Skip to content

ci: make required checks passed if skipped #255

ci: make required checks passed if skipped

ci: make required checks passed if skipped #255

Workflow file for this run

name: main
on:
push:
branches: [main]
paths: ["**/*.js", "**/*.json", "**/*.md", "**/*.sol", "**/*.ts", "**/*.yaml", "**/*.yml"]
pull_request:
paths: ["**/*.js", "**/*.json", "**/*.md", "**/*.sol", "**/*.ts", "**/*.yaml", "**/*.yml"]
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
deps:
runs-on: ubuntu-latest
outputs:
cache-key: ${{ steps.cache-env.outputs.cache-key }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- name: Output cache key
id: cache-env
run: echo "cache-key=${{ runner.os }}-node_modules-${{ hashFiles('**/yarn.lock') }}" >> $GITHUB_OUTPUT
- uses: actions/cache@v4
id: cache
with:
path: node_modules
key: ${{ steps.cache-env.outputs.cache-key }}
restore-keys: ${{ runner.os }}-node_modules-
- if: steps.cache.outputs.cache-hit != 'true'
run: yarn
changed-files:
runs-on: ubuntu-latest
outputs:
sol_any_changed: ${{ steps.changed-files.outputs.any_changed }}
sol_modified_files: ${{ steps.changed-files.outputs.modified_files }}
steps:
- uses: actions/checkout@v4
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v44
with:
files: packages/**/*.sol
compile:
if: needs.changed-files.outputs.sol_any_changed == 'true'
needs: [changed-files, deps]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- uses: actions/cache/restore@v4
with:
path: node_modules
key: ${{ needs.deps.outputs.cache-key }}
- run: yarn compile
- name: Upload compilation results
uses: actions/upload-artifact@v4
with:
name: all-artifacts
path: packages/**/artifacts/**
style:
needs: deps
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- uses: actions/cache/restore@v4
with:
path: node_modules
key: ${{ needs.deps.outputs.cache-key }}
- run: yarn format
_tests:
if: needs.changed-files.outputs.sol_any_changed == 'true'
needs: [compile]
runs-on: ubuntu-latest
strategy:
matrix:
dir: ${{ fromJson(needs.set-matrix.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- uses: actions/cache/restore@v4
with:
path: node_modules
key: ${{ needs.deps.outputs.cache-key }}
- uses: actions/download-artifact@v4
with:
name: all-artifacts
path: packages/
- if: contains(needs.changed-files.outputs.sol_modified_files, matrix.dir)
name: Test
run: |
workspace=$(jq -r '.name' packages/${{ matrix.dir }}/package.json)
yarn workspace "$workspace" run test:coverage
- if: contains(needs.changed-files.outputs.sol_modified_files, matrix.dir) && github.event_name == 'push' && github.ref == 'refs/heads/main'
name: Coveralls
uses: coverallsapp/github-action@v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
parallel: true
flag-name: run ${{ join(matrix.*, '-') }}
tests:
needs: _tests
# workaround for https://github.com/orgs/community/discussions/13690
# https://stackoverflow.com/a/77066140/9771158
if: ${{ !(failure() || cancelled()) }}
runs-on: ubuntu-latest
steps:
- name: Tests OK (passed or skipped)
run: true
set-matrix:
if: needs.changed-files.outputs.sol_any_changed == 'true'
needs: changed-files
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- name: Set matrix
id: set-matrix
run: |
matrix=$(ls -1 packages | jq -Rsc 'split("\n") | map(select(length > 0))')
echo "matrix=$matrix" >> $GITHUB_OUTPUT
_slither:
if: needs.changed-files.outputs.sol_any_changed == 'true'
needs: [changed-files, set-matrix, deps]
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
strategy:
matrix:
dir: ${{ fromJson(needs.set-matrix.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
# FIXME this does not work as a way to restore compilation results for slither job but it does for the compile job ??
#- uses: actions/download-artifact@v4
# with:
# name: all-artifacts
# path: packages/
- uses: actions/setup-node@v4
with:
node-version: 20
- uses: actions/cache/restore@v4
with:
path: node_modules
key: ${{ needs.deps.outputs.cache-key }}
- if: contains(needs.changed-files.outputs.sol_modified_files, matrix.dir)
name: Compile contracts
run: |
workspace=$(jq -r '.name' packages/${{ matrix.dir }}/package.json)
yarn workspace "$workspace" run compile
- if: contains(needs.changed-files.outputs.sol_modified_files, matrix.dir)
name: Run slither
uses: crytic/[email protected]
id: slither
with:
ignore-compile: true
node-version: 20
fail-on: none
sarif: results.sarif
slither-args: --filter-paths "test" --exclude-dependencies --markdown-root ${{ github.server_url }}/${{ github.repository }}/blob/${{ github.sha }}/
target: packages/${{ matrix.dir }}
- if: contains(needs.changed-files.outputs.sol_modified_files, matrix.dir)
name: Upload SARIF files
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.slither.outputs.sarif }}
- name: Create/update checklist as PR comment
uses: actions/github-script@v7
if: github.even_name == 'pull_request'
env:
REPORT: ${{ steps.slither.stdout }}
with:
script: |
const script = require('.github/scripts/slither-comment')
const header = '# Slither report'
const body = process.env.REPORT
await script({ github, context, header, body })
slither:
needs: _slither
if: ${{ !(failure() || cancelled()) }}
runs-on: ubuntu-latest
steps:
- name: Slither analysis OK (passed or skipped)
run: true