Golem 1.5 (#3265) #11017
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| tags: | |
| - "v*.*.*" | |
| branches: | |
| - main | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| checks: write | |
| pull-requests: write | |
| actions: read | |
| contents: read | |
| env: | |
| BUILD_TARGET: "x86_64-unknown-linux-gnu" | |
| WASM_RQUICKJS_VERSION: "0.2.2" | |
| WASI_SDK_VERSION: "25" | |
| WASI_SDK_PATH: /opt/wasi-sdk | |
| jobs: | |
| build-and-store: | |
| env: | |
| CARGO_BUILD_JOBS: 20 | |
| runs-on: blacksmith-32vcpu-ubuntu-2204 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| cache-save-if: 'true' | |
| - uses: taiki-e/install-action@v2 | |
| with: | |
| tool: nextest | |
| - name: Building all executables | |
| env: | |
| QUIET: true | |
| run: cargo make --profile ci build-all-bins-including-tests | |
| timeout-minutes: 15 | |
| - name: Packaging all binaries with cargo-nextest | |
| run: | | |
| mkdir -pv tmp | |
| cargo nextest -v archive --archive-file tmp/golem-binaries.tar.zst --zstd-level -7 --cargo-profile dev-ci | |
| timeout-minutes: 5 | |
| - name: Extract archive | |
| run: | | |
| mkdir tmp/golem-binaries | |
| tar --zstd -xvf tmp/golem-binaries.tar.zst -C tmp/golem-binaries | |
| timeout-minutes: 2 | |
| - name: Save packaged binaries to cache | |
| uses: actions/cache/save@v5 | |
| with: | |
| path: tmp/golem-binaries | |
| key: golem-binaries-${{ github.run_id }} | |
| check-clippy-and-format: | |
| env: | |
| CARGO_BUILD_JOBS: 10 | |
| runs-on: blacksmith-8vcpu-ubuntu-2204 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| - name: Check formatting and clippy rules | |
| run: cargo make --profile ci check | |
| unit-tests-and-checks: | |
| env: | |
| CARGO_BUILD_JOBS: 10 | |
| runs-on: blacksmith-8vcpu-ubuntu-2204 | |
| needs: build-and-store | |
| timeout-minutes: 6 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| use-cache: 'false' | |
| install-cargo-binstall: 'true' | |
| - uses: ./.github/actions/restore-binaries | |
| with: | |
| run-id: ${{ github.run_id }} | |
| copy-to-target: 'true' | |
| - name: Check openapi is up to date | |
| run: cargo make --profile ci check-openapi | |
| - name: Check configs are up to date | |
| run: cargo make --profile ci check-configs | |
| - name: Unit tests | |
| run: cargo make --profile ci unit-tests | |
| - uses: ./.github/actions/publish-test-report | |
| if: always() | |
| with: | |
| artifact-name: unit-tests-report | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| worker-tests: | |
| env: | |
| CARGO_BUILD_JOBS: 10 | |
| runs-on: blacksmith-8vcpu-ubuntu-2204 | |
| needs: | |
| - build-and-store | |
| - merge-test-components | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| group: | |
| - name: misc | |
| - name: group1 | |
| - name: group2 | |
| - name: group3 | |
| name: worker-tests-${{ matrix.group.name }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| use-cache: 'false' | |
| install-cargo-binstall: 'true' | |
| - name: Setup Redis | |
| uses: shogo82148/actions-setup-redis@v1.49.0 | |
| with: | |
| redis-version: latest | |
| auto-start: false | |
| - uses: ./.github/actions/restore-binaries | |
| with: | |
| run-id: ${{ github.run_id }} | |
| - uses: ./.github/actions/restore-test-components | |
| with: | |
| run-id: ${{ github.run_id }} | |
| - name: Worker Executor integration tests | |
| run: cargo make --profile ci worker-executor-tests-${{ matrix.group.name }} | |
| timeout-minutes: 20 | |
| - uses: ./.github/actions/publish-test-report | |
| if: always() | |
| with: | |
| artifact-name: worker-executor-tests-${{ matrix.group.name }}-report | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| it: | |
| env: | |
| CARGO_BUILD_JOBS: 10 | |
| runs-on: ${{ matrix.group.runner || 'blacksmith-8vcpu-ubuntu-2204' }} | |
| needs: | |
| - build-and-store | |
| - build-golem-ts | |
| - merge-test-components | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| group: | |
| - name: integration-tests-group1 | |
| description: "IT #1" | |
| - name: integration-tests-group2 | |
| description: "IT #2" | |
| - name: integration-tests-group3 | |
| description: "IT #3" | |
| - name: integration-tests-group4 | |
| description: "IT #4" | |
| - name: integration-tests-group5 | |
| description: "IT #5" | |
| - name: integration-tests-group6 | |
| description: "IT #6" | |
| - name: integration-tests-group7 | |
| description: "IT #7" | |
| - name: integration-tests-group8 | |
| description: "IT #8" | |
| - name: integration-tests-group9 | |
| description: "IT #9" | |
| - name: integration-tests-group10 | |
| description: "IT #10" | |
| - name: integration-tests-group11 | |
| description: "IT #11" | |
| - name: integration-tests-group12 | |
| description: "IT #12" | |
| - name: integration-tests-group13 | |
| description: "IT #13" | |
| - name: cli-integration-tests-group1 | |
| description: "CLI tests #1" | |
| - name: cli-integration-tests-group2 | |
| description: "CLI tests #2" | |
| runner: blacksmith-16vcpu-ubuntu-2204 | |
| - name: cli-integration-tests-group3 | |
| description: "CLI tests #3" | |
| runner: blacksmith-16vcpu-ubuntu-2204 | |
| - name: cli-integration-tests-group4 | |
| description: "CLI tests #4" | |
| runner: blacksmith-16vcpu-ubuntu-2204 | |
| - name: cli-integration-tests-group5 | |
| description: "CLI tests #5" | |
| runner: blacksmith-16vcpu-ubuntu-2204 | |
| - name: cli-integration-tests-group6 | |
| description: "CLI tests #6" | |
| runner: blacksmith-16vcpu-ubuntu-2204 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| use-cache: 'false' | |
| rust-targets: 'wasm32-wasip1 wasm32-wasip2' | |
| install-cargo-binstall: 'true' | |
| - name: Setup Redis | |
| uses: shogo82148/actions-setup-redis@v1.49.0 | |
| with: | |
| redis-version: latest | |
| auto-start: false | |
| - name: Install wasm-tools | |
| if: startsWith(matrix.group.name, 'cli-integration-tests') | |
| run: cargo binstall --force --locked wasm-tools@1.227.1 | |
| - name: Install wit-bindgen | |
| if: startsWith(matrix.group.name, 'cli-integration-tests') | |
| run: cargo binstall --force --locked wit-bindgen-cli@0.40.0 | |
| - name: Setup Node | |
| if: startsWith(matrix.group.name, 'cli-integration-tests') | |
| uses: ./.github/actions/setup-js-wasm-tools | |
| with: | |
| wasm-rquickjs-version: ${{ env.WASM_RQUICKJS_VERSION }} | |
| install-wasi-sdk: ${{ matrix.group.name == 'cli-integration-tests-group2' }} | |
| wasi-sdk-version: ${{ env.WASI_SDK_VERSION }} | |
| wasi-sdk-path: ${{ env.WASI_SDK_PATH }} | |
| - name: Setup Java | |
| if: startsWith(matrix.group.name, 'cli-integration-tests') | |
| uses: actions/setup-java@v5 | |
| with: | |
| distribution: temurin | |
| java-version: 17 | |
| - name: Setup SBT | |
| if: startsWith(matrix.group.name, 'cli-integration-tests') | |
| uses: sbt/setup-sbt@v1 | |
| - name: Setup MoonBit | |
| if: matrix.group.name == 'cli-integration-tests-group2' | |
| uses: hustcer/setup-moonbit@v1 | |
| - name: Install MoonBit SDK tools dependencies | |
| if: matrix.group.name == 'cli-integration-tests-group2' | |
| working-directory: sdks/moonbit/golem_sdk_tools | |
| run: moon update && moon install | |
| - name: Sync WIT dependencies | |
| if: matrix.group.name == 'cli-integration-tests-group2' | |
| run: cargo make wit | |
| - name: Build agent_guest.wasm | |
| if: matrix.group.name == 'cli-integration-tests-group2' | |
| working-directory: sdks/scala | |
| run: ./scripts/generate-agent-guest-wasm.sh | |
| - name: Publish Scala SDK locally | |
| if: matrix.group.name == 'cli-integration-tests-group2' | |
| working-directory: sdks/scala | |
| run: | | |
| sbt -batch '++3.8.2; set ThisBuild / version := "0.0.0-SNAPSHOT"; set ThisBuild / packageDoc / publishArtifact := false; set every (publish / skip) := false; modelJVM/publishLocal; modelJS/publishLocal; macros/publishLocal; core/publishLocal; codegen/publishLocal; ++2.12.21; codegen/publishLocal; sbtPlugin/publishLocal' | |
| - name: Restore built TS SDK | |
| if: startsWith(matrix.group.name, 'cli-integration-tests') | |
| uses: actions/cache/restore@v5 | |
| with: | |
| path: | | |
| sdks/ts/packages/golem-ts-sdk/dist | |
| sdks/ts/packages/golem-ts-sdk/types | |
| sdks/ts/packages/golem-ts-sdk/wasm | |
| sdks/ts/packages/golem-ts-typegen/dist | |
| sdks/ts/packages/golem-ts-types-core/dist | |
| sdks/ts/packages/golem-ts-bridge/dist | |
| sdks/ts/packages/golem-ts-repl/dist | |
| key: golem-ts-sdk-${{ github.run_id }} | |
| fail-on-cache-miss: true | |
| - name: Install TS SDK dependencies | |
| if: startsWith(matrix.group.name, 'cli-integration-tests') | |
| working-directory: sdks/ts | |
| run: pnpm install --frozen-lockfile | |
| - uses: ./.github/actions/restore-binaries | |
| with: | |
| run-id: ${{ github.run_id }} | |
| copy-to-target: 'true' | |
| - uses: ./.github/actions/restore-test-components | |
| with: | |
| run-id: ${{ github.run_id }} | |
| - name: ${{ matrix.group.description }} | |
| env: | |
| QUIET: true | |
| GOLEM_PRESET: quick | |
| run: cargo make --profile ci ${{ matrix.group.name }} | |
| timeout-minutes: 30 | |
| - uses: ./.github/actions/publish-test-report | |
| if: always() | |
| with: | |
| artifact-name: '${{ matrix.group.name }}-report' | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| scala-sdk-integration-tests: | |
| runs-on: blacksmith-8vcpu-ubuntu-2204 | |
| needs: | |
| - build-and-store | |
| - build-golem-ts | |
| timeout-minutes: 30 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| use-cache: 'false' | |
| rust-targets: 'wasm32-wasip2' | |
| install-cargo-binstall: 'true' | |
| - name: Setup Java | |
| uses: actions/setup-java@v5 | |
| with: | |
| distribution: temurin | |
| java-version: 17 | |
| - name: Setup SBT | |
| uses: sbt/setup-sbt@v1 | |
| - name: Cache scala dependencies | |
| uses: coursier/cache-action@v8 | |
| - uses: ./.github/actions/setup-js-wasm-tools | |
| with: | |
| wasi-sdk-version: ${{ env.WASI_SDK_VERSION }} | |
| wasi-sdk-path: ${{ env.WASI_SDK_PATH }} | |
| wasm-rquickjs-version: ${{ env.WASM_RQUICKJS_VERSION }} | |
| - name: Sync WIT dependencies | |
| run: cargo make wit | |
| - name: Build agent_guest.wasm | |
| working-directory: sdks/scala | |
| run: ./scripts/generate-agent-guest-wasm.sh | |
| - uses: ./.github/actions/restore-binaries | |
| with: | |
| run-id: ${{ github.run_id }} | |
| copy-to-target: 'true' | |
| - name: Restore built TS SDK | |
| uses: actions/cache/restore@v5 | |
| with: | |
| path: | | |
| sdks/ts/packages/golem-ts-sdk/dist | |
| sdks/ts/packages/golem-ts-sdk/types | |
| sdks/ts/packages/golem-ts-sdk/wasm | |
| sdks/ts/packages/golem-ts-typegen/dist | |
| sdks/ts/packages/golem-ts-types-core/dist | |
| sdks/ts/packages/golem-ts-bridge/dist | |
| sdks/ts/packages/golem-ts-repl/dist | |
| key: golem-ts-sdk-${{ github.run_id }} | |
| fail-on-cache-miss: true | |
| - name: Install TS SDK dependencies | |
| working-directory: sdks/ts | |
| run: pnpm install --frozen-lockfile | |
| - name: Add golem to PATH | |
| run: echo "${{ github.workspace }}/target/debug" >> $GITHUB_PATH | |
| - name: Publish Scala SDK locally | |
| working-directory: sdks/scala | |
| run: | | |
| sbt -batch '++3.8.2; set ThisBuild / version := "0.0.0-SNAPSHOT"; set ThisBuild / packageDoc / publishArtifact := false; set every (publish / skip) := false; modelJVM/publishLocal; modelJS/publishLocal; macros/publishLocal; core/publishLocal; codegen/publishLocal; ++2.12.21; codegen/publishLocal; sbtPlugin/publishLocal' | |
| - name: Run Scala SDK integration tests | |
| working-directory: sdks/scala | |
| env: | |
| GOLEM_TS_PACKAGES_PATH: ${{ github.workspace }}/sdks/ts/packages | |
| run: sbt -batch "++3.8.2; integrationTests/test" | |
| timeout-minutes: 20 | |
| golem-wasm-guest: | |
| runs-on: blacksmith | |
| env: | |
| CARGO_BUILD_JOBS: 10 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| rust-targets: 'wasm32-wasip2' | |
| - name: Prepare WIT dependencies | |
| run: cargo make wit | |
| - name: Build golem-wasm in guest mode | |
| run: cargo build --target wasm32-wasip2 -p golem-wasm --no-default-features --features guest | |
| golem-client: | |
| runs-on: blacksmith | |
| env: | |
| CARGO_BUILD_JOBS: 10 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| install-cargo-binstall: 'true' | |
| - name: Prepare WIT dependencies | |
| run: cargo make wit | |
| - name: Build golem-client (dependencies in features=client mode) | |
| run: cargo build -p golem-client | |
| build-golem-scala: | |
| runs-on: blacksmith-8vcpu-ubuntu-2204 | |
| timeout-minutes: 25 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - name: Setup Java | |
| uses: actions/setup-java@v5 | |
| with: | |
| distribution: temurin | |
| java-version: 17 | |
| - name: Setup SBT | |
| uses: sbt/setup-sbt@v1 | |
| - name: Cache scala dependencies | |
| uses: coursier/cache-action@v8 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| use-cache: 'false' | |
| rust-targets: 'wasm32-wasip2' | |
| install-cargo-binstall: 'true' | |
| - uses: ./.github/actions/setup-wasm-component-tools | |
| with: | |
| wasi-sdk-version: ${{ env.WASI_SDK_VERSION }} | |
| wasi-sdk-path: ${{ env.WASI_SDK_PATH }} | |
| wasm-rquickjs-version: ${{ env.WASM_RQUICKJS_VERSION }} | |
| - name: Sync WIT dependencies | |
| run: cargo make wit | |
| - name: Build agent_guest.wasm | |
| working-directory: sdks/scala | |
| run: ./scripts/generate-agent-guest-wasm.sh | |
| - name: Verify Scala WIT d.ts files are committed | |
| uses: ./.github/actions/check-scala-sdk-generated | |
| - name: Run Golem tests (Scala 3.8.2) | |
| working-directory: sdks/scala | |
| run: sbt -mem 4096 "++3.8.2; modelJVM/test; modelJS/test; core/test; macros/test; codegen/test" | |
| - name: Run Golem tests (Scala 2.13.18) | |
| working-directory: sdks/scala | |
| run: sbt -mem 4096 "++2.13.18; modelJVM/test; modelJS/test; core/test; macros/test" | |
| - name: Compile sbt plugin (Scala 2.12) | |
| working-directory: sdks/scala | |
| run: sbt "++2.12.21!; sbtPlugin/compile" | |
| build-golem-moonbit: | |
| runs-on: blacksmith | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - name: Setup MoonBit | |
| uses: hustcer/setup-moonbit@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check SDK | |
| run: moon check --target wasm | |
| working-directory: sdks/moonbit/golem_sdk | |
| - name: Test SDK | |
| run: moon test --target wasm | |
| working-directory: sdks/moonbit/golem_sdk | |
| - name: Install tools dependencies | |
| run: moon update && moon install | |
| working-directory: sdks/moonbit/golem_sdk_tools | |
| - name: Check tools | |
| run: moon check | |
| working-directory: sdks/moonbit/golem_sdk_tools | |
| - name: Test tools | |
| run: moon test | |
| working-directory: sdks/moonbit/golem_sdk_tools | |
| build-golem-rust: | |
| runs-on: blacksmith | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| prefix-key: v2-golem-rust | |
| shared-key: debug | |
| cache-all-crates: true | |
| save-if: false | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Check formatting | |
| run: cargo fmt -- --check | |
| working-directory: sdks/rust | |
| - name: Clippy | |
| run: cargo clippy -- -Dwarnings | |
| working-directory: sdks/rust | |
| - name: Tests | |
| run: cargo test --all-features | |
| working-directory: sdks/rust | |
| build-golem-ts: | |
| runs-on: blacksmith | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| use-cache: 'false' | |
| rust-targets: 'wasm32-wasip2' | |
| install-cargo-make: 'false' | |
| install-cargo-binstall: 'true' | |
| - uses: ./.github/actions/setup-js-wasm-tools | |
| with: | |
| wasi-sdk-version: ${{ env.WASI_SDK_VERSION }} | |
| wasi-sdk-path: ${{ env.WASI_SDK_PATH }} | |
| wasm-rquickjs-version: ${{ env.WASM_RQUICKJS_VERSION }} | |
| - name: Install dependencies | |
| working-directory: sdks/ts | |
| run: | | |
| pnpm install | |
| - name: Check code quality | |
| working-directory: sdks/ts | |
| run: | | |
| pnpm run lint || ( | |
| echo "Linting issues found. Please fix them before proceeding. `npm run lint:fix` may help" | |
| exit 1 | |
| ) | |
| - name: Check code formatting | |
| working-directory: sdks/ts | |
| run: | | |
| pnpm run format:check || ( | |
| echo "Code formatting issues found. Please run 'npm run format' to fix them." | |
| exit 1 | |
| ) | |
| - name: Build the package | |
| working-directory: sdks/ts | |
| run: | | |
| pnpm run build | |
| - name: Verify golem-ts-sdk types are committed | |
| working-directory: sdks/ts | |
| run: | | |
| if ! git diff --exit-code packages/golem-ts-sdk/types; then | |
| echo "❌ The files in packages/golem-ts-sdk/types differ from the committed version." | |
| echo "Please run 'pnpm run build' and commit the updated files." | |
| exit 1 | |
| fi | |
| - name: Build the agent template WASM binary | |
| working-directory: sdks/ts | |
| run: pnpm run build-agent-template | |
| - name: Run tests | |
| working-directory: sdks/ts | |
| run: | | |
| pnpm run test | |
| - name: Save built TS SDK for test component builds | |
| uses: actions/cache/save@v5 | |
| with: | |
| path: | | |
| sdks/ts/packages/golem-ts-sdk/dist | |
| sdks/ts/packages/golem-ts-sdk/types | |
| sdks/ts/packages/golem-ts-sdk/wasm | |
| sdks/ts/packages/golem-ts-typegen/dist | |
| sdks/ts/packages/golem-ts-types-core/dist | |
| sdks/ts/packages/golem-ts-bridge/dist | |
| sdks/ts/packages/golem-ts-repl/dist | |
| key: golem-ts-sdk-${{ github.run_id }} | |
| list-test-component-groups: | |
| runs-on: blacksmith | |
| outputs: | |
| matrix: ${{ steps.generate.outputs.matrix }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - name: Generate matrix from build-components.sh | |
| id: generate | |
| run: | | |
| matrix=$(cd test-components && bash build-components.sh list-groups) | |
| echo "matrix={\"chunk\":$matrix}" >> "$GITHUB_OUTPUT" | |
| echo "Generated matrix: $matrix" | |
| build-test-components: | |
| runs-on: blacksmith-8vcpu-ubuntu-2204 | |
| needs: | |
| - build-and-store | |
| - build-golem-ts | |
| - list-test-component-groups | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJson(needs.list-test-component-groups.outputs.matrix) }} | |
| name: build-test-components-${{ matrix.chunk.name }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| use-cache: 'false' | |
| rust-targets: 'wasm32-wasip1 wasm32-wasip2' | |
| install-cargo-binstall: 'true' | |
| install-cargo-make: 'false' | |
| - uses: ./.github/actions/restore-binaries | |
| with: | |
| run-id: ${{ github.run_id }} | |
| copy-to-target: 'true' | |
| fail-on-cache-miss: 'true' | |
| - name: Restore built TS SDK | |
| if: matrix.chunk.needs-node | |
| uses: actions/cache/restore@v5 | |
| with: | |
| path: | | |
| sdks/ts/packages/golem-ts-sdk/dist | |
| sdks/ts/packages/golem-ts-sdk/types | |
| sdks/ts/packages/golem-ts-sdk/wasm | |
| sdks/ts/packages/golem-ts-typegen/dist | |
| sdks/ts/packages/golem-ts-types-core/dist | |
| sdks/ts/packages/golem-ts-bridge/dist | |
| sdks/ts/packages/golem-ts-repl/dist | |
| key: golem-ts-sdk-${{ github.run_id }} | |
| fail-on-cache-miss: true | |
| - name: Setup JS and WASM build tools | |
| if: matrix.chunk.needs-node | |
| uses: ./.github/actions/setup-js-wasm-tools | |
| with: | |
| wasi-sdk-version: ${{ env.WASI_SDK_VERSION }} | |
| wasi-sdk-path: ${{ env.WASI_SDK_PATH }} | |
| wasm-rquickjs-version: ${{ env.WASM_RQUICKJS_VERSION }} | |
| - name: Install TS SDK dependencies | |
| if: matrix.chunk.needs-node | |
| working-directory: sdks/ts | |
| run: pnpm install --frozen-lockfile | |
| - name: Remove any pre-existing WASMs | |
| run: find test-components -maxdepth 1 -name '*.wasm' -delete | |
| - name: Build test components | |
| working-directory: test-components | |
| env: | |
| GOLEM_TS_PRESET: quick | |
| run: ./build-components.sh ${{ matrix.chunk.name }} | |
| - name: Collect built WASMs | |
| run: | | |
| mkdir -p tmp/test-components-wasm | |
| cp test-components/*.wasm tmp/test-components-wasm/ 2>/dev/null || true | |
| count=$(find tmp/test-components-wasm -maxdepth 1 -name '*.wasm' | wc -l) | |
| echo "Built $count WASM files in chunk ${{ matrix.chunk.name }}" | |
| test "$count" -gt 0 | |
| - name: Upload chunk WASMs | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: test-components-${{ matrix.chunk.name }} | |
| path: tmp/test-components-wasm/*.wasm | |
| retention-days: 1 | |
| merge-test-components: | |
| runs-on: blacksmith | |
| needs: build-test-components | |
| steps: | |
| - name: Download all chunk WASMs | |
| uses: actions/download-artifact@v8 | |
| with: | |
| pattern: test-components-* | |
| path: tmp/test-components-wasm | |
| merge-multiple: true | |
| - name: Verify merged WASMs | |
| run: | | |
| echo "Merged WASM files:" | |
| ls -1 tmp/test-components-wasm/*.wasm | sort | |
| count=$(find tmp/test-components-wasm -maxdepth 1 -name '*.wasm' | wc -l) | |
| echo "Total: $count WASM files" | |
| - name: Save merged WASMs to cache | |
| uses: actions/cache/save@v5 | |
| with: | |
| path: tmp/test-components-wasm | |
| key: golem-test-components-${{ github.run_id }} | |
| detect-skill-changes: | |
| name: Detect golem-skills changes | |
| runs-on: ubuntu-latest | |
| outputs: | |
| skills_changed: ${{ github.event_name == 'push' && 'true' || steps.filter.outputs.skills }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: dorny/paths-filter@v3 | |
| id: filter | |
| if: github.event_name == 'pull_request' | |
| with: | |
| filters: | | |
| skills: | |
| - 'golem-skills/**' | |
| skill-harness-unit-tests: | |
| name: Skill Harness Unit Tests | |
| runs-on: blacksmith-8vcpu-ubuntu-2204 | |
| needs: detect-skill-changes | |
| if: needs.detect-skill-changes.outputs.skills_changed == 'true' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v5 | |
| with: | |
| node-version: 'lts/*' | |
| cache: 'npm' | |
| cache-dependency-path: golem-skills/tests/harness/package.json | |
| - name: Install and Build | |
| working-directory: golem-skills/tests/harness | |
| run: | | |
| npm install | |
| npm run build | |
| - name: Check Formatting | |
| working-directory: golem-skills/tests/harness | |
| run: npm run format:check | |
| - name: Run Unit Tests | |
| working-directory: golem-skills/tests/harness | |
| run: npm test | |
| docker-targets-build: | |
| env: | |
| CARGO_BUILD_JOBS: 10 | |
| runs-on: blacksmith-16vcpu-ubuntu-2204 | |
| if: github.event_name == 'push' && github.ref_type == 'tag' | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| platform: | |
| - platform: linux/amd64 | |
| name: linux/amd64 | |
| target: x86_64-unknown-linux-gnu | |
| - platform: linux/arm64 | |
| name: linux/arm64 | |
| target: aarch64-unknown-linux-gnu | |
| cross: true | |
| name: docker-targets-build (${{ matrix.platform.platform }}) | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| fetch-tag: 'true' | |
| rust-targets: ${{ matrix.platform.target }} | |
| - name: Prepare | |
| run: | | |
| platform=${{ matrix.platform.platform }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| - run: cargo install cross | |
| if: ${{ matrix.platform.cross }} | |
| - name: Build executables | |
| run: cargo make --profile ci build-release | |
| env: | |
| PLATFORM_OVERRIDE: ${{ matrix.platform.name }} | |
| - name: Prepare Targets | |
| env: | |
| PLATFORM_OVERRIDE: ${{ matrix.platform.name }} | |
| run: cargo make --profile ci package-release | |
| - uses: actions/upload-artifact@v6 | |
| name: Upload Targets | |
| with: | |
| name: docker-targets-build-${{ env.PLATFORM_PAIR }} | |
| path: target/${{ matrix.platform.target }}.tar | |
| docker-publish-1: | |
| runs-on: blacksmith | |
| needs: | |
| - docker-targets-build | |
| if: github.event_name == 'push' && github.ref_type == 'tag' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/docker-publish-setup | |
| with: | |
| dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| dockerhub-password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - uses: ./.github/actions/docker-build-push-service | |
| with: | |
| image-name: golemservices/golem-worker-executor | |
| dockerfile: ./golem-worker-executor/docker/Dockerfile | |
| platforms: ${{ env.PLATFORMS }} | |
| - uses: ./.github/actions/docker-build-push-service | |
| with: | |
| image-name: golemservices/golem-debugging-service | |
| dockerfile: ./golem-debugging-service/docker/Dockerfile | |
| platforms: ${{ env.PLATFORMS }} | |
| - uses: ./.github/actions/docker-build-push-service | |
| with: | |
| image-name: golemservices/golem-shard-manager | |
| dockerfile: ./golem-shard-manager/docker/Dockerfile | |
| platforms: ${{ env.PLATFORMS }} | |
| docker-publish-2: | |
| runs-on: blacksmith | |
| needs: | |
| - docker-targets-build | |
| if: github.event_name == 'push' && github.ref_type == 'tag' | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/docker-publish-setup | |
| with: | |
| dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| dockerhub-password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
| - uses: ./.github/actions/docker-build-push-service | |
| with: | |
| image-name: golemservices/registry-service | |
| dockerfile: ./golem-registry-service/docker/Dockerfile | |
| platforms: ${{ env.PLATFORMS }} | |
| - uses: ./.github/actions/docker-build-push-service | |
| with: | |
| image-name: golemservices/golem-worker-service | |
| dockerfile: ./golem-worker-service/docker/Dockerfile | |
| platforms: ${{ env.PLATFORMS }} | |
| - uses: ./.github/actions/docker-build-push-service | |
| with: | |
| image-name: golemservices/golem-component-compilation-service | |
| dockerfile: ./golem-component-compilation-service/docker/Dockerfile | |
| platforms: ${{ env.PLATFORMS }} | |
| publish: | |
| needs: | |
| - check-clippy-and-format | |
| - unit-tests-and-checks | |
| - golem-wasm-guest | |
| - worker-tests | |
| - it | |
| if: "startsWith(github.ref, 'refs/tags/v')" | |
| env: | |
| CARGO_BUILD_JOBS: 20 | |
| runs-on: blacksmith-32vcpu-ubuntu-2204 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| fetch-tag: 'true' | |
| cache-shared-key: 'release' | |
| cache-save-if: 'true' | |
| - id: get_version | |
| uses: battila7/get-version-action@v2 | |
| - name: Publish all packages | |
| env: | |
| CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }} | |
| VERSION: ${{ steps.get_version.outputs.version-without-v }} | |
| run: cargo make --profile ci publish | |
| publish-binaries: | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') && github.repository == 'golemcloud/golem' | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| project: | |
| - golem-cli | |
| - golem | |
| cfg: | |
| - rust-target: x86_64-unknown-linux-gnu | |
| os: blacksmith-32vcpu-ubuntu-2204 | |
| - rust-target: aarch64-unknown-linux-gnu | |
| os: blacksmith-32vcpu-ubuntu-2204 | |
| cross: true | |
| - rust-target: x86_64-apple-darwin | |
| os: macos-latest | |
| - rust-target: aarch64-apple-darwin | |
| os: macos-latest | |
| - rust-target: x86_64-pc-windows-msvc | |
| os: windows-latest | |
| name: Publish binaries of ${{ matrix.project }} | |
| runs-on: ${{ matrix.cfg.os }} | |
| permissions: | |
| contents: write | |
| env: | |
| CARGO_BUILD_JOBS: 10 | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 1 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| fetch-tag: 'true' | |
| rust-targets: ${{ matrix.cfg.rust-target }} | |
| cache-shared-key: 'release-${{ matrix.cfg.rust-target }}' | |
| cache-save-if: 'true' | |
| - id: get_version | |
| uses: battila7/get-version-action@v2 | |
| - name: Set version for all packages | |
| env: | |
| VERSION: ${{ steps.get_version.outputs.version-without-v }} | |
| run: cargo make --profile ci set-version | |
| - run: cargo install cross | |
| if: ${{ matrix.cfg.cross }} | |
| - uses: ilammy/setup-nasm@v1 | |
| - run: cargo build -p ${{ matrix.project }} --release --target ${{ matrix.cfg.rust-target }} | |
| if: ${{ ! matrix.cfg.cross }} | |
| - run: cross build -p ${{ matrix.project }} --release --target ${{ matrix.cfg.rust-target }} | |
| if: ${{ matrix.cfg.cross }} | |
| - run: mv ./target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }}.exe ./target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }}-${{ matrix.cfg.rust-target }}.exe | |
| if: matrix.cfg.os == 'windows-latest' | |
| - run: mv ./target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }} ./target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }}-${{ matrix.cfg.rust-target }} | |
| if: matrix.cfg.os != 'windows-latest' | |
| - name: Import Code Signing Certificate | |
| if: contains(matrix.cfg.rust-target, 'apple-darwin') | |
| env: | |
| CERTIFICATE_BASE64: ${{ secrets.APPLE_CERTIFICATE_BASE64 }} | |
| CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| run: | | |
| # Create temporary keychain | |
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
| KEYCHAIN_PASSWORD=$(openssl rand -base64 32) | |
| # Create and unlock keychain | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" | |
| security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH" | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" | |
| # Import certificate - use -T to allow codesign access | |
| CERTIFICATE_PATH=$RUNNER_TEMP/certificate.p12 | |
| echo "$CERTIFICATE_BASE64" | base64 --decode > "$CERTIFICATE_PATH" | |
| security import "$CERTIFICATE_PATH" \ | |
| -P "$CERTIFICATE_PASSWORD" \ | |
| -T /usr/bin/codesign \ | |
| -T /usr/bin/security \ | |
| -f pkcs12 \ | |
| -k "$KEYCHAIN_PATH" | |
| # Add keychain to search list (prepend to existing list) | |
| security list-keychain -d user -s "$KEYCHAIN_PATH" $(security list-keychain -d user | tr -d '"') | |
| # Set partition list to allow codesign to access the certificate | |
| security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" | |
| # Verify certificate was imported | |
| echo "Imported certificates:" | |
| security find-identity -v -p codesigning "$KEYCHAIN_PATH" | |
| # Save keychain path for cleanup | |
| echo "KEYCHAIN_PATH=$KEYCHAIN_PATH" >> $GITHUB_ENV | |
| - name: Create entitlements | |
| if: contains(matrix.cfg.rust-target, 'apple-darwin') | |
| run: | | |
| ENTITLEMENTS_PATH=$RUNNER_TEMP/entitlements.plist | |
| cat > $ENTITLEMENTS_PATH << 'EOF' | |
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>com.apple.security.cs.allow-unsigned-executable-memory</key> | |
| <true/> | |
| </dict> | |
| </plist> | |
| EOF | |
| echo "ENTITLEMENTS_PATH=$ENTITLEMENTS_PATH" >> $GITHUB_ENV | |
| - name: Code Sign Binary | |
| if: contains(matrix.cfg.rust-target, 'apple-darwin') | |
| env: | |
| APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
| run: | | |
| BINARY_PATH=./target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }}-${{ matrix.cfg.rust-target }} | |
| # Sign with hardened runtime | |
| codesign --force \ | |
| --options runtime \ | |
| --timestamp \ | |
| --entitlements "$ENTITLEMENTS_PATH" \ | |
| --sign "$APPLE_SIGNING_IDENTITY" \ | |
| "$BINARY_PATH" | |
| # Verify signature | |
| codesign --verify --verbose "$BINARY_PATH" | |
| codesign --display --verbose=4 --entitlements - "$BINARY_PATH" | |
| - name: Create Notarization Archive | |
| if: contains(matrix.cfg.rust-target, 'apple-darwin') | |
| run: | | |
| BINARY_PATH=./target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }}-${{ matrix.cfg.rust-target }} | |
| ZIP_PATH=./target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }}-${{ matrix.cfg.rust-target }}.zip | |
| # Create zip for notarization | |
| zip -j "$ZIP_PATH" "$BINARY_PATH" | |
| - name: Submit for Notarization | |
| if: contains(matrix.cfg.rust-target, 'apple-darwin') | |
| env: | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| APPLE_APP_PASSWORD: ${{ secrets.APPLE_APP_PASSWORD }} | |
| run: | | |
| ZIP_PATH=./target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }}-${{ matrix.cfg.rust-target }}.zip | |
| # Submit for notarization (no --wait, returns immediately) | |
| xcrun notarytool submit "$ZIP_PATH" \ | |
| --apple-id "$APPLE_ID" \ | |
| --team-id "$APPLE_TEAM_ID" \ | |
| --password "$APPLE_APP_PASSWORD" | |
| - name: Cleanup Keychain | |
| if: contains(matrix.cfg.rust-target, 'apple-darwin') && always() | |
| run: | | |
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
| security delete-keychain "$KEYCHAIN_PATH" || true | |
| - name: Login GH CLI | |
| shell: bash | |
| run: gh auth login --with-token < <(echo ${{ secrets.GITHUB_TOKEN }}) | |
| - run: gh release upload -R golemcloud/golem --clobber ${{ github.ref_name }} target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }}-${{ matrix.cfg.rust-target }}.exe | |
| if: matrix.cfg.os == 'windows-latest' | |
| - run: gh release upload -R golemcloud/golem --clobber ${{ github.ref_name }} target/${{ matrix.cfg.rust-target }}/release/${{ matrix.project }}-${{ matrix.cfg.rust-target }} | |
| if: matrix.cfg.os != 'windows-latest' | |
| publish-slack-notification: | |
| needs: | |
| - publish | |
| - docker-publish-1 | |
| - docker-publish-2 | |
| if: ${{ always() && startsWith(github.ref, 'refs/tags/v') }} | |
| runs-on: blacksmith | |
| steps: | |
| - name: Publish Slack Notification | |
| uses: rtCamp/action-slack-notify@v2 | |
| env: | |
| SLACK_COLOR: ${{ needs.publish.result }} | |
| SLACK_ICON: https://uploads-ssl.webflow.com/64721eeec7cd7ef4f6f1683e/64831138b73a996d0e831773_32.png | |
| SLACK_TITLE: "Release Notification" | |
| SLACK_MESSAGE: "Publish - cargo result: `${{ needs.publish.result }}`, docker-1 result: `${{ needs.docker-publish-1.result }}`, docker-2 result: `${{ needs.docker-publish-2.result }}`" | |
| SLACK_USERNAME: CI | |
| SLACK_WEBHOOK: ${{ secrets.SLACK_ALERT_URL }} |