feat: Add integrity check

[kalidux]

• Updated actions/checkout to v4.
• Added SHA256 checksum calculation and verification for built binaries to ensure file integrity.
• Included file architecture validation to ensure correct binaries are built for each target platform.
• Updated the release draft step to include links to SHA256 checksum files for each binary.

Summary by CodeRabbit

• New Features

  • Enhanced GitHub Actions workflow for building and releasing the beacond binary.
  • Added SHA256 checksum generation for improved integrity verification of release artifacts.
  • Updated release notes to include SHA256 checksums for each binary.

• Improvements

  • Expanded build process with clearer comments and additional commands for better transparency.
  • Streamlined naming conventions for uploaded artifacts, ensuring consistency.

• Usability Enhancements

  • New column in release notes for direct links to SHA256 checksum files, simplifying user access.

[coderabbitai]

Walkthrough

The changes enhance the GitHub Actions workflow for building and releasing the beacond binary. Key updates include upgrading actions/checkout and actions/setup-go to version 4, expanding the build step with additional commands and comments, and introducing SHA256 checksum generation for integrity verification. The upload step now includes the checksum file, and the release notes have been updated to feature a new column for checksums, improving usability.

Changes

Files	Change Summary
.github/workflows/release.yaml	Upgraded actions/checkout and actions/setup-go to version 4; expanded build step with comments and SHA256 checksum generation; modified upload step to include checksum file; updated release notes with SHA256 checksum column.

Poem

🐇
In the meadow, binaries gleam,
With checksums to verify our dream.
The workflow dances, swift and bright,
As we hop along, everything feels right!
A tarball here, a checksum there,
Our releases sing, with love and care!
🌼

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

Commits

Files that changed from the base of the PR and between 2cc8a07 and 71456a5.

Files selected for processing (1)

• .github/workflows/release.yaml (2 hunks)

Additional comments not posted (5)

.github/workflows/release.yaml (5)

72-72: LGTM!

The code changes are approved.

---

80-90: LGTM!

The code changes are approved. The additional commands and comments improve the clarity and functionality of the build process. The SHA256 checksum calculation is a valuable addition for verifying the integrity of the release artifacts.

---

91-97: LGTM!

The code changes are approved. Uploading the SHA256 checksum file alongside the binary improves the usability and security of the release process. The consistent naming conventions enhance the clarity and organization of the uploaded artifacts.

---

166-170: LGTM!

The code changes are approved. The inclusion of the SHA256 checksum column in the release notes table is a valuable addition. It enhances the user experience by providing easy access to the integrity verification files for each binary.

---

Line range hint 1-190: Overall Approval

The changes made to the release workflow are excellent. The updates to the build process, artifact uploading, and release notes table all contribute to a more transparent, functional, and user-friendly experience. The inclusion of SHA256 checksums is a notable enhancement that strengthens the integrity verification of the released binaries.

Great work on improving the clarity, security, and usability of the release process!

[coderabbitai]

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

Commits

Files that changed from the base of the PR and between 71456a5 and ae56fd9.

Files selected for processing (1)

• .github/workflows/release.yaml (2 hunks)

Additional comments not posted (6)

.github/workflows/release.yaml (6)

72-72: Approved: Checkout action update

The update to actions/checkout@v4 is a good practice to keep the workflow using the latest stable version of the action.

---

75-75: Approved: Go version update

The update to Go version "^1.23" aligns with the previous suggestion and ensures the use of a recent Go version.

---

80-90: Approved: Enhanced build process

The new steps in the build process are excellent additions:

1. Building the binary with version and architecture information.
2. Displaying the architecture of the built binary for verification.
3. Creating a tar.gz archive for easy distribution.
4. Calculating and saving the SHA256 checksum for integrity verification.

These changes significantly improve the reliability and security of the release process.

---

91-97: Approved: Improved artifact upload

The modification to include the SHA256 checksum file in the artifact upload is a valuable improvement. This change:

1. Ensures that both the binary archive and its checksum are available as artifacts.
2. Facilitates easier integrity verification for users downloading the release.
3. Maintains consistency in naming conventions for the uploaded artifacts.

These enhancements contribute to a more robust and user-friendly release process.

---

Line range hint 1-197: Approved: Comprehensive and well-structured release workflow

The overall structure and completeness of the release workflow are commendable. Key points:

1. Multi-architecture builds (Linux amd64/arm64, Darwin arm64) are properly handled.
2. The release process includes crucial steps like checksumming and artifact uploads.
3. The release draft template is comprehensive, including a testing checklist, release checklist, and detailed binary information.

This workflow provides a robust and reliable process for releasing the project across multiple platforms.

---

Line range hint 1-197: Verified: Code changes align with PR objectives

The implemented changes in this workflow file are consistent with the stated PR objectives:

1. The actions/checkout has been updated to version 4 as mentioned.
2. Checksum calculation and verification steps have been added to the build process.
3. The release draft has been updated to include links to the SHA256 checksum files.
4. File architecture validation is implicitly handled by building for specific architectures and displaying the binary information.

These changes contribute to a more robust and reliable build process, ensuring the integrity and proper targeting of the released binaries.

[coderabbitai]

Actionable comments posted: 2

Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

Commits

Files that changed from the base of the PR and between ae56fd9 and f655dce.

Files selected for processing (1)

• .github/workflows/release.yaml (2 hunks)

Additional comments not posted (3)

.github/workflows/release.yaml (3)

91-97: Approved: Improved artifact upload with checksum

The updated artifact upload step now includes the SHA256 checksum file alongside the binary. This is an excellent practice for ensuring the integrity of the released artifacts. The consistent naming convention for artifacts also improves clarity and usability.

---

165-169: Approved: Enhanced release draft table with checksum links

The addition of SHA256 checksum links in the release draft table is an excellent improvement. It provides users with easy access to verify the integrity of the downloaded binaries.

As previously suggested, consider updating the table header formatting for better readability:

          |:---:|:---:|:---:|:---:|:---:|

This will ensure all columns are center-aligned.

---

Line range hint 1-190: Approved: Comprehensive improvements to the release workflow

The changes made to this workflow file significantly enhance the build and release process for BeaconKit. Key improvements include:

1. Updated action versions and Go version for better security and performance.
2. Enhanced build step with clear comments and SHA256 checksum generation.
3. Improved artifact upload process including checksum files.
4. Updated release draft table with easy access to checksum verification.

These changes contribute to a more robust, secure, and user-friendly release process. They demonstrate a strong commitment to software integrity and ease of use for end-users.

[coderabbitai]

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

Commits

Files that changed from the base of the PR and between f655dce and 30c0f90.

Files selected for processing (1)

• .github/workflows/release.yaml (2 hunks)

Additional context used

Learnings (1)

.github/workflows/release.yaml (1)

Learnt from: kalidux
PR: berachain/beacon-kit#1987
File: .github/workflows/release.yaml:80-90
Timestamp: 2024-09-02T19:12:33.071Z
Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.

Additional comments not posted (7)

.github/workflows/release.yaml (7)

72-75: The previous review comment is still valid. Skipping the comment.

---

80-90: LGTM: Enhanced build step with integrity checks

The new build step is well-structured and includes helpful comments explaining each command. The addition of SHA256 checksum calculation using shasum -a 256 is an excellent security measure.

As per the learning:

shasum -a 256 is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas sha256sum is not available by default on macOS.

---

91-91: Approved: Action version update

The update to actions/upload-artifact (v4) is a good improvement. It may introduce new features and bug fixes beneficial for the artifact upload process.

---

94-97: Approved: Artifact upload enhancements

The modifications to the artifact upload step are excellent improvements:

• Including the version, target OS, and architecture in the artifact name (${{ matrix.build.binary }}-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.configs.target-os }}-${{ matrix.configs.arch }}) ensures consistency and clarity.
• Uploading the SHA256 checksum file alongside the binary tarball facilitates easier integrity verification for users downloading the binaries.

---

167-167: Approved: Release draft table update for Linux amd64

The addition of the new row for the Linux amd64 binary, including the link to the binary tarball and its SHA256 checksum file, is consistent with the overall improvements in the release draft table. The inclusion of the SHA256 checksum link is particularly helpful for users to verify the integrity of the downloaded binary.

---

168-168: Approved: Release draft table update for Linux arm64

The addition of the new row for the Linux arm64 binary, including the link to the binary tarball and its SHA256 checksum file, is consistent with the overall improvements in the release draft table. The inclusion of the SHA256 checksum link is particularly helpful for users to verify the integrity of the downloaded binary.

---

169-169: Approved: Release draft table update for macOS arm64

The addition of the new row for the macOS arm64 binary, including the link to the binary tarball and its SHA256 checksum file, is consistent with the overall improvements in the release draft table. The inclusion of the SHA256 checksum link is particularly helpful for users to verify the integrity of the downloaded binary.

[coderabbitai]

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

Commits

Files that changed from the base of the PR and between 30c0f90 and bbe8cbe.

Files selected for processing (1)

• .github/workflows/release.yaml (2 hunks)

Additional context used

Learnings (1)

.github/workflows/release.yaml (1)

Learnt from: kalidux
PR: berachain/beacon-kit#1987
File: .github/workflows/release.yaml:80-90
Timestamp: 2024-09-02T19:12:33.071Z
Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.

Additional comments not posted (3)

.github/workflows/release.yaml (3)

80-90: Approved: Enhanced build step with integrity checks

The build step is well-structured and includes comprehensive commands for building the binary, displaying its architecture, creating a tar.gz archive, and calculating the SHA256 checksum. The use of shasum -a 256 for checksum calculation is appropriate and aligns with best practices for cross-platform compatibility.

---

91-97: Approved: Artifact upload step

The inclusion of both the binary and its SHA256 checksum in the artifact upload step is a good practice, enhancing the integrity verification process for users.

---

165-169: Approved with suggestion: Release draft table update

The addition of the SHA256 checksum column in the release draft table is an excellent improvement. It provides users with easy access to verify the integrity of the downloaded binaries.

However, the table formatting can be further improved. Consider updating the table header formatting as follows to ensure all columns are center-aligned for better readability:

          |:---:|:---:|:---:|:---:|:---:|

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

Commits

Files that changed from the base of the PR and between bbe8cbe and e320586.

Files selected for processing (1)

• .github/workflows/release.yaml (2 hunks)

Additional context used

Learnings (1)

.github/workflows/release.yaml (1)

Learnt from: kalidux
PR: berachain/beacon-kit#1987
File: .github/workflows/release.yaml:80-90
Timestamp: 2024-09-02T19:12:33.071Z
Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.

Additional comments not posted (4)

.github/workflows/release.yaml (4)

72-73: Approved: Updated GitHub Actions versions.

The updates to actions/checkout and actions/setup-go to version 4 are consistent with the PR objectives to leverage new features and improvements. The specified Go version "^1.23" is also appropriate.

Also applies to: 75-75

---

80-90: Approved: Enhanced build step with integrity checks.

The build step is well-structured and includes helpful comments explaining each command. The addition of SHA256 checksum calculation using shasum -a 256 is an excellent security measure, ensuring cross-platform compatibility.

---

91-97: Approved: Artifact upload step.

The artifact upload step correctly includes both the binary and its SHA256 checksum, facilitating easier integrity verification for users.

---

165-169: Approved with suggestion: Release draft table update.

The addition of SHA256 checksum links in the release draft table is an excellent improvement. It provides users with easy access to verify the integrity of the downloaded binaries. The table formatting has been updated to ensure all columns are center-aligned, enhancing readability.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

Commits

Files that changed from the base of the PR and between e320586 and 0cba7c4.

Files selected for processing (1)

• .github/workflows/release.yaml (2 hunks)

Additional context used

Learnings (1)

.github/workflows/release.yaml (1)

Learnt from: kalidux
PR: berachain/beacon-kit#1987
File: .github/workflows/release.yaml:80-90
Timestamp: 2024-09-02T19:12:33.071Z
Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.

Additional comments not posted (4)

.github/workflows/release.yaml (4)

72-73: Approved: Update of GitHub Actions to version 4.

The updates to actions/checkout and actions/setup-go to version 4 align with the PR objectives to leverage the latest features and fixes.

---

80-90: Approved: Build and checksum calculation steps.

The steps for building the binary, creating a tarball, and calculating the SHA256 checksum are clear and well-documented. The use of shasum -a 256 is appropriate for cross-platform compatibility, aligning with previous discussions and learnings.

---

91-97: Approved: Artifact upload steps.

The steps for uploading the binaries and their SHA256 checksums are well-structured and ensure that integrity verification is straightforward for users.

---

165-169: Approved: Release draft table update.

The updated release draft table, including SHA256 checksum links, enhances the usability and security of the release page. The table formatting is consistent and improves readability.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE

Commits

Files that changed from the base of the PR and between 0cba7c4 and 4ec16c8.

Files selected for processing (1)

• .github/workflows/release.yaml (2 hunks)

Additional context used

Learnings (1)

.github/workflows/release.yaml (1)

Learnt from: kalidux
PR: berachain/beacon-kit#1987
File: .github/workflows/release.yaml:80-90
Timestamp: 2024-09-02T19:12:33.071Z
Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.

Additional comments not posted (5)

.github/workflows/release.yaml (5)

72-73: Approved: Updated GitHub Actions versions.

The updates to actions/checkout and actions/setup-go to version 4 align with the PR objectives to leverage improvements in these actions.

---

75-75: Approved: Go version specification.

Specifying the Go version as "^1.23" ensures that the latest compatible minor version is used, which is beneficial for stability and performance.

---

80-89: Approved: Build and checksum calculation steps.

The detailed steps for building the binary, creating a tarball, and calculating the SHA256 checksum enhance the security and integrity of the build process. The use of shasum -a 256 is correctly applied for cross-platform compatibility.

---

91-97: Approved: Artifact upload steps.

The steps for uploading the binaries and their SHA256 checksums are well-implemented, ensuring that these artifacts are available for users to download and verify.

---

165-169: Approved: Release draft SHA256 checksum updates.

The updates to include SHA256 checksum links in the release draft provide users with easy access to verify the integrity of the binaries. The table formatting is correctly implemented to ensure readability.