Skip to content

Improve build for packaging, add release workflow in CI #212

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 25 commits into
base: main
Choose a base branch
from
Open

Improve build for packaging, add release workflow in CI #212

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
92b46a8
add wrapAsEither circuits
andrew-fleming Aug 16, 2025
9fc5bbe
add option to compile directory in compact
andrew-fleming Aug 17, 2025
98b7a32
add granular compile scripts
andrew-fleming Aug 17, 2025
ae9e311
fix fmt
andrew-fleming Aug 17, 2025
4a9885b
use fast compilation prior to tests, cache tests
andrew-fleming Aug 17, 2025
d707d28
revert changes
andrew-fleming Aug 18, 2025
d113802
update readme with targeted compilation
andrew-fleming Aug 18, 2025
c004dd8
build preserves dir structure
andrew-fleming Aug 21, 2025
6de7a17
keep compact files in directories in dist, add tsc in build
andrew-fleming Aug 23, 2025
787f91b
include explicit witnesses in tsconfig, remove sourceMap
andrew-fleming Aug 23, 2025
865aa11
move compact compiler install to composite action
andrew-fleming Aug 23, 2025
579ef4d
add prepare-release workflow (version bump)
andrew-fleming Aug 23, 2025
7f64555
add release workflow
andrew-fleming Aug 23, 2025
f2067a8
add releasing doc
andrew-fleming Aug 23, 2025
f6c7c5c
remove comment
andrew-fleming Aug 23, 2025
d46ffaf
remove unused env, remove redundant compile in favor of build
andrew-fleming Aug 23, 2025
f71f616
add provenance
andrew-fleming Aug 23, 2025
9f9be1e
remove private field from contracts
andrew-fleming Aug 24, 2025
60b5b3a
add manifest metadata, remove private field
andrew-fleming Aug 24, 2025
67c95ff
fix fmt
andrew-fleming Aug 24, 2025
9982d95
improve find pattern
andrew-fleming Aug 24, 2025
5cb6300
further improve find pattern
andrew-fleming Aug 24, 2025
810e5d0
Merge branch 'main' into support-releasing
andrew-fleming Aug 28, 2025
fd96741
fix conflicts
andrew-fleming Aug 28, 2025
90f8762
Apply suggestions from code review
andrew-fleming Aug 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
113 changes: 111 additions & 2 deletions .github/actions/setup/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,29 @@
name: "Setup Environment"
description: "Sets up the environment with yarn, Node.js, and turbo"
description: "Sets up the environment with yarn, Node.js, turbo, and Compact compiler"

inputs:
skip-compact:
description: "Skip Compact compiler installation"
required: false
default: "false"

outputs:
compact-home:
description: "Path to Compact compiler installation"
value: ${{ steps.compact-outputs.outputs.compact-home }}
compact-version:
description: "Installed Compact compiler version"
value: ${{ steps.compact-outputs.outputs.version }}

runs:
using: "composite"
steps:
- name: Set shared environment variables
shell: bash
run: |
echo "COMPILER_VERSION=0.24.0" >> $GITHUB_ENV
echo "LANGUAGE_VERSION=0.16.0" >> $GITHUB_ENV

- name: Get yarn cache directory path
shell: bash
id: yarn-cache-dir-path
Expand All @@ -25,6 +45,14 @@ runs:
restore-keys: |
${{ runner.os }}-turbo-${{ hashFiles('.turbo/*') }}

- name: Cache Compact compiler
if: inputs.skip-compact != 'true'
uses: actions/cache@v4
id: compact-cache
with:
path: ~/compactc
key: compact-compiler-${{ env.COMPILER_VERSION }}-${{ runner.os }}

- name: Setup Node.js
uses: actions/setup-node@v4
with:
Expand All @@ -40,5 +68,86 @@ runs:
env:
TURBO_MAJOR_VERSION: 2
TURBO_TELEMETRY_DISABLED: 1
run: npm install turbo@${{ env.TURBO_MAJOR_VERSION }} -g

- name: Install Compact compiler
if: inputs.skip-compact != 'true' && steps.compact-cache.outputs.cache-hit != 'true'
shell: bash
run: |
set -euo pipefail

COMPACT_HOME="$HOME/compactc"
COMPACT_ZIP_DIR="$HOME/compactc_download"

echo "🔧 Installing Compact compiler v$COMPILER_VERSION..."

mkdir -p "$COMPACT_HOME"
mkdir -p "$COMPACT_ZIP_DIR"

ZIP_FILE="compactc_v${COMPILER_VERSION}_x86_64-unknown-linux-musl.zip"
DOWNLOAD_URL="https://d3fazakqrumx6p.cloudfront.net/artifacts/compiler/compactc_${COMPILER_VERSION}/${ZIP_FILE}"
Copy link

@son-oz son-oz Oct 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it's better to extract these out to Actions variables instead of hardcoding, can be a separate improvement PR later.

Copy link

@son-oz son-oz Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also would like to see some verification for the downloaded file, like a SHA256 hash or something.


echo "⬇️ Downloading Compact compiler from $DOWNLOAD_URL..."
curl -fLs "$DOWNLOAD_URL" -o "$COMPACT_ZIP_DIR/compactc.zip"

echo "🧪 Validating ZIP archive..."
if ! unzip -tq "$COMPACT_ZIP_DIR/compactc.zip"; then
echo "::error::❌ ZIP file is invalid or corrupted."
exit 1
fi

echo "📦 Extracting Compact compiler..."
unzip -q "$COMPACT_ZIP_DIR/compactc.zip" -d "$COMPACT_HOME"
chmod +x "$COMPACT_HOME"/{compactc,compactc.bin,zkir}

echo "✅ Compact compiler extracted to $COMPACT_HOME"

- name: Setup Compact environment
if: inputs.skip-compact != 'true'
shell: bash
run: |
COMPACT_HOME="$HOME/compactc"
echo "📁 Setting Compact environment variables..."
echo "COMPACT_HOME=$COMPACT_HOME" >> "$GITHUB_ENV"
echo "$COMPACT_HOME" >> "$GITHUB_PATH"

if [ -f "$COMPACT_HOME/compactc" ]; then
echo "✅ Compact compiler is installed at $COMPACT_HOME"
else
echo "::error::❌ Compact compiler not found in $COMPACT_HOME"
exit 1
fi

- name: Set Compact outputs
if: inputs.skip-compact != 'true'
id: compact-outputs
shell: bash
run: |
echo "compact-home=$HOME/compactc" >> $GITHUB_OUTPUT
echo "version=$COMPILER_VERSION" >> $GITHUB_OUTPUT

- name: Check compiler and language version
if: inputs.skip-compact != 'true'
shell: bash
run: |
npm install turbo@${{ env.TURBO_MAJOR_VERSION }} -g
set -euo pipefail

echo "🔍 Checking Compact compiler version..."
COMPILER_OUTPUT=$(compactc --version)
COMPUTED_COMPILER_VERSION=$(echo "$COMPILER_OUTPUT" | grep -oP '\b0\.[0-9]+\.[0-9]+\b' | head -n 1)

if [ "$COMPUTED_COMPILER_VERSION" != "$COMPILER_VERSION" ]; then
echo "::error::❌ Compiler version mismatch!%0AExpected: $COMPILER_VERSION%0AGot: $COMPUTED_COMPILER_VERSION"
exit 1
fi
echo "✅ Compiler version matches: $COMPUTED_COMPILER_VERSION"

echo "🔍 Checking Compact language version..."
LANGUAGE_OUTPUT=$(compactc --language-version)
COMPUTED_LANGUAGE_VERSION=$(echo "$LANGUAGE_OUTPUT" | grep -oP '\b0\.[0-9]+\.[0-9]+\b' | tail -n 1)

if [ "$COMPUTED_LANGUAGE_VERSION" != "$LANGUAGE_VERSION" ]; then
echo "::error::❌ Language version mismatch!%0AExpected: $LANGUAGE_VERSION%0AGot: $COMPUTED_LANGUAGE_VERSION"
exit 1
fi
echo "✅ Language version matches: $COMPUTED_LANGUAGE_VERSION"
60 changes: 60 additions & 0 deletions .github/workflows/prepare-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
name: Update version on new release branch

on:
create:

permissions:
contents: write
pull-requests: write

jobs:
update_version:
if: github.ref_type == 'branch' && startsWith(github.ref, 'refs/heads/release-v')
runs-on: ubuntu-latest

steps:
- name: Checkout repository
uses: actions/checkout@v5

- name: Extract current version
run: |
CURRENT_VERSION=$(node -p "require('./contracts/package.json').version")
Copy link

@son-oz son-oz Oct 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm wondering if nodejs is available in the runner?

Copy link
Member

@0xisk 0xisk Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it is supported in the runner but I will add this part to be safe:

- name: Setup Node.js
      uses: actions/setup-node@v4
      with:
        node-version-file: ".nvmrc"
        cache: "yarn"

echo "CURRENT_VERSION=$CURRENT_VERSION" >> "$GITHUB_ENV"
- name: Extract new version number
run: echo "NEW_VERSION=${GITHUB_REF#refs/heads/release-v}" >> "$GITHUB_ENV"

- name: Replace version in files
run: |
echo "Current version: $CURRENT_VERSION"
echo "New version: $NEW_VERSION"
# Update package.json version field manually
cd contracts
node -e "
const fs = require('fs');
const pkg = require('./package.json');
pkg.version = '$NEW_VERSION';
fs.writeFileSync('./package.json', JSON.stringify(pkg, null, 2) + '\n');
console.log('Updated package.json to version $NEW_VERSION');
"
# Update yarn.lock to reflect the new version
yarn install
cd ..
# Escape special characters for sed
ESCAPED_CURRENT=$(printf '%s' "$CURRENT_VERSION" | sed -e 's/[\/&]/\\&/g')
ESCAPED_NEW=$(printf '%s' "$NEW_VERSION" | sed -e 's/[\/&]/\\&/g')
# Replace version in contracts/src/
find ./contracts/src/ -type d -name '.*' -prune -o \
-type f -exec sed -i "s#$ESCAPED_CURRENT#$ESCAPED_NEW#g" {} +
# Replace version in docs/, excluding package-lock.json
find ./docs/ -type d -name '.*' -prune -o \
-type f ! -name 'package-lock.json' -exec sed -i "s#$ESCAPED_CURRENT#$ESCAPED_NEW#g" {} +
- name: Auto-commit changes
uses: stefanzweifel/git-auto-commit-action@778341af668090896ca464160c2def5d1d1a3eb0 #v6.0.1
with:
commit_message: Bump version to ${{ env.NEW_VERSION }}
94 changes: 94 additions & 0 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
name: Publish Package on Release

on:
release:
types: [published]

jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write

steps:
- name: Checkout
uses: actions/checkout@v5

- name: Setup Environment
uses: ./.github/actions/setup

- name: Build contracts
run: turbo build --filter=!'docs'

- name: Validate version consistency
run: |
RELEASE_VERSION=${GITHUB_REF#refs/tags/v}
PACKAGE_VERSION=$(node -p "require('./contracts/package.json').version")
if [ "$RELEASE_VERSION" != "$PACKAGE_VERSION" ]; then
echo "❌ Version mismatch: Release $RELEASE_VERSION vs Package $PACKAGE_VERSION"
exit 1
fi
echo "✅ Version consistency validated: $RELEASE_VERSION"
- name: Setup npm registry
uses: actions/setup-node@v4
with:
registry-url: 'https://registry.npmjs.org'

- name: Pack tarball
id: pack
run: |
cd contracts/dist
TARBALL=$(npm pack | tail -1)
echo "tarball_name=$TARBALL" >> $GITHUB_OUTPUT
echo "tarball=$(pwd)/$TARBALL" >> $GITHUB_OUTPUT
# Determine dist-tag based on semver prerelease
PACKAGE_VERSION=$(node -p "require('./package.json').version")
if [[ "$PACKAGE_VERSION" =~ -.*$ ]]; then
# Has prerelease suffix (anything after -)
if [[ "$PACKAGE_VERSION" =~ -(alpha|beta|rc) ]]; then
echo "tag=beta" >> $GITHUB_OUTPUT
else
echo "tag=next" >> $GITHUB_OUTPUT
fi
else
# Stable release
echo "tag=latest" >> $GITHUB_OUTPUT
fi
- name: Verify tarball integrity
run: |
echo "=== Verifying tarball contents ==="
PACKAGE_NAME=$(tar xfO "${{ steps.pack.outputs.tarball }}" package/package.json | jq -r .name)
PACKAGE_VERSION=$(tar xfO "${{ steps.pack.outputs.tarball }}" package/package.json | jq -r .version)
PRIVATE_FIELD=$(tar xfO "${{ steps.pack.outputs.tarball }}" package/package.json | jq -r '.private // "not found"')
echo "📦 Package: $PACKAGE_NAME@$PACKAGE_VERSION"
echo "🏷️ Tag: ${{ steps.pack.outputs.tag }}"
echo "🔒 Private field: $PRIVATE_FIELD"
# Ensure no private field
if [ "$PRIVATE_FIELD" = "true" ]; then
echo "❌ Tarball contains private: true - cannot publish"
exit 1
fi
- name: Publish to npm
run: |
# Create .npmrc with auth token
echo "//registry.npmjs.org/:_authToken=\${NPM_TOKEN}" > .npmrc
# Publish the tarball with appropriate tag
npm publish "${{ steps.pack.outputs.tarball }}" --tag "${{ steps.pack.outputs.tag }}" --access public
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
Copy link

@son-oz son-oz Oct 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will need to switch this over to Trusted Publishing later. I am tracking that on my side.

NPM_CONFIG_PROVENANCE: true

- name: Log success
run: |
PACKAGE_NAME=$(tar xfO "${{ steps.pack.outputs.tarball }}" package/package.json | jq -r .name)
PACKAGE_VERSION=$(tar xfO "${{ steps.pack.outputs.tarball }}" package/package.json | jq -r .version)
echo "✅ Successfully published $PACKAGE_NAME@$PACKAGE_VERSION to npm with tag ${{ steps.pack.outputs.tag }}"
echo "📦 Install with: npm install $PACKAGE_NAME@${{ steps.pack.outputs.tag }}"
83 changes: 2 additions & 81 deletions .github/workflows/test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,6 @@ on:
branches:
- main

env:
TURBO_TELEMETRY_DISABLED: 1
COMPILER_VERSION: "0.24.0"
LANGUAGE_VERSION: "0.16.0"

jobs:
run-suite:
name: Run Test Suite
Expand All @@ -26,82 +21,8 @@ jobs:
- name: Setup Environment
uses: ./.github/actions/setup

- name: Install Compact compiler
id: setup
shell: bash
run: |
set -euo pipefail
# Create directory for compiler
COMPACT_HOME="$HOME/compactc"
mkdir -p "$COMPACT_HOME"

# Create URL
ZIP_FILE="compactc_v${COMPILER_VERSION}_x86_64-unknown-linux-musl.zip"
DOWNLOAD_URL="https://d3fazakqrumx6p.cloudfront.net/artifacts/compiler/compactc_${COMPILER_VERSION}/${ZIP_FILE}"

echo "⬇️ Downloading Compact compiler..."
curl -Ls "$DOWNLOAD_URL" -o "$COMPACT_HOME/compactc.zip"

echo "📦 Extracting..."
unzip -q "$COMPACT_HOME/compactc.zip" -d "$COMPACT_HOME"
chmod +x "$COMPACT_HOME"/{compactc,compactc.bin,zkir}

echo "📁 Setting environment variables..."
echo "COMPACT_HOME=$COMPACT_HOME" >> "$GITHUB_ENV"
echo "$COMPACT_HOME" >> "$GITHUB_PATH"

echo "✅ Verifying installation..."
if [ ! -f "$COMPACT_HOME/compactc" ]; then
echo "::error::❌ compactc not found in $COMPACT_HOME"
exit 1
fi

echo "🤖 Testing installation..."
"$COMPACT_HOME/compactc" --version

- name: Check compiler and language version
run: |
COMPILER_OUTPUT=$(compactc --version)
COMPUTED_COMPILER_VERSION=$(echo "$COMPILER_OUTPUT" | grep -oP '\b0\.[0-9]+\.[0-9]+\b' | head -n 1)
if [ "$COMPUTED_COMPILER_VERSION" != "$COMPILER_VERSION" ]; then
errMsg="❌ Compiler version mismatch!%0AExpected: $COMPILER_VERSION%0AGot: $COMPUTED_COMPILER_VERSION"
echo "::error::$errMsg"
exit 1
fi
echo "✅ Compiler version matches: $COMPUTED_COMPILER_VERSION"

LANGUAGE_OUTPUT=$(compactc --language-version)
COMPUTED_LANGUAGE_VERSION=$(echo "$LANGUAGE_OUTPUT" | grep -oP '\b0\.[0-9]+\.[0-9]+\b' | tail -n 1)
if [ "$COMPUTED_LANGUAGE_VERSION" != "$LANGUAGE_VERSION" ]; then
errMsg="❌ Language version mismatch!%0AExpected: $LANGUAGE_VERSION%0AGot: $COMPUTED_LANGUAGE_VERSION"
echo "::error::$errMsg"
exit 1
fi

echo "✅ Language version matches: $COMPUTED_LANGUAGE_VERSION"

- name: Compile contracts (with retry on hash mismatch)
shell: bash
run: |
set -euo pipefail

compile() {
echo "⚙️ Running Compact compilation..."
if ! output=$(turbo compact --concurrency=1 2>&1); then
echo "❌ Compilation failed."
if echo "$output" | grep -q "Hash mismatch" && [ -d "$HOME/.cache/midnight/zk-params" ]; then
echo "⚠️ Hash mismatch detected *and* zk-params exists. Removing cache..."
rm -rf "$HOME/.cache/midnight/zk-params"
echo "::notice::♻️ Retrying compilation after clearing zk-params..."
turbo compact --concurrency=1 || { echo "::error::❌ Retry also failed."; exit 1; }
else
echo "🚫 Compilation failed for another reason or zk-params missing. No retry."
exit 1
fi
fi
}

compile
- name: Compile contracts (with retry)
run: turbo compact --filter=@openzeppelin-compact/contracts --concurrency=1

- name: Run type checks
run: turbo types
Expand Down
Loading
Loading