799e387437
All checks were successful
AITBC CLI Level 1 Commands Test / test-cli-level1 (push) Successful in 16s
api-endpoint-tests / test-api-endpoints (push) Successful in 33s
package-tests / test-python-packages (map[name:aitbc-agent-sdk path:packages/py/aitbc-agent-sdk python_version:3.13]) (push) Successful in 5s
package-tests / test-python-packages (map[name:aitbc-cli path:. python_version:3.13]) (push) Successful in 7s
package-tests / test-python-packages (map[name:aitbc-core path:packages/py/aitbc-core python_version:3.13]) (push) Successful in 6s
package-tests / test-python-packages (map[name:aitbc-crypto path:packages/py/aitbc-crypto python_version:3.13]) (push) Successful in 6s
package-tests / test-python-packages (map[name:aitbc-sdk path:packages/py/aitbc-sdk python_version:3.13]) (push) Successful in 6s
package-tests / test-javascript-packages (map[name:aitbc-sdk node_version:24 path:packages/js/aitbc-sdk]) (push) Successful in 7s
python-tests / test (push) Successful in 18s
integration-tests / test-service-integration (push) Successful in 1m23s
python-tests / test-specific (push) Has been skipped
security-scanning / audit (push) Successful in 18s
systemd-sync / sync-systemd (push) Successful in 5s
package-tests / cross-language-compatibility (push) Successful in 4s
package-tests / package-integration-tests (push) Successful in 10s
smart-contract-tests / test-solidity-contracts (map[config:hardhat.config.ts name:aitbc-token path:packages/solidity/aitbc-token tool:hardhat]) (push) Successful in 1m24s
smart-contract-tests / lint-solidity (push) Successful in 4s
🔥 REAL ROOT CAUSE: Network + URL mismatch (not CI logic) ❌ Before: https://gitea.bubuit.net (port 443, HTTPS) ✅ After: http://gitea.bubuit.net:3000 (port 3000, HTTP) Fixed Files: - .gitea/workflows/systemd-sync.yml - .gitea/workflows/security-scanning.yml - .gitea/workflows/python-tests.yml - .gitea/workflows/smart-contract-tests.yml - .gitea/workflows/integration-tests.yml - .gitea/workflows/cli-level1-tests.yml - .gitea/workflows/api-endpoint-tests.yml - .gitea/workflows/package-tests.yml Root Cause Analysis: - Service runs on: http://10.0.3.107:3000 - DNS resolves: gitea.bubuit.net → 10.0.3.107 - BUT wrong protocol: https (443) instead of http (3000) - Connection failed: "Failed to connect to gitea.bubuit.net port 443" Verification: ✅ curl -I http://gitea.bubuit.net:3000 → HTTP/1.1 200 OK ✅ git ls-remote http://gitea.bubuit.net:3000/oib/aitbc.git → refs returned This fixes ALL CI workflow cloning failures. No infrastructure changes needed - just correct URLs.
291 lines
10 KiB
YAML
291 lines
10 KiB
YAML
name: smart-contract-tests
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
paths:
|
|
- 'contracts/**'
|
|
- 'packages/solidity/**'
|
|
- '.gitea/workflows/smart-contract-tests.yml'
|
|
pull_request:
|
|
branches: [ main, develop ]
|
|
paths:
|
|
- 'contracts/**'
|
|
- 'packages/solidity/**'
|
|
- '.gitea/workflows/smart-contract-tests.yml'
|
|
workflow_dispatch:
|
|
|
|
# Prevent parallel execution - run workflows serially
|
|
concurrency:
|
|
group: ci-workflows
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
test-solidity-contracts:
|
|
runs-on: debian
|
|
|
|
strategy:
|
|
matrix:
|
|
project:
|
|
- name: "aitbc-token"
|
|
path: "packages/solidity/aitbc-token"
|
|
config: "hardhat.config.ts"
|
|
tool: "hardhat"
|
|
|
|
steps:
|
|
- name: Setup workspace
|
|
run: |
|
|
echo "=== SOLIDITY CONTRACTS TESTS SETUP ==="
|
|
echo "Current PWD: $(pwd)"
|
|
echo "Forcing absolute workspace path..."
|
|
|
|
# Clean and create isolated workspace
|
|
rm -rf /opt/aitbc/solidity-workspace
|
|
mkdir -p /opt/aitbc/solidity-workspace
|
|
cd /opt/aitbc/solidity-workspace
|
|
|
|
# Ensure no git lock files exist
|
|
find . -name "*.lock" -delete 2>/dev/null || true
|
|
|
|
echo "Workspace PWD: $(pwd)"
|
|
echo "Cloning repository..."
|
|
git clone http://gitea.bubuit.net:3000/oib/aitbc.git repo
|
|
|
|
cd repo
|
|
echo "Repo PWD: $(pwd)"
|
|
echo "Files in repo:"
|
|
ls -la
|
|
|
|
echo "=== SOLIDITY PROJECT: ${{ matrix.project.name }} ==="
|
|
echo "Project path: ${{ matrix.project.path }}"
|
|
echo "Config file: ${{ matrix.project.config }}"
|
|
|
|
- name: Setup Node.js
|
|
run: |
|
|
cd /opt/aitbc/solidity-workspace/repo/${{ matrix.project.path }}
|
|
echo "Current Node.js version: $(node -v)"
|
|
echo "Using installed Node.js version - no installation needed"
|
|
|
|
# Verify Node.js is available
|
|
if ! command -v node >/dev/null 2>&1; then
|
|
echo "❌ Node.js not found - please install Node.js first"
|
|
exit 1
|
|
fi
|
|
|
|
echo "✅ Node.js $(node -v) is available and ready"
|
|
|
|
- name: Install Hardhat Dependencies
|
|
if: matrix.project.tool == 'hardhat'
|
|
run: |
|
|
echo "=== INSTALLING HARDHAT DEPENDENCIES ==="
|
|
cd /opt/aitbc/solidity-workspace/repo/${{ matrix.project.path }}
|
|
|
|
echo "Current Node.js version: $(node -v)"
|
|
echo "Using installed Node.js version - no installation needed"
|
|
|
|
# Verify Node.js is available
|
|
if ! command -v node >/dev/null 2>&1; then
|
|
echo "❌ Node.js not found - please install Node.js first"
|
|
exit 1
|
|
fi
|
|
|
|
echo "✅ Node.js $(node -v) is available and ready"
|
|
|
|
# Install npm dependencies
|
|
echo "Installing npm dependencies..."
|
|
npm install --legacy-peer-deps
|
|
|
|
# Install missing Hardhat toolbox dependencies
|
|
echo "Installing Hardhat toolbox dependencies..."
|
|
npm install --save-dev "@nomicfoundation/hardhat-chai-matchers@^2.0.0" "@nomicfoundation/hardhat-ethers@^3.0.0" "@nomicfoundation/hardhat-ignition-ethers@^0.15.0" "@nomicfoundation/hardhat-network-helpers@^1.0.0" "@nomicfoundation/hardhat-verify@^2.0.0" "@typechain/ethers-v6@^0.5.0" "@typechain/hardhat@^9.0.0" "ethers@^6.4.0" "hardhat-gas-reporter@^1.0.8" "solidity-coverage@^0.8.1" "typechain@^8.3.0" --legacy-peer-deps
|
|
|
|
# Install missing Hardhat ignition dependencies
|
|
echo "Installing Hardhat ignition dependencies..."
|
|
npm install --save-dev "@nomicfoundation/hardhat-ignition@^0.15.16" "@nomicfoundation/ignition-core@^0.15.15" --legacy-peer-deps
|
|
|
|
# Verify installation
|
|
npx hardhat --version
|
|
echo "✅ Hardhat dependencies installed successfully"
|
|
|
|
|
|
- name: Compile Contracts (Hardhat)
|
|
if: matrix.project.tool == 'hardhat'
|
|
run: |
|
|
echo "=== COMPILING HARDHAT CONTRACTS ==="
|
|
cd /opt/aitbc/solidity-workspace/repo/${{ matrix.project.path }}
|
|
|
|
echo "🔥 Using Hardhat - CI-friendly and reliable"
|
|
|
|
# Clear cache and recompile
|
|
echo "Clearing Hardhat cache..."
|
|
npx hardhat clean
|
|
|
|
# Compile contracts
|
|
echo "Compiling contracts..."
|
|
npx hardhat compile
|
|
|
|
# Check if compilation succeeded
|
|
if [[ $? -eq 0 ]]; then
|
|
echo "✅ Hardhat contracts compiled successfully"
|
|
# Check compilation output
|
|
echo "Compilation artifacts:"
|
|
ls -la artifacts/
|
|
else
|
|
echo "❌ Compilation failed, trying with older OpenZeppelin version..."
|
|
|
|
# Fallback: downgrade OpenZeppelin
|
|
echo "Installing OpenZeppelin v4.9.6 (compatible with older Solidity)..."
|
|
npm install --save-dev "@openzeppelin/contracts@^4.9.6" --legacy-peer-deps
|
|
|
|
# Clear cache and recompile
|
|
npx hardhat clean
|
|
npx hardhat compile
|
|
|
|
if [[ $? -eq 0 ]]; then
|
|
echo "✅ Hardhat contracts compiled successfully with OpenZeppelin v4.9.6"
|
|
echo "Compilation artifacts:"
|
|
ls -la artifacts/
|
|
else
|
|
echo "❌ Compilation still failed, checking for issues..."
|
|
echo "Available contracts:"
|
|
find contracts/ -name "*.sol" | head -5
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
|
|
- name: Run Contract Tests (Hardhat)
|
|
if: matrix.project.tool == 'hardhat'
|
|
run: |
|
|
echo "=== RUNNING HARDHAT CONTRACT TESTS ==="
|
|
cd /opt/aitbc/solidity-workspace/repo/${{ matrix.project.path }}
|
|
|
|
echo "🔥 Using Hardhat - CI-friendly and reliable"
|
|
|
|
# Run tests
|
|
npx hardhat test
|
|
|
|
echo "✅ Hardhat contract tests completed"
|
|
|
|
|
|
- name: Contract Security Analysis
|
|
run: |
|
|
echo "=== CONTRACT SECURITY ANALYSIS ==="
|
|
cd /opt/aitbc/solidity-workspace/repo/${{ matrix.project.path }}
|
|
|
|
echo "🔥 Using Hardhat - CI-friendly and reliable"
|
|
# Hardhat security checks
|
|
echo "Running Hardhat security checks..."
|
|
npx hardhat test 2>&1 | grep -i "revert\|error\|fail" || echo "Security checks completed"
|
|
|
|
# Run Slither if available
|
|
if command -v slither >/dev/null 2>&1; then
|
|
echo "Running Slither security analysis..."
|
|
slither . --filter medium,high --json slither-report.json --exclude B108 || echo "Slither analysis completed with warnings"
|
|
else
|
|
echo "Slither not available, skipping security analysis"
|
|
fi
|
|
|
|
echo "✅ Contract security analysis completed"
|
|
|
|
- name: Gas Optimization Report
|
|
run: |
|
|
echo "=== GAS OPTIMIZATION REPORT ==="
|
|
cd /opt/aitbc/solidity-workspace/repo/${{ matrix.project.path }}
|
|
|
|
echo "🔥 Using Hardhat - CI-friendly and reliable"
|
|
echo "Gas optimization for Hardhat project:"
|
|
echo "Check npx hardhat test output for gas usage information"
|
|
|
|
# Generate gas report if possible
|
|
npx hardhat test --show-gas-usage > gas-report.txt 2>&1 || true
|
|
|
|
echo "Gas optimization summary:"
|
|
cat gas-report.txt | grep -E "gas used|Gas usage" || echo "No gas report available"
|
|
|
|
echo "✅ Gas optimization report completed"
|
|
|
|
- name: Check Contract Sizes
|
|
run: |
|
|
echo "=== CONTRACT SIZE ANALYSIS ==="
|
|
cd /opt/aitbc/solidity-workspace/repo/${{ matrix.project.path }}
|
|
|
|
echo "🔥 Using Hardhat - CI-friendly and reliable"
|
|
echo "Contract sizes for Hardhat project:"
|
|
ls -la artifacts/contracts/ | head -10
|
|
|
|
# Check contract bytecode sizes if available
|
|
for contract in artifacts/contracts/**/*.json; do
|
|
if [ -f "$contract" ]; then
|
|
name=$(basename "$contract" .json)
|
|
size=$(jq -r '.bytecode | length / 2' "$contract" 2>/dev/null || echo "0")
|
|
if [ "$size" != "0" ]; then
|
|
echo "$name: $size bytes"
|
|
fi
|
|
fi
|
|
done
|
|
|
|
echo "✅ Contract size analysis completed"
|
|
|
|
- name: Upload Test Results
|
|
if: always()
|
|
run: |
|
|
echo "=== UPLOADING TEST RESULTS ==="
|
|
cd /opt/aitbc/solidity-workspace/repo/${{ matrix.project.path }}
|
|
|
|
# Create results directory
|
|
mkdir -p test-results
|
|
|
|
# Copy test results
|
|
echo "🔥 Hardhat test results - CI-friendly and reliable"
|
|
# Hardhat results
|
|
npx hardhat test > test-results/hardhat-test-output.txt 2>&1 || true
|
|
cp -r artifacts/ test-results/ 2>/dev/null || true
|
|
cp gas-report.txt test-results/ 2>/dev/null || true
|
|
cp slither-report.json test-results/ 2>/dev/null || true
|
|
|
|
echo "Test results saved to test-results/"
|
|
ls -la test-results/
|
|
|
|
echo "✅ Test results uploaded"
|
|
|
|
lint-solidity:
|
|
runs-on: debian
|
|
needs: test-solidity-contracts
|
|
|
|
steps:
|
|
- name: Setup workspace
|
|
run: |
|
|
echo "=== SOLIDITY LINTING SETUP ==="
|
|
rm -rf /opt/aitbc/solidity-lint-workspace
|
|
mkdir -p /opt/aitbc/solidity-lint-workspace
|
|
cd /opt/aitbc/solidity-lint-workspace
|
|
|
|
# Ensure no git lock files exist
|
|
find . -name "*.lock" -delete 2>/dev/null || true
|
|
|
|
git clone http://gitea.bubuit.net:3000/oib/aitbc.git repo
|
|
cd repo
|
|
|
|
- name: Lint Solidity Contracts
|
|
run: |
|
|
echo "=== LINTING SOLIDITY CONTRACTS ==="
|
|
|
|
# Lint Hardhat projects only
|
|
echo "🔥 Linting Hardhat projects - CI-friendly and reliable"
|
|
if [ -d "packages/solidity/aitbc-token" ]; then
|
|
cd packages/solidity/aitbc-token
|
|
npm install --legacy-peer-deps
|
|
npm run lint || echo "Linting completed with warnings"
|
|
cd ../../..
|
|
fi
|
|
|
|
if [ -f "contracts/hardhat.config.js" ]; then
|
|
cd contracts
|
|
npm install --legacy-peer-deps
|
|
npm run lint || echo "Linting completed with warnings"
|
|
cd ..
|
|
fi
|
|
|
|
echo "✅ Solidity linting completed"
|