chore(deps): bump step-security/harden-runner from 2.10.1 to 2.10.2 #4036
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build & Test | |
on: | |
push: | |
branches: | |
- main | |
- develop | |
- release/* | |
- integration-test-workflow | |
pull_request: | |
branches: | |
- main | |
- develop | |
- release/* | |
defaults: | |
run: | |
shell: bash | |
permissions: | |
contents: read | |
pull-requests: write | |
env: | |
CG_EXEC: ionice -c 2 -n 2 nice -n 19 | |
jobs: | |
build: | |
name: Build using Node ${{ matrix.node }} | |
runs-on: client-sdk-linux-medium | |
strategy: | |
matrix: | |
node: [ "16", "18" ] | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- name: Checkout Code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
submodules: true | |
- name: Install Task | |
uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v2.0.0 | |
with: | |
version: 3.35.1 | |
- name: Install PNPM | |
uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 | |
with: | |
version: 8.15.4 | |
- name: Setup Node | |
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version: ${{ matrix.node }} | |
cache: pnpm | |
- name: Build @hashgraph/sdk | |
run: task -v build | |
test: | |
name: Test using Node ${{ matrix.node }} | |
runs-on: client-sdk-linux-large | |
strategy: | |
matrix: | |
node: [ "16" ] | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- name: Checkout Code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
submodules: recursive | |
- name: Install Task | |
uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v2.0.0 | |
with: | |
version: 3.35.1 | |
- name: "Create env file" | |
run: | | |
touch .env | |
echo OPERATOR_KEY="302e020100300506032b65700422042091132178e72057a1d7528025956fe39b0b847f200ab59b2fdd367017f3087137" >> .env | |
echo OPERATOR_ID="0.0.2" >> .env | |
echo HEDERA_NETWORK="local-node" >> .env | |
cat .env | |
- name: Install PNPM | |
uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 | |
with: | |
version: 8.15.4 | |
- name: Setup Node | |
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 | |
with: | |
node-version: ${{ matrix.node }} | |
cache: pnpm | |
- name: Build @hashgraph/sdk | |
id: build-sdk | |
run: task build | |
- name: Install Playwright Dependencies | |
id: playwright-deps | |
if: ${{ steps.build-sdk.conclusion == 'success' && !cancelled() && always() }} | |
run: sudo npx playwright install-deps | |
- name: Start the local node | |
id: start-local-node | |
if: ${{ steps.build-sdk.conclusion == 'success' && !cancelled() && always() }} | |
run: | | |
${{ env.CG_EXEC }} npx @hashgraph/hedera-local start -d -—network local --balance=100000 | |
# Wait for the network to fully start | |
sleep 30 | |
- name: Run Hedera SDK Integration Tests | |
if: ${{ steps.build-sdk.conclusion == 'success' && steps.start-local-node.conclusion == 'success' && !cancelled() && always() }} | |
run: ${{ env.CG_EXEC }} task test:integration:codecov | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: ./coverage/lcov.info | |
fail_ci_if_error: false | |
- name: Stop the local node | |
id: stop-local-node | |
if: ${{ steps.start-local-node.conclusion == 'success' && !cancelled() && always() }} | |
run: ${{ env.CG_EXEC }} npx @hashgraph/hedera-local stop | |
- name: Build @hashgraph/cryptography | |
working-directory: packages/cryptography | |
if: ${{ steps.build-sdk.conclusion == 'success' && steps.stop-local-node.conclusion == 'success' && !cancelled() && always() }} | |
run: ${{ env.CG_EXEC }} task build | |
- name: Unit Test @hashgraph/cryptography | |
working-directory: packages/cryptography | |
if: ${{ steps.build-sdk.conclusion == 'success' && steps.stop-local-node.conclusion == 'success' && !cancelled() && always() }} | |
run: ${{ env.CG_EXEC }} task test:unit | |
- name: Codecov @hashgraph/cryptography | |
working-directory: packages/cryptography | |
if: ${{ steps.build-sdk.conclusion == 'success' && steps.stop-local-node.conclusion == 'success' && !cancelled() && always() }} | |
run: ${{ env.CG_EXEC }} task test:unit:codecov | |
- name: Upload @hashgraph/cryptography coverage to Codecov | |
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: ./packages/cryptography/coverage/lcov.info | |
fail_ci_if_error: false | |
- name: Unit Test @hashgraph/sdk | |
if: ${{ steps.build-sdk.conclusion == 'success' && steps.stop-local-node.conclusion == 'success' && steps.playwright-deps.conclusion == 'success' && !cancelled() && always() }} | |
run: ${{ env.CG_EXEC }} task test:unit | |
- name: Codecov @hashgraph/sdk | |
if: ${{ steps.build-sdk.conclusion == 'success' && steps.stop-local-node.conclusion == 'success' && !cancelled() && always() }} | |
run: ${{ env.CG_EXEC }} task test:unit:codecov | |
- name: Upload @hashgraph/sdk coverage to Codecov | |
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
fail_ci_if_error: true |