chore: Bump channels-plugin version #2336
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: CI | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| - ready_for_review | |
| paths-ignore: | |
| - docs/** | |
| - '**.md' | |
| - .github/** | |
| - .gitignore | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - docs/** | |
| - '**.md' | |
| - .github/** | |
| # run concurrency group for the workflow | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| changed_files: | |
| if: ${{ github.event.pull_request.draft == false }} | |
| runs-on: ubuntu-latest | |
| name: Test changed-files | |
| outputs: | |
| changed-rust-files: ${{ steps.changed-files-yaml.outputs.code_any_changed }} | |
| changed-lockfile-files: ${{ steps.changed-files-yaml.outputs.lockfile_any_changed }} | |
| changed-docker-files: ${{ steps.changed-files-yaml.outputs.docker_any_changed }} | |
| changed-tests-files: ${{ steps.changed-files-yaml.outputs.tests_any_changed }} | |
| steps: | |
| # Checkout the repository | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Get changed files | |
| id: changed-files-yaml | |
| uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5 | |
| with: | |
| files_yaml: | | |
| code: | |
| - '**/*.rs' | |
| - 'rustfmt.toml' | |
| - 'rust-toolchain.toml' | |
| lockfile: | |
| - 'Cargo.lock' | |
| - 'Cargo.toml' | |
| docker: | |
| - 'Dockerfile.development' | |
| - 'Dockerfile.production' | |
| - 'docker-compose.yml' | |
| - 'Cargo.lock' | |
| - 'Cargo.toml' | |
| tests: | |
| - '**/*.rs' | |
| - tests/**/*.json | |
| ci: | |
| timeout-minutes: 150 | |
| if: ${{ github.event.pull_request.draft == false && always() }} | |
| permissions: | |
| contents: none | |
| name: CI | |
| needs: | |
| - msrv | |
| - rustfmt | |
| - clippy | |
| runs-on: ubuntu-22.04-oz-8core | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Failed | |
| run: exit 1 | |
| if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') | |
| msrv: | |
| if: ${{ github.event.pull_request.draft == false && github.event_name != 'push' && (needs.changed_files.outputs.changed-rust-files == 'true' || needs.changed_files.outputs.changed-lockfile-files == 'true') }} | |
| runs-on: ubuntu-latest | |
| needs: changed_files | |
| steps: | |
| # Checkout the repository | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Prepare | |
| id: init | |
| uses: ./.github/actions/prepare | |
| # Get the output of the prepare composite action | |
| - name: Get cache-hit output | |
| run: 'echo "Cache hit >>>>>: ${{ steps.init.outputs.cache-hit }}"' | |
| - name: Install cargo hack | |
| uses: taiki-e/install-action@e24b8b7a939c6a537188f34a4163cb153dd85cf6 # v2.69.1 | |
| with: | |
| tool: cargo-hack | |
| # Check the minimum supported Rust version | |
| - name: Default features | |
| run: cargo hack check --feature-powerset --locked --rust-version --workspace --lib --bins | |
| rustfmt: | |
| if: ${{ github.event.pull_request.draft == false && github.event_name != 'push' && needs.changed_files.outputs.changed-rust-files == 'true' }} | |
| needs: changed_files | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout the repository | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Prepare | |
| id: init | |
| uses: ./.github/actions/prepare | |
| # Get the output of the prepare composite action | |
| - name: Get cache-hit output | |
| run: 'echo "Cache hit >>>>>: ${{ steps.init.outputs.cache-hit }}"' | |
| # Check the formatting of the code | |
| - name: Check formatting | |
| run: cargo fmt --all -- --check | |
| clippy: | |
| if: ${{ github.event.pull_request.draft == false && github.event_name != 'push' && needs.changed_files.outputs.changed-rust-files == 'true' }} | |
| needs: changed_files | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout the repository | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Prepare | |
| id: init | |
| uses: ./.github/actions/prepare | |
| # Get the output of the prepare composite action | |
| - name: Get cache-hit output | |
| run: 'echo "Cache hit >>>>>: ${{ steps.init.outputs.cache-hit }}"' | |
| - name: Install SARIF tools | |
| run: cargo install clippy-sarif --locked | |
| - name: Install SARIF tools | |
| run: cargo install sarif-fmt --locked | |
| - name: Check | |
| run: > | |
| cargo clippy --all-features --workspace --lib --bins --no-deps --message-format=json | |
| | clippy-sarif | |
| | tee clippy-results.sarif | |
| | sarif-fmt | |
| continue-on-error: true | |
| - name: upload sarif artifact | |
| uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: clippy-results.sarif | |
| path: clippy-results.sarif | |
| retention-days: 1 | |
| - name: Upload | |
| uses: github/codeql-action/upload-sarif@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v3.29.5 | |
| with: | |
| sarif_file: clippy-results.sarif | |
| wait-for-processing: true | |
| - name: Report status | |
| run: cargo clippy --all-features --workspace --lib --bins --no-deps -- -D warnings --allow deprecated | |
| test-unit: | |
| name: Unit Tests | |
| if: ${{ github.event.pull_request.draft == false && needs.changed_files.outputs.changed-tests-files == 'true' }} | |
| permissions: | |
| contents: read | |
| needs: | |
| - changed_files | |
| runs-on: ubuntu-22.04-oz-8core | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 | |
| with: | |
| node-version: '20' | |
| - name: Install pnpm and plugin dependencies | |
| run: | | |
| npm install -g pnpm | |
| cd plugins | |
| pnpm install | |
| - name: Install TypeScript and ts-node | |
| run: | | |
| npm install -g typescript ts-node | |
| ts-node --version | |
| tsc --version | |
| - name: free disk space | |
| run: | | |
| sudo swapoff -a | |
| sudo rm -f /swapfile | |
| sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc | |
| sudo apt clean | |
| if [[ $(docker image ls -aq) ]]; then | |
| docker rmi $(docker image ls -aq) | |
| else | |
| echo "No Docker images found to remove" | |
| fi | |
| - name: Prepare | |
| id: init | |
| uses: ./.github/actions/prepare | |
| with: | |
| components: llvm-tools-preview | |
| - name: Get cache-hit output | |
| run: 'echo "Cache hit >>>>>: ${{ steps.init.outputs.cache-hit }}"' | |
| - name: Install cargo hack and cargo-llvm-cov | |
| uses: taiki-e/install-action@e24b8b7a939c6a537188f34a4163cb153dd85cf6 # v2.69.1 | |
| with: | |
| tool: cargo-hack,cargo-llvm-cov | |
| - name: Run Developer Tests (excluding AI) and Generate Coverage Report | |
| id: dev_coverage | |
| timeout-minutes: 45 | |
| env: | |
| LLVM_PROFILE_FILE: dev-%p-%m.profraw | |
| RUSTFLAGS: -Cinstrument-coverage | |
| RUST_TEST_THREADS: 1 | |
| run: | | |
| cargo hack llvm-cov --locked --lib --ignore-filename-regex "(src/api/routes/docs/.*_docs\.rs$|src/repositories/.*/.*_redis\.rs$)" --lcov --output-path dev-lcov.info --tests -- --skip ai_ | |
| - name: Run AI Tests and Generate Coverage Report | |
| id: ai_coverage | |
| timeout-minutes: 45 | |
| env: | |
| LLVM_PROFILE_FILE: ai-%p-%m.profraw | |
| RUSTFLAGS: -Cinstrument-coverage | |
| RUST_TEST_THREADS: 1 | |
| run: | | |
| cargo hack llvm-cov --locked --lib --ignore-filename-regex "(src/api/routes/docs/.*_docs\.rs$|src/repositories/.*/.*_redis\.rs$)" --lcov --output-path ai-lcov.info --tests -- ai_ | |
| # Upload coverage reports | |
| - name: Upload AI Coverage to Codecov | |
| uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5.5.3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| name: ai-coverage | |
| files: ai-lcov.info | |
| flags: ai | |
| fail_ci_if_error: true | |
| - name: Upload Developer Coverage to Codecov | |
| uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5.5.3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| name: dev-coverage | |
| files: dev-lcov.info | |
| flags: dev | |
| fail_ci_if_error: true | |
| test-properties: | |
| name: Properties Tests | |
| if: ${{ github.event.pull_request.draft == false && needs.changed_files.outputs.changed-tests-files == 'true' }} | |
| permissions: | |
| contents: read | |
| needs: | |
| - changed_files | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 | |
| with: | |
| node-version: '20' | |
| - name: Install pnpm and plugin dependencies | |
| run: | | |
| npm install -g pnpm | |
| cd plugins | |
| pnpm install | |
| - name: Install TypeScript and ts-node | |
| run: | | |
| npm install -g typescript ts-node | |
| ts-node --version | |
| tsc --version | |
| - name: free disk space | |
| run: | | |
| sudo swapoff -a | |
| sudo rm -f /swapfile | |
| sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc | |
| sudo apt clean | |
| if [[ $(docker image ls -aq) ]]; then | |
| docker rmi $(docker image ls -aq) | |
| else | |
| echo "No Docker images found to remove" | |
| fi | |
| - name: Prepare | |
| id: init | |
| uses: ./.github/actions/prepare | |
| with: | |
| components: llvm-tools-preview | |
| - name: Get cache-hit output | |
| run: 'echo "Cache hit >>>>>: ${{ steps.init.outputs.cache-hit }}"' | |
| - name: Install cargo hack and cargo-llvm-cov | |
| uses: taiki-e/install-action@e24b8b7a939c6a537188f34a4163cb153dd85cf6 # v2.69.1 | |
| with: | |
| tool: cargo-hack,cargo-llvm-cov | |
| - name: Run Properties Tests and Generate Coverage Report | |
| env: | |
| LLVM_PROFILE_FILE: properties.profraw | |
| RUSTFLAGS: -Cinstrument-coverage | |
| RUST_TEST_THREADS: 1 | |
| CARGO_PROFILE_DEV_DEBUG: 1 | |
| run: cargo hack llvm-cov --locked --ignore-filename-regex "(src/api/routes/docs/.*_docs\.rs$|src/repositories/.*/.*_redis\.rs$)" --lcov --output-path properties-lcov.info --test properties | |
| - name: Upload Properties Coverage to Codecov | |
| uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5.5.3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| name: properties-coverage | |
| files: properties-lcov.info | |
| flags: properties | |
| fail_ci_if_error: true | |
| docker-scan: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - changed_files | |
| - ci | |
| if: | | |
| ${{ github.event.pull_request.draft == false && needs.changed_files.outputs.changed-docker-files == 'true' }} | |
| steps: | |
| # Checkout the repository | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 | |
| - name: Build local container | |
| uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 | |
| with: | |
| tags: openzeppelin-relayer-dev:${{ github.sha }} | |
| push: false | |
| load: true | |
| file: Dockerfile.development | |
| platforms: linux/amd64 | |
| - name: Scan image | |
| uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c # v7.3.2 | |
| with: | |
| image: openzeppelin-relayer-dev:${{ github.sha }} | |
| fail-build: true | |
| severity-cutoff: high | |
| output-format: table |