name: "CI" env: API_KEY_ALCHEMY: ${{ secrets.API_KEY_ALCHEMY }} FOUNDRY_PROFILE: "ci" on: workflow_dispatch: pull_request: push: branches: - "main" - "develop" jobs: lint: runs-on: "ubuntu-latest" steps: - name: "Check out the repo" uses: "actions/checkout@v3" with: submodules: "recursive" - name: "Install Foundry" uses: "foundry-rs/foundry-toolchain@v1" - name: "Install Pnpm" uses: "pnpm/action-setup@v2" with: version: "8" - name: "Install Node.js" uses: "actions/setup-node@v3" with: cache: "pnpm" node-version: "lts/*" - name: "Install the Node.js dependencies" run: "pnpm install" - name: "Lint the contracts" run: "pnpm lint" - name: "Add lint summary" run: | echo "## Lint result" >> $GITHUB_STEP_SUMMARY echo "✅ Passed" >> $GITHUB_STEP_SUMMARY build: runs-on: "ubuntu-latest" steps: - name: "Check out the repo" uses: "actions/checkout@v3" with: submodules: "recursive" - name: "Install Foundry" uses: "foundry-rs/foundry-toolchain@v1" - name: "Build the contracts and print their size" run: "forge build --sizes" - name: "Add build summary" run: | echo "## Build result" >> $GITHUB_STEP_SUMMARY echo "✅ Passed" >> $GITHUB_STEP_SUMMARY test: needs: ["lint", "build"] runs-on: "ubuntu-latest" steps: - name: "Check out the repo" uses: "actions/checkout@v3" with: submodules: "recursive" - name: "Install Foundry" uses: "foundry-rs/foundry-toolchain@v1" - name: "Show the Foundry config" run: "forge config" - name: "Generate a fuzz seed that changes weekly to avoid burning through RPC allowance" run: > echo "FOUNDRY_FUZZ_SEED=$( echo $(($EPOCHSECONDS - $EPOCHSECONDS % 604800)) )" >> $GITHUB_ENV - name: "Run the tests" run: "forge test" - name: "Add test summary" run: | echo "## Tests result" >> $GITHUB_STEP_SUMMARY echo "✅ Passed" >> $GITHUB_STEP_SUMMARY coverage: needs: ["lint", "build"] runs-on: "ubuntu-latest" steps: - name: "Check out the repo" uses: "actions/checkout@v3" with: submodules: "recursive" - name: "Install Foundry" uses: "foundry-rs/foundry-toolchain@v1" - name: "Generate the coverage report using the unit and the integration tests" run: 'forge coverage --match-path "test/**/*.sol" --report lcov' - name: "Upload coverage report to Codecov" uses: "codecov/codecov-action@v3" with: files: "./lcov.info" - name: "Add coverage summary" run: | echo "## Coverage result" >> $GITHUB_STEP_SUMMARY echo "✅ Uploaded to Codecov" >> $GITHUB_STEP_SUMMARY verify: needs: ["lint", "build"] runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: recursive - name: Install Python uses: actions/setup-python@v2 with: { python-version: 3.9 } - name: Install Java uses: actions/setup-java@v1 with: { java-version: "11", java-package: jre } - name: Install Certora CLI run: pip3 install certora-cli==7.17.2 - name: Install Solidity run: | wget https://github.com/ethereum/solidity/releases/download/v0.8.27/solc-static-linux chmod +x solc-static-linux sudo mv solc-static-linux /usr/local/bin/solc - name: "Install Pnpm" uses: "pnpm/action-setup@v2" with: version: "8" - name: "Install Node.js" uses: "actions/setup-node@v3" with: cache: "pnpm" node-version: "lts/*" - name: "Install the Node.js dependencies" run: "pnpm install" - name: Verify rules run: | pnpm ${{matrix.rule}} env: CERTORAKEY: ${{ secrets.CERTORAKEY }} strategy: fail-fast: false max-parallel: 16 matrix: rule: - verify:stake_vault - verify:stake_manager - verify:stake_manager_process - verify:stake_manager_start_migration - verify:max_mp_rule