diff --git a/.github/scripts/common/lib.sh b/.github/scripts/common/lib.sh
index bfb3120ad9bba1d647ef8719d99ae885cee2dfb7..dd10fcbe1e446bcffca4799dbba0b10f44527b23 100755
--- a/.github/scripts/common/lib.sh
+++ b/.github/scripts/common/lib.sh
@@ -242,6 +242,7 @@ fetch_release_artifacts() {
# - GITHUB_TOKEN
# - REPO in the form paritytech/polkadot
fetch_release_artifacts_from_s3() {
+ BINARY=$1
echo "Version : $VERSION"
echo "Repo : $REPO"
echo "Binary : $BINARY"
@@ -461,7 +462,7 @@ function get_polkadot_node_version_from_code() {
validate_stable_tag() {
tag="$1"
- pattern='^stable[0-9]+(-[0-9]+)?$'
+ pattern="^stable[0-9]{4}(-[0-9]+)?(-rc[0-9]+)?$"
if [[ $tag =~ $pattern ]]; then
echo $tag
diff --git a/.github/workflows/release-50_publish-docker.yml b/.github/workflows/release-50_publish-docker.yml
index 78723d0bf9052f34bb5da475dfa0e5da3c49a16e..be131676b06a97e476387586a30a6906c53e7f0e 100644
--- a/.github/workflows/release-50_publish-docker.yml
+++ b/.github/workflows/release-50_publish-docker.yml
@@ -75,17 +75,18 @@ env:
# EVENT_ACTION: ${{ github.event.action }}
EVENT_NAME: ${{ github.event_name }}
IMAGE_TYPE: ${{ inputs.image_type }}
- VERSION: ${{ inputs.version }}
jobs:
validate-inputs:
runs-on: ubuntu-latest
outputs:
+ version: ${{ steps.validate_inputs.outputs.VERSION }}
+ release_id: ${{ steps.validate_inputs.outputs.RELEASE_ID }}
stable_tag: ${{ steps.validate_inputs.outputs.stable_tag }}
steps:
- name: Checkout sources
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Validate inputs
id: validate_inputs
@@ -93,10 +94,12 @@ jobs:
. ./.github/scripts/common/lib.sh
VERSION=$(filter_version_from_input "${{ inputs.version }}")
- echo "VERSION=${VERSION}" >> $GITHUB_ENV
+ echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
RELEASE_ID=$(check_release_id "${{ inputs.release_id }}")
- echo "RELEASE_ID=${RELEASE_ID}" >> $GITHUB_ENV
+ echo "RELEASE_ID=${RELEASE_ID}" >> $GITHUB_OUTPUT
+
+ echo "Release ID: $RELEASE_ID"
STABLE_TAG=$(validate_stable_tag ${{ inputs.stable_tag }})
echo "stable_tag=${STABLE_TAG}" >> $GITHUB_OUTPUT
@@ -104,10 +107,11 @@ jobs:
fetch-artifacts: # this job will be triggered for the polkadot-parachain rc and release or polkadot rc image build
if: ${{ inputs.binary == 'polkadot-parachain' || inputs.binary == 'chain-spec-builder' || inputs.image_type == 'rc' }}
runs-on: ubuntu-latest
+ needs: [validate-inputs]
steps:
- name: Checkout sources
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
#TODO: this step will be needed when automated triggering will work
#this step runs only if the workflow is triggered automatically when new release is published
@@ -129,7 +133,15 @@ jobs:
run: |
. ./.github/scripts/common/lib.sh
- fetch_release_artifacts_from_s3
+ VERSION="${{ needs.validate-inputs.outputs.VERSION }}"
+ if [[ ${{ inputs.binary }} == 'polkadot' ]]; then
+ bins=(polkadot polkadot-prepare-worker polkadot-execute-worker)
+ for bin in "${bins[@]}"; do
+ fetch_release_artifacts_from_s3 $bin
+ done
+ else
+ fetch_release_artifacts_from_s3 $BINARY
+ fi
- name: Fetch chain-spec-builder rc artifacts or release artifacts based on release id
#this step runs only if the workflow is triggered manually and only for chain-spec-builder
@@ -137,6 +149,7 @@ jobs:
run: |
. ./.github/scripts/common/lib.sh
+ RELEASE_ID="${{ needs.validate-inputs.outputs.RELEASE_ID }}"
fetch_release_artifacts
- name: Upload artifacts
@@ -153,7 +166,7 @@ jobs:
steps:
- name: Checkout sources
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Download artifacts
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
@@ -181,16 +194,12 @@ jobs:
run: |
. ./.github/scripts/common/lib.sh
- RELEASE_ID=$(check_release_id "${{ inputs.release_id }}")
- release=release-$RELEASE_ID && \
- echo "release=${release}" >> $GITHUB_OUTPUT
+ echo "release=${{ needs.validate-inputs.outputs.stable_tag }}" >> $GITHUB_OUTPUT
commit=$(git rev-parse --short HEAD) && \
echo "commit=${commit}" >> $GITHUB_OUTPUT
- tag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) && \
- [ "${tag}" != "undefined" ] && echo "tag=${tag}" >> $GITHUB_OUTPUT || \
- echo "No tag, doing without"
+ echo "tag=${{ needs.validate-inputs.outputs.version }}" >> $GITHUB_OUTPUT
- name: Fetch release tags
working-directory: release-artifacts
@@ -198,15 +207,32 @@ jobs:
id: fetch_release_refs
run: |
chmod a+rx $BINARY
- [[ $BINARY != 'chain-spec-builder' ]] && VERSION=$(./$BINARY --version | awk '{ print $2 }' )
- release=$( echo $VERSION | cut -f1 -d- )
+ if [[ $BINARY != 'chain-spec-builder' ]]; then
+ VERSION=$(./$BINARY --version | awk '{ print $2 }' )
+ release=$( echo $VERSION | cut -f1 -d- )
+ else
+ release=$(echo ${{ needs.validate-inputs.outputs.VERSION }} | sed 's/^v//')
+ fi
+
echo "tag=latest" >> $GITHUB_OUTPUT
echo "release=${release}" >> $GITHUB_OUTPUT
echo "stable=${{ needs.validate-inputs.outputs.stable_tag }}" >> $GITHUB_OUTPUT
- - name: Build Injected Container image for polkadot rc or chain-spec-builder
- if: ${{ env.BINARY == 'polkadot' || env.BINARY == 'chain-spec-builder' }}
+ - name: Build Injected Container image for polkadot rc
+ if: ${{ env.BINARY == 'polkadot' }}
+ env:
+ ARTIFACTS_FOLDER: release-artifacts
+ IMAGE_NAME: ${{ env.BINARY }}
+ OWNER: ${{ env.DOCKER_OWNER }}
+ TAGS: ${{ join(steps.fetch_rc_refs.outputs.*, ',') || join(steps.fetch_release_refs.outputs.*, ',') }}
+ run: |
+ ls -al
+ echo "Building container for $BINARY"
+ ./docker/scripts/polkadot/build-injected.sh $ARTIFACTS_FOLDER
+
+ - name: Build Injected Container image chain-spec-builder
+ if: ${{ env.BINARY == 'chain-spec-builder' }}
env:
ARTIFACTS_FOLDER: release-artifacts
IMAGE_NAME: ${{ env.BINARY }}
@@ -233,8 +259,16 @@ jobs:
echo "Building container for $BINARY"
./docker/scripts/build-injected.sh
- - name: Login to Dockerhub
- uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
+ - name: Login to Dockerhub to publish polkadot
+ if: ${{ env.BINARY == 'polkadot' }}
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+ with:
+ username: ${{ secrets.POLKADOT_DOCKERHUB_USERNAME }}
+ password: ${{ secrets.POLKADOT_DOCKERHUB_TOKEN }}
+
+ - name: Login to Dockerhub to puiblish polkadot-parachain/chain-spec-builder
+ if: ${{ env.BINARY == 'polkadot-parachain' || env.BINARY == 'chain-spec-builder' }}
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.CUMULUS_DOCKERHUB_USERNAME }}
password: ${{ secrets.CUMULUS_DOCKERHUB_TOKEN }}
@@ -285,7 +319,7 @@ jobs:
environment: release
steps:
- name: Checkout sources
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
diff --git a/docker/dockerfiles/polkadot/polkadot_injected.Dockerfile b/docker/dockerfiles/polkadot/polkadot_injected.Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..3dbede4966a8ef7966cb10f2a1963a868f0c3cea
--- /dev/null
+++ b/docker/dockerfiles/polkadot/polkadot_injected.Dockerfile
@@ -0,0 +1,52 @@
+FROM docker.io/parity/base-bin
+
+# metadata
+ARG VCS_REF
+ARG BUILD_DATE
+ARG IMAGE_NAME
+# That can be a single one or a comma separated list
+ARG BINARY=polkadot
+
+LABEL io.parity.image.authors="devops-team@parity.io" \
+ io.parity.image.vendor="Parity Technologies" \
+ io.parity.image.title="parity/polkadot" \
+ io.parity.image.description="Polkadot: a platform for web3. This is the official Parity image with an injected binary." \
+ io.parity.image.source="https://github.com/paritytech/polkadot-sdk/blob/${VCS_REF}/docker/dockerfiles/polkadot/polkadot_injected.Dockerfile" \
+ io.parity.image.revision="${VCS_REF}" \
+ io.parity.image.created="${BUILD_DATE}" \
+ io.parity.image.documentation="https://github.com/paritytech/polkadot-sdk/"
+
+# show backtraces
+ENV RUST_BACKTRACE 1
+
+USER root
+WORKDIR /app
+
+# add polkadot and polkadot-*-worker binaries to the docker image
+COPY bin/* /usr/local/bin/
+COPY entrypoint.sh .
+
+
+RUN chmod -R a+rx "/usr/local/bin"; \
+ mkdir -p /data /polkadot/.local/share && \
+ chown -R parity:parity /data && \
+ ln -s /data /polkadot/.local/share/polkadot
+
+USER parity
+
+# check if executable works in this container
+RUN /usr/local/bin/polkadot --version
+RUN /usr/local/bin/polkadot-prepare-worker --version
+RUN /usr/local/bin/polkadot-execute-worker --version
+
+
+EXPOSE 30333 9933 9944 9615
+VOLUME ["/polkadot"]
+
+ENV BINARY=${BINARY}
+
+# ENTRYPOINT
+ENTRYPOINT ["/app/entrypoint.sh"]
+
+# We call the help by default
+CMD ["--help"]
diff --git a/docker/scripts/build-injected.sh b/docker/scripts/build-injected.sh
index 749d0fa335cc1248fcde1770046fc7c1e31e9fbe..c37ea916c8394b5b8076710bc8409ea4fa6ee84c 100755
--- a/docker/scripts/build-injected.sh
+++ b/docker/scripts/build-injected.sh
@@ -40,7 +40,7 @@ VCS_REF=${VCS_REF:-01234567}
echo "Using engine: $ENGINE"
echo "Using Dockerfile: $DOCKERFILE"
echo "Using context: $CONTEXT"
-echo "Building ${IMAGE}:latest container image for ${BINARY} v${VERSION} from ${ARTIFACTS_FOLDER} hang on!"
+echo "Building ${IMAGE}:latest container image for ${BINARY} ${VERSION} from ${ARTIFACTS_FOLDER} hang on!"
echo "ARTIFACTS_FOLDER=$ARTIFACTS_FOLDER"
echo "CONTEXT=$CONTEXT"
diff --git a/docker/scripts/polkadot/build-injected.sh b/docker/scripts/polkadot/build-injected.sh
index 7cc6db43a54a6b1a54fa4e917ed82185d28e93d0..8f4e7005b816c6c3ab44d2208eca59b1bba50434 100755
--- a/docker/scripts/polkadot/build-injected.sh
+++ b/docker/scripts/polkadot/build-injected.sh
@@ -9,5 +9,6 @@ PROJECT_ROOT=`git rev-parse --show-toplevel`
export BINARY=polkadot,polkadot-execute-worker,polkadot-prepare-worker
export ARTIFACTS_FOLDER=$1
+export DOCKERFILE="docker/dockerfiles/polkadot/polkadot_injected.Dockerfile"
$PROJECT_ROOT/docker/scripts/build-injected.sh