CI #443
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'CI' | |
on: | |
workflow_dispatch: | |
pull_request: | |
push: | |
branches: | |
- 'main' | |
jobs: | |
lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
cache: 'yarn' | |
- name: Setup repo | |
uses: ./.github/actions/setup-repo | |
with: | |
registry-token: ${{ secrets.GH_REGISTRY_ACCESS_TOKEN }} | |
- name: Install dependencies | |
run: yarn install | |
- name: Run solhint | |
run: yarn lint:check | |
- name: 'Add lint summary' | |
run: | | |
echo "## Lint result" >> $GITHUB_STEP_SUMMARY | |
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
cache: 'yarn' | |
- name: Setup repo | |
uses: ./.github/actions/setup-repo | |
with: | |
registry-token: ${{ secrets.GH_REGISTRY_ACCESS_TOKEN }} | |
- name: Install dependencies | |
run: yarn install --frozen-lockfile | |
- name: Install Foundry | |
uses: foundry-rs/foundry-toolchain@v1 | |
with: | |
version: nightly | |
- name: Compile hardhat | |
run: yarn hardhat:compile | |
- name: Compile foundry | |
run: yarn foundry:compile --sizes | |
- name: 'Cache the build so that it can be re-used by the other jobs' | |
uses: 'actions/cache/save@v3' | |
with: | |
key: 'build-${{ github.sha }}' | |
path: | | |
cache-forge | |
out | |
cache-hh | |
artifacts | |
typechain | |
node_modules | |
- name: 'Add build summary' | |
run: | | |
echo "## Build result" >> $GITHUB_STEP_SUMMARY | |
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY | |
hardhat-tests: | |
needs: ['build', 'lint'] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
cache: 'yarn' | |
- name: Install Foundry | |
uses: foundry-rs/foundry-toolchain@v1 | |
with: | |
version: nightly | |
- name: 'Restore the cached build' | |
uses: 'actions/cache/restore@v3' | |
with: | |
fail-on-cache-miss: true | |
key: 'build-${{ github.sha }}' | |
path: | | |
cache-forge | |
out | |
cache-hh | |
artifacts | |
typechain | |
node_modules | |
- run: export NODE_OPTIONS=--max_old_space_size=11264 | |
- name: Run unit tests | |
run: yarn hardhat:test | |
env: | |
ENABLE_GAS_REPORT: true | |
CI: true | |
ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }} | |
ETH_NODE_URI_FORK: ${{ secrets.ETH_NODE_URI_FORK }} | |
ETH_NODE_URI_ETHEREUM: ${{ secrets.ETH_NODE_URI_ETHEREUM }} | |
ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }} | |
ETH_NODE_URI_OPTIMISM: ${{ secrets.ETH_NODE_URI_OPTIMISM }} | |
ETH_NODE_URI_GNOSIS: ${{ secrets.ETH_NODE_URI_GNOSIS }} | |
ETH_NODE_URI_CELO: ${{ secrets.ETH_NODE_URI_CELO }} | |
ETH_NODE_URI_BSC: ${{ secrets.ETH_NODE_URI_BSC }} | |
ETH_NODE_URI_BASE: ${{ secrets.ETH_NODE_URI_BASE }} | |
ETH_NODE_URI_AVALANCHE: ${{ secrets.ETH_NODE_URI_AVALANCHE }} | |
ETH_NODE_URI_LINEA: ${{ secrets.ETH_NODE_URI_LINEA }} | |
ETH_NODE_URI_POLYGONZKEVM: ${{ secrets.ETH_NODE_URI_POLYGON_ZKEVM }} | |
- name: 'Add test summary' | |
run: | | |
echo "## Hardhat Unit tests result" >> $GITHUB_STEP_SUMMARY | |
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY | |
foundry-tests: | |
needs: ['build', 'lint'] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
submodules: 'recursive' | |
- name: Install Foundry | |
uses: foundry-rs/foundry-toolchain@v1 | |
with: | |
version: nightly | |
- name: 'Restore the cached build' | |
uses: 'actions/cache/restore@v3' | |
with: | |
fail-on-cache-miss: true | |
key: 'build-${{ github.sha }}' | |
path: | | |
cache-forge | |
out | |
cache-hh | |
artifacts | |
typechain | |
node_modules | |
- name: Run Foundry tests | |
run: yarn foundry:test | |
env: | |
ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }} | |
ETH_NODE_URI_FORK: ${{ secrets.ETH_NODE_URI_FORK }} | |
ETH_NODE_URI_ETHEREUM: ${{ secrets.ETH_NODE_URI_ETHEREUM }} | |
ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }} | |
ETH_NODE_URI_OPTIMISM: ${{ secrets.ETH_NODE_URI_OPTIMISM }} | |
ETH_NODE_URI_GNOSIS: ${{ secrets.ETH_NODE_URI_GNOSIS }} | |
ETH_NODE_URI_CELO: ${{ secrets.ETH_NODE_URI_CELO }} | |
ETH_NODE_URI_BSC: ${{ secrets.ETH_NODE_URI_BSC }} | |
ETH_NODE_URI_BASE: ${{ secrets.ETH_NODE_URI_BASE }} | |
ETH_NODE_URI_AVALANCHE: ${{ secrets.ETH_NODE_URI_AVALANCHE }} | |
ETH_NODE_URI_LINEA: ${{ secrets.ETH_NODE_URI_LINEA }} | |
ETH_NODE_URI_POLYGONZKEVM: ${{ secrets.ETH_NODE_URI_POLYGON_ZKEVM }} | |
FOUNDRY_FUZZ_RUNS: '5000' | |
- name: 'Add test summary' | |
run: | | |
echo "## Foundry Unit tests result" >> $GITHUB_STEP_SUMMARY | |
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY | |
slither-analyze: | |
needs: ['build', 'lint'] | |
permissions: | |
actions: 'read' | |
contents: 'read' | |
security-events: 'write' | |
runs-on: 'ubuntu-latest' | |
steps: | |
- name: 'Check out the repo' | |
uses: 'actions/checkout@v3' | |
- name: 'Restore the cached build' | |
uses: 'actions/cache/restore@v3' | |
with: | |
fail-on-cache-miss: true | |
key: 'build-${{ github.sha }}' | |
path: | | |
cache-forge | |
out | |
cache-hh | |
artifacts | |
typechain | |
node_modules | |
- name: Install Foundry | |
uses: foundry-rs/foundry-toolchain@v1 | |
with: | |
version: nightly | |
- name: Compile foundry | |
run: forge clean && forge build --build-info --force | |
- name: 'Run Slither analysis' | |
uses: 'crytic/[email protected]' | |
id: 'slither' | |
with: | |
fail-on: 'none' | |
sarif: 'results.sarif' | |
node-version: 18 | |
ignore-compile: true | |
- name: 'Upload SARIF file to GitHub code scanning' | |
uses: 'github/codeql-action/upload-sarif@v2' | |
with: | |
sarif_file: ${{ steps.slither.outputs.sarif }} | |
- name: 'Add Slither summary' | |
run: | | |
echo "## Slither result" >> $GITHUB_STEP_SUMMARY | |
echo "✅ Uploaded to GitHub code scanning" >> $GITHUB_STEP_SUMMARY |