Skip to content

feat: prepare deployment immutable #376

feat: prepare deployment immutable

feat: prepare deployment immutable #376

Workflow file for this run

name: 'CI'
on:
workflow_dispatch:
pull_request:
push:
branches:
- 'main'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 18
cache: 'yarn'
- name: Setup repo
uses: ./.github/actions/setup-repo
with:
registry-token: ${{ secrets.GH_REGISTRY_ACCESS_TOKEN }}
- name: Install dependencies
run: yarn install
- name: Run solhint
run: yarn lint:check
- name: 'Add lint summary'
run: |
echo "## Lint result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: 'recursive'
- uses: actions/setup-node@v3
with:
node-version: 18
cache: 'yarn'
- name: Setup repo
uses: ./.github/actions/setup-repo
with:
registry-token: ${{ secrets.GH_REGISTRY_ACCESS_TOKEN }}
- name: Install dependencies
run: yarn install --frozen-lockfile
- name: Compile hardhat
run: yarn hardhat:compile
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly
- name: Compile foundry
run: yarn foundry:compile --sizes
- name: 'Cache the build so that it can be re-used by the other jobs'
uses: 'actions/cache/save@v3'
with:
key: 'build-${{ github.sha }}'
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- name: 'Add build summary'
run: |
echo "## Build result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
hardhat-tests:
needs: ['build', 'lint']
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 18
cache: 'yarn'
- name: 'Restore the cached build'
uses: 'actions/cache/restore@v3'
with:
fail-on-cache-miss: true
key: 'build-${{ github.sha }}'
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- run: export NODE_OPTIONS=--max_old_space_size=11264
- name: Run unit tests
run: yarn hardhat:test
env:
ENABLE_GAS_REPORT: true
CI: true
ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }}
ETH_NODE_URI_FORK: ${{ secrets.ETH_NODE_URI_FORK }}
ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }}
- name: 'Add test summary'
run: |
echo "## Hardhat Unit tests result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
foundry-tests:
needs: ['build', 'lint']
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: 'recursive'
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly
- name: 'Restore the cached build'
uses: 'actions/cache/restore@v3'
with:
fail-on-cache-miss: true
key: 'build-${{ github.sha }}'
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- name: Run Foundry tests
run: yarn foundry:test
env:
ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }}
ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }}
ETH_NODE_URI_GOERLI: ${{ secrets.ETH_NODE_URI_GOERLI }}
ETH_NODE_URI_FANTOM: ${{ secrets.ETH_NODE_URI_FANTOM }}
FOUNDRY_FUZZ_RUNS: '5000'
- name: 'Add test summary'
run: |
echo "## Foundry Unit tests result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
slither-analyze:
needs: ['build', 'lint']
permissions:
actions: 'read'
contents: 'read'
security-events: 'write'
runs-on: 'ubuntu-latest'
steps:
- name: 'Check out the repo'
uses: 'actions/checkout@v3'
- name: 'Restore the cached build'
uses: 'actions/cache/restore@v3'
with:
fail-on-cache-miss: true
key: 'build-${{ github.sha }}'
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly
- name: Compile foundry
run: forge clean && forge build --build-info --force
- name: 'Run Slither analysis'
uses: 'crytic/[email protected]'
id: 'slither'
with:
fail-on: 'none'
sarif: 'results.sarif'
node-version: 18
ignore-compile: true
- name: 'Upload SARIF file to GitHub code scanning'
uses: 'github/codeql-action/upload-sarif@v2'
with:
sarif_file: ${{ steps.slither.outputs.sarif }}
- name: 'Add Slither summary'
run: |
echo "## Slither result" >> $GITHUB_STEP_SUMMARY
echo "✅ Uploaded to GitHub code scanning" >> $GITHUB_STEP_SUMMARY