diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 26e09e67..3868e0d7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -85,225 +85,225 @@ jobs: with: token: ${{ secrets.CODECOV_TOKEN }} - # prepare: - # name: Prepare release - # if: startsWith(github.head_ref, 'release/') - # runs-on: ubuntu-22.04 - # needs: coverage - # outputs: - # release_version: ${{ steps.parse.outputs.release_version }} - # release_path: ${{ steps.parse.outputs.release_path }} - # release_network: ${{ steps.parse.outputs.release_network }} - # release_title: ${{ steps.parse.outputs.release_title }} - # release_description: ${{ steps.parse.outputs.release_description }} - # release_multisig: ${{ steps.parse.outputs.release_multisig }} - # release_audited: ${{ steps.parse.outputs.release_audited }} - # release_deploy_cmd: ${{ steps.parse.outputs.release_deploy_cmd }} - # release_verify_cmd: ${{ steps.parse.outputs.release_verify_cmd }} - # release_finish_cmd: ${{ steps.parse.outputs.release_finish_cmd }} - # steps: - # - uses: actions/checkout@v3 - # with: - # ref: ${{ github.event.pull_request.head.sha }} - # fetch-depth: 0 + prepare: + name: Prepare release + if: startsWith(github.head_ref, 'release/') + runs-on: ubuntu-22.04 + needs: coverage + outputs: + release_version: ${{ steps.parse.outputs.release_version }} + release_path: ${{ steps.parse.outputs.release_path }} + release_network: ${{ steps.parse.outputs.release_network }} + release_title: ${{ steps.parse.outputs.release_title }} + release_description: ${{ steps.parse.outputs.release_description }} + release_multisig: ${{ steps.parse.outputs.release_multisig }} + release_audited: ${{ steps.parse.outputs.release_audited }} + release_deploy_cmd: ${{ steps.parse.outputs.release_deploy_cmd }} + release_verify_cmd: ${{ steps.parse.outputs.release_verify_cmd }} + release_finish_cmd: ${{ steps.parse.outputs.release_finish_cmd }} + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 - # - name: Parse release info - # id: parse - # run: | - # version=${BRANCH_NAME#release\/} - # release_path=releases/$version - # network=$(yq -r .network $release_path/index.yml) - # path=$release_path/$network - # echo "release_version=$version" >> $GITHUB_OUTPUT - # echo "release_path=$path" >> $GITHUB_OUTPUT - # echo "release_network=$network" >> $GITHUB_OUTPUT - # echo "release_multisig=$(jq -r .$network releases/deployments/multisigs.json)" >> $GITHUB_OUTPUT - # echo "release_deploy_cmd=$(yq -r '.deploy // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT - # echo "release_verify_cmd=$(yq -r '.verify // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT - # echo "release_finish_cmd=$(yq -r '.finish // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT - # echo "release_audited=$(yq -r '.audited // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT - # echo "release_title=$(yq -r '.title // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT - # echo "release_description<> $GITHUB_OUTPUT - # echo "$(yq -r '.description // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT - # echo "DESCRIPTION_DELIMITER" >> $GITHUB_OUTPUT - # env: - # BRANCH_NAME: ${{ github.head_ref }} + - name: Parse release info + id: parse + run: | + version=${BRANCH_NAME#release\/} + release_path=releases/$version + network=$(yq -r .network $release_path/index.yml) + path=$release_path/$network + echo "release_version=$version" >> $GITHUB_OUTPUT + echo "release_path=$path" >> $GITHUB_OUTPUT + echo "release_network=$network" >> $GITHUB_OUTPUT + echo "release_multisig=$(jq -r .$network releases/deployments/multisigs.json)" >> $GITHUB_OUTPUT + echo "release_deploy_cmd=$(yq -r '.deploy // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT + echo "release_verify_cmd=$(yq -r '.verify // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT + echo "release_finish_cmd=$(yq -r '.finish // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT + echo "release_audited=$(yq -r '.audited // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT + echo "release_title=$(yq -r '.title // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT + echo "release_description<> $GITHUB_OUTPUT + echo "$(yq -r '.description // ""' $release_path/index.yml)" >> $GITHUB_OUTPUT + echo "DESCRIPTION_DELIMITER" >> $GITHUB_OUTPUT + env: + BRANCH_NAME: ${{ github.head_ref }} - # - name: Output summary - # run: | - # echo "## $TITLE" >> $GITHUB_STEP_SUMMARY - # echo "" >> $GITHUB_STEP_SUMMARY - # echo "**Network:** $NETWORK" >> $GITHUB_STEP_SUMMARY - # echo "**Commit:** [\`$COMMIT\`]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/tree/$COMMIT)" >> $GITHUB_STEP_SUMMARY - # echo "" >> $GITHUB_STEP_SUMMARY - # echo "$DESCRIPTION" >> $GITHUB_STEP_SUMMARY - # echo "" >> $GITHUB_STEP_SUMMARY - # env: - # TITLE: ${{ steps.parse.outputs.release_title }} - # DESCRIPTION: ${{ steps.parse.outputs.release_description }} - # NETWORK: ${{ steps.parse.outputs.release_network }} - # COMMIT: ${{ github.event.pull_request.head.sha }} + - name: Output summary + run: | + echo "## $TITLE" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "**Network:** $NETWORK" >> $GITHUB_STEP_SUMMARY + echo "**Commit:** [\`$COMMIT\`]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/tree/$COMMIT)" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "$DESCRIPTION" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + env: + TITLE: ${{ steps.parse.outputs.release_title }} + DESCRIPTION: ${{ steps.parse.outputs.release_description }} + NETWORK: ${{ steps.parse.outputs.release_network }} + COMMIT: ${{ github.event.pull_request.head.sha }} - # - name: Output audit info - # if: "steps.parse.outputs.release_audited != ''" - # run: | - # echo "---" >> $GITHUB_STEP_SUMMARY - # echo "### Audit" >> $GITHUB_STEP_SUMMARY - # echo "Audited contracts at commit [\`$AUDIT_COMMIT\`]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/tree/$AUDIT_COMMIT) :detective:" >> $GITHUB_STEP_SUMMARY - # audit_diff="$(git diff $AUDIT_COMMIT *.sol)" - # if [[ -z $audit_diff ]]; then - # echo "Contracts have not been modified since audit :heavy_check_mark:" >> $GITHUB_STEP_SUMMARY - # else - # echo "Contracts have been modified since audit :warning:" >> $GITHUB_STEP_SUMMARY - # echo "" >> $GITHUB_STEP_SUMMARY - # echo "\`\`\`diff" >> $GITHUB_STEP_SUMMARY - # echo "$audit_diff" >> $GITHUB_STEP_SUMMARY - # echo "\`\`\`" >> $GITHUB_STEP_SUMMARY - # fi - # env: - # AUDIT_COMMIT: ${{ steps.parse.outputs.release_audited }} + - name: Output audit info + if: "steps.parse.outputs.release_audited != ''" + run: | + echo "---" >> $GITHUB_STEP_SUMMARY + echo "### Audit" >> $GITHUB_STEP_SUMMARY + echo "Audited contracts at commit [\`$AUDIT_COMMIT\`]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/tree/$AUDIT_COMMIT) :detective:" >> $GITHUB_STEP_SUMMARY + audit_diff="$(git diff $AUDIT_COMMIT *.sol)" + if [[ -z $audit_diff ]]; then + echo "Contracts have not been modified since audit :heavy_check_mark:" >> $GITHUB_STEP_SUMMARY + else + echo "Contracts have been modified since audit :warning:" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "\`\`\`diff" >> $GITHUB_STEP_SUMMARY + echo "$audit_diff" >> $GITHUB_STEP_SUMMARY + echo "\`\`\`" >> $GITHUB_STEP_SUMMARY + fi + env: + AUDIT_COMMIT: ${{ steps.parse.outputs.release_audited }} - # deploy: - # name: Deploy contracts - # if: startsWith(github.head_ref, 'release/') - # runs-on: ubuntu-22.04 - # timeout-minutes: 20 - # needs: prepare - # environment: production - # outputs: - # deploy_commit: ${{ steps.commit.outputs.commit_hash }} - # steps: - # - uses: actions/checkout@v3 - # with: - # ref: ${{ github.event.pull_request.head.sha }} - # - uses: actions/setup-node@v3 - # with: - # node-version: '14' - # cache: 'yarn' - # - run: yarn install --frozen-lockfile + deploy: + name: Deploy contracts + if: startsWith(github.head_ref, 'release/') + runs-on: ubuntu-22.04 + timeout-minutes: 20 + needs: prepare + environment: production + outputs: + deploy_commit: ${{ steps.commit.outputs.commit_hash }} + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha }} + - uses: actions/setup-node@v3 + with: + node-version: '14' + cache: 'yarn' + - run: yarn install --frozen-lockfile - # - name: Get build artifacts - # uses: actions/download-artifact@v3 - # with: - # name: contract-artifacts + - name: Get build artifacts + uses: actions/download-artifact@v3 + with: + name: contract-artifacts - # - name: Deploy contracts - # run: eval yarn hardhat --network ${{ needs.prepare.outputs.release_network }} ${{ needs.prepare.outputs.release_deploy_cmd }} - # env: - # INFURA_PROJECT_ID: '${{ secrets.INFURA_PROJECT_ID }}' - # MUMBAI_MNEMONIC: '${{ secrets.MUMBAI_MNEMONIC }}' - # MUMBAI_NODE: '${{ secrets.MUMBAI_NODE }}' - # POLYGON_MNEMONIC: '${{ secrets.POLYGON_MNEMONIC }}' - # POLYGON_NODE: '${{ secrets.POLYGON_NODE }}' - # POLYGON_GAS_PRICE: 1200000000000 - # DEBUG: '@openzeppelin:*' - # # ETHERSCAN "${{ secrets.ETHERSCAN }}" - # POLYSCAN: '${{ secrets.POLYSCAN }}' - # RELEASE_PATH: '${{ needs.prepare.outputs.release_path }}' - # MULTISIG_ADDRESS: '${{ needs.prepare.outputs.release_multisig }}' + - name: Deploy contracts + run: eval yarn hardhat --network ${{ needs.prepare.outputs.release_network }} ${{ needs.prepare.outputs.release_deploy_cmd }} + env: + INFURA_PROJECT_ID: '${{ secrets.INFURA_PROJECT_ID }}' + MUMBAI_MNEMONIC: '${{ secrets.MUMBAI_MNEMONIC }}' + MUMBAI_NODE: '${{ secrets.MUMBAI_NODE }}' + POLYGON_MNEMONIC: '${{ secrets.POLYGON_MNEMONIC }}' + POLYGON_NODE: '${{ secrets.POLYGON_NODE }}' + POLYGON_GAS_PRICE: 1200000000000 + DEBUG: '@openzeppelin:*' + # ETHERSCAN "${{ secrets.ETHERSCAN }}" + POLYSCAN: '${{ secrets.POLYSCAN }}' + RELEASE_PATH: '${{ needs.prepare.outputs.release_path }}' + MULTISIG_ADDRESS: '${{ needs.prepare.outputs.release_multisig }}' - # - name: Commit changes - # uses: stefanzweifel/git-auto-commit-action@v4 - # id: commit - # if: always() - # with: - # commit_message: Update registries of deployed addresses - # file_pattern: '.openzeppelin/ releases/' - # skip_checkout: true - # # tagging_message: '${{ needs.prepare.outputs.release_version }}' + - name: Commit changes + uses: stefanzweifel/git-auto-commit-action@v4 + id: commit + if: always() + with: + commit_message: Update registries of deployed addresses + file_pattern: '.openzeppelin/ releases/' + skip_checkout: true + # tagging_message: '${{ needs.prepare.outputs.release_version }}' - # verify: - # name: Verify contracts - # if: "startsWith(github.head_ref, 'release/') && needs.prepare.outputs.release_verify_cmd != ''" - # runs-on: ubuntu-22.04 - # timeout-minutes: 60 - # needs: - # - build - # - prepare - # - deploy - # steps: - # - uses: actions/checkout@v3 - # with: - # ref: ${{ needs.deploy.outputs.deploy_commit || github.event.pull_request.head.sha }} - # - uses: actions/setup-node@v3 - # with: - # node-version: '14' - # cache: 'yarn' - # - run: yarn install --frozen-lockfile + verify: + name: Verify contracts + if: "startsWith(github.head_ref, 'release/') && needs.prepare.outputs.release_verify_cmd != ''" + runs-on: ubuntu-22.04 + timeout-minutes: 60 + needs: + - build + - prepare + - deploy + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ needs.deploy.outputs.deploy_commit || github.event.pull_request.head.sha }} + - uses: actions/setup-node@v3 + with: + node-version: '14' + cache: 'yarn' + - run: yarn install --frozen-lockfile - # - name: Get build artifacts - # uses: actions/download-artifact@v3 - # with: - # name: contract-artifacts + - name: Get build artifacts + uses: actions/download-artifact@v3 + with: + name: contract-artifacts - # - name: Verify contracts - # shell: bash - # run: | - # yarn hardhat --network ${{ needs.prepare.outputs.release_network }} ${{ needs.prepare.outputs.release_verify_cmd }} ${{ needs.prepare.outputs.release_version }} - # env: - # INFURA_PROJECT_ID: '${{ secrets.INFURA_PROJECT_ID }}' - # MUMBAI_MNEMONIC: '${{ secrets.MUMBAI_MNEMONIC }}' - # MUMBAI_NODE: '${{ secrets.MUMBAI_NODE }}' - # POLYGON_MNEMONIC: '${{ secrets.POLYGON_MNEMONIC }}' - # POLYGON_NODE: '${{ secrets.POLYGON_NODE }}' - # # ETHERSCAN "${{ secrets.ETHERSCAN }}" - # POLYSCAN: '${{ secrets.POLYSCAN }}' - # RELEASE_PATH: '${{ needs.prepare.outputs.release_path }}' - # ARTIFACT_REFERENCE_URL: '${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}' + - name: Verify contracts + shell: bash + run: | + yarn hardhat --network ${{ needs.prepare.outputs.release_network }} ${{ needs.prepare.outputs.release_verify_cmd }} ${{ needs.prepare.outputs.release_version }} + env: + INFURA_PROJECT_ID: '${{ secrets.INFURA_PROJECT_ID }}' + MUMBAI_MNEMONIC: '${{ secrets.MUMBAI_MNEMONIC }}' + MUMBAI_NODE: '${{ secrets.MUMBAI_NODE }}' + POLYGON_MNEMONIC: '${{ secrets.POLYGON_MNEMONIC }}' + POLYGON_NODE: '${{ secrets.POLYGON_NODE }}' + # ETHERSCAN "${{ secrets.ETHERSCAN }}" + POLYSCAN: '${{ secrets.POLYSCAN }}' + RELEASE_PATH: '${{ needs.prepare.outputs.release_path }}' + ARTIFACT_REFERENCE_URL: '${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}' - # finish-release: - # name: Finish release - # if: "startsWith(github.head_ref, 'release/')" - # runs-on: ubuntu-22.04 - # timeout-minutes: 20 - # environment: production - # needs: - # - prepare - # # - deploy - # steps: - # - uses: actions/checkout@v3 - # with: - # ref: ${{ needs.deploy.outputs.deploy_commit || github.event.pull_request.head.sha }} - # - uses: actions/setup-node@v3 - # with: - # node-version: '14' - # cache: 'yarn' - # - run: yarn install --frozen-lockfile + finish-release: + name: Finish release + if: "startsWith(github.head_ref, 'release/')" + runs-on: ubuntu-22.04 + timeout-minutes: 20 + environment: production + needs: + - prepare + # - deploy + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ needs.deploy.outputs.deploy_commit || github.event.pull_request.head.sha }} + - uses: actions/setup-node@v3 + with: + node-version: '14' + cache: 'yarn' + - run: yarn install --frozen-lockfile - # - name: Get build artifacts - # uses: actions/download-artifact@v3 - # with: - # name: contract-artifacts + - name: Get build artifacts + uses: actions/download-artifact@v3 + with: + name: contract-artifacts - # - name: Complete release - # if: "needs.prepare.outputs.release_finish_cmd != ''" - # shell: bash - # run: | - # yarn hardhat --network ${{ needs.prepare.outputs.release_network }} ${{ needs.prepare.outputs.release_finish_cmd }} ${{ needs.prepare.outputs.release_version }} "${{ needs.prepare.outputs.release_title }}" "${{ needs.prepare.outputs.release_description }}" - # env: - # INFURA_PROJECT_ID: '${{ secrets.INFURA_PROJECT_ID }}' - # MUMBAI_MNEMONIC: '${{ secrets.MUMBAI_MNEMONIC }}' - # MUMBAI_NODE: '${{ secrets.MUMBAI_NODE }}' - # POLYGON_MNEMONIC: "${{ secrets.POLYGON_MNEMONIC }}" - # POLYGON_NODE: "${{ secrets.POLYGON_NODE }}" - # POLYGON_GAS_PRICE: 1200000000000 - # DEBUG: '@openzeppelin:*' - # # ETHERSCAN "${{ secrets.ETHERSCAN }}" - # POLYSCAN: '${{ secrets.POLYSCAN }}' - # DEFENDER_API_KEY: '${{ secrets.DEFENDER_API_KEY }}' - # DEFENDER_API_SECRET: '${{ secrets.DEFENDER_API_SECRET }}' - # RELEASE_PATH: '${{ needs.prepare.outputs.release_path }}' - # MULTISIG_ADDRESS: '${{ needs.prepare.outputs.release_multisig }}' + - name: Complete release + if: "needs.prepare.outputs.release_finish_cmd != ''" + shell: bash + run: | + yarn hardhat --network ${{ needs.prepare.outputs.release_network }} ${{ needs.prepare.outputs.release_finish_cmd }} ${{ needs.prepare.outputs.release_version }} "${{ needs.prepare.outputs.release_title }}" "${{ needs.prepare.outputs.release_description }}" + env: + INFURA_PROJECT_ID: '${{ secrets.INFURA_PROJECT_ID }}' + MUMBAI_MNEMONIC: '${{ secrets.MUMBAI_MNEMONIC }}' + MUMBAI_NODE: '${{ secrets.MUMBAI_NODE }}' + POLYGON_MNEMONIC: "${{ secrets.POLYGON_MNEMONIC }}" + POLYGON_NODE: "${{ secrets.POLYGON_NODE }}" + POLYGON_GAS_PRICE: 1200000000000 + DEBUG: '@openzeppelin:*' + # ETHERSCAN "${{ secrets.ETHERSCAN }}" + POLYSCAN: '${{ secrets.POLYSCAN }}' + DEFENDER_API_KEY: '${{ secrets.DEFENDER_API_KEY }}' + DEFENDER_API_SECRET: '${{ secrets.DEFENDER_API_SECRET }}' + RELEASE_PATH: '${{ needs.prepare.outputs.release_path }}' + MULTISIG_ADDRESS: '${{ needs.prepare.outputs.release_multisig }}' - # - name: Link to run in PR - # uses: actions/github-script@v6 - # env: - # RUN_URL: '${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}' - # with: - # script: | - # github.rest.issues.createComment({ - # issue_number: context.issue.number, - # owner: context.repo.owner, - # repo: context.repo.repo, - # body: `[**Deploy finished**](${process.env.RUN_URL})`, - # }); + - name: Link to run in PR + uses: actions/github-script@v6 + env: + RUN_URL: '${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}' + with: + script: | + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: `[**Deploy finished**](${process.env.RUN_URL})`, + }); diff --git a/contracts/components/staking/rewards/RewardsDistributor.sol b/contracts/components/staking/rewards/RewardsDistributor.sol index ca5d6a33..57a38081 100644 --- a/contracts/components/staking/rewards/RewardsDistributor.sol +++ b/contracts/components/staking/rewards/RewardsDistributor.sol @@ -349,4 +349,8 @@ contract RewardsDistributor is BaseComponentUpgradeable, SubjectTypeValidator, I function isCurrentEpoch(uint256 timestamp) external view returns (bool) { return Accumulators.isCurrentEpoch(timestamp); } + + function foo() public view returns (bool) { + return true; + } } diff --git a/releases/1.15/index.yml b/releases/1.15/index.yml new file mode 100644 index 00000000..f0e830a0 --- /dev/null +++ b/releases/1.15/index.yml @@ -0,0 +1,11 @@ +title: Scanner Pool Default Fee Fix +network: mumbai +deploy: prepare-upgrade 1.15 +verify: verify-deployed +finish: propose-admin +description: | + ## Deployed new implementations: + - RewardsDistributor + + ## Output tx: + - Upgrade implementations \ No newline at end of file diff --git a/releases/1.15/polygon/config/upgrade.json b/releases/1.15/polygon/config/upgrade.json new file mode 100644 index 00000000..0a4e97bc --- /dev/null +++ b/releases/1.15/polygon/config/upgrade.json @@ -0,0 +1,14 @@ +{ + "RewardsDistributor": { + "impl": { + "opts": { + "unsafe-allow": [ + "delegatecall" + ], + "constructor-args": [ + "deployment.forwarder", "deployment.forta", "deployment.stake-subject-gateway" + ] + } + } + } +} \ No newline at end of file