diff --git a/.dockerignore b/.dockerignore deleted file mode 100644 index c5c4bad4..00000000 --- a/.dockerignore +++ /dev/null @@ -1,5 +0,0 @@ -.dockerignore -.gitignore -.git -state.json -node_modules/ diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 00000000..0432542f --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @cowprotocol/contracts diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index b998f079..00000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,9 +0,0 @@ -version: 2 -updates: -- package-ecosystem: npm - directory: "/" - schedule: - interval: daily - time: "02:00" - ignore: - - dependency-name: "@openzeppelin/contracts" diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 19981bf6..0ff01cfe 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,7 +1,12 @@ -Closes #issue (optional) +## Description -__ + -### Test Plan +## Test Plan -__ + + +## Related Issues + + + diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml deleted file mode 100644 index 897ce278..00000000 --- a/.github/workflows/CI.yml +++ /dev/null @@ -1,63 +0,0 @@ -name: Node.js CI - -on: - push: - branches: [main] - pull_request: - -jobs: - test: - strategy: - matrix: - node-version: [18.x] - os: [ubuntu-latest] - runs-on: ${{ matrix.os }} - steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node }} - - id: yarn-cache - run: echo "::set-output name=dir::$(yarn cache dir)" - - uses: actions/cache@v2 - with: - path: ${{ steps.yarn-cache.outputs.dir }} - key: ${{ matrix.os }}-yarn-${{ hashFiles('**/yarn.lock') }} - restore-keys: | - ${{ matrix.os }}-yarn- - - run: yarn --frozen-lockfile - - run: yarn build - - run: yarn lint - - run: yarn coverage - - run: yarn test:ignored-in-coverage - - name: Coveralls - uses: coverallsapp/github-action@master - continue-on-error: true - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - - docker-deploy: - runs-on: ubuntu-latest - needs: test - if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') - steps: - - uses: actions/checkout@v3 - - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Image metadata - id: meta - uses: docker/metadata-action@v4 - with: - images: ghcr.io/${{ github.repository }} - labels: | - org.opencontainers.image.licenses=LGPL-3.0-or-later - - uses: docker/build-push-action@v3 - with: - context: . - file: src/docker/Dockerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..efe32628 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,38 @@ +name: Node.js CI + +on: + push: + branches: [main] + pull_request: + +jobs: + test: + strategy: + matrix: + node-version: [18.x] + os: [ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: ${{ matrix.node }} + - id: yarn-cache + run: echo "::set-output name=dir::$(yarn cache dir)" + - uses: actions/cache@v4 + with: + path: ${{ steps.yarn-cache.outputs.dir }} + key: ${{ matrix.os }}-yarn-${{ hashFiles('**/yarn.lock') }} + restore-keys: | + ${{ matrix.os }}-yarn- + - run: yarn --frozen-lockfile + - run: yarn build + - run: yarn lint + - run: yarn coverage + - run: yarn test:ignored-in-coverage + - name: Coveralls + uses: coverallsapp/github-action@master + continue-on-error: true + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 776719b5..aa9964ad 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -18,7 +18,7 @@ jobs: steps: - name: "CLA Assistant" if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' - uses: contributor-assistant/github-action@v2.2.1 + uses: contributor-assistant/github-action@v2.4.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PERSONAL_ACCESS_TOKEN : ${{ secrets.ORG_TOKEN }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c468e129..e8022e2a 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -7,8 +7,8 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: actions/setup-node@v3 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: '18.x' registry-url: 'https://registry.npmjs.org' diff --git a/.github/workflows/review-check.yml b/.github/workflows/review-check.yml new file mode 100644 index 00000000..c52f02c5 --- /dev/null +++ b/.github/workflows/review-check.yml @@ -0,0 +1,63 @@ +name: Enforce Review Rules + +on: + pull_request: + types: [opened, edited, synchronize] + +jobs: + enforce-review-rules: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Check if PR modifies specific path + shell: bash + id: check-path + run: | + BASE_SHA=$(jq -r .pull_request.base.sha < $GITHUB_EVENT_PATH) + HEAD_SHA=$(jq -r .pull_request.head.sha < $GITHUB_EVENT_PATH) + git fetch origin $BASE_SHA $HEAD_SHA + files=$(git diff --name-only $BASE_SHA $HEAD_SHA | tr '\n' ' ') + echo "files=$files" >> $GITHUB_OUTPUT + if echo "$files" | grep -q 'src/contracts/'; then + echo "specific_path=true" >> $GITHUB_OUTPUT + else + echo "specific_path=false" >> $GITHUB_OUTPUT + fi + + - name: Ensure required reviewers + shell: bash + id: ensure-reviewers + run: | + GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} + PR_NUMBER=${{ github.event.pull_request.number }} + REPO=${{ github.repository }} + + # Fetch approved and non-dismissed reviews of the PR + REVIEWERS=$(curl -s -H "Authorization: token $GITHUB_TOKEN" \ + "https://api.github.com/repos/$REPO/pulls/$PR_NUMBER/reviews" \ + | jq -r '[.[] | select(.state == "APPROVED" and .dismissed_at == null) | .user.login] | unique | .[]') + + if [ $? -ne 0 ]; then + echo "Failed to fetch reviews" + exit 1 + fi + + NUM_REVIEWERS=$(echo "$REVIEWERS" | wc -w) + + # Check review requirements + if [ "${{ steps.check-path.outputs.specific_path }}" == "true" ]; then + if [ "$NUM_REVIEWERS" -lt 2 ]; then + echo "Insufficient reviewers for src/contracts/ path. Required: 2 reviewers." + echo "review_check_passed=false" >> $GITHUB_OUTPUT + exit 1 + fi + fi + + echo "review_check_passed=true" >> $GITHUB_OUTPUT + + - name: Success message + if: steps.ensure-reviewers.outputs.review_check_passed == 'true' + run: echo "Review checks passed successfully!" diff --git a/.mergify.yml b/.mergify.yml deleted file mode 100644 index 9b2dc657..00000000 --- a/.mergify.yml +++ /dev/null @@ -1,24 +0,0 @@ -pull_request_rules: - - name: Merge approved and green PRs with `merge when green` label - conditions: - - "#approved-reviews-by>=1" - - status-success~=^test \([0-9]+\.x, ubuntu-latest\)$ - - label=merge when green - - or: - - base=main - - base=v0.0.1 - actions: - merge: - method: squash - strict: smart+fasttrack - commit_message: title+body - - name: Automatic merge for Dependabot pull requests - conditions: - - author~=^dependabot(|-preview)\[bot\]$ - - status-success~=^test \([0-9]+\.x, ubuntu-latest\)$ - - base=main - actions: - merge: - method: squash - strict: smart+fasttrack - commit_message: title+body diff --git a/src/docker/Dockerfile b/src/docker/Dockerfile deleted file mode 100644 index 76ea89b8..00000000 --- a/src/docker/Dockerfile +++ /dev/null @@ -1,16 +0,0 @@ -FROM node:18.15-alpine3.17 - -# Create app directory -WORKDIR /usr/src/app/ - -COPY . . - -RUN apk add --no-cache tini git python3 linux-headers eudev-dev libusb-dev build-base -# Tini is now available at /sbin/tini - -RUN yarn install --frozen -RUN yarn build - -# Run Node app as child of tini -# Signal handling for PID1 https://github.com/krallin/tini -ENTRYPOINT ["/sbin/tini", "--"]