Feat/script migration #37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "CI" | |
env: | |
FOUNDRY_PROFILE: "ci" | |
on: | |
workflow_dispatch: | |
pull_request: | |
push: | |
branches: | |
- "main" | |
jobs: | |
lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
cache: "yarn" | |
- name: Setup repo | |
uses: ./.github/actions/setup-repo | |
with: | |
registry-token: ${{ secrets.GH_REGISTRY_ACCESS_TOKEN }} | |
- name: Run solhint | |
run: yarn lint:check | |
- name: "Add lint summary" | |
run: | | |
echo "## Lint result" >> $GITHUB_STEP_SUMMARY | |
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: "recursive" | |
- name: Install Foundry | |
uses: foundry-rs/foundry-toolchain@v1 | |
with: | |
version: nightly | |
- name: Setup repo | |
uses: ./.github/actions/setup-repo | |
with: | |
registry-token: ${{ secrets.GH_REGISTRY_ACCESS_TOKEN }} | |
- name: Compile foundry | |
run: yarn compile --sizes | |
- name: "Cache the build so that it can be re-used by the other jobs" | |
uses: "actions/cache/save@v3" | |
with: | |
key: "build-${{ github.sha }}" | |
path: | | |
cache-forge | |
out | |
node_modules | |
- name: "Add build summary" | |
run: | | |
echo "## Build result" >> $GITHUB_STEP_SUMMARY | |
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY | |
test-unit: | |
needs: ["build", "lint"] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: "recursive" | |
- uses: actions/cache/restore@v3 | |
with: | |
fail-on-cache-miss: true | |
path: | | |
cache-forge | |
out | |
node_modules | |
key: "build-${{ github.sha }}" | |
- name: Install Foundry | |
uses: foundry-rs/foundry-toolchain@v1 | |
with: | |
version: nightly | |
- name: Run Foundry tests | |
run: yarn test:unit | |
env: | |
ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }} | |
ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }} | |
ETH_NODE_URI_OPTIMISM: ${{ secrets.ETH_NODE_URI_OPTIMISM }} | |
ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }} | |
# test-invariant: | |
# needs: ["build", "lint"] | |
# runs-on: ubuntu-latest | |
# steps: | |
# - uses: actions/checkout@v3 | |
# with: | |
# submodules: "recursive" | |
# | |
# - uses: actions/cache/restore@v3 | |
# with: | |
# fail-on-cache-miss: true | |
# path: | | |
# cache-forge | |
# out | |
# node_modules | |
# key: "build-${{ github.sha }}" | |
# | |
# - name: Install Foundry | |
# uses: foundry-rs/foundry-toolchain@v1 | |
# with: | |
# version: nightly | |
# | |
# - name: Run Foundry tests | |
# run: yarn test:invariant | |
# env: | |
# FOUNDRY_INVARIANT_RUNS: "8" | |
# FOUNDRY_INVARIANT_DEPTH: "256" | |
# ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }} | |
# ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }} | |
# ETH_NODE_URI_OPTIMISM: ${{ secrets.ETH_NODE_URI_OPTIMISM }} | |
# ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }} | |
# | |
# test-fuzz: | |
# needs: ["build", "lint"] | |
# runs-on: ubuntu-latest | |
# steps: | |
# - uses: actions/checkout@v3 | |
# with: | |
# submodules: "recursive" | |
# | |
# - uses: actions/cache/restore@v3 | |
# with: | |
# fail-on-cache-miss: true | |
# path: | | |
# cache-forge | |
# out | |
# node_modules | |
# key: "build-${{ github.sha }}" | |
# | |
# - name: Install Foundry | |
# uses: foundry-rs/foundry-toolchain@v1 | |
# with: | |
# version: nightly | |
# | |
# - name: Run Foundry tests | |
# run: yarn test:fuzz | |
# env: | |
# FOUNDRY_FUZZ_RUNS: "5000" | |
# ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }} | |
# ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }} | |
# ETH_NODE_URI_OPTIMISM: ${{ secrets.ETH_NODE_URI_OPTIMISM }} | |
# ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }} | |
coverage: | |
needs: ["build", "lint"] | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: "recursive" | |
- uses: actions/cache/restore@v3 | |
with: | |
fail-on-cache-miss: true | |
path: | | |
cache-forge | |
out | |
node_modules | |
key: "build-${{ github.sha }}" | |
- name: "Install Foundry" | |
uses: "foundry-rs/foundry-toolchain@v1" | |
- name: "Install lcov" | |
run: "sudo apt-get install lcov" | |
- name: "Generate the coverage report using the unit and the integration tests" | |
run: "yarn ci:coverage" | |
env: | |
ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }} | |
ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }} | |
ETH_NODE_URI_OPTIMISM: ${{ secrets.ETH_NODE_URI_OPTIMISM }} | |
ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }} | |
- name: "Upload coverage report to Codecov" | |
uses: "codecov/codecov-action@v3" | |
with: | |
files: "./lcov.info" | |
token: ${{ secrets.CODECOV_TOKEN }} | |
- name: "Add coverage summary" | |
run: | | |
echo "## Coverage result" >> $GITHUB_STEP_SUMMARY | |
echo "✅ Uploaded to Codecov" >> $GITHUB_STEP_SUMMARY | |
slither-analyze: | |
needs: ["build", "lint"] | |
runs-on: "ubuntu-latest" | |
permissions: | |
actions: "read" | |
contents: "read" | |
security-events: "write" | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: "recursive" | |
- name: Install Foundry | |
uses: foundry-rs/foundry-toolchain@v1 | |
with: | |
version: nightly | |
- name: Compile foundry | |
run: forge clean && forge build --build-info --force --skip "*/test/**" "*/scripts/**" | |
- name: Setup tmate session | |
uses: mxschmitt/action-tmate@v3 | |
- name: "Install Slither" | |
run: "python3 -m pip install slither-analyzer" | |
- name: "Run Slither analysis" | |
run: "slither . --ignore-compile --sarif results.sarif --fail-none" | |
- name: "Run Slither analysis" | |
uses: "crytic/[email protected]" | |
id: "slither" | |
with: | |
ignore-compile: true | |
fail-on: "none" | |
sarif: "results.sarif" | |
- name: "Upload SARIF file to GitHub code scanning" | |
uses: "github/codeql-action/upload-sarif@v2" | |
with: | |
sarif_file: ${{ steps.slither.outputs.sarif }} | |
- name: "Add Slither summary" | |
run: | | |
echo "## Slither result" >> $GITHUB_STEP_SUMMARY | |
echo "✅ Uploaded to GitHub code scanning" >> $GITHUB_STEP_SUMMARY |