Update readme

Woody4618 · Woody4618 · commit 602f47afa423 · 2025-02-05T14:44:57.000+01:00
diff --git a/.github/actions/build-verified/action.yaml b/.github/actions/build-verified/action.yaml
@@ -1,20 +1,9 @@
 name: "Build Verified"
 description: "Builds a Solana program using solana-verify"
 inputs:
-  devnet:
-    description: "Whether to use devnet feature"
-    required: false
-    default: "false"
-  testing:
-    description: "Whether to use devnet feature"
-    required: false
-    default: "false"
   program:
     description: "The program to build and upload"
     required: true
-  program-id:
-    description: "The program id of the program we are uploading"
-    required: true
   features:
     description: "Features to enable during build"
     required: false
diff --git a/readme.md b/readme.md
@@ -1,16 +1,30 @@
 ## GitHub Actions Usage
 
-This repository provides GitHub Actions for managing Solana program deployments and verification. The build action figures out the solana and anchor version and builds the program. If it is an anchor program it can also upload the IDL automatically. And it can also verify the program source code on chain.
+This repository provides GitHub Actions for managing Solana program deployments and verification.
+It is highly recommended to use the squads integration for program deployments.
+
+### Features
+
+- ✅ Automated program builds
+- ✅ Program verification against source code
+- ✅ IDL buffer creation and uploads
+- ✅ Squads multisig integration
+- ✅ Program deploys for both devnet and mainnet
+- ✅ Compute budget optimization
+- ✅ Retry mechanisms for RPC failures
 
 ### How to use
 
-Copy the .github folder and the scripts folder and the tsconfig.json (These are containing the squads SDK integration) into the root of your repository. After you commit these you will be able to use the actions from the github ui.
-The build at test flow will run the tests automatically every time the program changes.
-Then you can use the build action with all the options you need.
+The easiest way to use the github actions is using one of the [reusable workflows](https://github.com/solana-developers/github-workflows).
+
+There are two examples:
+
+- [Anchor Program](https://github.com/Woody4618/anchor-github-action-example)
+- [Native Program](https://github.com/Woody4618/native-solana-github-action-example)
 
 ### Required Secrets for specific actions
 
-Some of the options of the build workflow require you to add secrets to your repository:
+Some of the actions of the build workflow require you to add secrets to your repository:
 
 ```bash
 # Network RPC URLs
@@ -21,131 +35,82 @@ MAINNET_SOLANA_DEPLOY_URL=  # Your mainnet RPC URL - Recommended to use a payed
 DEVNET_DEPLOYER_KEYPAIR=    # Base58 encoded keypair for devnet
 MAINNET_DEPLOYER_KEYPAIR=   # Base58 encoded keypair for mainnet
 
-PROGRAM_ADDRESS_KEYPAIR=    # Keypair of the program address - Needed for initial deploy and for native programs to find the program address
+PROGRAM_ADDRESS_KEYPAIR=    # Keypair of the program address - Needed for initial deploy and for native programs to find the program address. Can also be overwritten in the workflow if you dont have the keypair.
 
 # For Squads integration
-DEVNET_MULTISIG=           # Devnet Squads multisig address
-DEVNET_MULTISIG_VAULT=     # Devnet Squads vault address
 MAINNET_MULTISIG=          # Mainnet Squads multisig address
 MAINNET_MULTISIG_VAULT=    # Mainnet Squads vault address
 ```
 
-### Extends and automate
-
-You can easily extend or change your workflow. For example run the build workflow automatically on every push to a development branch.
-
-```bash
-  push:
-    branches:
-      - develop
-      - dev
-      - development
-    paths:
-      - 'programs/**'
-      - 'Anchor.toml'
-      - 'Cargo.toml'
-      - 'Cargo.lock'
-```
-
-Or run a new release to mainnet on every tag push for example.
-
-```bash
-  push:
-    tags:
-      - 'v*'
-```
-
 Customize the workflow to your needs!
 
-### Running the actions locally
-
-If you for some reason want to run the actions locally you can do so with the following commands using the act command.
-
-Follow the instructions [here](https://nektosact.com/installation/index.html) to install act.
-
-1. Build
-
-Just pick the parameters you want. This is using act to run the workflow locally. Good for testing or if you dont want to install anything because this is running in docker and outputs the build artifacts as well.
-
-```bash
-act -W .github/workflows/build.yaml \
- --container-architecture linux/amd64 \
- --secret-file .secrets \
- workflow_dispatch \
- --input program=transaction-example \
- --input network=devnet \
- --input deploy=true \
- --input upload_idl=true \
- --input verify=true \
- --input use-squads=true
-```
-
-2. Run anchor tests
-
-Note: The anchor tests use solana-test-validator which does not work in act docker container on mac because of AVX dependency. Wither run them in github, locally without docker or open PR to fix it. I couldnt find a nice way to fix it.
-You can adjust the workflow to run your specific tests as well.
-
-```bash
-act -W .github/workflows/test.yaml \
- --container-architecture linux/amd64 \
- --secret-file .secrets \
- workflow_dispatch \
- --input program=transaction-example
-```
-
-### Features
-
-- ✅ Automated program builds
-- ✅ Program verification against source code
-- ✅ IDL buffer creation and uploads
-- ✅ Squads multisig integration
-- ✅ Support for both devnet and mainnet
-- ✅ Compute budget optimization
-- ✅ Retry mechanisms for RPC failures
-
-## How to setup Squads integration:
-
-In general its recommended to use the [Squads Multisig](https://docs.squads.so/squads-cli/overview) to manage your programs.
-It makes your program deployments more secure and is considered good practice.
-
-1. Setup a new squad in [Squads](https://v4.squads.so/squads/) then transfer your program authority to the squad.
-
-2. Add your local keypair to the squad as a member (At least needs to be a voter) so that you can propose transactions. And also add that keypair as a github secret.
-   To run it locally add the following to your .secrets file:
-
-![alt text](image.png)
-
-```bash
-DEVNET_DEPLOYER_KEYPAIR=
-MAINNET_DEPLOYER_KEYPAIR=
-```
-
-2. Add the following to your .secrets file if you want to run it locally or add them to your github secrets if you want to run it in github actions:
-
-```bash
-DEVNET_MULTISIG=
-DEVNET_MULTISIG_VAULT=
-MAINNET_MULTISIG=
-MAINNET_MULTISIG_VAULT=
-```
-
-Where Multisig vault is the address you can find on the top left corner in the [Squads Dachboard](https://v4.squads.so/squads/)
-The MULTISIG is the address of the multisig you want to use this one you can find the the settings. Its a bit more hidden so that people dont accidentally use it as program upgrade authority.
-
-What this will do is write a program and an IDL buffer for your program and then propose a transaction that you can approve in the Squads UI.
-
-4. Now you can run the workflow with the following command:
-
-```bash
-act -W .github/workflows/build.yaml \
- --container-architecture linux/amd64 \
- --secret-file .secrets \
- workflow_dispatch \
- --input program=transaction-example \
- --input network=devnet \
- --input deploy=true \
- --input upload_idl=true --input use-squads=true --input verify=true
-```
+## Key Actions
+
+### Setup & Configuration
+
+- `setup-all`: Comprehensive development environment setup
+
+  - Installs and configures Solana CLI tools
+  - Sets up Anchor framework (if needed)
+  - Installs solana-verify for build verification
+  - Configures Node.js environment
+  - Handles caching for faster subsequent runs
+  - Inputs:
+    - `solana_version`: Solana version to install
+    - `anchor_version`: Anchor version to install
+    - `verify_version`: solana-verify version to install
+    - `node_version`: Node.js version to install
+
+- `extract-versions`: Automatically detects required versions
+  - Extracts Solana version from Cargo.lock
+  - Detects Anchor version from Anchor.toml or Cargo.lock
+  - Provides fallback versions if not found
+  - Outputs:
+    - `solana_version`: Detected Solana version
+    - `anchor_version`: Detected Anchor version
+
+### Build & Verification
+
+- `build-verified`: Builds program with verification support
+  - Uses solana-verify for reproducible builds
+  - Supports both native and Anchor programs
+  - Handles feature flags and conditional compilation
+  - Inputs:
+    - `program`: Program name to build
+    - `features`: Optional Cargo features to enable
+
+### Deployment
+
+- `write-program-buffer`: Writes a buffer that will then later be set either from the provided keypair or from the squads multisig
+
+  - Creates buffer for program deployment
+  - Set the buffer authority either to the provided keypair or to the squads multisig
+  - Supports priority fees for faster transactions
+  - Inputs:
+    - `program-id`: Target program ID
+    - `program`: Program name
+    - `rpc-url`: Solana RPC endpoint
+    - `keypair`: Deployer keypair
+    - `buffer-authority-address`: Authority for the buffer
+    - `priority-fee`: Transaction priority fee
+
+- `write-idl-buffer`: Writes an Anchor IDL buffer that will then later be set either from the provided keypair or from the squads multisig
+  - Creates IDL buffer
+  - Sets up IDL authority
+  - Prepares for IDL updates
+  - Inputs:
+    - `program-id`: Program ID
+    - `program`: Program name
+    - `rpc-url`: Solana RPC endpoint
+    - `keypair`: Deployer keypair
+    - `idl-authority`: Authority for IDL updates
+
+### Additional Actions
+
+- `build-anchor`: Specialized Anchor program builder
+- `program-upgrade`: Handles the exteding of the program account in case the program is getting bigger and either sets the buffer or skips that in case of squads deploy
+- `idl-upload`: Either sets the IDL buffer or skips that in case of squads deploy
+- `verify-build`: Verifies on-chain programs match source using solana-verify andthe osec api
 
 ## 📝 Todo List
 
@@ -160,29 +125,31 @@ act -W .github/workflows/build.yaml \
 ### Action Improvements
 
 - [x] Separate IDL and Program buffer action
-- [ ] Remove deprecated cache functions
+- [x] Remove deprecated cache functions
 - [x] Remove node-version from anchor build
-- [ ] Support matrix build for develop branch
-- [ ] Skip anchor build when native program build
+- [x] Skip anchor build when native program build
 - [ ] Make verify build and anchor build in parallel
 - [x] Trigger release build on tag push
 - [x] Trigger devnet releases on develop branch?
 - [x] Make solana verify also work locally using cat
 - [x] Use keypairs to find deployer address to remove 2 secrets
 - [x] Add priority fees
 - [x] Add extend program if needed
-- [ ] Bundle the needed TS scripts with the .github actions for easier copy paste
+- [x] Bundle the needed TS scripts with the .github actions for easier copy paste
 
 ### Testing & Integration
 
 - [x] Add running tests
   - Research support for different test frameworks
 - [ ] Add Codama support
-- [ ] Add to solana helpers -> release
+- [ ] Add to solana helpers or mucho -> release
+- [ ] Write guide and record video
 
-Close Buffer:
+# Close Buffer in case of failure
 
-You may need this in case your deploy failed and you want to close a buffer that was already transfered to your multisig.
+There may the occasions where the release flow fails in between writing the program buffer and the program deploy in squads.
+In that case you may want to close a buffer that was already transferred authority to your multisig.
+You can do that using the following command:
 
 ```bash
 solana program show --buffers --buffer-authority <You multisig vault address>
@@ -194,14 +161,3 @@ npx ts-node scripts/squad-closebuffer.ts \
  --keypair ~/.config/solana/id.json \
  --program "BhV84MZrRnEvtWLdWMRJGJr1GbusxfVMHAwc3pq92g4z"
 ```
-
-### Notes
-
-- When using Squads, the workflow will create a proposal that needs to be approved in the Squads UI
-- For first deployments, program IDL authority errors can be ignored
-- If you run into any problems please open an issue and/or help fix it please :)
-
-#### additional notes
-
-- IDL must be upgraded before program upgrade instruction other wise it will fail
-- Buffer authority and program upgrade cannot be in the same transaction for some reason (at least using squads) thats why its set during the workflow and not in the squads scripts
