Skip to content

Commit

Permalink
CI improvements (#42)
Browse files Browse the repository at this point in the history 
* chore: upgrade linters and formatters

* refactor: rename tests extensions in foundry from .s to .t

* chore: add slither db

* chore: upgrade CI to run on every PRs + run slither and foundry tests

* chore: deep ci that runs every week

* doc: update package.json metadata

* doc: update ci badge
  • Loading branch information
@0xtekgrinder
0xtekgrinder authored Nov 2, 2023
1 parent d317dd4 commit ea9db69
Show file tree
Hide file tree
Showing 22 changed files with 1,324 additions and 440 deletions.
151 changes: 151 additions & 0 deletions .github/workflows/ci-deep.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,151 @@
name: "CI Deep"

on:
schedule:
- cron: "0 3 * * 0" # at 3:00am UTC every Sunday
workflow_dispatch:
inputs:
fuzzRuns:
default: "100000"
description: "Unit: number of fuzz runs."
required: false

jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3

- uses: actions/setup-node@v3
with:
node-version: 18
cache: "yarn"

- name: Install dependencies
run: yarn install

- name: Run solhint
run: yarn lint:check

- name: "Add lint summary"
run: |
echo "## Lint result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: "recursive"

- uses: actions/setup-node@v3
with:
node-version: 18
cache: "yarn"

- name: Install dependencies
run: yarn install --frozen-lockfile

- name: Compile hardhat
run: yarn hardhat:compile

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly

- name: Compile foundry
run: yarn foundry:compile --sizes

- name: "Cache the build so that it can be re-used by the other jobs"
uses: "actions/cache/save@v3"
with:
key: "build-${{ github.sha }}"
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- name: "Add build summary"
run: |
echo "## Build result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
hardhat-tests:
needs: ["build", "lint"]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3

- uses: actions/setup-node@v3
with:
node-version: 18
cache: "yarn"

- name: "Restore the cached build"
uses: "actions/cache/restore@v3"
with:
fail-on-cache-miss: true
key: "build-${{ github.sha }}"
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- run: export NODE_OPTIONS=--max_old_space_size=11264

- name: Run unit tests
run: yarn hardhat:test
env:
ENABLE_GAS_REPORT: true
CI: true
ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }}

- name: "Add test summary"
run: |
echo "## Hardhat Unit tests result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
foundry-tests:
needs: ["build", "lint"]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: "recursive"

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly

- name: "Restore the cached build"
uses: "actions/cache/restore@v3"
with:
fail-on-cache-miss: true
key: "build-${{ github.sha }}"
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- name: Run Foundry tests
run: yarn foundry:test
env:
ETH_NODE_URI_OPTIMISM: ${{ secrets.ETH_NODE_URI_OPTIMISM }}
FOUNDRY_FUZZ_RUNS: ${{ github.event.inputs.fuzzRuns }}

- name: "Add test summary"
run: |
echo "## Foundry Unit tests result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
203 changes: 150 additions & 53 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
@@ -1,78 +1,175 @@
name: Merkl Contracts CI
name: CI

on:
push:
branches:
- main
workflow_dispatch:
inputs:
workflow_to_run:
type: choice
description: Which workflow to run?
required: true
options:
- all
- hardhat-tests
- foundry-tests
pull_request:
types:
- ready_for_review
- review_requested
pull_request_review:
types: [submitted]

defaults:
run:
shell: bash
push:
branches:
- "main"

jobs:
run-linters:
name: Run Linters
if: github.ref == 'refs/heads/main' || github.event.review.state == 'approved' || github.event.action == 'ready_for_review' || github.event.action == 'review_requested'
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: 14
- uses: actions/cache@v2
- uses: actions/checkout@v3

- uses: actions/setup-node@v3
with:
path: node_modules
key: yarn-${{ hashFiles('yarn.lock') }}
restore-keys: yarn-
node-version: 18
cache: "yarn"

- name: Install dependencies
run: |
npm config set //registry.npmjs.org/
yarn install --frozen-lockfile
run: yarn install

- name: Run solhint
run: yarn solhint --fix --max-warnings 20 'contracts/**/*.sol'
- name: Run eslint
run: yarn eslint --ignore-path .gitignore --fix --max-warnings 30 'test/**/*.{js,ts}' '*.{js,ts}'
run: yarn lint:check

hardhat-tests:
name: Run Hardhat Tests
if: github.ref == 'refs/heads/main' || github.event.inputs.workflow_to_run == 'all' || github.event.inputs.workflow_to_run == 'hardhat-tests' || github.event.review.state == 'approved' || github.event.action == 'ready_for_review' || github.event.action == 'review_requested'
- name: "Add lint summary"
run: |
echo "## Lint result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
- uses: actions/checkout@v3
with:
node-version: 14
- uses: actions/cache@v2
submodules: "recursive"

- uses: actions/setup-node@v3
with:
path: node_modules
key: yarn-${{ hashFiles('yarn.lock') }}
restore-keys: yarn-
node-version: 18
cache: "yarn"

- name: Install dependencies
run: |
npm config set //registry.npmjs.org/
yarn install --frozen-lockfile
run: yarn install --frozen-lockfile

- name: Compile
- name: Compile hardhat
run: yarn hardhat:compile

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly

- name: Compile foundry
run: yarn foundry:compile --sizes

- name: "Cache the build so that it can be re-used by the other jobs"
uses: "actions/cache/save@v3"
with:
key: "build-${{ github.sha }}"
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- name: "Add build summary"
run: |
echo "## Build result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
hardhat-tests:
needs: ["build", "lint"]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3

- uses: actions/setup-node@v3
with:
node-version: 18
cache: "yarn"

- name: "Restore the cached build"
uses: "actions/cache/restore@v3"
with:
fail-on-cache-miss: true
key: "build-${{ github.sha }}"
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- run: export NODE_OPTIONS=--max_old_space_size=11264

- name: Run unit tests
run: yarn hardhat:test
env:
ENABLE_GAS_REPORT: true
CI: true
ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }}

- name: "Add test summary"
run: |
echo "## Hardhat Unit tests result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
foundry-tests:
needs: ["build", "lint"]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: "recursive"

- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly

- name: "Restore the cached build"
uses: "actions/cache/restore@v3"
with:
fail-on-cache-miss: true
key: "build-${{ github.sha }}"
path: |
cache-forge
out
cache-hh
artifacts
typechain
node_modules
- name: Run Foundry tests
run: yarn foundry:test
env:
FOUNDRY_FUZZ_RUNS: "5000"
ETH_NODE_URI_OPTIMISM: ${{ secrets.ETH_NODE_URI_OPTIMISM }}

- name: "Add test summary"
run: |
echo "## Foundry Unit tests result" >> $GITHUB_STEP_SUMMARY
echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
slither-analyze:
needs: ["build", "lint"]
permissions:
actions: "read"
contents: "read"
security-events: "write"
runs-on: "ubuntu-latest"
steps:
- name: "Check out the repo"
uses: "actions/checkout@v3"

- name: "Run Slither analysis"
uses: "crytic/[email protected]"
id: "slither"
with:
fail-on: "none"
sarif: "results.sarif"
node-version: 18

- name: "Upload SARIF file to GitHub code scanning"
uses: "github/codeql-action/upload-sarif@v2"
with:
sarif_file: ${{ steps.slither.outputs.sarif }}

- name: "Add Slither summary"
run: |
echo "## Slither result" >> $GITHUB_STEP_SUMMARY
echo "✅ Uploaded to GitHub code scanning" >> $GITHUB_STEP_SUMMARY
1 change: 0 additions & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ export
typechain
slither-audit.txt
slither
slither.db.json

# Test output
coverage
Expand Down
Loading

0 comments on commit ea9db69

Please sign in to comment.