From 05c9b90bc908f95120685dfe18eca17bdf7aac95 Mon Sep 17 00:00:00 2001 From: Hanzo Dev Date: Thu, 12 Mar 2026 01:02:26 -0700 Subject: [PATCH] ci: upgrade Go 1.26.1, enable all build/test workflows, bump upload-artifact v7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Bump Go to 1.26.1 (fixes 5 stdlib CVEs: html/template, os, net/url, crypto/x509) - Bump actions/upload-artifact v6 → v7 across all release workflows - Enable Docker image build test in CI - Enable protobuf generation check (check_generated_protobuf) - Enable mock generation check (check_mockgen) - Remove antithesis test stubs (not used) - Fix daily fuzz tests: add CGO_ENABLED=0 + Git auth + GOPRIVATE - Fix fuzz_merkledb: add CGO_ENABLED=0 + Git auth + GOPRIVATE - Remove -tags pebbledb from linux binary builds (zapdb is default) - Update Dockerfile GO_VERSION to 1.26.1 --- .github/workflows/build-linux-binaries.yml | 8 +- .github/workflows/build-macos-release.yml | 2 +- .../workflows/build-ubuntu-amd64-release.yml | 4 +- .../workflows/build-ubuntu-arm64-release.yml | 4 +- .github/workflows/build-win-release.yml | 2 +- .github/workflows/ci.yml | 111 ++++++++++-------- .github/workflows/docker-publish.yml | 2 +- .github/workflows/fuzz.yml | 9 ++ .github/workflows/fuzz_merkledb.yml | 9 ++ Dockerfile | 2 +- LLM.md | 4 +- go.mod | 2 +- 12 files changed, 98 insertions(+), 61 deletions(-) diff --git a/.github/workflows/build-linux-binaries.yml b/.github/workflows/build-linux-binaries.yml index c262ff26ed..2159b217ff 100644 --- a/.github/workflows/build-linux-binaries.yml +++ b/.github/workflows/build-linux-binaries.yml @@ -31,7 +31,7 @@ jobs: - run: go version - name: Build the luxd binaries - run: CGO_ENABLED=0 ./scripts/run_task.sh build -- -tags pebbledb + run: CGO_ENABLED=0 ./scripts/run_task.sh build - name: Try to get tag from git if: "${{ github.event.inputs.tag == '' }}" @@ -57,7 +57,7 @@ jobs: RELEASE: "jammy" - name: Save as Github artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: amd64 path: ${{ github.workspace }}/luxd-pkg/node-linux-amd64-${{ env.TAG }}.tar.gz @@ -81,7 +81,7 @@ jobs: - run: go version - name: Build the luxd binaries (native arm64) - run: CGO_ENABLED=0 ./scripts/build.sh -- -tags pebbledb + run: CGO_ENABLED=0 ./scripts/build.sh - name: Try to get tag from git if: "${{ github.event.inputs.tag == '' }}" @@ -107,7 +107,7 @@ jobs: RELEASE: "jammy" - name: Save as Github artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: arm64 path: ${{ github.workspace }}/luxd-pkg/node-linux-arm64-${{ env.TAG }}.tar.gz diff --git a/.github/workflows/build-macos-release.yml b/.github/workflows/build-macos-release.yml index 23ff26b852..3958521554 100644 --- a/.github/workflows/build-macos-release.yml +++ b/.github/workflows/build-macos-release.yml @@ -63,7 +63,7 @@ jobs: TAG: ${{ env.TAG }} - name: Save as Github artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: build path: node-macos-${{ env.TAG }}.zip diff --git a/.github/workflows/build-ubuntu-amd64-release.yml b/.github/workflows/build-ubuntu-amd64-release.yml index b40f8a4856..2dad6eb30d 100644 --- a/.github/workflows/build-ubuntu-amd64-release.yml +++ b/.github/workflows/build-ubuntu-amd64-release.yml @@ -55,7 +55,7 @@ jobs: RELEASE: "jammy" - name: Save as Github artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: jammy-amd64 path: /tmp/luxd/luxd-${{ env.TAG }}-amd64.deb @@ -100,7 +100,7 @@ jobs: RELEASE: "focal" - name: Save as Github artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: focal-amd64 path: /tmp/luxd/luxd-${{ env.TAG }}-amd64.deb diff --git a/.github/workflows/build-ubuntu-arm64-release.yml b/.github/workflows/build-ubuntu-arm64-release.yml index 7a2d68094a..546b88c516 100644 --- a/.github/workflows/build-ubuntu-arm64-release.yml +++ b/.github/workflows/build-ubuntu-arm64-release.yml @@ -52,7 +52,7 @@ jobs: RELEASE: "jammy" - name: Save as Github artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: jammy-arm64 path: /tmp/luxd/luxd-${{ env.TAG }}-arm64.deb @@ -97,7 +97,7 @@ jobs: RELEASE: "focal" - name: Save as Github artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: focal-arm64 path: /tmp/luxd/luxd-${{ env.TAG }}-arm64.deb diff --git a/.github/workflows/build-win-release.yml b/.github/workflows/build-win-release.yml index ef654eb4b3..621daab598 100644 --- a/.github/workflows/build-win-release.yml +++ b/.github/workflows/build-win-release.yml @@ -47,7 +47,7 @@ jobs: Compress-Archive -Path .\build\luxd.exe -DestinationPath .\build\node-win-${{ env.TAG }}-experimental.zip - name: Save as Github artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: windows path: .\build\node-win-${{ env.TAG }}-experimental.zip diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b30f457da8..3e7413497c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -104,41 +104,56 @@ jobs: - name: Lint protobuf shell: bash run: buf lint proto - # NOTE: Protobuf check disabled - generated files need regeneration - # check_generated_protobuf: - # name: Up-to-date protobuf - # runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v4 - # - uses: ./.github/actions/setup-go-for-project - # - uses: bufbuild/buf-setup-action@v1.47.2 - # with: - # github_token: ${{ github.token }} - # - name: Install protoc-gen-go tools - # shell: bash - # run: | - # go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.35.1 - # go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0 - # go install connectrpc.com/connect/cmd/protoc-gen-connect-go@latest - # - shell: bash - # run: scripts/protobuf_codegen.sh - # env: - # CGO_ENABLED: '0' - # - shell: bash - # run: .github/workflows/check-clean-branch.sh - # NOTE: Mock generation check disabled - needs mock file cleanup - # check_mockgen: - # name: Up-to-date mocks - # runs-on: ubuntu-latest - # steps: - # - uses: actions/checkout@v4 - # - uses: ./.github/actions/setup-go-for-project - # - shell: bash - # run: scripts/mock.gen.sh - # env: - # CGO_ENABLED: '0' - # - shell: bash - # run: .github/workflows/check-clean-branch.sh + check_generated_protobuf: + name: Up-to-date protobuf + runs-on: ubuntu-latest + env: + GOPRIVATE: github.com/luxfi/* + GONOSUMDB: github.com/luxfi/* + GOWORK: off + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/setup-go-for-project + - name: Configure Git for private modules + shell: bash + run: git config --global url."https://${{ github.token }}@github.com/".insteadOf "https://github.com/" + - name: Install buf + shell: bash + run: | + BUF_VERSION="1.47.2" + curl -sSL "https://github.com/bufbuild/buf/releases/download/v${BUF_VERSION}/buf-Linux-x86_64" -o /usr/local/bin/buf + chmod +x /usr/local/bin/buf + - name: Install protoc-gen-go tools + shell: bash + run: | + go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.35.1 + go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0 + go install connectrpc.com/connect/cmd/protoc-gen-connect-go@latest + - shell: bash + run: scripts/protobuf_codegen.sh + env: + CGO_ENABLED: '0' + - shell: bash + run: .github/workflows/check-clean-branch.sh + check_mockgen: + name: Up-to-date mocks + runs-on: ubuntu-latest + env: + GOPRIVATE: github.com/luxfi/* + GONOSUMDB: github.com/luxfi/* + GOWORK: off + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/setup-go-for-project + - name: Configure Git for private modules + shell: bash + run: git config --global url."https://${{ github.token }}@github.com/".insteadOf "https://github.com/" + - shell: bash + run: scripts/mock.gen.sh + env: + CGO_ENABLED: '0' + - shell: bash + run: .github/workflows/check-clean-branch.sh go_mod_tidy: name: Up-to-date go.mod and go.sum runs-on: ubuntu-latest @@ -156,14 +171,18 @@ jobs: run: go mod tidy - shell: bash run: .github/workflows/check-clean-branch.sh - # NOTE: Image build test disabled - needs docker multi-arch setup - # test_build_image: - # name: Image build - # ... - # NOTE: Antithesis tests disabled - require tests/antithesis/ infrastructure - # test_build_antithesis_luxd_images: - # name: Build Antithesis luxd images - # ... - # test_build_antithesis_xsvm_images: - # name: Build Antithesis xsvm images - # ... + test_build_image: + name: Image build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build Docker image (test only) + uses: docker/build-push-action@v5 + with: + context: . + push: false + platforms: linux/amd64 + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 2c9550abf1..841557a119 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -69,7 +69,7 @@ jobs: output-file: sbom.spdx.json - name: Upload SBOM - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: sbom path: sbom.spdx.json diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index ef6deedfe8..d4cfa9d903 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -10,11 +10,20 @@ permissions: jobs: fuzz: runs-on: ubuntu-latest + env: + GOPRIVATE: github.com/luxfi/* + GONOSUMDB: github.com/luxfi/* + GOWORK: off steps: - name: Git checkout uses: actions/checkout@v4 - name: Set up Go uses: ./.github/actions/setup-go-for-project + - name: Configure Git for private modules + shell: bash + run: git config --global url."https://${{ github.token }}@github.com/".insteadOf "https://github.com/" - name: Run fuzz tests shell: bash run: ./scripts/build_fuzz.sh 180 # Run each fuzz test 180 seconds + env: + CGO_ENABLED: '0' diff --git a/.github/workflows/fuzz_merkledb.yml b/.github/workflows/fuzz_merkledb.yml index 8019b44906..d8c04c4957 100644 --- a/.github/workflows/fuzz_merkledb.yml +++ b/.github/workflows/fuzz_merkledb.yml @@ -12,11 +12,20 @@ permissions: jobs: MerkleDB: runs-on: ubuntu-latest + env: + GOPRIVATE: github.com/luxfi/* + GONOSUMDB: github.com/luxfi/* + GOWORK: off steps: - name: Git checkout uses: actions/checkout@v4 - name: Set up Go uses: ./.github/actions/setup-go-for-project + - name: Configure Git for private modules + shell: bash + run: git config --global url."https://${{ github.token }}@github.com/".insteadOf "https://github.com/" - name: Run merkledb fuzz tests shell: bash run: ./scripts/build_fuzz.sh 900 ./x/merkledb # Run each merkledb fuzz tests 15 minutes + env: + CGO_ENABLED: '0' diff --git a/Dockerfile b/Dockerfile index c16bc25a73..f6b9951f43 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ # The version is supplied as a build argument rather than hard-coded # to minimize the cost of version changes. -ARG GO_VERSION=1.26.0 +ARG GO_VERSION=1.26.1 # ============= Go Installation Stage ================ FROM --platform=$BUILDPLATFORM debian:bookworm-slim AS go-installer diff --git a/LLM.md b/LLM.md index 104afe3870..dc6daf3161 100644 --- a/LLM.md +++ b/LLM.md @@ -9,8 +9,8 @@ Lux blockchain node implementation - a high-performance, multi-chain blockchain **Key Context:** - Fork of Avalanche with Lux-specific enhancements - Network ID: 96369 (Lux Mainnet), 96368 (Testnet), 96370 (Devnet) -- Go Version: 1.23.9+ -- Database: BadgerDB (primary), PebbleDB support +- Go Version: 1.26.1+ +- Database: ZapDB (primary, default) ## Essential Commands diff --git a/go.mod b/go.mod index 24c4eeb19e..3300402e54 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ module github.com/luxfi/node // // - If updating between minor versions (e.g. 1.23.x -> 1.24.x): // - Consider updating the version of golangci-lint (in scripts/lint.sh). -go 1.26 +go 1.26.1 exclude github.com/luxfi/geth v1.16.1