Skip to content

Nonce management #11222

Nonce management

Nonce management #11222

Workflow file for this run

name: CI
on:
pull_request:
merge_group:
push:
branches: [master]
workflow_dispatch:
jobs:
# INSTALL DEPS
install:
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: "20.16.0"
cache: 'yarn'
- name: Install deps via Yarn
run: yarn setup
- name: Check for frozen lockfile
run: yarn check-lockfile
- name: Zip node_modules
run: tar czf node_modules.tar.gz node_modules/
- name: Upload deps artifacts
uses: actions/upload-artifact@v4
with:
name: node_modules.tar.gz
path: node_modules.tar.gz
# BUILD THE EXTENSION
build:
runs-on: ubuntu-latest
needs: [install]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: "20.16.0"
- name: Download deps cache artifacts
uses: actions/download-artifact@v4
with:
name: node_modules.tar.gz
- name: Unzip node_modules
run: tar xzf node_modules.tar.gz
- uses: actions/checkout@v4
with:
repository: 'rainbow-me/browser-extension-env'
token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
path: tmp
- name: Copy dotenv
run: cat tmp/dotenv >> .env && rm -rf tmp
- name: Set IS_TESTING=true
run: |
sed -i 's/IS_TESTING.*/IS_TESTING=true/g' .env
- name: Fetch networks
run: yarn fetch:networks
- name: Build the extension
run: yarn build:webpack
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: rainbowbx-${{ github.sha }}
path: build/
- name: Remove old screenshots
run: rm -rf screenshots/*
# FIREFOX TESTS
# firefox-e2e-parallel:
# runs-on: ubuntu-latest
# timeout-minutes: 18
# needs: [build]
# env:
# DISPLAY: :0
# VITEST_SEGFAULT_RETRY: 4
# steps:
# - uses: actions/checkout@v4
# - uses: ./.github/actions/firefoxTestsSetup
# with:
# gh-access-token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
# - name: Run e2e parallel (Firefox)
# id: FFE2eParallel
# continue-on-error: true
# run: |
# export BROWSER=firefox
# export OS=linux
# export FIREFOX_BIN="$(pwd)/firefox/firefox"
# yarn firefox:manifest && yarn firefox:zip
# yarn vitest:parallel
# - name: Upload deps artifacts
# if: steps.FFE2eParallel.outcome == 'failure'
# uses: actions/upload-artifact@v4
# with:
# name: screenshots
# path: screenshots/
# - name: Fail if any tests failed
# if: steps.FFE2eParallel.outcome == 'failure'
# run: exit 1
# firefox-e2e-swap:
# runs-on: swaps-runner-bx
# timeout-minutes: 25
# needs: [build]
# env:
# DISPLAY: :0
# VITEST_SEGFAULT_RETRY: 4
# steps:
# - uses: actions/checkout@v4
# - uses: ./.github/actions/firefoxTestsSetup
# with:
# gh-access-token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
# - name: Run e2e Swap (Firefox)
# id: FFE2eSwap
# continue-on-error: true
# run: |
# export BROWSER=firefox
# export OS=linux
# export FIREFOX_BIN="$(pwd)/firefox/firefox"
# yarn firefox:manifest && yarn firefox:zip
# yarn vitest:swap
# - name: Upload deps artifacts
# if: steps.FFE2eSwap.outcome == 'failure'
# uses: actions/upload-artifact@v4
# with:
# name: screenshots
# path: screenshots/
# - name: Fail if any tests failed
# if: steps.FFE2eSwap.outcome == 'failure'
# run: exit 1
# firefox-e2e-send:
# runs-on: send-runner-bx
# timeout-minutes: 16
# needs: [build]
# env:
# DISPLAY: :0
# VITEST_SEGFAULT_RETRY: 4
# steps:
# - uses: actions/checkout@v4
# - uses: ./.github/actions/firefoxTestsSetup
# with:
# gh-access-token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
# - name: Run e2e Send (Firefox)
# id: FFE2eSend
# continue-on-error: true
# run: |
# export BROWSER=firefox
# export OS=linux
# export FIREFOX_BIN="$(pwd)/firefox/firefox"
# yarn firefox:manifest && yarn firefox:zip
# yarn vitest:send
# - name: Upload deps artifacts
# if: steps.FFE2eSend.outcome == 'failure'
# uses: actions/upload-artifact@v4
# with:
# name: screenshots
# path: screenshots/
# - name: Fail if any tests failed
# if: steps.FFE2eSend.outcome == 'failure'
# run: exit 1
# firefox-e2e-dappInteractions:
# runs-on: dapp-interactions-runner-bx
# timeout-minutes: 25
# needs: [build]
# env:
# DISPLAY: :0
# VITEST_SEGFAULT_RETRY: 4
# steps:
# - uses: actions/checkout@v4
# - uses: ./.github/actions/firefoxTestsSetup
# with:
# gh-access-token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
# - name: Run e2e Dapp Interactions (Firefox)
# id: FFE2eDappInteractions
# continue-on-error: true
# run: |
# export BROWSER=firefox
# export OS=linux
# export FIREFOX_BIN="$(pwd)/firefox/firefox"
# yarn firefox:manifest && yarn firefox:zip
# yarn vitest:dappInteractions
# - name: Upload deps artifacts
# if: steps.FFE2eDappInteractions.outcome == 'failure'
# uses: actions/upload-artifact@v4
# with:
# name: screenshots
# path: screenshots/
# - name: Fail if any tests failed
# if: steps.FFE2eDappInteractions.outcome == 'failure'
# run: exit 1
# CHROME TESTS
chrome-e2e-parallel:
runs-on: beefy-runner-bx
timeout-minutes: 18
needs: [build]
env:
DISPLAY: :0
VITEST_SEGFAULT_RETRY: 4
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/chromeTestsSetup
with:
gh-access-token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
- name: Run e2e parallel (Chrome)
id: ChromeE2EParallel
continue-on-error: true
run: |
export BROWSER=chrome
export OS=linux
export CHROMIUM_BIN=$(find chrome -type f -name 'chrome')
yarn vitest:parallel
- name: Upload deps artifacts
if: steps.ChromeE2EParallel.outcome == 'failure'
uses: actions/upload-artifact@v4
with:
name: screenshots
path: screenshots/
- name: Fail if any tests failed
if: steps.ChromeE2EParallel.outcome == 'failure'
run: exit 1
chrome-e2e-swap:
runs-on: swaps-runner-bx
timeout-minutes: 25
needs: [build]
env:
DISPLAY: :0
VITEST_SEGFAULT_RETRY: 3
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/chromeTestsSetup
with:
gh-access-token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
- name: Run e2e swap (Chrome)
id: ChromeE2ESwaps
continue-on-error: true
run: |
export BROWSER=chrome
export OS=linux
export CHROMIUM_BIN=$(find chrome -type f -name 'chrome')
yarn vitest:swap
- name: Upload deps artifacts
if: steps.ChromeE2ESwaps.outcome == 'failure'
uses: actions/upload-artifact@v4
with:
name: screenshots
path: screenshots/
- name: Fail if any tests failed
if: steps.ChromeE2ESwaps.outcome == 'failure'
run: exit 1
chrome-e2e-send:
runs-on: send-runner-bx
timeout-minutes: 16
needs: [build]
env:
DISPLAY: :0
VITEST_SEGFAULT_RETRY: 3
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/chromeTestsSetup
with:
gh-access-token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
- name: Run e2e send (Chrome)
id: ChromeE2ESend
continue-on-error: true
run: |
export BROWSER=chrome
export OS=linux
export CHROMIUM_BIN=$(find chrome -type f -name 'chrome')
yarn vitest:send
- name: Upload deps artifacts
if: steps.ChromeE2ESend.outcome == 'failure'
uses: actions/upload-artifact@v4
with:
name: screenshots
path: screenshots/
- name: Fail if any tests failed
if: steps.ChromeE2ESend.outcome == 'failure'
run: exit 1
chrome-optimism-e2e-send:
runs-on: send-runner-bx
timeout-minutes: 25
needs: [build]
env:
DISPLAY: :0
VITEST_SEGFAULT_RETRY: 3
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/chromeTestsSetup
with:
gh-access-token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
- name: Run Optimism e2e send (Chrome)
id: ChromeOpE2ESend
continue-on-error: true
run: |
export BROWSER=chrome
export OS=linux
export CHROMIUM_BIN=$(find chrome -type f -name 'chrome')
yarn vitest:send:optimism
- name: Upload deps artifacts
if: steps.ChromeOpE2ESend.outcome == 'failure'
uses: actions/upload-artifact@v4
with:
name: screenshots
path: screenshots/
- name: Fail if any tests failed
if: steps.ChromeOpE2ESend.outcome == 'failure'
run: exit 1
chrome-e2e-dappInteractions:
runs-on: dapp-interactions-runner-bx
timeout-minutes: 25
needs: [build]
env:
DISPLAY: :0
VITEST_SEGFAULT_RETRY: 3
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/chromeTestsSetup
with:
gh-access-token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
- name: Run e2e dappInteractions (Chrome)
id: ChromeE2EDappInteractions
continue-on-error: true
run: |
export BROWSER=chrome
export OS=linux
export CHROMIUM_BIN=$(find chrome -type f -name 'chrome')
yarn vitest:dappInteractions
- name: Upload deps artifacts
if: steps.ChromeE2EDappInteractions.outcome == 'failure'
uses: actions/upload-artifact@v4
with:
name: screenshots
path: screenshots/
- name: Fail if any tests failed
if: steps.ChromeE2EDappInteractions.outcome == 'failure'
run: exit 1
# BRAVE TESTS
# brave-e2e:
# needs: [build]
# runs-on: ubuntu-latest
# timeout-minutes: 20
# env:
# DISPLAY: :0
# VITEST_SEGFAULT_RETRY: 3
# steps:
# - uses: actions/checkout@v4
# - uses: actions/setup-node@v4
# with:
# node-version: "20.16.0"
# - name: Download deps cache artifacts
# uses: actions/download-artifact@v4
# with:
# name: node_modules.tar.gz
# - name: Unzip node_modules
# run: tar xzvf node_modules.tar.gz
# - name: Download build artifacts
# uses: actions/download-artifact@v4
# with:
# name: rainbowbx-${{ github.sha }}
# path: build
# - name: Setup xvfb
# run: |
# sudo apt-get install -y xvfb libxkbcommon-x11-0 libxcb-icccm4 libxcb-image0 libxcb-keysyms1 libxcb-randr0 libxcb-render-util0 libxcb-xinerama0 libxcb-xinput0 libxcb-xfixes0
# # start xvfb in the background
# sudo /usr/bin/Xvfb $DISPLAY -screen 0 1280x1024x24 &
# - name: Setup Brave browser
# run: |
# sudo apt install apt-transport-https curl
# sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
# echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg arch=amd64] https://brave-browser-apt-release.s3.brave.com/ stable main"|sudo tee /etc/apt/sources.list.d/brave-browser-release.list
# sudo apt update
# sudo apt install brave-browser
# - name: Install Anvil
# uses: foundry-rs/foundry-toolchain@v1
# with:
# version: nightly
# - uses: actions/checkout@v4
# with:
# repository: 'rainbow-me/browser-extension-env'
# token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
# path: tmp
# - name: Copy dotenv
# run: cat tmp/dotenv >> .env && rm -rf tmp
# - name: Run e2e (Brave)
# run: |
# export BROWSER=brave
# export OS=linux
# export BRAVE_BIN='/usr/bin/brave-browser-stable'
# yarn vitest:parallel && yarn vitest:serial
# UNIT TESTS
unit-tests:
runs-on: ubuntu-latest
needs: [install]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: "20.16.0"
- name: Download deps cache artifacts
uses: actions/download-artifact@v4
with:
name: node_modules.tar.gz
- name: Unzip node_modules
run: tar xzf node_modules.tar.gz
- name: Install rust
uses: moonrepo/[email protected]
with:
channel: stable
profile: minimal
- name: Fetch networks
run: yarn fetch:networks
- name: Install Anvil
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly
- uses: actions/checkout@v4
with:
repository: 'rainbow-me/browser-extension-env'
token: ${{ secrets.DOTENV_GITHUB_ACCESS_TOKEN }}
path: tmp
- name: Copy dotenv
run: cat tmp/dotenv >> .env && rm -rf tmp
- name: Set IS_TESTING=true
run: |
sed -i 's/IS_TESTING.*/IS_TESTING=true/g' .env
- name: Run unit tests
run: yarn test
# LINT, TYPECHECK, AUDIT
ci-checks:
runs-on: ubuntu-latest
needs: [install]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: "20.16.0"
- name: Download deps cache artifacts
uses: actions/download-artifact@v4
with:
name: node_modules.tar.gz
- name: Unzip node_modules
run: tar xzf node_modules.tar.gz
- name: DS Setup
run: yarn ds:install
- name: Fetch networks
run: yarn fetch:networks
- name: Lint
run: yarn lint
- name: Audit CI
run: yarn audit:ci
- name: Check types
run: yarn typecheck
cleanup:
runs-on: ubuntu-latest
needs: [chrome-e2e-parallel, chrome-e2e-swap, chrome-e2e-send, chrome-e2e-dappInteractions, chrome-optimism-e2e-send, unit-tests, ci-checks]
steps:
- uses: geekyeggo/delete-artifact@v5
with:
name: node_modules.tar.gz
- uses: geekyeggo/delete-artifact@v5
with:
name: screenshots