Skip to content

Commit

Permalink
Merge pull request #400 from sge-network/release/v1.7.x
Browse files Browse the repository at this point in the history
Release / v1.7.0
  • Loading branch information
scorpioborn authored May 24, 2024
2 parents a1c73f7 + f3c7882 commit 89894fe
Show file tree
Hide file tree
Showing 266 changed files with 4,877 additions and 3,559 deletions.
2 changes: 1 addition & 1 deletion .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,6 @@ updates:
schedule:
interval: weekly
ignore:
- dependency-name: "github.com/tendermint/tendermint"
- dependency-name: "github.com/cometbft/cometbft"
update-types: ["version-update:semver-major", "version-update:semver-minor"]
open-pull-requests-limit: 10
17 changes: 13 additions & 4 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ on:
branches: [ "master" ]
schedule:
- cron: '26 6 * * 2'
env:
GO_VERSION: 1.22

jobs:
analyze:
Expand All @@ -41,11 +43,18 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Setup Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
check-latest: true
cache: false

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -59,7 +68,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
uses: github/codeql-action/autobuild@cdcdbb579706841c47f7063dda365e292e5cad7a

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -72,6 +81,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
uses: github/codeql-action/analyze@cdcdbb579706841c47f7063dda365e292e5cad7a
with:
category: "/language:${{matrix.language}}"
33 changes: 22 additions & 11 deletions .github/workflows/gosec.yml
Original file line number Diff line number Diff line change
@@ -1,28 +1,39 @@
name: Run Gosec
on:
push:
paths:
- "**/*.go"
- "go.mod"
- "go.sum"
branches:
- master
pull_request:
paths:
- "**/*.go"
- "go.mod"
- "go.sum"
branches:
- master
jobs:
tests:
permissions:
security-events: write

runs-on: ubuntu-latest
env:
GO111MODULE: on
steps:
- name: Set up Go
uses: actions/setup-go@v3
with:
path: /usr/local/go/bin
go-version: '1.18.10'
- name: Checkout Source
uses: actions/checkout@v2
- name: Set env vars
run: |
echo "${HOME}/goroot/bin" >> $GITHUB_PATH
uses: actions/checkout@v3

- name: Run Gosec Security Scanner
uses: cosmos/gosec@master
uses: securego/gosec@master
with:
# we let the report trigger content trigger a failure using the GitHub Security features.
args: "-no-fail -fmt sarif -out results.sarif ./..."

- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
args: ./...
# Path to SARIF file relative to the root of the repository
sarif_file: results.sarif
4 changes: 2 additions & 2 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ on:
- master

env:
GO_VERSION: '1.21'
GO_VERSION: '1.22'

jobs:
golangci:
Expand Down Expand Up @@ -59,4 +59,4 @@ jobs:
-
name: Run documentation linter
if: env.GIT_DIFF
run: make mdlint
run: make mdlint
74 changes: 51 additions & 23 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,46 +13,74 @@ jobs:
install-tparse:
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v3
- uses: actions/setup-go@v5
with:
go-version: 1.21
go-version: 1.22
- name: Display go version
run: go version
- name: install tparse
run: |
export GO111MODULE="on" && go install github.com/mfridman/tparse@v0.11.1
export GO111MODULE="on" && go install github.com/mfridman/tparse@v0.13.1
- uses: actions/cache@v2.1.6
with:
path: ~/go/bin
key: ${{ runner.os }}-go-tparse-binary

build:
name: sged-${{ matrix.targetos }}-${{ matrix.arch }}
runs-on: ubuntu-latest

strategy:
matrix:
go-arch: ["amd64", "arm", "arm64"]
arch: [amd64, arm64]
targetos: [darwin, linux]
include:
- targetos: darwin
arch: arm64

steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v3
with:
go-version: 1.21
- uses: technote-space/get-diff-action@v4
id: git_diff
- name: Check out repository code
uses: actions/checkout@v4
- name: Get git diff
uses: technote-space/get-diff-action@v6.1.2
with:
PATTERNS: |
**/**.go
**/**.wasm
!tests/**
**/**.go !**/*_test.go
go.mod
go.sum
- name: Build
run: GOARCH=${{ matrix.go-arch }} LEDGER_ENABLED=false make build
Makefile
.github/workflows/build.yml
- name: 🐿 Setup Golang
uses: actions/setup-go@v5
if: env.GIT_DIFF
with:
go-version-file: go.mod
env:
GOOS: ${{ matrix.targetos }}
GOARCH: ${{ matrix.arch }}
- name: Download Dependencies
if: env.GIT_DIFF
run: go mod download
- name: Build sged
if: env.GIT_DIFF
run: |
GOWRK=off go build cmd/sged/main.go
- name: Upload sged artifact
if: env.GIT_DIFF
uses: actions/upload-artifact@v3
with:
name: sged-${{ matrix.targetos }}-${{ matrix.arch }}
path: cmd/sged/sged

split-test-files:
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v3
- uses: actions/setup-go@v5
with:
go-version: 1.21
- uses: actions/checkout@v2
go-version: 1.22
- uses: actions/checkout@v4
- name: Create a file with all the pkgs
run: go list ./... > pkgs.txt
- name: Split pkgs into 4 files
Expand Down Expand Up @@ -83,10 +111,10 @@ jobs:
matrix:
part: ["00", "01", "02", "03"]
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: 1.21
go-version: 1.22
- uses: technote-space/get-diff-action@v4
with:
PATTERNS: |
Expand All @@ -110,7 +138,7 @@ jobs:
runs-on: ubuntu-latest
needs: tests
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- uses: technote-space/get-diff-action@v4
with:
PATTERNS: |
Expand Down Expand Up @@ -161,10 +189,10 @@ jobs:
matrix:
part: ["00", "01", "02", "03"]
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: 1.21
go-version: 1.22
- uses: technote-space/get-diff-action@v4
with:
PATTERNS: |
Expand Down
3 changes: 1 addition & 2 deletions .golangci.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
run:
tests: true
timeout: 10m
timeout: 15m
sort-results: true
allow-parallel-runners: true
exclude-dir: testutil/testdata_pulsar
Expand Down Expand Up @@ -30,7 +30,6 @@ linters:
- ineffassign
- makezero
- misspell
- nakedret
- nilnil
- promlinter
- staticcheck
Expand Down
75 changes: 75 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
# syntax=docker/dockerfile:1

ARG GO_VERSION="1.22"
ARG RUNNER_IMAGE="gcr.io/distroless/static-debian11"
ARG BUILD_TAGS="netgo,ledger,muslc"

# --------------------------------------------------------
# Builder
# --------------------------------------------------------

FROM golang:${GO_VERSION}-alpine3.18 as builder

ARG GIT_VERSION
ARG GIT_COMMIT
ARG BUILD_TAGS

RUN apk add --no-cache \
ca-certificates \
build-base \
linux-headers

# Download go dependencies
WORKDIR /sge
COPY go.mod go.sum ./
RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/root/go/pkg/mod \
go mod download

# Cosmwasm - Download correct libwasmvm version
RUN ARCH=$(uname -m) && WASMVM_VERSION=$(go list -m github.com/CosmWasm/wasmvm | sed 's/.* //') && \
wget https://github.com/CosmWasm/wasmvm/releases/download/$WASMVM_VERSION/libwasmvm_muslc.$ARCH.a \
-O /lib/libwasmvm_muslc.a && \
# verify checksum
wget https://github.com/CosmWasm/wasmvm/releases/download/$WASMVM_VERSION/checksums.txt -O /tmp/checksums.txt && \
sha256sum /lib/libwasmvm_muslc.a | grep $(cat /tmp/checksums.txt | grep libwasmvm_muslc.$ARCH | cut -d ' ' -f 1)

# Copy the remaining files
COPY . .

# Build sged binary
RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/root/go/pkg/mod \
GOWORK=off go build \
-mod=readonly \
-tags "netgo,ledger,muslc" \
-ldflags \
"-X github.com/cosmos/cosmos-sdk/version.Name="sge" \
-X github.com/cosmos/cosmos-sdk/version.AppName="sged" \
-X github.com/cosmos/cosmos-sdk/version.Version=${GIT_VERSION} \
-X github.com/cosmos/cosmos-sdk/version.Commit=${GIT_COMMIT} \
-X github.com/cosmos/cosmos-sdk/version.BuildTags=${BUILD_TAGS} \
-w -s -linkmode=external -extldflags '-Wl,-z,muldefs -static'" \
-trimpath \
-o /sge/build/sged \
/sge/cmd/sged/main.go

# --------------------------------------------------------
# Runner
# --------------------------------------------------------

FROM ${RUNNER_IMAGE}

COPY --from=builder /sge/build/sged /bin/sged

ENV HOME /sge
WORKDIR $HOME

EXPOSE 26656
EXPOSE 26657
EXPOSE 1317
# Note: uncomment the line below if you need pprof in localsge
# We disable it by default in out main Dockerfile for security reasons
# EXPOSE 6060

ENTRYPOINT ["sged"]
Loading

0 comments on commit 89894fe

Please sign in to comment.