From 418d275b78a906b38291f4d57f5ed25ad7b318a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20I=C3=B1aki=20Bilbao?= Date: Sat, 18 Oct 2025 20:38:24 -0300 Subject: [PATCH 1/5] Make default releases pre-releases and update tags when set to latest --- .github/workflows/tag_latest.yaml | 54 ++++++++++++++++++++++++++++++ .github/workflows/tag_release.yaml | 22 +++--------- 2 files changed, 58 insertions(+), 18 deletions(-) create mode 100644 .github/workflows/tag_latest.yaml diff --git a/.github/workflows/tag_latest.yaml b/.github/workflows/tag_latest.yaml new file mode 100644 index 00000000000..a2bb4679804 --- /dev/null +++ b/.github/workflows/tag_latest.yaml @@ -0,0 +1,54 @@ +name: Ethrex Release + +on: + release: + types: + - edited + +permissions: + packages: write + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + retag_docker_images: + name: "Tag latest Docker images" + runs-on: ubuntu-latest + if: ${{ github.event.changes.make_latest.to == true }} + + # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. + permissions: + packages: write + id-token: write + + steps: + - name: Get new tag + run: echo "TAG_VERSION=$(echo ${{ github.event.release.tag_name.from }} | cut -d- -f1 | tr -d v)" >> $GITHUB_ENV + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Download Docker images + run: | + docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }} + docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }}-l2 + + - name: Retag Docker images + run: | + docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }} + docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }}-l2 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:l2 + docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }}-l2 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }}-l2 + + - name: Push retagged Docker images + run: | + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }} + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }}-l2 + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:l2 diff --git a/.github/workflows/tag_release.yaml b/.github/workflows/tag_release.yaml index de88086a6a1..7cdc0a3a230 100644 --- a/.github/workflows/tag_release.yaml +++ b/.github/workflows/tag_release.yaml @@ -3,7 +3,6 @@ name: Ethrex Release on: push: tags: - - "v[0-9]+.[0-9]+.[0-9]+" - "v[0-9]+.[0-9]+.[0-9]+-*" permissions: @@ -198,16 +197,6 @@ jobs: run: | echo "TAG_VERSION=$(echo ${{ github.ref_name }} | tr -d v)" >> $GITHUB_ENV - - name: Select tags - run: | - if [ "$(echo ${{ github.ref_name }}- | cut -d- -f2 | grep '^rc')" == "" ]; then - echo "L1_TAGS=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }}" >> $GITHUB_ENV - echo "L2_TAGS=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:l2,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }}-l2" >> $GITHUB_ENV - else - echo "L1_TAGS=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }}" >> $GITHUB_ENV - echo "L2_TAGS=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }}-l2" >> $GITHUB_ENV - fi - # Pushes to ghcr.io/lambdaclass/ethrex - name: Build and push L1 Docker image id: push_l1 @@ -217,7 +206,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} push: true - tags: ${{ env.L1_TAGS }} + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }} # Pushes to ghcr.io/lambdaclass/ethrex - name: Build and push L2 Docker image @@ -228,7 +217,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} push: true - tags: ${{ env.L2_TAGS }} + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }}-l2 build_args: BUILD_FLAGS=--features l2,l2-sql # Creates a release on GitHub with the binaries @@ -256,9 +245,6 @@ jobs: echo "PREVIOUS_TAG: $name" echo "PREVIOUS_TAG=$name" >> $GITHUB_ENV - - name: Check release type - run: echo "TAG_SUFFIX=$(echo ${{ github.ref_name }}- | cut -d- -f2)" >> $GITHUB_ENV - - name: Update CHANGELOG id: changelog uses: requarks/changelog-action@v1 @@ -274,8 +260,8 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: files: ./bin/**/* - draft: ${{ startsWith(env.TAG_SUFFIX, 'rc') }} - prerelease: ${{ startsWith(env.TAG_SUFFIX, 'rc') }} + draft: false + prerelease: true tag_name: ${{ github.ref_name }} name: "ethrex: ${{ github.ref_name }}" body: > From 70d5cbff7a4f8d03856863224df9356f67a7959c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20I=C3=B1aki=20Bilbao?= Date: Tue, 21 Oct 2025 17:15:44 -0300 Subject: [PATCH 2/5] Improve previous tag getter --- .github/workflows/tag_latest.yaml | 43 +++++++++++++++++++++--------- .github/workflows/tag_release.yaml | 10 ++++--- 2 files changed, 37 insertions(+), 16 deletions(-) diff --git a/.github/workflows/tag_latest.yaml b/.github/workflows/tag_latest.yaml index a2bb4679804..29af5f4b14f 100644 --- a/.github/workflows/tag_latest.yaml +++ b/.github/workflows/tag_latest.yaml @@ -1,4 +1,4 @@ -name: Ethrex Release +name: Ethrex Latest Release on: release: @@ -6,6 +6,7 @@ on: - edited permissions: + contents: read packages: write env: @@ -13,19 +14,37 @@ env: IMAGE_NAME: ${{ github.repository }} jobs: + get_latest_release: + name: "Get latest release tag" + runs-on: ubuntu-latest + outputs: + latest_tag: ${{ steps.get_latest_release.outputs.latest_tag }} + + steps: + - name: Get latest release tag from GH API + id: get_latest_release + run: | + tag=$(curl -s https://api.github.com/repos/${{ env.IMAGE_NAME }}/releases/latest | jq -r .tag_name) + echo "Latest release tag: $tag" + echo "latest_tag=$tag" >> $GITHUB_OUTPUT + retag_docker_images: name: "Tag latest Docker images" runs-on: ubuntu-latest - if: ${{ github.event.changes.make_latest.to == true }} + needs: [get_latest_release] + if: ${{ needs.get_latest_release.outputs.latest_tag == github.event.release.tag_name }} # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. permissions: + contents: read packages: write id-token: write steps: - - name: Get new tag - run: echo "TAG_VERSION=$(echo ${{ github.event.release.tag_name.from }} | cut -d- -f1 | tr -d v)" >> $GITHUB_ENV + - name: Set tags + run: | + echo "PREV_TAG=$(echo ${{ github.event.changes.tag_name.from }} | tr -d v)" >> $GITHUB_ENV + echo "NEW_TAG=$(echo ${{ github.event.release.tag_name }} | tr -d v)" >> $GITHUB_ENV - name: Log in to GitHub Container Registry uses: docker/login-action@v2 @@ -36,19 +55,19 @@ jobs: - name: Download Docker images run: | - docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }} - docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }}-l2 + docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.PREV_TAG }} + docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.PREV_TAG }}-l2 - name: Retag Docker images run: | - docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }} - docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }}-l2 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:l2 - docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name.from }}-l2 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }}-l2 + docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.PREV_TAG }} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.NEW_TAG }} + docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.PREV_TAG }} ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest + docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.PREV_TAG }}-l2 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:l2 + docker tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.PREV_TAG }}-l2 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.NEW_TAG }}-l2 - name: Push retagged Docker images run: | - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }} + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.NEW_TAG }} docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest - docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_VERSION }}-l2 + docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.NEW_TAG }}-l2 docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:l2 diff --git a/.github/workflows/tag_release.yaml b/.github/workflows/tag_release.yaml index 7cdc0a3a230..6d3a3132c10 100644 --- a/.github/workflows/tag_release.yaml +++ b/.github/workflows/tag_release.yaml @@ -3,7 +3,7 @@ name: Ethrex Release on: push: tags: - - "v[0-9]+.[0-9]+.[0-9]+-*" + - "v*.*.*-*" permissions: contents: write @@ -241,9 +241,11 @@ jobs: - name: Get previous tag run: | - name=$(git --no-pager tag --sort=creatordate --merged ${{ github.ref_name }} | tail -2 | head -1) - echo "PREVIOUS_TAG: $name" - echo "PREVIOUS_TAG=$name" >> $GITHUB_ENV + last_tag=$(git --no-pager tag --sort=creatordate | grep -v -E '^v[0-9]+\.[0-9]+\.[0-9]+-' | grep -v '${{ github.ref_name }}' | tail -1) + echo "Last tag: $last_tag" + common_parent=$(git merge-base ${{ github.ref_name }} $last_tag) + echo "PREVIOUS_TAG: $common_parent" + echo "PREVIOUS_TAG=$common_parent" >> $GITHUB_ENV - name: Update CHANGELOG id: changelog From ffaad71c3f3f94512c1892a72357cde76173f3e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20I=C3=B1aki=20Bilbao?= Date: Tue, 21 Oct 2025 17:35:58 -0300 Subject: [PATCH 3/5] Update release docs --- docs/developers/release-process.md | 36 +++++++++++++++++------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/docs/developers/release-process.md b/docs/developers/release-process.md index 1063f078c8c..6df87763c1c 100644 --- a/docs/developers/release-process.md +++ b/docs/developers/release-process.md @@ -28,18 +28,17 @@ There are currently three `Cargo.lock` files that will be affected. Make sure yo ## 3rd - Create & Push Tag -Create a tag with a format `vX.Y.Z[-custom]` where `X.Y.Z` is the semantic version and `-custom` is an optional subversion. Example of valid tags: +Create a tag with a format `vX.Y.Z-rc.W` where `X.Y.Z` is the semantic version and `W` is a release candidate version. Other names for subversions are also accepted. Example of valid tags: -- `v0.0.1` - `v0.1.3-rc.1` - `v0.0.2-alpha` ```bash git tag -git push --tags +git push origin ``` -After pushing the tag, a CI job will compile the binaries for different architectures and create a release with the version specified in the tag name. Along with the binaries, a tar file is uploaded with the contracts and the verification keys. The following binaries are built: +After pushing the tag, a CI job will compile the binaries for different architectures and create a pre-release with the version specified in the tag name. Along with the binaries, a tar file is uploaded with the contracts and the verification keys. The following binaries are built: | name | L2 stack | Provers | CUDA support | | --- | --- | --- | --- | @@ -53,21 +52,27 @@ After pushing the tag, a CI job will compile the binaries for different architec | ethrex-l2-macos-aarch64 | ✅ | Exec | ❌ | Also, two docker images are built and pushed to the Github Container registry: -- `ghcr.io/lambdaclass/ethrex:latest` -- `ghcr.io/lambdaclass/ethrex:X.Y.Z[-custom]` -- `ghcr.io/lambdaclass/ethrex:l2` -- `ghcr.io/lambdaclass/ethrex:X.Y.Z[-custom]-l2` +- `ghcr.io/lambdaclass/ethrex:X.Y.Z-rc.W` +- `ghcr.io/lambdaclass/ethrex:X.Y.Z-rc.W-l2` -A changelog will be generated based on commit names (using conventional commits) from the last tag. +A changelog will be generated based on commit names (using conventional commits) from the last stable tag. -> [!NOTE] -> If the tag has format `vX.Y.Z-rc*`, the release will be a pre-release and in draft mode. Also, `latest` and `l2` docker tags will not be updated. +## 4th - Test & Publish Release -## 4th - Update Homebrew +When you are sure all the binaries and docker images work as expected, you can proceed to publish the release. To do so, edit the last pre-release with the following changes: +- Change the name to `ethrex: vX.Y.Z` +- Change the tag to a new one `vX.Y.Z`. **IMPORTANT**: Make sure to select the `release/vX.Y.Z` branch when changing the tag. +- Set the release as the latest release (you will need to uncheck the pre-release first). + +Once done, the CI will publish new tags for the already compiled docker images: +- `ghcr.io/lambdaclass/ethrex:X.Y.Z`, `ghcr.io/lambdaclass/ethrex:latest` +- `ghcr.io/lambdaclass/ethrex:X.Y.Z-l2`, `ghcr.io/lambdaclass/ethrex:l2` + +## 5th - Update Homebrew Disclaimer: We should automate this -1. Commit a change in https://github.com/lambdaclass/homebrew-tap/ bumping the ethrex version (like this one https://github.com/lambdaclass/homebrew-tap/commit/d78a2772ad9c5412e7f84c6210bd85c970fcd0e6). +1. Commit a change in https://github.com/lambdaclass/homebrew-tap/ bumping the ethrex version (like [this one](https://github.com/lambdaclass/homebrew-tap/commit/d78a2772ad9c5412e7f84c6210bd85c970fcd0e6)). - The first SHA is the hash of the `.tar.gz` from the release. You can get it by downloading the `Source code (tar.gz)` from the ethrex release and running ```bash @@ -105,10 +110,9 @@ Disclaimer: We should automate this - Use this as the second hash (the one in the `bottle` section) 2. Push the commit -3. Create a new release with tag `v3.0.0` -IMPORTANT: attach the `ethrex-3.0.0.arm64_sonoma.bottle.tar.gz` to the release +3. Create a new release with tag `v3.0.0`. **IMPORTANT**: attach the `ethrex-3.0.0.arm64_sonoma.bottle.tar.gz` to the release -## 5th - Merge the release branch via PR +## 6th - Merge the release branch via PR Once the release is verified, **merge the branch via PR**. From dfa95bbd82cc984e8699004fed146097bae53acc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20I=C3=B1aki=20Bilbao?= Date: Tue, 21 Oct 2025 18:00:23 -0300 Subject: [PATCH 4/5] Update docker action version --- .github/workflows/tag_latest.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tag_latest.yaml b/.github/workflows/tag_latest.yaml index 29af5f4b14f..35ec11d463d 100644 --- a/.github/workflows/tag_latest.yaml +++ b/.github/workflows/tag_latest.yaml @@ -46,8 +46,8 @@ jobs: echo "PREV_TAG=$(echo ${{ github.event.changes.tag_name.from }} | tr -d v)" >> $GITHUB_ENV echo "NEW_TAG=$(echo ${{ github.event.release.tag_name }} | tr -d v)" >> $GITHUB_ENV - - name: Log in to GitHub Container Registry - uses: docker/login-action@v2 + - name: Login to Docker registry + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} From 9a6672c91cb5493c5ebdc0afdb28ce3fc231cdf3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20I=C3=B1aki=20Bilbao?= Date: Wed, 22 Oct 2025 16:03:48 -0300 Subject: [PATCH 5/5] Skip if there's no tag change --- .github/workflows/tag_latest.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tag_latest.yaml b/.github/workflows/tag_latest.yaml index 35ec11d463d..0f48ba83302 100644 --- a/.github/workflows/tag_latest.yaml +++ b/.github/workflows/tag_latest.yaml @@ -32,7 +32,7 @@ jobs: name: "Tag latest Docker images" runs-on: ubuntu-latest needs: [get_latest_release] - if: ${{ needs.get_latest_release.outputs.latest_tag == github.event.release.tag_name }} + if: ${{ needs.get_latest_release.outputs.latest_tag == github.event.release.tag_name && github.event.changes.tag_name.from }} # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. permissions: