Merge pull request #43 from Certora/remappings-again #712
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Gambit | |
| on: [push, pull_request] | |
| env: | |
| CARGO_TERM_COLOR: always | |
| RUST_BACKTRACE: full | |
| jobs: | |
| build-linux: | |
| runs-on: ubuntu-20.04 | |
| env: | |
| TAG: ${{ github.ref_name }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Check rust | |
| run: | | |
| rustup --version | |
| cargo --version | |
| rustc --version | |
| - name: Cache cargo bin | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cargo/bin | |
| key: ${{ runner.os }}-cargo-bin | |
| - name: Install solc for sanity checks | |
| run: | | |
| if [[ ! -f "/usr/bin/solc" ]] | |
| then | |
| wget -q https://github.com/ethereum/solidity/releases/download/v0.8.13/solc-static-linux | |
| mv solc-static-linux solc | |
| chmod +x solc | |
| sudo mv solc /usr/bin/solc | |
| fi | |
| - name: Build and Test | |
| run: make all_linux | |
| - name: Rename gambit binary | |
| if: startsWith(github.event.ref, 'refs/tags/v') # only on new tag creation | |
| run: mv ./target/x86_64-unknown-linux-gnu/release/gambit ./target/x86_64-unknown-linux-gnu/release/gambit-linux-$TAG | |
| - name: Upload artifact to action | |
| uses: actions/upload-artifact@v3 | |
| if: startsWith(github.event.ref, 'refs/tags/v') # only on new tag creation | |
| with: | |
| name: gambit-linux-${{ env.TAG }} | |
| path: ./target/x86_64-unknown-linux-gnu/release/gambit-linux-${{ env.TAG }} | |
| build-mac: | |
| runs-on: macos-latest | |
| env: | |
| TAG: ${{ github.ref_name }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Check rust | |
| run: | | |
| rustup --version | |
| cargo --version | |
| rustc --version | |
| - name: Cache cargo bin | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cargo/bin | |
| key: ${{ runner.os }}-cargo-bin | |
| - name: Install solc for sanity checks | |
| run: | | |
| if [[ ! -f "/usr/bin/solc" ]] | |
| then | |
| wget -q https://github.com/ethereum/solidity/releases/download/v0.8.13/solc-macos | |
| chmod +x solc-macos | |
| sudo mv solc-macos /usr/local/bin/solc | |
| fi | |
| - name: Build and Test | |
| run: | | |
| rustup target add x86_64-apple-darwin | |
| make all_macos | |
| - name: Darwin link as Universal | |
| run: lipo -create -output gambit-macos target/aarch64-apple-darwin/release/gambit target/x86_64-apple-darwin/release/gambit | |
| - name: Create keychain | |
| run: | | |
| printf ${{ secrets.APPLE_P12_BASE64 }} | base64 -d > dev.p12 | |
| security create-keychain -p "${{ secrets.APPLE_TEMPKEYCHAIN_PASSWORD }}" "${{ secrets.APPLE_TEMPKEYCHAIN_NAME }}" | |
| security list-keychains -d user -s "${{ secrets.APPLE_TEMPKEYCHAIN_NAME }}" $(security list-keychains -d user | tr -d '"') | |
| security set-keychain-settings "${{ secrets.APPLE_TEMPKEYCHAIN_NAME }}" | |
| security import dev.p12 -k "${{ secrets.APPLE_TEMPKEYCHAIN_NAME }}" -P "${{ secrets.APPLE_P12_PASSWORD }}" -T "/usr/bin/codesign" | |
| security set-key-partition-list -S apple-tool:,apple: -s -k "${{ secrets.APPLE_TEMPKEYCHAIN_PASSWORD }}" -D "${{ secrets.APPLE_CODESIGN_IDENTITY }}" -t private ${{ secrets.APPLE_TEMPKEYCHAIN_NAME }} | |
| security default-keychain -d user -s ${{ secrets.APPLE_TEMPKEYCHAIN_NAME }} | |
| security unlock-keychain -p ${{ secrets.APPLE_TEMPKEYCHAIN_PASSWORD }} ${{ secrets.APPLE_TEMPKEYCHAIN_NAME }} | |
| - name: Sign the binary | |
| run: | | |
| codesign -o runtime --timestamp -s "${{ secrets.APPLE_CODESIGN_IDENTITY }}" -v gambit-macos | |
| ditto -c -k gambit-macos gambit-macos.zip | |
| - name: Notarize | |
| run: | | |
| xcrun notarytool store-credentials --apple-id shelly@certora.com --password "${{ secrets.APPLE_CRED }}" --team-id "${{ secrets.APPLE_TEAMID }}" altool | |
| xcrun notarytool submit gambit-macos.zip --keychain-profile altool --wait | |
| - name: Rename gambit binary | |
| if: startsWith(github.event.ref, 'refs/tags/v') # only on new tag creation | |
| run: mv gambit-macos gambit-macos-$TAG | |
| - name: Upload artifact to action | |
| uses: actions/upload-artifact@v3 | |
| if: startsWith(github.event.ref, 'refs/tags/v') # only on new tag creation | |
| with: | |
| name: gambit-macos-${{ env.TAG }} | |
| path: gambit-macos-${{ env.TAG }} | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: [build-linux, build-mac] | |
| if: startsWith(github.event.ref, 'refs/tags/v') # only on new tag creation | |
| env: | |
| TAG: ${{ github.ref_name }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| - name: Create a release | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| ls -lR | |
| release_exist=$(gh release view $TAG 2>&1 || exit 0) | |
| if [ "$release_exist" = "release not found" ]; then | |
| gh release create $TAG gambit-linux-$TAG/gambit-linux-$TAG --title "Release $TAG" --generate-notes --latest | |
| gh release upload $TAG gambit-macos-$TAG/gambit-macos-$TAG | |
| else | |
| gh release upload $TAG gambit-linux-$TAG/gambit-linux-$TAG | |
| gh release upload $TAG gambit-macos-$TAG/gambit-macos-$TAG | |
| fi | |
| check-docs: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: PIP install | |
| run: pip install ansi | |
| - name: Check that RTD Docs are Up To Date | |
| run: python3 scripts/check_rtd_docs_up_to_date.py | |
| - name: Check Exit Code | |
| run: | | |
| if [[ $? -ne 0 ]]; then | |
| echo "Error: documentation is not synced" | |
| exit 1 | |
| fi | |