-
Notifications
You must be signed in to change notification settings - Fork 16
243 lines (209 loc) · 6.34 KB
/
ci.yml
File metadata and controls
243 lines (209 loc) · 6.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
name: CI
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
workflow_dispatch:
concurrency:
group: ci-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
# Keep tool versions explicit for reproducibility
NODE_VERSION: "20"
PNPM_VERSION: "9"
# If you later add a pinned Rust toolchain in rust-toolchain.toml, actions-rs will respect it.
jobs:
meta:
name: Meta checks
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Validate YAML files
uses: ibiqlik/action-yamllint@v3
with:
file_or_dir: ".github"
config_data: |
extends: default
rules:
line-length:
max: 140
level: warning
truthy: disable
rust:
name: Rust (fmt, clippy, test, build)
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
crate:
- crates/signia-core
- crates/signia-plugins
- crates/signia-store
- crates/signia-api
- crates/signia-cli
- crates/signia-solana-client
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt, clippy
- name: Cache cargo registry + build
uses: Swatinem/rust-cache@v2
with:
workspaces: |
${{ matrix.crate }} -> target
cache-on-failure: true
- name: Rustfmt (check)
working-directory: ${{ matrix.crate }}
run: cargo fmt --all --check
- name: Clippy (deny warnings)
working-directory: ${{ matrix.crate }}
run: cargo clippy --all-targets --all-features -- -D warnings
- name: Tests
working-directory: ${{ matrix.crate }}
run: cargo test --all-features --locked
- name: Build (release)
working-directory: ${{ matrix.crate }}
run: cargo build --release --locked
- name: Upload build artifacts (CLI only)
if: ${{ matrix.crate == 'crates/signia-cli' }}
uses: actions/upload-artifact@v4
with:
name: signia-cli-linux
path: |
${{ matrix.crate }}/target/release/signia
if-no-files-found: warn
rust-workspace:
name: Rust workspace-level checks
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt, clippy
- name: Cache cargo registry + build
uses: Swatinem/rust-cache@v2
with:
cache-on-failure: true
- name: Cargo deny (supply chain policy)
run: |
if [ -f deny.toml ]; then
cargo install cargo-deny --locked
cargo deny check
else
echo "deny.toml not found; skipping cargo-deny."
fi
- name: Cargo audit (vulnerabilities)
run: |
if [ -f audit.toml ]; then
cargo install cargo-audit --locked
cargo audit
else
echo "audit.toml not found; skipping cargo-audit."
fi
node:
name: Node (lint, test, build)
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
project:
- .
- console/web
- console/interface
- sdk/ts
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: "pnpm"
- name: Setup pnpm
uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- name: Install dependencies
working-directory: ${{ matrix.project }}
run: pnpm install --frozen-lockfile
- name: Lint
working-directory: ${{ matrix.project }}
run: |
if pnpm -s run | grep -q "^lint"; then
pnpm run lint
else
echo "No lint script found; skipping."
fi
- name: Test
working-directory: ${{ matrix.project }}
run: |
if pnpm -s run | grep -q "^test"; then
pnpm run test
else
echo "No test script found; skipping."
fi
- name: Build
working-directory: ${{ matrix.project }}
run: |
if pnpm -s run | grep -q "^build"; then
pnpm run build
else
echo "No build script found; skipping."
fi
anchor:
name: Solana program (Anchor build/test)
runs-on: ubuntu-latest
# This job is optional and will run only when the program directory exists.
if: ${{ hashFiles('programs/signia-registry/Anchor.toml') != '' }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y pkg-config build-essential libssl-dev
- name: Install Solana CLI (stable)
run: |
sh -c "$(curl -sSfL https://release.solana.com/stable/install)"
echo "$HOME/.local/share/solana/install/active_release/bin" >> $GITHUB_PATH
solana --version
- name: Install Anchor
run: |
cargo install --git https://github.com/coral-xyz/anchor avm --locked
avm install latest
avm use latest
anchor --version
- name: Cache cargo registry + build
uses: Swatinem/rust-cache@v2
with:
cache-on-failure: true
- name: Anchor build
working-directory: programs/signia-registry
run: anchor build
- name: Anchor test (local validator)
working-directory: programs/signia-registry
run: anchor test
summary:
name: CI Summary
runs-on: ubuntu-latest
needs: [meta, rust, rust-workspace, node, anchor]
if: always()
steps:
- name: Print job results
run: |
echo "meta: ${{ needs.meta.result }}"
echo "rust: ${{ needs.rust.result }}"
echo "rust-workspace: ${{ needs.rust-workspace.result }}"
echo "node: ${{ needs.node.result }}"
echo "anchor: ${{ needs.anchor.result }}"