all: Merge go-ethereum v1.16.2

Author: joshklop

.circleci/ci-docker-tag-op-geth-release.sh

@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+DOCKER_REPO=$1
+GIT_TAG=$2
+GIT_SHA=$3
+
+IMAGE_NAME="op-geth"
+IMAGE_TAG=$GIT_TAG
+
+SOURCE_IMAGE_TAG="$DOCKER_REPO/$IMAGE_NAME:$GIT_SHA"
+TARGET_IMAGE_TAG="$DOCKER_REPO/$IMAGE_NAME:$IMAGE_TAG"
+TARGET_IMAGE_TAG_LATEST="$DOCKER_REPO/$IMAGE_NAME:latest"
+
+echo "Checking if docker images exist for '$IMAGE_NAME'"
+echo ""
+tags=$(gcloud container images list-tags "$DOCKER_REPO/$IMAGE_NAME" --limit 1 --format json)
+if [ "$tags" = "[]" ]; then
+  echo "No existing docker images were found for '$IMAGE_NAME'. The code tagged with '$GIT_TAG' may not have an associated dockerfile or docker build job."
+  echo "If this service has a dockerfile, add a docker-publish job for it in the circleci config."
+  echo ""
+  echo "Exiting"
+  exit 0
+fi
+
+echo "Tagging $SOURCE_IMAGE_TAG with '$IMAGE_TAG'"
+gcloud container images add-tag -q "$SOURCE_IMAGE_TAG" "$TARGET_IMAGE_TAG"
+
+# Only tag finalized releases with 'latest'
+if ! [[ "$IMAGE_TAG" =~ ^v1\.[0-9]+\.[0-9]+$ ]]; then
+  echo "Not tagging with 'latest' because the release is not finalized."
+  exit 0
+fi
+
+echo "Tagging $SOURCE_IMAGE_TAG with 'latest'"
+gcloud container images add-tag -q "$SOURCE_IMAGE_TAG" "$TARGET_IMAGE_TAG_LATEST"

.circleci/config.yml

@@ -0,0 +1,266 @@
+version: 2.1
+
+orbs:
+  gcp-cli: circleci/[email protected]
+  slack: circleci/[email protected]
+  utils: ethereum-optimism/[email protected]
+
+parameters:
+  go_version:
+    type: string
+    default: 1.23.8 # update CI Go version here
+
+commands:
+  gcp-oidc-authenticate:
+    description: "Authenticate with GCP using a CircleCI OIDC token."
+    parameters:
+      project_id:
+        type: env_var_name
+        default: GCP_PROJECT_ID
+      workload_identity_pool_id:
+        type: env_var_name
+        default: GCP_WIP_ID
+      workload_identity_pool_provider_id:
+        type: env_var_name
+        default: GCP_WIP_PROVIDER_ID
+      service_account_email:
+        type: env_var_name
+        default: GCP_SERVICE_ACCOUNT_EMAIL
+      gcp_cred_config_file_path:
+        type: string
+        default: /home/circleci/gcp_cred_config.json
+      oidc_token_file_path:
+        type: string
+        default: /home/circleci/oidc_token.json
+    steps:
+      - run:
+          name: "Create OIDC credential configuration"
+          command: |
+            # Store OIDC token in temp file
+            echo $CIRCLE_OIDC_TOKEN > << parameters.oidc_token_file_path >>
+            # Create a credential configuration for the generated OIDC ID Token
+            gcloud iam workload-identity-pools create-cred-config \
+                "projects/${<< parameters.project_id >>}/locations/global/workloadIdentityPools/${<< parameters.workload_identity_pool_id >>}/providers/${<< parameters.workload_identity_pool_provider_id >>}"\
+                --output-file="<< parameters.gcp_cred_config_file_path >>" \
+                --service-account="${<< parameters.service_account_email >>}" \
+                --credential-source-file=<< parameters.oidc_token_file_path >>
+      - run:
+          name: "Authenticate with GCP using OIDC"
+          command: |
+            # Configure gcloud to leverage the generated credential configuration
+            gcloud auth login --brief --cred-file "<< parameters.gcp_cred_config_file_path >>"
+            # Configure ADC
+            echo "export GOOGLE_APPLICATION_CREDENTIALS='<< parameters.gcp_cred_config_file_path >>'" | tee -a "$BASH_ENV"
+
+jobs:
+  build-and-deploy:
+    machine:
+      image: ubuntu-2004:current
+    steps:
+      - checkout
+      # Fetch more history for diffing
+      - run:
+          name: Fetch git history
+          command: |
+            git fetch --depth 1000
+
+      # Build forkdiff using Docker
+      - run:
+          name: Build forkdiff
+          command: |
+            docker run --volume $(pwd):/workspace \
+              protolambda/forkdiff:0.1.0 \
+              -repo=/workspace \
+              -fork=/workspace/fork.yaml \
+              -out=/workspace/index.html
+
+      # Prepare pages directory
+      - run:
+          name: Build pages
+          command: |
+            mkdir -p /tmp/pages
+            mv index.html /tmp/pages/index.html
+            touch /tmp/pages/.nojekyll
+            if [ "$CIRCLE_PROJECT_REPONAME" == "op-geth" ] && [ "$CIRCLE_PROJECT_USERNAME" == "ethereum-optimism" ]; then
+              echo "op-geth.optimism.io" > /tmp/pages/CNAME
+            fi
+      - utils/github-pages-deploy:
+          src-pages-dir: /tmp/pages
+  docker-release:
+    environment:
+      DOCKER_BUILDKIT: 1
+    parameters:
+      docker_name:
+        description: Docker image name
+        type: string
+        default: "op-geth"
+      docker_tags:
+        description: Docker image tags as csv
+        type: string
+      registry:
+        description: Docker registry
+        type: string
+        default: "us-docker.pkg.dev"
+      repo:
+        description: Docker repo
+        type: string
+        default: "oplabs-tools-artifacts/images"
+      push_tags:
+        description: Push release push tags
+        type: boolean
+        default: false
+    machine:
+      image: default
+      resource_class: xlarge
+    steps:
+      - gcp-cli/install
+      - gcp-oidc-authenticate
+      - checkout
+      - run:
+          name: Configure Docker
+          command: |
+            gcloud auth configure-docker <<parameters.registry>>
+      - run:
+          name: Build and push
+          command: |
+            RAW_TAGS="<<parameters.docker_tags>>"
+            if [ "$CIRCLE_BRANCH" = "optimism" ]; then
+              RAW_TAGS="$RAW_TAGS,optimism"
+            fi
+            IMAGE_BASE="<<parameters.registry>>/<<parameters.repo>>/<<parameters.docker_name>>"
+            DOCKER_TAGS=$(echo -ne "$RAW_TAGS" | sed "s/,/\n/g" | sed "s/[^a-zA-Z0-9\n.]/-/g" | sed -e "s|^|-t ${IMAGE_BASE}:|")
+            docker context create buildx-build
+            docker buildx create --use buildx-build
+            docker buildx build --push \
+              $(echo -ne $DOCKER_TAGS | tr '\n' ' ') \
+              --platform=linux/arm64,linux/amd64 \
+              --build-arg VERSION=$CIRCLE_TAG \
+              --build-arg COMMIT=$CIRCLE_SHA \
+              --build-arg BUILDNUM=$CIRCLE_BUILD_NUM \
+              --progress plain \
+              -f Dockerfile .
+      - when:
+          condition:
+            equal: [true, <<parameters.push_tags>>]
+          steps:
+            - run:
+                name: Tag
+                command: |
+                  ./.circleci/ci-docker-tag-op-geth-release.sh <<parameters.registry>>/<<parameters.repo>> $CIRCLE_TAG $CIRCLE_SHA1
+      - when:
+          condition:
+            equal: [optimism, << pipeline.git.branch >>]
+          steps:
+            - gcp-oidc-authenticate:
+                service_account_email: GCP_SERVICE_ATTESTOR_ACCOUNT_EMAIL
+            - run:
+                name: Sign
+                command: |
+                  git clone --branch v1.0.3 --depth 1 https://github.com/ethereum-optimism/binary_signer
+                  cd binary_signer/signer
+
+                  IMAGE_PATH="<<parameters.registry>>/<<parameters.repo>>/<<parameters.docker_name>>:<<pipeline.git.revision>>"
+                  echo $IMAGE_PATH
+                  pip3 install -r requirements.txt
+
+                  python3 ./sign_image.py --command="sign"\
+                      --attestor-project-name="$ATTESTOR_PROJECT_NAME"\
+                      --attestor-name="$ATTESTOR_NAME"\
+                      --image-path="$IMAGE_PATH"\
+                      --signer-logging-level="INFO"\
+                      --attestor-key-id="//cloudkms.googleapis.com/v1/projects/$ATTESTOR_PROJECT_NAME/locations/global/keyRings/$ATTESTOR_NAME-key-ring/cryptoKeys/$ATTESTOR_NAME-key/cryptoKeyVersions/1"
+
+  build-geth:
+    docker:
+      - image: cimg/go:<<pipeline.parameters.go_version>>
+    resource_class: xlarge
+    steps:
+      - checkout
+      - run:
+          command: go run build/ci.go install
+  unit-test:
+    resource_class: xlarge
+    docker:
+      - image: cimg/go:<<pipeline.parameters.go_version>>
+    steps:
+      - checkout
+      - run:
+          command: go run build/ci.go test
+  lint-geth:
+    resource_class: medium
+    docker:
+      - image: cimg/go:<<pipeline.parameters.go_version>>
+    steps:
+      - checkout
+      - run:
+          command: go run build/ci.go lint
+  tidy-geth:
+    resource_class: small
+    docker:
+      - image: cimg/go:<<pipeline.parameters.go_version>>
+    steps:
+      - checkout
+      - run:
+          command: go mod tidy && git diff --exit-code
+  check-sr-diff:
+    docker:
+      - image: cimg/go:<<pipeline.parameters.go_version>>
+    steps:
+      - checkout
+      - run:
+          name: install dasel
+          command: go install github.com/tomwright/dasel/v2/cmd/[email protected]
+      - run:
+          name: generate artifact and check diff
+          command: |
+            bash ./sync-superchain.sh
+            git diff --exit-code
+
+workflows:
+  main:
+    jobs:
+      - build-geth:
+          name: Build geth
+      - unit-test:
+          name: Run unit tests for geth
+      - lint-geth:
+          name: Run linter over geth
+      - tidy-geth:
+          name: Check geth go.mod file has been tidied
+      - docker-release:
+          name: Push to Docker
+          docker_tags: <<pipeline.git.revision>>
+          context:
+            - oplabs-gcr
+      - check-sr-diff:
+          name: Check superchain registry bundle diff
+  release:
+    jobs:
+      - hold:
+          type: approval
+          filters:
+            tags:
+              only: /^v.*/
+            branches:
+              ignore: /.*/
+      - docker-release:
+          name: Push to Docker (release)
+          filters:
+            tags:
+              only: /^v.*/
+            branches:
+              ignore: /.*/
+          docker_tags: <<pipeline.git.revision>>,<<pipeline.git.tag>>
+          push_tags: true
+          context:
+            - oplabs-gcr-release
+          requires:
+            - hold
+
+  merge:
+    jobs:
+      - build-and-deploy:
+          context: circleci-repo-op-geth
+          filters:
+            branches:
+              only: optimism

.github/CODEOWNERS

@@ -1,33 +1 @@
-# Lines starting with '#' are comments.
-# Each line is a file pattern followed by one or more owners.
-
-accounts/usbwallet/             @gballet
-accounts/scwallet/              @gballet
-accounts/abi/                   @gballet @MariusVanDerWijden
-beacon/engine/                  @MariusVanDerWijden @lightclient @fjl
-beacon/light/                   @zsfelfoldi
-beacon/merkle/                  @zsfelfoldi 
-beacon/types/                   @zsfelfoldi @fjl
-beacon/params/                  @zsfelfoldi @fjl
-cmd/evm/                        @MariusVanDerWijden @lightclient
-core/state/                     @rjl493456442
-crypto/                         @gballet @jwasinger @fjl
-core/                           @rjl493456442
-eth/                            @rjl493456442
-eth/catalyst/                   @MariusVanDerWijden @lightclient @fjl @jwasinger
-eth/tracers/                    @s1na
-ethclient/                      @fjl
-ethdb/                          @rjl493456442
-event/                          @fjl
-trie/                           @rjl493456442
-triedb/                         @rjl493456442
-core/tracing/                   @s1na
-graphql/                        @s1na
-internal/ethapi/                @fjl @s1na @lightclient
-internal/era/                   @lightclient
-miner/                          @MariusVanDerWijden @fjl @rjl493456442
-node/                           @fjl
-p2p/                            @fjl @zsfelfoldi
-rlp/                            @fjl
-params/                         @fjl @gballet @rjl493456442 @zsfelfoldi
-rpc/                            @fjl
+*  @ethereum-optimism/op-geth-maintainers