test docker

Author: antonbaliasnikov

.github/workflows/DOCKER_CORE_build-docker.yml

@@ -0,0 +1,164 @@
+name: Test Docker Images
+
+#on:
+#  pull_request:
+
+jobs:
+
+  build-images:
+    name: Core docker images
+    secrets: inherit
+    strategy:
+      matrix:
+        component:
+          - server-v2
+#          - external-node
+#          - snapshots-creator
+    uses: matter-labs/zksync-era/.github/workflows/REUSED_build-docker-common.yaml@aba-ci-optimize
+    with:
+      image: ${{ matrix.component }}
+      dockerfile: docker/${{ matrix.component }}/Dockerfile
+
+
+#  build-images:
+#    name: Build and Push Docker Images
+#    env:
+#      IMAGE_TAG_SUFFIX: ${{ inputs.image_tag_suffix }}${{ (inputs.en_alpha_release && matrix.components == 'external-node') && '-alpha' || '' }}
+#    runs-on: ${{ fromJSON('["matterlabs-ci-runner-high-performance", "matterlabs-ci-runner-arm"]')[contains(matrix.platforms, 'arm')] }}
+#    permissions:
+#      packages: write
+#      contents: read
+#    strategy:
+#      matrix:
+#        components:
+#          - server-v2
+#          - external-node
+#          - snapshots-creator
+#        platforms:
+#          - linux/amd64
+#        include:
+#          - components: external-node
+#            platforms: linux/arm64
+#
+#    steps:
+#      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+#        with:
+#          submodules: "recursive"
+#
+#      - name: Set up Docker Buildx
+#        uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+#
+#      - name: Setup env
+#        shell: bash
+#        run: |
+#          echo ZKSYNC_HOME=$(pwd) >> $GITHUB_ENV
+#          echo CI=1 >> $GITHUB_ENV
+#          echo $(pwd)/bin >> $GITHUB_PATH
+#          echo CI=1 >> .env
+#          echo IN_DOCKER=1 >> .env
+#
+#      - name: Download setup key
+#        shell: bash
+#        run: |
+#          if [ -f "/setup_2^26.key" ]; then
+#            cp '/setup_2^26.key' './setup_2^26.key'
+#          else
+#            run_retried curl -LO https://storage.googleapis.com/matterlabs-setup-keys-us/setup-keys/setup_2\^26.key
+#          fi
+#
+#      - name: Set env vars
+#        shell: bash
+#        run: |
+#          echo PLATFORM=$(echo ${{ matrix.platforms }} | tr '/' '-') >> $GITHUB_ENV
+#          if [ -n "${{ inputs.image_tag_suffix }}" ]; then
+#            echo IMAGE_TAG_SHA_TS="${{ env.IMAGE_TAG_SUFFIX }}" >> $GITHUB_ENV
+#          else
+#            echo IMAGE_TAG_SHA_TS=$(git rev-parse --short HEAD)-$(date +%s) >> $GITHUB_ENV
+#          fi
+#
+#      - name: Download contracts
+#        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
+#        with:
+#          name: contacts
+#          path: |
+#            ./contracts
+#
+#      - name: login to Docker registries
+#        if: ${{ inputs.action == 'push' }}
+#        shell: bash
+#        run: |
+#          docker login -u ${{ secrets.DOCKERHUB_USER }} -p ${{ secrets.DOCKERHUB_TOKEN }}
+#          gcloud auth configure-docker us-docker.pkg.dev -q
+#
+#      - name: Login to GitHub Container Registry
+#        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+#        if: ${{ inputs.action == 'push' }}
+#        with:
+#          registry: ghcr.io
+#          username: ${{ github.actor }}
+#          password: ${{ secrets.GITHUB_TOKEN }}
+#
+#      - name: Build docker image
+#        uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
+#        with:
+#          context: .
+#          load: true
+#          platforms: ${{ matrix.platforms }}
+#          file: docker/${{ matrix.components }}/Dockerfile
+#          build-args: |
+#            SCCACHE_GCS_BUCKET=matterlabs-infra-sccache-storage
+#            SCCACHE_GCS_SERVICE_ACCOUNT=gha-ci-runners@matterlabs-infra.iam.gserviceaccount.com
+#            SCCACHE_GCS_RW_MODE=READ_WRITE
+#            RUSTC_WRAPPER=sccache
+#          tags: |
+#            us-docker.pkg.dev/matterlabs-infra/matterlabs-docker/${{ matrix.components }}:${{ env.IMAGE_TAG_SHA_TS }}-${{ env.PLATFORM }}
+#            ghcr.io/${{ github.repository_owner }}/${{ matrix.components }}:${{ env.IMAGE_TAG_SHA_TS }}-${{ env.PLATFORM }}
+#            matterlabs/${{ matrix.components }}:${{ env.IMAGE_TAG_SHA_TS }}-${{ env.PLATFORM }}
+#
+#      - name: Push docker image
+#        if: ${{ inputs.action == 'push' }}
+#        run: |
+#          docker push us-docker.pkg.dev/matterlabs-infra/matterlabs-docker/${{ matrix.components }}:${{ env.IMAGE_TAG_SHA_TS }}-${{ env.PLATFORM }}
+#          docker push matterlabs/${{ matrix.components }}:${{ env.IMAGE_TAG_SHA_TS }}-${{ env.PLATFORM }}
+#          docker push ghcr.io/${{ github.repository_owner }}/${{ matrix.components }}:${{ env.IMAGE_TAG_SHA_TS }}-${{ env.PLATFORM }}
+
+#  create_manifest:
+#    name: Create release manifest
+#    runs-on: matterlabs-ci-runner
+#    needs: build-images
+#    if: ${{ inputs.action == 'push' }}
+#    strategy:
+#      matrix:
+#        component:
+#          - name: server-v2
+#            platform: linux/amd64
+#          - name: external-node
+#            platform: linux/amd64,linux/arm64
+#          - name: snapshots-creator
+#            platform: linux/amd64
+#
+#    env:
+#      IMAGE_TAG_SUFFIX: ${{ inputs.image_tag_suffix }}${{ (inputs.en_alpha_release && matrix.component.name == 'external-node') && '-alpha' || '' }}
+#    steps:
+#      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4
+#
+#      - name: login to Docker registries
+#        run: |
+#          docker login -u ${{ secrets.DOCKERHUB_USER }} -p ${{ secrets.DOCKERHUB_TOKEN }}
+#          gcloud auth configure-docker us-docker.pkg.dev -q
+#
+#      - name: Create Docker manifest
+#        run: |
+#          docker_repositories=("matterlabs/${{ matrix.component.name }}" "us-docker.pkg.dev/matterlabs-infra/matterlabs-docker/${{ matrix.component.name }}")
+#          platforms=${{ matrix.component.platform }}
+#          for repo in "${docker_repositories[@]}"; do
+#            platform_tags=""
+#            for platform in ${platforms//,/ }; do
+#              platform=$(echo $platform | tr '/' '-')
+#              platform_tags+=" --amend ${repo}:${IMAGE_TAG_SUFFIX}-${platform}"
+#            done
+#            for manifest in "${repo}:${IMAGE_TAG_SUFFIX}" "${repo}:2.0-${IMAGE_TAG_SUFFIX}" "${repo}:latest" "${repo}:latest2.0"; do
+#              docker manifest create ${manifest} ${platform_tags}
+#              docker manifest push ${manifest}
+#            done
+#          done

.github/workflows/MAIN_build-contracts.yaml

@@ -29,7 +29,7 @@ on:
         type: string
         description: SHA commit for build
         required: false
-#  pull_request: # TODO: remove after testing
+  pull_request: # TODO: remove after testing
 
 # Do not cancel runs, put new merges in queue
 concurrency:
@@ -61,12 +61,13 @@ jobs:
         id: changed-files
         uses: tj-actions/changed-files@2f7c5bfce28377bc069a65ba478de0a74aa0ca32 # v46.0.1
         with:
+          fetch_additional_submodule_history: true
           files: |
             contracts
             contracts/**
 
       - name: Define contracts commit
-        if: ${{ steps.changed-files.outputs.any_changed == 'true' }}
+#        if: ${{ steps.changed-files.outputs.any_changed == 'true' }}
         id: contracts-commit
         run: echo "commit=$(cd contracts && git rev-parse HEAD)" >> "${GITHUB_OUTPUT}"
 
@@ -80,7 +81,7 @@ jobs:
   prebuild-contracts:
     needs: check-contracts
     runs-on: matterlabs-ci-runner-highmem-long
-    if: ${{ needs.check-release.outputs.commit != '' }}
+    if: ${{ needs.check-contracts.outputs.commit != '' }}
     steps:
       - name: Checkout
         uses: actions/checkout@v4

.github/workflows/MAIN_build-zkstack.yaml

@@ -13,7 +13,7 @@ permissions:
 
 # Define the events that triggers the workflow
 on:
-  pull_request: # TODO: remove after testing
+#  pull_request: # TODO: remove after testing
   push:
     branches:
       - main

.github/workflows/MAIN_cache-regen.yaml

@@ -35,7 +35,7 @@ on:
   # Run clean up and full regen once a month
   schedule:
     - cron: '0 0 1 * *'
-  pull_request: # TODO: remove after testing
+#  pull_request: # TODO: remove after testing
 
 
 # Do not cancel runs, put new merges in queue

…kflows/re-using/build-docker-common.yaml …orkflows/REUSED_build-docker-common.yaml.github/workflows/re-using/build-docker-common.yaml renamed to .github/workflows/REUSED_build-docker-common.yaml .github/workflows/re-using/build-docker-common.yaml renamed to .github/workflows/REUSED_build-docker-common.yaml

@@ -21,7 +21,7 @@ on:
       version:
         type: string
         description: 'Docker image version.'
-        required: true
+        required: false
 
 
 # Use bash shell with verbose output
@@ -31,13 +31,16 @@ defaults:
 
 # Add write permissions to the ghcr.io docker repository
 permissions:
+  contents: read
   packages: write
 
 jobs:
 
   build:
     name: Build ${{ matrix.platform }}
-    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
     strategy:
       fail-fast: false
       matrix:
@@ -46,6 +49,7 @@ jobs:
             runner: matterlabs-ci-runner-high-performance
           - platform: arm64
             runner: matterlabs-ci-runner-arm
+    runs-on: ${{ matrix.runner }}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -63,6 +67,19 @@ jobs:
           username: ${{ github.repository_owner }}
           password: ${{ github.token }}
 
+      - name: Download setup key
+        shell: bash
+        run: |
+          if [ -f "/setup_2^26.key" ]; then
+            cp '/setup_2^26.key' './setup_2^26.key'
+          else
+            curl -LO https://storage.googleapis.com/matterlabs-setup-keys-us/setup-keys/setup_2\^26.key
+          fi
+
+      # Download prebuilt contracts version if exists, otherwise build them
+      - name: Build contracts
+        uses: matter-labs/zksync-ci-common/.github/actions/build-contracts@aba-ci-optimize
+
       - name: Docker meta
         id: meta
         uses: docker/metadata-action@v5
@@ -72,7 +89,7 @@ jobs:
             matterlabs/${{ inputs.image }}
 
       - name: Define whether to save cache
-        # if: github.event_name != 'pull_request'
+        # if: github.event_name != 'pull_request' # TODO: uncomment before merging to main
         id: set-cache-to
         run: echo "cache-to=type=registry,ref=ghcr.io/${{ github.repository_owner }}/${{ inputs.image }}:buildcache-${{ matrix.platform }},mode=max" >> "${GITHUB_OUTPUT}"
 
@@ -89,7 +106,8 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: 'type=registry,ref=ghcr.io/${{ github.repository_owner }}/${{ inputs.image }}:buildcache-${{ matrix.platform }}'
           cache-to: ${{ steps.set-cache-to.outputs.cache-to }}
-          outputs: type=image,"name=ghcr.io/${{ github.repository_owner }}/${{ inputs.image }},matterlabs/${{ inputs.image }}",push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' }}
+          outputs: type=image,"name=ghcr.io/${{ github.repository_owner }}/${{ inputs.image }}",push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' }}
+#          outputs: type=image,"name=ghcr.io/${{ github.repository_owner }}/${{ inputs.image }},matterlabs/${{ inputs.image }}",push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' }}
 
       - name: Export digest
         run: |
@@ -105,51 +123,51 @@ jobs:
           if-no-files-found: error
           retention-days: 1
 
-    merge:
-      runs-on: matterlabs-ci-runner-high-performance
-      needs: build
-      steps:
-        - name: Download digests
-          uses: actions/download-artifact@v4
-          with:
-            path: ${{ runner.temp }}/digests
-            pattern: digests-*
-            merge-multiple: true
-
-        - name: Log in to Docker Hub
-          uses: docker/login-action@v3
-          with:
-            username: ${{ secrets.dockerhub_user }}
-            password: ${{ secrets.dockerhub_token }}
-
-        - name: Login to GHCR
-          uses: docker/login-action@v3
-          with:
-            registry: ghcr.io
-            username: ${{ github.repository_owner }}
-            password: ${{ github.token }}
-
-        - name: Set up Docker Buildx
-          uses: docker/setup-buildx-action@v3
-
-        - name: Docker meta
-          id: meta
-          uses: docker/metadata-action@v5
-          with:
-            images: |
-              ghcr.io/${{ github.repository_owner }}/${{ inputs.image }}
-              matterlabs/${{ inputs.image }}
-
-        - name: Create manifest list and push
-          working-directory: ${{ runner.temp }}/digests
-          shell: bash -ex {0}
-          run: |
-            docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-              $(printf 'ghcr.io/${{ github.repository_owner }}/${{ inputs.image }}@sha256:%s ' *)
-            docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-              $(printf 'matterlabs/${{ inputs.image }}@sha256:%s ' *)
-
-        - name: Inspect image
-          run: |
-            docker buildx imagetools inspect ghcr.io/${{ github.repository_owner }}/${{ inputs.image }}:${{ inputs.version }}
-            docker buildx imagetools inspect matterlabs/${{ inputs.image }}:${{ inputs.version }}
+  merge:
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Download digests
+        uses: actions/download-artifact@v4
+        with:
+          path: ${{ runner.temp }}/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.dockerhub_user }}
+          password: ${{ secrets.dockerhub_token }}
+
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ github.token }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ghcr.io/${{ github.repository_owner }}/${{ inputs.image }}
+      #              matterlabs/${{ inputs.image }}
+
+      - name: Create manifest list and push
+        working-directory: ${{ runner.temp }}/digests
+        shell: bash -ex {0}
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf 'ghcr.io/${{ github.repository_owner }}/${{ inputs.image }}@sha256:%s ' *)
+          # docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+          #   $(printf 'matterlabs/${{ inputs.image }}@sha256:%s ' *)
+
+  #        - name: Inspect image
+  #          run: |
+  #            docker buildx imagetools inspect ghcr.io/${{ github.repository_owner }}/${{ inputs.image }}:${{ inputs.version }}
+  #            docker buildx imagetools inspect matterlabs/${{ inputs.image }}:${{ inputs.version }}