From 2d6df1a5c892dc15bc4ea7386ab246589ffbe372 Mon Sep 17 00:00:00 2001 From: Shane Bammel Date: Wed, 13 Mar 2024 23:36:48 -0500 Subject: [PATCH] Add build automation - Produces linux binaries for both amd64 & arm64. - Publishes multi-arch docker images supporting both amd64 & arm64. - Automates gitlab releases. --- .gitlab-ci.yml | 129 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 129 insertions(+) create mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 000000000..84625fbf8 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,129 @@ +stages: + - build + - release + +variables: + BUILDER_REPO: $CI_REGISTRY_IMAGE/prysm-builder + BEACON_REPO: $CI_REGISTRY_IMAGE/beacon-chain + VALIDATOR_REPO: $CI_REGISTRY_IMAGE/validator + PRYSMCTL_REPO: $CI_REGISTRY_IMAGE/prysmctl + DOCKER_IMAGE_TAG: $CI_COMMIT_REF_NAME + +default: + # for simplicity this is configured to always use the latest image + # snapshots of the builder are taken on every release + image: $BUILDER_REPO + +compile binaries: + stage: build + rules: + # manual only for non-tagged commits, auto for tags + - if: $CI_COMMIT_TAG == null + when: manual + - if: $CI_COMMIT_TAG != null + before_script: + # writing COMPILE_JOB_ID var to environment file, passed as artifact to downstream jobs + # see: https://docs.gitlab.com/ee/ci/variables/#pass-an-environment-variable-to-another-job + - echo COMPILE_JOB_ID=$CI_JOB_ID >> build.env + script: + - mkdir -p _build/linux/ + # AMD64 + - bazel build --config=release --platforms=@io_bazel_rules_go//go/toolchain:linux_amd64_cgo //cmd/beacon-chain + - bazel build --config=release --platforms=@io_bazel_rules_go//go/toolchain:linux_amd64_cgo //cmd/validator + - bazel build --config=release --platforms=@io_bazel_rules_go//go/toolchain:linux_amd64_cgo //cmd/prysmctl + - cp bazel-bin/cmd/beacon-chain/beacon-chain_/beacon-chain _build/linux/beacon-chain-amd64 + - cp bazel-bin/cmd/validator/validator_/validator _build/linux/validator-amd64 + - cp bazel-bin/cmd/prysmctl/prysmctl_/prysmctl _build/linux/prysmctl-amd64 + # ARM64 + - bazel build --config=release --platforms=@io_bazel_rules_go//go/toolchain:linux_arm64_cgo //cmd/beacon-chain + - bazel build --config=release --platforms=@io_bazel_rules_go//go/toolchain:linux_arm64_cgo //cmd/validator + - bazel build --config=release --platforms=@io_bazel_rules_go//go/toolchain:linux_arm64_cgo //cmd/prysmctl + - cp bazel-bin/cmd/beacon-chain/beacon-chain_/beacon-chain _build/linux/beacon-chain-arm64 + - cp bazel-bin/cmd/validator/validator_/validator _build/linux/validator-arm64 + - cp bazel-bin/cmd/prysmctl/prysmctl_/prysmctl _build/linux/prysmctl-arm64 + artifacts: + paths: + - _build/ + reports: + # pass the generated env to downstream jobs + dotenv: build.env + +docker build: + stage: build + rules: + # manual only for non-tagged commits, auto for tags + - if: $CI_COMMIT_TAG == null + when: manual + - if: $CI_COMMIT_TAG != null + before_script: + - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY + script: + - git config --global --add safe.directory $(pwd) + - bazel run --config=release //cmd/beacon-chain:push_images -- --tag=$DOCKER_IMAGE_TAG --repository=$BEACON_REPO + - bazel run --config=release //cmd/validator:push_images -- --tag=$DOCKER_IMAGE_TAG --repository=$VALIDATOR_REPO + - bazel run --config=release //cmd/prysmctl:push_images -- --tag=$DOCKER_IMAGE_TAG --repository=$PRYSMCTL_REPO + - docker manifest inspect "$BEACON_REPO:$DOCKER_IMAGE_TAG" + - docker manifest inspect "$VALIDATOR_REPO:$DOCKER_IMAGE_TAG" + - docker manifest inspect "$PRYSMCTL_REPO:$DOCKER_IMAGE_TAG" + +release: + stage: release + image: registry.gitlab.com/gitlab-org/release-cli:latest + script: + - echo "Releasing with artifacts from job $CI_PROJECT_URL/-/jobs/$COMPILE_JOB_ID" + rules: + - if: $CI_COMMIT_TAG != null + when: manual + variables: + ARTIFACT_URL: "$CI_PROJECT_URL/-/jobs/$COMPILE_JOB_ID/artifacts/raw" + release: + name: "$CI_COMMIT_TAG" + description: | + **Docker Images** + - beacon-chain multi-arch (amd64/arm64): \`$BEACON_REPO:$DOCKER_IMAGE_TAG\` + - validator multi-arch (amd64/arm64): \`$VALIDATOR_REPO:$DOCKER_IMAGE_TAG\` + - prysmctl multi-arch (amd64/arm64): \`$PRYSMCTL_REPO:$DOCKER_IMAGE_TAG\` + + ## Release Notes + _Release created by pipeline (pending release notes)._ + tag_name: "$CI_COMMIT_TAG" + assets: + links: + # Note: these display in reverse order on the release + - name: "Prysmctl: Linux ARM64 Executable" + link_type: package + url: "$ARTIFACT_URL/_build/linux/prysmctl-arm64" + - name: "Validator: Linux ARM64 Executable" + link_type: package + url: "$ARTIFACT_URL/_build/linux/validator-arm64" + - name: "Beacon Chain: Linux ARM64 Executable" + link_type: package + url: "$ARTIFACT_URL/_build/linux/beacon-chain-arm64" + - name: "Prysmctl: Linux Intel/AMD64 Executable" + link_type: package + url: "$ARTIFACT_URL/_build/linux/prysmctl-amd64" + - name: "Validator: Linux Intel/AMD64 Executable" + link_type: package + url: "$ARTIFACT_URL/_build/linux/validator-amd64" + - name: "Beacon Chain: Linux Intel/AMD64 Executable" + link_type: package + url: "$ARTIFACT_URL/_build/linux/beacon-chain-amd64" + +docker tag latest: + stage: release + image: docker:25-cli + rules: + - if: $CI_COMMIT_TAG != null + # run automatically, but only if a release has been created + needs: + - release + services: + - docker:25-dind + before_script: + - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY + script: + - docker buildx imagetools create -t "$BEACON_REPO:latest" "$BEACON_REPO:$DOCKER_IMAGE_TAG" + - docker buildx imagetools create -t "$VALIDATOR_REPO:latest" "$VALIDATOR_REPO:$DOCKER_IMAGE_TAG" + - docker buildx imagetools create -t "$PRYSMCTL_REPO:latest" "$PRYSMCTL_REPO:$DOCKER_IMAGE_TAG" + # take a snapshot of the working builder image for building legacy versions in the future + - docker buildx imagetools create -t "$BUILDER_REPO:$DOCKER_IMAGE_TAG" "$BUILDER_REPO"