diff --git a/.github/workflows/circular.yml b/.github/workflows/circular.yml index b42ed63d83..ad9ca1ae15 100644 --- a/.github/workflows/circular.yml +++ b/.github/workflows/circular.yml @@ -8,6 +8,9 @@ on: pull_request: types: [ready_for_review, synchronize, opened] +permissions: + contents: read + jobs: source: runs-on: ubuntu-latest diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index 85948ed4ff..48c399c244 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -11,6 +11,9 @@ on: - main - develop +permissions: + contents: read + env: FOUNDRY_PROFILE: ci CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/deps.yml b/.github/workflows/deps.yml index 611cf6c22b..b12c41411c 100644 --- a/.github/workflows/deps.yml +++ b/.github/workflows/deps.yml @@ -1,3 +1,18 @@ +name: Dependencies +on: + pull_request: + types: + - ready_for_review + - synchronize + - opened + push: + branches: + - main + - develop + +permissions: + contents: read + jobs: source: runs-on: ubuntu-latest @@ -36,14 +51,3 @@ jobs: strategy: matrix: node-version: [22.x] -name: Dependencies -on: - pull_request: - types: - - ready_for_review - - synchronize - - opened - push: - branches: - - main - - develop diff --git a/.github/workflows/functional.yml b/.github/workflows/functional.yml deleted file mode 100644 index 8224c8c2f2..0000000000 --- a/.github/workflows/functional.yml +++ /dev/null @@ -1,68 +0,0 @@ -name: CI - -on: - push: - branches: - - "main" - - "develop" - pull_request: - types: [ready_for_review, synchronize, opened] - -jobs: - functional: - concurrency: - cancel-in-progress: true - group: ${{ github.head_ref }}-functional-${{matrix.name}} - runs-on: ubuntu-latest - - strategy: - matrix: - node-version: [22.x] - name: ["transaction-pool-api"] - - services: - postgres: - image: postgres:16 - env: - POSTGRES_DB: test_db - POSTGRES_USER: test_db - POSTGRES_PASSWORD: password - ports: - - 127.0.0.1:5432:5432 - options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 - - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - - name: Setup pnpm - uses: pnpm/action-setup@v4 - with: - run_install: false - version: latest - - name: Get pnpm store directory - id: pnpm-cache - run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT - shell: bash - - name: Cache pnpm modules - uses: actions/cache@v4 - with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} - path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - - name: Cache lerna - uses: actions/cache@v4 - with: - key: ${{ runner.os }}-lerna - path: ./.cache - restore-keys: ${{ runner.os }}-lerna- - - name: Install dependencies - run: pnpm install - - name: Build - run: pnpm run build - - - name: Test ${{ matrix.name }} - run: cd tests/functional/${{ matrix.name }} && pnpm run test:full diff --git a/.github/workflows/lint-internal.yml b/.github/workflows/lint-internal.yml index 62286ce53e..8b9c23cfb4 100644 --- a/.github/workflows/lint-internal.yml +++ b/.github/workflows/lint-internal.yml @@ -8,6 +8,9 @@ on: pull_request: types: [ready_for_review, synchronize, opened] +permissions: + contents: read + jobs: source: runs-on: ubuntu-latest diff --git a/.github/workflows/publish-develop.yml b/.github/workflows/publish-develop.yml index 342313afc6..07db94e901 100644 --- a/.github/workflows/publish-develop.yml +++ b/.github/workflows/publish-develop.yml @@ -4,9 +4,9 @@ env: DEBUG: napi:* APP_NAME: evm MACOSX_DEPLOYMENT_TARGET: "10.13" + permissions: - contents: write - id-token: write + contents: read on: push: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 431cd4d6df..eac21bed3f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -11,11 +11,15 @@ on: - main - develop +permissions: + contents: read + env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} jobs: build: + name: "Build" strategy: matrix: node-version: [22.x] @@ -46,15 +50,8 @@ jobs: - name: Cache pnpm modules uses: actions/cache@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - - - name: Cache lerna - uses: actions/cache@v4 - with: - key: lerna-${{ runner.os }}-${{ github.run_id }} - path: ./.cache - uses: actions-rs/toolchain@v1 with: @@ -65,10 +62,18 @@ jobs: - name: Install dependencies run: pnpm install + - name: Build run: pnpm run build + - name: Cache lerna + uses: actions/cache/save@v4 + with: + key: lerna-${{ github.sha }} + path: ./.cache + unit: + name: "Unit" needs: - build strategy: @@ -95,17 +100,15 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - uses: actions-rs/toolchain@v1 with: toolchain: stable @@ -264,6 +267,7 @@ jobs: flags: packages integration: + name: "Integration" needs: - build strategy: @@ -301,17 +305,15 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - name: Install dependencies run: pnpm install - name: Build @@ -353,17 +355,15 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - name: Install dependencies run: pnpm install - name: Build @@ -439,17 +439,15 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - name: Install dependencies run: pnpm install - name: Build @@ -498,17 +496,15 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - name: Install dependencies run: pnpm install - name: Build @@ -544,3 +540,62 @@ jobs: - name: Show logs - checks if: always() run: docker logs snapshot-checks-1 + + functional: + name: "Functional - ${{matrix.name}}" + needs: + - build + concurrency: + cancel-in-progress: true + group: ${{ github.head_ref }}-functional-${{matrix.name}} + runs-on: ubuntu-latest + + strategy: + matrix: + node-version: [22.x] + name: ["transaction-pool-api"] + + services: + postgres: + image: postgres:16 + env: + POSTGRES_DB: test_db + POSTGRES_USER: test_db + POSTGRES_PASSWORD: password + ports: + - 127.0.0.1:5432:5432 + options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + - uses: actions/setup-node@v4 + with: + node-version: ${{ matrix.node-version }} + - name: Setup pnpm + uses: pnpm/action-setup@v4 + with: + run_install: false + version: latest + - name: Get pnpm store directory + id: pnpm-cache + run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT + shell: bash + - name: Cache pnpm modules + uses: actions/cache/restore@v4 + with: + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} + path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} + - name: Cache lerna + uses: actions/cache/restore@v4 + with: + key: lerna-${{ github.sha }} + path: ./.cache + - name: Install dependencies + run: pnpm install + - name: Build + run: pnpm run build + + - name: Test ${{ matrix.name }} + run: cd tests/functional/${{ matrix.name }} && pnpm run test:full