forked from AnnabelJoe/solarproof
-
Notifications
You must be signed in to change notification settings - Fork 0
179 lines (159 loc) · 5.75 KB
/
ci.yml
File metadata and controls
179 lines (159 loc) · 5.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
name: CI
on:
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
web:
name: Web (lint + type-check + test + build)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- name: Restore Next.js build cache
uses: actions/cache@v4
with:
path: apps/web/.next/cache
key: nextjs-${{ runner.os }}-${{ hashFiles('apps/web/**.[jt]s', 'apps/web/**.[jt]sx', 'pnpm-lock.yaml') }}
restore-keys: nextjs-${{ runner.os }}-
- name: lint (ESLint)
run: pnpm lint
working-directory: apps/web
env:
TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
- name: format check (Prettier)
run: pnpm prettier --check "**/*.{ts,tsx,md,json}" --ignore-path .gitignore
- name: type-check
run: pnpm type-check
working-directory: apps/web
env:
TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
- run: pnpm test
working-directory: apps/web
- run: pnpm build
working-directory: apps/web
env:
NEXT_PUBLIC_SUPABASE_URL: ${{ secrets.NEXT_PUBLIC_SUPABASE_URL || 'https://placeholder.supabase.co' }}
NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY || 'placeholder' }}
NEXT_PUBLIC_STELLAR_NETWORK: testnet
NEXT_PUBLIC_ENERGY_TOKEN_ID: placeholder
NEXT_PUBLIC_AUDIT_REGISTRY_ID: placeholder
NEXT_PUBLIC_COMMUNITY_GOVERNANCE_ID: placeholder
SUPABASE_SERVICE_ROLE_KEY: placeholder
MINTER_SECRET_KEY: SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
playwright-e2e:
name: Playwright E2E
runs-on: ubuntu-latest
needs: web
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- run: pnpm --filter @solarproof/web exec playwright install chromium
- run: pnpm e2e
env:
NEXT_PUBLIC_SUPABASE_URL: ${{ secrets.NEXT_PUBLIC_SUPABASE_URL || 'https://placeholder.supabase.co' }}
NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY || 'placeholder' }}
NEXT_PUBLIC_STELLAR_NETWORK: testnet
NEXT_PUBLIC_ENERGY_TOKEN_ID: placeholder
NEXT_PUBLIC_AUDIT_REGISTRY_ID: placeholder
NEXT_PUBLIC_COMMUNITY_GOVERNANCE_ID: placeholder
- name: Upload Playwright artifacts
if: always()
uses: actions/upload-artifact@v4
with:
name: playwright-test-results
path: apps/web/test-results
openapi:
name: OpenAPI spec validation
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 22
- name: Validate openapi.yaml
run: npx --yes @redocly/cli@1 lint openapi.yaml --format=github-actions
contracts:
name: Contracts (fmt + clippy + test)
runs-on: ubuntu-latest
env:
# Rotate accounts per run to avoid faucet rate limits
CI_ADMIN_ADDRESS: ${{ vars.CI_ADMIN_ADDRESS || '' }}
CI_MINTER_ADDRESS: ${{ vars.CI_MINTER_ADDRESS || '' }}
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain (pinned via rust-toolchain.toml)
uses: dtolnay/rust-toolchain@master
with:
toolchain: "1.88.0"
targets: wasm32-unknown-unknown
components: rustfmt, clippy
- uses: Swatinem/rust-cache@v2
with:
workspaces: apps/contracts
- name: fmt
run: cargo fmt --all -- --check
working-directory: apps/contracts
- name: clippy
run: cargo clippy --all-targets --all-features -- -D warnings
working-directory: apps/contracts
- name: test
run: cargo test --all
working-directory: apps/contracts
proptest:
name: Property-based tests (proptest)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust toolchain (pinned via rust-toolchain.toml)
uses: dtolnay/rust-toolchain@master
with:
toolchain: "1.88.0"
targets: wasm32-unknown-unknown
- uses: Swatinem/rust-cache@v2
with:
workspaces: apps/contracts/proptest
- name: Run proptest suite
run: cargo test
working-directory: apps/contracts/proptest
fuzz:
name: Fuzz (time-limited, corpus only)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust nightly (required by cargo-fuzz)
uses: dtolnay/rust-toolchain@master
with:
toolchain: nightly
- uses: Swatinem/rust-cache@v2
with:
workspaces: apps/contracts/fuzz
- name: Install cargo-fuzz
run: cargo install cargo-fuzz --locked
- name: fuzz_mint (30 s)
run: cargo fuzz run fuzz_mint -- -max_total_time=30 corpus/fuzz_mint
working-directory: apps/contracts/fuzz
- name: fuzz_anchor (30 s)
run: cargo fuzz run fuzz_anchor -- -max_total_time=30 corpus/fuzz_anchor
working-directory: apps/contracts/fuzz
- name: fuzz_vote (30 s)
run: cargo fuzz run fuzz_vote -- -max_total_time=30 corpus/fuzz_vote
working-directory: apps/contracts/fuzz