AngleProtocol
diff --git a/‎.github/workflows/ci-deep.yml‎
Lines changed: 156 additions & 0 deletions b/‎.github/workflows/ci-deep.yml‎
Lines changed: 156 additions & 0 deletions
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 132 additions & 61 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 132 additions & 61 deletions
@@ -0,0 +1,156 @@
+name: CI
+
+on:
+  schedule:
+    - cron: "0 3 * * 0" # at 3:00am UTC every Sunday
+  workflow_dispatch:
+    inputs:
+      fuzzRuns:
+        default: "100000"
+        description: "Unit: number of fuzz runs."
+        required: false
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          cache: "yarn"
+
+      - name: Install dependencies
+        run: yarn install
+
+      - name: Run solhint
+        run: yarn lint:check
+
+      - name: "Add lint summary"
+        run: |
+          echo "## Lint result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
+
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          submodules: "recursive"
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          cache: "yarn"
+
+      - name: Install dependencies
+        run: yarn install --frozen-lockfile
+
+      - name: Compile hardhat
+        run: yarn hardhat:compile
+
+      - name: Install Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+        with:
+          version: nightly
+
+      - name: Compile foundry
+        run: yarn foundry:compile --sizes
+
+      - name: "Cache the build so that it can be re-used by the other jobs"
+        uses: "actions/cache/save@v3"
+        with:
+          key: "build-${{ github.sha }}"
+          path: |
+            cache-forge
+            out
+            cache-hh
+            artifacts
+            typechain
+            node_modules
+
+      - name: "Add build summary"
+        run: |
+          echo "## Build result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
+
+  hardhat-tests:
+    needs: ["build", "lint"]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          cache: "yarn"
+
+      - name: "Restore the cached build"
+        uses: "actions/cache/restore@v3"
+        with:
+          fail-on-cache-miss: true
+          key: "build-${{ github.sha }}"
+          path: |
+            cache-forge
+            out
+            cache-hh
+            artifacts
+            typechain
+            node_modules
+
+      - run: export NODE_OPTIONS=--max_old_space_size=11264
+
+      - name: Run unit tests
+        run: yarn hardhat:test
+        env:
+          ENABLE_GAS_REPORT: true
+          CI: true
+          ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }}
+          ETH_NODE_URI_FORK: ${{ secrets.ETH_NODE_URI_FORK }}
+          ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }}
+
+      - name: "Add test summary"
+        run: |
+          echo "## Hardhat Unit tests result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
+
+  foundry-tests:
+    needs: ["build", "lint"]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          submodules: "recursive"
+
+      - name: Install Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+        with:
+          version: nightly
+
+      - name: "Restore the cached build"
+        uses: "actions/cache/restore@v3"
+        with:
+          fail-on-cache-miss: true
+          key: "build-${{ github.sha }}"
+          path: |
+            cache-forge
+            out
+            cache-hh
+            artifacts
+            typechain
+            node_modules
+
+      - name: Run Foundry tests
+        run: yarn foundry:test
+        env:
+          ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }}
+          ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }}
+          ETH_NODE_URI_GOERLI: ${{ secrets.ETH_NODE_URI_GOERLI }}
+          ETH_NODE_URI_FANTOM: ${{ secrets.ETH_NODE_URI_FANTOM }}
+          FOUNDRY_FUZZ_RUNS: ${{ github.event.inputs.fuzzRuns }}
+
+      - name: "Add test summary"
+        run: |
+          echo "## Foundry Unit tests result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
@@ -1,74 +1,100 @@
 name: CI
 
 on:
-  push:
-    branches:
-      - main
   workflow_dispatch:
-    inputs:
-      workflow_to_run:
-        type: choice
-        description: Which workflow to run?
-        required: true
-        options:
-          - all
-          - hardhat-tests
-          - foundry-tests
   pull_request:
-    types:
-      - ready_for_review
-      - review_requested
-  pull_request_review:
-    types: [submitted]
-
-defaults:
-  run:
-    shell: bash
+  push:
+    branches:
+      - "main"
 
 jobs:
-  run-linters:
-    if: github.ref == 'refs/heads/main' || github.event.review.state == 'approved' || github.event.action == 'ready_for_review' || github.event.action == 'review_requested'
+  lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
-        with:
-          node-version: 14
-      - uses: actions/cache@v2
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
         with:
-          path: node_modules
-          key: yarn-${{ hashFiles('yarn.lock') }}
-          restore-keys: yarn-
+          node-version: 18
+          cache: "yarn"
+
       - name: Install dependencies
-        run: |
-          npm config set //registry.npmjs.org/
-          yarn install --frozen-lockfile
+        run: yarn install
+
       - name: Run solhint
-        run: yarn lint:sol
-      - name: Run eslint
-        run: yarn lint:js:fix
+        run: yarn lint:check
 
-  hardhat-tests:
-    if: github.ref == 'refs/heads/main' || github.event.inputs.workflow_to_run == 'all' || github.event.inputs.workflow_to_run == 'hardhat-tests' || github.event.review.state == 'approved' || github.event.action == 'ready_for_review' || github.event.action == 'review_requested'
+      - name: "Add lint summary"
+        run: |
+          echo "## Lint result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
+  build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@v3
         with:
-          node-version: 14
-      - uses: actions/cache@v2
+          submodules: "recursive"
+
+      - uses: actions/setup-node@v3
         with:
-          path: node_modules
-          key: yarn-${{ hashFiles('yarn.lock') }}
-          restore-keys: yarn-
+          node-version: 18
+          cache: "yarn"
+
       - name: Install dependencies
-        run: |
-          npm config set //registry.npmjs.org/
-          yarn install --frozen-lockfile
-      # This is required separately from yarn test because it generates the typechain definitions
-      - name: Compile
+        run: yarn install --frozen-lockfile
+
+      - name: Compile hardhat
         run: yarn hardhat:compile
+
+      - name: Install Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+        with:
+          version: nightly
+
+      - name: Compile foundry
+        run: yarn foundry:compile --sizes
+
+      - name: "Cache the build so that it can be re-used by the other jobs"
+        uses: "actions/cache/save@v3"
+        with:
+          key: "build-${{ github.sha }}"
+          path: |
+            cache-forge
+            out
+            cache-hh
+            artifacts
+            typechain
+            node_modules
+      - name: "Add build summary"
+        run: |
+          echo "## Build result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
+
+  hardhat-tests:
+    needs: ["build", "lint"]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          cache: "yarn"
+
+      - name: "Restore the cached build"
+        uses: "actions/cache/restore@v3"
+        with:
+          fail-on-cache-miss: true
+          key: "build-${{ github.sha }}"
+          path: |
+            cache-forge
+            out
+            cache-hh
+            artifacts
+            typechain
+            node_modules
       - run: export NODE_OPTIONS=--max_old_space_size=11264
+
       - name: Run unit tests
         run: yarn hardhat:test
         env:
@@ -78,30 +104,75 @@ jobs:
           ETH_NODE_URI_FORK: ${{ secrets.ETH_NODE_URI_FORK }}
           ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }}
 
+      - name: "Add test summary"
+        run: |
+          echo "## Hardhat Unit tests result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
+
   foundry-tests:
-    if: github.ref == 'refs/heads/main' || github.event.inputs.workflow_to_run == 'all' || github.event.inputs.workflow_to_run == 'foundry-tests' || github.event.review.state == 'approved' || github.event.action == 'ready_for_review' || github.event.action == 'review_requested'
+    needs: ["build", "lint"]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-
-      - uses: actions/setup-node@v2
         with:
-          node-version: 14
-      - uses: actions/cache@v2
-        with:
-          path: node_modules
-          key: yarn-${{ hashFiles('yarn.lock') }}
-          restore-keys: yarn-
-      - run: yarn install --frozen-lockfile
+          submodules: "recursive"
 
       - name: Install Foundry
         uses: foundry-rs/foundry-toolchain@v1
         with:
           version: nightly
+
+      - name: "Restore the cached build"
+        uses: "actions/cache/restore@v3"
+        with:
+          fail-on-cache-miss: true
+          key: "build-${{ github.sha }}"
+          path: |
+            cache-forge
+            out
+            cache-hh
+            artifacts
+            typechain
+            node_modules
       - name: Run Foundry tests
         run: yarn foundry:test
         env:
           ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }}
           ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }}
           ETH_NODE_URI_GOERLI: ${{ secrets.ETH_NODE_URI_GOERLI }}
           ETH_NODE_URI_FANTOM: ${{ secrets.ETH_NODE_URI_FANTOM }}
+          FOUNDRY_FUZZ_RUNS: "5000"
+
+      - name: "Add test summary"
+        run: |
+          echo "## Foundry Unit tests result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Passed" >> $GITHUB_STEP_SUMMARY
+
+  slither-analyze:
+    needs: ["build", "lint"]
+    permissions:
+      actions: "read"
+      contents: "read"
+      security-events: "write"
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: "Check out the repo"
+        uses: "actions/checkout@v3"
+
+      - name: "Run Slither analysis"
+        uses: "crytic/slither-action@v0.3.0"
+        id: "slither"
+        with:
+          fail-on: "none"
+          sarif: "results.sarif"
+          node-version: 18
+
+      - name: "Upload SARIF file to GitHub code scanning"
+        uses: "github/codeql-action/upload-sarif@v2"
+        with:
+          sarif_file: ${{ steps.slither.outputs.sarif }}
+
+      - name: "Add Slither summary"
+        run: |
+          echo "## Slither result" >> $GITHUB_STEP_SUMMARY
+          echo "✅ Uploaded to GitHub code scanning" >> $GITHUB_STEP_SUMMARY