GitHub Actions CI/CD (#6427)

Implements a CI/CD pipeline using Github Actions, to replace the current CircleCI implementation. https://wiki.hyperledger.org/pages/viewpage.action?pageId=80774216 --------- Signed-off-by: Justin Florentine <justin+github@florentine.us> Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> Signed-off-by: RoboCopsGoneSock <158174948+RoboCopsGoneSock@users.noreply.github.com> Signed-off-by: Danno Ferrin (shemnon) <danno.ferrin@shemnon.com> Signed-off-by: Danno Ferrin <danno.ferrin@swirldslabs.com> Signed-off-by: Karim Taam <karim.t2am@gmail.com> Signed-off-by: Ameziane H <ameziane.hamlat@consensys.net> Signed-off-by: ahamlat <ameziane.hamlat@consensys.net> Signed-off-by: garyschulte <garyschulte@gmail.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Co-authored-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: RoboCopsGoneSock <158174948+RoboCopsGoneSock@users.noreply.github.com> Co-authored-by: Danno Ferrin <danno.ferrin@shemnon.com> Co-authored-by: Karim TAAM <karim.t2am@gmail.com> Co-authored-by: garyschulte <garyschulte@gmail.com>
10 months ago · 621b16fa62
parent 9b0e38fa2a
commit 621b16fa62
20 changed files with 888 additions and 146 deletions
--- a/.github/workflows/acceptance-tests.yml
+++ b/.github/workflows/acceptance-tests.yml
@ -0,0 +1,114 @@
+name: acceptance-tests
+on:
+  pull_request:
+  pull_request_review:
+    types: [submitted]
+
+env:
+  GRADLE_OPTS: "-Xmx6g -Dorg.gradle.daemon=false"
+  total-runners: 16
+
+jobs:
+  shouldRun:
+    name: checks to ensure we should run
+    # necessary because there is no single PR approved event, need to check all comments/approvals/denials
+    runs-on: ubuntu-22.04
+    outputs:
+      shouldRun: ${{steps.shouldRun.outputs.result}}
+    steps:
+      - name: required check
+        id: shouldRun
+        uses: actions/github-script@v7.0.1
+        env:
+          # fun fact, this changes based on incoming event, it will be different when we run this on pushes to main
+          RELEVANT_SHA: ${{ github.event.pull_request.head.sha || github.sha }}
+        with:
+          script: |
+            const { RELEVANT_SHA } = process.env;
+            const { data: { statuses } } = await github.rest.repos.getCombinedStatusForRef({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              ref: RELEVANT_SHA,
+            });
+            const acceptanceTested = statuses && statuses.filter(({ context }) => context === 'acceptance-tests');
+            const alreadyRun = acceptanceTested && acceptanceTested.find(({ state }) => state === 'success') > 0;
+            const { data: reviews } = await github.rest.pulls.listReviews({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: context.issue.number,
+            });
+            const approvingReviews = reviews && reviews.filter(review => review.state === 'APPROVED');
+            const shouldRun = !alreadyRun && github.actor != 'dependabot[bot]' &&  (approvingReviews.length > 0);
+            
+              console.log("tests should be run = %j", shouldRun);
+              console.log("alreadyRun = %j", alreadyRun);
+              console.log("approvingReviews = %j", approvingReviews.length);
+            
+            return shouldRun;
+  acceptanceTestEthereum:
+    runs-on: ubuntu-22.04
+    name: "Acceptance Runner"
+    needs: shouldRun
+    permissions:
+      statuses: write
+      checks: write
+    if: ${{ needs.shouldRun.outputs.shouldRun == 'true'}}
+    strategy:
+      fail-fast: true
+      matrix:
+        runner_index: [0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15]
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: get acceptance test report
+        uses: dawidd6/action-download-artifact@v2
+        with:
+          branch: main
+          name_is_regexp: true
+          name: 'acceptance-node-\d*\d-test-results'
+          path: tmp/junit-xml-reports-downloaded
+          if_no_artifact_found: true
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: Split tests
+        id: split-tests
+        uses: r7kamura/split-tests-by-timings@v0
+        with:
+          reports: tmp/junit-xml-reports-downloaded
+          glob: 'acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/**/*Test.java'
+          total: ${{env.total-runners}}
+          index: ${{ matrix.runner_index }}
+      - name: write out test list
+        run: echo "${{ steps.split-tests.outputs.paths }}" >> testList.txt
+      - name: format gradle args
+        #regex means: first truncate file paths to align with package name, then swap path delimiter with package delimiter,
+        #then drop file extension, then insert --tests option between each.
+        run: cat testList.txt | sed -e 's@acceptance-tests/tests/src/test/java/@--tests\ @g;s@/@.@g;s/\.java//g'  > gradleArgs.txt
+      - name: run acceptance tests
+        run: ./gradlew acceptanceTest `cat gradleArgs.txt` -Dorg.gradle.parallel=true -Dorg.gradle.caching=true
+      - name: cleanup tempfiles
+        run: rm testList.txt gradleArgs.txt
+      - name: Upload Acceptance Test Results
+        uses: actions/upload-artifact@v3.1.0
+        with:
+          name: acceptance-node-${{matrix.runner_index}}-test-results
+          path: 'acceptance-tests/tests/build/test-results/acceptanceTest/TEST-*.xml'
+      - name: Publish Test Report
+        uses: mikepenz/action-junit-report@v4
+        if: (success() || failure()) # always run even if the build step fails
+        with:
+          report_paths: 'acceptance-tests/tests/build/test-results/acceptanceTest/TEST-*.xml'
+  acceptance-tests:
+    runs-on: ubuntu-22.04
+    needs: [ acceptanceTestEthereum ]
+    permissions:
+      checks: write
+      statuses: write
+    steps:
+      - name: consolidation
+        run: echo "consolidating statuses"
--- a/.github/workflows/artifacts.yml
+++ b/.github/workflows/artifacts.yml
@ -0,0 +1,76 @@
+
+name: artifacts
+
+on:
+  release:
+    types:
+      - prereleased
+
+jobs:
+  artifacts:
+    runs-on: ubuntu-22.04
+    permissions:
+      contents: write
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4.1.1
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: assemble distributions
+        run:
+          ./gradlew -Prelease.releaseVersion=${{github.ref_name}} assemble -Dorg.gradle.parallel=true -Dorg.gradle.caching=true
+      - name: hashes
+        id: hashes
+        run: |
+          cd build/distributions
+          echo "zipSha=$(shasum -a 256 besu*.zip)" >> $GITHUB_OUTPUT
+          echo "tarSha=$(shasum -a 256 besu*.tar.gz)" >> $GITHUB_OUTPUT
+      - name: upload tarball
+        uses: actions/upload-artifact@v3
+        with:
+          path: 'build/distributions/besu*.tar.gz'
+          name: besu-${{ github.ref_name }}.tar.gz
+      - name: upload zipfile
+        uses: actions/upload-artifact@v3
+        with:
+          path: 'build/distributions/besu*.zip'
+          name: besu-${{ github.ref_name }}.zip
+      - name: Upload Release assets
+        uses: softprops/action-gh-release@v1
+        with:
+          append_body: true
+          files: |
+            build/distributions/besu*.tar.gz
+            build/distributions/besu*.zip
+          body: |
+            ${{steps.hashes.outputs.tarSha}}
+            ${{steps.hashes.outputs.zipSha}}
+  testWindows:
+    runs-on: windows-2022
+    needs: artifacts
+    timeout-minutes: 10
+    if: ${{ github.actor != 'dependabot[bot]' }}
+    steps:
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: adopt
+          java-version: 17
+      - name: Download zip
+        uses: actions/download-artifact@v3
+        with:
+          name: besu-${{ github.ref_name }}.zip
+      - name: test Besu
+        run: |
+          unzip besu-*.zip -d besu-tmp
+          cd besu-tmp
+          mv besu-* ../besu
+          cd ..
+          besu\bin\besu.bat --help
+          besu\bin\besu.bat --version
+
--- a/.github/workflows/checks.yml
+++ b/.github/workflows/checks.yml
@ -1,36 +0,0 @@
-name: checks
-on:
-  push:
-    branches: [ main ]
-  pull_request:
-  workflow_dispatch:
-
-jobs:
-  spotless:
-    runs-on: [besu-research-ubuntu-16]
-    if: ${{ github.actor != 'dependabot[bot]' }}
-    steps:
-      - name: Checkout Repo
-        uses: actions/checkout@v4
-      - name: Set up Java
-        uses: actions/setup-java@v4
-        with:
-          distribution: 'temurin'
-          java-version: 17
-          cache: gradle
-      - name: spotless
-        run: ./gradlew --no-daemon --parallel clean spotlessCheck
-  javadoc_17:
-    runs-on: [besu-research-ubuntu-8]
-    if: ${{ github.actor != 'dependabot[bot]' }}
-    steps:
-      - name: Checkout Repo
-        uses: actions/checkout@v4
-      - name: Set up Java 17
-        uses: actions/setup-java@v4
-        with:
-          distribution: 'temurin'
-          java-version: 17
-          cache: gradle
-      - name: javadoc (JDK 17)
-        run: ./gradlew --no-daemon clean javadoc
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -14,40 +14,29 @@ name: "CodeQL"
 on:
  push:
    branches: [ main ]
-  pull_request:
-    branches: [ main ]
-    paths-ignore:
-      - '**/*.json'
-      - '**/*.md'
-      - '**/*.properties'
-      - '**/*.txt'
+    pull_request:
+      branches: [ main ]
+      paths-ignore:
+        - '**/*.json'
+        - '**/*.md'
+        - '**/*.properties'
+        - '**/*.txt'
 jobs:
  analyze:
    name: Analyze
-    runs-on: [besu-research-ubuntu-16]
+    runs-on: ubuntu-22.04
    permissions:
      actions: read
      contents: read
      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'java' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v4
-
+      uses: actions/checkout@v4.1.1
    - name: Set up Java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v4.0.0
      with:
        distribution: 'temurin'
        java-version: 17
-        cache: gradle
-
    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
      uses: github/codeql-action/init@v2
@ -58,10 +47,10 @@ jobs:
        # Prefix the list here with "+" to use these queries and those in the config file.
        queries: security-and-quality,security-extended

-    # Autobuild failed (OOM)
-    # Hence, supply memory args for gradle build
-    - run: |
-        JAVA_OPTS="-Xmx1000M" ./gradlew --no-scan compileJava
-
+    - name: setup gradle
+      uses: gradle/gradle-build-action@v2.12.0
+    - name: compileJava noscan
+      run: |
+        JAVA_OPTS="-Xmx2048M" ./gradlew --no-scan compileJava
    - name: Perform CodeQL Analysis
      uses: github/codeql-action/analyze@v2
--- a/.github/workflows/dco-merge-group.yml
+++ b/.github/workflows/dco-merge-group.yml
@ -1,10 +0,0 @@
-name: dco
-on:
-  merge_group:
-
-jobs:
-  dco:
-    runs-on: [besu-research-ubuntu-8]
-    if: ${{ github.actor != 'dependabot[bot]' }}
-    steps:
-      - run: echo "This DCO job runs on merge_queue event and doesn't check PR contents"
--- a/.github/workflows/dco.yml
+++ b/.github/workflows/dco.yml
@ -1,20 +0,0 @@
-name: dco
-on:
-  pull_request:
-  workflow_dispatch:
-
-jobs:
-  dco:
-    runs-on: [besu-research-ubuntu-8]
-    if: ${{ github.actor != 'dependabot[bot]' }}
-    steps:
-      - run: echo "This DCO job runs on pull_request event and workflow_dispatch"
-      - name: Get PR Commits
-        id: 'get-pr-commits'
-        uses: tim-actions/get-pr-commits@v1.2.0
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-      - name: DCO Check
-        uses: tim-actions/dco@v1.1.0
-        with:
-          commits: ${{ steps.get-pr-commits.outputs.commits }}
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@ -0,0 +1,113 @@
+name: docker
+on:
+  release:
+    types:
+      - prereleased
+env:
+  registry: ghcr.io
+
+jobs:
+  hadolint:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: hadoLint_openj9-jdk_17
+        run: docker run --rm -i hadolint/hadolint < docker/openj9-jdk-17/Dockerfile
+      - name: hadoLint_openjdk_17
+        run: docker run --rm -i hadolint/hadolint < docker/openjdk-17/Dockerfile
+      - name: hadoLint_openjdk_17_debug
+        run: docker run --rm -i hadolint/hadolint < docker/openjdk-17-debug/Dockerfile
+      - name: hadoLint_openjdk_latest
+        run: docker run --rm -i hadolint/hadolint < docker/openjdk-latest/Dockerfile
+      - name: hadoLint_graalvm
+        run: docker run --rm -i hadolint/hadolint < docker/graalvm/Dockerfile
+  buildDocker:
+    needs: hadolint
+    permissions:
+      contents: read
+      packages: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        platform:
+          - ubuntu-22.04
+          - [self-hosted, ARM64]
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - name: Prepare
+        id: prep
+        run: |
+            platform=${{ matrix.platform }}
+            if [ "$platform" = 'ubuntu-22.04' ]; then 
+              echo "PLATFORM_PAIR=linux-amd64" >> $GITHUB_OUTPUT
+              echo "ARCH=amd64" >> $GITHUB_OUTPUT
+            else
+              echo "PLATFORM_PAIR=linux-arm64" >> $GITHUB_OUTPUT
+              echo "ARCH=arm64" >> $GITHUB_OUTPUT
+            fi
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: short sha
+        id: shortSha
+        run: echo "sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: install goss
+        run: |
+          mkdir -p docker/reports
+          curl -L https://github.com/aelsabbahy/goss/releases/download/v0.4.4/goss-${{ steps.prep.outputs.PLATFORM_PAIR }} -o ./docker/tests/goss-${{ steps.prep.outputs.PLATFORM_PAIR }}
+      - name: build and test docker
+        uses: gradle/gradle-build-action@v2.12.0
+        env:
+          architecture: ${{ steps.prep.outputs.ARCH }}
+        with:
+          arguments: testDocker -PdockerOrgName=${{ env.registry }}/${{ github.repository_owner }} -Prelease.releaseVersion=${{ github.ref_name }}
+      - name: login to ghcr
+        uses: docker/login-action@v3.0.0
+        with:
+          registry: ${{ env.registry }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: publish
+        env:
+          architecture: ${{ steps.prep.outputs.ARCH }}
+        run: ./gradlew --no-daemon dockerUpload -PdockerOrgName=${{ env.registry }}/${{ github.repository_owner }} -Prelease.releaseVersion=${{ github.ref_name }}
+  multiArch:
+    needs: buildDocker
+    runs-on: ubuntu-22.04
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: login to ghcr
+        uses: docker/login-action@v3.0.0
+        with:
+          registry: ${{ env.registry }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: multi-arch docker
+        run: ./gradlew manifestDocker -PdockerOrgName=${{ env.registry }}/${{ github.repository_owner }} -Prelease.releaseVersion=${{ github.ref_name }}
+
--- a/.github/workflows/gradle-wrapper-validation.yml
+++ b/.github/workflows/gradle-wrapper-validation.yml
@ -1,11 +0,0 @@
-# SPDX-License-Identifier: Apache-2.0
-name: "Validate Gradle Wrapper"
-on: [push, pull_request]
-
-jobs:
-  validation:
-    name: "Gradle Wrapper Validation"
-    runs-on: [besu-research-ubuntu-8]
-    steps:
-      - uses: actions/checkout@v4
-      - uses: gradle/wrapper-validation-action@v1
--- a/.github/workflows/integration-tests.yml
+++ b/.github/workflows/integration-tests.yml
@ -0,0 +1,73 @@
+name: integration-tests
+on:
+  pull_request:
+  pull_request_review:
+    types:
+      - submitted
+
+env:
+  GRADLE_OPTS: "-Xmx6g -Dorg.gradle.daemon=false"
+
+jobs:
+  shouldRun:
+    name: checks to ensure we should run
+    runs-on: ubuntu-22.04
+    outputs:
+      shouldRun: ${{steps.shouldRun.outputs.result}}
+    steps:
+      - name: required check
+        id: shouldRun
+        uses: actions/github-script@v7.0.1
+        env:
+          # fun fact, this changes based on incoming event, it will be different when we run this on pushes to main
+          RELEVANT_SHA: ${{ github.event.pull_request.head.sha || github.sha }}
+        with:
+          script: |
+            const { RELEVANT_SHA } = process.env;
+            const { data: { statuses } } = await github.rest.repos.getCombinedStatusForRef({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              ref: RELEVANT_SHA,
+            });
+            
+            const intTested = statuses && statuses.filter(({ context }) => context === 'integration-tests');
+            const alreadyRun = intTested && intTested.find(({ state }) => state === 'success') > 0;
+            const { data: reviews } = await github.rest.pulls.listReviews({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: context.issue.number,
+            });
+            const approvingReviews = reviews && reviews.filter(review => review.state === 'APPROVED');
+            const shouldRun = !alreadyRun && github.actor != 'dependabot[bot]' && (approvingReviews.length > 0);
+
+              console.log("tests should be run = %j", shouldRun);
+              console.log("alreadyRun = %j", alreadyRun);
+              console.log("approvingReviews = %j", approvingReviews.length);
+
+            return shouldRun;
+  integration-tests:
+    runs-on: ubuntu-22.04
+    needs: shouldRun
+    if: ${{ needs.shouldRun.outputs.shouldRun == 'true' }}
+    permissions:
+      statuses: write
+      checks: write
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: run integration tests
+        run: ./gradlew integrationTest compileJmh -Dorg.gradle.parallel=true -Dorg.gradle.caching=true
+      - name: Publish Test Report
+        uses: mikepenz/action-junit-report@v4
+        if: (success() || failure())
+        with:
+          report_paths: '**/build/test-results/integrationTest/TEST-*.xml'
+
+
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@ -0,0 +1,121 @@
+name: nightly
+
+on:
+  workflow_dispatch:
+  schedule:
+    # * is a special character in YAML so you have to quote this string
+    # expression evaluates to midnight every night
+    - cron:  '0 0 * * *'
+
+env:
+  nightly-tag: develop
+  registry: ghcr.io
+
+jobs:
+  hadolint:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: hadoLint_openj9-jdk_17
+        run: docker run --rm -i hadolint/hadolint < docker/openj9-jdk-17/Dockerfile
+      - name: hadoLint_openjdk_17
+        run: docker run --rm -i hadolint/hadolint < docker/openjdk-17/Dockerfile
+      - name: hadoLint_openjdk_17_debug
+        run: docker run --rm -i hadolint/hadolint < docker/openjdk-17-debug/Dockerfile
+      - name: hadoLint_openjdk_latest
+        run: docker run --rm -i hadolint/hadolint < docker/openjdk-latest/Dockerfile
+      - name: hadoLint_graalvm
+        run: docker run --rm -i hadolint/hadolint < docker/graalvm/Dockerfile
+  buildDocker:
+    needs: hadolint
+    permissions:
+      contents: read
+      packages: write
+    strategy:
+      fail-fast: false
+      matrix:
+        platform:
+          - ubuntu-22.04
+          - [self-hosted, ARM64]
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - name: Prepare
+        id: prep
+        run: |
+          platform=${{ matrix.platform }}
+          if [ "$platform" = 'ubuntu-22.04' ]; then 
+            echo "PLATFORM_PAIR=linux-amd64" >> $GITHUB_OUTPUT
+            echo "ARCH=amd64" >> $GITHUB_OUTPUT
+          else
+            echo "PLATFORM_PAIR=linux-arm64" >> $GITHUB_OUTPUT
+            echo "ARCH=arm64" >> $GITHUB_OUTPUT
+          fi
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: short sha
+        id: shortSha
+        run: echo "sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: build image
+        uses: gradle/gradle-build-action@v2.12.0
+        with:
+          arguments: distDocker -PdockerOrgName=${{ env.registry }}/${{ github.repository_owner }} -Pbranch=main
+      - name: install goss
+        run: |
+          mkdir -p docker/reports
+          curl -L https://github.com/aelsabbahy/goss/releases/download/v0.4.4/goss-${{ steps.prep.outputs.PLATFORM_PAIR }} -o ./docker/tests/goss-${{ steps.prep.outputs.PLATFORM_PAIR }}
+      - name: test docker
+        uses: gradle/gradle-build-action@v2.12.0
+        env:
+          architecture: ${{ steps.prep.outputs.ARCH }}
+        with:
+          arguments: testDocker -PdockerOrgName=${{ env.registry }}/${{ github.repository_owner }} -Pbranch=main
+      - name: login to ghcr
+        uses: docker/login-action@v3.0.0
+        with:
+          registry: ${{ env.registry }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: publish
+        env:
+          architecture: ${{ steps.prep.outputs.ARCH }}
+        run: ./gradlew --no-daemon dockerUpload -PdockerOrgName=${{ env.registry }}/${{ github.repository_owner }} -Pbranch=main
+  multiArch:
+    permissions:
+      contents: read
+      packages: write
+    needs: buildDocker
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: Login to DockerHub
+        uses: docker/login-action@v3.0.0
+        with:
+          registry: ${{ env.registry }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: multi-arch docker
+        run: ./gradlew manifestDocker -PdockerOrgName=${{ env.registry }}/${{ github.repository_owner }} -Pbranch=main
+
--- a/.github/workflows/parallel-unit-tests.yml
+++ b/.github/workflows/parallel-unit-tests.yml
@ -0,0 +1,49 @@
+name: parallel-unit-tests
+#experimental work in progress - trying to figure out how to split tests across multi-modules by runtime
+on:
+  workflow_dispatch:
+
+env:
+  GRADLE_OPTS: "-Dorg.gradle.daemon=false"
+  total-runners: 4
+jobs:
+  junit:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        runner_index:
+          - 0
+          - 1
+          - 2
+          - 3
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Split tests
+        id: split-tests
+        uses: chaosaffe/split-tests@v1-alpha.1
+        with:
+          glob: '**/src/test/java/**/*.java'
+          split-total: ${{ env.total-runners }}
+          split-index: ${{ matrix.runner_index }}
+          line-count: true
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: adopt
+          java-version: 17
+          cache: gradle
+      - name: write out test list
+        run: echo "${{ steps.split-tests.outputs.test-suite }}" >> testList.txt
+      - name: debug testfile paths
+        run: cat testList.txt
+      - name: format gradle args
+        # regex means: truncate file paths to align with package name, replacing with tests switch, then drop file extension,
+        # then swap path delimiter with package delimiter
+        run: cat testList.txt | sed -e 's/[^ ]*src\/test\/java\//--tests\ /g' -e 's/\.java//g' -e 's/\//\./g' >> gradleArgs.txt
+      - name: debug test class list
+        run: cat gradleArgs.txt
+      - name: run unit tests
+        run: ./gradlew test `cat gradleArgs.txt`
+
--- a/.github/workflows/pr-checklist-on-open.yml
+++ b/.github/workflows/pr-checklist-on-open.yml
@ -6,9 +6,11 @@ on:
 jobs:
  checklist:
    name: "add checklist as a comment on newly opened PRs"
-    runs-on: [besu-research-ubuntu-8]
+    runs-on: ubuntu-22.04
+    permissions:
+      pull-requests: write
    steps:
-      - uses: actions/github-script@v5
+      - uses: actions/github-script@v7.0.1
        with:
          github-token: ${{secrets.GITHUB_TOKEN}}
          script: |
@ -16,5 +18,5 @@ jobs:
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
-              body: '- [ ] I thought about documentation and added the `doc-change-required` label to this PR if [updates are required](https://wiki.hyperledger.org/display/BESU/Documentation).\n- [ ] I thought about the changelog and included a [changelog update if required](https://wiki.hyperledger.org/display/BESU/Changelog).\n- [ ] If my PR includes database changes (e.g. KeyValueSegmentIdentifier) I have thought about compatibility and performed forwards and backwards compatibility tests'
+              body: '- [ ] I thought about documentation and added the `doc-change-required` label to this PR if [updates are required](https://wiki.hyperledger.org/display/BESU/Documentation).\n- [ ] I thought about the changelog and included a [changelog update if required](https://wiki.hyperledger.org/display/BESU/Changelog).\n- [ ] If my PR includes database changes (e.g. KeyValueSegmentIdentifier) I have thought about compatibility and performed forwards and backwards compatibility tests\n- [ ] I thought about running CI.\n- [ ] If I did not run CI, I ran as much locally as possible before pushing.\n-'
            })
--- a/.github/workflows/pre-review.yml
+++ b/.github/workflows/pre-review.yml
@ -0,0 +1,103 @@
+name: pre-review
+
+on:
+  pull_request:
+  workflow_dispatch:
+
+permissions:
+  statuses: write
+  checks: write
+
+jobs:
+  repolint:
+    name: "Repository Linting"
+    runs-on: ubuntu-22.04
+    container: ghcr.io/todogroup/repolinter:v0.11.2
+    steps:
+    - name: Checkout Code
+      uses: actions/checkout@v4.1.1
+    - name: Lint Repo
+      run: bundle exec /app/bin/repolinter.js --rulesetUrl https://raw.githubusercontent.com/hyperledger-labs/hyperledger-community-management-tools/main/repo_structure/repolint.json --format markdown
+  gradle-wrapper:
+    name: "Gradle Wrapper Validation"
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4.1.1
+      - uses: gradle/wrapper-validation-action@v1.1.0
+  spotless:
+    runs-on: ubuntu-22.04
+    if: ${{ github.actor != 'dependabot[bot]' }}
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: run spotless
+        run: ./gradlew spotlessCheck -Dorg.gradle.parallel=true -Dorg.gradle.caching=true
+  compile:
+    runs-on: ubuntu-22.04
+    timeout-minutes: 30
+    needs: [spotless, gradle-wrapper, repolint]
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: Gradle Compile
+        run: ./gradlew build -x test -x spotlessCheck -Dorg.gradle.parallel=true -Dorg.gradle.caching=true
+  unitTests:
+    env:
+        GRADLEW_UNIT_TEST_ARGS: ${{matrix.gradle_args}}
+    runs-on: ubuntu-22.04
+    needs: [ compile ]
+    permissions:
+      checks: write
+      statuses: write
+    strategy:
+      fail-fast: true
+      matrix:
+        gradle_args:
+          - "test -x besu:test -x consensus:test -x crypto:test -x ethereum:eth:test -x ethereum:api:test -x ethereum:core:test"
+          - "besu:test consensus:test crypto:test"
+          - "ethereum:api:testBonsai"
+          - "ethereum:api:testForest"
+          - "ethereum:api:testRemainder"
+          - "ethereum:core:test"
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: run unit tests
+        id: unitTest
+        run: ./gradlew $GRADLEW_UNIT_TEST_ARGS -Dorg.gradle.parallel=true -Dorg.gradle.caching=true
+      - name: Publish Test Report
+        uses: mikepenz/action-junit-report@v4
+        if: success() || failure() # always run even if the build step fails
+        with:
+          report_paths: '**/test-results/**/TEST-*.xml'
+          annotate_only: true
+  pre-review:
+    runs-on: ubuntu-22.04
+    needs: [unitTests]
+    permissions:
+      checks: write
+      statuses: write
+    steps:
+      - name: consolidation
+        run: echo "consolidating statuses"
--- a/.github/workflows/reference-tests.yml
+++ b/.github/workflows/reference-tests.yml
@ -0,0 +1,147 @@
+name: reference-tests
+on:
+  pull_request:
+  pull_request_review:
+    types:
+      - submitted
+
+env:
+  GRADLE_OPTS: "-Xmx6g -Dorg.gradle.daemon=false"
+  total-runners: 6
+
+jobs:
+  shouldRun:
+    name: checks to ensure we should run
+    # necessary because there is no single PR approved event, need to check all comments/approvals/denials
+    # might also be a job running, and additional approvals
+    runs-on: ubuntu-22.04
+    outputs:
+      shouldRun: ${{steps.shouldRun.outputs.result}}
+    steps:
+      - name: required check
+        id: shouldRun
+        uses: actions/github-script@v7.0.1
+        env:
+          # fun fact, this changes based on incoming event, it will be different when we run this on pushes to main
+          RELEVANT_SHA: ${{ github.event.pull_request.head.sha || github.sha }}
+        with:
+          script: |
+            const { RELEVANT_SHA } = process.env;
+            const { data: { statuses } } = await github.rest.repos.getCombinedStatusForRef({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              ref: RELEVANT_SHA,
+            });
+            
+            
+            const refTested = statuses && statuses.filter(({ context }) => context === 'reference-tests');
+            const alreadyRun = refTested && refTested.find(({ state }) => state === 'success') > 0;
+            const { data: reviews } = await github.rest.pulls.listReviews({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: context.issue.number,
+            });
+            const approvingReviews = reviews && reviews.filter(review => review.state === 'APPROVED');
+            const shouldRun = !alreadyRun && github.actor != 'dependabot[bot]' &&  (approvingReviews.length > 0);
+
+              console.log("tests should be run = %j", shouldRun);
+              console.log("alreadyRun = %j", alreadyRun);
+              console.log("approvingReviews = %j", approvingReviews.length);
+
+            return shouldRun;
+
+  prepareReferenceTestEthereum:
+    runs-on: ubuntu-22.04
+    needs: shouldRun
+    if: ${{ needs.shouldRun.outputs.shouldRun == 'true' }}
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+        with:
+          submodules: recursive
+          set-safe-directory: true
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: temurin
+          java-version: 17
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: execute generate reference tests
+        run: ./gradlew ethereum:referencetests:blockchainReferenceTests ethereum:referencetests:generalstateReferenceTests ethereum:referencetests:generalstateRegressionReferenceTests -Dorg.gradle.parallel=true -Dorg.gradle.caching=true
+      - name: store generated tests
+        uses: actions/upload-artifact@v3
+        with:
+          name: 'reference-tests'
+          path: 'ethereum/referencetests/build/generated/sources/reference-test/**/*.java'
+
+  referenceTestEthereum:
+    runs-on: ubuntu-22.04
+    permissions:
+      statuses: write
+      checks: write
+    needs:
+      - prepareReferenceTestEthereum
+    if: ${{ needs.shouldRun.outputs.shouldRun == 'true' }}
+    strategy:
+      fail-fast: true
+      matrix:
+        runner_index: [0,1,2,3,4,5]
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4.1.1
+        with:
+          submodules: recursive
+      - name: Set up Java
+        uses: actions/setup-java@v4.0.0
+        with:
+          distribution: adopt-openj9
+          java-version: 17
+      - name: retrieve generated tests
+        uses: actions/download-artifact@v3.0.2
+        with:
+          name: 'reference-tests'
+          path: 'ethereum/referencetests/build/generated/sources/reference-test/'
+      - name: get reference test report
+        uses: dawidd6/action-download-artifact@v2
+        with:
+          branch: main
+          name_is_regexp: true
+          name: 'reference-test-node-\d*\d-results'
+          path: tmp/ref-xml-reports-downloaded
+          if_no_artifact_found: true
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
+      - name: Split tests
+        id: split-tests
+        uses: r7kamura/split-tests-by-timings@v0
+        with:
+          reports: tmp/ref-xml-reports-downloaded
+          glob: 'ethereum/referencetests/build/generated/sources/reference-test/**/*.java'
+          total: ${{env.total-runners}}
+          index: ${{ matrix.runner_index }}
+      - name: compose gradle args
+        run: echo ${{ steps.split-tests.outputs.paths }} | sed -e 's/^.*java\///' -e 's@/@.@g' -e 's/\.java//' -e 's/^/--tests /' > refTestArgs.txt
+      - name: run reference tests
+        run: ./gradlew ethereum:referenceTests:referenceTests `cat refTestArgs.txt` -Dorg.gradle.parallel=true -Dorg.gradle.caching=true
+      - name: Upload Test Report
+        uses: actions/upload-artifact@v3
+        if: always() # always run even if the previous step fails
+        with:
+          name: reference-test-node-${{matrix.runner_index}}-results
+          path: '**/build/test-results/referenceTests/TEST-*.xml'
+      - name: Publish Test Report
+        uses: mikepenz/action-junit-report@v4
+        if: success() || failure() # always run even if the build step fails
+        with:
+          report_paths: '**/build/test-results/referenceTest/TEST-*.xml'
+  reference-tests:
+    runs-on: ubuntu-22.04
+    needs: [ referenceTestEthereum ]
+    permissions:
+      checks: write
+      statuses: write
+    steps:
+      - name: consolidation
+        run: echo "consolidating statuses"
+
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -1,13 +1,14 @@
 name: release besu
 on:
+  workflow_dispatch:
  release:
-    types: released
+    types: [released]
 jobs:
  dockerPromoteX64:
-    runs-on: [besu-research-ubuntu-16]
+    runs-on: ubuntu-22.04
    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/checkout@v4.1.1
+      - uses: actions/setup-java@v4.0.0
        with:
          distribution: 'temurin' # See 'Supported distributions' for available options
          java-version: '17'
@ -15,7 +16,7 @@ jobs:
      - name: Login to DockerHub
        run: echo '${{ secrets.DOCKER_PASSWORD_RW }}' | docker login -u '${{ secrets.DOCKER_USER_RW }}' --password-stdin
      - name: Setup Gradle
-        uses: gradle/gradle-build-action@v2
+        uses: gradle/gradle-build-action@v2.12.0
      - name: Docker upload
        run: ./gradlew "-Prelease.releaseVersion=${{ github.ref_name }}" "-PdockerOrgName=${{ secrets.DOCKER_ORG }}" dockerUploadRelease
      - name: Docker manifest
--- a/.github/workflows/repolinter.yml
+++ b/.github/workflows/repolinter.yml
@ -1,24 +0,0 @@
-# SPDX-License-Identifier: Apache-2.0
-# Hyperledger Repolinter Action
-name: Repolinter
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - master
-      - main
-  pull_request:
-    branches:
-      - master
-      - main
-
-jobs:
-  build:
-    runs-on: [besu-research-ubuntu-16]
-    container: ghcr.io/todogroup/repolinter:v0.10.1
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-      - name: Lint Repo
-        run: bundle exec /app/bin/repolinter.js --rulesetUrl https://raw.githubusercontent.com/hyperledger-labs/hyperledger-community-management-tools/main/repo_structure/repolint.json --format markdown
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@ -14,24 +14,26 @@ permissions:
 jobs:
  Analysis:
    runs-on: ubuntu-latest
-    if: github.repository == 'hyperledger/besu'
    steps:
      - name: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v4.1.1
      - name: Set up JDK 17
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v4.0.0
        with:
          distribution: 'temurin'
          java-version: '17'
-          cache: gradle
      - name: Cache SonarCloud packages
        uses: actions/cache@v3
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar
+      - name: setup gradle
+        uses: gradle/gradle-build-action@v2.12.0
      - name: Build and analyze
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: ./gradlew build sonarqube --continue --info
+          SONAR_ORGANIZATION: ${{ env.SONAR_ORGANIZATION }}
+          SONAR_PROJECT_KEY: $ {{ env.SONAR_PROJECT_KEY }}
+        run: ./gradlew build sonarqube --continue --info -Dorg.gradle.parallel=true -Dorg.gradle.caching=true
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,14 @@
 # Changelog

+## 24.1.2
+
+### Bug fixes
+- Fix ETC Spiral upgrade breach of consensus [#6524](https://github.com/hyperledger/besu/pull/6524)
+- Adds timestamp to enable Cancun upgrade on mainnet
+- Github Actions based build.
+
+### Download Links
+
 ## 24.1.1

 ### Breaking Changes
@ -20,6 +29,7 @@
 - Upgrade Mockito [#6397](https://github.com/hyperledger/besu/pull/6397)
 - Upgrade `tech.pegasys.discovery:discovery` [#6414](https://github.com/hyperledger/besu/pull/6414)
 - Options to tune the max allowed time that can be spent selecting transactions during block creation are now stable [#6423](https://github.com/hyperledger/besu/pull/6423)
+- Support for "pending" in `qbft_getValidatorsByBlockNumber` [#6436](https://github.com/hyperledger/besu/pull/6436)

 ### Bug fixes
 - INTERNAL_ERROR from `eth_estimateGas` JSON/RPC calls [#6344](https://github.com/hyperledger/besu/issues/6344)
@ -31,8 +41,13 @@
 - Silence the noisy DNS query errors [#6458](https://github.com/hyperledger/besu/issues/6458)

 ### Download Links
-https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.1/besu-24.1.1.zip / sha256 TBA
-https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.1/besu-24.1.1.tar.gz / sha256 TBA
+https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.1/besu-24.1.1.zip / sha256 e23c5b790180756964a70dcdd575ee2ed2c2efa79af00bce956d23bd2f7dc67c
+https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.1/besu-24.1.1.tar.gz / sha256 4b0ddd5a25be2df5d2324bff935785eb63e4e3a5f421614ea690bacb5b9cb344
+
+### Errata
+Note, due to a CI race with the release job, the initial published version of 24.1.1 were overwritten by artifacts generated from the same sources, but differ in their embedded timestamps. The initial SHAs are noted here but are deprecated:
+~~https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.1/besu-24.1.1.zip / sha256 b6b64f939e0bb4937ce90fc647e0a7073ce3e359c10352b502059955070a60c6
+https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.1/besu-24.1.1.tar.gz / sha256 cfcae04c30769bf338b0740ac65870f9346d3469931bb46cdba3b2f65d311e7a~~


 ## 24.1.0
@ -48,6 +63,7 @@ https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.1/besu-24.1.1.t
 - Set Ethereum Classic mainnet activation block for Spiral network upgrade [#6267](https://github.com/hyperledger/besu/pull/6267)
 - Add custom genesis file name to config overview if specified [#6297](https://github.com/hyperledger/besu/pull/6297)
 - Update Gradle plugins and replace unmaintained License Gradle Plugin with the actively maintained Gradle License Report [#6275](https://github.com/hyperledger/besu/pull/6275)
+- Optimize RocksDB WAL files, allows for faster restart and a more linear disk space utilization [#6328](https://github.com/hyperledger/besu/pull/6328)

 ### Bug fixes
 - Hotfix for selfdestruct preimages on bonsai [#6359]((https://github.com/hyperledger/besu/pull/6359)
@ -55,8 +71,8 @@ https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.1/besu-24.1.1.t
 - mitigation for trielog failure [#6315]((https://github.com/hyperledger/besu/pull/6315)

 ### Download Links
-https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.0/besu-24.1.0.zip / sha256 TBA
-https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.0/besu-24.1.0.tar.gz / sha256 TBA
+https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.0/besu-24.1.0.zip / sha256 d36c8aeef70f0a516d4c26d3bc696c3e2a671e515c9e6e9475a31fe759e39f64
+https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/24.1.0/besu-24.1.0.tar.gz / sha256 602b04c0729a7b17361d1f0b39f4ce6a2ebe47932165add666560fe594d9ca99


 ## 23.10.3-hotfix
--- a/build.gradle
+++ b/build.gradle
@ -36,8 +36,9 @@ plugins {

 sonarqube {
  properties {
-    property "sonar.projectKey", "hyperledger_besu"
-    property "sonar.organization", "hyperledger"
+    property "sonar.projectKey", "$System.env.SONAR_PROJECT_KEY"
+    property "sonar.organization", "$System.env.SONAR_ORGANIZATION"
+    property "sonar.gradle.skipCompile", "true"
    property "sonar.host.url", "https://sonarcloud.io"
    property "sonar.coverage.jacoco.xmlReportPaths", "${buildDir}/reports/jacoco/jacocoRootReport/jacocoRootReport.xml"
    property "sonar.coverage.exclusions", "acceptance-tests/**/*"
@ -646,6 +647,8 @@ task autocomplete(type: JavaExec) {
  }
 }

+def archiveBuildVersion = project.hasProperty('release.releaseVersion') ? project.property('release.releaseVersion') : "${rootProject.version}"
+
 installDist { dependsOn checkLicense, untunedStartScripts, evmToolStartScripts }

 distTar {
@ -654,6 +657,7 @@ distTar {
    delete fileTree(dir: 'build/distributions', include: '*.tar.gz')
  }
  compression = Compression.GZIP
+  setVersion(archiveBuildVersion)
  archiveExtension = 'tar.gz'
 }

@ -662,6 +666,7 @@ distZip {
  doFirst {
    delete fileTree(dir: 'build/distributions', include: '*.zip')
  }
+  setVersion(archiveBuildVersion)
 }

 publishing {
@ -983,6 +988,12 @@ task checkSpdxHeader(type: CheckSpdxHeader) {
  ].join("|")
 }

+jacocoTestReport {
+  reports {
+    xml.enabled true
+  }
+}
+
 task jacocoRootReport(type: org.gradle.testing.jacoco.tasks.JacocoReport) {
  additionalSourceDirs.from files(subprojects.sourceSets.main.allSource.srcDirs)
  sourceDirectories.from files(subprojects.sourceSets.main.allSource.srcDirs)
--- a/ethereum/api/build.gradle
+++ b/ethereum/api/build.gradle
@ -168,3 +168,29 @@ tasks.register('generateTestBlockchain') {
  }
 }
 test.dependsOn(generateTestBlockchain)
+/*
+ Utility tasks used to separate out long running suites of tests so they can be parallelized in CI
+ */
+tasks.register("testBonsai", Test) {
+  useJUnitPlatform()
+  filter {
+    includeTestsMatching("org.hyperledger.besu.ethereum.api.jsonrpc.bonsai.*")
+  }
+  dependsOn(generateTestBlockchain)
+}
+
+tasks.register("testForest", Test) {
+  useJUnitPlatform()
+  filter {
+    includeTestsMatching("org.hyperledger.besu.ethereum.api.jsonrpc.forest.*")
+  }
+  dependsOn(generateTestBlockchain)
+}
+
+tasks.register("testRemainder", Test) {
+  useJUnitPlatform()
+  filter {
+    excludeTestsMatching("org.hyperledger.besu.ethereum.api.jsonrpc.bonsai.*")
+    excludeTestsMatching("org.hyperledger.besu.ethereum.api.jsonrpc.forest.*")
+  }
+}