Does a checkout of the full commit history and checks the status
integrity of each subtree using the git-subtree-check.sh provided
in contrib/devtools. Default subtree remotes are defined in the
new file contrib/subtrees.json
This frees us from GitHub actions brownouts and early deprecation
by no longer using Microsoft-maintained images in favor of bare
images from Docker Hub. The latter keeps images available for a
longer time, regardless of whether or not Canonical directly
supports them.
Benefits:
- Decouples our release cycle from what Microsoft is willing to
spend support effort on.
- Reduces bloat in base images
Because the bare ubuntu images contain a lot less pre-installed
tooling, some changes in orchestration need to be made for this
to be successful, as well as some workarounds can be removed:
- All GitHub Actions base operating systems are set to
ubuntu-24.04, as all we use from this now is containerd.
- All docker images remain ubuntu:20.04 for now, as this is
needed for symbol compatibility (and for now, we use the same
version in Gitian builds)
- Until the base image used for GitHub Actions and the provided
containerd is providing sandboxed mounting on /proc, every
process that needs custom binfmts needs to be ran privileged.
Currently this means all windows builds need this.
see: https://lore.kernel.org/all/20211028103114.2849140-2-brauner@kernel.org/
- Staying on custom binfmts, the Microsoft-maintained image
contained mono runtimes and reduced compatibility with wine,
for which we had workarounds in place. These are no longer
needed and have been removed.
- For future troubleshooting, the currently installed binfmts
and the kernel version are verbosely displayed inside jobs
- Because GitHub Actions does not allow us to pass zero
arguments to container options, whenever there are none a
dummy environment value 1DOGE is set to 1DOGE.
- For macOS, the libbz2-dev library was missing from our system
dependencies, this was masked by it being installed by default
in the Microsoft-maintained image.
- Bare containers do not come configured with a timezone, so this
needed to be added to container initialization before any apt
calls are made.
- Because Microsoft runs the container under uid 1001, which does
not exist in the bare ubuntu:20.04 image, a special cleanup
step for the qa/cache needed to be made, or else the build
caches would fail to upload at the end of the CI run.
For 7019ead, a separate CI job was created because bionic's gcc-7
didn't have sha512 intrinsics support. Now that we've moved to a
focal build system, the experimental CI job for aarch64 can be ran
as a single job again.
Adds a lint job to the CI where we can do sanity analysis on
included files to help spot errors on non-cpp source files
that may cause problems during runtime.
This first job implements contrib/devtools/check-translations.py
that alerts the repository of errors in the translation files in
src/qt/locale. Errors in a translation file are otherwise only
becoming visible during runtime.
cause: msft/gha doesn't support the i386 winehq ppa, therefore we
have to use a workaround to download necessary i386 dependencies
for winehq-stable.
This adds winehq-focal.sources to and removes microsoft-prod.list
from the i686 build.
Implemented by the "add architecture" CI step into a script that
can now be customized per job.
Co-authored-by: Patrick Lodder <patricklodder@users.noreply.github.com>
This enables running of security checks for macOS and symbol
checks for windows and ARM linux targets with each CI run.
Symbol checks remain disabled for debug and experimental targets
because those aren't production binary releases.
macOS symbol checks need build system patches before it will
work as intended so these have to stay disabled at this point.
Integrates the lief-based scripts into the GH Actions CI. This
allows the CI to maintain consistent checks for an upcoming
upgrade to Ubuntu focal for CI and Gitian.
Because lief is not distributed as a wheel for glibc < 2.17, a
custom .whl file for Ubuntu Bionic is made available on
depends.dogecoincore.org to save up to an hour that would otherwise
be spent on compiling lief from source. For current focal-based
CI jobs, this is not needed because that provides glibc > 2.17.
Each CI job has received 2 extra steps that are mutually exclusive
to make sure that the correct version is installed. When there are
no longer any Ubuntu Bionic based bionic jobs, this can be deleted
in favor of a single command in the "install packages" step.
python3-pip and python3-setuptools are now installed by default
for all CI jobs, where before this was only used for jobs that ran
the full qa test suite.
-update install-deps.sh so it will clean up after itself and can be invoked from root directory.
-add python3-pip and python3-setuptools to ci matrix jobs that run qa and qa/README.md which are needed in order to install ltc-scrypt.
-update archive source to dogecoin/ltc-scrypt:v1.0.1.
-update qa/README.md to include sudo prior to apt-get install directive and add instructions to invoke install-deps.sh script from root directory.
After a bionic update on 2022/06/03, Github Actions images have a
mono-runtime installation that takes precedence over wine, which
we need for running the tests.
This removes mono-runtime from both win CI jobs if it exists, so
that it doesn't bother us anymore in any way thinkable. We do not
need mono there, as we do not .net
Although the issue only manifested on x86_64-w64-mingw32 builds,
this also removes it from the i686-w64-mingw32 build as a
precaution.
- Check SDK shasum to protect against supply-chain attacks
- Don't re-download the SDK archive when we have it in cache
- Purge the cache when the CI configuration changes
Updated cross build for ci environment
Updated experimental build to focal
Unified cross and native ARMv8.2 build options
Updated experimental build in ci
Sets the linux experimental build to bionic, to be in line with the
rest of the CI and not have any unexpected surprises when moving
features from experimental to release.
This was caused by the bionic downgrade for the CI crossing the
introduction of the experimental CI for AVX2.
Adds a nonce field to manually nuke the cache
Changing the CI workflow descriptor can invalidate dependencies
and ccache caches by introducing different compilers or base OS,
but as GH Actions does not let us update an existing cache, this
would cause every subsequent CI run to rebuild everything until
a nuke is triggered.
