feat: tealer integration (#56)

* feat: tealer integration * chore: apply tweaks Co-authored-by: Neil Campbell <neil.campbell@makerx.com.au> * refactor: addressing pr comments * chore: updating gitignore * chore: updating gitignore * chore: bump min version of algokit cli --------- Co-authored-by: Neil Campbell <neil.campbell@makerx.com.au>
algorandfoundation · Jan 24, 2024 · f75a831 · f75a831
1 parent 9c58809
commit f75a831
Show file tree

Hide file tree

Showing 80 changed files with 454 additions and 18 deletions.
diff --git a/template_content/.algokit.toml.jinja b/template_content/.algokit.toml.jinja
@@ -1,5 +1,5 @@
 [algokit]
-min_version = "v1.8.0"
+min_version = "v1.10.0"
 
 [deploy]
 {%- if deployment_language == 'python' %}

diff --git a/template_content/.gitignore.jinja b/template_content/.gitignore.jinja
@@ -176,3 +176,5 @@ node_modules
 
 # AlgoKit
 debug_traces/
+
+.algokit/static-analysis/tealer/
diff --git a/template_content/README.md.jinja b/template_content/README.md.jinja
@@ -165,3 +165,8 @@ This project makes use of Python to build Algorand smart contracts. The followin
 {% if ide_vscode %}
 It has also been configured to have a productive dev experience out of the box in [VS Code](https://code.visualstudio.com/), see the [.vscode](./.vscode) folder.
 {%- endif %}
+- [AlgoKit Tealer Integration](https://github.com/algorandfoundation/algokit-cli/blob/main/docs/features/tasks/analyze.md): AlgoKit Tealer Integration is a feature in the CLI that allows you to run [Tealer](https://github.com/crytic/tealer) static analyzer on your TEAL
+source code. The invocation of this command is included in:
+- The github actions workflow file.
+- A VSCode task ('Shift+CMD|CTRL+P' and search for 'Tasks: Run Task' and select 'Analyze TEAL contracts with AlgoKit Tealer integration').
+- A `pre-commit` hook (if you have enabled `pre-commit` in your project). 
diff --git a/template_content/{% if ide_vscode %}.vscode{% endif %}/tasks.json b/template_content/{% if ide_vscode %}.vscode{% endif %}/tasks.json
@@ -59,6 +59,21 @@
         "cwd": "${workspaceFolder}"
       },
       "problemMatcher": []
+    },
+    {
+      "label": "Analyze TEAL contracts with AlgoKit Tealer integration",
+      "command": "algokit",
+      "args": [
+        "task",
+        "analyze",
+        "${workspaceFolder}/.algokit",
+        "--recursive",
+        "--force"
+      ],
+      "options": {
+        "cwd": "${workspaceFolder}"
+      },
+      "problemMatcher": []
     }
   ]
 }
diff --git a/template_content/{% if use_github_actions %}.github{% endif %}/workflows/checks.yaml.jinja b/template_content/{% if use_github_actions %}.github{% endif %}/workflows/checks.yaml.jinja
@@ -89,6 +89,9 @@ jobs:
         run: npm run test
 {%- endif %}
 
+      - name: Scan TEAL files for issues
+        run: algokit task analyze .algokit --recursive --force # add --diff flag if you want output stability checks instead
+
       - name: Check output stability of the smart contracts
         shell: bash
         run: |

diff --git a/template_content/{% if use_pre_commit %}.pre-commit-config.yaml{% endif %}.jinja b/template_content/{% if use_pre_commit %}.pre-commit-config.yaml{% endif %}.jinja
@@ -36,3 +36,13 @@ repos:
         minimum_pre_commit_version: '2.9.2'
         files: '^(src|tests)/'
       {% endif %}
+      - id: tealer
+        name: tealer
+        description: "Run AlgoKit `Tealer` for TEAL static analysis"
+        entry: algokit
+        language: system
+        args: [task, analyze, ".algokit", "--recursive", "--force"]
+        require_serial: false
+        additional_dependencies: []
+        minimum_pre_commit_version: "0"
+        files: '^.*\.teal$'
diff --git a/tests_generated/test_default_parameters/.algokit.toml b/tests_generated/test_default_parameters/.algokit.toml
@@ -1,5 +1,5 @@
 [algokit]
-min_version = "v1.8.0"
+min_version = "v1.10.0"
 
 [deploy]
 command = "poetry run python -m smart_contracts deploy"

diff --git a/tests_generated/test_default_parameters/.gitignore b/tests_generated/test_default_parameters/.gitignore
@@ -176,3 +176,5 @@ node_modules
 
 # AlgoKit
 debug_traces/
+
+.algokit/static-analysis/tealer/
diff --git a/tests_generated/test_default_parameters/.vscode/tasks.json b/tests_generated/test_default_parameters/.vscode/tasks.json
@@ -59,6 +59,21 @@
         "cwd": "${workspaceFolder}"
       },
       "problemMatcher": []
+    },
+    {
+      "label": "Analyze TEAL contracts with AlgoKit Tealer integration",
+      "command": "algokit",
+      "args": [
+        "task",
+        "analyze",
+        "${workspaceFolder}/.algokit",
+        "--recursive",
+        "--force"
+      ],
+      "options": {
+        "cwd": "${workspaceFolder}"
+      },
+      "problemMatcher": []
     }
   ]
 }
diff --git a/tests_generated/test_default_parameters/README.md b/tests_generated/test_default_parameters/README.md
@@ -58,3 +58,8 @@ This project makes use of Python to build Algorand smart contracts. The followin
 - [pip-audit](https://pypi.org/project/pip-audit/): Tool for scanning Python environments for packages with known vulnerabilities.
 
 It has also been configured to have a productive dev experience out of the box in [VS Code](https://code.visualstudio.com/), see the [.vscode](./.vscode) folder.
+- [AlgoKit Tealer Integration](https://github.com/algorandfoundation/algokit-cli/blob/main/docs/features/tasks/analyze.md): AlgoKit Tealer Integration is a feature in the CLI that allows you to run [Tealer](https://github.com/crytic/tealer) static analyzer on your TEAL
+source code. The invocation of this command is included in:
+- The github actions workflow file.
+- A VSCode task ('Shift+CMD|CTRL+P' and search for 'Tasks: Run Task' and select 'Analyze TEAL contracts with AlgoKit Tealer integration').
+- A `pre-commit` hook (if you have enabled `pre-commit` in your project). 
diff --git a/tests_generated/test_deployment_language-python/.algokit.toml b/tests_generated/test_deployment_language-python/.algokit.toml
@@ -1,5 +1,5 @@
 [algokit]
-min_version = "v1.8.0"
+min_version = "v1.10.0"
 
 [deploy]
 command = "poetry run python -m smart_contracts deploy"

diff --git a/tests_generated/test_deployment_language-python/.gitignore b/tests_generated/test_deployment_language-python/.gitignore
@@ -176,3 +176,5 @@ node_modules
 
 # AlgoKit
 debug_traces/
+
+.algokit/static-analysis/tealer/
diff --git a/tests_generated/test_deployment_language-python/.vscode/tasks.json b/tests_generated/test_deployment_language-python/.vscode/tasks.json
@@ -59,6 +59,21 @@
         "cwd": "${workspaceFolder}"
       },
       "problemMatcher": []
+    },
+    {
+      "label": "Analyze TEAL contracts with AlgoKit Tealer integration",
+      "command": "algokit",
+      "args": [
+        "task",
+        "analyze",
+        "${workspaceFolder}/.algokit",
+        "--recursive",
+        "--force"
+      ],
+      "options": {
+        "cwd": "${workspaceFolder}"
+      },
+      "problemMatcher": []
     }
   ]
 }
diff --git a/tests_generated/test_deployment_language-python/README.md b/tests_generated/test_deployment_language-python/README.md
@@ -58,3 +58,8 @@ This project makes use of Python to build Algorand smart contracts. The followin
 - [pip-audit](https://pypi.org/project/pip-audit/): Tool for scanning Python environments for packages with known vulnerabilities.
 
 It has also been configured to have a productive dev experience out of the box in [VS Code](https://code.visualstudio.com/), see the [.vscode](./.vscode) folder.
+- [AlgoKit Tealer Integration](https://github.com/algorandfoundation/algokit-cli/blob/main/docs/features/tasks/analyze.md): AlgoKit Tealer Integration is a feature in the CLI that allows you to run [Tealer](https://github.com/crytic/tealer) static analyzer on your TEAL
+source code. The invocation of this command is included in:
+- The github actions workflow file.
+- A VSCode task ('Shift+CMD|CTRL+P' and search for 'Tasks: Run Task' and select 'Analyze TEAL contracts with AlgoKit Tealer integration').
+- A `pre-commit` hook (if you have enabled `pre-commit` in your project). 
diff --git a/tests_generated/test_deployment_language-typescript/.algokit.toml b/tests_generated/test_deployment_language-typescript/.algokit.toml
@@ -1,5 +1,5 @@
 [algokit]
-min_version = "v1.8.0"
+min_version = "v1.10.0"
 
 [deploy]
 command = "npm run deploy:ci"

diff --git a/tests_generated/test_deployment_language-typescript/.gitignore b/tests_generated/test_deployment_language-typescript/.gitignore
@@ -176,3 +176,5 @@ node_modules
 
 # AlgoKit
 debug_traces/
+
+.algokit/static-analysis/tealer/
diff --git a/tests_generated/test_deployment_language-typescript/.vscode/tasks.json b/tests_generated/test_deployment_language-typescript/.vscode/tasks.json
@@ -59,6 +59,21 @@
         "cwd": "${workspaceFolder}"
       },
       "problemMatcher": []
+    },
+    {
+      "label": "Analyze TEAL contracts with AlgoKit Tealer integration",
+      "command": "algokit",
+      "args": [
+        "task",
+        "analyze",
+        "${workspaceFolder}/.algokit",
+        "--recursive",
+        "--force"
+      ],
+      "options": {
+        "cwd": "${workspaceFolder}"
+      },
+      "problemMatcher": []
     }
   ]
 }
diff --git a/tests_generated/test_deployment_language-typescript/README.md b/tests_generated/test_deployment_language-typescript/README.md
@@ -62,3 +62,8 @@ This project makes use of Python to build Algorand smart contracts. The followin
 - [Jest](https://jestjs.io/): Automated testing.
 
 It has also been configured to have a productive dev experience out of the box in [VS Code](https://code.visualstudio.com/), see the [.vscode](./.vscode) folder.
+- [AlgoKit Tealer Integration](https://github.com/algorandfoundation/algokit-cli/blob/main/docs/features/tasks/analyze.md): AlgoKit Tealer Integration is a feature in the CLI that allows you to run [Tealer](https://github.com/crytic/tealer) static analyzer on your TEAL
+source code. The invocation of this command is included in:
+- The github actions workflow file.
+- A VSCode task ('Shift+CMD|CTRL+P' and search for 'Tasks: Run Task' and select 'Analyze TEAL contracts with AlgoKit Tealer integration').
+- A `pre-commit` hook (if you have enabled `pre-commit` in your project). 
diff --git a/tests_generated/test_ide_jetbrains-False/.algokit.toml b/tests_generated/test_ide_jetbrains-False/.algokit.toml
@@ -1,5 +1,5 @@
 [algokit]
-min_version = "v1.8.0"
+min_version = "v1.10.0"
 
 [deploy]
 command = "poetry run python -m smart_contracts deploy"

diff --git a/tests_generated/test_ide_jetbrains-False/.gitignore b/tests_generated/test_ide_jetbrains-False/.gitignore
@@ -176,3 +176,5 @@ node_modules
 
 # AlgoKit
 debug_traces/
+
+.algokit/static-analysis/tealer/
diff --git a/tests_generated/test_ide_jetbrains-False/.vscode/tasks.json b/tests_generated/test_ide_jetbrains-False/.vscode/tasks.json
@@ -59,6 +59,21 @@
         "cwd": "${workspaceFolder}"
       },
       "problemMatcher": []
+    },
+    {
+      "label": "Analyze TEAL contracts with AlgoKit Tealer integration",
+      "command": "algokit",
+      "args": [
+        "task",
+        "analyze",
+        "${workspaceFolder}/.algokit",
+        "--recursive",
+        "--force"
+      ],
+      "options": {
+        "cwd": "${workspaceFolder}"
+      },
+      "problemMatcher": []
     }
   ]
 }
diff --git a/tests_generated/test_ide_jetbrains-False/README.md b/tests_generated/test_ide_jetbrains-False/README.md
@@ -58,3 +58,8 @@ This project makes use of Python to build Algorand smart contracts. The followin
 - [pip-audit](https://pypi.org/project/pip-audit/): Tool for scanning Python environments for packages with known vulnerabilities.
 
 It has also been configured to have a productive dev experience out of the box in [VS Code](https://code.visualstudio.com/), see the [.vscode](./.vscode) folder.
+- [AlgoKit Tealer Integration](https://github.com/algorandfoundation/algokit-cli/blob/main/docs/features/tasks/analyze.md): AlgoKit Tealer Integration is a feature in the CLI that allows you to run [Tealer](https://github.com/crytic/tealer) static analyzer on your TEAL
+source code. The invocation of this command is included in:
+- The github actions workflow file.
+- A VSCode task ('Shift+CMD|CTRL+P' and search for 'Tasks: Run Task' and select 'Analyze TEAL contracts with AlgoKit Tealer integration').
+- A `pre-commit` hook (if you have enabled `pre-commit` in your project). 
diff --git a/tests_generated/test_ide_jetbrains-True/.algokit.toml b/tests_generated/test_ide_jetbrains-True/.algokit.toml
@@ -1,5 +1,5 @@
 [algokit]
-min_version = "v1.8.0"
+min_version = "v1.10.0"
 
 [deploy]
 command = "poetry run python -m smart_contracts deploy"

diff --git a/tests_generated/test_ide_jetbrains-True/.gitignore b/tests_generated/test_ide_jetbrains-True/.gitignore
@@ -176,3 +176,5 @@ node_modules
 
 # AlgoKit
 debug_traces/
+
+.algokit/static-analysis/tealer/
diff --git a/tests_generated/test_ide_jetbrains-True/.vscode/tasks.json b/tests_generated/test_ide_jetbrains-True/.vscode/tasks.json
@@ -59,6 +59,21 @@
         "cwd": "${workspaceFolder}"
       },
       "problemMatcher": []
+    },
+    {
+      "label": "Analyze TEAL contracts with AlgoKit Tealer integration",
+      "command": "algokit",
+      "args": [
+        "task",
+        "analyze",
+        "${workspaceFolder}/.algokit",
+        "--recursive",
+        "--force"
+      ],
+      "options": {
+        "cwd": "${workspaceFolder}"
+      },
+      "problemMatcher": []
     }
   ]
 }
diff --git a/tests_generated/test_ide_jetbrains-True/README.md b/tests_generated/test_ide_jetbrains-True/README.md
@@ -58,3 +58,8 @@ This project makes use of Python to build Algorand smart contracts. The followin
 - [pip-audit](https://pypi.org/project/pip-audit/): Tool for scanning Python environments for packages with known vulnerabilities.
 
 It has also been configured to have a productive dev experience out of the box in [VS Code](https://code.visualstudio.com/), see the [.vscode](./.vscode) folder.
+- [AlgoKit Tealer Integration](https://github.com/algorandfoundation/algokit-cli/blob/main/docs/features/tasks/analyze.md): AlgoKit Tealer Integration is a feature in the CLI that allows you to run [Tealer](https://github.com/crytic/tealer) static analyzer on your TEAL
+source code. The invocation of this command is included in:
+- The github actions workflow file.
+- A VSCode task ('Shift+CMD|CTRL+P' and search for 'Tasks: Run Task' and select 'Analyze TEAL contracts with AlgoKit Tealer integration').
+- A `pre-commit` hook (if you have enabled `pre-commit` in your project). 
diff --git a/tests_generated/test_ide_vscode-False/.algokit.toml b/tests_generated/test_ide_vscode-False/.algokit.toml
@@ -1,5 +1,5 @@
 [algokit]
-min_version = "v1.8.0"
+min_version = "v1.10.0"
 
 [deploy]
 command = "poetry run python -m smart_contracts deploy"

diff --git a/tests_generated/test_ide_vscode-False/.gitignore b/tests_generated/test_ide_vscode-False/.gitignore
@@ -176,3 +176,5 @@ node_modules
 
 # AlgoKit
 debug_traces/
+
+.algokit/static-analysis/tealer/
diff --git a/tests_generated/test_ide_vscode-False/README.md b/tests_generated/test_ide_vscode-False/README.md
@@ -57,3 +57,8 @@ This project makes use of Python to build Algorand smart contracts. The followin
 - [pytest](https://docs.pytest.org/): Automated testing.
 - [pip-audit](https://pypi.org/project/pip-audit/): Tool for scanning Python environments for packages with known vulnerabilities.
 
+- [AlgoKit Tealer Integration](https://github.com/algorandfoundation/algokit-cli/blob/main/docs/features/tasks/analyze.md): AlgoKit Tealer Integration is a feature in the CLI that allows you to run [Tealer](https://github.com/crytic/tealer) static analyzer on your TEAL
+source code. The invocation of this command is included in:
+- The github actions workflow file.
+- A VSCode task ('Shift+CMD|CTRL+P' and search for 'Tasks: Run Task' and select 'Analyze TEAL contracts with AlgoKit Tealer integration').
+- A `pre-commit` hook (if you have enabled `pre-commit` in your project). 
diff --git a/tests_generated/test_ide_vscode-True/.algokit.toml b/tests_generated/test_ide_vscode-True/.algokit.toml
@@ -1,5 +1,5 @@
 [algokit]
-min_version = "v1.8.0"
+min_version = "v1.10.0"
 
 [deploy]
 command = "poetry run python -m smart_contracts deploy"

diff --git a/tests_generated/test_ide_vscode-True/.gitignore b/tests_generated/test_ide_vscode-True/.gitignore
@@ -176,3 +176,5 @@ node_modules
 
 # AlgoKit
 debug_traces/
+
+.algokit/static-analysis/tealer/
diff --git a/tests_generated/test_ide_vscode-True/.vscode/tasks.json b/tests_generated/test_ide_vscode-True/.vscode/tasks.json
@@ -59,6 +59,21 @@
         "cwd": "${workspaceFolder}"
       },
       "problemMatcher": []
+    },
+    {
+      "label": "Analyze TEAL contracts with AlgoKit Tealer integration",
+      "command": "algokit",
+      "args": [
+        "task",
+        "analyze",
+        "${workspaceFolder}/.algokit",
+        "--recursive",
+        "--force"
+      ],
+      "options": {
+        "cwd": "${workspaceFolder}"
+      },
+      "problemMatcher": []
     }
   ]
 }
diff --git a/tests_generated/test_ide_vscode-True/README.md b/tests_generated/test_ide_vscode-True/README.md
@@ -58,3 +58,8 @@ This project makes use of Python to build Algorand smart contracts. The followin
 - [pip-audit](https://pypi.org/project/pip-audit/): Tool for scanning Python environments for packages with known vulnerabilities.
 
 It has also been configured to have a productive dev experience out of the box in [VS Code](https://code.visualstudio.com/), see the [.vscode](./.vscode) folder.
+- [AlgoKit Tealer Integration](https://github.com/algorandfoundation/algokit-cli/blob/main/docs/features/tasks/analyze.md): AlgoKit Tealer Integration is a feature in the CLI that allows you to run [Tealer](https://github.com/crytic/tealer) static analyzer on your TEAL
+source code. The invocation of this command is included in:
+- The github actions workflow file.
+- A VSCode task ('Shift+CMD|CTRL+P' and search for 'Tasks: Run Task' and select 'Analyze TEAL contracts with AlgoKit Tealer integration').
+- A `pre-commit` hook (if you have enabled `pre-commit` in your project). 
diff --git a/tests_generated/test_preset_name-production/.algokit.toml b/tests_generated/test_preset_name-production/.algokit.toml
@@ -1,5 +1,5 @@
 [algokit]
-min_version = "v1.8.0"
+min_version = "v1.10.0"
 
 [deploy]
 command = "poetry run python -m smart_contracts deploy"

diff --git a/tests_generated/test_preset_name-production/.github/workflows/checks.yaml b/tests_generated/test_preset_name-production/.github/workflows/checks.yaml
@@ -67,6 +67,9 @@ jobs:
           set -o pipefail
           poetry run pytest --junitxml=pytest-junit.xml
 
+      - name: Scan TEAL files for issues
+        run: algokit task analyze .algokit --recursive --force # add --diff flag if you want output stability checks instead
+
       - name: Check output stability of the smart contracts
         shell: bash
         run: |

diff --git a/tests_generated/test_preset_name-production/.gitignore b/tests_generated/test_preset_name-production/.gitignore
@@ -176,3 +176,5 @@ node_modules
 
 # AlgoKit
 debug_traces/
+
+.algokit/static-analysis/tealer/
diff --git a/tests_generated/test_preset_name-production/.pre-commit-config.yaml b/tests_generated/test_preset_name-production/.pre-commit-config.yaml
@@ -36,3 +36,13 @@ repos:
         minimum_pre_commit_version: '2.9.2'
         files: '^(src|tests)/'
 
+      - id: tealer
+        name: tealer
+        description: "Run AlgoKit `Tealer` for TEAL static analysis"
+        entry: algokit
+        language: system
+        args: [task, analyze, ".algokit", "--recursive", "--force"]
+        require_serial: false
+        additional_dependencies: []
+        minimum_pre_commit_version: "0"
+        files: '^.*\.teal$'