From 46b1311a5a83f33d08ffa8e1e0ab04f9ad51665d Mon Sep 17 00:00:00 2001 From: Erik Burton Date: Fri, 10 May 2024 11:17:07 -0700 Subject: [PATCH] Chore/update GitHub actions (#702) * chore: update actions/cache to v4.0.2 * chore: update actions/checkout to v4.1.4 * chore: update actions/download-artifact to v4.1.7 * chore: update actions/setup-go to v5.0.1 * chore: update actions/setup-node to v4.0.2 * chore: update actions/upload-artifact to v4.3.3 * chore: update cachix/cachix-action to v14 * chore: update cachix/install-nix-action to v26 * chore: update dawidd6/action-download-artifact to v3.1.4 * chore: update dorny/paths-filter to v3.0.2 * chore: update github/codeql-action/analyze to v3.25.3 * chore: update github/codeql-action/autobuild to v3.25.3 * chore: update github/codeql-action/init to v3.25.3 * chore: update peter-evans/create-pull-request to v6.0.5 * chore: update planetscale/ghcommit-action to v0.1.37 * chore: update reviewdog/action-actionlint to v1.45.0 * chore: update setup-github-token to setup-github-token@0.1.2 * chore: update chainlink-testing-framework/* to v2.3.16 * chore: update smartcontractkit/push-gha-metrics-action to v3.0.0 * chore: update softprops/action-gh-release to v2.0.5 * chore: update sonarsource/sonarqube-scan-action to v2.0.2 * chore: update tj-actions/branch-names to v8.0.1 * chore: fix contracts build w/ outdated container * fix: use should_checkout for build-images * Use a docker run command to build contracts This temporarily gets around node issues for building contracts * update checkout version * cleanup issues and debug block * add github workspace arg to script * Use safe git path within container * break up the docker commands to use github git diff since it doesn't play nice in the container * move git install into section where we only do it when running inside of the container * remove interactive mode * adjust artifact permissions after docker build for upload * fix action format error * fix rust lint and test * path and lint fixes * chore: full bump after node20 solana build * fix: use download-artifact * fix: comment out container fields --------- Co-authored-by: Tate --- .github/actions/build-test-image/action.yml | 8 +- .../build_contract_artifacts/action.yml | 58 +++++++++-- .github/actions/setup-go/action.yml | 8 +- .github/workflows/codeql-analysis.yml | 10 +- .github/workflows/contract-release.yml | 23 +++-- .github/workflows/e2e_custom_cl.yml | 35 ++++--- .github/workflows/e2e_testnet_daily.yml | 51 +++++----- .github/workflows/gauntlet.yml | 22 ++--- .github/workflows/golangci-lint.yml | 12 +-- .../workflows/integration-tests-publish.yml | 22 +++-- .github/workflows/lint-gh-workflows.yml | 4 +- .github/workflows/monitoring.yml | 2 +- .github/workflows/open-pr.yml | 10 +- .github/workflows/relay.yml | 6 +- .github/workflows/rust.yml | 99 +++++++++++++------ .github/workflows/soak.yml | 28 +++--- .github/workflows/sonar-scan.yml | 18 ++-- .github/workflows/upstream-tracker.yml | 2 +- scripts/build-contract-artifacts-action.sh | 41 ++++++++ 19 files changed, 300 insertions(+), 159 deletions(-) create mode 100755 scripts/build-contract-artifacts-action.sh diff --git a/.github/actions/build-test-image/action.yml b/.github/actions/build-test-image/action.yml index 84045ba8b..ae57a5616 100644 --- a/.github/actions/build-test-image/action.yml +++ b/.github/actions/build-test-image/action.yml @@ -28,27 +28,27 @@ runs: steps: - name: Check if image exists id: check-image - uses: smartcontractkit/chainlink-github-actions/docker/image-exists@336617ae6d70fec60c15cc3382e17a4d2615a801 # v2.2.0 + uses: smartcontractkit/chainlink-github-actions/docker/image-exists@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: repository: chainlink-solana-tests tag: ${{ inputs.tag }} AWS_REGION: ${{ inputs.QA_AWS_REGION }} AWS_ROLE_TO_ASSUME: ${{ inputs.QA_AWS_ROLE_TO_ASSUME }} - name: Download Artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: artifacts path: ${{ inputs.artifacts_path }} - name: Get CTF Version id: version - uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/mod-version@92e0f299a87522c2a37bfc4686c4d8a96dc9d28b # v2.3.5 + uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/mod-version@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: go-project-path: ./integration-tests module-name: github.com/smartcontractkit/chainlink-testing-framework enforce-semantic-tag: false - name: Build and Publish Test Runner if: steps.check-image.outputs.exists == 'false' - uses: smartcontractkit/chainlink-github-actions/docker/build-push@336617ae6d70fec60c15cc3382e17a4d2615a801 # v2.2.0 + uses: smartcontractkit/chainlink-github-actions/docker/build-push@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: tags: | ${{ inputs.QA_AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ inputs.QA_AWS_REGION }}.amazonaws.com/chainlink-solana-tests:${{ inputs.tag }} diff --git a/.github/actions/build_contract_artifacts/action.yml b/.github/actions/build_contract_artifacts/action.yml index ebc3d2298..155f1bcb4 100644 --- a/.github/actions/build_contract_artifacts/action.yml +++ b/.github/actions/build_contract_artifacts/action.yml @@ -4,11 +4,51 @@ inputs: ref: required: false description: The chainlink-solana ref to use + image: + required: false + description: docker image to use to build + image-version: + required: false + description: docker image version/tag to use for build runs: using: composite steps: + - name: Checkout solana + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + with: + repository: smartcontractkit/chainlink-solana + ref: ${{ inputs.ref }} + + # temporary docker run to build artifacts + - name: Docker Builder + if: ${{ inputs.image != '' && inputs.image-version != '' }} + env: + image: ${{ inputs.image }} + image_version: ${{ inputs.image-version }} + shell: bash + run: | + # start container + docker run -d -v $(pwd):/repo --name build-container "${image}":"${image_version}" tail -f /dev/null + # generate go bindings + docker exec build-container bash -c "/repo/scripts/build-contract-artifacts-action.sh" + # check go bindings + git diff --stat --exit-code + # build with keys + docker exec build-container bash -c "\ + export RUSTUP_HOME=\"/root/.rustup\" &&\ + cd /repo &&\ + ./scripts/programs-keys-gen.sh &&\ + cd ./contracts &&\ + anchor build &&\ + chown -R $(id -u):$(id -g) /repo" + # clean up the container + docker stop build-container + docker rm build-container + + # should be used again after moving from projectserum/build to backpackapp/build - name: Install latest Git version (>= 2.18.0) for actions/checkout + if: ${{ inputs.image == '' && inputs.image-version == '' }} shell: bash run: | apt-get update @@ -17,37 +57,37 @@ runs: apt update apt install git -y git config --global --add safe.directory "$GITHUB_WORKSPACE" - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 - with: - repository: smartcontractkit/chainlink-solana - ref: ${{ inputs.ref }} - name: Setup go - uses: actions/setup-go@v4 + if: ${{ inputs.image == '' && inputs.image-version == '' }} + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version-file: "go.mod" check-latest: true - - name: yarn install - shell: bash - run: yarn install --frozen-lockfile - name: Generate build artifacts for go bindings check + if: ${{ inputs.image == '' && inputs.image-version == '' }} shell: bash run: anchor build working-directory: contracts - name: Check generated go bindings are up to date + if: ${{ inputs.image == '' && inputs.image-version == '' }} shell: bash run: | go install github.com/gagliardetto/anchor-go@v0.2.3 ./scripts/anchor-go-gen.sh git diff --stat --exit-code - name: Generate program_ids + if: ${{ inputs.image == '' && inputs.image-version == '' }} shell: bash run: ./scripts/programs-keys-gen.sh - name: Generate build artifacts with custom program_ids + if: ${{ inputs.image == '' && inputs.image-version == '' }} shell: bash run: anchor build working-directory: contracts + + #save the contracts artifacts - name: Upload Artifacts - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: artifacts path: contracts/target/deploy diff --git a/.github/actions/setup-go/action.yml b/.github/actions/setup-go/action.yml index eba015210..77aae5b44 100644 --- a/.github/actions/setup-go/action.yml +++ b/.github/actions/setup-go/action.yml @@ -18,7 +18,7 @@ runs: using: composite steps: - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version-file: ${{ inputs.go-version-file }} cache: false @@ -26,7 +26,7 @@ runs: - name: Get branch name if: ${{ inputs.only-modules == 'false' }} id: branch-name - uses: tj-actions/branch-names@2e5354c6733793113f416314375826df030ada23 #v6.5 + uses: tj-actions/branch-names@6871f53176ad61624f978536bbf089c574dc19a2 # v8.0.1 - name: Set go cache keys shell: bash @@ -40,7 +40,7 @@ runs: shell: bash run: echo "path=./${{ inputs.go-module-file }}" >> $GITHUB_OUTPUT - - uses: actions/cache@v3 + - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 name: Cache Go Modules with: path: | @@ -51,7 +51,7 @@ runs: restore-keys: | ${{ runner.os }}-gomod-${{ inputs.cache-version }}- - - uses: actions/cache@v3 + - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 if: ${{ inputs.only-modules == 'false' }} name: Cache Go Build Outputs with: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4962203f2..206612f29 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,24 +38,24 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Set up Go - uses: actions/setup-go@v3 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version-file: "go.mod" check-latest: true # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@39d8d7e78f59cf6b40ac3b9fbebef0c753d7c9e5 # v2.2.2 + uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3 with: languages: ${{ matrix.language }} # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@39d8d7e78f59cf6b40ac3b9fbebef0c753d7c9e5 # v2.2.2 + uses: github/codeql-action/autobuild@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -69,4 +69,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@39d8d7e78f59cf6b40ac3b9fbebef0c753d7c9e5 # v2.2.2 + uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3 diff --git a/.github/workflows/contract-release.yml b/.github/workflows/contract-release.yml index d9bad76ac..64343179a 100644 --- a/.github/workflows/contract-release.yml +++ b/.github/workflows/contract-release.yml @@ -16,7 +16,7 @@ jobs: projectserum_version: ${{ steps.psversion.outputs.projectserum_version }} steps: - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Get ProjectSerum Version id: psversion uses: ./.github/actions/projectserum_version @@ -24,20 +24,25 @@ jobs: name: Release Artifacts runs-on: ubuntu-latest needs: [get_projectserum_version] - container: - image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} - env: - RUSTUP_HOME: "/root/.rustup" + # container: + # image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} + # env: + # RUSTUP_HOME: "/root/.rustup" steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Build Artifacts - run: anchor build + env: + psversion: ${{ needs.get_projectserum_version.outputs.projectserum_version }} + run: | + docker run -v "$(pwd)":/repo projectserum/build:"${psversion}" bash -c "\ + anchor build &&\ + chown -R $(id -u):$(id -g) /repo" - name: Generate archive run: | tar cfvz artifacts.tar.gz target/deploy/*.so target/idl/* - name: Create Release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5 with: - files: | + files: | contracts/artifacts.tar.gz contracts/target/deploy/*.so diff --git a/.github/workflows/e2e_custom_cl.yml b/.github/workflows/e2e_custom_cl.yml index 93237edc8..a7c40bf2b 100644 --- a/.github/workflows/e2e_custom_cl.yml +++ b/.github/workflows/e2e_custom_cl.yml @@ -25,9 +25,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Setup go - uses: actions/setup-go@v3 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version-file: "go.mod" check-latest: true @@ -42,7 +42,7 @@ jobs: projectserum_version: ${{ steps.psversion.outputs.projectserum_version }} steps: - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Get ProjectSerum Version id: psversion uses: ./.github/actions/projectserum_version @@ -55,16 +55,19 @@ jobs: contents: read runs-on: ubuntu-latest-32cores-128GB needs: [get_projectserum_version] - container: - image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} - env: - RUSTUP_HOME: "/root/.rustup" - FORCE_COLOR: 1 + # container: + # image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} + # env: + # RUSTUP_HOME: "/root/.rustup" + # FORCE_COLOR: 1 steps: - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Build contracts uses: ./.github/actions/build_contract_artifacts + with: + image: projectserum/build + image-version: ${{ needs.get_projectserum_version.outputs.projectserum_version }} e2e_custom_build_custom_chainlink_image: name: E2E Custom Build Custom CL Image @@ -87,7 +90,7 @@ jobs: fi - name: Check if image exists id: check-image - uses: smartcontractkit/chainlink-github-actions/docker/image-exists@ad22fbd6f4d108b82aaf49b527bcf40f32babea8 # v2.2.1 + uses: smartcontractkit/chainlink-github-actions/docker/image-exists@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: repository: chainlink tag: solana.${{ env.CUSTOM_CORE_REF || github.event.inputs.cl_branch_ref || github.sha }} @@ -95,8 +98,9 @@ jobs: AWS_ROLE_TO_ASSUME: ${{ secrets.QA_AWS_ROLE_TO_ASSUME }} - name: Build Image if: steps.check-image.outputs.exists == 'false' - uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/build-image@d5ab9fe53da374dd789b5d9ef10f3282197e088d # we will want to switch to this once cosmos settles back down 336617ae6d70fec60c15cc3382e17a4d2615a801 # v2.2.0 + uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/build-image@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: + should_checkout: true cl_repo: smartcontractkit/chainlink cl_ref: ${{ env.CUSTOM_CORE_REF || github.event.inputs.cl_branch_ref }} dep_solana_sha: ${{ github.event.pull_request.head.sha }} @@ -127,8 +131,9 @@ jobs: steps: - name: Collect Metrics id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@0281b09807758be1dcc41651e44e62b353808c47 # v2.1.0 + uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 with: + id: e2e_custom_run_smoke_tests org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} hostname: ${{ secrets.GRAFANA_INTERNAL_HOST }} @@ -144,9 +149,9 @@ jobs: echo "CUSTOM_CORE_REF=${core_ref}" >> "${GITHUB_ENV}" fi - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Download Artifacts - uses: actions/download-artifact@v3 + uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: artifacts path: ${{ env.CONTRACT_ARTIFACTS_PATH }} @@ -167,7 +172,7 @@ jobs: # shellcheck disable=SC2086 echo "BASE64_CONFIG_OVERRIDE=$BASE64_CONFIG_OVERRIDE" >> $GITHUB_ENV - name: Run Tests - uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@eccde1970eca69f079d3efb3409938a72ade8497 # v2.2.13 + uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: test_command_to_run: cd ./integration-tests && go test -timeout 24h -count=1 -run TestSolanaOCRV2Smoke -json $(args) ./smoke 2>&1 | tee /tmp/gotest.log | gotestfmt test_download_vendor_packages_command: cd ./integration-tests && go mod download diff --git a/.github/workflows/e2e_testnet_daily.yml b/.github/workflows/e2e_testnet_daily.yml index ac49bc32e..a554d0fd4 100644 --- a/.github/workflows/e2e_testnet_daily.yml +++ b/.github/workflows/e2e_testnet_daily.yml @@ -40,16 +40,17 @@ jobs: steps: - name: Collect Metrics id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@0281b09807758be1dcc41651e44e62b353808c47 # v2.1.0 + uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 with: + id: e2e_testnet_daily-changes org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} hostname: ${{ secrets.GRAFANA_INTERNAL_HOST }} this-job-name: Check Paths That Require Tests To Run continue-on-error: true - name: Checkout the repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: changes with: filters: | @@ -70,7 +71,7 @@ jobs: sha: ${{ github.sha }} steps: - name: Checkout the repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }} - name: Setup Go @@ -84,7 +85,7 @@ jobs: echo "short sha is: ${short_sha}" echo "short_sha=${short_sha}" >> "$GITHUB_OUTPUT" - name: Checkout solana - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: repository: smartcontractkit/chainlink-solana ref: develop @@ -100,7 +101,7 @@ jobs: projectserum_version: ${{ steps.psversion.outputs.projectserum_version }} steps: - name: Checkout the solana repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: repository: smartcontractkit/chainlink-solana ref: ${{ needs.get_solana_sha.outputs.sha }} @@ -123,7 +124,7 @@ jobs: steps: - name: Check if image exists id: check-image - uses: smartcontractkit/chainlink-github-actions/docker/image-exists@e865e376b8c2d594028c8d645dd6c47169b72974 # v2.2.16 + uses: smartcontractkit/chainlink-github-actions/docker/image-exists@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: repository: chainlink-solana-tests tag: ${{ needs.get_solana_sha.outputs.sha }} @@ -140,17 +141,18 @@ jobs: solana-test-image-exists, get_solana_sha, ] - container: - image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} - env: - RUSTUP_HOME: "/root/.rustup" - FORCE_COLOR: 1 + # container: + # image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} + # env: + # RUSTUP_HOME: "/root/.rustup" + # FORCE_COLOR: 1 steps: - name: Collect Metrics if: needs.changes.outputs.src == 'true' id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@0281b09807758be1dcc41651e44e62b353808c47 # v2.1.0 + uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 with: + id: e2e_testnet_daily-build-artifacts org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} hostname: ${{ secrets.GRAFANA_INTERNAL_HOST }} @@ -159,15 +161,17 @@ jobs: - name: Checkout the solana repo # Use v3.6.0 because the custom runner (container configured above) # doesn't have node20 installed which is required for versions >=4 - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: repository: smartcontractkit/chainlink-solana ref: ${{ needs.get_solana_sha.outputs.sha }} - name: Build contracts if: needs.changes.outputs.src == 'true' && needs.solana-test-image-exists.outputs.exists == 'false' - uses: smartcontractkit/chainlink-solana/.github/actions/build_contract_artifacts@21675b3a7dcdff8e790391708d4763020cace21e # stable action on December 18 2023 + uses: ./.github/actions/build_contract_artifacts with: ref: ${{ needs.get_solana_sha.outputs.sha }} + image: projectserum/build + image-version: ${{ needs.get_projectserum_version.outputs.projectserum_version }} e2e_custom_build_custom_chainlink_image: name: E2E Custom Build Custom CL Image @@ -179,7 +183,7 @@ jobs: steps: - name: Check if image exists id: check-image - uses: smartcontractkit/chainlink-github-actions/docker/image-exists@ad22fbd6f4d108b82aaf49b527bcf40f32babea8 # v2.2.1 + uses: smartcontractkit/chainlink-github-actions/docker/image-exists@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: repository: chainlink tag: solana.${{ github.sha }} @@ -187,8 +191,9 @@ jobs: AWS_ROLE_TO_ASSUME: ${{ secrets.QA_AWS_ROLE_TO_ASSUME }} - name: Build Image if: steps.check-image.outputs.exists == 'false' - uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/build-image@d5ab9fe53da374dd789b5d9ef10f3282197e088d # we will want to switch to this once cosmos settles back down 336617ae6d70fec60c15cc3382e17a4d2615a801 # v2.2.0 + uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/build-image@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: + should_checkout: true cl_repo: smartcontractkit/chainlink cl_ref: ${{ github.event.inputs.cl_branch_ref }} dep_solana_sha: ${{ github.event.pull_request.head.sha }} @@ -207,15 +212,16 @@ jobs: steps: - name: Collect Metrics id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@0281b09807758be1dcc41651e44e62b353808c47 # v2.1.0 + uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 with: + id: e2e_testnet_daily-build-test-image org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} hostname: ${{ secrets.GRAFANA_INTERNAL_HOST }} this-job-name: Build Test Image continue-on-error: true - name: Checkout the repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }} - name: Build Test Image @@ -260,17 +266,18 @@ jobs: steps: - name: Collect Metrics id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@0281b09807758be1dcc41651e44e62b353808c47 # v2.1.0 + uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 with: + id: e2e_custom_run_daily_testnet_smoke_tests org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} hostname: ${{ secrets.GRAFANA_INTERNAL_HOST }} this-job-name: E2E Run Daily Smoke Tests continue-on-error: true - name: Checkout the repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Run Tests - uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@ad22fbd6f4d108b82aaf49b527bcf40f32babea8 # v2.2.1 + uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: test_command_to_run: cd ./integration-tests && go test -timeout 24h -count=1 -run TestSolanaGauntletOCRV2Smoke -json $(args) ./smoke 2>&1 | tee /tmp/gotest.log | gotestfmt go_mod_path: ./integration-tests/go.mod diff --git a/.github/workflows/gauntlet.yml b/.github/workflows/gauntlet.yml index dc8e73db8..c2b7207ff 100644 --- a/.github/workflows/gauntlet.yml +++ b/.github/workflows/gauntlet.yml @@ -13,7 +13,7 @@ jobs: outputs: nodejs_version: ${{ steps.tool-versions.outputs.nodejs_version }} steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - uses: smartcontractkit/tool-versions-to-env-action@v1.0.8 id: tool-versions @@ -22,9 +22,9 @@ jobs: runs-on: ubuntu-latest needs: [tool_versions] steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Setup Node ${{ needs.tool_versions.outputs.nodejs_version }} - uses: actions/setup-node@v2 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: ${{ needs.tool_versions.outputs.nodejs_version }} - name: Install @@ -39,9 +39,9 @@ jobs: runs-on: ubuntu-latest needs: [tool_versions] steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Setup Node ${{ needs.tool_versions.outputs.nodejs_version }} - uses: actions/setup-node@v2 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: ${{ needs.tool_versions.outputs.nodejs_version }} - name: Install @@ -55,14 +55,14 @@ jobs: CI: true runs-on: ubuntu-latest steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26 with: nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: "sandbox = false" - name: Cache Nix - uses: cachix/cachix-action@v12 + uses: cachix/cachix-action@18cf96c7c98e048e10a83abd92116114cd8504be # v14 with: name: chainlink-cosmos authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' @@ -70,7 +70,7 @@ jobs: - run: nix develop -c yarn --cwd ./gauntlet eslint - name: Upload eslint report if: always() - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: gauntlet-eslint-report path: ./gauntlet/eslint-report.json @@ -80,9 +80,9 @@ jobs: runs-on: ubuntu-latest needs: [tool_versions] steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Setup Node ${{ needs.tool_versions.outputs.nodejs_version }} - uses: actions/setup-node@v2 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: ${{ needs.tool_versions.outputs.nodejs_version }} - name: Install diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 5cf0999f1..18f1cbe66 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -9,16 +9,16 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26 with: nix_path: nixpkgs=channel:nixos-unstable - name: golangci-lint run: nix develop -c make lint-go-integration-tests - name: Store lint report artifact if: always() - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: golangci-lint-integration-tests-report path: ./integration-tests/golangci-lint-integration-tests-report.xml @@ -28,16 +28,16 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Nix - uses: cachix/install-nix-action@29bd9290ef037a3ecbdafe83cbd2185e9dd0fa0a # v20 + uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26 with: nix_path: nixpkgs=channel:nixos-unstable - name: golangci-lint run: nix develop -c make lint-go-relay - name: Store lint report artifact if: always() - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: golangci-lint-relay-report path: ./pkg/golangci-lint-relay-report.xml \ No newline at end of file diff --git a/.github/workflows/integration-tests-publish.yml b/.github/workflows/integration-tests-publish.yml index 5f8407cc4..f03809af1 100644 --- a/.github/workflows/integration-tests-publish.yml +++ b/.github/workflows/integration-tests-publish.yml @@ -20,7 +20,7 @@ jobs: projectserum_version: ${{ steps.psversion.outputs.projectserum_version }} steps: - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Get ProjectSerum Version id: psversion uses: ./.github/actions/projectserum_version @@ -33,16 +33,19 @@ jobs: contents: read runs-on: ubuntu-latest needs: [get-projectserum-version] - container: - image: projectserum/build:${{ needs.get-projectserum-version.outputs.projectserum_version }} - env: - RUSTUP_HOME: "/root/.rustup" - FORCE_COLOR: 1 + # container: + # image: projectserum/build:${{ needs.get-projectserum-version.outputs.projectserum_version }} + # env: + # RUSTUP_HOME: "/root/.rustup" + # FORCE_COLOR: 1 steps: - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Build contracts uses: ./.github/actions/build_contract_artifacts + with: + image: projectserum/build + image-version: ${{ needs.get-projectserum-version.outputs.projectserum_version }} publish-integration-test-image: environment: integration @@ -55,15 +58,16 @@ jobs: steps: - name: Collect Metrics id: collect-gha-metrics - uses: smartcontractkit/push-gha-metrics-action@0281b09807758be1dcc41651e44e62b353808c47 # v2.1.0 + uses: smartcontractkit/push-gha-metrics-action@dea9b546553cb4ca936607c2267a09c004e4ab3f # v3.0.0 with: + id: integration-tests-publish-image org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} hostname: ${{ secrets.GRAFANA_INTERNAL_HOST }} this-job-name: Publish Integration Test Image continue-on-error: true - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ github.event.pull_request.head.sha }} - name: Build Image diff --git a/.github/workflows/lint-gh-workflows.yml b/.github/workflows/lint-gh-workflows.yml index 789eef560..dff9f7fd0 100644 --- a/.github/workflows/lint-gh-workflows.yml +++ b/.github/workflows/lint-gh-workflows.yml @@ -7,6 +7,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out Code - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Run actionlint - uses: reviewdog/action-actionlint@7556c222a14ff4583c0f772caeb7f65bb3816dc1 # v1.34.0 + uses: reviewdog/action-actionlint@51bfb044ddaed55059d16f14daedbe05a9937dc1 # v1.45.0 diff --git a/.github/workflows/monitoring.yml b/.github/workflows/monitoring.yml index 8e2119afb..76ca86c0e 100644 --- a/.github/workflows/monitoring.yml +++ b/.github/workflows/monitoring.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Setup Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 diff --git a/.github/workflows/open-pr.yml b/.github/workflows/open-pr.yml index 1da1285af..71661c422 100644 --- a/.github/workflows/open-pr.yml +++ b/.github/workflows/open-pr.yml @@ -17,8 +17,8 @@ jobs: contents: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 # checkout branch that it is called from - - uses: actions/setup-go@v3 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version-file: "go.mod" check-latest: true @@ -52,7 +52,7 @@ jobs: echo "original=$SHA" >> "$GITHUB_OUTPUT" git branch "${{ steps.run.outputs.name }}" git push origin "${{ steps.run.outputs.name }}" - - uses: planetscale/ghcommit-action@v0.1.33 + - uses: planetscale/ghcommit-action@21a8cda29f55e5cc2cdae0cdbdd08e38dd148c25 # v0.1.37 if: '!steps.check.outputs.skip' with: commit_message: ${{ steps.run.outputs.commitString }} @@ -69,14 +69,14 @@ jobs: - name: Setup GitHub Token if: '!steps.check.outputs.skip' id: token - uses: smartcontractkit/.github/actions/setup-github-token@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # setup-github-token@0.1.0 + uses: smartcontractkit/.github/actions/setup-github-token@7ac9af09dda8c553593d2153a975b43b6958fa9f # setup-github-token@0.1.2 with: aws-role-arn: ${{ secrets.AWS_OIDC_CHAINLINK_SOLANA_CICD_TOKEN_ISSUER_ROLE_ARN }} aws-lambda-url: ${{ secrets.AWS_RELENG_TEAM_GATI_LAMBDA_URL }} aws-region: ${{ secrets.AWS_REGION }} - name: Create pull request if: '!steps.check.outputs.skip' - uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0 + uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5 with: title: ${{ steps.run.outputs.prTitle }} base: ${{ steps.branch.outputs.original }} diff --git a/.github/workflows/relay.yml b/.github/workflows/relay.yml index a7f94bcbf..d9e47aea2 100644 --- a/.github/workflows/relay.yml +++ b/.github/workflows/relay.yml @@ -12,9 +12,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Setup go - uses: actions/setup-go@v3 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version-file: "go.mod" check-latest: true @@ -35,7 +35,7 @@ jobs: run: go test ./pkg/... -v -race -count=10 -timeout=15m -covermode=atomic -coverpkg=./... -coverprofile=race_coverage.txt - name: Upload Go test results if: always() - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: go-relay-test-results path: | diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 7eec6563a..6d3f36e84 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -17,7 +17,7 @@ jobs: projectserum_version: ${{ steps.psversion.outputs.projectserum_version }} steps: - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Get ProjectSerum Version id: psversion uses: ./.github/actions/projectserum_version @@ -26,74 +26,109 @@ jobs: name: Rust Run Anchor Tests runs-on: ubuntu-latest needs: [get_projectserum_version] - container: - image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} - env: - RUSTUP_HOME: "/root/.rustup" - FORCE_COLOR: 1 + # container: + # image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} + # env: + # RUSTUP_HOME: "/root/.rustup" + # FORCE_COLOR: 1 steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Cache cargo registry - uses: actions/cache@v2.1.7 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: ~/.cargo/registry key: ${{ runner.os }}-v2-cargo-registry-${{ hashFiles('**/Cargo.lock') }} - name: Cache cargo index - uses: actions/cache@v2.1.7 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: ~/.cargo/git key: ${{ runner.os }}-v2-cargo-index-${{ hashFiles('**/Cargo.lock') }} - name: Cache cargo target dir - uses: actions/cache@v2.1.7 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: contracts/target key: ${{ runner.os }}-v2-cargo-build-target-${{ hashFiles('**/Cargo.lock') }} - - run: solana-keygen new -o id.json --no-bip39-passphrase - - name: Compile typescript client + - name: run tests + env: + psversion: ${{ needs.get_projectserum_version.outputs.projectserum_version }} run: | - cd ../ts - yarn install --frozen-lockfile - yarn build - - run: yarn install --frozen-lockfile - - run: anchor test - - run: | - cd examples/hello-world - yarn install --frozen-lockfile - anchor test + docker run -v "$(pwd)/../":/repo projectserum/build:"${psversion}" bash -c "\ + set -eoux pipefail &&\ + RUSTUP_HOME=\"/root/.rustup\" &&\ + FORCE_COLOR=1 &&\ + cd /repo/contracts &&\ + solana-keygen new -o id.json --no-bip39-passphrase &&\ + cd /repo/ts &&\ + yarn install --frozen-lockfile &&\ + yarn build &&\ + cd /repo/contracts &&\ + yarn install --frozen-lockfile &&\ + anchor test &&\ + cd /repo/contracts/examples/hello-world &&\ + yarn install --frozen-lockfile &&\ + anchor test" + + # - run: solana-keygen new -o id.json --no-bip39-passphrase + # - name: Compile typescript client + # run: | + # cd ../ts + # yarn install --frozen-lockfile + # yarn build + # - name: anchor test contracts + # run: | + # yarn install --frozen-lockfile + # anchor test + # - name: anchor test hello-world + # run: | + # cd examples/hello-world + # yarn install --frozen-lockfile + # anchor test rust_lint: name: Rust Lint runs-on: ubuntu-latest needs: [get_projectserum_version] - container: - image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} - env: - RUSTUP_HOME: "/root/.rustup" - FORCE_COLOR: 1 + # container: + # image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} + # env: + # RUSTUP_HOME: "/root/.rustup" + # FORCE_COLOR: 1 steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Cache cargo registry - uses: actions/cache@v2.1.7 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: ~/.cargo/registry key: ${{ runner.os }}-v2-cargo-registry-${{ hashFiles('**/Cargo.lock') }} - name: Cache cargo index - uses: actions/cache@v2.1.7 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: ~/.cargo/git key: ${{ runner.os }}-v2-cargo-index-${{ hashFiles('**/Cargo.lock') }} - name: Cache cargo target dir - uses: actions/cache@v2.1.7 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: contracts/target key: ${{ runner.os }}-v2-cargo-build-target-${{ hashFiles('**/Cargo.lock') }} - - run: cargo check - - run: cargo clippy -- -D warnings + - name: cargo check + env: + psversion: ${{ needs.get_projectserum_version.outputs.projectserum_version }} + run: | + docker run -v "$(pwd)/../":/repo projectserum/build:"${psversion}" bash -c "\ + set -eoux pipefail &&\ + RUSTUP_HOME=\"/root/.rustup\" &&\ + FORCE_COLOR=1 &&\ + cd /repo/contracts &&\ + cargo check &&\ + cargo clippy -- -D warnings" + + # - run: cargo check + # - run: cargo clippy -- -D warnings diff --git a/.github/workflows/soak.yml b/.github/workflows/soak.yml index b49882c4c..1ceb94155 100644 --- a/.github/workflows/soak.yml +++ b/.github/workflows/soak.yml @@ -34,7 +34,7 @@ jobs: projectserum_version: ${{ steps.psversion.outputs.projectserum_version }} steps: - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Get ProjectSerum Version id: psversion uses: ./.github/actions/projectserum_version @@ -52,7 +52,7 @@ jobs: steps: - name: Check if image exists id: check-image - uses: smartcontractkit/chainlink-github-actions/docker/image-exists@336617ae6d70fec60c15cc3382e17a4d2615a801 # v2.2.0 + uses: smartcontractkit/chainlink-github-actions/docker/image-exists@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: repository: chainlink-solana-tests tag: ${{ github.sha }} @@ -67,17 +67,20 @@ jobs: contents: read runs-on: ubuntu-latest needs: [get_projectserum_version, test-image-exists] - container: - image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} - env: - RUSTUP_HOME: "/root/.rustup" - FORCE_COLOR: 1 + # container: + # image: projectserum/build:${{ needs.get_projectserum_version.outputs.projectserum_version }} + # env: + # RUSTUP_HOME: "/root/.rustup" + # FORCE_COLOR: 1 steps: - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Build contracts if: needs.test-image-exists.outputs.exists == 'false' uses: ./.github/actions/build_contract_artifacts + with: + image: projectserum/build + image-version: ${{ needs.get_projectserum_version.outputs.projectserum_version }} soak_testing_build_custom_chainlink_image: name: Soak Testing Build Custom Chainlink Image @@ -89,15 +92,16 @@ jobs: steps: - name: Check if image exists id: check-image - uses: smartcontractkit/chainlink-github-actions/docker/image-exists@336617ae6d70fec60c15cc3382e17a4d2615a801 # v2.2.0 + uses: smartcontractkit/chainlink-github-actions/docker/image-exists@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: repository: chainlink tag: solana.${{ github.sha }} AWS_REGION: ${{ secrets.QA_AWS_REGION }} AWS_ROLE_TO_ASSUME: ${{ secrets.QA_AWS_ROLE_TO_ASSUME }} - name: Build Image - uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/build-image@cosmos_one_off # we will want to switch back to this once cosmos cools off336617ae6d70fec60c15cc3382e17a4d2615a801 # v2.2.0 + uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/build-image@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: + should_checkout: true cl_repo: smartcontractkit/chainlink cl_ref: ${{ github.event.inputs.cl_branch_ref }} dep_solana_sha: ${{ github.sha }} @@ -127,7 +131,7 @@ jobs: SELECTED_NETWORKS: SIMULATED steps: - name: Checkout the repo - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ env.REF_NAME }} - name: Build Test Image @@ -138,7 +142,7 @@ jobs: QA_AWS_REGION: ${{ secrets.QA_AWS_REGION }} QA_AWS_ACCOUNT_NUMBER: ${{ secrets.QA_AWS_ACCOUNT_NUMBER }} - name: Run Tests - uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@336617ae6d70fec60c15cc3382e17a4d2615a801 # v2.2.0 + uses: smartcontractkit/chainlink-github-actions/chainlink-testing-framework/run-tests@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: test_command_to_run: cd ./integration-tests && go test -timeout 5h -count=1 -json $(args) ./soak 2>&1 | tee /tmp/gotest.log | gotestfmt go_mod_path: ./integration-tests/go.mod diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml index fbb0f2401..2e225e4f1 100644 --- a/.github/workflows/sonar-scan.yml +++ b/.github/workflows/sonar-scan.yml @@ -13,13 +13,13 @@ jobs: if: always() steps: - name: Checkout Repository - uses: actions/checkout@v3 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ github.event.pull_request.head.sha || github.event.merge_group.head_sha }} - name: Wait for Workflows id: wait - uses: smartcontractkit/chainlink-github-actions/utils/wait-for-workflows@main + uses: smartcontractkit/chainlink-github-actions/utils/wait-for-workflows@e29366cdecfe6befff9ab8c3cfe4825218505d58 # v2.3.16 with: max-timeout: "1200" polling-interval: "30" @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out Code - uses: actions/checkout@v3 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Parse tool-versions file uses: smartcontractkit/tool-versions-to-env-action@v1.0.8 id: tool-versions @@ -48,12 +48,12 @@ jobs: if: ${{ always() }} steps: - name: Fetch blame information - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports - name: Download Golangci integration tests reports - uses: dawidd6/action-download-artifact@v2.27.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: golangci-lint.yml workflow_conclusion: "" @@ -62,7 +62,7 @@ jobs: if_no_artifact_found: warn - name: Download Golangci relay reports - uses: dawidd6/action-download-artifact@v2.27.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: golangci-lint.yml workflow_conclusion: "" @@ -71,7 +71,7 @@ jobs: if_no_artifact_found: warn - name: Download Relayer unit tests report - uses: dawidd6/action-download-artifact@v2.27.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: relay.yml workflow_conclusion: "" @@ -80,7 +80,7 @@ jobs: if_no_artifact_found: warn - name: Download gauntlet eslint reports - uses: dawidd6/action-download-artifact@v2.27.0 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe # v3.1.4 with: workflow: gauntlet.yml workflow_conclusion: "" @@ -105,7 +105,7 @@ jobs: - name: SonarQube Scan - uses: sonarsource/sonarqube-scan-action@69c1a75940dec6249b86dace6b630d3a2ae9d2a7 # v2.0.1 + uses: sonarsource/sonarqube-scan-action@53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0 # v2.0.2 with: args: > -Dsonar.go.tests.reportPaths=${{ steps.sonarqube_report_paths.outputs.sonarqube_tests_report_paths }} diff --git a/.github/workflows/upstream-tracker.yml b/.github/workflows/upstream-tracker.yml index 9b155ed02..565f9ebfc 100644 --- a/.github/workflows/upstream-tracker.yml +++ b/.github/workflows/upstream-tracker.yml @@ -28,7 +28,7 @@ jobs: echo "closed<> $GITHUB_OUTPUT echo "$CLOSED" >> $GITHUB_OUTPUT echo "EOF" >> $GITHUB_OUTPUT - - uses: actions/checkout@v3 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 if: steps.updates.outputs.open || steps.updates.outputs.closed - name: Open Issue if: steps.updates.outputs.open || steps.updates.outputs.closed diff --git a/scripts/build-contract-artifacts-action.sh b/scripts/build-contract-artifacts-action.sh new file mode 100755 index 000000000..4aa2781b3 --- /dev/null +++ b/scripts/build-contract-artifacts-action.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash +set -eoux pipefail + +export RUSTUP_HOME="/root/.rustup" +export FORCE_COLOR=1 + +SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +REPO=${SCRIPT_DIR}/../ +CONTRACTS=${REPO}/contracts + +# install go +apt-get update +apt-get install -y wget +wget https://golang.org/dl/go1.21.7.linux-amd64.tar.gz +tar -xvf go1.21.7.linux-amd64.tar.gz +mv go /usr/local +export PATH=/usr/local/go/bin:$PATH +export GOPATH=$HOME/go +export GOBIN=$GOPATH/bin +export PATH=$GOBIN:$PATH +go version + +# install git +apt-get install software-properties-common -y +add-apt-repository ppa:git-core/ppa +apt update +apt install git -y +cd "${REPO}" +git config --global --add safe.directory "${REPO}" + +# install achor-go +go install github.com/gagliardetto/anchor-go@v0.2.3 + +# initial build +cd "${CONTRACTS}" +yarn install --frozen-lockfile +anchor build + +# generate contract artifacts +cd "${REPO}" +./scripts/anchor-go-gen.sh