-
Notifications
You must be signed in to change notification settings - Fork 0
75 lines (61 loc) · 2.44 KB
/
smart-contracts-ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
name: Backend CI
on:
workflow_call:
jobs:
checks:
runs-on: 'ubuntu-latest'
steps:
- name: Checkout source code
uses: actions/checkout@v3
- name: Install poetry
run: pipx install poetry
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: '3.10'
cache: 'poetry'
- name: Install algokit
run: pipx install algokit
- name: Start LocalNet
run: algokit localnet start
- name: Bootstrap dependencies
run: algokit bootstrap all
working-directory: ./backend
- name: Configure git
shell: bash
working-directory: ./backend
run: |
# set git user and email as test invoke git
git config --global user.email "[email protected]" && git config --global user.name "github-actions"
- name: Audit with pip-audit
working-directory: ./backend
run: |
# audit non dev dependencies, no exclusions
poetry export --without=dev > requirements.txt && poetry run pip-audit -r requirements.txt
# audit all dependencies, with exclusions.
# If a vulnerability is found in a dev dependency without an available fix,
# it can be temporarily ignored by adding --ignore-vuln e.g.
# --ignore-vuln "GHSA-hcpj-qp55-gfph" # GitPython vulnerability, dev only dependency
poetry run pip-audit
- name: Check formatting with Black
working-directory: ./backend
run: |
# stop the build if there are files that don't meet formatting requirements
poetry run black --check .
- name: Run tests
working-directory: ./backend
shell: bash
run: |
set -o pipefail
poetry run pytest --junitxml=pytest-junit.xml
- name: Build smart contracts
working-directory: ./backend
run: poetry run python -m smart_contracts build
- name: Check output stability of the smart contracts
shell: bash
working-directory: ./backend
run: |
# Add untracked files as empty so they come up in diff
git add -N ./smart_contracts/artifacts
# Error out if there are any changes in teal after generating output
git diff --exit-code --minimal ./smart_contracts/artifacts || (echo "::error ::Smart contract artifacts have changed, ensure committed artifacts are up to date" && exit 1);