From 745d869f447bd8c41f19037e9a205c3e34cdde60 Mon Sep 17 00:00:00 2001 From: lukacan Date: Thu, 3 Oct 2024 09:53:58 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=92=9A=20Pipelines=20revision?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/actions/setup-anchor/action.yml | 16 ---- .github/actions/setup-honggfuzz/action.yml | 25 ++--- .github/actions/setup-rust/action.yml | 24 ++--- .github/actions/setup-solana/action.yml | 22 ----- .github/actions/setup-trident/action.yml | 11 +-- .github/workflows/fuzz.yml | 105 +++++++++++++++++++++ .github/workflows/lint.yml | 72 +++++++------- .github/workflows/run_fuzz_example.yml | 57 ----------- 8 files changed, 163 insertions(+), 169 deletions(-) delete mode 100644 .github/actions/setup-anchor/action.yml delete mode 100644 .github/actions/setup-solana/action.yml create mode 100644 .github/workflows/fuzz.yml delete mode 100644 .github/workflows/run_fuzz_example.yml diff --git a/.github/actions/setup-anchor/action.yml b/.github/actions/setup-anchor/action.yml deleted file mode 100644 index d88603cac..000000000 --- a/.github/actions/setup-anchor/action.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: "Setup Anchor" -description: "Setup Anchor" - -runs: - using: "composite" - steps: - - uses: actions/cache@v3 - name: Cache Anchor Tool Suite - id: cache-anchor - with: - path: | - ~/.cache/anchor/ - ~/.local/share/anchor/ - key: anchor-${{ runner.os }}-v0000-${{ env.ANCHOR_VERSION }} - - run: npm i -g @coral-xyz/anchor-cli@${{ env.ANCHOR_VERSION }} ts-mocha typescript - shell: bash diff --git a/.github/actions/setup-honggfuzz/action.yml b/.github/actions/setup-honggfuzz/action.yml index 7f05fb667..6610d15c4 100644 --- a/.github/actions/setup-honggfuzz/action.yml +++ b/.github/actions/setup-honggfuzz/action.yml @@ -1,23 +1,16 @@ name: "Setup Honggfuzz" -description: "Setup Honggfuzz" runs: using: "composite" steps: - - uses: actions/cache@v3 - name: Cache Honggfuzz - id: cache-honggfuzz - with: - path: | - ~/.cache/honggfuzz/ - ~/.local/share/honggfuzz/ - key: honggfuzz-${{ runner.os }}-v0000-${{ env.HONGGFUZZ_VERSION }} - - name: Install honggfuzz - run: cargo install honggfuzz --version ${{ env.HONGGFUZZ_VERSION }} + # Install system dependencies required by Honggfuzz + - name: Install Dependencies (binutils-dev & libunwind-dev) + run: | + sudo apt-get update # Update the system package lists + sudo apt-get install -y binutils-dev libunwind-dev # Install binutils-dev and libunwind-dev, which are required for fuzzing shell: bash - - name: Install binutils-dev - run: sudo apt-get install binutils-dev - shell: bash - - name: Install libunwind-dev - run: sudo apt-get install libunwind-dev + + # Install Honggfuzz using Cargo + - name: Install Honggfuzz + run: cargo install honggfuzz --version ${{ env.HONGGFUZZ_VERSION }} # Install the specified version of Honggfuzz via Cargo shell: bash diff --git a/.github/actions/setup-rust/action.yml b/.github/actions/setup-rust/action.yml index 669022c7b..8a633a305 100644 --- a/.github/actions/setup-rust/action.yml +++ b/.github/actions/setup-rust/action.yml @@ -1,27 +1,23 @@ name: "Setup Rust" -description: "Setup Rust" - -outputs: - rustc-hash: - description: "Hash of the rustc version" - value: ${{ steps.rust-version.outputs.RUSTC_HASH }} runs: using: "composite" steps: + # Install essential system packages required for building Rust projects - name: Install system packages - run: sudo apt-fast update && sudo apt-fast install -y build-essential libudev-dev + run: sudo apt-get update && sudo apt-get install -y build-essential libudev-dev # Installs essential packages like GCC and libudev development headers shell: bash - - name: Install Rust nightly + + # Install Rust nightly toolchain and additional components + # Ensure rustfmt and clippy are installed for the nightly toolchain as well + - name: Install Rust Toolchain Components run: | - rustup default nightly + rustup install nightly rustup component add rustfmt clippy rustup component add rustfmt clippy --toolchain nightly shell: bash + + # Install Cargo Expand for expanding macros in Rust, useful for debugging macro-generated code - name: Install Cargo Expand - run: cargo install --locked cargo-expand - shell: bash - - name: Get rustc version - id: rust-version - run: echo "::set-output name=RUSTC_HASH::$(rustc -V | cut -d " " -f 3 | tail -c +2)" + run: cargo install --locked cargo-expand # Installs the cargo-expand tool, using --locked to ensure exact versions from Cargo.lock are used shell: bash diff --git a/.github/actions/setup-solana/action.yml b/.github/actions/setup-solana/action.yml deleted file mode 100644 index 1b255c449..000000000 --- a/.github/actions/setup-solana/action.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: "Setup Solana" -description: "Setup Solana" - -runs: - using: "composite" - steps: - - uses: actions/cache@v3 - name: Cache Solana Tool Suite - id: cache-solana - with: - path: | - ~/.cache/solana/ - ~/.local/share/solana/ - key: solana-${{ runner.os }}-v0000-${{ env.SOLANA_CLI_VERSION }} - - run: sh -c "$(curl -sSfL https://release.solana.com/v${{ env.SOLANA_CLI_VERSION }}/install)" - shell: bash - - run: echo "/home/runner/.local/share/solana/install/active_release/bin" >> $GITHUB_PATH - shell: bash - - run: solana-keygen new --no-bip39-passphrase - shell: bash - - run: solana config set --url localhost - shell: bash diff --git a/.github/actions/setup-trident/action.yml b/.github/actions/setup-trident/action.yml index 0186f657e..f383782ed 100644 --- a/.github/actions/setup-trident/action.yml +++ b/.github/actions/setup-trident/action.yml @@ -1,17 +1,10 @@ name: "Setup Trident" -description: "Setup Trident" runs: + # This setup does not use caching, so it always installs Trident fresh using: "composite" steps: - - uses: actions/cache@v3 - name: Cache Trident - id: cache-trident - with: - path: | - ~/.cache/trident/ - ~/.local/share/trident/ - key: trident-${{ runner.os }}-v0000 + # Install Trident from the local crates/cli directory - name: Install Trident run: cargo install --path crates/cli shell: bash diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml new file mode 100644 index 000000000..96d31913e --- /dev/null +++ b/.github/workflows/fuzz.yml @@ -0,0 +1,105 @@ +name: Test Fuzz Tests + +on: + workflow_dispatch: + pull_request: # Workflow can be triggered by either a manual dispatch or a pull request + +env: + HONGGFUZZ_VERSION: 0.5.56 # Honggfuzz version to install in the environment + +jobs: + Fuzz-Tests: + name: Fuzz Tests + runs-on: ubuntu-20.04 + steps: + - run: echo "Starting Fuzz Tests" + + simple-cpi-6: + name: Fuzz Tests (simple-cpi-6) + needs: Fuzz-Tests + # Runs on an Ubuntu 20.04 runner + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v3 + name: Checkout Repository # Checkout the repository to get access to the project files + + # https://github.com/Swatinem/rust-cache + - name: Cache Rust and its Packages + # Caches Rust dependencies to avoid redundant downloads and speed up builds + uses: Swatinem/rust-cache@v2 + with: + prefix-key: "fuzz" + shared-key: "trident-rust-cache" # Using a shared cache key for multiple jobs + + - name: Setup Rust Environment + # Sets up the Rust environment (e.g., installing Rust and required components) + uses: ./.github/actions/setup-rust/ + + - name: Install Trident + # Sets up the Trident + uses: ./.github/actions/setup-trident/ + + - name: Setup Honggfuzz + # Sets up Honggfuzz, a fuzzing tool that will be used by Trident + uses: ./.github/actions/setup-honggfuzz/ + + # Cache the target folder, which stores the build artifacts generated by the fuzzing process + - name: Cache Target Folder + uses: actions/cache@v3 + with: + path: examples/fuzz-tests/simple-cpi-6/trident-tests/fuzz_tests/fuzzing/hfuzz_target # Cache the folder where build artifacts are stored + key: target-${{ runner.os }}-simple-cpi-6 # Unique key for caching based on OS and test + + # Run the fuzzing test using Trident in the simple-cpi-6 directory + - name: Test Fuzz + working-directory: examples/fuzz-tests/simple-cpi-6 # Set the working directory for the fuzzing test + run: trident fuzz run fuzz_0 # Run the fuzz test with trident + + arbitrary-limit-inputs-5: + name: Fuzz Tests (arbitrary-limit-inputs-5) + needs: Fuzz-Tests + # Runs on an Ubuntu 20.04 runner for a different fuzz test + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v3 + name: Checkout Repository # Checkout the repository + + # https://github.com/Swatinem/rust-cache + - name: Cache Rust and its Packages + # Caches Rust dependencies to avoid redundant downloads and speed up builds + uses: Swatinem/rust-cache@v2 + with: + prefix-key: "fuzz" # Using a locally shared cache key + shared-key: "trident-rust-cache" # Using a shared cache key for multiple jobs + + - name: Setup Rust Environment + # Sets up the Rust environment (e.g., installing Rust and required components) + uses: ./.github/actions/setup-rust/ + + - name: Install Trident + # Sets up the Trident + uses: ./.github/actions/setup-trident/ + + - name: Setup Honggfuzz + # Sets up Honggfuzz, a fuzzing tool that will be used by Trident + uses: ./.github/actions/setup-honggfuzz/ + + # Cache the target folder, which stores the build artifacts generated by the fuzzing process + - name: Cache Target Folder + uses: actions/cache@v3 + with: + path: examples/fuzz-tests/arbitrary-limit-inputs-5/trident-tests/fuzz_tests/fuzzing/hfuzz_target # Cache the folder where build artifacts are stored + key: target-${{ runner.os }}-arbitrary-limit-inputs-5 # Unique key for caching based on OS and test + + # Run the fuzzing test using Trident in the arbitrary-limit-inputs-5 directory + - name: Test Fuzz + working-directory: examples/fuzz-tests/arbitrary-limit-inputs-5 # Set the working directory for the fuzzing test + run: trident fuzz run fuzz_0 # Run the fuzz test with trident + + + checks: + name: Fuzz Tests (Checks) + needs: [simple-cpi-6, arbitrary-limit-inputs-5] + runs-on: ubuntu-20.04 + steps: + - run: echo "All fuzz tests completed successfully" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index acc93f338..033efc1ab 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,53 +1,55 @@ +name: Lint crates + on: workflow_dispatch: - pull_request: + pull_request: # Workflow can be triggered by either a manual dispatch or a pull request -name: Lint crates jobs: - checks: + Lint-Workspace: + name: Lint Workspace runs-on: ubuntu-20.04 - needs: - - cli - - client steps: - - run: echo "Done" - cli: + - run: echo "Starting Lint-Workspace" + + lint: + name: Lint + needs: Lint-Workspace + # This job runs on an Ubuntu 20.04 runner runs-on: ubuntu-20.04 - defaults: - run: - working-directory: crates/cli steps: - - uses: actions/checkout@v3 - - uses: ./.github/actions/setup-rust/ - id: rust-setup - - uses: Swatinem/rust-cache@v2 - name: Cache Rust and it's packages + - uses: actions/checkout@v3 # Checkout the code from the repository + + # https://github.com/Swatinem/rust-cache + - name: Cache Rust and its Packages + # Cache Rust dependencies using Swatinem's rust-cache action to speed up builds + uses: Swatinem/rust-cache@v2 + with: + prefix-key: "lint" # Using a locally shared cache key + shared-key: "trident-rust-cache" # Use a shared cache key across multiple jobs to reuse cache + cache-directories: "~/.rustup" # Additional non workspace directories to be cached, separated by newlines. + + - name: Setup Rust Environment + # Set up the Rust environment (e.g., install nightly, Rust components) + uses: ./.github/actions/setup-rust/ + - name: Cargo build - run: cargo build + # Build the Trident workspace + run: cargo build --release --all-features - name: Cargo fmt - run: cargo fmt -- --check + # Run cargo fmt to check if the code is formatted correctly + run: cargo fmt --check - name: Cargo clippy + # Run Clippy to check for code linting issues and fail on warnings run: cargo clippy -- -D warnings - name: Cargo test + # Run tests to ensure the project works as expected run: cargo test - client: + + checks: + name: Lint-Workspace (Checks) + needs: lint runs-on: ubuntu-20.04 - defaults: - run: - working-directory: crates/client steps: - - uses: actions/checkout@v3 - - uses: ./.github/actions/setup-rust/ - id: rust-setup - - uses: Swatinem/rust-cache@v2 - name: Cache Rust and it's packages - - name: Cargo build - run: cargo build - - name: Cargo fmt - run: cargo fmt -- --check - - name: Cargo clippy - run: cargo clippy -- -D warnings - - name: Cargo test - run: cargo test + - run: echo "Lint Workspace completed successfully" diff --git a/.github/workflows/run_fuzz_example.yml b/.github/workflows/run_fuzz_example.yml deleted file mode 100644 index 64c82a528..000000000 --- a/.github/workflows/run_fuzz_example.yml +++ /dev/null @@ -1,57 +0,0 @@ -name: Test Fuzz Tests - -on: - workflow_dispatch: - pull_request: - -env: - SOLANA_CLI_VERSION: 1.18.18 - HONGGFUZZ_VERSION: 0.5.56 - -jobs: - simple-cpi-6: - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v3 - - - name: Set Anchor Version - run: echo "ANCHOR_VERSION=0.30.1" >> $GITHUB_ENV - - - uses: Swatinem/rust-cache@v2 - name: Cache Rust and it's packages - - - uses: ./.github/actions/setup-rust/ - - - uses: ./.github/actions/setup-solana/ - - - uses: ./.github/actions/setup-trident/ - - - uses: ./.github/actions/setup-honggfuzz/ - id: rust-setup - - - name: Test Fuzz - working-directory: examples/fuzz-tests/simple-cpi-6 - run: trident fuzz run fuzz_0 - arbitrary-limit-inputs-5: - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v3 - - - name: Set Anchor Version - run: echo "ANCHOR_VERSION=0.30.1" >> $GITHUB_ENV - - - uses: Swatinem/rust-cache@v2 - name: Cache Rust and it's packages - - - uses: ./.github/actions/setup-rust/ - - - uses: ./.github/actions/setup-solana/ - - - uses: ./.github/actions/setup-trident/ - - - uses: ./.github/actions/setup-honggfuzz/ - id: rust-setup - - - name: Test Fuzz - working-directory: examples/fuzz-tests/arbitrary-limit-inputs-5 - run: trident fuzz run fuzz_0