Skip to content

Commit 6eaa0df

Browse files
authored
Merge pull request #9 from pnstack/copilot/fix-49727b87-f743-4346-b0ff-c3f47c0846f5
Setup comprehensive CI/CD pipeline with GitHub Actions
2 parents 80dc823 + 096ca97 commit 6eaa0df

17 files changed

Lines changed: 31464 additions & 15 deletions

eslintrc.js renamed to .eslintrc.js

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,13 @@ module.exports = {
1414
node: true,
1515
jest: true,
1616
},
17-
ignorePatterns: [".eslintrc.js"],
17+
ignorePatterns: [
18+
".eslintrc.js",
19+
"src/contracts/**/*",
20+
"src/web3/**/*",
21+
"dist/**/*",
22+
"artifacts/**/*",
23+
],
1824
rules: {
1925
"@typescript-eslint/interface-name-prefix": "off",
2026
"@typescript-eslint/explicit-function-return-type": "off",
Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
name: Bug Report
2+
about: Create a report to help us improve
3+
title: '[BUG] '
4+
labels: ['bug']
5+
assignees: ''
6+
7+
---
8+
9+
## Bug Description
10+
A clear and concise description of what the bug is.
11+
12+
## To Reproduce
13+
Steps to reproduce the behavior:
14+
1. Go to '...'
15+
2. Click on '....'
16+
3. Scroll down to '....'
17+
4. See error
18+
19+
## Expected Behavior
20+
A clear and concise description of what you expected to happen.
21+
22+
## Screenshots
23+
If applicable, add screenshots to help explain your problem.
24+
25+
## Environment
26+
- OS: [e.g. iOS]
27+
- Node.js version: [e.g. 18.x]
28+
- npm version: [e.g. 8.x]
29+
- Hardhat version: [e.g. 2.x]
30+
31+
## Additional Context
32+
Add any other context about the problem here.
Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
name: Feature Request
2+
about: Suggest an idea for this project
3+
title: '[FEATURE] '
4+
labels: ['enhancement']
5+
assignees: ''
6+
7+
---
8+
9+
## Is your feature request related to a problem? Please describe.
10+
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
11+
12+
## Describe the solution you'd like
13+
A clear and concise description of what you want to happen.
14+
15+
## Describe alternatives you've considered
16+
A clear and concise description of any alternative solutions or features you've considered.
17+
18+
## Additional context
19+
Add any other context or screenshots about the feature request here.

.github/dependabot.yml

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
version: 2
2+
updates:
3+
# Enable version updates for npm
4+
- package-ecosystem: "npm"
5+
directory: "/"
6+
schedule:
7+
interval: "weekly"
8+
day: "monday"
9+
open-pull-requests-limit: 10
10+
reviewers:
11+
- "npv2k1"
12+
assignees:
13+
- "npv2k1"
14+
commit-message:
15+
prefix: "deps"
16+
include: "scope"
17+
18+
# Enable security updates for GitHub Actions
19+
- package-ecosystem: "github-actions"
20+
directory: "/"
21+
schedule:
22+
interval: "weekly"
23+
commit-message:
24+
prefix: "ci"
25+
include: "scope"

.github/pull_request_template.md

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
## Description
2+
Brief description of the changes in this PR.
3+
4+
## Type of Change
5+
- [ ] Bug fix (non-breaking change which fixes an issue)
6+
- [ ] New feature (non-breaking change which adds functionality)
7+
- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
8+
- [ ] Documentation update
9+
- [ ] Code refactoring
10+
- [ ] Performance improvement
11+
- [ ] Test improvements
12+
13+
## Testing
14+
- [ ] Tests pass locally with my changes
15+
- [ ] I have added tests that prove my fix is effective or that my feature works
16+
- [ ] New and existing unit tests pass locally with my changes
17+
- [ ] I have added tests that verify security considerations
18+
19+
## Security Checklist
20+
- [ ] I have reviewed the code for potential security vulnerabilities
21+
- [ ] Smart contracts have been tested for common attack vectors
22+
- [ ] External dependencies have been reviewed for security issues
23+
24+
## Checklist
25+
- [ ] My code follows the style guidelines of this project
26+
- [ ] I have performed a self-review of my own code
27+
- [ ] I have commented my code, particularly in hard-to-understand areas
28+
- [ ] I have made corresponding changes to the documentation
29+
- [ ] My changes generate no new warnings
30+
- [ ] Any dependent changes have been merged and published

.github/workflows/ci.yml

Lines changed: 188 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,188 @@
1+
name: CI/CD
2+
3+
on:
4+
push:
5+
branches: [ main, master, develop ]
6+
pull_request:
7+
branches: [ main, master, develop ]
8+
9+
env:
10+
NODE_ENV: test
11+
12+
jobs:
13+
lint:
14+
name: Code Quality & Linting
15+
runs-on: ubuntu-latest
16+
17+
steps:
18+
- name: Checkout code
19+
uses: actions/checkout@v4
20+
21+
- name: Setup Node.js
22+
uses: actions/setup-node@v4
23+
with:
24+
node-version: '20'
25+
cache: 'npm'
26+
27+
- name: Install dependencies
28+
run: npm ci
29+
30+
- name: Run Solidity Linter
31+
run: npm run lint:sol
32+
33+
- name: Run ESLint
34+
run: npm run lint
35+
36+
- name: Check Prettier formatting
37+
run: npx prettier '**/*.{json,sol,md,ts,js}' --check
38+
39+
compile:
40+
name: Compile Contracts
41+
runs-on: ubuntu-latest
42+
43+
steps:
44+
- name: Checkout code
45+
uses: actions/checkout@v4
46+
47+
- name: Setup Node.js
48+
uses: actions/setup-node@v4
49+
with:
50+
node-version: '20'
51+
cache: 'npm'
52+
53+
- name: Install dependencies
54+
run: npm ci
55+
56+
- name: Compile Solidity contracts
57+
run: npm run compile
58+
59+
- name: Upload artifacts
60+
uses: actions/upload-artifact@v4
61+
with:
62+
name: contract-artifacts
63+
path: |
64+
artifacts/
65+
src/contracts/
66+
retention-days: 1
67+
68+
test:
69+
name: Test (Node ${{ matrix.node-version }})
70+
runs-on: ubuntu-latest
71+
needs: [compile]
72+
strategy:
73+
matrix:
74+
node-version: [18, 20]
75+
76+
steps:
77+
- name: Checkout code
78+
uses: actions/checkout@v4
79+
80+
- name: Setup Node.js ${{ matrix.node-version }}
81+
uses: actions/setup-node@v4
82+
with:
83+
node-version: ${{ matrix.node-version }}
84+
cache: 'npm'
85+
86+
- name: Install dependencies
87+
run: npm ci
88+
89+
- name: Download artifacts
90+
uses: actions/download-artifact@v4
91+
with:
92+
name: contract-artifacts
93+
path: ./
94+
95+
- name: Run tests
96+
run: npm run test
97+
98+
- name: Generate coverage report
99+
if: matrix.node-version == '20'
100+
run: npm run coverage
101+
continue-on-error: true
102+
103+
- name: Upload coverage reports
104+
if: matrix.node-version == '20'
105+
uses: actions/upload-artifact@v4
106+
with:
107+
name: coverage-report
108+
path: coverage/
109+
retention-days: 7
110+
111+
- name: Upload coverage to Codecov
112+
uses: codecov/codecov-action@v4
113+
if: matrix.node-version == '20'
114+
with:
115+
file: ./coverage/lcov.info
116+
fail_ci_if_error: false
117+
118+
build:
119+
name: Build Package
120+
runs-on: ubuntu-latest
121+
needs: [lint, compile, test]
122+
123+
steps:
124+
- name: Checkout code
125+
uses: actions/checkout@v4
126+
127+
- name: Setup Node.js
128+
uses: actions/setup-node@v4
129+
with:
130+
node-version: '20'
131+
cache: 'npm'
132+
133+
- name: Install dependencies
134+
run: npm ci
135+
136+
- name: Download artifacts
137+
uses: actions/download-artifact@v4
138+
with:
139+
name: contract-artifacts
140+
path: ./
141+
142+
- name: Build TypeScript
143+
run: npm run build
144+
145+
- name: Upload build artifacts
146+
uses: actions/upload-artifact@v4
147+
with:
148+
name: build-artifacts
149+
path: |
150+
dist/
151+
artifacts/
152+
retention-days: 7
153+
154+
security:
155+
name: Security Audit
156+
runs-on: ubuntu-latest
157+
needs: [compile]
158+
159+
steps:
160+
- name: Checkout code
161+
uses: actions/checkout@v4
162+
163+
- name: Setup Node.js
164+
uses: actions/setup-node@v4
165+
with:
166+
node-version: '20'
167+
cache: 'npm'
168+
169+
- name: Run npm audit
170+
run: npm audit --audit-level=high
171+
continue-on-error: true
172+
173+
- name: Install dependencies
174+
run: npm ci
175+
176+
- name: Download artifacts
177+
uses: actions/download-artifact@v4
178+
with:
179+
name: contract-artifacts
180+
path: ./
181+
182+
- name: Run Slither Analysis
183+
uses: crytic/slither-action@v0.3.0
184+
id: slither
185+
with:
186+
target: 'contracts/'
187+
slither-config: .slither.conf.json
188+
continue-on-error: true

.github/workflows/codeql.yml

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
name: "CodeQL"
2+
3+
on:
4+
push:
5+
branches: [ main, master, develop ]
6+
pull_request:
7+
branches: [ main, master, develop ]
8+
schedule:
9+
- cron: '0 2 * * 1' # Run every Monday at 2 AM
10+
11+
jobs:
12+
analyze:
13+
name: Analyze
14+
runs-on: ubuntu-latest
15+
permissions:
16+
actions: read
17+
contents: read
18+
security-events: write
19+
20+
strategy:
21+
fail-fast: false
22+
matrix:
23+
language: [ 'javascript' ]
24+
25+
steps:
26+
- name: Checkout repository
27+
uses: actions/checkout@v4
28+
29+
- name: Initialize CodeQL
30+
uses: github/codeql-action/init@v3
31+
with:
32+
languages: ${{ matrix.language }}
33+
34+
- name: Setup Node.js
35+
uses: actions/setup-node@v4
36+
with:
37+
node-version: '20'
38+
cache: 'npm'
39+
40+
- name: Install dependencies
41+
run: npm ci
42+
43+
- name: Build
44+
run: |
45+
npm run compile
46+
npm run build
47+
continue-on-error: true
48+
49+
- name: Perform CodeQL Analysis
50+
uses: github/codeql-action/analyze@v3

0 commit comments

Comments
 (0)