Skip to content

Check if Certora Key is set in the repo for CI (#52) #5

Check if Certora Key is set in the repo for CI (#52)

Check if Certora Key is set in the repo for CI (#52) #5

name: certora
on:
push:
branches:
- main
pull_request:
branches:
- main
env:
CERTORAKEY: ${{ secrets.CERTORA_KEY }}
jobs:
check-secret:
runs-on: ubuntu-latest
outputs:
certora-key-exists: ${{ steps.certora-key-check.outputs.defined }}
steps:
- name: Check for Certora Secret availability
id: certora-key-check
# perform secret check & put boolean result as an output
run: |
if [[ -n "${CERTORAKEY}" ]]; then
echo "defined=true" >> $GITHUB_OUTPUT;
echo "CERTORA_KEY exists"
else
echo "defined=false" >> $GITHUB_OUTPUT;
echo "CERTORA_KEY does not exist"
fi
verify:
needs: [check-secret]
if: needs.check-secret.outputs.certora-key-exists == 'true'
runs-on: ubuntu-latest
strategy:
matrix:
rule: ['SocialRecoveryModule', 'GuardianStorage', 'RecoveryConfirmationSignatureValidity']
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20.x
cache: npm
- name: Install python
uses: actions/setup-python@v5
with:
python-version: 3.11
cache: 'pip'
- name: Install certora cli
run: pip install -r certora/requirements.txt
- name: Install solc
run: |
wget https://github.com/ethereum/solidity/releases/download/v0.8.20/solc-static-linux
chmod +x solc-static-linux
sudo mv solc-static-linux /usr/local/bin/solc-0.8.20
- name: Install dependencies
run: yarn install --frozen-lockfile
- name: Verify rule ${{ matrix.rule }}
run: |
certoraRun certora/conf/${{ matrix.rule }}.conf --wait_for_results=all