Skip to content

ci: Add Semgrep to CI #9027

ci: Add Semgrep to CI

ci: Add Semgrep to CI #9027

Workflow file for this run

name: PR Testing
on:
push:
branches:
- develop
- release/*
merge_group:
pull_request:
concurrency:
group: pr-testing-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
env:
S3_BUCKET_PATH: "zetachain-deployment-files/builds/zeta-node"
S3_PUBLIC_BUCKET_PATH: "zetachain-external-files"
AWS_REGION: "us-east-1"
GITHUB_REF_NAME: "$(echo ${{ github.ref_name }} | tr '//' '-')"
jobs:
build-and-test:
runs-on: ubuntu-20.04
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- name: Set CPU Architecture
shell: bash
run: |
if [ "$(uname -m)" == "aarch64" ]; then
echo "CPU_ARCH=arm64" >> $GITHUB_ENV
elif [ "$(uname -m)" == "x86_64" ]; then
echo "CPU_ARCH=amd64" >> $GITHUB_ENV
else
echo "Unsupported architecture" >&2
exit 1
fi
- name: Install Pipeline Dependencies
uses: ./.github/actions/install-dependencies
timeout-minutes: 8
with:
cpu_architecture: ${{ env.CPU_ARCH }}
skip_python: "true"
skip_aws_cli: "true"
skip_docker_compose: "false"
- name: Test
uses: nick-fields/retry@v3
with:
timeout_minutes: 20
max_attempts: 2
retry_on: error
command: |
echo "Running Build Tests"
make clean
make test-coverage
- name: Upload coverage reports to Codecov
uses: codecov/[email protected]
with:
file: coverage.out
token: ${{ secrets.CODECOV_TOKEN }}
slug: zeta-chain/node
- name: Build zetacored and zetaclientd
env:
CGO_ENABLED: 1
GOOS: linux
GOARCH: ${{ env.CPU_ARCH }}
run: |
make install
cp "$HOME"/go/bin/* ./
chmod a+x ./zetacored
./zetacored version
- name: Upload zetacored
uses: actions/upload-artifact@v4
with:
name: zetacored
path: ~/go/bin/zetacored
retention-days: 30
- name: Upload zetaclientd
uses: actions/upload-artifact@v4
with:
name: zetaclientd
path: ~/go/bin/zetaclientd
retention-days: 30
- name: Clean Up Workspace
if: always()
shell: bash
run: rm -rf *