Skip to content
PR

Added migration #3790

Sign in to view logs

Added migration

Added migration #3790

Workflow file for this run

.github/workflows/ci.yaml at 1f99109
name: PR
# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the master branch
push:
branches: [ '**' ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
permissions:
id-token: write
contents: read
security-events: write
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
format:
name: Check Lints
runs-on: ubuntu-24.04
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v4
- name: Install toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: 1.90.0
override: true
components: rustfmt
- name: Check TOML
uses: dprint/check@v2.2
- name: Check Format
run: |
cargo fmt -- --check
security-audit:
name: Security Audit
runs-on: ubuntu-24.04
timeout-minutes: 30
continue-on-error: true
steps:
- uses: actions/checkout@v4
- name: Install toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: 1.90.0
override: true
- name: Rust Cache
uses: Swatinem/rust-cache@v2
- name: Configure Git
run: git config --global url."https://${{ secrets.GH_READ_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Basic vulnerability check
run: |
# Use cargo tree to check for known vulnerabilities
cargo tree --duplicates
echo "✅ Basic dependency check completed"
- name: Check for known vulnerable crates (manual)
run: |
echo "🔍 Checking for known vulnerable crate patterns..."
if grep -r "openssl.*0\." Cargo.toml; then
echo "⚠️ Old OpenSSL version detected"
fi
echo "✅ Manual vulnerability patterns check completed"
# Split cargo check into parallel jobs for faster execution
check-runtime:
name: Check Runtime
needs: format
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Install linux dependencies
run: sudo apt update && sudo apt install -y cargo clang libssl-dev llvm libudev-dev protobuf-compiler
- name: Install toolchain and rust-src
uses: actions-rs/toolchain@v1
with:
toolchain: 1.90.0
override: true
target: wasm32-unknown-unknown
components: rust-src
- name: Enhanced Rust Cache
uses: Swatinem/rust-cache@v2
with:
shared-key: "runtime-build"
cache-on-failure: true
- name: Configure Git
run: git config --global url."https://${{ secrets.GH_READ_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Check Runtime Build (Optimized)
run: |
# Build with optimizations for speed
CARGO_INCREMENTAL=1 cargo check --release --features try-runtime --package cere-runtime --package cere-dev-runtime
- name: Run dev chain
run: |
cargo build --release --bin cere
timeout --preserve-status 30s ./target/release/cere --dev
check-node:
name: Check Node
needs: format
runs-on: ubuntu-24.04
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- name: Install linux dependencies
run: sudo apt update && sudo apt install -y cargo clang libssl-dev llvm libudev-dev protobuf-compiler
- name: Install toolchain and rust-src
uses: actions-rs/toolchain@v1
with:
toolchain: 1.90.0
override: true
target: wasm32-unknown-unknown
components: rust-src
- name: Enhanced Rust Cache
uses: Swatinem/rust-cache@v2
with:
shared-key: "node-build"
cache-on-failure: true
- name: Configure Git
run: git config --global url."https://${{ secrets.GH_READ_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Check Node Components
run: |
# Check node components in parallel where possible
CARGO_INCREMENTAL=1 cargo check --release --features runtime-benchmarks --workspace --exclude cere-runtime --exclude cere-dev-runtime
check-try-runtime:
name: Try-Runtime Check
needs: format
runs-on: ubuntu-24.04
continue-on-error: true
steps:
- uses: actions/checkout@v4
- name: Install linux dependencies
run: sudo apt update && sudo apt install -y cargo clang libssl-dev llvm libudev-dev protobuf-compiler
- name: Install toolchain and rust-src
uses: actions-rs/toolchain@v1
with:
toolchain: 1.90.0
override: true
target: wasm32-unknown-unknown
components: rust-src
- name: Enhanced Rust Cache
uses: Swatinem/rust-cache@v2
with:
shared-key: "runtime-build"
cache-on-failure: true
- name: Configure Git
run: git config --global url."https://${{ secrets.GH_READ_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Install try-runtime
run: cargo install --git https://github.com/paritytech/try-runtime-cli --tag v0.8.0 --locked
- name: Build for try-runtime
run: |
CARGO_INCREMENTAL=1 cargo build --release --features try-runtime
- name: Check Try-Runtime
run: |
try-runtime --runtime ./target/release/wbuild/cere-dev-runtime/cere_dev_runtime.compact.compressed.wasm \
on-runtime-upgrade --disable-idempotency-checks --blocktime 6000 live --uri wss://rpc.devnet.cere.network:443
clippy:
name: Run Clippy
needs: format
runs-on: ubuntu-24.04
timeout-minutes: 45
steps:
- uses: actions/checkout@v4
- name: Install linux dependencies
run: sudo apt update && sudo apt install -y cargo clang libssl-dev llvm libudev-dev protobuf-compiler
- name: Install toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: 1.90.0
override: true
target: wasm32-unknown-unknown
components: rust-src
- name: Enhanced Rust Cache
uses: Swatinem/rust-cache@v2
with:
shared-key: "clippy-build"
cache-on-failure: true
- name: Configure Git
run: git config --global url."https://${{ secrets.GH_READ_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Check with Clippy (Optimized)
run: |
# Run clippy with incremental compilation
CARGO_INCREMENTAL=1 cargo clippy --no-deps --all-targets --features runtime-benchmarks,try-runtime --workspace -- --deny warnings
tests:
name: Run tests
needs: format
# The type of runner that the job will run on
runs-on: ["self-hosted", "cere-network-memory-large"]
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v4
- name: Install linux dependencies
run: sudo apt update && sudo apt install -y cargo clang libssl-dev llvm libudev-dev protobuf-compiler make pkg-config
- name: Install toolchain
uses: actions-rs/toolchain@v1
with:
toolchain: 1.90.0
override: true
target: wasm32-unknown-unknown
components: rust-src
- name: Configure Git
run: git config --global url."https://${{ secrets.GH_READ_TOKEN }}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
- name: Enhanced Rust Cache
uses: Swatinem/rust-cache@v2
with:
shared-key: "test-build"
cache-on-failure: true
- name: Install cargo-tarpaulin
run: |
# Install from source to avoid missing prebuilt binary tarballs on the runner
cargo install cargo-tarpaulin --version 0.30.0 --locked
- name: Run cargo-tarpaulin
run: |
cargo tarpaulin --verbose --locked --no-fail-fast --workspace \
--features runtime-benchmarks --out "Xml" -- \
--skip mock_clusters_gov::__construct_runtime_integrity_test::runtime_integrity_tests \
--skip tests::call_size
- name: Upload coverage report
uses: actions/upload-artifact@v4
with:
name: tarpaulin coverage
path: ./tarpaulin-report.xml