Contracts #8816
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Contracts | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| pull_request_target: | |
| types: | |
| - labeled | |
| merge_group: | |
| workflow_dispatch: | |
| inputs: | |
| network: | |
| type: choice | |
| default: sepolia | |
| description: "Network to run fork and script tests on" | |
| options: | |
| - mainnet | |
| - optimism | |
| # - bsc | |
| - gnosis | |
| # - polygon | |
| - arbitrum | |
| - avalanche | |
| - sepolia | |
| required: true | |
| schedule: | |
| - cron: "0 0 * * *" | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.sha }}${{ inputs.network }} | |
| cancel-in-progress: true | |
| env: | |
| FOUNDRY_PROFILE: ci | |
| PROTECTED_RPC_URL: ${{ secrets.PROTECTED_RPC_URL }} | |
| jobs: | |
| contracts-turbo: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 3 | |
| outputs: | |
| trigger: ${{ steps.turbo.outputs.trigger }} | |
| steps: | |
| - name: Turbo Trigger | |
| id: turbo | |
| uses: wallet-rs/wallet-rs/.github/actions/turbo-trigger@main | |
| with: | |
| workspace: "@lightdotso/contracts" | |
| contracts-build: | |
| if: needs.contracts-turbo.outputs.trigger == 'true' | |
| needs: | |
| - contracts-turbo | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 90 | |
| steps: | |
| - name: Fetch Head | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Install Deps | |
| run: | | |
| forge install | |
| - name: Run Build | |
| run: | | |
| forge build | |
| contracts-lint: | |
| if: needs.contracts-turbo.outputs.trigger == 'true' | |
| needs: | |
| - contracts-turbo | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 90 | |
| steps: | |
| - name: Fetch Head | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Install Deps | |
| run: | | |
| forge install | |
| - name: Contracts Lint | |
| run: | | |
| forge fmt --check | |
| contracts-test: | |
| if: needs.contracts-turbo.outputs.trigger == 'true' | |
| needs: | |
| - contracts-turbo | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 90 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Fetch Head | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Install Deps | |
| run: | | |
| forge install | |
| - name: Run Test | |
| uses: nick-fields/retry@v2 | |
| with: | |
| timeout_seconds: 300 | |
| max_attempts: 3 | |
| retry_on: error | |
| command: | | |
| forge test | |
| env: | |
| FOUNDRY_PROFILE: local | |
| - name: Check Gas Snapshots | |
| uses: nick-fields/retry@v2 | |
| with: | |
| timeout_seconds: 300 | |
| max_attempts: 3 | |
| retry_on: error | |
| command: | | |
| make contracts-snapshot-check | |
| env: | |
| FOUNDRY_PROFILE: local | |
| - name: Run Coverage | |
| run: | | |
| forge coverage --report lcov | |
| - name: Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| fail_ci_if_error: false | |
| files: lcov.info | |
| flags: contracts | |
| contracts-fork: | |
| if: needs.contracts-turbo.outputs.trigger == 'true' || github.event_name == 'schedule' | |
| needs: | |
| - contracts-turbo | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| network: | |
| # - mainnet | |
| - optimism | |
| # - bsc | |
| # - gnosis | |
| # - polygon | |
| # - arbitrum | |
| # - avalanche | |
| - sepolia | |
| timeout-minutes: 90 | |
| env: | |
| FOUNDRY_PROFILE: fork | |
| steps: | |
| - name: Fetch Head | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Install Deps | |
| run: | | |
| forge install | |
| - name: Run Fork | |
| uses: nick-fields/retry@v2 | |
| with: | |
| timeout_seconds: 300 | |
| max_attempts: 3 | |
| retry_on: error | |
| command: | | |
| forge test | |
| env: | |
| NETWORK_NAME: ${{ matrix.network }} | |
| - name: Run Script Fork | |
| uses: nick-fields/retry@v2 | |
| with: | |
| timeout_seconds: 300 | |
| max_attempts: 3 | |
| retry_on: error | |
| command: | | |
| forge test | |
| env: | |
| FOUNDRY_PROFILE: script | |
| NETWORK_NAME: ${{ matrix.network }} | |
| PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }} | |
| contracts-script: | |
| if: github.event_name == 'workflow_dispatch' | |
| needs: | |
| - contracts-turbo | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 90 | |
| steps: | |
| - name: Fetch Head | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Install Deps | |
| run: | | |
| forge install | |
| - if: github.event_name == 'workflow_dispatch' | |
| name: Run Scripts | |
| run: | | |
| ./scripts/run_script_flow.sh | |
| env: | |
| NETWORK_NAME: ${{ github.event.inputs.network }} | |
| PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }} | |
| contracts-smt: | |
| if: needs.contracts-turbo.outputs.trigger == 'true' | |
| needs: | |
| - contracts-turbo | |
| runs-on: macos-latest | |
| timeout-minutes: 90 | |
| env: | |
| FOUNDRY_PROFILE: smt | |
| steps: | |
| - name: Fetch Head | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Install Deps | |
| run: | | |
| forge install | |
| - name: Contracts Smt | |
| run: | | |
| forge build > smt-checker-report.txt | |
| - name: Upload Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: smt-checker-report | |
| path: smt-checker-report.txt | |
| contracts-storage: | |
| if: needs.contracts-turbo.outputs.trigger == 'true' | |
| needs: | |
| - contracts-turbo | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 90 | |
| steps: | |
| - name: Fetch Head | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Install Deps | |
| run: | | |
| forge install | |
| - name: Run Build | |
| run: | | |
| forge build | |
| - name: Size Check | |
| run: | | |
| make contracts-size | |
| - name: Storage Check | |
| run: | | |
| for ((i=1; i<=3; i++)); | |
| do make contracts-storage; | |
| done | |
| - name: Check Changes | |
| run: | | |
| git diff --quiet | |
| - if: failure() | |
| name: Show Storage Changes | |
| run: | | |
| git diff | |
| contracts-noir: | |
| if: needs.contracts-turbo.outputs.trigger == 'true' | |
| needs: | |
| - contracts-turbo | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 90 | |
| env: | |
| FOUNDRY_PROFILE: noir | |
| steps: | |
| - name: Fetch Head | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Install Nargo | |
| uses: noir-lang/noirup@v0.1.3 | |
| with: | |
| toolchain: v0.6.0 | |
| - name: Run Test | |
| working-directory: contracts/circuits | |
| run: | | |
| nargo test | |
| - name: Install Deps | |
| run: | | |
| forge install | |
| - name: Run Test | |
| run: | | |
| forge test | |
| contracts-slither: | |
| if: needs.contracts-turbo.outputs.trigger == 'true' | |
| needs: | |
| - contracts-turbo | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 90 | |
| permissions: | |
| contents: read | |
| security-events: write | |
| steps: | |
| - name: Fetch Head | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly | |
| - name: Run Slither | |
| uses: crytic/slither-action@v0.3.0 | |
| continue-on-error: true | |
| id: slither | |
| with: | |
| fail-on: none | |
| sarif: results.sarif | |
| target: contracts/src/ | |
| - name: Upload SARIF file | |
| uses: github/codeql-action/upload-sarif@v3 | |
| continue-on-error: true | |
| with: | |
| sarif_file: ${{ steps.slither.outputs.sarif }} | |
| contracts-check: | |
| if: always() | |
| needs: | |
| - contracts-build | |
| - contracts-lint | |
| - contracts-test | |
| - contracts-fork | |
| - contracts-script | |
| - contracts-smt | |
| - contracts-storage | |
| - contracts-noir | |
| - contracts-slither | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 3 | |
| steps: | |
| - name: Check All Green | |
| uses: re-actors/alls-green@release/v1 | |
| with: | |
| allowed-skips: contracts-build,contracts-lint,contracts-test,contracts-fork,contracts-script,contracts-smt,contracts-storage,contracts-noir,contracts-slither | |
| jobs: ${{ toJSON(needs) }} |