From 9c40e9a85087ab4bbc345637141c1380677c67ce Mon Sep 17 00:00:00 2001
From: Egor_P <egor@parity.io>
Date: Fri, 7 Feb 2025 10:17:02 +0100
Subject: [PATCH] [CI/CD] Add a pipeline to build binaries in different
 profiles (#7496)

Recently there were some requests to build and deploy a binary, for
example `polkadot`, in the `release` or `production` profile to do some
testing.
So far we had only a
[release](https://github.com/paritytech/polkadot-sdk/blob/master/.github/workflows/release-20_build-rc.yml)
pipeline that could do it in the GitHub but to use it, there was a lot
of extra overhead needed.
This pipeline should simplify this case and give a possibility to build
a binary in desired profile from any branch for the testing purposes.
Something similar to what we have for runtimes in the [srtool
repo](https://github.com/paritytech/srtool/actions/workflows/manual.yml)
It won't be used in any release activities though.

CC: @BulatSaif
---
 .../scripts/release/build-linux-release.sh    |  9 +--
 .github/workflows/release-build-binary.yml    | 76 +++++++++++++++++++
 2 files changed, 80 insertions(+), 5 deletions(-)
 create mode 100644 .github/workflows/release-build-binary.yml

diff --git a/.github/scripts/release/build-linux-release.sh b/.github/scripts/release/build-linux-release.sh
index 874c9b44788b3..413a3274edf30 100755
--- a/.github/scripts/release/build-linux-release.sh
+++ b/.github/scripts/release/build-linux-release.sh
@@ -3,7 +3,7 @@
 # This is used to build our binaries:
 # - polkadot
 # - polkadot-parachain
-# - polkadot-omni-node 
+# - polkadot-omni-node
 #
 # set -e
 
@@ -12,7 +12,6 @@ PACKAGE=${2:-$BIN}
 
 PROFILE=${PROFILE:-production}
 ARTIFACTS=/artifacts/$BIN
-VERSION=$(git tag -l --contains HEAD | grep -E "^v.*")
 
 echo "Artifacts will be copied into $ARTIFACTS"
 mkdir -p "$ARTIFACTS"
@@ -25,10 +24,10 @@ echo "Artifact target: $ARTIFACTS"
 cp ./target/$PROFILE/$BIN "$ARTIFACTS"
 pushd "$ARTIFACTS" > /dev/null
 sha256sum "$BIN" | tee "$BIN.sha256"
-
-EXTRATAG="$($ARTIFACTS/$BIN --version |
+chmod a+x "$BIN"
+VERSION="$($ARTIFACTS/$BIN --version)"
+EXTRATAG="$(echo "${VERSION}" |
     sed -n -r 's/^'$BIN' ([0-9.]+.*-[0-9a-f]{7,13})-.*$/\1/p')"
-
 EXTRATAG="${VERSION}-${EXTRATAG}-$(cut -c 1-8 $ARTIFACTS/$BIN.sha256)"
 
 echo "$BIN version = ${VERSION} (EXTRATAG = ${EXTRATAG})"
diff --git a/.github/workflows/release-build-binary.yml b/.github/workflows/release-build-binary.yml
new file mode 100644
index 0000000000000..59a8f9da7cc92
--- /dev/null
+++ b/.github/workflows/release-build-binary.yml
@@ -0,0 +1,76 @@
+name: Binary Build
+# This workflow can be used to build a binary like polkadot + workers, omninode or polkadot-parachain
+# from any branch with release or profuction profile to be later used for testing.
+# ⚠️ IT should not be used for release purposes!
+
+on:
+  workflow_dispatch:
+    inputs:
+      binary:
+        required: true
+        default: "polkadot"
+        description: "The binary to build"
+      package:
+        description: Package to be built, can be polkadot, polkadot-parachain-bin, polkadot-omni-node etc.
+        required: true
+        type: string
+      profile:
+        required: true
+        default: "release"
+        description: "The profile to use for the binary build"
+
+jobs:
+
+  setup:
+    # GitHub Actions allows using 'env' in a container context.
+    # However, env variables don't work for forks: https://github.com/orgs/community/discussions/44322
+    # This workaround sets the container image for each job using 'set-image' job output.
+    runs-on: ubuntu-latest
+    outputs:
+      IMAGE: ${{ steps.set_image.outputs.IMAGE }}
+      RUNNER: ${{ steps.set_runner.outputs.RUNNER }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+
+      - name: Set image
+        id: set_image
+        run: cat .github/env >> $GITHUB_OUTPUT
+
+      - name: Set runner
+        id: set_runner
+        shell: bash
+        run: |
+          if [[ "${{ inputs.binary }}" == "polkadot-parachain" ]]; then
+            echo "RUNNER=parity-large" >> $GITHUB_OUTPUT
+          else
+            echo "RUNNER=ubuntu-latest" >> $GITHUB_OUTPUT
+          fi
+
+  build:
+    needs: [setup]
+    runs-on: ${{ needs.setup.outputs.RUNNER }}
+    container:
+      image: ${{ needs.setup.outputs.IMAGE }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+
+      - name: Build binary
+        run: |
+          git config --global --add safe.directory "${GITHUB_WORKSPACE}" #avoid "detected dubious ownership" error
+          PROFILE=${{ inputs.profile }}
+          if [ "${{ inputs.binary }}" = "polkadot" ]; then
+              for binary in polkadot polkadot-prepare-worker polkadot-execute-worker; do
+                  echo "Building $binary..."
+                  ./.github/scripts/release/build-linux-release.sh $binary ${{ inputs.package }} "${PROFILE}"
+              done
+          else
+            ./.github/scripts/release/build-linux-release.sh ${{ inputs.binary }} ${{ inputs.package }} "${PROFILE}"
+          fi
+
+      - name: Upload ${{ inputs.binary }} artifacts
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        with:
+          name: ${{ inputs.binary }}
+          path: /artifacts/**