From 542b7f420bdd919270004e66369d8dcd2a57066a Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 11:48:38 +0200 Subject: [PATCH 01/13] Remove restore keys --- .github/workflows/test.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 431cd4d6df..61ae6aefc3 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -48,7 +48,6 @@ jobs: with: key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna uses: actions/cache@v4 @@ -99,13 +98,11 @@ jobs: with: key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna uses: actions/cache@v4 with: key: lerna-${{ runner.os }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - uses: actions-rs/toolchain@v1 with: toolchain: stable @@ -305,13 +302,11 @@ jobs: with: key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna uses: actions/cache@v4 with: key: lerna-${{ runner.os }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - name: Install dependencies run: pnpm install - name: Build @@ -357,13 +352,11 @@ jobs: with: key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna uses: actions/cache@v4 with: key: lerna-${{ runner.os }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - name: Install dependencies run: pnpm install - name: Build @@ -443,13 +436,11 @@ jobs: with: key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna uses: actions/cache@v4 with: key: lerna-${{ runner.os }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - name: Install dependencies run: pnpm install - name: Build @@ -502,13 +493,11 @@ jobs: with: key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - name: Cache lerna uses: actions/cache@v4 with: key: lerna-${{ runner.os }} path: ./.cache - restore-keys: lerna-${{ runner.os }}- - name: Install dependencies run: pnpm install - name: Build From 6dca13487dc02998d57cf411ef6712c9a57d03f8 Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 11:50:53 +0200 Subject: [PATCH 02/13] Rename pnpm key --- .github/workflows/test.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 61ae6aefc3..1067f0f4ac 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -46,7 +46,7 @@ jobs: - name: Cache pnpm modules uses: actions/cache@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna @@ -96,7 +96,7 @@ jobs: - name: Cache pnpm modules uses: actions/cache@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna uses: actions/cache@v4 @@ -300,7 +300,7 @@ jobs: - name: Cache pnpm modules uses: actions/cache@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna uses: actions/cache@v4 @@ -350,7 +350,7 @@ jobs: - name: Cache pnpm modules uses: actions/cache@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna uses: actions/cache@v4 @@ -434,7 +434,7 @@ jobs: - name: Cache pnpm modules uses: actions/cache@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna uses: actions/cache@v4 @@ -491,7 +491,7 @@ jobs: - name: Cache pnpm modules uses: actions/cache@v4 with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna uses: actions/cache@v4 From 2949d01810b377bc807ab8168fb887c0dd4e602c Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 11:51:55 +0200 Subject: [PATCH 03/13] Use sha for lerna --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 1067f0f4ac..fa6f769064 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -52,7 +52,7 @@ jobs: - name: Cache lerna uses: actions/cache@v4 with: - key: lerna-${{ runner.os }}-${{ github.run_id }} + key: lerna-${{ github.sha }} path: ./.cache - uses: actions-rs/toolchain@v1 From 05da01a3674b35c95d31d5ecaf8bc4efeeaece41 Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 12:10:29 +0200 Subject: [PATCH 04/13] Use restore and save actions --- .github/workflows/test.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index fa6f769064..81aacf9907 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -50,7 +50,7 @@ jobs: path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/save@v4 with: key: lerna-${{ github.sha }} path: ./.cache @@ -94,12 +94,12 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: lerna-${{ runner.os }} path: ./.cache @@ -298,12 +298,12 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: lerna-${{ runner.os }} path: ./.cache @@ -348,12 +348,12 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: lerna-${{ runner.os }} path: ./.cache @@ -432,12 +432,12 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: lerna-${{ runner.os }} path: ./.cache @@ -489,12 +489,12 @@ jobs: run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT shell: bash - name: Cache pnpm modules - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - name: Cache lerna - uses: actions/cache@v4 + uses: actions/cache/restore@v4 with: key: lerna-${{ runner.os }} path: ./.cache From 62f67e364a7bcbc7d4ba71c95525fca6da93cc81 Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 12:13:29 +0200 Subject: [PATCH 05/13] Save lerna at the end --- .github/workflows/test.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 81aacf9907..fb7959cdb8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -49,12 +49,6 @@ jobs: key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - - name: Cache lerna - uses: actions/cache/save@v4 - with: - key: lerna-${{ github.sha }} - path: ./.cache - - uses: actions-rs/toolchain@v1 with: toolchain: stable @@ -64,9 +58,16 @@ jobs: - name: Install dependencies run: pnpm install + - name: Build run: pnpm run build + - name: Cache lerna + uses: actions/cache/save@v4 + with: + key: lerna-${{ github.sha }} + path: ./.cache + unit: needs: - build From c99abed1b7500187f8e739b57929b7edb90bcf58 Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 12:39:08 +0200 Subject: [PATCH 06/13] Fix typo --- .github/workflows/test.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index fb7959cdb8..f9fbd7da99 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -102,7 +102,7 @@ jobs: - name: Cache lerna uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - uses: actions-rs/toolchain@v1 with: @@ -306,7 +306,7 @@ jobs: - name: Cache lerna uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - name: Install dependencies run: pnpm install @@ -356,7 +356,7 @@ jobs: - name: Cache lerna uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - name: Install dependencies run: pnpm install @@ -440,7 +440,7 @@ jobs: - name: Cache lerna uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - name: Install dependencies run: pnpm install @@ -497,7 +497,7 @@ jobs: - name: Cache lerna uses: actions/cache/restore@v4 with: - key: lerna-${{ runner.os }} + key: lerna-${{ github.sha }} path: ./.cache - name: Install dependencies run: pnpm install From 65c07ce6b0dc4e5bf705152e4f8fb45730992d80 Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 13:03:39 +0200 Subject: [PATCH 07/13] Remove cargo install --- .github/workflows/test.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index f9fbd7da99..c5a2bb3bc1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -104,16 +104,6 @@ jobs: with: key: lerna-${{ github.sha }} path: ./.cache - - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - components: llvm-tools-preview - profile: minimal - override: true - - name: Install cargo-llvm-cov - run: cargo install cargo-llvm-cov - - name: Check rustc version - run: rustc --version - name: Install dependencies run: pnpm install - name: Build From b31302edf2c2566051e171a4901d84413362bd3f Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 13:08:59 +0200 Subject: [PATCH 08/13] Move functional tests under tests --- .github/workflows/functional.yml | 68 -------------------------------- .github/workflows/test.yml | 59 +++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 68 deletions(-) delete mode 100644 .github/workflows/functional.yml diff --git a/.github/workflows/functional.yml b/.github/workflows/functional.yml deleted file mode 100644 index 8224c8c2f2..0000000000 --- a/.github/workflows/functional.yml +++ /dev/null @@ -1,68 +0,0 @@ -name: CI - -on: - push: - branches: - - "main" - - "develop" - pull_request: - types: [ready_for_review, synchronize, opened] - -jobs: - functional: - concurrency: - cancel-in-progress: true - group: ${{ github.head_ref }}-functional-${{matrix.name}} - runs-on: ubuntu-latest - - strategy: - matrix: - node-version: [22.x] - name: ["transaction-pool-api"] - - services: - postgres: - image: postgres:16 - env: - POSTGRES_DB: test_db - POSTGRES_USER: test_db - POSTGRES_PASSWORD: password - ports: - - 127.0.0.1:5432:5432 - options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 - - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - - name: Setup pnpm - uses: pnpm/action-setup@v4 - with: - run_install: false - version: latest - - name: Get pnpm store directory - id: pnpm-cache - run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT - shell: bash - - name: Cache pnpm modules - uses: actions/cache@v4 - with: - key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} - path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} - restore-keys: ${{ runner.os }}-pnpm- - - name: Cache lerna - uses: actions/cache@v4 - with: - key: ${{ runner.os }}-lerna - path: ./.cache - restore-keys: ${{ runner.os }}-lerna- - - name: Install dependencies - run: pnpm install - - name: Build - run: pnpm run build - - - name: Test ${{ matrix.name }} - run: cd tests/functional/${{ matrix.name }} && pnpm run test:full diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c5a2bb3bc1..cc5e3233ae 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -524,3 +524,62 @@ jobs: - name: Show logs - checks if: always() run: docker logs snapshot-checks-1 + + functional: + name: "Functional - ${{matrix.name}}" + needs: + - build + concurrency: + cancel-in-progress: true + group: ${{ github.head_ref }}-functional-${{matrix.name}} + runs-on: ubuntu-latest + + strategy: + matrix: + node-version: [22.x] + name: ["transaction-pool-api"] + + services: + postgres: + image: postgres:16 + env: + POSTGRES_DB: test_db + POSTGRES_USER: test_db + POSTGRES_PASSWORD: password + ports: + - 127.0.0.1:5432:5432 + options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + - uses: actions/setup-node@v4 + with: + node-version: ${{ matrix.node-version }} + - name: Setup pnpm + uses: pnpm/action-setup@v4 + with: + run_install: false + version: latest + - name: Get pnpm store directory + id: pnpm-cache + run: echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT + shell: bash + - name: Cache pnpm modules + uses: actions/cache/restore@v4 + with: + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} + path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} + - name: Cache lerna + uses: actions/cache/restore@v4 + with: + key: lerna-${{ github.sha }} + path: ./.cache + - name: Install dependencies + run: pnpm install + - name: Build + run: pnpm run build + + - name: Test ${{ matrix.name }} + run: cd tests/functional/${{ matrix.name }} && pnpm run test:full From 3d16a67fe9a27e57bac1ae2862b618d9475f72fb Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 13:15:19 +0200 Subject: [PATCH 09/13] Add read read --- .github/workflows/test.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index cc5e3233ae..0805848768 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,6 +16,9 @@ env: jobs: build: + name: "Build" + permissions: + contents: read strategy: matrix: node-version: [22.x] @@ -69,6 +72,9 @@ jobs: path: ./.cache unit: + name: "Unit" + permissions: + contents: read needs: - build strategy: @@ -252,6 +258,9 @@ jobs: flags: packages integration: + name: "Integration" + permissions: + contents: read needs: - build strategy: @@ -308,6 +317,8 @@ jobs: e2e-consensus: name: "E2E Consensus" + permissions: + contents: read needs: - build concurrency: @@ -392,6 +403,8 @@ jobs: e2e-clients: name: "E2E Clients" + permissions: + contents: read needs: - build concurrency: @@ -449,6 +462,8 @@ jobs: e2e-snapshot: name: "E2E Snapshot" + permissions: + contents: read needs: - build concurrency: @@ -527,6 +542,8 @@ jobs: functional: name: "Functional - ${{matrix.name}}" + permissions: + contents: read needs: - build concurrency: @@ -534,6 +551,7 @@ jobs: group: ${{ github.head_ref }}-functional-${{matrix.name}} runs-on: ubuntu-latest + strategy: matrix: node-version: [22.x] From c24819b5b90145dd058f723195e43dc02d4d4f7e Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 13:21:31 +0200 Subject: [PATCH 10/13] Set permissions on all workers --- .github/workflows/circular.yml | 3 +++ .github/workflows/codeql.yml | 3 +++ .github/workflows/contracts.yml | 3 +++ .github/workflows/deps.yml | 26 +++++++++++++++----------- .github/workflows/lint-internal.yml | 3 +++ .github/workflows/publish-develop.yml | 4 ++-- .github/workflows/test.yml | 17 +++-------------- 7 files changed, 32 insertions(+), 27 deletions(-) diff --git a/.github/workflows/circular.yml b/.github/workflows/circular.yml index b42ed63d83..ad9ca1ae15 100644 --- a/.github/workflows/circular.yml +++ b/.github/workflows/circular.yml @@ -8,6 +8,9 @@ on: pull_request: types: [ready_for_review, synchronize, opened] +permissions: + contents: read + jobs: source: runs-on: ubuntu-latest diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fb822c8b2f..06f1326637 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -17,6 +17,9 @@ on: pull_request: branches: ["develop", "main"] +permissions: + contents: read + jobs: analyze: name: Analyze (${{ matrix.language }}) diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index 85948ed4ff..48c399c244 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -11,6 +11,9 @@ on: - main - develop +permissions: + contents: read + env: FOUNDRY_PROFILE: ci CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/deps.yml b/.github/workflows/deps.yml index 611cf6c22b..b12c41411c 100644 --- a/.github/workflows/deps.yml +++ b/.github/workflows/deps.yml @@ -1,3 +1,18 @@ +name: Dependencies +on: + pull_request: + types: + - ready_for_review + - synchronize + - opened + push: + branches: + - main + - develop + +permissions: + contents: read + jobs: source: runs-on: ubuntu-latest @@ -36,14 +51,3 @@ jobs: strategy: matrix: node-version: [22.x] -name: Dependencies -on: - pull_request: - types: - - ready_for_review - - synchronize - - opened - push: - branches: - - main - - develop diff --git a/.github/workflows/lint-internal.yml b/.github/workflows/lint-internal.yml index 62286ce53e..8b9c23cfb4 100644 --- a/.github/workflows/lint-internal.yml +++ b/.github/workflows/lint-internal.yml @@ -8,6 +8,9 @@ on: pull_request: types: [ready_for_review, synchronize, opened] +permissions: + contents: read + jobs: source: runs-on: ubuntu-latest diff --git a/.github/workflows/publish-develop.yml b/.github/workflows/publish-develop.yml index 342313afc6..07db94e901 100644 --- a/.github/workflows/publish-develop.yml +++ b/.github/workflows/publish-develop.yml @@ -4,9 +4,9 @@ env: DEBUG: napi:* APP_NAME: evm MACOSX_DEPLOYMENT_TARGET: "10.13" + permissions: - contents: write - id-token: write + contents: read on: push: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0805848768..bd3802379c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -11,14 +11,15 @@ on: - main - develop +permissions: + contents: read + env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} jobs: build: name: "Build" - permissions: - contents: read strategy: matrix: node-version: [22.x] @@ -73,8 +74,6 @@ jobs: unit: name: "Unit" - permissions: - contents: read needs: - build strategy: @@ -259,8 +258,6 @@ jobs: integration: name: "Integration" - permissions: - contents: read needs: - build strategy: @@ -317,8 +314,6 @@ jobs: e2e-consensus: name: "E2E Consensus" - permissions: - contents: read needs: - build concurrency: @@ -403,8 +398,6 @@ jobs: e2e-clients: name: "E2E Clients" - permissions: - contents: read needs: - build concurrency: @@ -462,8 +455,6 @@ jobs: e2e-snapshot: name: "E2E Snapshot" - permissions: - contents: read needs: - build concurrency: @@ -542,8 +533,6 @@ jobs: functional: name: "Functional - ${{matrix.name}}" - permissions: - contents: read needs: - build concurrency: From ff21cfbd5dbb4d1f04c243321c790835c8256c72 Mon Sep 17 00:00:00 2001 From: sebastijankuzner <58827427+sebastijankuzner@users.noreply.github.com> Date: Thu, 22 May 2025 11:23:02 +0000 Subject: [PATCH 11/13] style: resolve style guide violations --- .github/workflows/test.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index bd3802379c..06e4f113c4 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -540,7 +540,6 @@ jobs: group: ${{ github.head_ref }}-functional-${{matrix.name}} runs-on: ubuntu-latest - strategy: matrix: node-version: [22.x] From 5f4e49438caa8b53ba1452f87699aec99fab6ac3 Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 13:25:55 +0200 Subject: [PATCH 12/13] Remove permissions from codeql --- .github/workflows/codeql.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 06f1326637..fb822c8b2f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -17,9 +17,6 @@ on: pull_request: branches: ["develop", "main"] -permissions: - contents: read - jobs: analyze: name: Analyze (${{ matrix.language }}) From 1a794e410b5bda6fb69b51a56249da27c9270121 Mon Sep 17 00:00:00 2001 From: sebastijankuzner Date: Thu, 22 May 2025 13:40:49 +0200 Subject: [PATCH 13/13] Add toolchain back --- .github/workflows/test.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 06e4f113c4..eac21bed3f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -109,6 +109,16 @@ jobs: with: key: lerna-${{ github.sha }} path: ./.cache + - uses: actions-rs/toolchain@v1 + with: + toolchain: stable + components: llvm-tools-preview + profile: minimal + override: true + - name: Install cargo-llvm-cov + run: cargo install cargo-llvm-cov + - name: Check rustc version + run: rustc --version - name: Install dependencies run: pnpm install - name: Build