Skip to content

unrestricted-transfer-from detector + test cases #286

unrestricted-transfer-from detector + test cases

unrestricted-transfer-from detector + test cases #286

Workflow file for this run

name: Test Detectors
on:
pull_request:
paths:
- "detectors/**"
- "test-cases/**"
- "scripts/**"
- "!detectors/**/*.md"
- "!test-cases/**/*.md"
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: full
PYTHONUNBUFFERED: 1
jobs:
validate-detectors:
name: Validate
runs-on: ubuntu-latest
outputs:
status: ${{ job.status }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Install dependencies
run: pip install fuzzywuzzy
- name: Validate detectors
run: python scripts/validate-detectors.py
build:
name: Build
needs: validate-detectors
strategy:
matrix:
os:
- ubuntu-latest
- macos-latest
runs-on: ${{ matrix.os }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Cache cargo dependencies and tool versions
uses: actions/cache@v4
with:
path: |
~/.cargo
~/.rustup
key: ${{ runner.os }}-tests-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-tests-
- name: Install Rust nightly
run: rustup install nightly-2023-12-16
- name: Install dylint, dylint-link and cargo-scout-audit
run: cargo +nightly-2023-12-16 install cargo-dylint dylint-link cargo-scout-audit
- name: Determine build status and write to file
run: echo "${{ job.status }}" > status-${{ matrix.os }}.txt
- name: Upload build status artifact
uses: actions/upload-artifact@v4
with:
name: build-status-${{ matrix.os }}
path: status-${{ matrix.os }}.txt
prepare-detector-matrix:
name: Prepare Detector Matrix
runs-on: ubuntu-latest
needs: build
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- id: set-matrix
working-directory: test-cases
run: |
matrix=$(find . -mindepth 1 -maxdepth 1 -type d -exec basename {} \; | jq -R -cs 'split("\n")[:-1]')
echo "Matrix: $matrix"
echo "matrix=$matrix" >> $GITHUB_OUTPUT
test:
name: Test detector
needs: [build, prepare-detector-matrix]
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- macos-latest
detector: ${{fromJson(needs.prepare-detector-matrix.outputs.matrix)}}
runs-on: ${{ matrix.os }}
outputs:
status: ${{ job.status }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Cache cargo dependencies and tool versions
uses: actions/cache@v4
with:
path: |
~/.cargo
~/.rustup
key: ${{ runner.os }}-tests-${{ hashFiles('**/Cargo.lock') }}
restore-keys: ${{ runner.os }}-tests-
- name: Run unit and integration tests
run: python scripts/run-tests.py --detector=${{ matrix.detector }}
comment-on-pr:
name: Comment on PR
runs-on: ubuntu-latest
if: ${{ always() }}
needs: [validate-detectors, build, test]
steps:
- name: Download build status artifacts
uses: actions/download-artifact@v4
- name: Read Ubuntu build status
id: ubuntu_status
working-directory: build-status-ubuntu-latest
run: echo "status=$(cat status-ubuntu-latest.txt)" >> $GITHUB_OUTPUT
- name: Read macOS build status
id: macos_status
working-directory: build-status-macos-latest
run: echo "status=$(cat status-macos-latest.txt)" >> $GITHUB_OUTPUT
- name: Find comment
id: find_comment
uses: peter-evans/find-comment@v3
with:
issue-number: ${{ github.event.pull_request.number }}
body-includes: "🎉 **Test Detectors Workflow Summary** 🎉"
- name: Create or Update PR Comment
uses: peter-evans/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
comment-id: ${{ steps.find_comment.outputs.comment-id }}
edit-mode: replace
issue-number: ${{ github.event.pull_request.number }}
body: |
🎉 **Test Detectors Workflow Summary** 🎉
| Component | Status |
|-------------------------|--------|
| Detector Validation | ${{ (needs.validate-detectors.outputs.status == 'success' && '✅ Successful') || '❌ Failed' }} |
| Build on Ubuntu | ${{ (steps.ubuntu_status.outputs.status == 'success' && '✅ Successful') || '❌ Failed' }} |
| Build on macOS | ${{ (steps.macos_status.outputs.status == 'success' && '✅ Successful') || '❌ Failed' }} |
| Tests Execution | ${{ (needs.test.outputs.status == 'success' && '✅ Successful') || '❌ Failed' }} |
The workflow has completed. Great job! 🚀