Adding slither static analyzer #247
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Protocol to Testnet Preview | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| - development | |
| types: | |
| - opened | |
| - synchronize | |
| paths: | |
| - "packages/contracts/**" | |
| env: | |
| SEPOLIA_RPC_URL: ${{ secrets.SEPOLIA_RPC_URL }} | |
| BSC_MAINNET_RPC_URL: ${{ vars.BSC_MAINNET_RPC_URL }} | |
| jobs: | |
| # TODO: use common job to decrease copy-paste | |
| deploy: | |
| name: Deploy Protocol | |
| runs-on: ubuntu-latest | |
| environment: preview | |
| env: | |
| HARDHAT_NETWORK: ${{ vars.HARDHAT_NETWORK }} # sepolia | |
| ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }} | |
| SKIP_UPGRADE_VALIDATION: ${{ vars.SKIP_UPGRADE_VALIDATION }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| # fix for EndBug/add-and-commit | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| - name: Setup NodeJS | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: "18" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn --ignore-scripts | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly-e15e33a07c0920189fc336391f538c3dad53da73 # https://github.com/foundry-rs/foundry/releases/tag/nightly-e15e33a07c0920189fc336391f538c3dad53da73 | |
| # Need for hardhat scripts | |
| - name: Link packages | |
| run: yarn bootstrap | |
| - name: Deploy Protocol | |
| env: | |
| SEPOLIA_PRIVATE_KEY: ${{ secrets.SEPOLIA_PRIVATE_KEY }} | |
| run: |- | |
| cd packages/contracts | |
| yarn hardhat deploy | |
| # Useful for automated scripts | |
| - name: Export deployments to JSON config | |
| run: |- | |
| cd packages/contracts | |
| yarn hardhat export --export-all './deployments/deployed.json' | |
| # Prefered to import in TypeScript | |
| - name: Export deployments to TypeScript config | |
| run: |- | |
| cd packages/contracts | |
| yarn hardhat export --export-all './deployments/deployed.ts' | |
| - name: Commit and push changes | |
| uses: EndBug/add-and-commit@v9 | |
| with: | |
| default_author: github_actions | |
| message: '[skip ci] Deployed contracts to Preview / Sepolia Testnet' | |
| fetch: --no-tags --recurse-submodules=no # Prevent failure due to submodules | |
| pull: '--rebase --autostash' | |
| - name: Verify deployment result | |
| run: |- | |
| cd packages/contracts | |
| yarn hardhat check-past-deployment-result | |
| publish-source-code: | |
| name: Publish Source Code | |
| runs-on: ubuntu-latest | |
| if: ${{ always() }} | |
| # Etherscan unstable and can fail, | |
| # need publish code separatly from deploy to save deployed contracts | |
| needs: deploy | |
| environment: preview | |
| env: | |
| HARDHAT_NETWORK: ${{ vars.HARDHAT_NETWORK }} # sepolia | |
| ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| # fix for EndBug/add-and-commit | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| - name: Setup NodeJS | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: "18" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn --ignore-scripts | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly-e15e33a07c0920189fc336391f538c3dad53da73 # https://github.com/foundry-rs/foundry/releases/tag/nightly-e15e33a07c0920189fc336391f538c3dad53da73 | |
| # Need for hardhat scripts | |
| - name: Link packages | |
| run: yarn bootstrap | |
| # Allow etherscan to index the contracts and prevent failures | |
| - name: Wait for 10 seconds | |
| run: sleep 10s | |
| shell: bash | |
| - name: Publish code on Etherscan | |
| env: | |
| SEPOLIA_PRIVATE_KEY: ${{ secrets.SEPOLIA_PRIVATE_KEY }} | |
| run: |- | |
| cd packages/contracts | |
| yarn hardhat etherscan-verify --license AGPL-3.0 --force-license --solc-input --sleep | |
| # Working not on all blockchains, BSC for example | |
| - name: Publish code on Sourcify | |
| run: |- | |
| cd packages/contracts | |
| yarn hardhat sourcify | |
| gas-usage: | |
| name: Check Gas usage | |
| runs-on: ubuntu-latest | |
| # Make this job after deploy to prevent failures due conflicting commits | |
| needs: deploy | |
| environment: preview | |
| env: | |
| HARDHAT_NETWORK: ${{ vars.HARDHAT_NETWORK }} # sepolia | |
| ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_API_KEY }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| # fix for EndBug/add-and-commit | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| - name: Setup NodeJS | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: "18" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn --ignore-scripts | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| with: | |
| version: nightly-e15e33a07c0920189fc336391f538c3dad53da73 # https://github.com/foundry-rs/foundry/releases/tag/nightly-e15e33a07c0920189fc336391f538c3dad53da73 | |
| # Need for hardhat scripts | |
| - name: Link packages | |
| run: yarn bootstrap | |
| - name: Report gas usage in tests | |
| run: |- | |
| cd packages/contracts | |
| forge snapshot | |
| - name: Commit and push changes | |
| uses: EndBug/add-and-commit@v9 | |
| with: | |
| default_author: github_actions | |
| message: '[skip ci] Save gas usage snapshot' | |
| fetch: --no-tags --recurse-submodules=no # Prevent failure due to submodules | |
| pull: '--rebase --autostash' | |