-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add integrity check #1987
Conversation
WalkthroughThe changes enhance the GitHub Actions workflow for building and releasing the Changes
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Files selected for processing (1)
- .github/workflows/release.yaml (2 hunks)
Additional comments not posted (5)
.github/workflows/release.yaml (5)
72-72
: LGTM!The code changes are approved.
80-90
: LGTM!The code changes are approved. The additional commands and comments improve the clarity and functionality of the build process. The SHA256 checksum calculation is a valuable addition for verifying the integrity of the release artifacts.
91-97
: LGTM!The code changes are approved. Uploading the SHA256 checksum file alongside the binary improves the usability and security of the release process. The consistent naming conventions enhance the clarity and organization of the uploaded artifacts.
166-170
: LGTM!The code changes are approved. The inclusion of the SHA256 checksum column in the release notes table is a valuable addition. It enhances the user experience by providing easy access to the integrity verification files for each binary.
Line range hint
1-190
: Overall ApprovalThe changes made to the release workflow are excellent. The updates to the build process, artifact uploading, and release notes table all contribute to a more transparent, functional, and user-friendly experience. The inclusion of SHA256 checksums is a notable enhancement that strengthens the integrity verification of the released binaries.
Great work on improving the clarity, security, and usability of the release process!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Files selected for processing (1)
- .github/workflows/release.yaml (2 hunks)
Additional comments not posted (6)
.github/workflows/release.yaml (6)
72-72
: Approved: Checkout action updateThe update to
actions/checkout@v4
is a good practice to keep the workflow using the latest stable version of the action.
75-75
: Approved: Go version updateThe update to Go version "^1.23" aligns with the previous suggestion and ensures the use of a recent Go version.
80-90
: Approved: Enhanced build processThe new steps in the build process are excellent additions:
- Building the binary with version and architecture information.
- Displaying the architecture of the built binary for verification.
- Creating a tar.gz archive for easy distribution.
- Calculating and saving the SHA256 checksum for integrity verification.
These changes significantly improve the reliability and security of the release process.
91-97
: Approved: Improved artifact uploadThe modification to include the SHA256 checksum file in the artifact upload is a valuable improvement. This change:
- Ensures that both the binary archive and its checksum are available as artifacts.
- Facilitates easier integrity verification for users downloading the release.
- Maintains consistency in naming conventions for the uploaded artifacts.
These enhancements contribute to a more robust and user-friendly release process.
Line range hint
1-197
: Approved: Comprehensive and well-structured release workflowThe overall structure and completeness of the release workflow are commendable. Key points:
- Multi-architecture builds (Linux amd64/arm64, Darwin arm64) are properly handled.
- The release process includes crucial steps like checksumming and artifact uploads.
- The release draft template is comprehensive, including a testing checklist, release checklist, and detailed binary information.
This workflow provides a robust and reliable process for releasing the project across multiple platforms.
Line range hint
1-197
: Verified: Code changes align with PR objectivesThe implemented changes in this workflow file are consistent with the stated PR objectives:
- The
actions/checkout
has been updated to version 4 as mentioned.- Checksum calculation and verification steps have been added to the build process.
- The release draft has been updated to include links to the SHA256 checksum files.
- File architecture validation is implicitly handled by building for specific architectures and displaying the binary information.
These changes contribute to a more robust and reliable build process, ensuring the integrity and proper targeting of the released binaries.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 2
Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Files selected for processing (1)
- .github/workflows/release.yaml (2 hunks)
Additional comments not posted (3)
.github/workflows/release.yaml (3)
91-97
: Approved: Improved artifact upload with checksumThe updated artifact upload step now includes the SHA256 checksum file alongside the binary. This is an excellent practice for ensuring the integrity of the released artifacts. The consistent naming convention for artifacts also improves clarity and usability.
165-169
: Approved: Enhanced release draft table with checksum linksThe addition of SHA256 checksum links in the release draft table is an excellent improvement. It provides users with easy access to verify the integrity of the downloaded binaries.
As previously suggested, consider updating the table header formatting for better readability:
|:---:|:---:|:---:|:---:|:---:|
This will ensure all columns are center-aligned.
Line range hint
1-190
: Approved: Comprehensive improvements to the release workflowThe changes made to this workflow file significantly enhance the build and release process for BeaconKit. Key improvements include:
- Updated action versions and Go version for better security and performance.
- Enhanced build step with clear comments and SHA256 checksum generation.
- Improved artifact upload process including checksum files.
- Updated release draft table with easy access to checksum verification.
These changes contribute to a more robust, secure, and user-friendly release process. They demonstrate a strong commitment to software integrity and ease of use for end-users.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Files selected for processing (1)
- .github/workflows/release.yaml (2 hunks)
Additional context used
Learnings (1)
.github/workflows/release.yaml (1)
Learnt from: kalidux PR: berachain/beacon-kit#1987 File: .github/workflows/release.yaml:80-90 Timestamp: 2024-09-02T19:12:33.071Z Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.
Additional comments not posted (7)
.github/workflows/release.yaml (7)
72-75
: The previous review comment is still valid. Skipping the comment.
80-90
: LGTM: Enhanced build step with integrity checksThe new build step is well-structured and includes helpful comments explaining each command. The addition of SHA256 checksum calculation using
shasum -a 256
is an excellent security measure.As per the learning:
shasum -a 256
is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereassha256sum
is not available by default on macOS.
91-91
: Approved: Action version updateThe update to
actions/upload-artifact
(v4) is a good improvement. It may introduce new features and bug fixes beneficial for the artifact upload process.
94-97
: Approved: Artifact upload enhancementsThe modifications to the artifact upload step are excellent improvements:
- Including the version, target OS, and architecture in the artifact name (
${{ matrix.build.binary }}-${{ needs.extract-version.outputs.VERSION }}-${{ matrix.configs.target-os }}-${{ matrix.configs.arch }}
) ensures consistency and clarity.- Uploading the SHA256 checksum file alongside the binary tarball facilitates easier integrity verification for users downloading the binaries.
167-167
: Approved: Release draft table update for Linux amd64The addition of the new row for the Linux amd64 binary, including the link to the binary tarball and its SHA256 checksum file, is consistent with the overall improvements in the release draft table. The inclusion of the SHA256 checksum link is particularly helpful for users to verify the integrity of the downloaded binary.
168-168
: Approved: Release draft table update for Linux arm64The addition of the new row for the Linux arm64 binary, including the link to the binary tarball and its SHA256 checksum file, is consistent with the overall improvements in the release draft table. The inclusion of the SHA256 checksum link is particularly helpful for users to verify the integrity of the downloaded binary.
169-169
: Approved: Release draft table update for macOS arm64The addition of the new row for the macOS arm64 binary, including the link to the binary tarball and its SHA256 checksum file, is consistent with the overall improvements in the release draft table. The inclusion of the SHA256 checksum link is particularly helpful for users to verify the integrity of the downloaded binary.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Files selected for processing (1)
- .github/workflows/release.yaml (2 hunks)
Additional context used
Learnings (1)
.github/workflows/release.yaml (1)
Learnt from: kalidux PR: berachain/beacon-kit#1987 File: .github/workflows/release.yaml:80-90 Timestamp: 2024-09-02T19:12:33.071Z Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.
Additional comments not posted (3)
.github/workflows/release.yaml (3)
80-90
: Approved: Enhanced build step with integrity checksThe build step is well-structured and includes comprehensive commands for building the binary, displaying its architecture, creating a tar.gz archive, and calculating the SHA256 checksum. The use of
shasum -a 256
for checksum calculation is appropriate and aligns with best practices for cross-platform compatibility.
91-97
: Approved: Artifact upload stepThe inclusion of both the binary and its SHA256 checksum in the artifact upload step is a good practice, enhancing the integrity verification process for users.
165-169
: Approved with suggestion: Release draft table updateThe addition of the SHA256 checksum column in the release draft table is an excellent improvement. It provides users with easy access to verify the integrity of the downloaded binaries.
However, the table formatting can be further improved. Consider updating the table header formatting as follows to ensure all columns are center-aligned for better readability:
|:---:|:---:|:---:|:---:|:---:|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Files selected for processing (1)
- .github/workflows/release.yaml (2 hunks)
Additional context used
Learnings (1)
.github/workflows/release.yaml (1)
Learnt from: kalidux PR: berachain/beacon-kit#1987 File: .github/workflows/release.yaml:80-90 Timestamp: 2024-09-02T19:12:33.071Z Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.
Additional comments not posted (4)
.github/workflows/release.yaml (4)
72-73
: Approved: Updated GitHub Actions versions.The updates to
actions/checkout
andactions/setup-go
to version 4 are consistent with the PR objectives to leverage new features and improvements. The specified Go version "^1.23" is also appropriate.Also applies to: 75-75
80-90
: Approved: Enhanced build step with integrity checks.The build step is well-structured and includes helpful comments explaining each command. The addition of SHA256 checksum calculation using
shasum -a 256
is an excellent security measure, ensuring cross-platform compatibility.
91-97
: Approved: Artifact upload step.The artifact upload step correctly includes both the binary and its SHA256 checksum, facilitating easier integrity verification for users.
165-169
: Approved with suggestion: Release draft table update.The addition of SHA256 checksum links in the release draft table is an excellent improvement. It provides users with easy access to verify the integrity of the downloaded binaries. The table formatting has been updated to ensure all columns are center-aligned, enhancing readability.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Files selected for processing (1)
- .github/workflows/release.yaml (2 hunks)
Additional context used
Learnings (1)
.github/workflows/release.yaml (1)
Learnt from: kalidux PR: berachain/beacon-kit#1987 File: .github/workflows/release.yaml:80-90 Timestamp: 2024-09-02T19:12:33.071Z Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.
Additional comments not posted (4)
.github/workflows/release.yaml (4)
72-73
: Approved: Update of GitHub Actions to version 4.The updates to
actions/checkout
andactions/setup-go
to version 4 align with the PR objectives to leverage the latest features and fixes.
80-90
: Approved: Build and checksum calculation steps.The steps for building the binary, creating a tarball, and calculating the SHA256 checksum are clear and well-documented. The use of
shasum -a 256
is appropriate for cross-platform compatibility, aligning with previous discussions and learnings.
91-97
: Approved: Artifact upload steps.The steps for uploading the binaries and their SHA256 checksums are well-structured and ensure that integrity verification is straightforward for users.
165-169
: Approved: Release draft table update.The updated release draft table, including SHA256 checksum links, enhances the usability and security of the release page. The table formatting is consistent and improves readability.
- Updated `actions/checkout` to v4. - Added SHA256 checksum calculation and verification for built binaries to ensure file integrity. - Included file architecture validation to ensure correct binaries are built for each target platform. - Updated the release draft step to include links to SHA256 checksum files for each binary. Signed-off-by: Kalidux <kalidux@gmail.com>
Co-authored-by: Devon Bear <itsdevbear@gmail.com> Signed-off-by: Kalidux <kalidux@gmail.com>
Co-authored-by: Devon Bear <itsdevbear@gmail.com> Signed-off-by: Kalidux <kalidux@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: Kalidux <kalidux@gmail.com>
Signed-off-by: Kalidux <kalidux@gmail.com>
Signed-off-by: Kalidux <kalidux@gmail.com>
Signed-off-by: Kalidux <kalidux@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Files selected for processing (1)
- .github/workflows/release.yaml (2 hunks)
Additional context used
Learnings (1)
.github/workflows/release.yaml (1)
Learnt from: kalidux PR: berachain/beacon-kit#1987 File: .github/workflows/release.yaml:80-90 Timestamp: 2024-09-02T19:12:33.071Z Learning: `shasum -a 256` is preferred for cross-platform scripts targeting macOS and Linux due to its availability on both platforms, whereas `sha256sum` is not available by default on macOS.
Additional comments not posted (5)
.github/workflows/release.yaml (5)
72-73
: Approved: Updated GitHub Actions versions.The updates to
actions/checkout
andactions/setup-go
to version 4 align with the PR objectives to leverage improvements in these actions.
75-75
: Approved: Go version specification.Specifying the Go version as "^1.23" ensures that the latest compatible minor version is used, which is beneficial for stability and performance.
80-89
: Approved: Build and checksum calculation steps.The detailed steps for building the binary, creating a tarball, and calculating the SHA256 checksum enhance the security and integrity of the build process. The use of
shasum -a 256
is correctly applied for cross-platform compatibility.
91-97
: Approved: Artifact upload steps.The steps for uploading the binaries and their SHA256 checksums are well-implemented, ensuring that these artifacts are available for users to download and verify.
165-169
: Approved: Release draft SHA256 checksum updates.The updates to include SHA256 checksum links in the release draft provide users with easy access to verify the integrity of the binaries. The table formatting is correctly implemented to ensure readability.
This reverts commit d43eb56.
actions/checkout
to v4.Summary by CodeRabbit
New Features
beacond
binary.Improvements
Usability Enhancements