forked from 0LNetworkCommunity/libra-legacy-v5
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[force-merge-from-v5] Patch network address SALT and get val_config_i…
…p_address pass
- Loading branch information
1 parent
31e1775
commit 1292f55
Showing
6,175 changed files
with
402,209 additions
and
257,179 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -4,5 +4,4 @@ | |
| target/ | ||
| !target/libra-node-builder/libra-node | ||
| **/*Dockerfile | ||
| .circleci/config.yml | ||
| docker/update_or_build.sh | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,18 +1,17 @@ | ||
| # Substribe to CI changes | ||
| # /.circleci/ @libra/libra-oss-admin-team | ||
| # /.github/ @libra/libra-oss-admin-team | ||
| /.github/ @diem/diem-oss-admin-team | ||
|
|
||
| # Subscribe to crypto crate changing PRs | ||
| # /crypto @kchalkias @huitseeker @valerini | ||
| /crypto @kchalkias @huitseeker @valerini | ||
|
|
||
| # Subscribe to potential JSON API changing PRs | ||
| # /json-rpc/json-rpc-spec.md @thefallentree @xli | ||
| # /json-rpc/types/ @thefallentree @xli | ||
| # /json-rpc/src/methods.rs @thefallentree @xli | ||
| # /client/ @thefallentree @xli | ||
| /json-rpc/json-rpc-spec.md @xli | ||
| /json-rpc/types/ @xli | ||
| /json-rpc/src/methods.rs @xli | ||
| /client/ @xli | ||
|
|
||
| # Subscribe to LCS format changes | ||
| # /testsuite/generate-format/tests/staged/libra.yaml @thefallentree @matbd @xli | ||
| /testsuite/generate-format/tests/staged/libra.yaml @matbd @xli | ||
|
|
||
| # Code freeze | ||
| * @libra/release-gatekeepers | ||
| # * @libra/release-gatekeepers |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,6 @@ | ||
| --- | ||
| name: "\U0001F41B Bug report" | ||
| about: Create a bug report to help improve Libra Core | ||
| about: Create a bug report to help improve Diem Core | ||
| title: "[Bug]" | ||
| labels: bug | ||
| assignees: '' | ||
|
|
@@ -10,7 +10,7 @@ assignees: '' | |
| # 🐛 Bug | ||
|
|
||
| <!-- A clear and concise description of what the bug is. | ||
| To report a security issue, please email security@libra.org. --> | ||
| To report a security issue, please email security@diem.com. --> | ||
|
|
||
| ## To reproduce | ||
|
|
||
|
|
@@ -32,7 +32,7 @@ To report a security issue, please email [email protected]. --> | |
| ## System information | ||
|
|
||
| **Please complete the following information:** | ||
| - <!-- Libra Version --> | ||
| - <!-- Diem Version --> | ||
| - <!-- Rust Version --> | ||
| - <!-- Computer OS --> | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| # github actions | ||
|
|
||
| These actions are custom for Libra Core workflows. | ||
| These actions are custom for Diem Core workflows. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| name: "CI Environment Setup" | ||
| description: | | ||
| Setup a common environment for CI jobs. | ||
| This should in general be a no-op as it should be run inside a docker container which already has all the components installed. | ||
| Importantly the installation script checks the versions of tools and will install newer versions if specified for most tools. | ||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - name: CPUInfo | ||
| shell: bash | ||
| run: | | ||
| if [[ "$(uname -s)" == "Linux" ]]; then | ||
| cat /proc/cpuinfo | grep "model name" | head -1 | ||
| cat /proc/cpuinfo | grep "cpu cores" | head -1 | ||
| fi | ||
| if [[ "$(uname -s)" == "Darwin" ]]; then | ||
| sysctl -n machdep.cpu.brand_string | ||
| sysctl -n hw.ncpu | ||
| fi | ||
| - name: MemInfo | ||
| shell: bash | ||
| run: | | ||
| if [[ "$(uname -s)" == "Linux" ]]; then | ||
| cat /proc/meminfo | grep MemTotal | ||
| fi | ||
| if [[ "$(uname -s)" == "Darwin" ]]; then | ||
| echo $(( $(sysctl hw.memsize | sed 's/hw.memsize: //') / 1073741824 )) gb | ||
| fi | ||
| - name: reconfigure container for gha runner | ||
| shell: bash | ||
| run: | | ||
| echo 'CARGO_HOME=/opt/cargo/' | tee -a $GITHUB_ENV | ||
| if [[ "$(uname -s)" == "Darwin" ]]; then | ||
| sudo dscl . append /Groups/wheel GroupMembership $USER | ||
| sudo mkdir -p /opt/cargo || true | ||
| sudo mkdir -p /opt/git || true | ||
| sudo chmod -R g+rw /opt/ | ||
| sudo chgrp -R wheel /opt/ | ||
| mv /Users/runner/work/diem/diem /opt/git/diem | ||
| ln -s /opt/git/diem /Users/runner/work/diem/diem | ||
| cd /opt/git/diem | ||
| fi | ||
| # prepare move lang prover tooling. | ||
| # By setting these values the dev-setup.sh script can detect already installed executables (and check versions). | ||
| echo 'Z3_EXE='${HOME}/bin/z3 | tee -a $GITHUB_ENV | ||
| echo 'CVC4_EXE='${HOME}/bin/cvc4 | tee -a $GITHUB_ENV | ||
| echo 'DOTNET_ROOT='${HOME}/.dotnet/ | tee -a $GITHUB_ENV | ||
| echo 'BOOGIE_EXE='${HOME}/.dotnet/tools/boogie | tee -a $GITHUB_ENV | ||
| echo 'MVP_TEST_ON_CI'='1' | tee -a $GITHUB_ENV | ||
| echo "$HOME/bin" | tee -a $GITHUB_PATH | ||
| echo "$HOME/.dotnet" | tee -a $GITHUB_PATH | ||
| echo "/opt/cargo/bin" | tee -a $GITHUB_PATH | ||
| echo '/usr/lib/golang/bin' | tee -a $GITHUB_PATH | ||
| - name: install common dependencies (should be ~ 10 seconds in a linux build, on mac it's a beast.) | ||
| shell: bash | ||
| run: scripts/dev_setup.sh -t -o -b -p -y -s | ||
| - id: rust-environment | ||
| shell: bash | ||
| run: | | ||
| echo 'RUST_BACKTRACE=1' | tee -a $GITHUB_ENV | ||
| echo 'DIEM_DUMP_LOGS=1' | tee -a $GITHUB_ENV | ||
| echo 'CARGO_INCREMENTAL=0' | tee -a $GITHUB_ENV |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| name: "CI Environment Teardown" | ||
| description: "Teardown the environment for CI jobs" | ||
|
|
||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - name: Check for changed and untracked files | ||
| run: ./scripts/changed-files.sh | ||
| shell: bash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| name: "Check CI Machine" | ||
| description: | | ||
| GHA hardware seems to vary so lets keep track. | ||
| inputs: | ||
| webhook-gha-hardware: | ||
| description: slack webhook url to send failed hardware messages. | ||
| required: true | ||
| min-cpu: | ||
| description: Minimum number of expected CPUs. | ||
| required: false | ||
| default: "16" | ||
| min-ram: | ||
| description: Minimum gig of ram expected. | ||
| required: false | ||
| default: "57" | ||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - name: CPUInfo | ||
| shell: bash | ||
| env: | ||
| WEBHOOK: ${{ inputs.webhook-gha-hardware }} | ||
| run: | | ||
| echo webhook-gha-hardware: ${WEBHOOK} | ||
| cat /proc/cpuinfo | grep "model name" | head -1 | tee -a /tmp/machine_info | ||
| cat /proc/cpuinfo | grep "cpu cores" | head -1 | tee -a /tmp/machine_info | ||
| nproc | tee -a /tmp/machine_info | ||
| nproc >> /tmp/cpu_count | ||
| - name: MemInfo | ||
| shell: bash | ||
| run: | | ||
| cat /proc/meminfo | grep MemTotal | tee -a /tmp/machine_info | ||
| cat /proc/meminfo | grep MemTotal | sed 's/[^0-9]*//g' >> /tmp/mem_count | ||
| - name: Disk Free | ||
| shell: bash | ||
| run: | | ||
| df -h | ||
| - name: Message Slack channel if Machines Vary From Norm. | ||
| shell: bash | ||
| env: | ||
| WEBHOOK: ${{ inputs.webhook-gha-hardware }} | ||
| run: | | ||
| set -x | ||
| # specify the expected machine. | ||
| cpu=$(cat /tmp/cpu_count) | ||
| mem=$(cat /tmp/mem_count) | ||
| mismatch=false | ||
| if [[ "$cpu" != "${{ inputs.min-cpu }}" ]]; then | ||
| mismatch=true | ||
| fi | ||
| if [[ "$mem" -lt "${{ inputs.min-ram }}000000" ]]; then | ||
| mismatch=true | ||
| fi | ||
| build_url="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" | ||
| echo BUILD_URL=$build_url | ||
| if [[ "$mismatch" == "true" ]]; then | ||
| if [[ -n "${WEBHOOK}" ]]; then | ||
| ./.github/actions/slack-file/message_file_to_slack.sh -w "${WEBHOOK}" -f /tmp/machine_info -u "${build_url}" | ||
| else | ||
| echo Chances are this is PR, and secrest are not available, not reporting machine. | ||
| fi | ||
| fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| name: "Verify Debian Docker Images Have SHAs" | ||
| description: "Verify Debian Docker Images Have SHAs" | ||
| inputs: | ||
| username: | ||
| description: "Dockerhub Username" | ||
| required: true | ||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - name: check debian images have sha tags. | ||
| shell: bash | ||
| run: | | ||
| # We are using debian for our base images. Get all debain tags in FROM lines, strip the "AS .*" part | ||
| ALL_DEBIAN_TAGS=$(grep --include=\*Dockerfile -r '.' -e 'FROM debian:' | sed 's/[ ]*[a|A][s|S] .*$//g') | ||
| while IFS= read -r line ; do | ||
| # if the line does not end in a git tag, echo the line and mark the build as bad. | ||
| if [[ ! $line =~ '@sha256:' ]]; then | ||
| echo "Give this docker image FROM line a sha256 in it's tag. Failing the build." | ||
| echo "$line"; | ||
| SHOULD_FAIL="true"; | ||
| else | ||
| echo checked "$line" | ||
| fi | ||
| done <<< "$ALL_DEBIAN_TAGS" | ||
| if [[ "$SHOULD_FAIL" == "true" ]]; then | ||
| exit 1 | ||
| fi | ||
| - name: Hadolint Docker Images. | ||
| shell: bash | ||
| run: | | ||
| hadolint docker/ci/github/Dockerfile && \ | ||
| hadolint docker/ci/arch/Dockerfile && \ | ||
| hadolint docker/ci/alpine/Dockerfile |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| name: "DockerHub Login" | ||
| description: "Login to Dockerhub and prepare signing key" | ||
| inputs: | ||
| username: | ||
| description: "Dockerhub Username" | ||
| required: true | ||
| password: | ||
| description: "Dockerhub Password" | ||
| required: true | ||
| key_material: | ||
| description: "base64 encoded key file contents" | ||
| required: false | ||
| key_name: | ||
| description: "The name of the base64 encoded key as generated by docker in .docker/trust/private/ folder" | ||
| required: false | ||
| key_password: | ||
| description: "The password for the base64 encoded key" | ||
| required: false | ||
| outputs: | ||
| dockerhub_logged_in: | ||
| description: Are we logged in to dockerhub, only true if u/p are provided | ||
| value: ${{ steps.login.outputs.dockerhub_logged_in }} | ||
| dockerhub_can_sign: | ||
| description: Is dockerhub image signing available, only true if all credentials are provided. | ||
| value: ${{ steps.login.outputs.dockerhub_can_sign }} | ||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - id: login | ||
| run: | | ||
| DOCKERHUB_LOGGED_IN=false | ||
| DOCKERHUB_CAN_SIGN=false | ||
| if [ -n "${DOCKERHUB_USERNAME}" ] && [ -n "${DOCKERHUB_PASSWORD}" ]; then | ||
| echo "$DOCKERHUB_PASSWORD" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin | ||
| DOCKERHUB_LOGGED_IN=true | ||
| if [ -n "${DOCKERHUB_KEY_MATERIAL}" ] && [ -n "${DOCKERHUB_KEY_NAME}" ] && [ -n "${DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE}" ]; then | ||
| mkdir -p ~/.docker/trust/private/ | ||
| echo ${DOCKERHUB_KEY_MATERIAL} | base64 -d > ~/.docker/trust/private/${DOCKERHUB_KEY_NAME}.key | ||
| chmod 600 ~/.docker/trust/private/${DOCKERHUB_KEY_NAME}.key | ||
| docker trust key load ~/.docker/trust/private/${DOCKERHUB_KEY_NAME}.key --name "$DOCKERHUB_USERNAME" | ||
| echo Docker hub is logged in, and signing is available. | ||
| DOCKERHUB_CAN_SIGN=true | ||
| else | ||
| echo Docker hub is logged in, no signing key is available. | ||
| fi | ||
| else | ||
| echo Since no dockerhub credentials were provided, not logging in to dockerhub and no key signing is available. | ||
| fi | ||
| echo "DOCKERHUB_LOGGED_IN=${DOCKERHUB_LOGGED_IN}" >> $GITHUB_ENV | ||
| echo "DOCKERHUB_CAN_SIGN=${DOCKERHUB_CAN_SIGN}" >> $GITHUB_ENV | ||
| echo "::set-output name=dockerhub_logged_in::$(echo $DOCKERHUB_LOGGED_IN)" | ||
| echo "::set-output name=dockerhub_can_sign::$(echo $DOCKERHUB_CAN_SIGN)" | ||
| shell: bash | ||
| env: | ||
| DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ inputs.key_password }} | ||
| DOCKERHUB_USERNAME: ${{ inputs.username }} | ||
| DOCKERHUB_PASSWORD: ${{ inputs.password }} | ||
| DOCKERHUB_KEY_MATERIAL: ${{ inputs.key_material }} | ||
| DOCKERHUB_KEY_NAME: ${{ inputs.key_name }} |
Oops, something went wrong.