d1472667eb
Some checks failed
CI / Frontend Lint (pull_request) Failing after 7s
CI / Frontend Type Check (pull_request) Failing after 7s
CI / Frontend Build (pull_request) Failing after 6s
CI / Frontend E2E Tests (pull_request) Failing after 7s
CI / Orchestrator Build (pull_request) Failing after 5s
CI / Orchestrator Unit Tests (pull_request) Failing after 6s
CI / Orchestrator E2E (Testcontainers) (pull_request) Has been skipped
CI / Contracts Compile (pull_request) Failing after 6s
CI / Contracts Test (pull_request) Failing after 5s
Code Quality / SonarQube Analysis (pull_request) Failing after 19s
Code Quality / Code Quality Checks (pull_request) Failing after 4s
Security Scan / Dependency Vulnerability Scan (pull_request) Failing after 4s
Security Scan / OWASP ZAP Scan (pull_request) Failing after 3s
Closes the CurrenciCombo side of proxmox blocker EXT-CHAIN138-CI-RPC now that https://rpc.public-0138.defi-oracle.io is live (verified: eth_chainId -> 0x8a / 138, eth_blockNumber returns a plausible positive height). Adds orchestrator/tests/e2e/notaryChainPublicRpc.e2e.test.ts -- a **read-only** E2E suite that targets the real public Chain 138 RPC instead of a locally-spawned ganache. We don't own a funded key on Chain 138 in CI and writing against mainnet-equivalent infra would be reckless, so the suite sticks to non-destructive calls: 1. provider.getNetwork() returns a descriptor 2. eth_chainId == 138 3. eth_blockNumber > 0 4. eth_getBlockByNumber returns a well-formed block with timestamp past 2020-09-13 5. plans(bytes32) call against NOTARY_REGISTRY_ADDRESS (if set) returns a zero'd record for a synthetic key -- proves the ABI matches the deployed contract without mutating state 6. orchestrator's services/notaryChain.ts gracefully mock-falls- back when the public RPC is configured but no signing key is set Gated on BOTH RUN_E2E=1 AND E2E_USE_PUBLIC_CHAIN138=1 so the default E2E path stays offline (existing ganache-based round-trip tests don't need network). CI: the orchestrator-e2e job now runs with E2E_USE_PUBLIC_CHAIN138=1, so the 'run-e2e' PR label triggers **both** the Postgres Testcontainers suite and the public Chain 138 suite. Verification: RUN_E2E=1 E2E_USE_PUBLIC_CHAIN138=1 npx jest --config=jest.e2e.config.js tests/e2e/notaryChainPublicRpc.e2e.test.ts -> 6/6 passing, ~3s wall-clock. tsc --noEmit clean. No UI.
196 lines
5.6 KiB
YAML
196 lines
5.6 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: [main, develop]
|
|
pull_request:
|
|
branches: [main, develop]
|
|
|
|
jobs:
|
|
# Frontend CI
|
|
frontend-lint:
|
|
name: Frontend Lint
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: "18"
|
|
cache: "npm"
|
|
cache-dependency-path: webapp/package-lock.json
|
|
- name: Install dependencies
|
|
working-directory: webapp
|
|
run: npm ci
|
|
- name: Lint
|
|
working-directory: webapp
|
|
run: npm run lint
|
|
|
|
frontend-type-check:
|
|
name: Frontend Type Check
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: "18"
|
|
cache: "npm"
|
|
cache-dependency-path: webapp/package-lock.json
|
|
- name: Install dependencies
|
|
working-directory: webapp
|
|
run: npm ci
|
|
- name: Type check
|
|
working-directory: webapp
|
|
run: npx tsc --noEmit
|
|
|
|
frontend-build:
|
|
name: Frontend Build
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: "18"
|
|
cache: "npm"
|
|
cache-dependency-path: webapp/package-lock.json
|
|
- name: Install dependencies
|
|
working-directory: webapp
|
|
run: npm ci
|
|
- name: Build
|
|
working-directory: webapp
|
|
run: npm run build
|
|
- name: Upload build artifacts
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: frontend-build
|
|
path: webapp/.next
|
|
|
|
frontend-e2e:
|
|
name: Frontend E2E Tests
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: "18"
|
|
cache: "npm"
|
|
cache-dependency-path: webapp/package-lock.json
|
|
- name: Install dependencies
|
|
working-directory: webapp
|
|
run: npm ci
|
|
- name: Install Playwright
|
|
working-directory: webapp
|
|
run: npx playwright install --with-deps
|
|
- name: Run E2E tests
|
|
working-directory: webapp
|
|
run: npm run test:e2e
|
|
- name: Upload test results
|
|
uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: playwright-report
|
|
path: webapp/playwright-report/
|
|
|
|
# Orchestrator CI
|
|
orchestrator-build:
|
|
name: Orchestrator Build
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: "18"
|
|
cache: "npm"
|
|
cache-dependency-path: orchestrator/package-lock.json
|
|
- name: Install dependencies
|
|
working-directory: orchestrator
|
|
run: npm ci
|
|
- name: Build
|
|
working-directory: orchestrator
|
|
run: npm run build
|
|
|
|
orchestrator-test:
|
|
name: Orchestrator Unit Tests
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: "18"
|
|
cache: "npm"
|
|
cache-dependency-path: orchestrator/package-lock.json
|
|
- name: Install dependencies
|
|
working-directory: orchestrator
|
|
run: npm ci
|
|
- name: Type check
|
|
working-directory: orchestrator
|
|
run: npx tsc --noEmit
|
|
- name: Unit tests
|
|
working-directory: orchestrator
|
|
run: npm test
|
|
|
|
orchestrator-e2e:
|
|
name: Orchestrator E2E (Testcontainers)
|
|
runs-on: ubuntu-latest
|
|
# Gap-analysis v2 §7.8 / §10.8 — opt-in E2E suite that brings up
|
|
# a real Postgres container and exercises the lifecycle against it.
|
|
# Gated on a workflow label so PR runs default to the fast unit
|
|
# suite; add the `run-e2e` label to a PR to include this job.
|
|
if: contains(github.event.pull_request.labels.*.name, 'run-e2e') || github.event_name == 'push'
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: "18"
|
|
cache: "npm"
|
|
cache-dependency-path: orchestrator/package-lock.json
|
|
- name: Install dependencies
|
|
working-directory: orchestrator
|
|
run: npm ci
|
|
- name: E2E tests (Testcontainers Postgres + public Chain 138 RPC)
|
|
working-directory: orchestrator
|
|
# EXT-CHAIN138-CI-RPC resolved via the public endpoint at
|
|
# https://rpc.public-0138.defi-oracle.io — the read-only
|
|
# public-RPC suite exercises the orchestrator's ethers client
|
|
# against a real Chain 138 node alongside the ganache-based
|
|
# round-trip tests. The env var opts the public-RPC suite in;
|
|
# without it, those tests self-skip.
|
|
env:
|
|
E2E_USE_PUBLIC_CHAIN138: "1"
|
|
run: npm run test:e2e
|
|
|
|
# Smart Contracts CI
|
|
contracts-compile:
|
|
name: Contracts Compile
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: "18"
|
|
cache: "npm"
|
|
cache-dependency-path: contracts/package-lock.json
|
|
- name: Install dependencies
|
|
working-directory: contracts
|
|
run: npm ci
|
|
- name: Compile contracts
|
|
working-directory: contracts
|
|
run: npm run compile
|
|
|
|
contracts-test:
|
|
name: Contracts Test
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
- uses: actions/setup-node@v6
|
|
with:
|
|
node-version: "18"
|
|
cache: "npm"
|
|
cache-dependency-path: contracts/package-lock.json
|
|
- name: Install dependencies
|
|
working-directory: contracts
|
|
run: npm ci
|
|
- name: Run tests
|
|
working-directory: contracts
|
|
run: npm run test
|
|
|