As is customary with new GitHub actions, they don't work on first
attempt if you don't test them *sigh*
We need to use a more recent version of golang than is pre-installed to
avoid the "unknown directive: retract" error message.
It turns out we were using the wrong matrix variable in the actual
make command and ran the same itest 6 times with no arguments, all
resulting in running the btcd test.
To avoid uploading too many files in individual requests, we zip them
first before uploading the zip itself.
With this commit we update the release template to download Roasbeef's
key from the git repository via GitHub.
We also update the key mentioned in the template to the new signing key.
[skip ci]
To reduce the likelyhood of the linter OOMing on the GitHub runner, we
exclude any generated code from being inspected and also tune the golang
garbage collector to be a bit more agressive.
The golang version always needs to be in sync between the go.mod, the PR
checklist and the installation instructions.
We also shorten the Pull Request template by removing everything that we
have a CI check for and just refer to those checks instead.
In this commit, we add a simple bash script to parse out the current PR
number from an environment variable in the GH actions context, and use
that to check to see if the PR has been referenced in the release notes
or not. This isn't 100% fool proof, but it should catch most of the
common cases.
The monitoring server still needs to be enabled using prometheus.enable,
so including this in the default build does not add an additional http
server unless the user opts in.
The golang build cache seems to only grow over time and is now causing
disk space issues on the release builder. Since the release build has to
build for targets that aren't built during other GH actions and our
releases are too far apart to be hitting the cache anyway we suspect the
cache doesn't actually help that much.
Removing it might mean the build takes a bit longer but at least won't
cause any problems with full virtual disks anymore.
Due to a misunderstanding of how the gpg command line options work, we
didn't actually create detached signatures because the --clear-sign
flag would overwrite that. We update our verification script to now only
download the detached signatures and verify them against the main
manifest file.
We also update the signing instructions.
Because we now build a docker image for the RPC compilation, we can save
some execution minutes if we run the mobile RPC and code compilation check in the
same step of the CI workflow.
To avoid leaking any sensitive information like Docker Hub credentials
because of compromised actions repositories, we use our own, vendored
actions for all steps that potentially touch sensitive information.
To enable building docker images for ARM64 platforms as well,
we just need to specify the desired target platforms and the Docker
Buildx service will do the job for us (provided the base images support
the given platforms, which is the case for golang).
Since it was added, we never maintained the file leading to decay in the
set of "actual" code owners. In practice, the current set up ends up
assign most reviews to 2 or so active contributors. I think the idea
itself is sound, but the current implementation leads to certain
reviewers being over-assigned PRs, which at times causes those PRs to
stagnate since pretty much every PR gets assigned to the same set of
people.
