-
Notifications
You must be signed in to change notification settings - Fork 370
348 lines (301 loc) · 11.5 KB
/
foundry.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
name: Foundry
on:
workflow_dispatch:
pull_request:
paths:
- '.github/**'
- 'bin/**'
- 'src/**'
- 'lib/**'
- 'certora/**'
- 'foundry.toml'
- '**/*.sol'
push:
branches:
- "dev"
paths:
- '.github/**'
- 'bin/**'
- 'src/**'
- 'lib/**'
- 'certora/**'
- 'foundry.toml'
- '**/*.sol'
env:
FOUNDRY_PROFILE: medium
RPC_MAINNET: ${{ secrets.RPC_MAINNET }}
RPC_HOLESKY: ${{ secrets.RPC_HOLESKY }}
CHAIN_ID: ${{ secrets.CHAIN_ID }}
jobs:
# -----------------------------------------------------------------------
# Forge Test
# -----------------------------------------------------------------------
test-suite:
name: Test
runs-on: protocol-x64-16core
strategy:
matrix:
suite: [Unit, Integration, Fork]
steps:
# Check out repository with all submodules for complete codebase access.
- uses: actions/checkout@v4
with:
submodules: recursive
# Restore Forge cache
- name: Cache Forge Build
uses: actions/cache@v3
with:
path: |
cache/
out/
key: ${{ runner.os }}-forge-${{ hashFiles('**/foundry.toml', '**/remappings.txt', 'src/**/*.sol', 'lib/**/*.sol') }}
restore-keys: |
${{ runner.os }}-forge-
# Install the Foundry toolchain.
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: stable
# Run Forge's formatting checker to ensure consistent code style.
- name: "Forge Fmt"
run: |
forge fmt --check
id: fmt
# Build the project and display contract sizes.
- name: Forge Build
run: |
forge --version
forge build --sizes
# Run the test suite in parallel based on the matrix configuration.
- name: Run ${{ matrix.suite }} tests
run: |
case "${{ matrix.suite }}" in
Unit) forge test --no-match-contract Integration ;;
Integration) forge test --match-contract Integration ;;
Fork) forge test --match-contract Integration ;;
esac
env:
FOUNDRY_PROFILE: ${{ matrix.suite == 'Fork' && 'forktest' || 'medium' }}
# -----------------------------------------------------------------------
# Forge Test (Intense)
# -----------------------------------------------------------------------
continuous-fuzzing:
name: Test (Intense)
runs-on: protocol-x64-16core
# Only run on push events to dev branch, not on PR events
if: github.event_name == 'push' && github.ref == 'refs/heads/dev'
strategy:
fail-fast: true
steps:
# Check out repository with all submodules for complete codebase access.
- uses: actions/checkout@v4
with:
submodules: recursive
# Restore Forge cache
- name: Cache Forge Build
uses: actions/cache@v3
with:
path: |
cache/
out/
key: ${{ runner.os }}-forge-${{ hashFiles('**/foundry.toml', '**/remappings.txt', 'src/**/*.sol', 'lib/**/*.sol') }}
restore-keys: |
${{ runner.os }}-forge-
# Install the Foundry toolchain.
- name: "Install Foundry"
uses: foundry-rs/foundry-toolchain@v1
with:
version: stable
# Build the project and display contract sizes.
- name: "Forge Build"
run: |
forge --version
forge build --sizes
id: build
# Run Forge Test (Intense)
- name: Forge Test (Intense)
run: |
echo -e "\033[1;33mWarning: This workflow may take several hours to complete.\033[0m"
echo -e "\033[1;33mThis intense fuzzing workflow is optional but helps catch edge cases through extended testing.\033[0m"
FOUNDRY_PROFILE=intense forge test -vvv
# -----------------------------------------------------------------------
# Forge Storage Diff
# -----------------------------------------------------------------------
storage-diff:
name: Test (Storage)
runs-on: protocol-x64-16core
steps:
# Check out repository with all submodules for complete codebase access.
- uses: actions/checkout@v4
with:
submodules: recursive
# Restore Forge cache
- name: Cache Forge Build
uses: actions/cache@v3
with:
path: |
cache/
out/
key: ${{ runner.os }}-forge-${{ hashFiles('**/foundry.toml', '**/remappings.txt', 'src/**/*.sol', 'lib/**/*.sol') }}
restore-keys: |
${{ runner.os }}-forge-
# Install the Foundry toolchain.
- name: "Install Foundry"
uses: foundry-rs/foundry-toolchain@v1
with:
version: stable
# Run storage diff check to detect storage layout incompatibilities.
- name: "Mainnet Storage Diff"
run: |
bash bin/storage-diff.sh --rpc-url ${{ secrets.RPC_MAINNET }} --etherscan-key ${{ secrets.ETHERSCAN_API_KEY }} --input .github/configs/storage-diff.json
id: storage-diff
# -----------------------------------------------------------------------
# Forge Coverage
# -----------------------------------------------------------------------
run-coverage:
name: Coverage
runs-on: protocol-x64-16core
# Only run coverage checks on dev, testnet-holesky, and mainnet branches, or PRs targeting these branches
if: |
github.ref == 'refs/heads/dev' ||
github.ref == 'refs/heads/testnet-holesky' ||
github.ref == 'refs/heads/mainnet' ||
github.base_ref == 'dev' ||
github.base_ref == 'testnet-holesky' ||
github.base_ref == 'mainnet'
strategy:
fail-fast: true
steps:
# Check out repository with all submodules for complete codebase access.
- uses: actions/checkout@v4
with:
submodules: recursive
# Restore Foundry and Forge cache
- name: Cache Foundry Dependencies
uses: actions/cache@v3
with:
path: |
~/.cargo
~/.foundry
out/
cache/
key: ${{ runner.os }}-forge-${{ hashFiles('**/foundry.toml', '**/remappings.txt', 'src/**/*.sol', 'lib/**/*.sol', '**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-foundry-
# Install the Foundry toolchain.
- name: "Install Foundry"
uses: foundry-rs/foundry-toolchain@v1
with:
version: stable
# Install LCOV for coverage report generation.
- name: Install LCOV (Prebuilt)
run: |
curl -L https://github.com/linux-test-project/lcov/releases/download/v1.16/lcov-1.16.tar.gz | tar xz
sudo cp lcov-1.16/bin/* /usr/local/bin/
sudo cp -r lcov-1.16/man/* /usr/share/man/
# Build the project and display contract sizes.
- name: "Forge Build"
run: |
forge --version
forge build --sizes
id: build
# Run Forge coverage with LCOV report format, excluding test and script files
- name: Forge Coverage
run: |
FOUNDRY_DENY_WARNINGS=false \
FOUNDRY_PROFILE=coverage \
FOUNDRY_CACHE=true \
FOUNDRY_CACHE_PATH=cache \
forge coverage --report lcov --report summary --no-match-coverage "script|test" -j $(nproc)
genhtml -q -o report ./lcov.info
# Upload coverage report as artifact before potential failure
- name: Upload Coverage Report
uses: actions/upload-artifact@v4
with:
name: code-coverage-report
path: report/*
if-no-files-found: error
# Check coverage threshold after uploading report
- name: Check Coverage Threshold
run: |
LINES_PCT=$(lcov --summary lcov.info | grep "lines" | cut -d ':' -f 2 | cut -d '%' -f 1 | tr -d '[:space:]')
FUNCTIONS_PCT=$(lcov --summary lcov.info | grep "functions" | cut -d ':' -f 2 | cut -d '%' -f 1 | tr -d '[:space:]')
FAILED=0
if (( $(echo "$LINES_PCT < 90" | bc -l) )); then
echo -e "\033[1;31m❌ Lines coverage ($LINES_PCT%) is below minimum threshold of 90%\033[0m"
FAILED=1
else
echo -e "\033[1;32m✅ Lines coverage ($LINES_PCT%) meets minimum threshold of 90%\033[0m"
fi
if (( $(echo "$FUNCTIONS_PCT < 90" | bc -l) )); then
echo -e "\033[1;31m❌ Functions coverage ($FUNCTIONS_PCT%) is below minimum threshold of 90%\033[0m"
FAILED=1
else
echo -e "\033[1;32m✅ Functions coverage ($FUNCTIONS_PCT%) meets minimum threshold of 90%\033[0m"
fi
if [ $FAILED -eq 1 ]; then
exit 1
fi
# -----------------------------------------------------------------------
# Forge Size Diff
# -----------------------------------------------------------------------
compare-contract-sizes:
name: Size Diff
runs-on: protocol-x64-16core
steps:
# Check out repository with all submodules for complete codebase access.
- uses: actions/checkout@v4
with:
submodules: recursive
# Install the Foundry toolchain.
- name: "Install Foundry"
uses: foundry-rs/foundry-toolchain@v1
with:
version: stable
- name: Build contracts on PR branch
run: |
forge build --json --sizes | jq '.' > pr_sizes.json
- name: Checkout target branch
run: |
git fetch origin ${{ github.base_ref }}
git checkout ${{ github.base_ref }}
- name: Build contracts on target branch
run: |
forge build --json --sizes | jq '.' > target_sizes.json
- name: Compare contract sizes using Bash
run: |
# Extract contract names
contracts=$(jq -r 'keys[]' pr_sizes.json)
# Track if there are any differences
has_differences=0
echo -e "\n📊 \033[1;34mContract Size Comparison Report\033[0m 📊\n"
# Iterate through contracts and compare sizes
for contract in $contracts; do
pr_runtime=$(jq -r --arg contract "$contract" '.[$contract].runtime_size // 0' pr_sizes.json)
pr_init=$(jq -r --arg contract "$contract" '.[$contract].init_size // 0' pr_sizes.json)
target_runtime=$(jq -r --arg contract "$contract" '.[$contract].runtime_size // 0' target_sizes.json)
target_init=$(jq -r --arg contract "$contract" '.[$contract].init_size // 0' target_sizes.json)
runtime_diff=$((pr_runtime - target_runtime))
init_diff=$((pr_init - target_init))
if [ "$runtime_diff" -ne 0 ] || [ "$init_diff" -ne 0 ]; then
echo -e "\033[1;36m📝 $contract:\033[0m"
if [ "$runtime_diff" -ne 0 ]; then
if [ "$runtime_diff" -gt 0 ]; then
echo -e " Runtime: \033[1;31m+$runtime_diff bytes\033[0m 📈"
else
echo -e " Runtime: \033[1;32m$runtime_diff bytes\033[0m 📉"
fi
fi
if [ "$init_diff" -ne 0 ]; then
if [ "$init_diff" -gt 0 ]; then
echo -e " Init: \033[1;31m+$init_diff bytes\033[0m 📈"
else
echo -e " Init: \033[1;32m$init_diff bytes\033[0m 📉"
fi
fi
has_differences=1
fi
done
if [ "$has_differences" -eq 0 ]; then
echo -e "\033[1;32m✨ No contract size changes detected ✨\033[0m"
fi