1fb7266469
- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control. - Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities. - Created .gitmodules to include OpenZeppelin contracts as a submodule. - Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment. - Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks. - Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring. - Created scripts for resource import and usage validation across non-US regions. - Added tests for CCIP error handling and integration to ensure robust functionality. - Included various new files and directories for the orchestration portal and deployment scripts.
122 lines
3.1 KiB
YAML
122 lines
3.1 KiB
YAML
name: Validation
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main, develop ]
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
validate-genesis:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Install jq
|
|
run: sudo apt-get update && sudo apt-get install -y jq
|
|
|
|
- name: Validate genesis file
|
|
run: ./scripts/validation/validate-genesis.sh
|
|
|
|
validate-terraform:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Setup Terraform
|
|
uses: hashicorp/setup-terraform@v2
|
|
|
|
- name: Terraform Format Check
|
|
run: |
|
|
cd terraform
|
|
terraform fmt -check
|
|
|
|
- name: Terraform Validate
|
|
run: |
|
|
cd terraform
|
|
terraform init -backend=false
|
|
terraform validate
|
|
|
|
- name: Terraform Security Scan
|
|
uses: bridgecrewio/checkov-action@master
|
|
with:
|
|
directory: terraform
|
|
framework: terraform
|
|
|
|
validate-kubernetes:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Install kubectl
|
|
uses: azure/setup-kubectl@v3
|
|
|
|
- name: Validate Kubernetes manifests
|
|
run: |
|
|
kubectl apply --dry-run=client -f k8s/base/namespace.yaml
|
|
kubectl apply --dry-run=client -f k8s/base/validators/statefulset.yaml
|
|
kubectl apply --dry-run=client -f k8s/base/sentries/statefulset.yaml
|
|
kubectl apply --dry-run=client -f k8s/base/rpc/statefulset.yaml
|
|
|
|
- name: Kubernetes Security Scan
|
|
uses: ludovico85/kube-score-action@v1
|
|
with:
|
|
path: k8s
|
|
|
|
validate-smart-contracts:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Install Foundry
|
|
uses: foundry-rs/foundry-toolchain@v1
|
|
|
|
- name: Run tests
|
|
run: forge test
|
|
|
|
- name: Run fuzz tests
|
|
run: forge test --fuzz-runs 1000
|
|
|
|
- name: Check formatting
|
|
run: forge fmt --check
|
|
|
|
- name: Smart Contract Security Scan
|
|
uses: crytic/slither-action@v0.10.0
|
|
with:
|
|
target: 'contracts'
|
|
|
|
validate-security:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Container Security Scan
|
|
uses: aquasecurity/trivy-action@master
|
|
with:
|
|
scan-type: 'image'
|
|
image-ref: 'hyperledger/besu:23.10.0'
|
|
format: 'sarif'
|
|
output: 'trivy-results.sarif'
|
|
|
|
- name: Upload Trivy results
|
|
uses: github/codeql-action/upload-sarif@v2
|
|
with:
|
|
sarif_file: 'trivy-results.sarif'
|
|
|
|
validate-documentation:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Check documentation
|
|
run: |
|
|
# Check if all required documentation exists
|
|
test -f README.md || exit 1
|
|
test -f CONTRIBUTING.md || exit 1
|
|
test -f CHANGELOG.md || exit 1
|
|
test -f docs/DEPLOYMENT.md || exit 1
|
|
test -f docs/ARCHITECTURE.md || exit 1
|
|
test -f docs/SECURITY.md || exit 1
|
|
|