init commit

.github/workflows/docker-release.yml

@@ -0,0 +1,47 @@
+name: Build, Package and Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  build_and_docker:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v2 
+
+    - name: Extract version tag
+      run: echo "VERSION_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
+
+    - name: Log in to GHCR using a PAT
+      uses: docker/login-action@v2  
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }} 
+        password: ${{ secrets.GITHUB_TOKEN }} 
+
+    - name: Build and push Docker image
+      uses: docker/build-push-action@v3
+      with:
+        context: ./docker
+        push: true  
+        tags: |
+          ghcr.io/${{ github.repository }}:${{ github.sha }}
+          ghcr.io/${{ github.repository }}:${{ env.VERSION_TAG }}
+          ghcr.io/${{ github.repository }}:latest
+
+    - name: Create Release
+      id: create_release
+      uses: softprops/action-gh-release@v2
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        tag_name: ${{ env.VERSION_TAG }}
+        draft: false
+        prerelease: false

.github/workflows/release.yml

@@ -0,0 +1,89 @@
+name: Build and Release Contract
+
+on:
+  workflow_call:
+    inputs:
+      build_path:
+        description: 'JSON-encoded array of relative path to the contract directories'
+        type: string
+        required: true
+        default: '[""]'
+      release_name: 
+        description: 'Name for the release'
+        required: true
+        type: string
+      release_description:
+        description: 'Description for the release'
+        required: false
+        type: string
+    secrets:
+      release_token:
+        description: 'Github token'
+        required: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest 
+    strategy:
+      matrix:
+        directory: ${{ fromJson(inputs.build_path) }}
+    steps:
+      - name: Set build directory name
+        run: |
+          build_dir_name="build_${{ strategy.job-index }}"
+          echo "BUILD_DIR_NAME=$build_dir_name" >> $GITHUB_ENV
+          echo "BUILD_DIR_PATH=${{ github.workspace }}/$build_dir_name" >> $GITHUB_ENV
+
+      - name: Verify that checkout directory doesn't exist
+        run: |
+          if [[ -d ${{ env.BUILD_DIR_PATH }} ]]; then
+            echo "Directory ${{ env.BUILD_DIR_PATH }} already exists"
+            exit 1
+          fi
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          path: ${{ env.BUILD_DIR_NAME }}
+
+      - name: Run docker container
+        working-directory: ${{ env.BUILD_DIR_PATH }}
+        run: docker run --rm -e CONTRACT_DIR=${{ matrix.directory }} -v "${{ env.BUILD_DIR_PATH }}:/inspector/home" ghcr.io/stellar-expert/soroban-build-workflow:latest
+
+      - name: Get wasm file name
+        working-directory: ${{ env.BUILD_DIR_PATH }}
+        run: |
+          cd ${{ env.BUILD_DIR_PATH }}/release
+          wasm_file=$(find -type f -name "*.wasm")
+          cp $wasm_file ${{ env.BUILD_DIR_PATH }}
+          echo "WASM_FILE_NAME=$(basename $wasm_file)" >> $GITHUB_ENV  
+          echo "WASM_FILE_SHA256=$(sha256sum $wasm_file | cut -d ' ' -f 1)" >> $GITHUB_ENV 
+      
+      - name: Wasm file from directory "${{ matrix.directory }}" with hash ${{ env.WASM_FILE_SHA256 }} created
+        run: echo ${{ env.WASM_FILE_NAME }}
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.WASM_FILE_NAME }}
+          path: ${{ env.BUILD_DIR_PATH }}/release/${{ env.WASM_FILE_NAME }}
+          if-no-files-found: error
+
+  release:
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Download artifacts
+        uses: actions/download-artifact@v4
+        with:
+          merge-multiple: true
+
+      - name: Create release
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: ${{ inputs.release_name }}
+          draft: false
+          prerelease: false
+          body: ${{ inputs.release_description }}
+          files: '**/*.wasm'
+          token: ${{ secrets.release_token }}

README.md

@@ -0,0 +1,87 @@
+# Soroban Smart Contract Compilation Workflow
+
+Reusable GitHub Actions workflow that streamlines the compilation and release process of Stellar smart contracts for Soroban WASM runtime.
+
+When triggered, this workflow:
+- Compiles a smart contract (or multiple contracts) in the repository
+- Creates an optimized WebAssembly file ready to be deployed to Soroban
+- Publishes GitHub release with attached build artifacts
+- Includes SHA256 hashes of complied WASM files into actions output for further verification
+
+## Configuration
+
+### Prerequisites
+
+- Create a GitHub Actions workflow file `.github/workflows/release.yml` in your repository.
+- Decide how the compliation workflow will be triggered. The recommended way is to configure workflow activation on git tag creation. This should simplify versioning and ensure unique release names.
+
+### Workflow inputs and secrets
+
+Basic compilation workflow path:  
+`stellar-expert/soroban-build-workflow/.github/workflows/release.yml@main`
+
+The workflow expects the following inputs in the `with` section:
+- `release_name` (required) - release name template that includes a release version variable, e.g. `${{ github.ref_name }}`
+- `build_path` - array of contract relative paths to compile, defaults to the repository root directory
+- `release_description` - optional text to attach to a relase description
+
+### Basic workflow for the reporisotry with a single contract
+
+```yaml
+name: Build and Release  # name it whatever you like
+on:
+  push: 
+    tags:
+      - 'v*'  # triggered whenever a new tag (previxed with "v") is pushed to the repository
+jobs:
+  release_contracts:
+    uses: stellar-expert/soroban-build-workflow/.github/workflows/release.yml@main
+    with:
+      release_name: ${{ github.ref_name }}       # use git tag as unique release name
+      release_description: 'Contract release'    # some boring placeholder text to attach
+      build_path: '["src/my-awesome-contract"]'  # relative path to your really awesome contract
+    secrets:  # the authentication token will be automatically created by GitHub
+      release_token: ${{ secrets.GITHUB_TOKEN }} # don't modify this line
+```
+
+### Building multiple contracts
+
+To build multiple contracts at once, include all relative paths of the subdirectories containing contract sources
+to the `build_path` array. For example,
+
+```yaml
+jobs:
+  release_contracts:
+    with: # build contracts located in "/src/token", "/src/dao/contract", and the repository root directory
+      build_path: '["src/token", "src/dao/dao", ""]'   
+```
+
+### Triggering build process manually
+
+Triggering this workflow manually requires a unique release name prompt. Replace the trigger condition in config
+and update `release_name` to utilize the value from the prompt.
+
+```yaml
+on:
+  workflow_dispatch:
+    inputs:
+      release_name:
+        description: 'Unique release name'
+        required: true
+        type: string
+jobs:
+  release-contract:
+    with:
+      release_name: ${{ github.event.inputs.release_name }}
+```
+
+## Notes
+
+- The workflow assumes that each contract directory contains the necessary structure and files for your build process.
+- If you want to run your contract tests automatically before deploying the contract, add corresponding action invocation
+  before the `release_contracts` job to make sure that broken contracts won't end up in published releases.
+- In case of the multi-contract repository setup, contracts shouldn't have the same name (defined in TOML file) and version
+  to avoid conflicts during the release process.
+- To enable automatic contract source validation process, contracts should be deployed to Stellar Network directly
+  from a complied GitHub realese generated by this workflow. Otherwise the deployed contract hash may not
+  match the release artifcats due to the compilation environment variations.

docker/Dockerfile

@@ -0,0 +1,23 @@
+# Start from an Ubuntu base image
+FROM ubuntu:20.04
+
+# Disable prompts during package installation
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Set up working directory
+WORKDIR /inspector
+
+# Install packages
+RUN apt-get update && \
+    apt-get install -y git curl wget jq build-essential && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
+# Specify the contract directory
+ENV CONTRACT_DIR=${CONTRACT_DIR}
+
+# Copy entrypoint script
+COPY /entrypoint.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/entrypoint.sh
+
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]