Update golanci-lint-action to scan all affected directories and corre…

…ctly upload reports Update golangci-lint action to go through all dirs if no working directory set Update paths to linter reports Restore producing test coverage report for each unit test run Remove test files fail_test.go and polished the workflows
smartcontractkit · Dec 6, 2024 · c9eb352 · c9eb352
1 parent 82e451d
commit c9eb352
Show file tree

Hide file tree

Showing 5 changed files with 78 additions and 28 deletions.
diff --git a/.github/actions/golangci-lint/action.yml b/.github/actions/golangci-lint/action.yml
@@ -42,10 +42,6 @@ runs:
     - name: Touching core/web/assets/index.html
       shell: bash
       run: mkdir -p core/web/assets && touch core/web/assets/index.html
-    - name: Build binary
-      working-directory: ${{ inputs.go-directory }}
-      shell: bash
-      run: go build ./...
     - name: Set golangci-lint working directory
       shell: bash
       id: set-working-directory
@@ -59,18 +55,40 @@ runs:
     - name: golangci-lint
       uses: golangci/golangci-lint-action@38e1018663fa5173f3968ea0777460d3de38f256 # v5.3.0
       with:
-        version: v1.61.0
+        version: v1.62.2
         only-new-issues: true
         args: --out-format colored-line-number,checkstyle:golangci-lint-report.xml
         working-directory: ${{ steps.set-working-directory.outputs.golangci-lint-working-directory }}
     - name: Print lint report artifact
       if: failure()
       shell: bash
-      run: cat ${{ inputs.go-directory }}/golangci-lint-report.xml
+      run: cat ./${{ inputs.go-directory }}/golangci-lint-report.xml
+    - name: Get suffix for artifact name
+      # This validation ensures a valid name for the upload-artifact suffix in the next step
+      # If the `go-directory` has a forward slash, it will be replaced by a dash: `core/scripts` -> `core-scripts`
+      # It helps to avoid the error: `The artifact name is not valid: golangci-lint-report-core/scripts`, caused by a forward slash /`
+      if: always()
+      id: suffix
+      shell: bash
+      run: |
+        echo "Validating if directory name '${{ inputs.go-directory }}' fits for the upload-artifact suffix (no slashes)"
+        go_directory="${{ inputs.go-directory }}"
+        if [[ $go_directory == *\/* ]]; then
+          suffix=$(echo "${go_directory}" | tr '/' '-')
+          echo "Updated directory name '${{ inputs.go-directory }}' to a valid artifact suffix '${suffix}'"
+        else
+          suffix="$go_directory"
+          echo "Directory name is valid for the artifact suffix: '${go_directory}'"
+        fi
+        echo "suffix=${suffix}" | tee -a $GITHUB_OUTPUT
     - name: Store lint report artifact
       if: always()
       uses: actions/[email protected]
       with:
-        name: golangci-lint-report
-        path: ${{ inputs.go-directory }}/golangci-lint-report.xml
-        retention-days: 7
+        # For the reason this action is used in multiple workflows and `strategy.matrix` 
+        # several lint reports will be generated in the directories this action is triggered.  
+        # To avoid duplication-related errors,leading to inability to upload the artifacts,
+        # It is necessary to add a suffix to its name. 
+        name: golangci-lint-report-${{ steps.suffix.outputs.suffix }}
+        # The ./ is needed to preserve the valid pattern for the artifact path
+        path: ./${{ inputs.go-directory }}/golangci-lint-report.xml
diff --git a/.github/workflows/ci-core.yml b/.github/workflows/ci-core.yml
@@ -33,6 +33,7 @@ jobs:
     permissions:
       pull-requests: read
     outputs:
+      affected-packages: ${{ steps.affected-modules.outputs.changes }}
       deployment-changes: ${{ steps.match-some.outputs.deployment == 'true' }}
       should-run-ci-core: ${{ steps.match-some.outputs.core-ci == 'true' || steps.match-every.outputs.non-ignored == 'true' ||  github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' }}
       should-run-golangci: ${{ steps.match-some.outputs.golang-ci == 'true' || steps.match-every.outputs.non-ignored == 'true' || github.event_name == 'workflow_dispatch' }}
@@ -47,7 +48,7 @@ jobs:
         with:
           # "if any changed file matches one or more of the conditions" (https://github.com/dorny/paths-filter/issues/225)
           predicate-quantifier: some
-          # deployment - any changes to files in `deployments/`
+          # deployment - any changes to files in the `deployments/`
           # core-ci - any changes that could affect this workflow definition
           # golang-ci - any changes that could affect the linting result
           filters: |
@@ -75,6 +76,7 @@ jobs:
             non-ignored:
               - '**'
               - '!docs/**'
+              - '!fuzz/**'
               - '!integration-tests/**'
               - '!tools/secrets/**'
               - '!tools/goreleaser-config/**'
@@ -91,24 +93,43 @@ jobs:
               - '!nix-darwin-shell-hook.sh'
               - '!LICENSE'
               - '!.github/**'
-    
+      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+        id: affected-modules
+        with:
+          # This filter returns a list of affected packages names (not simply `true` or `false`) 
+          # Use the following syntax `package_name: 'path/to/package/**'`
+          filters: |
+            ccip: 'ccip/**'
+            common: 'common/**'
+            core: 'core/**'
+            dashboard-lib: 'dashboard-lib/**'
+            deployment: 'deployment/**'
+            plugins: 'plugins/**'
+            tools: 'tools/**'
+              
   golangci:
-    # We don't directly merge dependabot PRs, so let's not waste the resources
-    if: ${{ (github.event_name == 'pull_request' ||  github.event_name == 'schedule') && github.actor != 'dependabot[bot]' }}
     name: lint
+    # We don't directly merge dependabot PRs, so let's not waste the resources.
+    if: ${{ (github.event_name == 'pull_request' ||  github.event_name == 'schedule') && github.actor != 'dependabot[bot]' && needs.filter.outputs.should-run-golangci == 'true' && (toJson(fromJson(needs.filter.outputs.affected-packages)) != '[]' && needs.filter.outputs.affected-packages != '')}}
+    needs: [filter, run-frequency]
     permissions:
-      # For golangci-lint-actions to annotate code in the PR.
+      # To annotate code in the PR.
       checks: write
       contents: read
       # For golangci-lint-action's `only-new-issues` option.
       pull-requests: read
     runs-on: ubuntu-24.04-8cores-32GB-ARM
-    needs: [filter, run-frequency]
+    strategy:
+      fail-fast: false
+      matrix:
+        modules: ${{ fromJson(needs.filter.outputs.affected-packages) }}
     steps:
-      - uses: actions/[email protected]
-      - name: Golang Lint
+      - name: Checkout
+        uses: actions/[email protected]
+      - name: Golang Lint (${{ matrix.modules }})
         uses: ./.github/actions/golangci-lint
-        if: ${{ needs.filter.outputs.should-run-golangci == 'true' }}
+        with: 
+          go-directory: ${{ matrix.modules }}
       - name: Notify Slack
         if: ${{ failure() && needs.run-frequency.outputs.one-per-day-frequency == 'true' }}
         uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
@@ -375,32 +396,37 @@ jobs:
 
   scan:
     name: SonarQube Scan
-    needs: [core, run-frequency]
-    if: ${{ always() && needs.run-frequency.outputs.four-per-day-frequency == 'true' && github.actor != 'dependabot[bot]' }}
+    needs: [core, golangci]
+    if: ${{ always() && github.actor != 'dependabot[bot]' }}
     runs-on: ubuntu-latest
     steps:
       - name: Checkout the repo
         uses: actions/[email protected]
         with:
           fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports
 
-      - name: Download all workflow run artifacts
+      - name: Download all workflow artifacts
         uses: actions/[email protected]
 
       - name: Check and Set SonarQube Report Paths
         shell: bash
         run: |
           # Check and assign paths for coverage/test reports in go_core_tests_logs
           if [ -d "go_core_tests_logs" ]; then
+            echo "Found go_core_tests_logs"
             sonarqube_coverage_report_paths=$(find go_core_tests_logs -name coverage.txt | paste -sd "," -)
             sonarqube_tests_report_paths=$(find go_core_tests_logs -name output.txt | paste -sd "," -)
+            echo "Coverage report paths: $sonarqube_coverage_report_paths"
+            echo "Tests report paths: $sonarqube_tests_report_paths"
           else
+            echo "Did not find go_core_tests_logs"
             sonarqube_coverage_report_paths=""
             sonarqube_tests_report_paths=""
           fi
 
           # Check and assign paths for coverage/test reports in go_core_tests_integration_logs
           if [ -d "go_core_tests_integration_logs" ]; then
+            echo "Found go_core_tests_integration_logs"
             integration_coverage_paths=$(find go_core_tests_integration_logs -name coverage.txt | paste -sd "," -)
             integration_tests_paths=$(find go_core_tests_integration_logs -name output.txt | paste -sd "," -)
             # Append to existing paths if they are set, otherwise assign directly
@@ -409,11 +435,15 @@ jobs:
           fi
 
           # Check and assign paths for lint reports
-          if [ -d "golangci-lint-report" ]; then
-            sonarqube_lint_report_paths=$(find golangci-lint-report -name golangci-lint-report.xml | paste -sd "," -)
-          else
-            sonarqube_lint_report_paths=""
-          fi
+          # To find reports in the folders named differently (because of the matrix strategy), 
+          # We need to loop through the artifacts. It allows usage of RegExp folders (skipped if not found).
+          for golang_lint_artifact in golangci-lint-report*
+          do
+              echo "Found golangci-lint-report artifacts"
+              sonarqube_lint_report_paths=$(find -type f -name 'golangci-lint-report.xml' -printf "%p,")
+              echo "Lint report paths: $sonarqube_lint_report_paths"
+              break
+          done
 
           ARGS=""
           if [[ -z "$sonarqube_tests_report_paths" ]]; then

diff --git a/.github/workflows/solidity-tracability.yml → .github/workflows/solidity-traceability.yml b/.github/workflows/solidity-tracability.yml → .github/workflows/solidity-traceability.yml
@@ -1,5 +1,5 @@
 # This workflow handles the enforcement of code Traceability via changesets and jira issue linking for our Solidity codebase.
-name: Solidity Tracability
+name: Solidity Traceability
 
 on:
   merge_group:

diff --git a/.golangci.yml b/.golangci.yml
@@ -1,5 +1,7 @@
 run:
   timeout: 15m0s
+  allow-parallel-runners: true
+  allow-serial-runners: true
 linters:
   enable:
     - containedctx

diff --git a/tools/bin/go_core_tests b/tools/bin/go_core_tests
@@ -29,4 +29,4 @@ else
   echo "All tests passed!"
 fi
 echo "go_core_tests exiting with code $EXITCODE"
-exit $EXITCODE
+exit $EXITCODE