From c73479eee7f9a02f17ef76e119c10fdea5238e43 Mon Sep 17 00:00:00 2001 From: Pedro Maia Date: Wed, 18 May 2022 16:43:32 -0400 Subject: [PATCH 1/6] add slither --- .github/workflows/ci.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 943c0a7..a1ad81c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -46,3 +46,10 @@ jobs: # TODO: implement repo secrets to we can do mainnet forks for integration tests and other parameter configuration - name: Run tests run: forge test + + - name: Run Slither + uses: crytic/slither-action@v0.1.1 + continue-on-error: true # Avoid failing run if findings are found. + with: + target: 'src/' + ignore-compile: true From 3b648702c1448faac0e42559ca755f9c8eccf610 Mon Sep 17 00:00:00 2001 From: Pedro Maia Date: Wed, 18 May 2022 16:52:39 -0400 Subject: [PATCH 2/6] integrate github code scanning --- .github/workflows/ci.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a1ad81c..e0ed982 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,7 +49,14 @@ jobs: - name: Run Slither uses: crytic/slither-action@v0.1.1 - continue-on-error: true # Avoid failing run if findings are found. - with: + id: slither # is the name ised in for `steps.slither.outputs.sarif` + continue-on-error: true # Is required to let the SARIF upload step runs if slither finds issues + with: target: 'src/' + sarif: results.sarif ignore-compile: true + + - name: Upload SARIF file # Github Code Scanning integration + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: ${{ steps.slither.outputs.sarif }} From 6ad748da6ee98d44330c95a5f2f76f9dfcdfd129 Mon Sep 17 00:00:00 2001 From: Pedro Maia Date: Wed, 18 May 2022 17:06:57 -0400 Subject: [PATCH 3/6] add permissions --- .github/workflows/ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e0ed982..dcf2b2f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,6 +16,9 @@ env: jobs: ci: runs-on: ${{ matrix.os }} + permissions: + contents: read + security-events: write strategy: matrix: os: From ede53002b60574cca9224432e190ff96bf28ae4b Mon Sep 17 00:00:00 2001 From: Pedro Maia Date: Wed, 18 May 2022 18:03:35 -0400 Subject: [PATCH 4/6] move slither action to amin --- .github/workflows/ci.yml | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index dcf2b2f..37546bb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,9 +16,6 @@ env: jobs: ci: runs-on: ${{ matrix.os }} - permissions: - contents: read - security-events: write strategy: matrix: os: @@ -51,15 +48,6 @@ jobs: run: forge test - name: Run Slither - uses: crytic/slither-action@v0.1.1 - id: slither # is the name ised in for `steps.slither.outputs.sarif` - continue-on-error: true # Is required to let the SARIF upload step runs if slither finds issues - with: - target: 'src/' - sarif: results.sarif - ignore-compile: true - - - name: Upload SARIF file # Github Code Scanning integration - uses: github/codeql-action/upload-sarif@v2 + uses: crytic/slither-action@main with: - sarif_file: ${{ steps.slither.outputs.sarif }} + src: "src/" From fe71561ce173592cca4259049c0e22e1227863ad Mon Sep 17 00:00:00 2001 From: Pedro Maia Date: Thu, 19 May 2022 08:44:05 -0400 Subject: [PATCH 5/6] should work after fix with forge --- .github/workflows/ci.yml | 15 +++++++++++---- .gitignore | 3 +++ README.md | 2 ++ 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 37546bb..50282b8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,4 +1,4 @@ -name: ci +name: CI on: push: @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: submodules: recursive @@ -42,12 +42,19 @@ jobs: - name: Run lint check run: make lint - + # TODO: implement repo secrets to we can do mainnet forks for integration tests and other parameter configuration - name: Run tests run: forge test - name: Run Slither uses: crytic/slither-action@main + id: slither + continue-on-error: true + with: + sarif: results.sarif + + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v2 with: - src: "src/" + sarif_file: ${{ steps.slither.outputs.sarif }} diff --git a/.gitignore b/.gitignore index acc6710..6f0b406 100644 --- a/.gitignore +++ b/.gitignore @@ -68,6 +68,9 @@ xcuserdata/ /cache/ flattened.sol +# Python +/env/ + # ============================================================================ # # Application # ============================================================================ # diff --git a/README.md b/README.md index 5f9a643..0640264 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,8 @@ WORK IN PROGRESS ``` +![Github Actions](https://github.com/Rari-Capital/fuse-v1/workflows/CI/badge.svg) + ## Goal - Port Fuse V1 to a modern Foundry-based development stack From 0477af75860f9e55db2ec80a07ee31a42052036c Mon Sep 17 00:00:00 2001 From: Pedro Maia Date: Thu, 19 May 2022 08:49:29 -0400 Subject: [PATCH 6/6] delete badge for now --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 0640264..5f9a643 100644 --- a/README.md +++ b/README.md @@ -4,8 +4,6 @@ WORK IN PROGRESS ``` -![Github Actions](https://github.com/Rari-Capital/fuse-v1/workflows/CI/badge.svg) - ## Goal - Port Fuse V1 to a modern Foundry-based development stack