Merge branch 'develop' into feat/nimbus-full

NethermindEth · Oct 6, 2024 · 2f854ed · 2f854ed
2 parents 43de0af + 8994dad
commit 2f854ed
Show file tree

Hide file tree

Showing 103 changed files with 39,880 additions and 40,424 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -0,0 +1,39 @@
+name: CodeQL SAST
+on:
+  push:
+    branches:
+      - develop
+  pull_request:
+  schedule:
+    - cron: "23 9 * * 3"
+  workflow_dispatch:
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["go"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@5618c9fc1e675841ca52c1c6b1304f5255a905a0 #v2.19.0
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@5618c9fc1e675841ca52c1c6b1304f5255a905a0 #v2.19.0
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@5618c9fc1e675841ca52c1c6b1304f5255a905a0 #v2.19.0
diff --git a/.github/workflows/lido-exporter.yml b/.github/workflows/lido-exporter.yml
@@ -0,0 +1,73 @@
+name: Build and Release Lido Exporter Docker Image
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: 'Tag to release (e.g., lido-exporter-v1.2.3)'
+        required: true
+
+permissions:
+  contents: write
+
+jobs:
+  build:
+    name: Create and Push Docker Image
+    runs-on: ubuntu-latest
+    env:
+      TAG: ${{ github.event.inputs.tag }}
+
+    steps:
+      - name: Extract version
+        id: extract_version
+        shell: bash
+        run: |
+          VERSION=${TAG#lido-exporter-}
+          echo "VERSION=$VERSION" >> $GITHUB_ENV
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./cmd/lido-exporter/Dockerfile
+          push: true
+          tags: |
+            nethermindeth/lido-exporter:${{ env.VERSION }}
+            nethermindeth/lido-exporter:latest
+
+      - name: Log out of Docker Hub
+        run: docker logout
+
+  create-release:
+    name: Create GitHub Release
+    runs-on: ubuntu-latest
+    needs: build
+    env:
+      TAG: ${{ github.event.inputs.tag }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Create Release
+        uses: ncipollo/release-action@v1
+        with:
+          tag: ${{ env.TAG }}
+          draft: true
+          prerelease: false
+          generateReleaseNotes: true
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -10,13 +10,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - New command `lido-status` to display data of Lido Node Operator.
 - Monitoring stack setup with Grafana, Prometheus, and Node Exporter.
+- Security policy.
 - Support for Nimbus as Consensus and Validator client. 
 
 ### Changed
 - Update Go version from 1.21 to 1.22.
+- Update documentation versions and dependencies.
 
 ### Fixed
 -  Teku and Lighthouse import keys container error on Windows.
+-  Security issues on dependencies.
+-  Typos on documentation.
 
 ## [v1.5.0] - 2024-09-06
 

diff --git a/Makefile b/Makefile
@@ -9,10 +9,28 @@ LDFLAGS=-X github.com/NethermindEth/sedge/internal/utils.Version="${SEDGE_VERSIO
 compile: ## compile:
 	@mkdir -p build
 	@go build -ldflags "${LDFLAGS}" -o build/sedge cmd/sedge/main.go
+	@go build -ldflags "${LDFLAGS}" -o build/lido-exporter cmd/lido-exporter/main.go
 
 compile-linux: ## compile:
 	@mkdir -p build
 	@env GOOS=linux go build -ldflags="${LDFLAGS[*]}" -o build/sedge cmd/sedge/main.go
+	@env GOOS=linux go build -ldflags="${LDFLAGS[*]}" -o build/lido-exporter cmd/lido-exporter/main.go
+
+compile-sedge:
+	@mkdir -p build
+	@go build -ldflags "${LDFLAGS}" -o build/sedge cmd/sedge/main.go
+
+compile-lido-exporter:
+	@mkdir -p build
+	@go build -ldflags "${LDFLAGS}" -o build/lido-exporter cmd/lido-exporter/main.go
+
+compile-sedge-linux:
+	@mkdir -p build
+	@env GOOS=linux go build -ldflags="${LDFLAGS[*]}" -o build/sedge cmd/sedge/main.go
+
+compile-lido-exporter-linux:
+	@mkdir -p build
+	@env GOOS=linux go build -ldflags="${LDFLAGS[*]}" -o build/lido-exporter cmd/lido-exporter/main.go
 
 install: compile ## compile the binary and copy it to PATH
 	@sudo cp build/sedge /usr/local/bin
@@ -28,25 +46,26 @@ generate: ## generate go files
 	@abigen --abi ./internal/lido/contracts/csfeedistributor/CSFeeDistributor.abi --bin ./internal/lido/contracts/csfeedistributor/CSFeeDistributor.bin --pkg csfeedistributor --out ./internal/lido/contracts/csfeedistributor/CSFeeDistributor.go
 	@abigen --abi ./internal/lido/contracts/csaccounting/CSAccounting.abi --bin ./internal/lido/contracts/csaccounting/CSAccounting.bin --pkg csaccounting --out ./internal/lido/contracts/csaccounting/CSAccounting.go
 	@abigen --abi ./internal/lido/contracts/mevboostrelaylist/MEVBoostRelayAllowedList.abi --bin ./internal/lido/contracts/mevboostrelaylist/MEVBoostRelayAllowedList.bin --pkg mevboostrelaylist --out ./internal/lido/contracts/mevboostrelaylist/MEVBoostRelayAllowedList.go
+	@abigen --abi ./internal/lido/contracts/vebo/VEBO.abi --bin ./internal/lido/contracts/vebo/VEBO.bin --pkg vebo --out ./internal/lido/contracts/vebo/VEBO.go
 	@go generate ./...
 
 test: generate ## run tests
 	@mkdir -p coverage
-	@go test -coverprofile=coverage/coverage.out -covermode=count ./...
+	@go test -coverprofile=coverage/coverage.out -covermode=count -timeout 25m ./...
 
 e2e-test: generate ## Run e2e tests
-	@go test -timeout 20m -count=1 ./e2e/...
+	@go test -timeout 25m -count=1 ./e2e/sedge/...
 
 e2e-test-windows: generate ## Run e2e tests on Windows
-	@go test -timeout 20m -count=1 -skip TestE2E_MonitoringStack ./e2e/...
+	@go test -timeout 25m -count=1 -skip TestE2E_MonitoringStack ./e2e/sedge/...
 
 test-no-e2e: generate ## run tests excluding e2e
 	@mkdir -p coverage
 	@go test -coverprofile=coverage/coverage.out -covermode=count ./... -skip TestE2E
 
 codecov-test: generate ## unit tests with coverage using the courtney tool
 	@mkdir -p coverage
-	@courtney/courtney -v -o coverage/coverage.out -t="-skip=TestE2E" ./...
+	@go test -coverprofile=coverage/coverage.out -covermode=count -timeout 25m ./... -skip TestE2E
 	@go tool cover -html=coverage/coverage.out -o coverage/coverage.html
 
 install-gofumpt: ## install gofumpt
@@ -55,15 +74,10 @@ install-gofumpt: ## install gofumpt
 install-mockgen: ## install mockgen
 	go install github.com/golang/mock/[email protected] 
 
-install-courtney: ## Install courtney for code coverage
-	@git clone https://github.com/dave/courtney
-	@(cd courtney && go get  ./... && go build courtney.go)
-	@go get ./...
-
 install-abigen: ## install abigen
 	go install github.com/ethereum/go-ethereum/cmd/abigen@latest
 
-install-deps: | install-gofumpt install-courtney install-mockgen install-abigen ## Install some project dependencies
+install-deps: | install-gofumpt install-mockgen install-abigen ## Install some project dependencies
 
 coverage: ## show tests coverage
 	@go tool cover -html=coverage/coverage.out -o coverage/coverage.html

diff --git a/README.md b/README.md
@@ -273,6 +273,10 @@ Please check our [Contributing Guidelines](https://docs.sedge.nethermind.io/docs
 
 If you know of any good tricks for validator setup that other people could also use well, please consider adding it to Sedge. Your efforts will be greatly appreciated by the community.
 
+## 🛡️ Security 
+
+If you believe you have found a security vulnerability in our code, please report it to us as described in our [security policy](SECURITY.md).
+
 ## ⚠️ License
 
 Sedge is a Nethermind free and open-source software licensed under the [Apache 2.0 License](https://github.com/NethermindEth/sedge/blob/main/LICENSE).
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,10 @@
+# Security policy
+
+If you believe you have found a security vulnerability in our code, we encourage you to report it to us as soon as possible.
+We ask that you do not publicly disclose any details of the vulnerability until we have had an opportunity to investigate and address it. 
+
+## Reporting a vulnerability
+
+To report a security vulnerability, go to [Report a vulnerability](https://github.com/NethermindEth/sedge/security/advisories/new). This will create a draft advisory. Please provide as much detail as possible including steps to reproduce the issue and any potential impact it may have.
+
+Alternatively, you can also send an email to [email protected]. We will work to acknowledge your report within 24 hours and will keep you informed throughout our investigation and resolution process.