The VPS runner's limited bandwidth causes upload-artifact to stall when
uploading hundreds of MB of individual HTML files. Compress crate-docs
into a tar.gz before upload and extract on the publish side.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Regenerate EQUIVOCATION_PROOF_BLOB in pezpallet-babe benchmarking:
the old blob contained stale header hashes that caused
check_equivocation_proof to fail with assertion error
- Exclude pezpallet_revive from quick-benchmarks via
--exclude-pezpallets flag: revive benchmarks require PolkaVM
toolchain (riscv64emac-unknown-none-polkavm) for fixture compilation
which is not available in CI. This removes continue-on-error so
real benchmark failures are now visible
- Increase build-rustdoc timeout from 180 to 240 minutes for VPS runner
The Parity CI Docker image sets RUSTC_WRAPPER=/usr/local/bin/forklift
for GCS cache optimization. On our VPS runners without GCP credentials,
forklift crashes with nil pointer dereference when trying to create
GCS client. The global env RUSTC_WRAPPER="" doesn't reliably propagate
into Docker containers.
Fix: Add explicit "Disable forklift cache wrapper" step in every
container job that runs cargo commands, using $GITHUB_ENV to ensure
the empty RUSTC_WRAPPER persists across all steps within the job.
Affected workflows: build-publish-images, checks, tests, tests-misc,
build-misc, docs (32 container jobs total).
- build-linux-stable: disable forklift GCS cache (RUSTC_WRAPPER="")
that panics without GCP credentials on VPS runners
- prepare-bridges-zombienet-artifacts: fix bridges/testing path to
pezbridges/testing (rebrand path was not updated in workflow)
- build-rustdoc: use CARGO_TARGET_DIR instead of ./target for doc
output path (docs generated at /cache/target/doc, not ./target/doc)
- build-push-image-*: add workspace permission fix step before checkout
to handle root-owned files left by Docker container jobs
- All build jobs: increase timeout from 120 to 180 minutes for VPS
- Add cargo-deny + cargo-audit security audit workflow (weekly + on PR)
- Add deny.toml with license, advisory, and source checks
Without this env var, wasm-builder cannot find Cargo.lock when
CARGO_TARGET_DIR is outside the workspace (/cache/target). This causes
the nested wasm build to resolve fresh dependencies, pulling alloy-eips
1.7.3 which requires rustc 1.91 (CI has 1.88.0).
Doc tests in pezsc-basic-authorship require a real WASM runtime binary.
SKIP_WASM_BUILD=1 produces a dummy blob causing runtime panics.
Use wasm32v1-none target for test-doc (needs real WASM),
keep SKIP_WASM_BUILD=1 only for build-rustdoc (docs generation only).
The paritytech CI container lacks the wasm32v1-none target, causing
wasm-builder to fall back to wasm32-unknown-unknown with -Z build-std.
Combined with our serde_core fork, this creates a duplicate lang item
error for alloc crate.
Fix: Add rustup target add wasm32v1-none to all WASM-building jobs.
For check-only jobs (bench checks, docs, each-crate), add SKIP_WASM_BUILD=1.
Also fixes test-deterministic-wasm wasm blob path to work with either target.
- Remove pezsc-basic-authorship from doc test exclusions (exclusion was
copy-pasted from zombienet-sdk-tests, no actual doc issue exists)
- Remove pezsnowbridge-runtime-common from bench check exclusions
(try_successful_origin is properly implemented for both ForeignAssetOwner
and LocalAssetOwner with runtime-benchmarks feature gate)
The serde_core + Rust 1.88 issue only affects wasm32v1-none target.
wasm32-unknown-unknown works fine, and wasm-builder falls back to it
automatically when wasm32v1-none is not installed.
- Remove all `rustup target add wasm32v1-none` steps (12 files)
- Remove SKIP_WASM_BUILD=1 env vars added as workaround (28 occurrences)
- Re-enable quick-benchmarks job (tests.yml)
- Re-enable check-core-crypto-features job (checks.yml)
- Re-enable 15 build/zombienet jobs (build-publish-images.yml)
- Re-enable test-pezframe-examples-compile-to-wasm and
test-deterministic-wasm jobs (tests-misc.yml)
Tracking: #355, #357, #358
Upstream: https://github.com/serde-rs/serde/issues/3021 (still open)
Run check-try-runtime after cargo-clippy (not in parallel) and
build-rustdoc after test-doc. Jobs on the same VPS share a single
disk, so parallel builds exhaust available space.
Both Checks jobs share one cache volume; both Docs jobs share another.
When using persistent cargo cache mounted from host directory, the container
user differs from the directory owner, causing git "dubious ownership" error.
This fix adds `git config --global --add safe.directory '*'` before cargo
commands in containerized jobs.
Mount /cache/cargo-target/pezkuwi-sdk on VPS runners to reuse
compiled artifacts between workflow runs. This significantly
speeds up subsequent builds by avoiding full recompilation.
Updated workflows:
- checks.yml (cargo-clippy, check-try-runtime)
- docs.yml (test-doc, build-rustdoc)
- tests-linux-stable.yml (all test jobs)
Also removed Swatinem/rust-cache where persistent cache is used
since it's now redundant.
The crate's build.rs runs nested cargo build which doesn't inherit
workspace [patch.crates-io] settings, causing serde_core duplicate
lang item error with wasm32 target.
This is a test-only crate and doesn't affect mainnet binaries.
Tracking issue: #357
Changes:
- Add Rust caching (Swatinem/rust-cache) to all heavy build jobs
- Reduce cargo-check-each-crate from 7 to 4 parallel jobs
- Reduce tests-linux-stable matrix from 6 to 3 jobs
- Set CARGO_INCREMENTAL=0 for consistent caching
- Reduce timeouts from 60 to 45 minutes (cache makes builds faster)
- Remove redundant disk cleanup steps (cache handles this)
Expected improvements:
- 50-80% faster builds after cache is populated
- Lower VPS load (fewer parallel jobs)
- More consistent build times
Affected workflows:
- checks.yml (cargo-clippy, check-try-runtime)
- tests.yml (quick-benchmarks, cargo-check-all-benches)
- tests-misc.yml (test-pezframe-ui, cargo-check-each-crate)
- tests-linux-stable.yml (test-linux-stable)
- docs.yml (test-doc, build-rustdoc)