Merge pull request #890 from near/eth #1851
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Unit | |
on: | |
push: | |
branches: | |
- main | |
- develop | |
pull_request: | |
paths: | |
- ".github/workflows/unit.yml" | |
- "chain-signatures/**/*.rs" | |
- "chain-signatures/Cargo.*" | |
- "mpc-recovery/**/*.rs" | |
- "mpc-recovery/Cargo.*" | |
- "load-tests/**/*.rs" | |
- "test-oidc-provider/**/*.rs" | |
- "integration-tests/**/*.rs" | |
env: | |
RUSTFLAGS: -D warnings | |
jobs: | |
test: | |
runs-on: warp-ubuntu-latest-x64-4x | |
name: Check & Test | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install stable toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: stable | |
target: wasm32-unknown-unknown | |
- uses: WarpBuilds/cache@v1 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
target/ | |
key: "${{ runner.os }}-cargo-${{ hashFiles('mpc-recovery/Cargo.lock') }}" | |
restore-keys: ${{ runner.os }}-cargo- | |
- name: Install Protoc | |
uses: arduino/[email protected] | |
with: | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Compile Contract | |
run: cd chain-signatures && cargo build -p mpc-contract --target wasm32-unknown-unknown --release | |
- name: Compile | |
run: | | |
( cd chain-signatures ; cargo check ) | |
( cd mpc-recovery ; cargo check ) | |
( cd load-tests ; cargo check ) | |
( cd test-oidc-provider ; cargo check ) | |
( cd integration-tests/chain-signatures ; cargo check ) | |
( cd integration-tests/fastauth ; cargo check ) | |
- name: Test format | |
run: | | |
( cd chain-signatures ; cargo fmt -- --check ) | |
( cd mpc-recovery ; cargo fmt -- --check ) | |
( cd load-tests ; cargo fmt -- --check ) | |
( cd test-oidc-provider ; cargo fmt -- --check ) | |
( cd integration-tests/chain-signatures ; cargo fmt -- --check ) | |
( cd integration-tests/fastauth ; cargo fmt -- --check ) | |
- name: Test clippy | |
run: | | |
( cd chain-signatures ; cargo clippy --tests -- -Dclippy::all ) | |
( cd mpc-recovery ; cargo clippy --tests -- -Dclippy::all ) | |
( cd load-tests ; cargo clippy --tests -- -Dclippy::all ) | |
( cd test-oidc-provider ; cargo clippy --tests -- -Dclippy::all ) | |
( cd integration-tests/chain-signatures ; cargo clippy --tests -- -Dclippy::all ) | |
( cd integration-tests/fastauth ; cargo clippy --tests -- -Dclippy::all ) | |
- name: Unit tests (FastAuth) | |
working-directory: mpc-recovery | |
run: cargo test | |
- name: Unit tests (Chain Signatures) | |
working-directory: chain-signatures | |
run: cargo test | |
audit: | |
name: Audit | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install stable toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: stable | |
- name: Install Audit | |
run: cargo install cargo-audit | |
- name: Run Audit (FastAuth) | |
working-directory: integration-tests/fastauth | |
run: | | |
cargo audit --ignore RUSTSEC-2020-0071 --ignore RUSTSEC-2023-0052 --ignore RUSTSEC-2022-0093 --ignore RUSTSEC-2023-0071 --ignore RUSTSEC-2024-0019 --ignore RUSTSEC-2024-0344 --ignore RUSTSEC-2024-0357 | |
- name: Run Audit (Chain Signatures) | |
# even if previous audit step fails, run this audit step to ensure all crates are audited | |
if: always() | |
working-directory: chain-signatures | |
# ALL audit exceptions must be justified here | |
# RUSTSEC-2024-0344 and RUSTSEC-2022-0093 are both to do with ed25519 signatures in near-sdk, we don't sign things with this library so it's safe | |
# RUSTSEC-2022-0054 wee-alloc is unmaintained, it's fine for now because we barely use an allocator and the contracts are short lived, but we should find a replacement/use the default allocator | |
# RUSTSEC-2021-0145 atty can do an unallocated read with a custom allocator in windows. We don't run this in windows and we don't use a custom allocator. | |
run: | | |
cargo audit --ignore RUSTSEC-2022-0093 --ignore RUSTSEC-2024-0344 --ignore RUSTSEC-2022-0054 --ignore RUSTSEC-2021-0145 |