Governance Checks #4349
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Governance Checks | |
on: | |
schedule: | |
- cron: '0 */3 * * *' | |
push: | |
branches: | |
- main | |
workflow_dispatch: | |
jobs: | |
check-proposals: | |
strategy: | |
# Set fail-fast to false to ensure all Matrix runs complete even if one fails. | |
fail-fast: false | |
matrix: | |
include: | |
- DAO_NAME: 'ArbCore' | |
GOVERNOR_ADDRESS: '0xf07DeD9dC292157749B6Fd268E37DF6EA38395B9' | |
ONLY_RELEVANT: true | |
- DAO_NAME: 'ArbTreasury' | |
GOVERNOR_ADDRESS: '0x789fC99093B09aD01C34DC7251D0C89ce743e5a4' | |
ONLY_RELEVANT: true | |
name: Check all live proposals | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Set up node | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 16 | |
registry-url: https://registry.npmjs.org | |
- name: Get yarn cache directory path | |
id: yarn-cache-dir-path | |
run: echo "::set-output name=dir::$(yarn cache dir)" | |
- uses: actions/cache@v3 | |
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`) | |
with: | |
path: ${{ steps.yarn-cache-dir-path.outputs.dir }} | |
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} | |
restore-keys: | | |
${{ runner.os }}-yarn- | |
- name: Install dependencies | |
run: yarn install --frozen-lockfile | |
- name: Set up Python | |
uses: actions/setup-python@v3 | |
with: | |
python-version: '3.10' | |
- name: Install solc-select | |
run: pip3 install solc-select | |
- name: Install Slither | |
run: pip3 install slither-analyzer | |
- name: Run checks | |
run: yarn start | |
env: | |
ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
RPC_URL: ${{ secrets.RPC_URL }} | |
L1_RPC_URL: ${{ secrets.L1_RPC_URL }} | |
ARB1_RPC_URL: ${{ secrets.ARB1_RPC_URL }} | |
NOVA_RPC_URL: ${{ secrets.NOVA_RPC_URL }} | |
TENDERLY_ACCESS_TOKEN: ${{ secrets.TENDERLY_ACCESS_TOKEN }} | |
TENDERLY_USER: ${{ secrets.TENDERLY_USER }} | |
TENDERLY_PROJECT_SLUG: ${{ secrets.TENDERLY_PROJECT_SLUG }} | |
DAO_NAME: ${{ matrix.DAO_NAME }} | |
GOVERNOR_ADDRESS: ${{ matrix.GOVERNOR_ADDRESS }} | |
ONLY_RELEVANT: ${{ matrix.ONLY_RELEVANT }} | |
- name: Upload artifacts | |
# We always upload artifacts, even if certain proposal sims/checks failed. This is because | |
# we don't want to block generating all reports for all DAOs when a single one fails. | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ matrix.DAO_NAME }} | |
path: reports/${{ matrix.DAO_NAME }}/${{ matrix.GOVERNOR_ADDRESS }}/ |