mirror of https://github.com/hyperledger/besu
An enterprise-grade Java-based, Apache 2.0 licensed Ethereum client https://wiki.hyperledger.org/display/besu
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
419 lines
11 KiB
419 lines
11 KiB
---
|
|
version: 2.1
|
|
orbs:
|
|
win: circleci/windows@2.2.0
|
|
|
|
executors:
|
|
besu_executor_small:
|
|
docker:
|
|
- image: cimg/openjdk:11.0
|
|
resource_class: small
|
|
working_directory: ~/project
|
|
environment:
|
|
GRADLE_OPTS: -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true -Dorg.gradle.workers.max=2
|
|
|
|
besu_executor_med: # 2cpu, 4G ram
|
|
docker:
|
|
- image: cimg/openjdk:11.0
|
|
resource_class: medium
|
|
working_directory: ~/project
|
|
environment:
|
|
GRADLE_OPTS: -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true -Dorg.gradle.workers.max=2
|
|
|
|
besu_executor_xl: # 8cpu, 16G ram
|
|
docker:
|
|
- image: cimg/openjdk:11.0
|
|
resource_class: xlarge
|
|
working_directory: ~/project
|
|
environment:
|
|
GRADLE_OPTS: -Dorg.gradle.daemon=false -Dorg.gradle.parallel=true -Dorg.gradle.workers.max=4
|
|
|
|
quorum_ats_executor_xl:
|
|
docker:
|
|
- image: cimg/openjdk:11.0
|
|
resource_class: xlarge
|
|
working_directory: ~/project
|
|
environment:
|
|
GRADLE_OPTS: -Dorg.gradle.daemon=false
|
|
|
|
xl_machine_executor:
|
|
machine:
|
|
image: ubuntu-2004:202101-01
|
|
resource_class: xlarge
|
|
|
|
trivy_executor:
|
|
docker:
|
|
- image: docker:stable-git
|
|
resource_class: small
|
|
working_directory: ~/project
|
|
|
|
notify:
|
|
webhooks:
|
|
- url: $HUBOT_URL
|
|
|
|
commands:
|
|
prepare:
|
|
description: "Prepare"
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Install Packages - LibSodium, nssdb
|
|
command: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y libsodium23 libsodium-dev apt-transport-https haveged libnss3-tools
|
|
sudo service haveged restart
|
|
- restore_gradle_cache
|
|
restore_gradle_cache:
|
|
description: "Restore Gradle cache"
|
|
steps:
|
|
- restore_cache:
|
|
name: Restore cached gradle dependencies
|
|
keys:
|
|
- deps-{{ checksum "gradle/versions.gradle" }}-{{ .Branch }}-{{ .Revision }}
|
|
- deps-{{ checksum "gradle/versions.gradle" }}
|
|
- deps-
|
|
|
|
capture_test_results:
|
|
description: "Capture test results"
|
|
steps:
|
|
- run:
|
|
name: Jacoco
|
|
command: |
|
|
./gradlew --no-daemon jacocoTestReport
|
|
- run:
|
|
name: Gather test results
|
|
when: always
|
|
command: |
|
|
FILES=`find . -name test-results`
|
|
for FILE in $FILES
|
|
do
|
|
MODULE=`echo "$FILE" | sed -e 's@./\(.*\)/build/test-results@\1@'`
|
|
TARGET="build/test-results/$MODULE"
|
|
mkdir -p "$TARGET"
|
|
cp -rf ${FILE}/*/* "$TARGET"
|
|
done
|
|
- store_test_results:
|
|
path: build/test-results
|
|
- store_artifacts:
|
|
path: besu/build/reports/jacoco
|
|
|
|
capture_test_logs:
|
|
description: "Capture test logs"
|
|
steps:
|
|
- store_artifacts:
|
|
path: acceptance-tests/tests/build/acceptanceTestLogs
|
|
destination: acceptance-tests-logs
|
|
- store_artifacts:
|
|
path: acceptance-tests/tests/build/jvmErrorLogs
|
|
|
|
jobs:
|
|
assemble:
|
|
executor: besu_executor_xl
|
|
steps:
|
|
- prepare
|
|
- run:
|
|
name: Assemble
|
|
command: |
|
|
./gradlew --no-daemon clean compileJava compileTestJava assemble
|
|
- save_cache:
|
|
name: Caching gradle dependencies
|
|
key: deps-{{ checksum "gradle/versions.gradle" }}-{{ .Branch }}-{{ .Revision }}
|
|
paths:
|
|
- .gradle
|
|
- ~/.gradle
|
|
- persist_to_workspace:
|
|
root: ~/project
|
|
paths:
|
|
- ./
|
|
- store_artifacts:
|
|
name: Distribution artifacts
|
|
path: build/distributions
|
|
destination: distributions
|
|
when: always
|
|
|
|
dco:
|
|
executor: besu_executor_small
|
|
steps:
|
|
- checkout
|
|
- restore_gradle_cache
|
|
- run:
|
|
name: DCO check
|
|
command: |
|
|
./scripts/dco_check.sh
|
|
spotless:
|
|
executor: besu_executor_small
|
|
steps:
|
|
- checkout
|
|
- restore_gradle_cache
|
|
- run:
|
|
name: Spotless
|
|
command: |
|
|
./gradlew --no-daemon --parallel clean spotlessCheck
|
|
testWindows:
|
|
executor: win/default
|
|
steps:
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- run:
|
|
name: Unzip Windows build
|
|
no_output_timeout: 20m
|
|
command: |
|
|
cd build/distributions
|
|
unzip besu-*.zip -d besu-tmp
|
|
cd besu-tmp
|
|
mv besu-* ../besu
|
|
- run:
|
|
name: Test Besu Windows executable
|
|
no_output_timeout: 10m
|
|
command: |
|
|
build\distributions\besu\bin\besu.bat --help
|
|
build\distributions\besu\bin\besu.bat --version
|
|
|
|
dockerScan:
|
|
executor: trivy_executor
|
|
steps:
|
|
- checkout
|
|
- restore_gradle_cache
|
|
- setup_remote_docker:
|
|
docker_layer_caching: true
|
|
- run:
|
|
name: Install trivy
|
|
command: |
|
|
apk add --update-cache --upgrade curl bash
|
|
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin
|
|
- run:
|
|
name: Scan with trivy
|
|
shell: /bin/sh
|
|
command: |
|
|
for FILE in $(ls docker)
|
|
do
|
|
if [[ $FILE == "test.sh" || $FILE == "tests" ]]; then
|
|
continue
|
|
fi
|
|
docker pull -q "hyperledger/besu:develop-$FILE"
|
|
trivy -q image --exit-code 1 --no-progress --severity HIGH,CRITICAL "hyperledger/besu:develop-$FILE"
|
|
done
|
|
|
|
unitTests:
|
|
executor: besu_executor_xl
|
|
steps:
|
|
- prepare
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- run:
|
|
name: Build
|
|
no_output_timeout: 20m
|
|
command: |
|
|
./gradlew --no-daemon build
|
|
- capture_test_results
|
|
- run:
|
|
name: SonarQube
|
|
no_output_timeout: 30m
|
|
command: ./gradlew --no-daemon jacocoRootReport sonarqube -Dsonar.login=$SONAR_TOKEN
|
|
|
|
integrationTests:
|
|
executor: xl_machine_executor
|
|
steps:
|
|
- prepare
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- run:
|
|
name: IntegrationTests
|
|
command: |
|
|
./gradlew --no-daemon integrationTest
|
|
- run:
|
|
name: Javadoc
|
|
command: |
|
|
./gradlew --no-daemon javadoc
|
|
- run:
|
|
name: CompileJmh
|
|
command: |
|
|
./gradlew --no-daemon compileJmh
|
|
- capture_test_results
|
|
|
|
referenceTests:
|
|
executor: besu_executor_xl
|
|
steps:
|
|
- prepare
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- run:
|
|
name: ReferenceTests
|
|
no_output_timeout: 30m
|
|
command: |
|
|
git submodule update --init --recursive
|
|
./gradlew --no-daemon referenceTest
|
|
- capture_test_results
|
|
|
|
acceptanceTests:
|
|
parallelism: 6
|
|
executor: xl_machine_executor
|
|
steps:
|
|
- prepare
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- run:
|
|
name: AcceptanceTests
|
|
no_output_timeout: 30m
|
|
command: |
|
|
CLASSNAMES=$(circleci tests glob "acceptance-tests/tests/src/test/java/**/*.java" \
|
|
| sed 's@.*/src/test/java/@@' \
|
|
| sed 's@/@.@g' \
|
|
| sed 's/.\{5\}$//' \
|
|
| circleci tests split --split-by=timings --timings-type=classname)
|
|
# Format the arguments to "./gradlew test"
|
|
GRADLE_ARGS=$(echo $CLASSNAMES | awk '{for (i=1; i<=NF; i++) print "--tests",$i}')
|
|
./gradlew --no-daemon acceptanceTest $GRADLE_ARGS
|
|
- capture_test_results
|
|
- capture_test_logs
|
|
|
|
acceptanceTestsQuorum:
|
|
parallelism: 1
|
|
executor: quorum_ats_executor_xl
|
|
steps:
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- setup_remote_docker
|
|
- run:
|
|
name: Quorum Acceptance Tests
|
|
no_output_timeout: 30m
|
|
command: ./gradlew --no-daemon acceptanceTestsQuorum
|
|
- store_artifacts:
|
|
path: build/quorum-at
|
|
destination: quorum-at-artifacts
|
|
- store_test_results:
|
|
path: build/quorum-at/openjdk-latest/reports/xml-report
|
|
|
|
buildDocker:
|
|
executor: besu_executor_med
|
|
steps:
|
|
- prepare
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- setup_remote_docker
|
|
- run:
|
|
name: hadoLint_openjdk_11
|
|
command: |
|
|
docker run --rm -i hadolint/hadolint < docker/openjdk-11/Dockerfile
|
|
- run:
|
|
name: hadoLint_openjdk_11_debug
|
|
command: |
|
|
docker run --rm -i hadolint/hadolint < docker/openjdk-11-debug/Dockerfile
|
|
- run:
|
|
name: hadoLint_openjdk_latest
|
|
command: |
|
|
docker run --rm -i hadolint/hadolint < docker/openjdk-latest/Dockerfile
|
|
- run:
|
|
name: hadoLint_graalvm
|
|
command: |
|
|
docker run --rm -i hadolint/hadolint < docker/graalvm/Dockerfile
|
|
- run:
|
|
name: build image
|
|
command: |
|
|
./gradlew --no-daemon distDocker
|
|
- run:
|
|
name: test image
|
|
command: |
|
|
mkdir -p docker/reports
|
|
curl -L https://github.com/aelsabbahy/goss/releases/download/v0.3.9/goss-linux-amd64 -o ./docker/tests/goss-linux-amd64
|
|
./gradlew --no-daemon testDocker
|
|
|
|
publish:
|
|
executor: besu_executor_med
|
|
steps:
|
|
- prepare
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- run:
|
|
name: Publish
|
|
command: |
|
|
./gradlew --no-daemon artifactoryPublish
|
|
|
|
publishDocker:
|
|
executor: besu_executor_med
|
|
steps:
|
|
- prepare
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- setup_remote_docker
|
|
- run:
|
|
name: Publish Docker
|
|
command: |
|
|
docker login --username "${DOCKER_USER_RW}" --password "${DOCKER_PASSWORD_RW}"
|
|
# temporarily commented out because AWS credentials are broken
|
|
# docker login "${ACR_REPO}" --username "${ACR_USER_RW}" --password "${ACR_PASSWORD_RW}"
|
|
./gradlew --no-daemon "-Pbranch=${CIRCLE_BRANCH}" dockerUpload
|
|
|
|
workflows:
|
|
version: 2
|
|
default:
|
|
jobs:
|
|
- dco
|
|
- spotless
|
|
- assemble:
|
|
requires:
|
|
- dco
|
|
- spotless
|
|
- unitTests:
|
|
context: SonarCloud
|
|
requires:
|
|
- assemble
|
|
- testWindows:
|
|
requires:
|
|
- assemble
|
|
- referenceTests:
|
|
requires:
|
|
- assemble
|
|
- integrationTests:
|
|
requires:
|
|
- assemble
|
|
- acceptanceTests:
|
|
requires:
|
|
- assemble
|
|
- buildDocker:
|
|
requires:
|
|
- assemble
|
|
- publish:
|
|
filters:
|
|
branches:
|
|
only:
|
|
- main
|
|
- /^release-.*/
|
|
requires:
|
|
- assemble
|
|
- integrationTests
|
|
- unitTests
|
|
- acceptanceTests
|
|
- referenceTests
|
|
- buildDocker
|
|
- publishDocker:
|
|
filters:
|
|
branches:
|
|
only:
|
|
- main
|
|
- /^release-.*/
|
|
requires:
|
|
- assemble
|
|
- integrationTests
|
|
- unitTests
|
|
- acceptanceTests
|
|
- referenceTests
|
|
- buildDocker
|
|
context:
|
|
- besu-dockerhub-ro
|
|
- besu-dockerhub-rw
|
|
- besu-acr-rw
|
|
nightly:
|
|
triggers:
|
|
- schedule:
|
|
cron: "0 19 * * *"
|
|
filters:
|
|
branches:
|
|
only:
|
|
- main
|
|
jobs:
|
|
- assemble
|
|
- acceptanceTestsQuorum:
|
|
requires:
|
|
- assemble
|
|
- dockerScan
|
|
|