From 27daded90432d4d49afac43ed2343ca4bd0d4525 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Wed, 25 Mar 2026 16:32:21 -0400 Subject: [PATCH 01/19] actions/checkout update --- .github/actions/golangci-lint/action.yml | 4 ++-- .../setup-solana/build-contracts/action.yml | 3 +-- .github/workflows/bash-scripts.yml | 4 ++-- .github/workflows/build-publish.yml | 2 +- .github/workflows/chain-selectors-check.yml | 3 +-- .github/workflows/changeset.yml | 4 ++-- .github/workflows/changesets-preview-pr.yml | 2 +- .github/workflows/ci-core.yml | 18 +++++++++--------- .github/workflows/ci-protobuf.yml | 2 +- .../workflows/client-compatibility-tests.yml | 8 ++++---- .github/workflows/codeql.yml | 6 +++--- .github/workflows/cre-local-env-tests.yaml | 4 ++-- .../workflows/cre-regression-system-tests.yaml | 4 ++-- .github/workflows/cre-soak-memory-leak.yml | 2 +- .github/workflows/cre-system-tests.yaml | 4 ++-- .../workflows/cre-workflow-don-benchmark.yaml | 2 +- .github/workflows/delete-caches.yml | 2 +- .github/workflows/dependency-check.yml | 8 ++++---- .github/workflows/dependency-review.yml | 2 +- .github/workflows/docker-build.yml | 2 +- .github/workflows/go-mod-cache.yml | 2 +- .../workflows/integration-in-memory-tests.yml | 2 +- .github/workflows/integration-tests.yml | 12 ++++++------ .github/workflows/lint-gh-workflows.yml | 2 +- .github/workflows/operator-ui-ci.yml | 2 +- .github/workflows/pr-conflicts.yaml | 2 +- ...develop-from-smartcontractkit-chainlink.yml | 4 ++-- 27 files changed, 55 insertions(+), 57 deletions(-) diff --git a/.github/actions/golangci-lint/action.yml b/.github/actions/golangci-lint/action.yml index e4a5715e3f1..31aa2b9ea4f 100644 --- a/.github/actions/golangci-lint/action.yml +++ b/.github/actions/golangci-lint/action.yml @@ -27,7 +27,7 @@ runs: using: composite steps: - name: Checkout repo (full) - uses: actions/checkout@v4 + uses: actions/checkout@v6 # Only do a full checkout on merge_groups if: github.event_name == 'merge_group' with: @@ -35,7 +35,7 @@ runs: fetch-depth: 0 - name: Checkout repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 if: github.event_name != 'merge_group' with: persist-credentials: false diff --git a/.github/actions/setup-solana/build-contracts/action.yml b/.github/actions/setup-solana/build-contracts/action.yml index 21252a7af26..827cfebbe52 100644 --- a/.github/actions/setup-solana/build-contracts/action.yml +++ b/.github/actions/setup-solana/build-contracts/action.yml @@ -10,7 +10,7 @@ runs: using: composite steps: - name: Checkout chainlink-ccip - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: smartcontractkit/chainlink-ccip path: chainlink-ccip @@ -57,7 +57,6 @@ runs: echo "exists=false" >> $GITHUB_ENV fi - - name: Download artifact if it exists if: env.exists == 'true' shell: bash diff --git a/.github/workflows/bash-scripts.yml b/.github/workflows/bash-scripts.yml index c67a9080429..22db01d4a55 100644 --- a/.github/workflows/bash-scripts.yml +++ b/.github/workflows/bash-scripts.yml @@ -11,7 +11,7 @@ jobs: bash-scripts-src: ${{ steps.bash-scripts.outputs.src }} steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 @@ -27,7 +27,7 @@ jobs: needs: [changes] steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false - name: Run ShellCheck diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index d52b9f747e8..350d6737570 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -20,7 +20,7 @@ jobs: prerelease-phase: ${{ steps.detect-prerelease-phase.outputs.prerelease-phase }} is-hotfix: ${{ steps.detect-hotfix.outputs.is-hotfix }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/chain-selectors-check.yml b/.github/workflows/chain-selectors-check.yml index 7b8c144e14f..066b570d21e 100644 --- a/.github/workflows/chain-selectors-check.yml +++ b/.github/workflows/chain-selectors-check.yml @@ -11,13 +11,12 @@ on: branches: - release/* - jobs: verify-version: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/changeset.yml b/.github/workflows/changeset.yml index 900f206f48f..65564a46d82 100644 --- a/.github/workflows/changeset.yml +++ b/.github/workflows/changeset.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false fetch-depth: 0 @@ -93,7 +93,7 @@ jobs: run: echo "top_level_dir=$(pwd)" >> $GITHUB_OUTPUT - name: Checkout .Github repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/.github diff --git a/.github/workflows/changesets-preview-pr.yml b/.github/workflows/changesets-preview-pr.yml index 4a8fa1a9474..0d5dd66da65 100644 --- a/.github/workflows/changesets-preview-pr.yml +++ b/.github/workflows/changesets-preview-pr.yml @@ -17,7 +17,7 @@ jobs: pull-requests: write steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/ci-core.yml b/.github/workflows/ci-core.yml index 646d7596646..62842847893 100644 --- a/.github/workflows/ci-core.yml +++ b/.github/workflows/ci-core.yml @@ -44,7 +44,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/chainlink @@ -112,7 +112,7 @@ jobs: golangci: name: GolangCI Lint - needs: [filter, run-frequency ] + needs: [filter, run-frequency] # We don't directly merge dependabot PRs to not waste the resources. if: ${{ needs.filter.outputs.affected-modules != '[]' && github.event_name != 'merge_group' && github.actor != 'dependabot[bot]' }} permissions: @@ -133,7 +133,7 @@ jobs: metrics: cpu,network,memory,disk - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false @@ -238,7 +238,7 @@ jobs: name: Core Tests (${{ matrix.type.cmd }}) # Be careful modifying the job name, as it is used to fetch the job URL # We don't directly merge dependabot PRs, so let's not waste the resources if: ${{ github.actor != 'dependabot[bot]' }} - needs: [filter, run-frequency ] + needs: [filter, run-frequency] timeout-minutes: 60 # Use ubuntu-latest for jobs that will be skipped runs-on: ${{ matrix.type.should-run == 'true' && matrix.type.os || 'ubuntu-latest' }} @@ -254,7 +254,7 @@ jobs: - name: Checkout the repo if: ${{ matrix.type.should-run == 'true' }} - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false @@ -411,7 +411,7 @@ jobs: if: ${{ needs.filter.outputs.should-run-core-tests == 'true' }} steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Go uses: ./.github/actions/setup-go @@ -442,7 +442,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports @@ -545,7 +545,7 @@ jobs: run: shell: bash steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: persist-credentials: false - name: Setup Go @@ -604,7 +604,7 @@ jobs: name: Misc runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: persist-credentials: false - name: Setup go diff --git a/.github/workflows/ci-protobuf.yml b/.github/workflows/ci-protobuf.yml index 2d3d66fc9d3..0e55c192d39 100644 --- a/.github/workflows/ci-protobuf.yml +++ b/.github/workflows/ci-protobuf.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/client-compatibility-tests.yml b/.github/workflows/client-compatibility-tests.yml index 1b32e69a5ae..ec5e2cacf0f 100644 --- a/.github/workflows/client-compatibility-tests.yml +++ b/.github/workflows/client-compatibility-tests.yml @@ -47,7 +47,7 @@ jobs: dependency_changed: ${{ steps.changes.outputs.dependency_changed }} steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false fetch-depth: 0 @@ -344,7 +344,7 @@ jobs: needs: [should-run, select-versions] steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false ref: ${{ needs.select-versions.outputs.chainlink_version }} @@ -575,7 +575,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/chainlink @@ -845,7 +845,7 @@ jobs: - vrfv2plus steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false ref: ${{ needs.select-versions.outputs.chainlink_version }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 583699c29e7..0ca8226096b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,7 +13,7 @@ on: jobs: analyze: name: Analyze (${{ matrix.language }}) - needs: [ runner-config ] + needs: [runner-config] runs-on: ${{ matrix.runs-on || 'ubuntu-latest' }} permissions: # required for all workflows @@ -48,7 +48,7 @@ jobs: metrics: cpu,network,memory,disk - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Go if: matrix.language == 'go' @@ -78,7 +78,7 @@ jobs: - name: Build go code manually if: matrix.language == 'go' run: | - echo "::group::Builing all go code (go build ./...)" + echo "::group::Building all go code (go build ./...)" go build ./... echo "::endgroup::" diff --git a/.github/workflows/cre-local-env-tests.yaml b/.github/workflows/cre-local-env-tests.yaml index 3ef9b6aea53..eb911470db7 100644 --- a/.github/workflows/cre-local-env-tests.yaml +++ b/.github/workflows/cre-local-env-tests.yaml @@ -47,7 +47,7 @@ jobs: timeout-minutes: 5 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ github.event_name == 'pull_request' && github.sha || inputs.chainlink_version }} @@ -72,7 +72,7 @@ jobs: if: needs.changes.outputs.should-run-tests == 'true' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ github.event_name == 'pull_request' && github.sha || inputs.chainlink_version }} diff --git a/.github/workflows/cre-regression-system-tests.yaml b/.github/workflows/cre-regression-system-tests.yaml index a4ec65b103d..ae896a9d3d4 100644 --- a/.github/workflows/cre-regression-system-tests.yaml +++ b/.github/workflows/cre-regression-system-tests.yaml @@ -43,7 +43,7 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ inputs.chainlink_version }} persist-credentials: false @@ -115,7 +115,7 @@ jobs: metrics: cpu,network,memory,disk - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ inputs.chainlink_version }} persist-credentials: false diff --git a/.github/workflows/cre-soak-memory-leak.yml b/.github/workflows/cre-soak-memory-leak.yml index 3121aa54c9a..a67601a5f23 100644 --- a/.github/workflows/cre-soak-memory-leak.yml +++ b/.github/workflows/cre-soak-memory-leak.yml @@ -48,7 +48,7 @@ jobs: metrics: cpu,network,memory,disk - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ github.sha }} persist-credentials: false diff --git a/.github/workflows/cre-system-tests.yaml b/.github/workflows/cre-system-tests.yaml index ba27f356917..7ffe1901565 100644 --- a/.github/workflows/cre-system-tests.yaml +++ b/.github/workflows/cre-system-tests.yaml @@ -43,7 +43,7 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ inputs.chainlink_version }} persist-credentials: false @@ -162,7 +162,7 @@ jobs: metrics: cpu,network,memory,disk - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ inputs.chainlink_version }} persist-credentials: false diff --git a/.github/workflows/cre-workflow-don-benchmark.yaml b/.github/workflows/cre-workflow-don-benchmark.yaml index a8701694374..1fb50e246c4 100644 --- a/.github/workflows/cre-workflow-don-benchmark.yaml +++ b/.github/workflows/cre-workflow-don-benchmark.yaml @@ -40,7 +40,7 @@ jobs: if: github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' || github.event_name == 'workflow_call' || (github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'run-cre-workflow-don-benchmark')) steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ github.event_name == 'pull_request' && github.sha || inputs.chainlink_version }} diff --git a/.github/workflows/delete-caches.yml b/.github/workflows/delete-caches.yml index 41d02fb2eb8..c4f7756ca55 100644 --- a/.github/workflows/delete-caches.yml +++ b/.github/workflows/delete-caches.yml @@ -21,7 +21,7 @@ jobs: PR_NUMBER: ${{ github.event.pull_request.number }} steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index bdc8801db16..a25bb5d5006 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -11,7 +11,7 @@ jobs: changes: ${{ steps.changes.outputs.src }} steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: changes with: @@ -25,7 +25,7 @@ jobs: needs: [changes] steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false @@ -33,8 +33,8 @@ jobs: if: needs.changes.outputs.src == 'true' uses: ./.github/actions/setup-go with: - go-version-file: 'go.mod' - only-modules: 'true' + go-version-file: "go.mod" + only-modules: "true" - name: Write Go Modules list if: needs.changes.outputs.src == 'true' diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 714f88b48ae..1552cd27465 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -13,7 +13,7 @@ jobs: contents: read runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 persist-credentials: false diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 73385d5ab9e..a61c7d3c1e4 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -63,7 +63,7 @@ jobs: fi - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 ref: ${{ inputs.git-ref || github.sha }} diff --git a/.github/workflows/go-mod-cache.yml b/.github/workflows/go-mod-cache.yml index 22e0d6c095d..c1b7e65508f 100644 --- a/.github/workflows/go-mod-cache.yml +++ b/.github/workflows/go-mod-cache.yml @@ -58,7 +58,7 @@ jobs: metrics: cpu,network,memory,disk - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/integration-in-memory-tests.yml b/.github/workflows/integration-in-memory-tests.yml index 11f01e639ce..39b6423fef7 100644 --- a/.github/workflows/integration-in-memory-tests.yml +++ b/.github/workflows/integration-in-memory-tests.yml @@ -41,7 +41,7 @@ jobs: should_use_self_hosted_runner: ${{ steps.label-runs-on-opt-out.outputs.check-label-found == 'false' }} steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/chainlink diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 6f6c8fb8010..47b89fadf9b 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -58,7 +58,7 @@ jobs: steps: - run: echo "${{github.event_name}}" - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/chainlink @@ -102,7 +102,7 @@ jobs: ccip-changes: ${{ steps.changes.outputs.ccip_changes }} steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/chainlink @@ -273,7 +273,7 @@ jobs: - name: Checkout the repo if: matrix.image.should-build && steps.check-image-exists.outputs.exists != 'true' - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/chainlink @@ -709,7 +709,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/chainlink @@ -792,7 +792,7 @@ jobs: sha: ${{ steps.getsha.outputs.sha }} steps: - name: Checkout the repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/chainlink @@ -816,7 +816,7 @@ jobs: echo "short_sha=${short_sha}" | tee -a "$GITHUB_OUTPUT" - name: Checkout solana - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false repository: smartcontractkit/chainlink-solana diff --git a/.github/workflows/lint-gh-workflows.yml b/.github/workflows/lint-gh-workflows.yml index ae971f6052f..b5b1e0837bc 100644 --- a/.github/workflows/lint-gh-workflows.yml +++ b/.github/workflows/lint-gh-workflows.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false - name: Run actionlint diff --git a/.github/workflows/operator-ui-ci.yml b/.github/workflows/operator-ui-ci.yml index 9135bf4e68a..cbeda242453 100644 --- a/.github/workflows/operator-ui-ci.yml +++ b/.github/workflows/operator-ui-ci.yml @@ -32,7 +32,7 @@ jobs: url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/pr-conflicts.yaml b/.github/workflows/pr-conflicts.yaml index 73438a7986c..a1484c7e6db 100644 --- a/.github/workflows/pr-conflicts.yaml +++ b/.github/workflows/pr-conflicts.yaml @@ -16,7 +16,7 @@ jobs: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 1 diff --git a/.github/workflows/sync-develop-from-smartcontractkit-chainlink.yml b/.github/workflows/sync-develop-from-smartcontractkit-chainlink.yml index 939e67df17f..dd0e08d2657 100644 --- a/.github/workflows/sync-develop-from-smartcontractkit-chainlink.yml +++ b/.github/workflows/sync-develop-from-smartcontractkit-chainlink.yml @@ -3,14 +3,14 @@ name: Sync develop from smartcontractkit/chainlink on: schedule: # * is a special character in YAML so you have to quote this string - - cron: '*/30 * * * *' + - cron: "*/30 * * * *" jobs: sync: name: Sync runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: persist-credentials: false ref: develop From 21451a7a4988429753b7a37c26d2d51375ad7bff Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Wed, 25 Mar 2026 16:41:11 -0400 Subject: [PATCH 02/19] use cache-scope and max mode --- .github/workflows/integration-tests.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 47b89fadf9b..a99a6ebe4dd 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -220,6 +220,7 @@ jobs: runner: ${{ needs.labels.outputs.builder-runner-label-core || 'ubuntu22.04-8cores-32GB' }} dockerfile: core/chainlink.Dockerfile tag-suffix: "" + cache-scope: core # todo: optimize this conditional should-build: >- ${{ @@ -233,6 +234,7 @@ jobs: runner: ${{ needs.labels.outputs.builder-runner-label-plugins || 'ubuntu22.04-8cores-32GB' }} dockerfile: plugins/chainlink.Dockerfile tag-suffix: -plugins + cache-scope: plugins # todo: optimize this conditional should-build: >- ${{ @@ -281,7 +283,7 @@ jobs: - name: Build Chainlink Image if: matrix.image.should-build && steps.check-image-exists.outputs.exists != 'true' - uses: smartcontractkit/.github/actions/ctf-build-image@ctf-build-image/v1 + uses: smartcontractkit/.github/actions/ctf-build-image@fe827601f1dda1a2e56be1df5cb257717fc2c047 # DEBUG: Using test version with: image-tag: ${{ inputs.evm-ref || env.CHAINLINK_REF }}${{ matrix.image.tag-suffix }} dockerfile: ${{ matrix.image.dockerfile }} @@ -296,6 +298,7 @@ jobs: github.com/smartcontractkit/chainlink-evm=${{ inputs.evm-ref }} gati-role-arn: ${{ secrets.AWS_OIDC_CHAINLINK_READ_ONLY_TOKEN_ISSUER_ROLE_ARN }} gati-lambda-url: ${{ secrets.AWS_INFRA_RELENG_TOKEN_ISSUER_LAMBDA_URL }} + cache-scope: ${{ matrix.image.cache-scope }} run-core-cre-e2e-tests-setup: name: Run Core CRE E2E Tests Setup From e09d120a2efebd29536cd6ccdfb41dcf47015aa2 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Wed, 25 Mar 2026 16:51:19 -0400 Subject: [PATCH 03/19] Check results --- .github/actions/golangci-lint/action.yml | 2 +- .github/actions/setup-solana/build-contracts/action.yml | 2 +- .github/workflows/ci-core.yml | 4 ++-- .github/workflows/cre-local-env-tests.yaml | 2 +- .github/workflows/cre-regression-system-tests.yaml | 2 +- .github/workflows/cre-soak-memory-leak.yml | 4 ++-- .github/workflows/cre-system-tests.yaml | 2 +- .github/workflows/cre-workflow-don-benchmark.yaml | 4 ++-- .github/workflows/devenv-compat.yml | 2 +- .github/workflows/system-tests-nightly.yml | 2 +- 10 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/actions/golangci-lint/action.yml b/.github/actions/golangci-lint/action.yml index 31aa2b9ea4f..cdd516d4059 100644 --- a/.github/actions/golangci-lint/action.yml +++ b/.github/actions/golangci-lint/action.yml @@ -109,7 +109,7 @@ runs: - name: Store Golangci-lint report artifact if: always() id: upload-artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: # Use a unique suffix for each lint report artifact to avoid duplication errors name: golangci-lint-report-${{ steps.suffix.outputs.suffix }} diff --git a/.github/actions/setup-solana/build-contracts/action.yml b/.github/actions/setup-solana/build-contracts/action.yml index 827cfebbe52..5b9a88740bc 100644 --- a/.github/actions/setup-solana/build-contracts/action.yml +++ b/.github/actions/setup-solana/build-contracts/action.yml @@ -76,7 +76,7 @@ runs: - name: Upload artifact (if newly built) if: env.exists == 'false' continue-on-error: true # don't fail if the upload fails, it might conflict with another job - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: ${{ env.ARTIFACT_NAME }} path: chainlink-ccip/chains/solana/contracts/target/deploy/*.so diff --git a/.github/workflows/ci-core.yml b/.github/workflows/ci-core.yml index 62842847893..e22615a6edf 100644 --- a/.github/workflows/ci-core.yml +++ b/.github/workflows/ci-core.yml @@ -376,7 +376,7 @@ jobs: - name: Store logs artifacts if: ${{ always() && matrix.type.should-run == 'true' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: ${{ matrix.type.cmd }}_logs path: | @@ -426,7 +426,7 @@ jobs: - name: Store test report artifacts if: ${{ always() }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: go_core_scripts_tests_logs path: | diff --git a/.github/workflows/cre-local-env-tests.yaml b/.github/workflows/cre-local-env-tests.yaml index eb911470db7..68c44eb3b36 100644 --- a/.github/workflows/cre-local-env-tests.yaml +++ b/.github/workflows/cre-local-env-tests.yaml @@ -300,7 +300,7 @@ jobs: - name: Upload all artifacts as single package if: failure() - uses: actions/upload-artifact@v4.6.2 + uses: actions/upload-artifact@v7 with: name: local-cre-docker-logs path: ./core/scripts/cre/environment/logs/ diff --git a/.github/workflows/cre-regression-system-tests.yaml b/.github/workflows/cre-regression-system-tests.yaml index ae896a9d3d4..17728a8b167 100644 --- a/.github/workflows/cre-regression-system-tests.yaml +++ b/.github/workflows/cre-regression-system-tests.yaml @@ -238,7 +238,7 @@ jobs: - name: Upload all artifacts as single package if: failure() - uses: actions/upload-artifact@v4.6.2 + uses: actions/upload-artifact@v7 with: name: test-logs-${{ matrix.tests.test_name }}-${{ matrix.tests.topology }} path: | diff --git a/.github/workflows/cre-soak-memory-leak.yml b/.github/workflows/cre-soak-memory-leak.yml index a67601a5f23..16f24dbc6e0 100644 --- a/.github/workflows/cre-soak-memory-leak.yml +++ b/.github/workflows/cre-soak-memory-leak.yml @@ -130,7 +130,7 @@ jobs: - name: Upload alloc.pprof if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: alloc.pprof path: alloc.pprof @@ -138,7 +138,7 @@ jobs: - name: Upload Docker logs if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: soak-docker-logs path: system-tests/tests/soak/cre/logs diff --git a/.github/workflows/cre-system-tests.yaml b/.github/workflows/cre-system-tests.yaml index 7ffe1901565..38c9f11e3c0 100644 --- a/.github/workflows/cre-system-tests.yaml +++ b/.github/workflows/cre-system-tests.yaml @@ -353,7 +353,7 @@ jobs: - name: Upload all artifacts as single package if: failure() - uses: actions/upload-artifact@v4.6.2 + uses: actions/upload-artifact@v7 with: name: test-logs-${{ matrix.tests.test_name }}-${{ matrix.tests.topology }} path: | diff --git a/.github/workflows/cre-workflow-don-benchmark.yaml b/.github/workflows/cre-workflow-don-benchmark.yaml index 1fb50e246c4..b03be3df83c 100644 --- a/.github/workflows/cre-workflow-don-benchmark.yaml +++ b/.github/workflows/cre-workflow-don-benchmark.yaml @@ -173,7 +173,7 @@ jobs: fi - name: Upload node logs - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 timeout-minutes: 2 continue-on-error: true with: @@ -183,7 +183,7 @@ jobs: retention-days: 5 - name: Upload performance reports - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 timeout-minutes: 2 continue-on-error: true with: diff --git a/.github/workflows/devenv-compat.yml b/.github/workflows/devenv-compat.yml index d938653eb46..c2e8b56dff9 100644 --- a/.github/workflows/devenv-compat.yml +++ b/.github/workflows/devenv-compat.yml @@ -204,7 +204,7 @@ jobs: - name: Upload Logs if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: container-logs-smoke path: ${{ env.LOGS_DIR }} diff --git a/.github/workflows/system-tests-nightly.yml b/.github/workflows/system-tests-nightly.yml index 39b5f63dc9e..13eff02ed6c 100644 --- a/.github/workflows/system-tests-nightly.yml +++ b/.github/workflows/system-tests-nightly.yml @@ -352,7 +352,7 @@ jobs: - name: Upload Logs if: always() && steps.gate.outputs.should_run == 'true' - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: container-logs-${{ matrix.logs_archive_name }} path: devenv/tests/${{ matrix.tests_dir }}/logs From 1b7cc1b82a201a7319bad2cab601066ebef229ee Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 09:25:34 -0400 Subject: [PATCH 04/19] Actually use proper cache creation --- .github/workflows/integration-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index a99a6ebe4dd..497bdcb5ee4 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -283,7 +283,7 @@ jobs: - name: Build Chainlink Image if: matrix.image.should-build && steps.check-image-exists.outputs.exists != 'true' - uses: smartcontractkit/.github/actions/ctf-build-image@fe827601f1dda1a2e56be1df5cb257717fc2c047 # DEBUG: Using test version + uses: smartcontractkit/.github/actions/ctf-build-image@4180e789ed614707e353674386286deebbfa9792 # DEBUG: Using test version with: image-tag: ${{ inputs.evm-ref || env.CHAINLINK_REF }}${{ matrix.image.tag-suffix }} dockerfile: ${{ matrix.image.dockerfile }} From 068926bb0eadac65c9c33bc07eca6b755299c0d9 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 09:36:15 -0400 Subject: [PATCH 05/19] Check for cache From 1d5cb161ee45839d2ae8357a18ca4c17684fe604 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 10:09:04 -0400 Subject: [PATCH 06/19] Remove extra go mod download --- core/chainlink.Dockerfile | 28 ++++++++++++++++++++++++++++ plugins/chainlink.Dockerfile | 28 ++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/core/chainlink.Dockerfile b/core/chainlink.Dockerfile index 37412ca9077..c1bb1a09baa 100644 --- a/core/chainlink.Dockerfile +++ b/core/chainlink.Dockerfile @@ -13,6 +13,34 @@ COPY tools/bin/ldflags ./tools/bin/ ADD go.mod go.sum ./ RUN --mount=type=cache,target=/go/pkg/mod \ go mod download + +# Apply dependency overrides if specified (comma-separated: dep1=sha1,dep2=sha2) +ARG GO_OVERRIDE_DEPS +RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ + --mount=type=cache,target=/go/pkg/mod \ + set -eo pipefail && \ + if [ -n "$GO_OVERRIDE_DEPS" ]; then \ + export GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token && \ + if [ -f /run/secrets/GIT_AUTH_TOKEN ] && [ -s /run/secrets/GIT_AUTH_TOKEN ]; then \ + TOKEN=$(cat /run/secrets/GIT_AUTH_TOKEN) && \ + git config --file "$GIT_CONFIG_GLOBAL" \ + url."https://oauth2:${TOKEN}@github.com/".insteadOf "https://github.com/"; \ + fi && \ + IFS=',' && \ + for entry in $GO_OVERRIDE_DEPS; do \ + dep="${entry%%=*}" && \ + sha="${entry#*=}" && \ + [ -z "$dep" ] && continue; \ + [ -z "$sha" ] && continue; \ + echo "Overriding: github.com/smartcontractkit/${dep}@${sha}" && \ + go get "github.com/smartcontractkit/${dep}@${sha}"; \ + done && \ + unset IFS && \ + go mod tidy && \ + go mod download && \ + rm -f "$GIT_CONFIG_GLOBAL"; \ + fi + COPY . . # Install Delve for debugging with cache mounts diff --git a/plugins/chainlink.Dockerfile b/plugins/chainlink.Dockerfile index 9b6420ed7b5..17a0493ace4 100644 --- a/plugins/chainlink.Dockerfile +++ b/plugins/chainlink.Dockerfile @@ -15,6 +15,34 @@ COPY tools/bin/ldflags ./tools/bin/ ADD go.mod go.sum ./ RUN --mount=type=cache,target=/go/pkg/mod \ go mod download + +# Apply dependency overrides if specified (comma-separated: dep1=sha1,dep2=sha2) +ARG GO_OVERRIDE_DEPS +RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ + --mount=type=cache,target=/go/pkg/mod \ + set -eo pipefail && \ + if [ -n "$GO_OVERRIDE_DEPS" ]; then \ + export GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token && \ + if [ -f /run/secrets/GIT_AUTH_TOKEN ] && [ -s /run/secrets/GIT_AUTH_TOKEN ]; then \ + TOKEN=$(cat /run/secrets/GIT_AUTH_TOKEN) && \ + git config --file "$GIT_CONFIG_GLOBAL" \ + url."https://oauth2:${TOKEN}@github.com/".insteadOf "https://github.com/"; \ + fi && \ + IFS=',' && \ + for entry in $GO_OVERRIDE_DEPS; do \ + dep="${entry%%=*}" && \ + sha="${entry#*=}" && \ + [ -z "$dep" ] && continue; \ + [ -z "$sha" ] && continue; \ + echo "Overriding: github.com/smartcontractkit/${dep}@${sha}" && \ + go get "github.com/smartcontractkit/${dep}@${sha}"; \ + done && \ + unset IFS && \ + go mod tidy && \ + go mod download && \ + rm -f "$GIT_CONFIG_GLOBAL"; \ + fi + COPY . . # Install Delve for debugging with cache mounts From dee1180d52b262c39e78a90e6174baab5edfad3b Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 10:10:47 -0400 Subject: [PATCH 07/19] ACTUALLY remove extra docker download --- .github/workflows/integration-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 497bdcb5ee4..173f2610d38 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -283,7 +283,7 @@ jobs: - name: Build Chainlink Image if: matrix.image.should-build && steps.check-image-exists.outputs.exists != 'true' - uses: smartcontractkit/.github/actions/ctf-build-image@4180e789ed614707e353674386286deebbfa9792 # DEBUG: Using test version + uses: smartcontractkit/.github/actions/ctf-build-image@f0275754cf0d07a831a0d8d8f5b09fba033051c9 # DEBUG: Using test version with: image-tag: ${{ inputs.evm-ref || env.CHAINLINK_REF }}${{ matrix.image.tag-suffix }} dockerfile: ${{ matrix.image.dockerfile }} From 1b40bbb07fd31840e15abb76a0192775e50d68b9 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 10:16:08 -0400 Subject: [PATCH 08/19] Fix pipefall --- core/chainlink.Dockerfile | 2 +- plugins/chainlink.Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/core/chainlink.Dockerfile b/core/chainlink.Dockerfile index c1bb1a09baa..0cb65e80c82 100644 --- a/core/chainlink.Dockerfile +++ b/core/chainlink.Dockerfile @@ -18,7 +18,7 @@ RUN --mount=type=cache,target=/go/pkg/mod \ ARG GO_OVERRIDE_DEPS RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ --mount=type=cache,target=/go/pkg/mod \ - set -eo pipefail && \ + set -e && \ if [ -n "$GO_OVERRIDE_DEPS" ]; then \ export GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token && \ if [ -f /run/secrets/GIT_AUTH_TOKEN ] && [ -s /run/secrets/GIT_AUTH_TOKEN ]; then \ diff --git a/plugins/chainlink.Dockerfile b/plugins/chainlink.Dockerfile index 17a0493ace4..c5ac4697f22 100644 --- a/plugins/chainlink.Dockerfile +++ b/plugins/chainlink.Dockerfile @@ -20,7 +20,7 @@ RUN --mount=type=cache,target=/go/pkg/mod \ ARG GO_OVERRIDE_DEPS RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ --mount=type=cache,target=/go/pkg/mod \ - set -eo pipefail && \ + set -e && \ if [ -n "$GO_OVERRIDE_DEPS" ]; then \ export GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token && \ if [ -f /run/secrets/GIT_AUTH_TOKEN ] && [ -s /run/secrets/GIT_AUTH_TOKEN ]; then \ From 617bfcf26f0f959d610f1939784f2f90b30f8cd4 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 10:42:36 -0400 Subject: [PATCH 09/19] Cache go modules as part of docker layers --- core/chainlink.Dockerfile | 16 +++++----------- plugins/chainlink.Dockerfile | 16 +++++----------- 2 files changed, 10 insertions(+), 22 deletions(-) diff --git a/core/chainlink.Dockerfile b/core/chainlink.Dockerfile index 0cb65e80c82..30e67811234 100644 --- a/core/chainlink.Dockerfile +++ b/core/chainlink.Dockerfile @@ -11,13 +11,11 @@ COPY GNUmakefile package.json ./ COPY tools/bin/ldflags ./tools/bin/ ADD go.mod go.sum ./ -RUN --mount=type=cache,target=/go/pkg/mod \ - go mod download +RUN go mod download # Apply dependency overrides if specified (comma-separated: dep1=sha1,dep2=sha2) ARG GO_OVERRIDE_DEPS RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ - --mount=type=cache,target=/go/pkg/mod \ set -e && \ if [ -n "$GO_OVERRIDE_DEPS" ]; then \ export GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token && \ @@ -43,9 +41,8 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ COPY . . -# Install Delve for debugging with cache mounts -RUN --mount=type=cache,target=/go/pkg/mod \ - --mount=type=cache,target=/root/.cache/go-build \ +# Install Delve for debugging +RUN --mount=type=cache,target=/root/.cache/go-build \ go install github.com/go-delve/delve/cmd/dlv@v1.24.2 # Flag to control installation of private plugins (default: true). @@ -61,7 +58,6 @@ ARG CL_IS_PROD_BUILD=true ENV CL_LOOPINSTALL_OUTPUT_DIR=/tmp/loopinstall-output \ GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ - --mount=type=cache,target=/go/pkg/mod \ --mount=type=cache,target=/root/.cache/go-build \ set -e && \ trap 'rm -f "$GIT_CONFIG_GLOBAL"' EXIT && \ @@ -76,15 +72,13 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ fi # Copy any shared libraries. -RUN --mount=type=cache,target=/go/pkg/mod \ - mkdir -p /tmp/lib && \ +RUN mkdir -p /tmp/lib && \ ./plugins/scripts/copy_loopinstall_libs.sh \ "$CL_LOOPINSTALL_OUTPUT_DIR" \ /tmp/lib # Build chainlink. -RUN --mount=type=cache,target=/go/pkg/mod \ - --mount=type=cache,target=/root/.cache/go-build \ +RUN --mount=type=cache,target=/root/.cache/go-build \ if [ "$CL_IS_PROD_BUILD" = "false" ]; then \ GOBIN=/gobins make install-chainlink-dev; \ else \ diff --git a/plugins/chainlink.Dockerfile b/plugins/chainlink.Dockerfile index c5ac4697f22..ca022b67c3a 100644 --- a/plugins/chainlink.Dockerfile +++ b/plugins/chainlink.Dockerfile @@ -13,13 +13,11 @@ COPY GNUmakefile package.json ./ COPY tools/bin/ldflags ./tools/bin/ ADD go.mod go.sum ./ -RUN --mount=type=cache,target=/go/pkg/mod \ - go mod download +RUN go mod download # Apply dependency overrides if specified (comma-separated: dep1=sha1,dep2=sha2) ARG GO_OVERRIDE_DEPS RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ - --mount=type=cache,target=/go/pkg/mod \ set -e && \ if [ -n "$GO_OVERRIDE_DEPS" ]; then \ export GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token && \ @@ -45,9 +43,8 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ COPY . . -# Install Delve for debugging with cache mounts -RUN --mount=type=cache,target=/go/pkg/mod \ - --mount=type=cache,target=/root/.cache/go-build \ +# Install Delve for debugging +RUN --mount=type=cache,target=/root/.cache/go-build \ go install github.com/go-delve/delve/cmd/dlv@v1.24.2 # Flag to control installation of private plugins (default: false). @@ -65,7 +62,6 @@ ARG VERSION_TAG ENV CL_LOOPINSTALL_OUTPUT_DIR=/tmp/loopinstall-output \ GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ - --mount=type=cache,target=/go/pkg/mod \ --mount=type=cache,target=/root/.cache/go-build \ set -e && \ trap 'rm -f "$GIT_CONFIG_GLOBAL"' EXIT && \ @@ -80,15 +76,13 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ fi # Copy any shared libraries. -RUN --mount=type=cache,target=/go/pkg/mod \ - mkdir -p /tmp/lib && \ +RUN mkdir -p /tmp/lib && \ ./plugins/scripts/copy_loopinstall_libs.sh \ "$CL_LOOPINSTALL_OUTPUT_DIR" \ /tmp/lib # Build chainlink. -RUN --mount=type=cache,target=/go/pkg/mod \ - --mount=type=cache,target=/root/.cache/go-build \ +RUN --mount=type=cache,target=/root/.cache/go-build \ if [ "$CL_IS_PROD_BUILD" = "false" ]; then \ GOBIN=/gobins make install-chainlink-dev; \ else \ From f37f5a4181290c085a3ebe2a3df9a9b24facfad3 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 10:53:15 -0400 Subject: [PATCH 10/19] Check results From d86a7ea4a8a9014bc796e0c925d7b167857a1a2d Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 11:13:50 -0400 Subject: [PATCH 11/19] Optimize Dockerfile --- .dockerignore | 5 +++ .github/workflows/integration-tests.yml | 2 +- core/chainlink.Dockerfile | 43 ++++++++++++----------- plugins/chainlink.Dockerfile | 46 +++++++++++++------------ 4 files changed, 53 insertions(+), 43 deletions(-) diff --git a/.dockerignore b/.dockerignore index 3d3091c6a58..c150affa90f 100644 --- a/.dockerignore +++ b/.dockerignore @@ -11,6 +11,11 @@ tmp/ contracts/node_modules examples/ +.changeset/ +.github/ +docs/ +fuzz/ + devenv/ deployment/ integration/ diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 173f2610d38..52da6bcf546 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -283,7 +283,7 @@ jobs: - name: Build Chainlink Image if: matrix.image.should-build && steps.check-image-exists.outputs.exists != 'true' - uses: smartcontractkit/.github/actions/ctf-build-image@f0275754cf0d07a831a0d8d8f5b09fba033051c9 # DEBUG: Using test version + uses: smartcontractkit/.github/actions/ctf-build-image@f0275754cf0d07a831a0d8d8f5b09fba033051c9 # TODO: Update to release tag after .github changes are merged with: image-tag: ${{ inputs.evm-ref || env.CHAINLINK_REF }}${{ matrix.image.tag-suffix }} dockerfile: ${{ matrix.image.dockerfile }} diff --git a/core/chainlink.Dockerfile b/core/chainlink.Dockerfile index 30e67811234..6de250cb8ed 100644 --- a/core/chainlink.Dockerfile +++ b/core/chainlink.Dockerfile @@ -1,7 +1,9 @@ ## # Build image: Chainlink binary with plugins. ## -FROM golang:1.25.7-bookworm AS buildgo + +# Stage: Dependencies - module downloads and source +FROM golang:1.25.7-bookworm AS deps RUN go version RUN apt-get update && apt-get install -y jq && rm -rf /var/lib/apt/lists/* @@ -41,24 +43,19 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ COPY . . -# Install Delve for debugging -RUN --mount=type=cache,target=/root/.cache/go-build \ - go install github.com/go-delve/delve/cmd/dlv@v1.24.2 +# Stage: Delve debugger (runs in parallel with plugins and chainlink) +FROM deps AS build-delve +RUN go install github.com/go-delve/delve/cmd/dlv@v1.24.2 -# Flag to control installation of private plugins (default: true). +# Stage: Plugins (runs in parallel with delve and chainlink) +FROM deps AS build-plugins ARG CL_INSTALL_PRIVATE_PLUGINS=true -# Flag to control installation of testing plugins (default: false). ARG CL_INSTALL_TESTING_PLUGINS=false -# Env vars needed for chainlink build -ARG COMMIT_SHA -ARG VERSION_TAG -# Flag to control whether this is a prod build (default: true) -ARG CL_IS_PROD_BUILD=true ENV CL_LOOPINSTALL_OUTPUT_DIR=/tmp/loopinstall-output \ GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ - --mount=type=cache,target=/root/.cache/go-build \ + --mount=type=cache,target=/root/.cache/go-build,id=go-build-plugins \ set -e && \ trap 'rm -f "$GIT_CONFIG_GLOBAL"' EXIT && \ ./plugins/scripts/setup_git_auth.sh && \ @@ -71,14 +68,19 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ GOBIN=/gobins CL_LOOPINSTALL_OUTPUT_DIR=${CL_LOOPINSTALL_OUTPUT_DIR} make install-plugins-testing; \ fi -# Copy any shared libraries. RUN mkdir -p /tmp/lib && \ ./plugins/scripts/copy_loopinstall_libs.sh \ "$CL_LOOPINSTALL_OUTPUT_DIR" \ /tmp/lib -# Build chainlink. -RUN --mount=type=cache,target=/root/.cache/go-build \ +# Stage: Chainlink binary (runs in parallel with delve and plugins) +FROM deps AS build-chainlink +ARG COMMIT_SHA +ARG VERSION_TAG +ARG CL_IS_PROD_BUILD=true + +RUN --mount=type=cache,target=/root/.cache/go-build,id=go-build-chainlink \ + mkdir -p /gobins && \ if [ "$CL_IS_PROD_BUILD" = "false" ]; then \ GOBIN=/gobins make install-chainlink-dev; \ else \ @@ -120,12 +122,13 @@ COPY ./cci[p]/confi[g] /ccip-config ARG CL_CHAIN_DEFAULTS ENV CL_CHAIN_DEFAULTS=${CL_CHAIN_DEFAULTS} -# Copy the binaries from the build stage (plugins + chainlink). -COPY --from=buildgo /gobins/ /usr/local/bin/ -# Copy shared libraries from the build stage. -COPY --from=buildgo /tmp/lib /usr/lib/ +# Copy the binaries from the parallel build stages. +COPY --from=build-plugins /gobins/ /usr/local/bin/ +COPY --from=build-chainlink /gobins/ /usr/local/bin/ +# Copy shared libraries from the plugins build stage. +COPY --from=build-plugins /tmp/lib /usr/lib/ # Copy dlv (Delve debugger) from the build stage. -COPY --from=buildgo /go/bin/dlv /usr/local/bin/ +COPY --from=build-delve /go/bin/dlv /usr/local/bin/ WORKDIR /home/${CHAINLINK_USER} diff --git a/plugins/chainlink.Dockerfile b/plugins/chainlink.Dockerfile index ca022b67c3a..0e0fc094599 100644 --- a/plugins/chainlink.Dockerfile +++ b/plugins/chainlink.Dockerfile @@ -3,7 +3,9 @@ # XXX: Experimental -- not to be used to build images for production use. # See: ../core/chainlink.Dockerfile for the production Dockerfile. ## -FROM golang:1.25.7-bookworm AS buildgo + +# Stage: Dependencies - module downloads and source +FROM golang:1.25.7-bookworm AS deps RUN go version RUN apt-get update && apt-get install -y jq && rm -rf /var/lib/apt/lists/* @@ -43,26 +45,19 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ COPY . . -# Install Delve for debugging -RUN --mount=type=cache,target=/root/.cache/go-build \ - go install github.com/go-delve/delve/cmd/dlv@v1.24.2 +# Stage: Delve debugger (runs in parallel with plugins and chainlink) +FROM deps AS build-delve +RUN go install github.com/go-delve/delve/cmd/dlv@v1.24.2 -# Flag to control installation of private plugins (default: false). +# Stage: Plugins (runs in parallel with delve and chainlink) +FROM deps AS build-plugins ARG CL_INSTALL_PRIVATE_PLUGINS=false -# Flag to control installation of testing plugins (default: false). ARG CL_INSTALL_TESTING_PLUGINS=false -# Flag to control whether this is a prod build (default: true) -ARG CL_IS_PROD_BUILD=true -# Flags for Go Delve debugger -ARG GO_GCFLAGS -# Env vars needed for chainlink build -ARG COMMIT_SHA -ARG VERSION_TAG ENV CL_LOOPINSTALL_OUTPUT_DIR=/tmp/loopinstall-output \ GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ - --mount=type=cache,target=/root/.cache/go-build \ + --mount=type=cache,target=/root/.cache/go-build,id=go-build-plugins \ set -e && \ trap 'rm -f "$GIT_CONFIG_GLOBAL"' EXIT && \ ./plugins/scripts/setup_git_auth.sh && \ @@ -75,14 +70,20 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ GOBIN=/gobins CL_LOOPINSTALL_OUTPUT_DIR=${CL_LOOPINSTALL_OUTPUT_DIR} make install-plugins-testing; \ fi -# Copy any shared libraries. RUN mkdir -p /tmp/lib && \ ./plugins/scripts/copy_loopinstall_libs.sh \ "$CL_LOOPINSTALL_OUTPUT_DIR" \ /tmp/lib -# Build chainlink. -RUN --mount=type=cache,target=/root/.cache/go-build \ +# Stage: Chainlink binary (runs in parallel with delve and plugins) +FROM deps AS build-chainlink +ARG CL_IS_PROD_BUILD=true +ARG GO_GCFLAGS +ARG COMMIT_SHA +ARG VERSION_TAG + +RUN --mount=type=cache,target=/root/.cache/go-build,id=go-build-chainlink \ + mkdir -p /gobins && \ if [ "$CL_IS_PROD_BUILD" = "false" ]; then \ GOBIN=/gobins make install-chainlink-dev; \ else \ @@ -108,7 +109,7 @@ RUN if [ ${CHAINLINK_USER} != root ]; then useradd --uid 14933 --create-home ${C USER ${CHAINLINK_USER} # Copy Delve debugger from build stage. -COPY --from=buildgo /go/bin/dlv /usr/local/bin/dlv +COPY --from=build-delve /go/bin/dlv /usr/local/bin/dlv # Expose image metadata to the running node. ARG CL_AUTO_DOCKER_TAG=unset @@ -127,10 +128,11 @@ COPY ./cci[p]/confi[g] /ccip-config ARG CL_CHAIN_DEFAULTS ENV CL_CHAIN_DEFAULTS=${CL_CHAIN_DEFAULTS} -# Copy the binaries from the build stage (plugins + chainlink). -COPY --from=buildgo /gobins/ /usr/local/bin/ -# Copy shared libraries from the build stage. -COPY --from=buildgo /tmp/lib /usr/lib/ +# Copy the binaries from the parallel build stages. +COPY --from=build-plugins /gobins/ /usr/local/bin/ +COPY --from=build-chainlink /gobins/ /usr/local/bin/ +# Copy shared libraries from the plugins build stage. +COPY --from=build-plugins /tmp/lib /usr/lib/ WORKDIR /home/${CHAINLINK_USER} From 22f9154a1b6840bacdfdcea94176cb7eba38779e Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 11:25:44 -0400 Subject: [PATCH 12/19] Test Optimize Dockerfile From 980ce186e2932528b890ae2683d1243129a1fd83 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 11:47:39 -0400 Subject: [PATCH 13/19] zstd and no free disk space --- .github/workflows/integration-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 52da6bcf546..5537f7711f1 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -283,7 +283,7 @@ jobs: - name: Build Chainlink Image if: matrix.image.should-build && steps.check-image-exists.outputs.exists != 'true' - uses: smartcontractkit/.github/actions/ctf-build-image@f0275754cf0d07a831a0d8d8f5b09fba033051c9 # TODO: Update to release tag after .github changes are merged + uses: smartcontractkit/.github/actions/ctf-build-image@ab75dfeec614d828544435a2f64e52a7e60188ff # TODO: Update to release tag after .github changes are merged with: image-tag: ${{ inputs.evm-ref || env.CHAINLINK_REF }}${{ matrix.image.tag-suffix }} dockerfile: ${{ matrix.image.dockerfile }} From 2a779132edb56c77516ce2039c81db29a406ce8d Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 11:54:11 -0400 Subject: [PATCH 14/19] Test zstd and no free disk space From 5c12664c448118314f7806faa292fcc96caa4582 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 12:07:55 -0400 Subject: [PATCH 15/19] Test with cheaper runner --- .github/workflows/integration-tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 5537f7711f1..d03c8dc87f0 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -180,8 +180,8 @@ jobs: GH_BUILDER_RUNNER: ubuntu22.04-8cores-32GB GH_SOLANA_RUNNER: ubuntu22.04-8cores-32GB # include unique label (core/plugins/solana) to ensure jobs are not competing for the same runner - SH_BUILDER_RUNNER_CORE: runs-on=${{ github.run_id }}-core/cpu=32+36/memory=64+72/family=c6i+c7i+c5.*/extras=s3-cache+tmpfs - SH_BUILDER_RUNNER_PLUGINS: runs-on=${{ github.run_id }}-plugins/cpu=32+36/memory=64+72/family=c6i+c7i+c5.*/extras=s3-cache+tmpfs + SH_BUILDER_RUNNER_CORE: runs-on=${{ github.run_id }}-core/cpu=16+24/memory=32+40/family=c6i+c7i+c5.*/extras=s3-cache+tmpfs + SH_BUILDER_RUNNER_PLUGINS: runs-on=${{ github.run_id }}-plugins/cpu=16+24/memory=32+40/family=c6i+c7i+c5.*/extras=s3-cache+tmpfs SH_SOLANA_RUNNER: runs-on=${{ github.run_id }}-solana/cpu=48/ram=96/family=c6i/spot=false/image=ubuntu24-full-x64/extras=s3-cache+tmpfs run: | if [[ "${OPT_OUT}" == "true" ]]; then From b2f08d2ae17a2482b52ee4ddbacdeac1d3e7bd83 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 12:34:55 -0400 Subject: [PATCH 16/19] Revert smaller runner as it was 1m increase --- .github/workflows/integration-tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index d03c8dc87f0..5537f7711f1 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -180,8 +180,8 @@ jobs: GH_BUILDER_RUNNER: ubuntu22.04-8cores-32GB GH_SOLANA_RUNNER: ubuntu22.04-8cores-32GB # include unique label (core/plugins/solana) to ensure jobs are not competing for the same runner - SH_BUILDER_RUNNER_CORE: runs-on=${{ github.run_id }}-core/cpu=16+24/memory=32+40/family=c6i+c7i+c5.*/extras=s3-cache+tmpfs - SH_BUILDER_RUNNER_PLUGINS: runs-on=${{ github.run_id }}-plugins/cpu=16+24/memory=32+40/family=c6i+c7i+c5.*/extras=s3-cache+tmpfs + SH_BUILDER_RUNNER_CORE: runs-on=${{ github.run_id }}-core/cpu=32+36/memory=64+72/family=c6i+c7i+c5.*/extras=s3-cache+tmpfs + SH_BUILDER_RUNNER_PLUGINS: runs-on=${{ github.run_id }}-plugins/cpu=32+36/memory=64+72/family=c6i+c7i+c5.*/extras=s3-cache+tmpfs SH_SOLANA_RUNNER: runs-on=${{ github.run_id }}-solana/cpu=48/ram=96/family=c6i/spot=false/image=ubuntu24-full-x64/extras=s3-cache+tmpfs run: | if [[ "${OPT_OUT}" == "true" ]]; then From 8b78d80ed71c55415fc6b568c1466fb12ca57668 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 13:11:05 -0400 Subject: [PATCH 17/19] Plugins cache --- core/chainlink.Dockerfile | 49 +++++++++++++++++++++++++----------- plugins/chainlink.Dockerfile | 49 +++++++++++++++++++++++++----------- 2 files changed, 68 insertions(+), 30 deletions(-) diff --git a/core/chainlink.Dockerfile b/core/chainlink.Dockerfile index 6de250cb8ed..ff5f444fc5c 100644 --- a/core/chainlink.Dockerfile +++ b/core/chainlink.Dockerfile @@ -2,8 +2,10 @@ # Build image: Chainlink binary with plugins. ## -# Stage: Dependencies - module downloads and source -FROM golang:1.25.7-bookworm AS deps +# Stage: deps-base — module downloads, no source tree. +# Stages that don't need the full source (remote plugins, delve) branch from +# here so that source-only changes never invalidate their layer cache. +FROM golang:1.25.7-bookworm AS deps-base RUN go version RUN apt-get update && apt-get install -y jq && rm -rf /var/lib/apt/lists/* @@ -41,26 +43,37 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ rm -f "$GIT_CONFIG_GLOBAL"; \ fi +# Stage: deps — full source tree for stages that compile chainlink code. +FROM deps-base AS deps COPY . . -# Stage: Delve debugger (runs in parallel with plugins and chainlink) -FROM deps AS build-delve +# Stage: Delve debugger (no source needed, branches from deps-base) +FROM deps-base AS build-delve RUN go install github.com/go-delve/delve/cmd/dlv@v1.24.2 -# Stage: Plugins (runs in parallel with delve and chainlink) -FROM deps AS build-plugins +# Stage: Remote plugins — only manifest YAMLs, no source tree. +# Cached as long as go.mod/go.sum and plugin manifests are unchanged, +# so typical source-only PRs skip the entire ~160s remote plugin build. +# Uses `go tool loopinstall` via the Makefile (resolved from the `tool` +# directive in go.mod). If this fails without the full source tree, fall back +# to installing loopinstall standalone: +# RUN go install github.com/smartcontractkit/chainlink-common/pkg/loop/cmd/loopinstall@v0.11.1 +# and invoke `loopinstall` directly instead of `make install-plugins-*`. +FROM deps-base AS build-remote-plugins ARG CL_INSTALL_PRIVATE_PLUGINS=true ARG CL_INSTALL_TESTING_PLUGINS=false +COPY plugins/plugins.public.yaml plugins/plugins.private.yaml plugins/plugins.testing.yaml ./plugins/ +COPY plugins/scripts/ ./plugins/scripts/ + ENV CL_LOOPINSTALL_OUTPUT_DIR=/tmp/loopinstall-output \ GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ - --mount=type=cache,target=/root/.cache/go-build,id=go-build-plugins \ set -e && \ trap 'rm -f "$GIT_CONFIG_GLOBAL"' EXIT && \ ./plugins/scripts/setup_git_auth.sh && \ - mkdir -p /gobins && mkdir -p "${CL_LOOPINSTALL_OUTPUT_DIR}" && \ - GOBIN=/gobins CL_LOOPINSTALL_OUTPUT_DIR=${CL_LOOPINSTALL_OUTPUT_DIR} make install-plugins-local install-plugins-public && \ + mkdir -p /gobins "${CL_LOOPINSTALL_OUTPUT_DIR}" && \ + GOBIN=/gobins CL_LOOPINSTALL_OUTPUT_DIR=${CL_LOOPINSTALL_OUTPUT_DIR} make install-plugins-public && \ if [ "${CL_INSTALL_PRIVATE_PLUGINS}" = "true" ]; then \ GOBIN=/gobins CL_LOOPINSTALL_OUTPUT_DIR=${CL_LOOPINSTALL_OUTPUT_DIR} make install-plugins-private; \ fi && \ @@ -73,7 +86,13 @@ RUN mkdir -p /tmp/lib && \ "$CL_LOOPINSTALL_OUTPUT_DIR" \ /tmp/lib -# Stage: Chainlink binary (runs in parallel with delve and plugins) +# Stage: Local plugins (needs source tree for ./plugins/cmd/...) +FROM deps AS build-local-plugins +RUN --mount=type=cache,target=/root/.cache/go-build,id=go-build-local-plugins \ + mkdir -p /gobins && \ + GOBIN=/gobins make install-plugins-local + +# Stage: Chainlink binary (needs source tree) FROM deps AS build-chainlink ARG COMMIT_SHA ARG VERSION_TAG @@ -122,12 +141,12 @@ COPY ./cci[p]/confi[g] /ccip-config ARG CL_CHAIN_DEFAULTS ENV CL_CHAIN_DEFAULTS=${CL_CHAIN_DEFAULTS} -# Copy the binaries from the parallel build stages. -COPY --from=build-plugins /gobins/ /usr/local/bin/ +# Copy binaries from the parallel build stages. +COPY --from=build-remote-plugins /gobins/ /usr/local/bin/ +COPY --from=build-local-plugins /gobins/ /usr/local/bin/ COPY --from=build-chainlink /gobins/ /usr/local/bin/ -# Copy shared libraries from the plugins build stage. -COPY --from=build-plugins /tmp/lib /usr/lib/ -# Copy dlv (Delve debugger) from the build stage. +# Copy shared libraries from the remote plugins build stage. +COPY --from=build-remote-plugins /tmp/lib /usr/lib/ COPY --from=build-delve /go/bin/dlv /usr/local/bin/ diff --git a/plugins/chainlink.Dockerfile b/plugins/chainlink.Dockerfile index 0e0fc094599..505e9d3abb4 100644 --- a/plugins/chainlink.Dockerfile +++ b/plugins/chainlink.Dockerfile @@ -4,8 +4,10 @@ # See: ../core/chainlink.Dockerfile for the production Dockerfile. ## -# Stage: Dependencies - module downloads and source -FROM golang:1.25.7-bookworm AS deps +# Stage: deps-base — module downloads, no source tree. +# Stages that don't need the full source (remote plugins, delve) branch from +# here so that source-only changes never invalidate their layer cache. +FROM golang:1.25.7-bookworm AS deps-base RUN go version RUN apt-get update && apt-get install -y jq && rm -rf /var/lib/apt/lists/* @@ -43,26 +45,37 @@ RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ rm -f "$GIT_CONFIG_GLOBAL"; \ fi +# Stage: deps — full source tree for stages that compile chainlink code. +FROM deps-base AS deps COPY . . -# Stage: Delve debugger (runs in parallel with plugins and chainlink) -FROM deps AS build-delve +# Stage: Delve debugger (no source needed, branches from deps-base) +FROM deps-base AS build-delve RUN go install github.com/go-delve/delve/cmd/dlv@v1.24.2 -# Stage: Plugins (runs in parallel with delve and chainlink) -FROM deps AS build-plugins +# Stage: Remote plugins — only manifest YAMLs, no source tree. +# Cached as long as go.mod/go.sum and plugin manifests are unchanged, +# so typical source-only PRs skip the entire ~160s remote plugin build. +# Uses `go tool loopinstall` via the Makefile (resolved from the `tool` +# directive in go.mod). If this fails without the full source tree, fall back +# to installing loopinstall standalone: +# RUN go install github.com/smartcontractkit/chainlink-common/pkg/loop/cmd/loopinstall@v0.11.1 +# and invoke `loopinstall` directly instead of `make install-plugins-*`. +FROM deps-base AS build-remote-plugins ARG CL_INSTALL_PRIVATE_PLUGINS=false ARG CL_INSTALL_TESTING_PLUGINS=false +COPY plugins/plugins.public.yaml plugins/plugins.private.yaml plugins/plugins.testing.yaml ./plugins/ +COPY plugins/scripts/ ./plugins/scripts/ + ENV CL_LOOPINSTALL_OUTPUT_DIR=/tmp/loopinstall-output \ GIT_CONFIG_GLOBAL=/tmp/gitconfig-github-token RUN --mount=type=secret,id=GIT_AUTH_TOKEN \ - --mount=type=cache,target=/root/.cache/go-build,id=go-build-plugins \ set -e && \ trap 'rm -f "$GIT_CONFIG_GLOBAL"' EXIT && \ ./plugins/scripts/setup_git_auth.sh && \ - mkdir -p /gobins && mkdir -p "${CL_LOOPINSTALL_OUTPUT_DIR}" && \ - GOBIN=/gobins CL_LOOPINSTALL_OUTPUT_DIR=${CL_LOOPINSTALL_OUTPUT_DIR} make install-plugins-local install-plugins-public && \ + mkdir -p /gobins "${CL_LOOPINSTALL_OUTPUT_DIR}" && \ + GOBIN=/gobins CL_LOOPINSTALL_OUTPUT_DIR=${CL_LOOPINSTALL_OUTPUT_DIR} make install-plugins-public && \ if [ "${CL_INSTALL_PRIVATE_PLUGINS}" = "true" ]; then \ GOBIN=/gobins CL_LOOPINSTALL_OUTPUT_DIR=${CL_LOOPINSTALL_OUTPUT_DIR} make install-plugins-private; \ fi && \ @@ -75,7 +88,13 @@ RUN mkdir -p /tmp/lib && \ "$CL_LOOPINSTALL_OUTPUT_DIR" \ /tmp/lib -# Stage: Chainlink binary (runs in parallel with delve and plugins) +# Stage: Local plugins (needs source tree for ./plugins/cmd/...) +FROM deps AS build-local-plugins +RUN --mount=type=cache,target=/root/.cache/go-build,id=go-build-local-plugins \ + mkdir -p /gobins && \ + GOBIN=/gobins make install-plugins-local + +# Stage: Chainlink binary (needs source tree) FROM deps AS build-chainlink ARG CL_IS_PROD_BUILD=true ARG GO_GCFLAGS @@ -108,7 +127,6 @@ RUN curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \ RUN if [ ${CHAINLINK_USER} != root ]; then useradd --uid 14933 --create-home ${CHAINLINK_USER}; fi USER ${CHAINLINK_USER} -# Copy Delve debugger from build stage. COPY --from=build-delve /go/bin/dlv /usr/local/bin/dlv # Expose image metadata to the running node. @@ -128,11 +146,12 @@ COPY ./cci[p]/confi[g] /ccip-config ARG CL_CHAIN_DEFAULTS ENV CL_CHAIN_DEFAULTS=${CL_CHAIN_DEFAULTS} -# Copy the binaries from the parallel build stages. -COPY --from=build-plugins /gobins/ /usr/local/bin/ +# Copy binaries from the parallel build stages. +COPY --from=build-remote-plugins /gobins/ /usr/local/bin/ +COPY --from=build-local-plugins /gobins/ /usr/local/bin/ COPY --from=build-chainlink /gobins/ /usr/local/bin/ -# Copy shared libraries from the plugins build stage. -COPY --from=build-plugins /tmp/lib /usr/lib/ +# Copy shared libraries from the remote plugins build stage. +COPY --from=build-remote-plugins /tmp/lib /usr/lib/ WORKDIR /home/${CHAINLINK_USER} From e7d42e348299c3dd7c3006762a361a0c9d804720 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 13:20:35 -0400 Subject: [PATCH 18/19] Test plugins cache From 29b658bd3ad4d28897fff4166dd77e9da9dea786 Mon Sep 17 00:00:00 2001 From: Adam Hamrick Date: Thu, 26 Mar 2026 14:31:05 -0400 Subject: [PATCH 19/19] Verify new image --- .github/workflows/integration-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 6f6c8fb8010..a6c51ef34cc 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -281,7 +281,7 @@ jobs: - name: Build Chainlink Image if: matrix.image.should-build && steps.check-image-exists.outputs.exists != 'true' - uses: smartcontractkit/.github/actions/ctf-build-image@ctf-build-image/v1 + uses: smartcontractkit/.github/actions/ctf-build-image@4477e6576e19e561ab667106307978781685108b # DEBUG: Checking image build with: image-tag: ${{ inputs.evm-ref || env.CHAINLINK_REF }}${{ matrix.image.tag-suffix }} dockerfile: ${{ matrix.image.dockerfile }}