forked from zksync-association/zk-governance
-
Notifications
You must be signed in to change notification settings - Fork 0
148 lines (124 loc) · 5.11 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
name: L2 contracts ci
on:
workflow_dispatch:
pull_request:
push:
branches:
- main
env:
FOUNDRY_PROFILE: ci
jobs:
build:
defaults:
run:
working-directory: ./l2-contracts
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
- name: Install the dependencies
run: npm install
- name: Build contracts
run: npm run compile
test:
defaults:
run:
working-directory: ./l2-contracts
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install Foundry
uses: dutterbutter/foundry-zksync-toolchain@v1
- name: Install the dependencies
run: npm install
- name: Run tests
run: forge test --no-match-path .integration.t.sol --zksync
- name: Run Era test node
uses: dutterbutter/[email protected]
- name: Run tests
run: npx hardhat test
## coverage:
## defaults:
## run:
## working-directory: ./l2-contracts
## runs-on: ubuntu-latest
## env:
## SKIP_SAFETY_CHECK_IN_UPGRADE_TEST: true
## steps:
## - uses: actions/checkout@v3
## - name: Install Foundry
## uses: dutterbutter/foundry-zksync-toolchain@v1
## - name: Run coverage
## run: FOUNDRY_PROFILE=default npm run foundry-test && FOUNDRY_PROFILE=default forge coverage --report summary --report lcov --no-match-path .integration.t.sol --zksync
## # To ignore coverage for certain directories modify the paths in this step as needed. The
## # below default ignores coverage results for the test and script directories. Alternatively,
## # to include coverage in all directories, comment out this step. Note that because this
## # filtering applies to the lcov file, the summary table generated in the previous step will
## # still include all files and directories.
## # The `--rc lcov_branch_coverage=1` part keeps branch info in the filtered report, since lcov
## # defaults to removing branch info.
## - name: Filter directories
## run: |
## sudo apt update && sudo apt install -y lcov
## lcov --remove lcov.info 'test/*' 'script/*' 'src/lib/*' --output-file lcov.info --rc lcov_branch_coverage=1
## # This step posts a detailed coverage report as a comment and deletes previous comments on
## # each push. The below step is used to fail coverage if the specified coverage threshold is
## # not met. The below step can post a comment (when it's `github-token` is specified) but it's
## # not as useful, and this action cannot fail CI based on a minimum coverage threshold, which
## # is why we use both in this way.
## - name: Post coverage report
## if: github.event_name == 'pull_request' # This action fails when ran outside of a pull request.
## uses: romeovs/[email protected]
## with:
## delete-old-comments: true
## lcov-file: ./lcov.info
## github-token: ${{ secrets.GITHUB_TOKEN }} # Adds a coverage summary comment to the PR.
## - name: Verify minimum coverage
## uses: zgosalvez/github-actions-report-lcov@v2
## with:
## coverage-files: ./lcov.info
## minimum-coverage: 83 # Set coverage threshold.
lint:
defaults:
run:
shell: bash
working-directory: ./l2-contracts
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
- name: Install scopelint
uses: engineerd/[email protected]
with:
name: scopelint
repo: ScopeLift/scopelint
fromGitHubReleases: true
version: latest
pathInArchive: scopelint-x86_64-linux/scopelint
urlTemplate: https://github.com/ScopeLift/scopelint/releases/download/{{version}}/scopelint-x86_64-linux.tar.xz
token: ${{ secrets.GITHUB_TOKEN }}
- name: Check formatting
run: |
scopelint --version
scopelint check
# DISABLED WHILE REPO IS PRIVATE
# slither-analyze:
# runs-on: ubuntu-latest
# permissions:
# contents: read
# security-events: write
# steps:
# - uses: actions/checkout@v3
# - name: Run Slither
# uses: crytic/[email protected]
# id: slither # Required to reference this step in the next step.
# with:
# fail-on: none # Required to avoid failing the CI run regardless of findings.
# sarif: results.sarif
# slither-args: --filter-paths "./lib|./test" --exclude naming-convention,solc-version
# - name: Upload SARIF file
# uses: github/codeql-action/upload-sarif@v2
# with:
# sarif_file: ${{ steps.slither.outputs.sarif }}