From 13440af7101794f6e250224f12f95d7873823f8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:26:29 +0000 Subject: [PATCH 01/22] =?UTF-8?q?[Feature]=20integrate=20Docker=20image=20?= =?UTF-8?q?build=20on=20release=20publication=20=F0=9F=90=B3=20-=20Add=20a?= =?UTF-8?q?=20.dockerignore=20file=20to=20exclude=20irrelevant=20files=20d?= =?UTF-8?q?uring=20the=20Docker=20image=20build.=20-=20Rename=20the=20GitH?= =?UTF-8?q?ub=20workflow=20file=20to=20clarify=20its=20role:=20'build.yml'?= =?UTF-8?q?=20->=20'cargo-build.yml'.=20-=20Add=20a=20new=20GitHub=20workf?= =?UTF-8?q?low=20for=20Docker=20image=20build:=20'docker-build.yml'.=20-?= =?UTF-8?q?=20Create=20a=20Dockerfile=20to=20define=20the=20Docker=20image?= =?UTF-8?q?=20build=20instructions.=20-=20Add=20an=20entrypoint.sh=20scrip?= =?UTF-8?q?t=20to=20initialize=20the=20environment=20when=20the=20Docker?= =?UTF-8?q?=20container=20starts.=20-=20Update=20README.md=20to=20include?= =?UTF-8?q?=20information=20about=20Docker=20usage.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These changes automate the creation of Docker images on each new release, making the deployment and usage of ORE easier. --- .dockerignore | 18 ++++ .../workflows/{build.yml => cargo-build.yml} | 0 .github/workflows/docker-build.yml | 83 +++++++++++++++++++ Dockerfile | 24 ++++++ README.md | 31 +++++++ entrypoint.sh | 30 +++++++ 6 files changed, 186 insertions(+) create mode 100644 .dockerignore rename .github/workflows/{build.yml => cargo-build.yml} (100%) create mode 100644 .github/workflows/docker-build.yml create mode 100644 Dockerfile create mode 100644 entrypoint.sh diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..0011a492 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,18 @@ +target/ +dist/ +build/ +.git/ +.github/ +.gitignore +*.rs.bk +*.log +*.tmp +*.bak +*.swp +output.log +docs/ +tests/ +.env +docker-compose.yml +README.md +Dockerfile \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/cargo-build.yml similarity index 100% rename from .github/workflows/build.yml rename to .github/workflows/cargo-build.yml diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 00000000..a9642da9 --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,83 @@ +name: Docker CI + +on: + release: + types: [published] + paths-ignore: + - 'README.md' + - '.gitignore' + +env: + REGISTRY: ghcr.io + +jobs: + version: + runs-on: ubuntu-latest + outputs: + version: ${{ steps.version.outputs.version }} + image_name: ${{ steps.image_name.outputs.image_name }} + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - id: version + run: | + VERSION=$(cargo metadata --no-deps --quiet --color never | jq -r '.packages[].version') + VERSION_LOWER=$(echo "$VERSION" | tr '[:upper:]' '[:lower:]') + echo "version=${VERSION_LOWER}" >> "$GITHUB_OUTPUT" + + - id: image_name + run: | + IMAGE_NAME=$(echo "${{ github.repository_owner }}/ore" | tr '[:upper:]' '[:lower:]') + echo "image_name=${IMAGE_NAME}" >> "$GITHUB_OUTPUT" + + build: + needs: version + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + id-token: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Install cosign + uses: sigstore/cosign-installer@v3.5.0 + with: + cosign-release: 'v2.2.4' + + - name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ needs.version.outputs.image_name }} + tags: | + type=raw,value=${{ needs.version.outputs.version }} + type=raw,value=latest + type=sha + + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + platforms: linux/amd64,linux/arm64 + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..ba1910de --- /dev/null +++ b/Dockerfile @@ -0,0 +1,24 @@ +FROM rust:alpine AS builder + +RUN apk add --no-cache musl-dev + +WORKDIR /usr/src/ore-cli + +COPY . . + +RUN cargo build --release + +FROM alpine:latest + +RUN addgroup -S ore && adduser -S -G ore -h /ore ore && \ + apk update && apk upgrade libcrypto3 libssl3 && apk add --no-cache libgcc libstdc++ && \ + mkdir -p /ore/.config/solana && chown -R ore:ore /ore/.config + +WORKDIR /usr/local/bin + +COPY --from=builder --chown=ore:ore --chmod=500 /usr/src/ore-cli/target/release/ore /usr/local/bin/ore +COPY --chown=ore:ore --chmod=100 entrypoint.sh /usr/local/bin/entrypoint.sh + +USER ore + +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] \ No newline at end of file diff --git a/README.md b/README.md index 73c28b59..13c2f18d 100644 --- a/README.md +++ b/README.md @@ -25,3 +25,34 @@ You can use the `-h` flag on any command to pull up a help menu with documentati ```sh ore -h ``` + +## Running the Docker Image + +To run the Docker image with your wallet mapped in read-only mode, use the following command: + +```sh +docker run \ + -e RPC_URL=mainnet \ + -e BUFFER_TIME=5 \ + -e THREAD_COUNT=4 \ + -v /local/path/to/id.json:/ore/.config/solana/id.json:ro \ + ghcr.io/klementxv/ore:latest +``` + +### Environment Variables + +- `RPC_URL`: Select the RPC URL to use. Options: `mainnet`, `devnet`, `testnet`, or a custom URL. Default is `devnet`. +- `BUFFER_TIME`: Set the buffer time (in seconds). +- `THREAD_COUNT`: Set the number of threads to use. + +### Wallet Mapping + +Ensure that you map your local wallet file `id.json` to the path `/ore/.config/solana/id.json` in the container in read-only mode (RO) so that `ore-cli` can securely access your Solana wallet. + +Example: + +```sh +docker run \ + -v /home/user/.config/solana/id.json:/ore/.config/solana/id.json:ro \ + ghcr.io/klementxv/ore:latest +``` \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 00000000..447e37e4 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +MAINNET_URL="https://api.mainnet-beta.solana.com" +DEVNET_URL="https://api.devnet.solana.com" + +case "$RPC_URL" in + mainnet) + RPC_URL="$MAINNET_URL" + ;; + devnet|""|unset) + RPC_URL="$DEVNET_URL" + ;; + *) + echo "Using custom RPC_URL: $RPC_URL" + ;; +esac + +: "${RPC_URL:=$DEVNET_URL}" + +cmd="./ore --rpc \"$RPC_URL\" mine" + +if [ -n "$BUFFER_TIME" ]; then + cmd="$cmd --buffer-time \"$BUFFER_TIME\"" +fi + +if [ -n "$THREAD_COUNT" ]; then + cmd="$cmd --threads \"$THREAD_COUNT\"" +fi + +sh -c "$cmd" \ No newline at end of file From 8655c66dbb458f85427df43c435f8aab481c8ba9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Wed, 17 Jul 2024 15:32:43 +0000 Subject: [PATCH 02/22] fix: image repo --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 13c2f18d..617056ed 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ docker run \ -e BUFFER_TIME=5 \ -e THREAD_COUNT=4 \ -v /local/path/to/id.json:/ore/.config/solana/id.json:ro \ - ghcr.io/klementxv/ore:latest + ghcr.io/regolith-labs/ore:latest ``` ### Environment Variables @@ -53,6 +53,6 @@ Example: ```sh docker run \ - -v /home/user/.config/solana/id.json:/ore/.config/solana/id.json:ro \ - ghcr.io/klementxv/ore:latest + -v /home/$USER/.config/solana/id.json:/ore/.config/solana/id.json:ro \ + ghcr.io/regolith-labs/ore:latest ``` \ No newline at end of file From daffcd77dcaf3a7eaf8c7344b04a12e49d9a0b27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Fri, 19 Jul 2024 17:11:38 +0000 Subject: [PATCH 03/22] Fix: incorrect entrypoint permissions --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ba1910de..04a4ea9e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,7 @@ RUN addgroup -S ore && adduser -S -G ore -h /ore ore && \ WORKDIR /usr/local/bin COPY --from=builder --chown=ore:ore --chmod=500 /usr/src/ore-cli/target/release/ore /usr/local/bin/ore -COPY --chown=ore:ore --chmod=100 entrypoint.sh /usr/local/bin/entrypoint.sh +COPY --chown=ore:ore --chmod=500 entrypoint.sh /usr/local/bin/entrypoint.sh USER ore From 64daefb65adc7488ca682e7f94755a3d57a2162f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Sat, 20 Jul 2024 14:27:04 +0000 Subject: [PATCH 04/22] Remove testnet from the RPC_URL list --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 617056ed..44a61584 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ docker run \ ### Environment Variables -- `RPC_URL`: Select the RPC URL to use. Options: `mainnet`, `devnet`, `testnet`, or a custom URL. Default is `devnet`. +- `RPC_URL`: Select the RPC URL to use. Options: `mainnet`, `devnet`, or a custom URL. Default is `devnet`. - `BUFFER_TIME`: Set the buffer time (in seconds). - `THREAD_COUNT`: Set the number of threads to use. From 0d9f5551efcf68a705e1eaac420a05cd29db9d90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Mon, 29 Jul 2024 12:35:38 +0000 Subject: [PATCH 05/22] chore: Update ORE mining launcher script The ORE mining launcher script has been updated to include new features and improvements. This update includes: - Added support for specifying a custom RPC URL - Improved error handling and messaging - Fixed entrypoint permissions issue - Updated version to 1.0 Please review and merge the changes. --- entrypoint.sh | 119 +++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 99 insertions(+), 20 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 447e37e4..bb3a44d4 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,30 +1,109 @@ #!/bin/sh +############################################## +# # +# ORE Mining Launcher # +# # +# Configure RPC URL and launch ORE # +# Proof of Work mining on Solana network # +# with customizable parameters. # +# # +# Author: KlementXV # +# Date: 2024-07-29 # +# Version: 1.0 # +# # +############################################## MAINNET_URL="https://api.mainnet-beta.solana.com" DEVNET_URL="https://api.devnet.solana.com" +WALLET_PATH="/ore/.config/solana/id.json" +VERSION=$(grep '^version' Cargo.toml | awk -F' = ' '{print $2}' | tr -d '"') -case "$RPC_URL" in - mainnet) - RPC_URL="$MAINNET_URL" - ;; - devnet|""|unset) - RPC_URL="$DEVNET_URL" - ;; - *) - echo "Using custom RPC_URL: $RPC_URL" - ;; -esac +display_header() { + echo " +############################################## + _____ _____ _____ + | || __ || __| + | | || -|| __| + |_____||__|__||_____| -: "${RPC_URL:=$DEVNET_URL}" +############################################## +VERSION: $VERSION +RPC_URL: ${RPC_URL:-Not set, using DEVNET} +BUFFER_TIME: ${BUFFER_TIME:-Not set} +THREAD_COUNT: ${THREAD_COUNT:-Not set} +############################################## +" +} -cmd="./ore --rpc \"$RPC_URL\" mine" +check_wallet_file() { + if [ ! -f "$WALLET_PATH" ]; then + echo "Error: Wallet file not found at $WALLET_PATH" + echo "Please ensure the wallet file is present before running the miner." + exit 1 + fi +} -if [ -n "$BUFFER_TIME" ]; then - cmd="$cmd --buffer-time \"$BUFFER_TIME\"" -fi +check_ore_binary() { + if [ ! -x "$(command -v ore)" ]; then + echo "Error: ore binary not found or not executable" + exit 1 + fi +} -if [ -n "$THREAD_COUNT" ]; then - cmd="$cmd --threads \"$THREAD_COUNT\"" -fi +check_rpc_url() { + if ! echo "$RPC_URL" | grep -qE '^https?://'; then + echo "Error: Invalid RPC_URL: $RPC_URL" + exit 1 + fi +} -sh -c "$cmd" \ No newline at end of file +check_buffer_time() { + if [ -n "$BUFFER_TIME" ] && ! [[ "$BUFFER_TIME" =~ ^[0-9]+$ ]]; then + echo "Error: BUFFER_TIME must be a positive integer" + exit 1 + fi +} + +check_thread_count() { + if [ -n "$THREAD_COUNT" ] && ! [[ "$THREAD_COUNT" =~ ^[1-9][0-9]*$ ]]; then + echo "Error: THREAD_COUNT must be a positive integer" + exit 1 + fi +} + +set_rpc_url() { + case "$RPC_URL" in + mainnet) + RPC_URL="$MAINNET_URL" + ;; + devnet|""|unset) + RPC_URL="$DEVNET_URL" + ;; + *) + ;; + esac +} + +build_command() { + cmd="./ore --rpc \"$RPC_URL\" mine" + [ -n "$BUFFER_TIME" ] && cmd="$cmd --buffer-time \"$BUFFER_TIME\"" + [ -n "$THREAD_COUNT" ] && cmd="$cmd --threads \"$THREAD_COUNT\"" +} + +execute_command() { + sh -c "$cmd" + if [ $? -ne 0 ]; then + echo "Error: ore binary exited with non-zero status" + exit 1 + fi +} + +display_header +check_wallet_file +check_ore_binary +check_rpc_url +check_buffer_time +check_thread_count +set_rpc_url +build_command +execute_command From d840411bbf64181a4eb566aea5400aa3dc7cc615 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Mon, 29 Jul 2024 22:21:01 +0000 Subject: [PATCH 06/22] chore: Update ORE mining launcher script --- entrypoint.sh | 42 ++++++++++++++++++++++++------------------ 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index bb3a44d4..bb41597d 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -16,7 +16,25 @@ MAINNET_URL="https://api.mainnet-beta.solana.com" DEVNET_URL="https://api.devnet.solana.com" WALLET_PATH="/ore/.config/solana/id.json" -VERSION=$(grep '^version' Cargo.toml | awk -F' = ' '{print $2}' | tr -d '"') + +set_rpc_url() { + case "$RPC" in + mainnet) + RPC_URL="$MAINNET_URL" + ;; + devnet) + RPC_URL="$DEVNET_URL" + ;; + unset) + RPC_URL="$DEVNET_URL" + ;; + *) + if [ -z "$RPC_URL" ]; then + RPC_URL="$DEVNET_URL" + fi + ;; + esac +} display_header() { echo " @@ -27,7 +45,6 @@ display_header() { |_____||__|__||_____| ############################################## -VERSION: $VERSION RPC_URL: ${RPC_URL:-Not set, using DEVNET} BUFFER_TIME: ${BUFFER_TIME:-Not set} THREAD_COUNT: ${THREAD_COUNT:-Not set} @@ -51,7 +68,9 @@ check_ore_binary() { } check_rpc_url() { - if ! echo "$RPC_URL" | grep -qE '^https?://'; then + if [ -z "$RPC_URL" ]; then + RPC_URL="$DEVNET_URL" + elif ! echo "$RPC_URL" | grep -qE '^https?://'; then echo "Error: Invalid RPC_URL: $RPC_URL" exit 1 fi @@ -71,19 +90,6 @@ check_thread_count() { fi } -set_rpc_url() { - case "$RPC_URL" in - mainnet) - RPC_URL="$MAINNET_URL" - ;; - devnet|""|unset) - RPC_URL="$DEVNET_URL" - ;; - *) - ;; - esac -} - build_command() { cmd="./ore --rpc \"$RPC_URL\" mine" [ -n "$BUFFER_TIME" ] && cmd="$cmd --buffer-time \"$BUFFER_TIME\"" @@ -98,12 +104,12 @@ execute_command() { fi } +set_rpc_url display_header check_wallet_file check_ore_binary check_rpc_url check_buffer_time check_thread_count -set_rpc_url build_command -execute_command +execute_command \ No newline at end of file From 186b6475e67bea97c01ffcf99d2d26d0e3a6d9d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Tue, 30 Jul 2024 12:19:26 +0000 Subject: [PATCH 07/22] chore: update Dockerfile to include cargo update before building --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 04a4ea9e..90bbbfeb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ WORKDIR /usr/src/ore-cli COPY . . -RUN cargo build --release +RUN cargo update && cargo build --release FROM alpine:latest From f08500c236844d042a97298bba4dfc8487aad370 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Tue, 30 Jul 2024 12:26:46 +0000 Subject: [PATCH 08/22] chore: Update Dockerfile to include cargo update before building --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 04a4ea9e..90bbbfeb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ WORKDIR /usr/src/ore-cli COPY . . -RUN cargo build --release +RUN cargo update && cargo build --release FROM alpine:latest From a08515db4e2f7a582ab31132b0c2c6c6d8e0fcb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Tue, 30 Jul 2024 21:30:23 +0000 Subject: [PATCH 09/22] chore: update entrypoint script --- README.md | 6 ++-- entrypoint.sh | 93 +++++++++++---------------------------------------- 2 files changed, 23 insertions(+), 76 deletions(-) diff --git a/README.md b/README.md index 44a61584..24771bdc 100644 --- a/README.md +++ b/README.md @@ -41,13 +41,13 @@ docker run \ ### Environment Variables -- `RPC_URL`: Select the RPC URL to use. Options: `mainnet`, `devnet`, or a custom URL. Default is `devnet`. +- `RPC`: Select the RPC URL to use. Options: `mainnet`, `devnet`, or a custom URL. Default is `devnet`. - `BUFFER_TIME`: Set the buffer time (in seconds). -- `THREAD_COUNT`: Set the number of threads to use. +- `THREAD`: Set the number of threads to use. ### Wallet Mapping -Ensure that you map your local wallet file `id.json` to the path `/ore/.config/solana/id.json` in the container in read-only mode (RO) so that `ore-cli` can securely access your Solana wallet. +Ensure that you map your local wallet file `id.json` to the path `/ore/.config/solana/id.json` in the container so that `ore-cli` can securely access your Solana wallet. Example: diff --git a/entrypoint.sh b/entrypoint.sh index bb41597d..4d7eb71a 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,38 +1,17 @@ #!/bin/sh -############################################## -# # -# ORE Mining Launcher # -# # -# Configure RPC URL and launch ORE # -# Proof of Work mining on Solana network # -# with customizable parameters. # -# # -# Author: KlementXV # -# Date: 2024-07-29 # -# Version: 1.0 # -# # -############################################## MAINNET_URL="https://api.mainnet-beta.solana.com" DEVNET_URL="https://api.devnet.solana.com" WALLET_PATH="/ore/.config/solana/id.json" +RED='\033[0;31m' +NC='\033[0m' + set_rpc_url() { case "$RPC" in - mainnet) - RPC_URL="$MAINNET_URL" - ;; - devnet) - RPC_URL="$DEVNET_URL" - ;; - unset) - RPC_URL="$DEVNET_URL" - ;; - *) - if [ -z "$RPC_URL" ]; then - RPC_URL="$DEVNET_URL" - fi - ;; + mainnet) RPC_URL="$MAINNET_URL" ;; + devnet | "") RPC_URL="$DEVNET_URL" ;; + *) RPC_URL="$RPC" ;; esac } @@ -45,71 +24,39 @@ display_header() { |_____||__|__||_____| ############################################## -RPC_URL: ${RPC_URL:-Not set, using DEVNET} -BUFFER_TIME: ${BUFFER_TIME:-Not set} -THREAD_COUNT: ${THREAD_COUNT:-Not set} +RPC URL: ${RPC_URL} +BUFFER TIME: ${BUFFER_TIME:-Not set} +THREAD COUNT: ${THREAD:-Not set} ############################################## " } -check_wallet_file() { - if [ ! -f "$WALLET_PATH" ]; then - echo "Error: Wallet file not found at $WALLET_PATH" - echo "Please ensure the wallet file is present before running the miner." - exit 1 - fi -} - -check_ore_binary() { - if [ ! -x "$(command -v ore)" ]; then - echo "Error: ore binary not found or not executable" - exit 1 - fi -} - -check_rpc_url() { - if [ -z "$RPC_URL" ]; then - RPC_URL="$DEVNET_URL" - elif ! echo "$RPC_URL" | grep -qE '^https?://'; then - echo "Error: Invalid RPC_URL: $RPC_URL" - exit 1 - fi -} - -check_buffer_time() { - if [ -n "$BUFFER_TIME" ] && ! [[ "$BUFFER_TIME" =~ ^[0-9]+$ ]]; then - echo "Error: BUFFER_TIME must be a positive integer" - exit 1 - fi -} - -check_thread_count() { - if [ -n "$THREAD_COUNT" ] && ! [[ "$THREAD_COUNT" =~ ^[1-9][0-9]*$ ]]; then - echo "Error: THREAD_COUNT must be a positive integer" - exit 1 - fi +validate_params() { + [ ! -f "$WALLET_PATH" ] && echo -e "${RED}Error: Wallet file not found at $WALLET_PATH${NC}" && exit 1 + [ ! -x "$(command -v ore)" ] && echo -e "${RED}Error: ore binary not found or not executable${NC}" && exit 1 + [ -z "$RPC_URL" ] && RPC_URL="$DEVNET_URL" + ! echo "$RPC_URL" | grep -qE '^https?://' && echo -e "${RED}Error: Invalid RPC_URL: $RPC_URL${NC}" && exit 1 + [ -n "$BUFFER_TIME" ] && ! [[ "$BUFFER_TIME" =~ ^[0-9]+$ ]] && echo -e "${RED}Error: BUFFER_TIME must be a positive integer${NC}" && exit 1 + [ -n "$THREAD" ] && ! [[ "$THREAD" =~ ^[1-9][0-9]*$ ]] && echo -e "${RED}Error: THREAD must be a positive integer${NC}" && exit 1 } build_command() { cmd="./ore --rpc \"$RPC_URL\" mine" [ -n "$BUFFER_TIME" ] && cmd="$cmd --buffer-time \"$BUFFER_TIME\"" - [ -n "$THREAD_COUNT" ] && cmd="$cmd --threads \"$THREAD_COUNT\"" + [ -n "$THREAD" ] && cmd="$cmd --threads \"$THREAD\"" } execute_command() { sh -c "$cmd" if [ $? -ne 0 ]; then - echo "Error: ore binary exited with non-zero status" + echo -e "${RED}Error: ore binary exited with non-zero status${NC}" + echo "Command executed: $cmd" exit 1 fi } set_rpc_url display_header -check_wallet_file -check_ore_binary -check_rpc_url -check_buffer_time -check_thread_count +validate_params build_command execute_command \ No newline at end of file From 267b8f540d449e5b1f6b0ae54f21715de9518933 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Tue, 30 Jul 2024 21:35:43 +0000 Subject: [PATCH 10/22] chore: Update README --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 24771bdc..84fa179d 100644 --- a/README.md +++ b/README.md @@ -32,9 +32,9 @@ To run the Docker image with your wallet mapped in read-only mode, use the follo ```sh docker run \ - -e RPC_URL=mainnet \ + -e RPC=mainnet \ -e BUFFER_TIME=5 \ - -e THREAD_COUNT=4 \ + -e THREAD=4 \ -v /local/path/to/id.json:/ore/.config/solana/id.json:ro \ ghcr.io/regolith-labs/ore:latest ``` From 183718a99ebe9ca8af91598785d5b65d9558d0c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Mon, 5 Aug 2024 13:38:55 +0000 Subject: [PATCH 11/22] chore: Update Dockerfile to use specific Alpine versions for builder and final image --- Dockerfile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 90bbbfeb..b899270c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM rust:alpine AS builder +FROM rust:alpine3.20 AS builder RUN apk add --no-cache musl-dev @@ -8,9 +8,10 @@ COPY . . RUN cargo update && cargo build --release -FROM alpine:latest +FROM alpine:3.20.2 -RUN addgroup -S ore && adduser -S -G ore -h /ore ore && \ +RUN addgroup -S -g 1000 ore && \ + adduser -S -u 1000 -G ore -h /ore ore && \ apk update && apk upgrade libcrypto3 libssl3 && apk add --no-cache libgcc libstdc++ && \ mkdir -p /ore/.config/solana && chown -R ore:ore /ore/.config From 276dc7c2ad331aa57ec68f5044e7bfb9e4d7cddb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Tue, 6 Aug 2024 08:42:56 +0000 Subject: [PATCH 12/22] chore: Add support for setting priority fee in entrypoint script --- entrypoint.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/entrypoint.sh b/entrypoint.sh index 4d7eb71a..bf9fb79e 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -27,6 +27,7 @@ display_header() { RPC URL: ${RPC_URL} BUFFER TIME: ${BUFFER_TIME:-Not set} THREAD COUNT: ${THREAD:-Not set} +PRIORITY FEE: ${PRIORITY_FEE:-0} ############################################## " } @@ -38,12 +39,14 @@ validate_params() { ! echo "$RPC_URL" | grep -qE '^https?://' && echo -e "${RED}Error: Invalid RPC_URL: $RPC_URL${NC}" && exit 1 [ -n "$BUFFER_TIME" ] && ! [[ "$BUFFER_TIME" =~ ^[0-9]+$ ]] && echo -e "${RED}Error: BUFFER_TIME must be a positive integer${NC}" && exit 1 [ -n "$THREAD" ] && ! [[ "$THREAD" =~ ^[1-9][0-9]*$ ]] && echo -e "${RED}Error: THREAD must be a positive integer${NC}" && exit 1 + [ -n "$PRIORITY_FEE" ] && ! [[ "$PRIORITY_FEE" =~ ^[0-9]+$ ]] && echo -e "${RED}Error: PRIORITY_FEE must be a non-negative integer${NC}" && exit 1 } build_command() { cmd="./ore --rpc \"$RPC_URL\" mine" [ -n "$BUFFER_TIME" ] && cmd="$cmd --buffer-time \"$BUFFER_TIME\"" [ -n "$THREAD" ] && cmd="$cmd --threads \"$THREAD\"" + [ -n "$PRIORITY_FEE" ] && cmd="$cmd --priority-fee \"$PRIORITY_FEE\"" } execute_command() { From 97fa0eb97217d51f1e94c0b2981d516c5e721adf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Thu, 8 Aug 2024 13:25:13 +0000 Subject: [PATCH 13/22] chore: Update Dockerfile and entrypoint.sh --- Dockerfile | 6 ++- entrypoint.sh | 104 ++++++++++++++++++++++++++++++++++++++++---------- 2 files changed, 88 insertions(+), 22 deletions(-) diff --git a/Dockerfile b/Dockerfile index b899270c..c045cf60 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,8 @@ FROM rust:alpine3.20 AS builder -RUN apk add --no-cache musl-dev +RUN apk add --no-cache musl-dev pkgconfig openssl-dev + +ENV OPENSSL_DIR=/usr WORKDIR /usr/src/ore-cli @@ -15,7 +17,7 @@ RUN addgroup -S -g 1000 ore && \ apk update && apk upgrade libcrypto3 libssl3 && apk add --no-cache libgcc libstdc++ && \ mkdir -p /ore/.config/solana && chown -R ore:ore /ore/.config -WORKDIR /usr/local/bin +WORKDIR /ore COPY --from=builder --chown=ore:ore --chmod=500 /usr/src/ore-cli/target/release/ore /usr/local/bin/ore COPY --chown=ore:ore --chmod=500 entrypoint.sh /usr/local/bin/entrypoint.sh diff --git a/entrypoint.sh b/entrypoint.sh index bf9fb79e..d1dfaeaa 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -2,11 +2,56 @@ MAINNET_URL="https://api.mainnet-beta.solana.com" DEVNET_URL="https://api.devnet.solana.com" -WALLET_PATH="/ore/.config/solana/id.json" +WALLET_PATH="/ore/id.json" +WALLET_PAYER_PATH="/ore/payer.json" +FUNCTION="mine" RED='\033[0;31m' NC='\033[0m' +show_help() { + echo " +Usage: $0 [OPTIONS] [FUNCTION] + +Options: + --help Show this help message and exit + +Functions: + balance Fetch an account balance + benchmark Benchmark your hashpower + busses Fetch the bus account balances + claim Claim your mining rewards + close Close your account to recover rent + config Fetch the program config + mine Start mining + proof Fetch a proof account by address + rewards Fetch the current reward rate for each difficulty level + stake Stake to earn a rewards multiplier + upgrade Upgrade your ORE tokens from v1 to v2 + +Environment Variables: + RPC Set the RPC URL (mainnet, devnet, or custom URL) + BUFFER_TIME The number seconds before the deadline to stop mining and start submitting [default: 5] + CORES The number of CPU cores to allocate to mining [default: 1] + PRIORITY_FEE Price to pay for compute unit. If dynamic fee url is also set, this value will be the max. [default: 500000] + DYNAMIC_FEE_URL RPC URL to use for dynamic fee estimation. + DYNAMIC_FEE_STRATEGY Strategy to use for dynamic fee estimation. Must be one of 'helius', or 'triton'. + +Volumes: + To use your wallet files, mount them as volumes: + -v /path/to/your/id.json:/ore/id.json + Mount your wallet file, allowing the ore binary to access your wallet. + -v /path/to/your/payer.json:/ore/payer.json + Mount your payer wallet file, which is used to pay fees for transactions if the mine function is executed. + +Examples: + docker run -it -v /path/to/your/id.json:/ore/id.json myimage --help + docker run -it -v /path/to/your/id.json:/ore/id.json myimage mine + docker run -it -v /path/to/your/id.json:/ore/id.json myimage benchmark + docker run -it -v /path/to/your/id.json:/ore/id.json myimage balance +" +} + set_rpc_url() { case "$RPC" in mainnet) RPC_URL="$MAINNET_URL" ;; @@ -17,18 +62,19 @@ set_rpc_url() { display_header() { echo " -############################################## - _____ _____ _____ - | || __ || __| - | | || -|| __| - |_____||__|__||_____| - -############################################## -RPC URL: ${RPC_URL} -BUFFER TIME: ${BUFFER_TIME:-Not set} -THREAD COUNT: ${THREAD:-Not set} -PRIORITY FEE: ${PRIORITY_FEE:-0} -############################################## +############################################# +# _____ _____ _____ # +# | || __ || __| # +# | | || -|| __| # +# |_____||__|__||_____| # +# # +############################################# +# RPC URL: ${RPC_URL} +# BUFFER TIME: ${BUFFER_TIME:-5} +# CORES COUNT: ${CORES:-1} +# PRIORITY FEE: ${PRIORITY_FEE:-500000} +# DYNAMIC FEE URL: ${DYNAMIC_FEE_URL:-Not set} +# DYNAMIC FEE STRATEGY: ${DYNAMIC_FEE_STRATEGY:-Not set} " } @@ -37,16 +83,25 @@ validate_params() { [ ! -x "$(command -v ore)" ] && echo -e "${RED}Error: ore binary not found or not executable${NC}" && exit 1 [ -z "$RPC_URL" ] && RPC_URL="$DEVNET_URL" ! echo "$RPC_URL" | grep -qE '^https?://' && echo -e "${RED}Error: Invalid RPC_URL: $RPC_URL${NC}" && exit 1 - [ -n "$BUFFER_TIME" ] && ! [[ "$BUFFER_TIME" =~ ^[0-9]+$ ]] && echo -e "${RED}Error: BUFFER_TIME must be a positive integer${NC}" && exit 1 - [ -n "$THREAD" ] && ! [[ "$THREAD" =~ ^[1-9][0-9]*$ ]] && echo -e "${RED}Error: THREAD must be a positive integer${NC}" && exit 1 - [ -n "$PRIORITY_FEE" ] && ! [[ "$PRIORITY_FEE" =~ ^[0-9]+$ ]] && echo -e "${RED}Error: PRIORITY_FEE must be a non-negative integer${NC}" && exit 1 + [ -n "$BUFFER_TIME" ] && ! echo "$BUFFER_TIME" | grep -qE '^[0-9]+$' && echo -e "${RED}Error: BUFFER_TIME must be a positive integer${NC}" && exit 1 + [ -n "$CORES" ] && ! echo "$CORES" | grep -qE '^[1-9][0-9]*$' && echo -e "${RED}Error: CORES must be a positive integer${NC}" && exit 1 + [ -n "$PRIORITY_FEE" ] && ! echo "$PRIORITY_FEE" | grep -qE '^[0-9]+$' && echo -e "${RED}Error: PRIORITY_FEE must be a non-negative integer${NC}" && exit 1 + [ -n "$DYNAMIC_FEE_URL" ] && ! echo "$DYNAMIC_FEE_URL" | grep -qE '^https?://' && echo -e "${RED}Error: Invalid DYNAMIC_FEE_URL: $DYNAMIC_FEE_URL${NC}" && exit 1 + [ -n "$DYNAMIC_FEE_STRATEGY" ] && ! echo "$DYNAMIC_FEE_STRATEGY" | grep -qE '^(helius|triton)$' && echo -e "${RED}Error: DYNAMIC_FEE_STRATEGY must be 'helius' or 'triton'${NC}" && exit 1 } build_command() { - cmd="./ore --rpc \"$RPC_URL\" mine" - [ -n "$BUFFER_TIME" ] && cmd="$cmd --buffer-time \"$BUFFER_TIME\"" - [ -n "$THREAD" ] && cmd="$cmd --threads \"$THREAD\"" - [ -n "$PRIORITY_FEE" ] && cmd="$cmd --priority-fee \"$PRIORITY_FEE\"" + cmd="ore --keypair \"$WALLET_PATH\" --rpc \"$RPC_URL\" $FUNCTION" + [ -f "$WALLET_PAYER_PATH" ] && cmd="$cmd --fee-payer \"$WALLET_PAYER_PATH\"" + if [ "$FUNCTION" = "mine" ]; then + [ -n "$BUFFER_TIME" ] && cmd="$cmd --buffer-time \"$BUFFER_TIME\"" + [ -n "$CORES" ] && cmd="$cmd --cores \"$CORES\"" + [ -n "$PRIORITY_FEE" ] && cmd="$cmd --priority-fee \"$PRIORITY_FEE\"" + [ -n "$DYNAMIC_FEE_URL" ] && cmd="$cmd --dynamic-fee-url \"$DYNAMIC_FEE_URL\"" + [ -n "$DYNAMIC_FEE_STRATEGY" ] && cmd="$cmd --dynamic-fee-strategy \"$DYNAMIC_FEE_STRATEGY\"" + elif [ "$FUNCTION" = "benchmark" ]; then + [ -n "$CORES" ] && cmd="$cmd --cores \"$CORES\"" + fi } execute_command() { @@ -58,6 +113,15 @@ execute_command() { fi } +# Check for help or function argument +for arg in "$@" +do + case "$arg" in + --help) show_help; exit 0 ;; + balance|benchmark|busses|claim|close|config|proof|rewards|stake|upgrade) FUNCTION="$arg" ;; + esac +done + set_rpc_url display_header validate_params From 16871960456b8bec8f69e0f4ade87d8ead60f943 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Thu, 8 Aug 2024 13:50:35 +0000 Subject: [PATCH 14/22] chore: Update Dockerfile --- README.md | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 54 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index e71706a4..111b3885 100644 --- a/README.md +++ b/README.md @@ -59,24 +59,74 @@ docker run \ -e RPC=mainnet \ -e BUFFER_TIME=5 \ -e THREAD=4 \ - -v /local/path/to/id.json:/ore/.config/solana/id.json:ro \ + -v /local/path/to/id.json:/ore/id.json:ro \ ghcr.io/regolith-labs/ore:latest ``` ### Environment Variables - `RPC`: Select the RPC URL to use. Options: `mainnet`, `devnet`, or a custom URL. Default is `devnet`. -- `BUFFER_TIME`: Set the buffer time (in seconds). +- `BUFFER_TIME`: Set the buffer time. - `THREAD`: Set the number of threads to use. ### Wallet Mapping -Ensure that you map your local wallet file `id.json` to the path `/ore/.config/solana/id.json` in the container so that `ore-cli` can securely access your Solana wallet. +Ensure that you map your local wallet files `id.json` and `payer.json` (if needed) to the paths `/ore/id.json` and `/ore/payer.json` in the container. Example: ```sh docker run \ - -v /home/$USER/.config/solana/id.json:/ore/.config/solana/id.json:ro \ + -v /home/$USER/.config/solana/id.json:/ore/id.json:ro \ + -v /home/$USER/.config/solana/payer.json:/ore/payer.json:ro \ ghcr.io/regolith-labs/ore:latest +``` + +### Functions + +The ORE CLI supports various functions. You can specify the function to execute as an argument to the Docker run command. Here are the available functions: + +- `balance`: Fetch an account balance. +- `benchmark`: Benchmark your hashpower. +- `busses`: Fetch the bus account balances. +- `claim`: Claim your mining rewards. +- `close`: Close your account to recover rent. +- `config`: Fetch the program config. +- `mine`: Start mining. +- `proof`: Fetch a proof account by address. +- `rewards`: Fetch the current reward rate for each difficulty level. +- `stake`: Stake to earn a rewards multiplier. +- `upgrade`: Upgrade your ORE tokens from v1 to v2. + +### Examples + +To start mining with the Docker image: + +```sh +docker run \ + -v /path/to/your/id.json:/ore/id.json:ro \ + -e RPC=mainnet \ + -e BUFFER_TIME=5 \ + -e THREAD=4 \ + ghcr.io/regolith-labs/ore:latest mine +``` + +To benchmark your hashpower: + +```sh +docker run -e THREAD=4 ghcr.io/regolith-labs/ore:latest benchmark +``` + +To fetch an account balance: + +```sh +docker run \ + -v /path/to/your/id.json:/ore/id.json:ro \ + ghcr.io/regolith-labs/ore:latest balance +``` + +For detailed help on each function, use the `--help` flag: + +```sh +docker run -it ghcr.io/regolith-labs/ore:latest --help ``` \ No newline at end of file From 485164ec208a5a7c8b9a96b80ebe95c43c94d6f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Fri, 9 Aug 2024 22:30:34 +0000 Subject: [PATCH 15/22] fix: Switch from Alpine to UBI9 on Dockerfile due to compatibility issues with ore-cli v2 on ARM architecture --- Dockerfile | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index c045cf60..b7084ee1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,22 +1,36 @@ -FROM rust:alpine3.20 AS builder +FROM rust:bookworm AS builder -RUN apk add --no-cache musl-dev pkgconfig openssl-dev - -ENV OPENSSL_DIR=/usr +RUN apt-get update && apt-get install -y \ + openssl \ + pkg-config \ + libssl-dev WORKDIR /usr/src/ore-cli COPY . . -RUN cargo update && cargo build --release +RUN cargo clean && cargo update && cargo build --release --verbose -FROM alpine:3.20.2 +FROM registry.access.redhat.com/ubi9/ubi-minimal AS intermediate -RUN addgroup -S -g 1000 ore && \ - adduser -S -u 1000 -G ore -h /ore ore && \ - apk update && apk upgrade libcrypto3 libssl3 && apk add --no-cache libgcc libstdc++ && \ +RUN microdnf update -y && \ + groupadd -g 1000 ore && \ + useradd -u 1000 -g ore -d /ore -m ore && \ mkdir -p /ore/.config/solana && chown -R ore:ore /ore/.config +FROM registry.access.redhat.com/ubi9/ubi-micro + +COPY --from=intermediate /usr/bin/grep /usr/bin/grep +COPY --from=intermediate /etc/passwd /etc/passwd +COPY --from=intermediate /etc/group /etc/group +COPY --from=intermediate /etc/shadow /etc/shadow +COPY --from=intermediate --chown=ore:ore --chmod=500 /ore /ore +COPY --from=intermediate /usr/lib64/libssl.so.3 /usr/lib64/libssl.so.3 +COPY --from=intermediate /usr/lib64/libcrypto.so.3 /usr/lib64/libcrypto.so.3 +COPY --from=intermediate /usr/lib64/libz.so.1 /usr/lib64/libz.so.1 +COPY --from=intermediate /usr/lib64/libpcre.so.1 /usr/lib64/libpcre.so.1 +COPY --from=intermediate /usr/lib64/libsigsegv.so.2 /usr/lib64/libsigsegv.so.2 + WORKDIR /ore COPY --from=builder --chown=ore:ore --chmod=500 /usr/src/ore-cli/target/release/ore /usr/local/bin/ore From 91259acefabdb54b3879c0699f83a295d99f6a88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Fri, 9 Aug 2024 22:32:11 +0000 Subject: [PATCH 16/22] chore: Update THREAD to CORES in Docker run command for better clarity and consistency --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 1c6f02bd..2b27f598 100644 --- a/README.md +++ b/README.md @@ -58,7 +58,7 @@ To run the Docker image with your wallet mapped in read-only mode, use the follo docker run \ -e RPC=mainnet \ -e BUFFER_TIME=5 \ - -e THREAD=4 \ + -e CORES=4 \ -v /local/path/to/id.json:/ore/id.json:ro \ ghcr.io/regolith-labs/ore:latest ``` @@ -67,7 +67,7 @@ docker run \ - `RPC`: Select the RPC URL to use. Options: `mainnet`, `devnet`, or a custom URL. Default is `devnet`. - `BUFFER_TIME`: Set the buffer time. -- `THREAD`: Set the number of threads to use. +- `CORES`: Set the number of CORES to use. ### Wallet Mapping @@ -107,14 +107,14 @@ docker run \ -v /path/to/your/id.json:/ore/id.json:ro \ -e RPC=mainnet \ -e BUFFER_TIME=5 \ - -e THREAD=4 \ + -e CORES=4 \ ghcr.io/regolith-labs/ore:latest mine ``` To benchmark your hashpower: ```sh -docker run -e THREAD=4 ghcr.io/regolith-labs/ore:latest benchmark +docker run -e CORES=4 ghcr.io/regolith-labs/ore:latest benchmark ``` To fetch an account balance: From 9a3fbd97a81cc7e9f1d2a05ec3ecf6f85e192822 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Sat, 10 Aug 2024 07:23:06 +0000 Subject: [PATCH 17/22] chore: Update validate_params function to only check for wallet file if FUNCTION is not "benchmark" --- entrypoint.sh | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index d1dfaeaa..e283dd9c 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -79,7 +79,9 @@ display_header() { } validate_params() { - [ ! -f "$WALLET_PATH" ] && echo -e "${RED}Error: Wallet file not found at $WALLET_PATH${NC}" && exit 1 + if [ "$FUNCTION" != "benchmark" ]; then + [ ! -f "$WALLET_PATH" ] && echo -e "${RED}Error: Wallet file not found at $WALLET_PATH${NC}" && exit 1 + fi [ ! -x "$(command -v ore)" ] && echo -e "${RED}Error: ore binary not found or not executable${NC}" && exit 1 [ -z "$RPC_URL" ] && RPC_URL="$DEVNET_URL" ! echo "$RPC_URL" | grep -qE '^https?://' && echo -e "${RED}Error: Invalid RPC_URL: $RPC_URL${NC}" && exit 1 @@ -91,16 +93,19 @@ validate_params() { } build_command() { - cmd="ore --keypair \"$WALLET_PATH\" --rpc \"$RPC_URL\" $FUNCTION" - [ -f "$WALLET_PAYER_PATH" ] && cmd="$cmd --fee-payer \"$WALLET_PAYER_PATH\"" - if [ "$FUNCTION" = "mine" ]; then - [ -n "$BUFFER_TIME" ] && cmd="$cmd --buffer-time \"$BUFFER_TIME\"" - [ -n "$CORES" ] && cmd="$cmd --cores \"$CORES\"" - [ -n "$PRIORITY_FEE" ] && cmd="$cmd --priority-fee \"$PRIORITY_FEE\"" - [ -n "$DYNAMIC_FEE_URL" ] && cmd="$cmd --dynamic-fee-url \"$DYNAMIC_FEE_URL\"" - [ -n "$DYNAMIC_FEE_STRATEGY" ] && cmd="$cmd --dynamic-fee-strategy \"$DYNAMIC_FEE_STRATEGY\"" - elif [ "$FUNCTION" = "benchmark" ]; then + if [ "$FUNCTION" = "benchmark" ]; then + cmd="ore benchmark" [ -n "$CORES" ] && cmd="$cmd --cores \"$CORES\"" + else + cmd="ore --keypair \"$WALLET_PATH\" --rpc \"$RPC_URL\" $FUNCTION" + [ -f "$WALLET_PAYER_PATH" ] && cmd="$cmd --fee-payer \"$WALLET_PAYER_PATH\"" + if [ "$FUNCTION" = "mine" ]; then + [ -n "$BUFFER_TIME" ] && cmd="$cmd --buffer-time \"$BUFFER_TIME\"" + [ -n "$CORES" ] && cmd="$cmd --cores \"$CORES\"" + [ -n "$PRIORITY_FEE" ] && cmd="$cmd --priority-fee \"$PRIORITY_FEE\"" + [ -n "$DYNAMIC_FEE_URL" ] && cmd="$cmd --dynamic-fee-url \"$DYNAMIC_FEE_URL\"" + [ -n "$DYNAMIC_FEE_STRATEGY" ] && cmd="$cmd --dynamic-fee-strategy \"$DYNAMIC_FEE_STRATEGY\"" + fi fi } From cbac7b2275f993b8a8455c0819c67ce8fbe4ac72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Sat, 10 Aug 2024 15:12:00 +0000 Subject: [PATCH 18/22] chore: Update Dockerfile & entrypoint.sh --- README.md | 86 ++++++++++++++++++++++----------------------------- entrypoint.sh | 16 ++++++---- 2 files changed, 47 insertions(+), 55 deletions(-) diff --git a/README.md b/README.md index 2b27f598..7e3c48d6 100644 --- a/README.md +++ b/README.md @@ -50,12 +50,12 @@ You can use the `-h` flag on any command to pull up a help menu with documentati ore -h ``` -## Running the Docker Image +## Running with Docker -To run the Docker image with your wallet mapped in read-only mode, use the following command: +Run the Docker image with your wallet mapped: ```sh -docker run \ +docker run -it \ -e RPC=mainnet \ -e BUFFER_TIME=5 \ -e CORES=4 \ @@ -63,28 +63,9 @@ docker run \ ghcr.io/regolith-labs/ore:latest ``` -### Environment Variables - -- `RPC`: Select the RPC URL to use. Options: `mainnet`, `devnet`, or a custom URL. Default is `devnet`. -- `BUFFER_TIME`: Set the buffer time. -- `CORES`: Set the number of CORES to use. - -### Wallet Mapping - -Ensure that you map your local wallet files `id.json` and `payer.json` (if needed) to the paths `/ore/id.json` and `/ore/payer.json` in the container. - -Example: - -```sh -docker run \ - -v /home/$USER/.config/solana/id.json:/ore/id.json:ro \ - -v /home/$USER/.config/solana/payer.json:/ore/payer.json:ro \ - ghcr.io/regolith-labs/ore:latest -``` - ### Functions -The ORE CLI supports various functions. You can specify the function to execute as an argument to the Docker run command. Here are the available functions: +The Docker image supports the following functions: - `balance`: Fetch an account balance. - `benchmark`: Benchmark your hashpower. @@ -96,37 +77,44 @@ The ORE CLI supports various functions. You can specify the function to execute - `proof`: Fetch a proof account by address. - `rewards`: Fetch the current reward rate for each difficulty level. - `stake`: Stake to earn a rewards multiplier. +- `transfer`: Send ORE to anyone, anywhere in the world. - `upgrade`: Upgrade your ORE tokens from v1 to v2. -### Examples - -To start mining with the Docker image: - -```sh -docker run \ - -v /path/to/your/id.json:/ore/id.json:ro \ - -e RPC=mainnet \ - -e BUFFER_TIME=5 \ - -e CORES=4 \ - ghcr.io/regolith-labs/ore:latest mine -``` +### Environment Variables -To benchmark your hashpower: +- `RPC`: Set the RPC URL (mainnet, devnet, or custom URL). Default is `devnet`. +- `BUFFER_TIME`: The number of seconds before the deadline to stop mining and start submitting (default: 5). +- `CORES`: Number of CPU cores to allocate to mining (default: 1). +- `PRIORITY_FEE`: Price to pay for compute units. If dynamic fee URL is also set, this value will be the max (default: 500000). +- `DYNAMIC_FEE_URL`: RPC URL to use for dynamic fee estimation. +- `DYNAMIC_FEE_STRATEGY`: Strategy to use for dynamic fee estimation. Must be one of 'helius' or 'triton'. -```sh -docker run -e CORES=4 ghcr.io/regolith-labs/ore:latest benchmark -``` +### Volumes -To fetch an account balance: +To use your wallet files, mount them as volumes: -```sh -docker run \ - -v /path/to/your/id.json:/ore/id.json:ro \ - ghcr.io/regolith-labs/ore:latest balance -``` +- Mount your wallet file: + ```sh + -v /path/to/your/id.json:/ore/id.json + ``` +- Mount your payer wallet file, which is used to pay fees for transactions: + ```sh + -v /path/to/your/payer.json:/ore/payer.json + ``` -For detailed help on each function, use the `--help` flag: +### Examples -```sh -docker run -it ghcr.io/regolith-labs/ore:latest --help -``` \ No newline at end of file +- Display balance account: + ```sh + docker run --rm -it \ + -v /path/to/your/id.json:/ore/id.json:ro \ + ghcr.io/regolith-labs/ore:latest balance + ``` +- Display help: + ```sh + docker run --rm -it ghcr.io/regolith-labs/ore:latest --help + ``` +- Benchmark your hashpower: + ```sh + docker run --rm -it ghcr.io/regolith-labs/ore:latest benchmark + ``` \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh index e283dd9c..04194849 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -27,6 +27,7 @@ Functions: proof Fetch a proof account by address rewards Fetch the current reward rate for each difficulty level stake Stake to earn a rewards multiplier + transfer Send ORE to anyone, anywhere in the world. upgrade Upgrade your ORE tokens from v1 to v2 Environment Variables: @@ -48,7 +49,9 @@ Examples: docker run -it -v /path/to/your/id.json:/ore/id.json myimage --help docker run -it -v /path/to/your/id.json:/ore/id.json myimage mine docker run -it -v /path/to/your/id.json:/ore/id.json myimage benchmark - docker run -it -v /path/to/your/id.json:/ore/id.json myimage balance + docker run -it -v /path/to/your/id.json:/ore/id.json myimage config + docker run -it -v /path/to/your/id.json:/ore/id.json myimage rewards + docker run -it -v /path/to/your/id.json:/ore/id.json myimage busses " } @@ -79,7 +82,7 @@ display_header() { } validate_params() { - if [ "$FUNCTION" != "benchmark" ]; then + if [ "$FUNCTION" != "benchmark" ] && [ "$FUNCTION" != "config" ] && [ "$FUNCTION" != "rewards" ] && [ "$FUNCTION" != "busses" ]; then [ ! -f "$WALLET_PATH" ] && echo -e "${RED}Error: Wallet file not found at $WALLET_PATH${NC}" && exit 1 fi [ ! -x "$(command -v ore)" ] && echo -e "${RED}Error: ore binary not found or not executable${NC}" && exit 1 @@ -93,8 +96,8 @@ validate_params() { } build_command() { - if [ "$FUNCTION" = "benchmark" ]; then - cmd="ore benchmark" + if [ "$FUNCTION" = "benchmark" ] || [ "$FUNCTION" = "config" ] || [ "$FUNCTION" = "rewards" ] || [ "$FUNCTION" = "busses" ]; then + cmd="ore $FUNCTION" [ -n "$CORES" ] && cmd="$cmd --cores \"$CORES\"" else cmd="ore --keypair \"$WALLET_PATH\" --rpc \"$RPC_URL\" $FUNCTION" @@ -118,7 +121,6 @@ execute_command() { fi } -# Check for help or function argument for arg in "$@" do case "$arg" in @@ -128,7 +130,9 @@ do done set_rpc_url -display_header +if [ "$FUNCTION" = "mine" ]; then + display_header +fi validate_params build_command execute_command \ No newline at end of file From 543e73582705703e2ad4a5a64610a158124ad16e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Mon, 12 Aug 2024 11:31:01 +0000 Subject: [PATCH 19/22] chore: Add JITO option --- entrypoint.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/entrypoint.sh b/entrypoint.sh index 04194849..0e982c73 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -37,6 +37,7 @@ Environment Variables: PRIORITY_FEE Price to pay for compute unit. If dynamic fee url is also set, this value will be the max. [default: 500000] DYNAMIC_FEE_URL RPC URL to use for dynamic fee estimation. DYNAMIC_FEE_STRATEGY Strategy to use for dynamic fee estimation. Must be one of 'helius', or 'triton'. + JITO Add jito tip to the miner. [default: false] Volumes: To use your wallet files, mount them as volumes: @@ -93,6 +94,7 @@ validate_params() { [ -n "$PRIORITY_FEE" ] && ! echo "$PRIORITY_FEE" | grep -qE '^[0-9]+$' && echo -e "${RED}Error: PRIORITY_FEE must be a non-negative integer${NC}" && exit 1 [ -n "$DYNAMIC_FEE_URL" ] && ! echo "$DYNAMIC_FEE_URL" | grep -qE '^https?://' && echo -e "${RED}Error: Invalid DYNAMIC_FEE_URL: $DYNAMIC_FEE_URL${NC}" && exit 1 [ -n "$DYNAMIC_FEE_STRATEGY" ] && ! echo "$DYNAMIC_FEE_STRATEGY" | grep -qE '^(helius|triton)$' && echo -e "${RED}Error: DYNAMIC_FEE_STRATEGY must be 'helius' or 'triton'${NC}" && exit 1 + [ -n "$JITO" ] && ! echo "$JITO" | grep -qE '^(true|false)$' && echo -e "${RED}Error: JITO must be 'true' or 'false'${NC}" && exit 1 } build_command() { @@ -108,6 +110,7 @@ build_command() { [ -n "$PRIORITY_FEE" ] && cmd="$cmd --priority-fee \"$PRIORITY_FEE\"" [ -n "$DYNAMIC_FEE_URL" ] && cmd="$cmd --dynamic-fee-url \"$DYNAMIC_FEE_URL\"" [ -n "$DYNAMIC_FEE_STRATEGY" ] && cmd="$cmd --dynamic-fee-strategy \"$DYNAMIC_FEE_STRATEGY\"" + [ "$JITO" = "true" ] && cmd="$cmd --jito" fi fi } From e2248b54a66bac3db892beaa743169bedcd708ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Mon, 12 Aug 2024 11:50:17 +0000 Subject: [PATCH 20/22] chore: Update Dockerfile to improve build process --- Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index b7084ee1..1558ac31 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,9 +7,10 @@ RUN apt-get update && apt-get install -y \ WORKDIR /usr/src/ore-cli -COPY . . +COPY Cargo.toml Cargo.lock rust-toolchain.toml . +COPY src ./src -RUN cargo clean && cargo update && cargo build --release --verbose +RUN cargo clean && cargo update && cargo build --release FROM registry.access.redhat.com/ubi9/ubi-minimal AS intermediate From a491752ab9dd7f35437be0e4f7280e56f2bc8f8e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Sun, 18 Aug 2024 18:26:35 +0000 Subject: [PATCH 21/22] chore: changing workflow names --- .github/workflows/docker-build.yml | 5 +---- .github/workflows/{cargo-build.yml => rust-build.yml} | 2 +- 2 files changed, 2 insertions(+), 5 deletions(-) rename .github/workflows/{cargo-build.yml => rust-build.yml} (99%) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index a9642da9..dcc34350 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -1,11 +1,8 @@ -name: Docker CI +name: Docker Build on: release: types: [published] - paths-ignore: - - 'README.md' - - '.gitignore' env: REGISTRY: ghcr.io diff --git a/.github/workflows/cargo-build.yml b/.github/workflows/rust-build.yml similarity index 99% rename from .github/workflows/cargo-build.yml rename to .github/workflows/rust-build.yml index 47c4f214..a4ce60bb 100644 --- a/.github/workflows/cargo-build.yml +++ b/.github/workflows/rust-build.yml @@ -1,4 +1,4 @@ -name: Build +name: Rust Build on: push: From 13e27dc045414e47f7c5681baa8d293e30aafc34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kl=C3=A9ment?= <50872057+KlementXV@users.noreply.github.com> Date: Sat, 31 Aug 2024 12:35:54 +0000 Subject: [PATCH 22/22] chore: enhance GitHub workflows with testing, multi-platform builds, and security checks --- .github/workflows/docker-build.yml | 27 +++ .github/workflows/rust-build.yml | 304 +++++++++++++++++++---------- .github/workflows/rust-test.yml | 54 +++++ 3 files changed, 286 insertions(+), 99 deletions(-) create mode 100644 .github/workflows/rust-test.yml diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index dcc34350..050bec4e 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -35,6 +35,7 @@ jobs: contents: read packages: write id-token: write + security-events: write steps: - name: Checkout repository uses: actions/checkout@v4 @@ -78,3 +79,29 @@ jobs: platforms: linux/amd64,linux/arm64 cache-from: type=gha cache-to: type=gha,mode=max + + - name: Sign the images with GitHub OIDC Token + env: + DIGEST: ${{ steps.build-and-push.outputs.digest }} + TAGS: ${{ steps.meta.outputs.tags }} + run: | + images="" + for tag in ${TAGS}; do + images+="${tag}@${DIGEST} " + done + cosign sign --yes ${images} + + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@0.24.0 + with: + image-ref: '${{ env.REGISTRY }}/${{ needs.version.outputs.image_name }}:${{ needs.version.outputs.version }}' + format: 'template' + template: '@/contrib/sarif.tpl' + output: 'trivy-results.sarif' + severity: 'CRITICAL,HIGH' + + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' + wait-for-processing: true \ No newline at end of file diff --git a/.github/workflows/rust-build.yml b/.github/workflows/rust-build.yml index a4ce60bb..c74e5329 100644 --- a/.github/workflows/rust-build.yml +++ b/.github/workflows/rust-build.yml @@ -1,18 +1,13 @@ name: Rust Build on: - push: - branches: ["master"] - workflow_dispatch: + release: + types: [published] env: CARGO_TERM_COLOR: always BINARY_NAME: ore -concurrency: - group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} - cancel-in-progress: false - jobs: version: runs-on: ubuntu-latest @@ -21,66 +16,29 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + - id: version run: echo version="$(cargo metadata --no-deps --quiet --color never | jq -r '.packages[].version')-$(git describe --always --dirty=_modified)" >> "$GITHUB_OUTPUT" - build: - name: Build + + build-ubuntu: + name: Build on Ubuntu needs: version - runs-on: ${{ matrix.os }} + runs-on: ubuntu-latest strategy: matrix: - include: - - os: macos-latest - target: x86_64-apple-darwin - - os: macos-latest - target: aarch64-apple-darwin - - os: ubuntu-latest - target: x86_64-unknown-linux-gnu - - os: ubuntu-latest - target: x86_64-unknown-linux-musl - - os: ubuntu-latest - target: aarch64-unknown-linux-gnu - # it requires unofficial prebuilt toolchain, disable it for security, consider it later - # - os: ubuntu-latest - # target: aarch64-unknown-linux-musl - - os: windows-latest - target: x86_64-pc-windows-msvc - # https://github.com/briansmith/ring/issues/1167 - # it's an issue of the upstream's upstream - # - os: windows-latest - # target: aarch64-pc-windows-msvc - - os: ubuntu-latest - target: x86_64-pc-windows-gnu + target: [x86_64-unknown-linux-gnu, x86_64-pc-windows-gnu] steps: - name: Checkout repository uses: actions/checkout@v4 + - name: Setup Rust run: rustup target add ${{ matrix.target }} - # https://github.com/mozilla/grcov/blob/cc77ce34164fc3ea80ac579d1c15f36c9734133c/.github/workflows/release.yml#L34 - - name: Install additional toolchains - if: ${{ matrix.os == 'ubuntu-latest' }} + + - name: Install dependencies run: | - set -x - case "${{ matrix.target }}" in - x86_64-unknown-linux-gnu) - ;; - x86_64-unknown-linux-musl) - sudo apt-get update - sudo apt-get install -y musl-tools - ;; - aarch64-unknown-linux-gnu) - sudo apt-get update - sudo apt-get install -y gcc-aarch64-linux-gnu - - mkdir -p .cargo - echo '[target.aarch64-unknown-linux-gnu]' >> .cargo/config - echo 'linker = "aarch64-linux-gnu-gcc"' >> .cargo/config - ;; - x86_64-pc-windows-gnu) - sudo apt-get update - sudo apt-get install -y gcc-mingw-w64-x86-64-win32 - ;; - esac + sudo apt-get update + sudo apt-get install -y \ + ${{ matrix.target == 'x86_64-pc-windows-gnu' && 'mingw-w64' || 'openssl pkg-config libssl-dev' }} - name: Configure cache uses: actions/cache@v4 with: @@ -91,58 +49,206 @@ jobs: ~/.cargo/git/db/ target/ key: release-${{ runner.os }}-cargo-${{ matrix.target }}-${{ hashFiles('**/Cargo.lock') }} - - name: Lint - run: cargo fmt --check + - name: Build - # run: cargo build --release --locked --target ${{ matrix.target }} run: cargo build --release --target ${{ matrix.target }} + - name: Strip binary - if: ${{ matrix.os != 'windows-latest' }} run: | - set -x - strip="strip" - file_extension="" - case "${{ matrix.target }}" in - x86_64-unknown-linux-gnu) - ;; - x86_64-unknown-linux-musl) - ;; - aarch64-unknown-linux-gnu) - strip=aarch64-linux-gnu-strip - ;; - aarch64-unknown-linux-musl) - strip=aarch64-linux-musl-strip - ;; - x86_64-pc-windows-gnu) - strip=x86_64-w64-mingw32-strip - file_extension=".exe" - ;; - esac - - ${strip} target/${{ matrix.target }}/release/${{ env.BINARY_NAME }}${file_extension} - - name: Package (unix) - if: ${{ matrix.os != 'windows-latest' }} + if [ "${{ matrix.target }}" = "x86_64-pc-windows-gnu" ]; then + x86_64-w64-mingw32-strip target/${{ matrix.target }}/release/${{ env.BINARY_NAME }}.exe + else + strip target/${{ matrix.target }}/release/${{ env.BINARY_NAME }} + fi + + - name: Package run: | - set -x - file_extension="" - case "${{ matrix.target }}" in - x86_64-pc-windows-gnu) - file_extension=".exe" - ;; - esac rm -rf target/dist - mkdir target/dist - cd target/${{ matrix.target }}/release - cp ${{ env.BINARY_NAME }}${file_extension} ../../dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }}${file_extension} - - name: Package (windows) - if: ${{ matrix.os == 'windows-latest' }} + mkdir -p target/dist + cp target/${{ matrix.target }}/release/${{ env.BINARY_NAME }}${{ matrix.target == 'x86_64-pc-windows-gnu' && '.exe' || '' }} target/dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }}${{ matrix.target == 'x86_64-pc-windows-gnu' && '.exe' || '' }} + + - name: Upload archive + uses: actions/upload-artifact@v4 + with: + name: ${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }} + path: target/dist/* + + - name: Upload release asset + uses: actions/upload-release-asset@v1 + with: + upload_url: ${{ github.event.release.upload_url }} + asset_path: target/dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }}${{ matrix.target == 'x86_64-pc-windows-gnu' && '.exe' || '' }} + asset_name: ${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }}${{ matrix.target == 'x86_64-pc-windows-gnu' && '.exe' || '' }} + asset_content_type: application/octet-stream + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + build-macos: + name: Build on macOS + needs: version + runs-on: macos-latest + strategy: + matrix: + target: [x86_64-apple-darwin, aarch64-apple-darwin] + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install dependencies + run: brew install openssl pkg-config + + - name: Setup Rust + run: rustup target add ${{ matrix.target }} + + - name: Configure cache + uses: actions/cache@v4 + with: + path: | + ~/.cargo/bin/ + ~/.cargo/registry/index/ + ~/.cargo/registry/cache/ + ~/.cargo/git/db/ + target/ + key: release-${{ runner.os }}-cargo-${{ matrix.target }}-${{ hashFiles('**/Cargo.lock') }} + + - name: Build + run: cargo build --release --target ${{ matrix.target }} + + - name: Strip binary + run: strip target/${{ matrix.target }}/release/${{ env.BINARY_NAME }} + + - name: Package run: | - if (Test-Path target/dist) { rm -Recurse -Force target/dist } - mkdir target/dist - cd target/${{ matrix.target }}/release - cp "${{ env.BINARY_NAME }}.exe" "../../dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }}.exe" + rm -rf target/dist + mkdir -p target/dist + cp target/${{ matrix.target }}/release/${{ env.BINARY_NAME }} target/dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }} - name: Upload archive uses: actions/upload-artifact@v4 with: name: ${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }} path: target/dist/* + + - name: Upload release asset + uses: actions/upload-release-asset@v1 + with: + upload_url: ${{ github.event.release.upload_url }} + asset_path: target/dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }} + asset_name: ${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-${{ matrix.target }} + asset_content_type: application/octet-stream + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + build-windows-msvc: + name: Build on Windows (MSVC) + needs: version + runs-on: windows-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Setup Rust + run: rustup target add x86_64-pc-windows-msvc + + - name: Configure cache + uses: actions/cache@v4 + with: + path: | + ~/.cargo/bin/ + ~/.cargo/registry/index/ + ~/.cargo/registry/cache/ + ~/.cargo/git/db/ + target/ + key: release-${{ runner.os }}-cargo-x86_64-pc-windows-msvc-${{ hashFiles('**/Cargo.lock') }} + + - name: Build + run: cargo build --release --target x86_64-pc-windows-msvc + + - name: Package + run: | + if (Test-Path target/dist) { Remove-Item -Recurse -Force target/dist } + New-Item -ItemType Directory -Force -Path target/dist + Copy-Item target/x86_64-pc-windows-msvc/release/${{ env.BINARY_NAME }}.exe target/dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-x86_64-pc-windows-msvc.exe + - name: Upload archive + uses: actions/upload-artifact@v4 + with: + name: ${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-x86_64-pc-windows-msvc + path: target/dist/* + + - name: Upload release asset + uses: actions/upload-release-asset@v1 + with: + upload_url: ${{ github.event.release.upload_url }} + asset_path: target/dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-x86_64-pc-windows-msvc.exe + asset_name: ${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-x86_64-pc-windows-msvc.exe + asset_content_type: application/octet-stream + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # build-arm64: + # name: Build on ARM64 (Ubuntu 22.04) + # needs: version + # runs-on: ubuntu-latest + # steps: + # - name: Checkout repository + # uses: actions/checkout@v4 + + # - name: Setup Rust + # run: | + # curl https://sh.rustup.rs -sSf | sh -s -- -y + # source "$HOME/.cargo/env" + # rustup target add aarch64-unknown-linux-gnu + + # - name: Install dependencies + # run: | + # sudo apt-get update && sudo apt-get install -y \ + # musl-tools \ + # clang \ + # gcc-aarch64-linux-gnu \ + # g++-aarch64-linux-gnu \ + # libc6-dev \ + # libc6-dev-arm64-cross + + # - name: Configure cache + # uses: actions/cache@v4 + # with: + # path: | + # ~/.cargo/bin/ + # ~/.cargo/registry/index/ + # ~/.cargo/registry/cache/ + # ~/.cargo/git/db/ + # target/ + # key: release-${{ runner.os }}-cargo-aarch64-unknown-linux-gnu-${{ hashFiles('**/Cargo.lock') }} + + # - name: Build + # run: | + # env BINDGEN_EXTRA_CLANG_ARGS='--sysroot /usr/aarch64-linux-gnu' \ + # CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=/usr/bin/aarch64-linux-gnu-gcc \ + # cargo build --release --target aarch64-unknown-linux-gnu + + # - name: Strip binary + # run: strip target/aarch64-unknown-linux-gnu/release/${{ env.BINARY_NAME }} + + # - name: Package + # run: | + # rm -rf target/dist + # mkdir -p target/dist + # cp target/aarch64-unknown-linux-gnu/release/${{ env.BINARY_NAME }} target/dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-aarch64-unknown-linux-gnu + + # - name: Upload archive + # uses: actions/upload-artifact@v4 + # with: + # name: ${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-aarch64-unknown-linux-gnu + # path: target/dist/* + + # - name: Debug - Check file existence + # run: ls -alh target/dist + + # - name: Upload release asset + # uses: actions/upload-release-asset@v1 + # with: + # upload_url: ${{ github.event.release.upload_url }} + # asset_path: target/dist/${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-aarch64-unknown-linux-gnu + # asset_name: ${{ env.BINARY_NAME }}-${{ needs.version.outputs.version }}-aarch64-unknown-linux-gnu + # asset_content_type: application/octet-stream + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/rust-test.yml b/.github/workflows/rust-test.yml new file mode 100644 index 00000000..e617f9c9 --- /dev/null +++ b/.github/workflows/rust-test.yml @@ -0,0 +1,54 @@ +name: Rust Tests & Linting + +on: + push: + branches: + - '**' + paths: + - 'src/**' + - 'Cargo.lock' + - 'Cargo.toml' + - 'rust-toolchain.toml' + +jobs: + build_and_test: + runs-on: ubuntu-latest + permissions: + contents: read + security-events: write + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install Rust + uses: actions-rs/toolchain@v1 + with: + profile: minimal + toolchain: stable + components: clippy + override: true + + - name: Install required cargo + run: cargo install clippy-sarif sarif-fmt cargo-audit + - name: Build + run: cargo test --no-run --workspace --all-features + + - name: Default features + run: cargo test --workspace + + - name: All features + run: cargo test --workspace --all-features + + - name: No-default features + run: cargo test --workspace --no-default-features + + - name: Run Clippy + run: | + cargo clippy --all-features --message-format=json | clippy-sarif | tee results_clippy.sarif | sarif-fmt + continue-on-error: true + + - name: Upload clippy results to GitHub + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: results_clippy.sarif + wait-for-processing: true \ No newline at end of file