diff --git a/.github/actions/golangci-lint/action.yml b/.github/actions/golangci-lint/action.yml index 20ad2689deb..6f078a22cda 100644 --- a/.github/actions/golangci-lint/action.yml +++ b/.github/actions/golangci-lint/action.yml @@ -42,10 +42,6 @@ runs: - name: Touching core/web/assets/index.html shell: bash run: mkdir -p core/web/assets && touch core/web/assets/index.html - - name: Build binary - working-directory: ${{ inputs.go-directory }} - shell: bash - run: go build ./... - name: Set golangci-lint working directory shell: bash id: set-working-directory @@ -59,18 +55,40 @@ runs: - name: golangci-lint uses: golangci/golangci-lint-action@38e1018663fa5173f3968ea0777460d3de38f256 # v5.3.0 with: - version: v1.61.0 + version: v1.62.2 only-new-issues: true args: --out-format colored-line-number,checkstyle:golangci-lint-report.xml working-directory: ${{ steps.set-working-directory.outputs.golangci-lint-working-directory }} - name: Print lint report artifact if: failure() shell: bash - run: cat ${{ inputs.go-directory }}/golangci-lint-report.xml + run: cat ./${{ inputs.go-directory }}/golangci-lint-report.xml + - name: Get suffix for artifact name + # This validation ensures a valid name for the upload-artifact suffix in the next step + # If the `go-directory` has a forward slash, it will be replaced by a dash: `core/scripts` -> `core-scripts` + # It helps to avoid the error: `The artifact name is not valid: golangci-lint-report-core/scripts`, caused by a forward slash /` + if: always() + id: suffix + shell: bash + run: | + echo "Validating if directory name '${{ inputs.go-directory }}' fits for the upload-artifact suffix (no slashes)" + go_directory="${{ inputs.go-directory }}" + if [[ $go_directory == *\/* ]]; then + suffix=$(echo "${go_directory}" | tr '/' '-') + echo "Updated directory name '${{ inputs.go-directory }}' to a valid artifact suffix '${suffix}'" + else + suffix="$go_directory" + echo "Directory name is valid for the artifact suffix: '${go_directory}'" + fi + echo "suffix=${suffix}" | tee -a $GITHUB_OUTPUT - name: Store lint report artifact if: always() uses: actions/upload-artifact@v4.4.3 with: - name: golangci-lint-report - path: ${{ inputs.go-directory }}/golangci-lint-report.xml - retention-days: 7 + # For the reason this action is used in multiple workflows and `strategy.matrix` + # several lint reports will be generated in the directories this action is triggered. + # To avoid duplication-related errors,leading to inability to upload the artifacts, + # It is necessary to add a suffix to its name. + name: golangci-lint-report-${{ steps.suffix.outputs.suffix }} + # The ./ is needed to preserve the valid pattern for the artifact path + path: ./${{ inputs.go-directory }}/golangci-lint-report.xml diff --git a/.github/workflows/ci-core.yml b/.github/workflows/ci-core.yml index c38ecd918ae..9db33950bf9 100644 --- a/.github/workflows/ci-core.yml +++ b/.github/workflows/ci-core.yml @@ -33,6 +33,7 @@ jobs: permissions: pull-requests: read outputs: + affected-packages: ${{ steps.affected-modules.outputs.changes }} deployment-changes: ${{ steps.match-some.outputs.deployment == 'true' }} should-run-ci-core: ${{ steps.match-some.outputs.core-ci == 'true' || steps.match-every.outputs.non-ignored == 'true' || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule' }} should-run-golangci: ${{ steps.match-some.outputs.golang-ci == 'true' || steps.match-every.outputs.non-ignored == 'true' || github.event_name == 'workflow_dispatch' }} @@ -47,7 +48,7 @@ jobs: with: # "if any changed file matches one or more of the conditions" (https://github.com/dorny/paths-filter/issues/225) predicate-quantifier: some - # deployment - any changes to files in `deployments/` + # deployment - any changes to files in the `deployments/` # core-ci - any changes that could affect this workflow definition # golang-ci - any changes that could affect the linting result filters: | @@ -75,6 +76,7 @@ jobs: non-ignored: - '**' - '!docs/**' + - '!fuzz/**' - '!integration-tests/**' - '!tools/secrets/**' - '!tools/goreleaser-config/**' @@ -91,24 +93,43 @@ jobs: - '!nix-darwin-shell-hook.sh' - '!LICENSE' - '!.github/**' - + - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 + id: affected-modules + with: + # This filter returns a list of affected packages names (not simply `true` or `false`) + # Use the following syntax `package_name: 'path/to/package/**'` + filters: | + ccip: 'ccip/**' + common: 'common/**' + core: 'core/**' + dashboard-lib: 'dashboard-lib/**' + deployment: 'deployment/**' + plugins: 'plugins/**' + tools: 'tools/**' + golangci: - # We don't directly merge dependabot PRs, so let's not waste the resources - if: ${{ (github.event_name == 'pull_request' || github.event_name == 'schedule') && github.actor != 'dependabot[bot]' }} name: lint + # We don't directly merge dependabot PRs, so let's not waste the resources. + if: ${{ (github.event_name == 'pull_request' || github.event_name == 'schedule') && github.actor != 'dependabot[bot]' && needs.filter.outputs.should-run-golangci == 'true' && (toJson(fromJson(needs.filter.outputs.affected-packages)) != '[]' && needs.filter.outputs.affected-packages != '')}} + needs: [filter, run-frequency] permissions: - # For golangci-lint-actions to annotate code in the PR. + # To annotate code in the PR. checks: write contents: read # For golangci-lint-action's `only-new-issues` option. pull-requests: read runs-on: ubuntu-24.04-8cores-32GB-ARM - needs: [filter, run-frequency] + strategy: + fail-fast: false + matrix: + modules: ${{ fromJson(needs.filter.outputs.affected-packages) }} steps: - - uses: actions/checkout@v4.2.1 - - name: Golang Lint + - name: Checkout + uses: actions/checkout@v4.2.1 + - name: Golang Lint (${{ matrix.modules }}) uses: ./.github/actions/golangci-lint - if: ${{ needs.filter.outputs.should-run-golangci == 'true' }} + with: + go-directory: ${{ matrix.modules }} - name: Notify Slack if: ${{ failure() && needs.run-frequency.outputs.one-per-day-frequency == 'true' }} uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 @@ -375,8 +396,8 @@ jobs: scan: name: SonarQube Scan - needs: [core, run-frequency] - if: ${{ always() && needs.run-frequency.outputs.four-per-day-frequency == 'true' && github.actor != 'dependabot[bot]' }} + needs: [core, golangci] + if: ${{ always() && github.actor != 'dependabot[bot]' }} runs-on: ubuntu-latest steps: - name: Checkout the repo @@ -384,7 +405,7 @@ jobs: with: fetch-depth: 0 # fetches all history for all tags and branches to provide more metadata for sonar reports - - name: Download all workflow run artifacts + - name: Download all workflow artifacts uses: actions/download-artifact@v4.1.8 - name: Check and Set SonarQube Report Paths @@ -392,15 +413,20 @@ jobs: run: | # Check and assign paths for coverage/test reports in go_core_tests_logs if [ -d "go_core_tests_logs" ]; then + echo "Found go_core_tests_logs" sonarqube_coverage_report_paths=$(find go_core_tests_logs -name coverage.txt | paste -sd "," -) sonarqube_tests_report_paths=$(find go_core_tests_logs -name output.txt | paste -sd "," -) + echo "Coverage report paths: $sonarqube_coverage_report_paths" + echo "Tests report paths: $sonarqube_tests_report_paths" else + echo "Did not find go_core_tests_logs" sonarqube_coverage_report_paths="" sonarqube_tests_report_paths="" fi # Check and assign paths for coverage/test reports in go_core_tests_integration_logs if [ -d "go_core_tests_integration_logs" ]; then + echo "Found go_core_tests_integration_logs" integration_coverage_paths=$(find go_core_tests_integration_logs -name coverage.txt | paste -sd "," -) integration_tests_paths=$(find go_core_tests_integration_logs -name output.txt | paste -sd "," -) # Append to existing paths if they are set, otherwise assign directly @@ -409,11 +435,15 @@ jobs: fi # Check and assign paths for lint reports - if [ -d "golangci-lint-report" ]; then - sonarqube_lint_report_paths=$(find golangci-lint-report -name golangci-lint-report.xml | paste -sd "," -) - else - sonarqube_lint_report_paths="" - fi + # To find reports in the folders named differently (because of the matrix strategy), + # We need to loop through the artifacts. It allows usage of RegExp folders (skipped if not found). + for golang_lint_artifact in golangci-lint-report* + do + echo "Found golangci-lint-report artifacts" + sonarqube_lint_report_paths=$(find -type f -name 'golangci-lint-report.xml' -printf "%p,") + echo "Lint report paths: $sonarqube_lint_report_paths" + break + done ARGS="" if [[ -z "$sonarqube_tests_report_paths" ]]; then diff --git a/.github/workflows/solidity-tracability.yml b/.github/workflows/solidity-traceability.yml similarity index 99% rename from .github/workflows/solidity-tracability.yml rename to .github/workflows/solidity-traceability.yml index f0b1166807f..caa233ea8bb 100644 --- a/.github/workflows/solidity-tracability.yml +++ b/.github/workflows/solidity-traceability.yml @@ -1,5 +1,5 @@ # This workflow handles the enforcement of code Traceability via changesets and jira issue linking for our Solidity codebase. -name: Solidity Tracability +name: Solidity Traceability on: merge_group: diff --git a/.golangci.yml b/.golangci.yml index ca8cf4dade5..5d89e0fff19 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,5 +1,7 @@ run: timeout: 15m0s + allow-parallel-runners: true + allow-serial-runners: true linters: enable: - containedctx diff --git a/tools/bin/go_core_tests b/tools/bin/go_core_tests index 76c15fccd07..3679988a896 100755 --- a/tools/bin/go_core_tests +++ b/tools/bin/go_core_tests @@ -29,4 +29,4 @@ else echo "All tests passed!" fi echo "go_core_tests exiting with code $EXITCODE" -exit $EXITCODE +exit $EXITCODE \ No newline at end of file