fix: RUSTSEC-2024-0344 #760
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Integration (Multichain) | |
on: | |
push: | |
branches: | |
- develop | |
pull_request: | |
paths: | |
- integration-tests/chain-signatures/** | |
- chain-signatures/** | |
env: | |
RUSTFLAGS: -D warnings | |
jobs: | |
test: | |
name: Test | |
strategy: | |
matrix: | |
# FIXME: macos-latest-xl is disabled since colima is erroring out right now | |
os: [warp-ubuntu-latest-x64-4x] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install Docker | |
if: ${{ matrix.os == 'macos-latest-xl' }} | |
run: | | |
brew install docker | |
colima start | |
# Colima does not expose the Docker socket by default, we have to symlink it | |
# https://github.com/abiosoft/colima/blob/main/docs/FAQ.md#cannot-connect-to-the-docker-daemon-at-unixvarrundockersock-is-the-docker-daemon-running | |
sudo ln -sf $HOME/.colima/default/docker.sock /var/run/docker.sock | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Pull Relayer & Sandbox Docker Images | |
run: | | |
docker pull ghcr.io/near/os-relayer:12ba6e35690df3979fce0b36a41d0ca0db9c0ab4 | |
docker pull ghcr.io/near/near-lake-indexer:node-1.40.0 | |
docker pull localstack/localstack:3.5.0 | |
- name: Install stable toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: stable | |
target: wasm32-unknown-unknown | |
- uses: WarpBuilds/cache@v1 | |
with: | |
path: | | |
~/.cargo/bin/ | |
~/.cargo/registry/index/ | |
~/.cargo/registry/cache/ | |
~/.cargo/git/db/ | |
target/ | |
key: "${{ runner.os }}-cargo-${{ hashFiles('chain-signatures/Cargo.lock') }}" | |
restore-keys: ${{ runner.os }}-cargo- | |
- name: Install Protoc | |
uses: arduino/setup-protoc@v1.1.2 | |
with: | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Install toxiproxy-server | |
run: | | |
wget -O toxiproxy-2.9.0_linux_amd64.deb https://github.com/Shopify/toxiproxy/releases/download/v2.9.0/toxiproxy_2.9.0_linux_amd64.deb | |
sudo dpkg -i toxiproxy-2.9.0_linux_amd64.deb | |
- name: Configure AWS | |
run: | | |
# Fake AWS configuration for LocalStack | |
aws configure set region us-east-1 | |
aws --profile default configure set aws_access_key_id "123" | |
aws --profile default configure set aws_secret_access_key "456" | |
- name: Build Chain-Signatures Contract | |
working-directory: ./chain-signatures | |
run: cargo build -p mpc-contract --target wasm32-unknown-unknown --release | |
- name: Build Chain-Signatures Node | |
working-directory: ./chain-signatures | |
run: cargo build -p mpc-recovery-node --release | |
# Build the tests before actually running them to see how long the tests take to run by itself | |
# instead of including the build time in the test time report on Github. | |
- name: Build Chain-Signatures Integration Tests | |
working-directory: ./integration-tests/chain-signatures | |
run: cargo build --tests | |
- name: Test | |
working-directory: ./integration-tests/chain-signatures | |
run: cargo test --jobs 1 -- --test-threads 1 | |
env: | |
RUST_LOG: info,workspaces=warn | |
RUST_BACKTRACE: 1 |