @@ jobs: condition: or: - and: - - "<>" - - "<>" + - "<>" + - "<>" - and: - - "<>" - - equal: [develop, << pipeline.git.branch >>] + - "<>" + - equal: [develop, << pipeline.git.branch >>] steps: - gcp-oidc-authenticate: service_account_email: GCP_SERVICE_ATTESTOR_ACCOUNT_EMAIL @@ -1000,8 +1003,7 @@ jobs: steps: - checkout - setup_remote_docker - - run: - make -C op-program verify-reproducibility + - run: make -C op-program verify-reproducibility - notify-failures-on-develop: mentions: "@proofs-team" @@ -1053,7 +1055,7 @@ jobs: - checkout - unless: condition: - equal: [ "develop", << pipeline.git.branch >> ] + equal: ["develop", << pipeline.git.branch >>] steps: - run: # Scan changed files in PRs, block on new issues only (existing issues ignored) @@ -1109,7 +1111,7 @@ jobs: paths: - "/go/pkg/mod" - bedrock-go-tests: # just a helper, that depends on all the actual test jobs + bedrock-go-tests: # just a helper, that depends on all the actual test jobs docker: # Use a smaller base image to avoid pulling the huge ci-builder # image which is not needed for this job and sometimes misses @@ -1271,17 +1273,29 @@ jobs: command: | goreleaser release --clean -f ./<>/<> + stale-check: + docker: + - image: cimg/python:3.11 + steps: + - run: + name: Run Stale Check Script + command: | + git clone --branch main --depth 1 https://github.com/ethereum-optimism/circleci-utils.git /tmp/circleci-utils + cd /tmp/circleci-utils/stale-check + pip3 install -r requirements.txt + python3 stale-check.py --repo "ethereum-optimism/${CIRCLE_PROJECT_REPONAME}" --github-token "${STALE_GITHUB_TOKEN}" + workflows: main: when: and: - or: # Trigger on new commits - - equal: [ webhook, << pipeline.trigger_source >> ] + - equal: [webhook, << pipeline.trigger_source >>] # Trigger on manual triggers if explicitly requested - - equal: [ true, << pipeline.parameters.main_dispatch >> ] + - equal: [true, << pipeline.parameters.main_dispatch >>] - not: - equal: [ scheduled_pipeline, << pipeline.trigger_source >> ] + equal: [scheduled_pipeline, << pipeline.trigger_source >>] jobs: - go-mod-download - contracts-bedrock-build: @@ -1425,7 +1439,7 @@ workflows: notify: true matrix: parameters: - mips_word_size: [ 32, 64 ] + mips_word_size: [32, 64] - cannon-build-test-vectors - todo-issues: name: todo-issues-check @@ -1434,8 +1448,7 @@ workflows: name: shell-check # We don't need the `exclude` key as the orb detects the `.shellcheckrc` dir: . - ignore-dirs: - ./packages/contracts-bedrock/lib + ignore-dirs: ./packages/contracts-bedrock/lib go-release-deployer: jobs: @@ -1452,7 +1465,7 @@ workflows: release: when: not: - equal: [ scheduled_pipeline, << pipeline.trigger_source >> ] + equal: [scheduled_pipeline, << pipeline.trigger_source >>] jobs: # Wait for approval on the release - hold: @@ -1545,7 +1558,7 @@ workflows: scheduled-todo-issues: when: - equal: [ build_four_hours, <> ] + equal: [build_four_hours, <>] jobs: - todo-issues: name: todo-issue-checks @@ -1554,7 +1567,7 @@ workflows: scheduled-fpp: when: - equal: [ build_hourly, <> ] + equal: [build_hourly, <>] jobs: - fpp-verify: context: @@ -1564,8 +1577,9 @@ workflows: develop-publish-contract-artifacts: when: or: - - equal: [ "develop", <> ] - - equal: [ true, <> ] + - equal: ["develop", <>] + - equal: + [true, <>] jobs: - publish-contract-artifacts @@ -1573,10 +1587,10 @@ workflows: when: and: - or: - - equal: [ "develop", <> ] - - equal: [ true, <> ] + - equal: ["develop", <>] + - equal: [true, <>] - not: - equal: [ scheduled_pipeline, << pipeline.trigger_source >> ] + equal: [scheduled_pipeline, << pipeline.trigger_source >>] jobs: - go-mod-download - cannon-prestate @@ -1606,10 +1620,10 @@ workflows: when: and: - or: - - equal: [ "develop", <> ] - - equal: [ true, <> ] + - equal: ["develop", <>] + - equal: [true, <>] - not: - equal: [ scheduled_pipeline, << pipeline.trigger_source >> ] + equal: [scheduled_pipeline, << pipeline.trigger_source >>] jobs: - kontrol-tests: context: @@ -1619,8 +1633,8 @@ workflows: scheduled-cannon-full-tests: when: or: - - equal: [ build_four_hours, <> ] - - equal: [ true, << pipeline.parameters.cannon_full_test_dispatch >> ] + - equal: [build_four_hours, <>] + - equal: [true, << pipeline.parameters.cannon_full_test_dispatch >>] jobs: - contracts-bedrock-build: skip_pattern: test @@ -1632,14 +1646,14 @@ workflows: - slack matrix: parameters: - mips_word_size: [ 32, 64 ] + mips_word_size: [32, 64] scheduled-docker-publish: when: or: - - equal: [ build_hourly, <> ] + - equal: [build_hourly, <>] # Trigger on manual triggers if explicitly requested - - equal: [ true, << pipeline.parameters.docker_publish_dispatch >> ] + - equal: [true, << pipeline.parameters.docker_publish_dispatch >>] jobs: - docker-build: matrix: @@ -1690,10 +1704,19 @@ workflows: scheduled-preimage-reproducibility: when: or: - - equal: [build_daily, <> ] + - equal: [build_daily, <>] # Trigger on manual triggers if explicitly requested - - equal: [ true, << pipeline.parameters.reproducibility_dispatch >> ] + - equal: [true, << pipeline.parameters.reproducibility_dispatch >>] jobs: - preimage-reproducibility: - context: - slack + context: slack + + scheduled-stale-check: + when: + or: + - equal: [build_daily, <>] + # Trigger on manual triggers if explicitly requested + - equal: [true, << pipeline.parameters.stale_check_dispatch >>] + jobs: + - stale-check: + context: github-token-stale-check diff --git a/.github/workflows/close-stale.yml b/.github/workflows/close-stale.yml deleted file mode 100644 index 68e8b4ec82c56..0000000000000 --- a/.github/workflows/close-stale.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: 'Close stale issues and PRs' -on: - schedule: - - cron: '30 1 * * *' - -jobs: - stale: - runs-on: ubuntu-latest - steps: - - uses: actions/stale@v9 - with: - stale-pr-message: 'This PR is stale because it has been open 14 days with no activity. Remove stale label or comment or this will be closed in 5 days.' - stale-issue-label: 'S-stale' - exempt-pr-labels: 'S-exempt-stale' - days-before-issue-stale: 999 - days-before-pr-stale: 14 - days-before-close: 5 - repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/tag-service.yml b/.github/workflows/tag-service.yml deleted file mode 100644 index 439b48f13d4e6..0000000000000 --- a/.github/workflows/tag-service.yml +++ /dev/null @@ -1,69 +0,0 @@ -name: Tag Service - -on: - workflow_dispatch: - inputs: - bump: - description: 'How much to bump the version by' - required: true - type: choice - options: - - major - - minor - - patch - - prerelease - - finalize-prerelease - service: - description: 'Which service to release' - required: true - type: choice - options: - - ci-builder - - ci-builder-rust - - op-node - - op-batcher - - op-proposer - - op-challenger - - op-program - - op-dispute-mon - - op-ufm - - da-server - - op-contracts - - op-conductor - prerelease: - description: Increment major/minor/patch as prerelease? - required: false - type: boolean - default: false - -permissions: - contents: write - -jobs: - release: - runs-on: ubuntu-latest - environment: op-stack-production - - steps: - - uses: actions/checkout@v4 - - name: Fetch tags - run: git fetch --tags origin --force - - name: Setup Python 3.10 - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - name: Install deps - run: pip install -r requirements.txt - working-directory: ops/tag-service - - run: ops/tag-service/tag-service.py --bump="$BUMP" --service="$SERVICE" - env: - INPUT_GITHUB_TOKEN: ${{ github.token }} - BUMP: ${{ github.event.inputs.bump }} - SERVICE: ${{ github.event.inputs.service }} - if: ${{ github.event.inputs.prerelease == 'false' }} - - run: ops/tag-service/tag-service.py --bump="$BUMP" --service="$SERVICE" --pre-release - env: - INPUT_GITHUB_TOKEN: ${{ github.token }} - BUMP: ${{ github.event.inputs.bump }} - SERVICE: ${{ github.event.inputs.service }} - if: ${{ github.event.inputs.prerelease == 'true' }}