NoBey/openzeppelin-contracts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update docs

Browse Source
This commit is contained in:
github-actions
2023-09-19 19:19:10 +00:00
commit dbe796d542
624 changed files with 107720 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
.github/workflows/actionlint.yml vendored Normal file
View File

@ -0,0 +1,18 @@
name: lint workflows
on:
pull_request:
paths:
- '.github/**/*.ya?ml'
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Add problem matchers
run: |
# https://github.com/rhysd/actionlint/blob/3a2f2c7/docs/usage.md#problem-matchers
curl -LO https://raw.githubusercontent.com/rhysd/actionlint/main/.github/actionlint-matcher.json
echo "::add-matcher::actionlint-matcher.json"
- uses: docker://rhysd/actionlint:latest

28
.github/workflows/changeset.yml vendored Normal file
View File

@ -0,0 +1,28 @@
name: changeset
on:
pull_request:
branches:
- master
types:
- opened
- synchronize
- labeled
- unlabeled
concurrency:
group: changeset-${{ github.ref }}
cancel-in-progress: true
jobs:
check:
runs-on: ubuntu-latest
if: ${{ !contains(github.event.pull_request.labels.*.name, 'ignore-changeset') }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Include history so Changesets finds merge-base
- name: Set up environment
uses: ./.github/actions/setup
- name: Check changeset
run: npx changeset status --since=origin/${{ github.base_ref }}

116
.github/workflows/checks.yml vendored Normal file
View File

@ -0,0 +1,116 @@
name: checks
on:
push:
branches:
- master
- next-v*
- release-v*
pull_request: {}
workflow_dispatch: {}
concurrency:
group: checks-${{ github.ref }}
cancel-in-progress: true
env:
NODE_OPTIONS: --max_old_space_size=5120
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up environment
uses: ./.github/actions/setup
- run: npm run lint
tests:
runs-on: ubuntu-latest
env:
FORCE_COLOR: 1
GAS: true
steps:
- uses: actions/checkout@v4
- name: Set up environment
uses: ./.github/actions/setup
- name: Run tests and generate gas report
run: npm run test
- name: Check linearisation of the inheritance graph
run: npm run test:inheritance
- name: Check proceduraly generated contracts are up-to-date
run: npm run test:generation
- name: Compare gas costs
uses: ./.github/actions/gas-compare
if: github.base_ref == 'master'
with:
token: ${{ github.token }}
tests-upgradeable:
runs-on: ubuntu-latest
env:
FORCE_COLOR: 1
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Include history so patch conflicts are resolved automatically
- name: Set up environment
uses: ./.github/actions/setup
- name: Transpile to upgradeable
run: bash scripts/upgradeable/transpile.sh
- name: Run tests
run: npm run test
- name: Check linearisation of the inheritance graph
run: npm run test:inheritance
- name: Check storage layout
uses: ./.github/actions/storage-layout
if: github.base_ref == 'master'
continue-on-error: ${{ contains(github.event.pull_request.labels.*.name, 'breaking change') }}
with:
token: ${{ github.token }}
tests-foundry:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly
- name: Run tests
run: forge test -vv
coverage:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up environment
uses: ./.github/actions/setup
- run: npm run coverage
- uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
slither:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up environment
uses: ./.github/actions/setup
- run: rm foundry.toml
- uses: crytic/slither-action@v0.3.0
with:
node-version: 18.15
codespell:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run CodeSpell
uses: codespell-project/actions-codespell@v2.0
with:
check_hidden: true
check_filenames: true
skip: package-lock.json,*.pdf

19
.github/workflows/docs.yml vendored Normal file
View File

@ -0,0 +1,19 @@
name: Build Docs
on:
push:
branches: [release-v*]
permissions:
contents: write
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up environment
uses: ./.github/actions/setup
- run: bash scripts/git-user-config.sh
- run: node scripts/update-docs-branch.js
- run: git push --all origin

68
.github/workflows/formal-verification.yml vendored Normal file
View File

@ -0,0 +1,68 @@
name: formal verification
on:
pull_request:
types:
- opened
- reopened
- synchronize
- labeled
workflow_dispatch: {}
env:
PIP_VERSION: '3.10'
JAVA_VERSION: '11'
SOLC_VERSION: '0.8.20'
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
apply-diff:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Apply patches
run: make -C certora apply
verify:
runs-on: ubuntu-latest
if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'formal-verification')
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up environment
uses: ./.github/actions/setup
- name: identify specs that need to be run
id: arguments
run: |
if [[ ${{ github.event_name }} = 'pull_request' ]];
then
RESULT=$(git diff ${{ github.event.pull_request.head.sha }}..${{ github.event.pull_request.base.sha }} --name-only certora/specs/*.spec | while IFS= read -r file; do [[ -f $file ]] && basename "${file%.spec}"; done | tr "\n" " ")
else
RESULT='--all'
fi
echo "result=$RESULT" >> "$GITHUB_OUTPUT"
- name: Install python
uses: actions/setup-python@v4
with:
python-version: ${{ env.PIP_VERSION }}
cache: 'pip'
- name: Install python packages
run: pip install -r requirements.txt
- name: Install java
uses: actions/setup-java@v3
with:
distribution: temurin
java-version: ${{ env.JAVA_VERSION }}
- name: Install solc
run: |
wget https://github.com/ethereum/solidity/releases/download/v${{ env.SOLC_VERSION }}/solc-static-linux
sudo mv solc-static-linux /usr/local/bin/solc
chmod +x /usr/local/bin/solc
- name: Verify specification
run: |
make -C certora apply
node certora/run.js ${{ steps.arguments.outputs.result }} >> "$GITHUB_STEP_SUMMARY"
env:
CERTORAKEY: ${{ secrets.CERTORAKEY }}

218
.github/workflows/release-cycle.yml vendored Normal file
View File

@ -0,0 +1,218 @@
# D: Manual Dispatch
# M: Merge release PR
# C: Commit
# ┌───────────┐ ┌─────────────┐ ┌────────────────┐
# │Development├──D──►RC-Unreleased│ ┌──►Final-Unreleased│
# └───────────┘ └─┬─────────▲─┘ │ └─┬────────────▲─┘
# │ │ │ │ │
# M C D M C
# │ │ │ │ │
# ┌▼─────────┴┐ │ ┌▼────────────┴┐
# │RC-Released├───┘ │Final-Released│
# └───────────┘ └──────────────┘
name: Release Cycle
on:
push:
branches:
- release-v*
workflow_dispatch: {}
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
state:
name: Check state
permissions:
pull-requests: read
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up environment
uses: ./.github/actions/setup
- id: state
name: Get state
uses: actions/github-script@v6
env:
TRIGGERING_ACTOR: ${{ github.triggering_actor }}
with:
result-encoding: string
script: await require('./scripts/release/workflow/state.js')({ github, context, core })
outputs:
# Job Flags
start: ${{ steps.state.outputs.start }}
changesets: ${{ steps.state.outputs.changesets }}
promote: ${{ steps.state.outputs.promote }}
publish: ${{ steps.state.outputs.publish }}
merge: ${{ steps.state.outputs.merge }}
# Global variables
is_prerelease: ${{ steps.state.outputs.is_prerelease }}
start:
needs: state
name: Start new release candidate
permissions:
contents: write
actions: write
if: needs.state.outputs.start == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up environment
uses: ./.github/actions/setup
- run: bash scripts/git-user-config.sh
- id: start
name: Create branch with release candidate
run: bash scripts/release/workflow/start.sh
- name: Re-run workflow
uses: actions/github-script@v6
env:
REF: ${{ steps.start.outputs.branch }}
with:
script: await require('./scripts/release/workflow/rerun.js')({ github, context })
promote:
needs: state
name: Promote to final release
permissions:
contents: write
actions: write
if: needs.state.outputs.promote == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up environment
uses: ./.github/actions/setup
- run: bash scripts/git-user-config.sh
- name: Exit prerelease state
if: needs.state.outputs.is_prerelease == 'true'
run: bash scripts/release/workflow/exit-prerelease.sh
- name: Re-run workflow
uses: actions/github-script@v6
with:
script: await require('./scripts/release/workflow/rerun.js')({ github, context })
changesets:
needs: state
name: Update PR to release
permissions:
contents: write
pull-requests: write
if: needs.state.outputs.changesets == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # To get all tags
- name: Set up environment
uses: ./.github/actions/setup
- name: Set release title
uses: actions/github-script@v6
with:
result-encoding: string
script: await require('./scripts/release/workflow/set-changesets-pr-title.js')({ core })
- name: Create PR
uses: changesets/action@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PRERELEASE: ${{ needs.state.outputs.is_prerelease }}
with:
version: npm run version
title: ${{ env.TITLE }}
commit: ${{ env.TITLE }}
body: | # Wait for support on this https://github.com/changesets/action/pull/250
This is an automated PR for releasing ${{ github.repository }}
Check [CHANGELOG.md](${{ github.repository }}/CHANGELOG.md)
publish:
needs: state
name: Publish to npm
environment: npm
permissions:
contents: write
if: needs.state.outputs.publish == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up environment
uses: ./.github/actions/setup
- id: pack
name: Pack
run: bash scripts/release/workflow/pack.sh
env:
PRERELEASE: ${{ needs.state.outputs.is_prerelease }}
- name: Upload tarball artifact
uses: actions/upload-artifact@v3
with:
name: ${{ github.ref_name }}
path: ${{ steps.pack.outputs.tarball }}
- name: Tag
run: npx changeset tag
- name: Publish
run: bash scripts/release/workflow/publish.sh
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
TARBALL: ${{ steps.pack.outputs.tarball }}
TAG: ${{ steps.pack.outputs.tag }}
- name: Push tags
run: git push --tags
- name: Create Github Release
uses: actions/github-script@v6
env:
PRERELEASE: ${{ needs.state.outputs.is_prerelease }}
with:
script: await require('./scripts/release/workflow/github-release.js')({ github, context })
outputs:
tarball_name: ${{ steps.pack.outputs.tarball_name }}
integrity_check:
needs: publish
name: Tarball Integrity Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Download tarball artifact
id: artifact
# Replace with actions/upload-artifact@v3 when
# https://github.com/actions/download-artifact/pull/194 gets released
uses: actions/download-artifact@e9ef242655d12993efdcda9058dee2db83a2cb9b
with:
name: ${{ github.ref_name }}
- name: Check integrity
run: bash scripts/release/workflow/integrity-check.sh
env:
TARBALL: ${{ steps.artifact.outputs.download-path }}/${{ needs.publish.outputs.tarball_name }}
merge:
needs: state
name: Create PR back to master
permissions:
contents: write
pull-requests: write
if: needs.state.outputs.merge == 'true'
runs-on: ubuntu-latest
env:
MERGE_BRANCH: merge/${{ github.ref_name }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # All branches
- name: Set up environment
uses: ./.github/actions/setup
- run: bash scripts/git-user-config.sh
- name: Create branch to merge
run: |
git checkout -B "$MERGE_BRANCH" "$GITHUB_REF_NAME"
git push -f origin "$MERGE_BRANCH"
- name: Create PR back to master
uses: actions/github-script@v6
with:
script: |
await github.rest.pulls.create({
owner: context.repo.owner,
repo: context.repo.repo,
head: process.env.MERGE_BRANCH,
base: 'master',
title: '${{ format('Merge {0} branch', github.ref_name) }}'
});

30
.github/workflows/upgradeable.yml vendored Normal file
View File

@ -0,0 +1,30 @@
name: transpile upgradeable
on:
push:
branches:
- master
- release-v*
jobs:
transpile:
environment: push-upgradeable
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
repository: OpenZeppelin/openzeppelin-contracts-upgradeable
fetch-depth: 0
token: ${{ secrets.GH_TOKEN_UPGRADEABLE }}
- name: Fetch current non-upgradeable branch
run: |
git fetch "https://github.com/${{ github.repository }}.git" "$REF"
git checkout FETCH_HEAD
env:
REF: ${{ github.ref }}
- name: Set up environment
uses: ./.github/actions/setup
- run: bash scripts/git-user-config.sh
- name: Transpile to upgradeable
run: bash scripts/upgradeable/transpile-onto.sh ${{ github.ref_name }} origin/${{ github.ref_name }}
- run: git push origin ${{ github.ref_name }}