-
Notifications
You must be signed in to change notification settings - Fork 0
146 lines (128 loc) · 4.77 KB
/
self-hosted.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
#####
#
# when PR is updated by pushing changes to the branch
# CI skips all jobs for Drafted PRs by default
# CI skips all jobs for PRs labeled with `!ci-skip`
#
# Labels:
# !ci-draft - runs CI for drafted PR
# !ci-codecov - runs Code Coverage job on every PR update
# !ci-audit - runs Cargo Audit job on every PR update
# !ci-integration - runs Integration Tests on every PR updates
# !ci-skip - skips All jobs
#
name: Self-Hosted
on:
push:
# yes, only trying and staging
# merging is just a setting branch head to the succeeded staging commit
# so there is no reason to execute workflow again
branches: [ trying, staging ]
pull_request:
types: [ synchronize, opened, ready_for_review, labeled, unlabeled ]
paths-ignore:
- '**/*.md' # do not run CI on pull_request update if just MD files are changed
concurrency:
# do not run more than once for latest push/update
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
pull-requests: write
statuses: write
checks: write
env:
CARGO_INCREMENTAL: 0
CARGO_TERM_COLOR: always
jobs:
test:
name: Build and test
runs-on: [self-hosted, rust-check]
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
submodules: recursive
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
- run: sudo apt-get update -y
- run: sudo add-apt-repository ppa:ethereum/ethereum
- run: sudo apt-get install -y protobuf-compiler solc
- run: forge fmt --check
- run: forge test -vvv --block-gas-limit=30000000 --optimize --optimizer-runs=200000 --evm-version=shanghai --use=0.8.25 --root analog-gmp
- run: cargo +stable fmt --all -- --check
- run: cargo +stable test --workspace --locked
- run: cargo +stable check --features runtime-benchmarks
- run: cargo +stable check --features try-runtime
- uses: actions-rs/clippy-check@v1
with:
name: Clippy Report
token: ${{secrets.GITHUB_TOKEN}}
toolchain: stable
# `--no-deps` does not check dependencies out of workspace
# `--all-features` doesn't work atm
args: --all-targets --workspace --examples --tests -- --no-deps -D warnings
audit:
name: Cargo Audit
runs-on: self-hosted
if: ${{
github.event_name == 'push' ||
contains(github.event.pull_request.labels.*.name,'!ci-codecov')
}}
env:
BUILD_OPTS: ${{needs.conditions.outputs.build-opts}}
CLIPPY_OPTS: ${{needs.conditions.outputs.clippy-opts}}
TARGET: ${{needs.conditions.outputs.target}}
WASM_BUILD_TOOLCHAIN: ${{needs.conditions.outputs.toolchain}}
RUSTUP_TOOLCHAIN: ${{needs.conditions.outputs.toolchain}}
EXCLUDE_TESTS: ${{needs.conditions.outputs.exclude-tests}}
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- run: cargo install cargo-audit --locked
- name: Audit
run: |
$r = (cargo audit -q --json | ConvertFrom-Json)
$e = $?
$r.vulnerabilities.list | Select-Object -ExpandProperty Advisory
if (!$e) { exit 1 }
shell: pwsh
code-coverage:
name: Report Code Coverage
runs-on: self-hosted
if: ${{
github.event_name == 'push' ||
contains(github.event.pull_request.labels.*.name,'!ci-audit')
}}
env:
BUILD_OPTS: ${{needs.conditions.outputs.build-opts}}
CLIPPY_OPTS: ${{needs.conditions.outputs.clippy-opts}}
TARGET: ${{needs.conditions.outputs.target}}
WASM_BUILD_TOOLCHAIN: ${{needs.conditions.outputs.toolchain}}
RUSTUP_TOOLCHAIN: ${{needs.conditions.outputs.toolchain}}
EXCLUDE_TESTS: ${{needs.conditions.outputs.exclude-tests}}
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- run: sudo apt-get install -y protobuf-compiler
- name: Setup llvm-cov for cargo
uses: taiki-e/install-action@cargo-llvm-cov
- name: Unit Tests
# use --tests to measure coverage with all tests
# use --test '*' to measure coverage with integration-tests
# use --lib to measure coverage with unit-tests
run: |
cargo llvm-cov test --lib --locked --workspace \
--lcov --output-path lcov.info $BUILD_OPTS \
$(for i in $EXCLUDE_TESTS; do echo "--exclude $i"; done )
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: lcov.info
fail_ci_if_error: true