Bump actions/checkout from 2 to 4 (#4) #32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Integration | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| FOUNDRY_PROFILE: ci | |
| jobs: | |
| build-n-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| - name: Build contracts | |
| run: | | |
| forge --version | |
| forge build --sizes | |
| - name: Run tests | |
| run: | | |
| forge test -vvv | |
| format: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| - name: Check formatting | |
| run: | | |
| forge --version | |
| forge fmt --check | |
| coverage: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| - name: Run coverage | |
| run: forge coverage --report summary --report lcov | |
| # Adjust the paths in this step to exclude specific directories from coverage analysis. By default, | |
| # coverage results for 'test' and 'script' directories are omitted. If you prefer to track coverage | |
| # across all directories, simply disable this step. Keep in mind, this filter only affects the lcov | |
| # report; the summary table created earlier will still reflect all files and directories. | |
| # The inclusion of `--rc lcov_branch_coverage=1` ensures that branch coverage information is retained | |
| # in the lcov report, countering the default behavior of lcov which excludes branch data. | |
| - name: Filter directories | |
| run: | | |
| sudo apt update && sudo apt install -y lcov | |
| lcov --remove lcov.info 'test/*' 'script/*' --output-file lcov.info --rc lcov_branch_coverage=1 | |
| # This step automatically publishes a comprehensive coverage report as a comment on each push and | |
| # removes any previous comments. | |
| - name: Post coverage report | |
| if: github.event_name == 'pull_request' | |
| uses: romeovs/[email protected] | |
| with: | |
| delete-old-comments: true | |
| lcov-file: ./lcov.info | |
| github-token: ${{ secrets.GITHUB_TOKEN }} # Adds a coverage summary comment to the PR. | |
| # This step verifies that the minimum coverage threshold is met and fails if it is not. | |
| - name: Verify minimum coverage | |
| uses: zgosalvez/github-actions-report-lcov@v4 | |
| with: | |
| coverage-files: ./lcov.info | |
| minimum-coverage: 100 # Set coverage threshold. | |
| code-analysis: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| # required for uploading slither sarif results | |
| security-events: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run static analysis with slither | |
| uses: crytic/[email protected] | |
| id: slither | |
| continue-on-error: true | |
| with: | |
| sarif: results.sarif | |
| slither-args: --filter-paths "./lib|./test" # exclude other contracts (open zeppelin ones) and test | |
| - name: Upload static anaylisis SARIF output file # it should also add relevant comments on PR | |
| uses: github/codeql-action/upload-sarif@v2 | |
| with: | |
| sarif_file: ${{ steps.slither.outputs.sarif }} | |
| docs: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| - name: Build documentation | |
| run: | | |
| forge --version | |
| forge doc --build |