From f978fa9b4e2122538602a8902856840815cd72de Mon Sep 17 00:00:00 2001 From: EgorPopelyaev Date: Wed, 18 Sep 2024 21:53:29 +0200 Subject: [PATCH 1/9] fix chain-spec-builder step --- .github/workflows/release-50_publish-docker.yml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release-50_publish-docker.yml b/.github/workflows/release-50_publish-docker.yml index 72e01a4833e25..9214620e77206 100644 --- a/.github/workflows/release-50_publish-docker.yml +++ b/.github/workflows/release-50_publish-docker.yml @@ -215,8 +215,20 @@ jobs: echo "release=${release}" >> $GITHUB_OUTPUT echo "stable=${{ needs.validate-inputs.outputs.stable_tag }}" >> $GITHUB_OUTPUT - - name: Build Injected Container image for polkadot rc or chain-spec-builder - if: ${{ env.BINARY == 'polkadot' || env.BINARY == 'chain-spec-builder' }} + - name: Build Injected Container image for polkadot rc + if: ${{ env.BINARY == 'polkadot' }} + env: + ARTIFACTS_FOLDER: release-artifacts + IMAGE_NAME: ${{ env.BINARY }} + OWNER: ${{ env.DOCKER_OWNER }} + TAGS: ${{ join(steps.fetch_rc_refs.outputs.*, ',') || join(steps.fetch_release_refs.outputs.*, ',') }} + run: | + ls -al + echo "Building container for $BINARY" + ./docker/scripts/polkadot/build-injected.sh $ARTIFACTS_FOLDER + + - name: Build Injected Container image chain-spec-builder + if: ${{ env.BINARY == 'chain-spec-builder' }} env: ARTIFACTS_FOLDER: release-artifacts IMAGE_NAME: ${{ env.BINARY }} From a5d5b33b7fd73739eb496182ccddd5ed4726dd12 Mon Sep 17 00:00:00 2001 From: EgorPopelyaev Date: Wed, 18 Sep 2024 21:38:50 +0200 Subject: [PATCH 2/9] fix if --- .github/workflows/release-50_publish-docker.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release-50_publish-docker.yml b/.github/workflows/release-50_publish-docker.yml index 9214620e77206..3261126873158 100644 --- a/.github/workflows/release-50_publish-docker.yml +++ b/.github/workflows/release-50_publish-docker.yml @@ -134,7 +134,14 @@ jobs: . ./.github/scripts/common/lib.sh VERSION="${{ needs.validate-inputs.outputs.VERSION }}" - fetch_release_artifacts_from_s3 + if [[ $BINARY == 'polkadot' ]]; then + bins=(polkadot polkadot-prepare-worker polkadot-execute-worker) + for bin in "${bins[@]}"; do + fetch_release_artifacts_from_s3 $bin + done + else + fetch_release_artifacts_from_s3 $BINARY + fi - name: Fetch chain-spec-builder rc artifacts or release artifacts based on release id #this step runs only if the workflow is triggered manually and only for chain-spec-builder From acf3a8796daf96490f429c3b707b96e1b58a538e Mon Sep 17 00:00:00 2001 From: EgorPopelyaev Date: Wed, 18 Sep 2024 21:30:53 +0200 Subject: [PATCH 3/9] fix rc docker for polkadot --- .github/scripts/common/lib.sh | 1 + .../workflows/release-50_publish-docker.yml | 6 +-- .../polkadot/polkadot_injected.Dockerfile | 52 +++++++++++++++++++ docker/scripts/build-injected.sh | 2 +- docker/scripts/polkadot/build-injected.sh | 1 + 5 files changed, 58 insertions(+), 4 deletions(-) create mode 100644 docker/dockerfiles/polkadot/polkadot_injected.Dockerfile diff --git a/.github/scripts/common/lib.sh b/.github/scripts/common/lib.sh index 5361db398ae7b..ac23785b0e058 100755 --- a/.github/scripts/common/lib.sh +++ b/.github/scripts/common/lib.sh @@ -242,6 +242,7 @@ fetch_release_artifacts() { # - GITHUB_TOKEN # - REPO in the form paritytech/polkadot fetch_release_artifacts_from_s3() { + BINARY=$1 echo "Version : $VERSION" echo "Repo : $REPO" echo "Binary : $BINARY" diff --git a/.github/workflows/release-50_publish-docker.yml b/.github/workflows/release-50_publish-docker.yml index 3261126873158..07f0b96e94565 100644 --- a/.github/workflows/release-50_publish-docker.yml +++ b/.github/workflows/release-50_publish-docker.yml @@ -134,8 +134,8 @@ jobs: . ./.github/scripts/common/lib.sh VERSION="${{ needs.validate-inputs.outputs.VERSION }}" - if [[ $BINARY == 'polkadot' ]]; then - bins=(polkadot polkadot-prepare-worker polkadot-execute-worker) + if [[ $inpust.binary == 'polkadot' ]]; then + bins=( polkadot polkadot-prepare-worker polkadot-execute-worker ) for bin in "${bins[@]}"; do fetch_release_artifacts_from_s3 $bin done @@ -235,7 +235,7 @@ jobs: ./docker/scripts/polkadot/build-injected.sh $ARTIFACTS_FOLDER - name: Build Injected Container image chain-spec-builder - if: ${{ env.BINARY == 'chain-spec-builder' }} + if: ${{ env.BINARY == 'polkadot' || env.BINARY == 'chain-spec-builder' }} env: ARTIFACTS_FOLDER: release-artifacts IMAGE_NAME: ${{ env.BINARY }} diff --git a/docker/dockerfiles/polkadot/polkadot_injected.Dockerfile b/docker/dockerfiles/polkadot/polkadot_injected.Dockerfile new file mode 100644 index 0000000000000..3dbede4966a8e --- /dev/null +++ b/docker/dockerfiles/polkadot/polkadot_injected.Dockerfile @@ -0,0 +1,52 @@ +FROM docker.io/parity/base-bin + +# metadata +ARG VCS_REF +ARG BUILD_DATE +ARG IMAGE_NAME +# That can be a single one or a comma separated list +ARG BINARY=polkadot + +LABEL io.parity.image.authors="devops-team@parity.io" \ + io.parity.image.vendor="Parity Technologies" \ + io.parity.image.title="parity/polkadot" \ + io.parity.image.description="Polkadot: a platform for web3. This is the official Parity image with an injected binary." \ + io.parity.image.source="https://github.com/paritytech/polkadot-sdk/blob/${VCS_REF}/docker/dockerfiles/polkadot/polkadot_injected.Dockerfile" \ + io.parity.image.revision="${VCS_REF}" \ + io.parity.image.created="${BUILD_DATE}" \ + io.parity.image.documentation="https://github.com/paritytech/polkadot-sdk/" + +# show backtraces +ENV RUST_BACKTRACE 1 + +USER root +WORKDIR /app + +# add polkadot and polkadot-*-worker binaries to the docker image +COPY bin/* /usr/local/bin/ +COPY entrypoint.sh . + + +RUN chmod -R a+rx "/usr/local/bin"; \ + mkdir -p /data /polkadot/.local/share && \ + chown -R parity:parity /data && \ + ln -s /data /polkadot/.local/share/polkadot + +USER parity + +# check if executable works in this container +RUN /usr/local/bin/polkadot --version +RUN /usr/local/bin/polkadot-prepare-worker --version +RUN /usr/local/bin/polkadot-execute-worker --version + + +EXPOSE 30333 9933 9944 9615 +VOLUME ["/polkadot"] + +ENV BINARY=${BINARY} + +# ENTRYPOINT +ENTRYPOINT ["/app/entrypoint.sh"] + +# We call the help by default +CMD ["--help"] diff --git a/docker/scripts/build-injected.sh b/docker/scripts/build-injected.sh index 749d0fa335cc1..c37ea916c8394 100755 --- a/docker/scripts/build-injected.sh +++ b/docker/scripts/build-injected.sh @@ -40,7 +40,7 @@ VCS_REF=${VCS_REF:-01234567} echo "Using engine: $ENGINE" echo "Using Dockerfile: $DOCKERFILE" echo "Using context: $CONTEXT" -echo "Building ${IMAGE}:latest container image for ${BINARY} v${VERSION} from ${ARTIFACTS_FOLDER} hang on!" +echo "Building ${IMAGE}:latest container image for ${BINARY} ${VERSION} from ${ARTIFACTS_FOLDER} hang on!" echo "ARTIFACTS_FOLDER=$ARTIFACTS_FOLDER" echo "CONTEXT=$CONTEXT" diff --git a/docker/scripts/polkadot/build-injected.sh b/docker/scripts/polkadot/build-injected.sh index 7cc6db43a54a6..8f4e7005b816c 100755 --- a/docker/scripts/polkadot/build-injected.sh +++ b/docker/scripts/polkadot/build-injected.sh @@ -9,5 +9,6 @@ PROJECT_ROOT=`git rev-parse --show-toplevel` export BINARY=polkadot,polkadot-execute-worker,polkadot-prepare-worker export ARTIFACTS_FOLDER=$1 +export DOCKERFILE="docker/dockerfiles/polkadot/polkadot_injected.Dockerfile" $PROJECT_ROOT/docker/scripts/build-injected.sh From d3266aee199db66977e003d169f02c8c744ee390 Mon Sep 17 00:00:00 2001 From: EgorPopelyaev Date: Tue, 1 Oct 2024 17:18:35 +0200 Subject: [PATCH 4/9] adjust regex to filter out stable rc tags from input --- .github/scripts/common/lib.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/scripts/common/lib.sh b/.github/scripts/common/lib.sh index ac23785b0e058..d2a4baf12fa73 100755 --- a/.github/scripts/common/lib.sh +++ b/.github/scripts/common/lib.sh @@ -462,7 +462,7 @@ function get_polkadot_node_version_from_code() { validate_stable_tag() { tag="$1" - pattern='^stable[0-9]+(-[0-9]+)?$' + pattern="^stable[0-9]{4}(-[0-9]+)?(-rc[0-9]+)?$" if [[ $tag =~ $pattern ]]; then echo $tag From 727c5e149c91e42b211c298ee57a69ed28e18be7 Mon Sep 17 00:00:00 2001 From: EgorPopelyaev Date: Fri, 6 Sep 2024 17:10:49 +0200 Subject: [PATCH 5/9] fix rc images publishing --- .github/workflows/release-50_publish-docker.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release-50_publish-docker.yml b/.github/workflows/release-50_publish-docker.yml index 07f0b96e94565..17d98d60cd3d3 100644 --- a/.github/workflows/release-50_publish-docker.yml +++ b/.github/workflows/release-50_publish-docker.yml @@ -194,8 +194,8 @@ jobs: run: | . ./.github/scripts/common/lib.sh - release="release-${{ needs.validate-inputs.outputs.RELEASE_ID }}" && \ - echo "release=${release}" >> $GITHUB_OUTPUT + version="${{ needs.validate-inputs.outputs.VERSION }}" && \ + echo "version=${version}" >> $GITHUB_OUTPUT commit=$(git rev-parse --short HEAD) && \ echo "commit=${commit}" >> $GITHUB_OUTPUT @@ -262,7 +262,15 @@ jobs: echo "Building container for $BINARY" ./docker/scripts/build-injected.sh - - name: Login to Dockerhub + - name: Login to Dockerhub to publish polkadot + if: ${{ env.BINARY == 'polkadot' }} + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 + with: + username: ${{ secrets.POLKADOT_DOCKERHUB_USERNAME }} + password: ${{ secrets.POLKADOT_DOCKERHUB_TOKEN }} + + - name: Login to Dockerhub to puiblish polkadot-parachain/chain-spec-builder + if: ${{ env.BINARY == 'polkadot-parachain' || env.BINARY == 'chain-spec-builder' }} uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: ${{ secrets.CUMULUS_DOCKERHUB_USERNAME }} From 3045dbd4727f8e0f19526bf908b7deb582e24f68 Mon Sep 17 00:00:00 2001 From: EgorPopelyaev Date: Fri, 6 Sep 2024 17:16:54 +0200 Subject: [PATCH 6/9] fix rc tag env name --- .github/workflows/release-50_publish-docker.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release-50_publish-docker.yml b/.github/workflows/release-50_publish-docker.yml index 17d98d60cd3d3..bc01fb58cf0d7 100644 --- a/.github/workflows/release-50_publish-docker.yml +++ b/.github/workflows/release-50_publish-docker.yml @@ -194,8 +194,8 @@ jobs: run: | . ./.github/scripts/common/lib.sh - version="${{ needs.validate-inputs.outputs.VERSION }}" && \ - echo "version=${version}" >> $GITHUB_OUTPUT + release="${{ needs.validate-inputs.outputs.VERSION }}" && \ + echo "release=${release}" >> $GITHUB_OUTPUT commit=$(git rev-parse --short HEAD) && \ echo "commit=${commit}" >> $GITHUB_OUTPUT From 93eec954b9a883e37b9146256bd0cc7ee6e29c58 Mon Sep 17 00:00:00 2001 From: EgorPopelyaev Date: Tue, 1 Oct 2024 17:31:06 +0200 Subject: [PATCH 7/9] modify rc tags to use stable and previous pattern --- .github/workflows/release-50_publish-docker.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release-50_publish-docker.yml b/.github/workflows/release-50_publish-docker.yml index bc01fb58cf0d7..d11bdcf7ce755 100644 --- a/.github/workflows/release-50_publish-docker.yml +++ b/.github/workflows/release-50_publish-docker.yml @@ -194,15 +194,14 @@ jobs: run: | . ./.github/scripts/common/lib.sh - release="${{ needs.validate-inputs.outputs.VERSION }}" && \ + release="${{ needs.validate-inputs.outputs.stable_tag }}" && \ echo "release=${release}" >> $GITHUB_OUTPUT commit=$(git rev-parse --short HEAD) && \ echo "commit=${commit}" >> $GITHUB_OUTPUT - tag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) && \ - [ "${tag}" != "undefined" ] && echo "tag=${tag}" >> $GITHUB_OUTPUT || \ - echo "No tag, doing without" + tag="${{ needs.validate-inputs.outputs.version }}" && \ + echo "tag=${tag}" >> $GITHUB_OUTPUT - name: Fetch release tags working-directory: release-artifacts From eb7f2bd6387f5df397696b9745d5c9706aeb6f50 Mon Sep 17 00:00:00 2001 From: EgorPopelyaev Date: Tue, 1 Oct 2024 18:15:10 +0200 Subject: [PATCH 8/9] fixes --- .github/workflows/release-50_publish-docker.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/release-50_publish-docker.yml b/.github/workflows/release-50_publish-docker.yml index d11bdcf7ce755..f234f4c905466 100644 --- a/.github/workflows/release-50_publish-docker.yml +++ b/.github/workflows/release-50_publish-docker.yml @@ -86,7 +86,7 @@ jobs: steps: - name: Checkout sources - uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Validate inputs id: validate_inputs @@ -111,7 +111,7 @@ jobs: steps: - name: Checkout sources - uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 #TODO: this step will be needed when automated triggering will work #this step runs only if the workflow is triggered automatically when new release is published @@ -134,8 +134,8 @@ jobs: . ./.github/scripts/common/lib.sh VERSION="${{ needs.validate-inputs.outputs.VERSION }}" - if [[ $inpust.binary == 'polkadot' ]]; then - bins=( polkadot polkadot-prepare-worker polkadot-execute-worker ) + if [[ $BINARY == 'polkadot' ]]; then + bins=(polkadot polkadot-prepare-worker polkadot-execute-worker) for bin in "${bins[@]}"; do fetch_release_artifacts_from_s3 $bin done @@ -166,7 +166,7 @@ jobs: steps: - name: Checkout sources - uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Download artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 @@ -234,7 +234,7 @@ jobs: ./docker/scripts/polkadot/build-injected.sh $ARTIFACTS_FOLDER - name: Build Injected Container image chain-spec-builder - if: ${{ env.BINARY == 'polkadot' || env.BINARY == 'chain-spec-builder' }} + if: ${{ env.BINARY == 'chain-spec-builder' }} env: ARTIFACTS_FOLDER: release-artifacts IMAGE_NAME: ${{ env.BINARY }} @@ -321,7 +321,7 @@ jobs: environment: release steps: - name: Checkout sources - uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 From 6191b5d50ce0dad642082c05f7f1c7dab1ef015d Mon Sep 17 00:00:00 2001 From: EgorPopelyaev Date: Tue, 1 Oct 2024 18:24:30 +0200 Subject: [PATCH 9/9] change BINARY env to bin in rc fetch --- .github/workflows/release-50_publish-docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-50_publish-docker.yml b/.github/workflows/release-50_publish-docker.yml index f234f4c905466..ecaf3295d4017 100644 --- a/.github/workflows/release-50_publish-docker.yml +++ b/.github/workflows/release-50_publish-docker.yml @@ -134,7 +134,7 @@ jobs: . ./.github/scripts/common/lib.sh VERSION="${{ needs.validate-inputs.outputs.VERSION }}" - if [[ $BINARY == 'polkadot' ]]; then + if [[ ${{ inputs.binary }} == 'polkadot' ]]; then bins=(polkadot polkadot-prepare-worker polkadot-execute-worker) for bin in "${bins[@]}"; do fetch_release_artifacts_from_s3 $bin