Skip to content
test

chore(aleo): bump snarkvm to 4.6.0 #29035

Sign in to view logs

chore(aleo): bump snarkvm to 4.6.0

chore(aleo): bump snarkvm to 4.6.0 #29035

Workflow file for this run

.github/workflows/test.yml at 882bd6d
name: test
on:
# Triggers the workflow on pushes to main branch
push:
branches: [main, 'audit-*']
# Triggers on pull requests
pull_request:
branches:
- '*'
merge_group:
workflow_dispatch:
concurrency:
group: e2e-${{ github.ref }}
cancel-in-progress: ${{ github.ref_name != 'main' }}
env:
LOG_LEVEL: DEBUG
LOG_FORMAT: PRETTY
TURBO_TELEMETRY_DISABLED: 1
TURBO_API: https://cache.depot.dev
TURBO_TOKEN: ${{ secrets.DEPOT_TURBO_TOKEN }}
TURBO_TEAM: ${{ secrets.DEPOT_ORG_ID }}
jobs:
pnpm-install:
runs-on: depot-ubuntu-24.04
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
submodules: recursive
persist-credentials: false
- uses: actions/setup-node@v6
with:
node-version-file: .nvmrc
- name: pnpm-cache
uses: ./.github/actions/pnpm-cache
- name: pnpm-install
run: pnpm install --frozen-lockfile
# Check publishable packages have required fields for npm provenance
- name: check-package-json
run: ./scripts/check-package-json.sh
lint-prettier-run:
runs-on: depot-ubuntu-24.04-8
needs: [change-detection]
if: needs.change-detection.outputs.run_lint_prettier == 'true'
timeout-minutes: 10
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
- uses: actions/setup-node@v6
with:
node-version-file: .nvmrc
# Build required before linting or the intra-monorepo package cycle checking won't work
- name: pnpm-build
uses: ./.github/actions/pnpm-build-with-cache
- name: oxlint
run: pnpm run lint
- name: solhint
run: pnpm -C solidity lint
- name: helloworld solhint
run: pnpm -C typescript/helloworld lint
- name: Get changed PR files
if: github.event_name == 'pull_request'
run: |
gh pr view ${{ github.event.pull_request.number }} --json files -q '.files[] | select (.status != "removed") | .path' > changed_files.txt
echo "Changed files: $(cat changed_files.txt)"
env:
GH_TOKEN: ${{ github.token }}
- name: Run oxfmt (changed files)
if: github.event_name == 'pull_request'
run: |
mapfile -t oxfmt_files < <(
grep -E '\.(js|ts|jsx|tsx|json|yaml|yml|md)$' changed_files.txt || true
)
if ((${#oxfmt_files[@]})); then
pnpm exec oxfmt --ignore-path .gitignore --check --no-error-on-unmatched-pattern "${oxfmt_files[@]}"
fi
- name: Run prettier for Solidity (changed files)
if: github.event_name == 'pull_request'
run: |
mapfile -t prettier_files < <(grep -E '\.sol$' changed_files.txt || true)
if ((${#prettier_files[@]})); then
pnpm exec prettier --check --no-error-on-unmatched-pattern "${prettier_files[@]}"
fi
- name: Run oxfmt (all files)
if: github.event_name != 'pull_request'
run: pnpm exec oxfmt --ignore-path .gitignore --check .
continue-on-error: true
- name: Run prettier for Solidity (all files)
if: github.event_name != 'pull_request'
run: pnpm exec prettier --check 'solidity/**/*.sol' 'typescript/helloworld/contracts/**/*.sol'
continue-on-error: true
- name: Check YAML sort order
run: pnpm exec tsx ./scripts/sort-yaml.ts --check
- name: Clean up
if: always()
run: |
rm -f changed_files.txt
lint-prettier:
runs-on: ubuntu-latest
needs: [lint-prettier-run]
if: always()
steps:
- uses: actions/checkout@v6
- name: Check lint-prettier status
uses: ./.github/actions/check-job-status
with:
job_name: 'Lint Prettier'
result: ${{ needs.lint-prettier-run.result }}
set-base-sha:
runs-on: ubuntu-latest
outputs:
base_sha: ${{ steps.determine-sha.outputs.base_sha }}
current_sha: ${{ steps.determine-sha.outputs.current_sha }}
steps:
- name: Checkout code
uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
# Full history needed to compute merge-base for PRs
fetch-depth: 0
- name: Determine BASE_SHA
id: determine-sha
uses: ./.github/actions/determine-base-sha
change-detection:
needs: [set-base-sha]
outputs:
skip_ts: ${{ steps.decide.outputs.skip_ts }}
run_lint_prettier: ${{ steps.decide.outputs.run_lint_prettier }}
run_cli_e2e: ${{ steps.decide.outputs.run_cli_e2e }}
ci_tier: ${{ steps.decide.outputs.ci_tier }}
has_cosmos: ${{ steps.decide.outputs.has_cosmos }}
has_aleo: ${{ steps.decide.outputs.has_aleo }}
has_radix: ${{ steps.decide.outputs.has_radix }}
has_starknet: ${{ steps.decide.outputs.has_starknet }}
has_tron: ${{ steps.decide.outputs.has_tron }}
has_relayer: ${{ steps.decide.outputs.has_relayer }}
has_rebalancer: ${{ steps.decide.outputs.has_rebalancer }}
has_svm: ${{ steps.decide.outputs.has_svm }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
fetch-depth: 0
- name: Check CI context
id: context
uses: ./.github/actions/ci-context-check
# skip_ts: no TypeScript code at all — skip all TS jobs
# Note: typescript/infra/ is NOT included because infra-test and agent-configs
# exist specifically to validate infra changes
- name: Check if changes are only in non-TS paths
id: check-skip-ts
uses: ./.github/actions/check-path-changes
with:
base_sha: ${{ needs.set-base-sha.outputs.base_sha }}
head_sha: ${{ needs.set-base-sha.outputs.current_sha }}
path_pattern: '(rust/|\.github/|typescript/Dockerfile|typescript/docker-entrypoint\.sh)'
path_pattern_only: 'true'
- name: Check if workflow files changed
id: check-github
uses: ./.github/actions/check-path-changes
with:
base_sha: ${{ needs.set-base-sha.outputs.base_sha }}
head_sha: ${{ needs.set-base-sha.outputs.current_sha }}
path_pattern: '\.github/'
- name: Categorize changes for CLI e2e and VM detection
id: check-vm
run: |
BASE_SHA="${{ needs.set-base-sha.outputs.base_sha }}"
HEAD_SHA="${{ needs.set-base-sha.outputs.current_sha }}"
if ! CHANGED_FILES=$(git diff --name-only "$BASE_SHA"..."$HEAD_SHA" 2>/dev/null); then
# Can't determine changes — run everything
echo "has_cli_changes=true" >> $GITHUB_OUTPUT
echo "has_radix=true" >> $GITHUB_OUTPUT
echo "has_aleo=true" >> $GITHUB_OUTPUT
echo "has_cosmos=true" >> $GITHUB_OUTPUT
echo "has_starknet=true" >> $GITHUB_OUTPUT
echo "has_tron=true" >> $GITHUB_OUTPUT
echo "has_relayer=true" >> $GITHUB_OUTPUT
echo "has_rebalancer=true" >> $GITHUB_OUTPUT
echo "has_svm=true" >> $GITHUB_OUTPUT
exit 0
fi
if [[ -z "$CHANGED_FILES" ]]; then
echo "has_cli_changes=true" >> $GITHUB_OUTPUT
echo "has_radix=false" >> $GITHUB_OUTPUT
echo "has_aleo=false" >> $GITHUB_OUTPUT
echo "has_cosmos=false" >> $GITHUB_OUTPUT
echo "has_starknet=false" >> $GITHUB_OUTPUT
echo "has_tron=false" >> $GITHUB_OUTPUT
echo "has_relayer=false" >> $GITHUB_OUTPUT
echo "has_rebalancer=false" >> $GITHUB_OUTPUT
echo "has_svm=false" >> $GITHUB_OUTPUT
exit 0
fi
# VM-specific SDK changes
has_radix=$(echo "$CHANGED_FILES" | grep -qE '^typescript/radix-sdk/' && echo true || echo false)
has_aleo=$(echo "$CHANGED_FILES" | grep -qE '^typescript/aleo-sdk/' && echo true || echo false)
has_cosmos=$(echo "$CHANGED_FILES" | grep -qE '^typescript/(cosmos-sdk|cosmos-types)/' && echo true || echo false)
has_starknet=$(echo "$CHANGED_FILES" | grep -qE '^(typescript/(starknet-sdk|provider-sdk|utils)/|starknet/)' && echo true || echo false)
has_tron=$(echo "$CHANGED_FILES" | grep -qE '^typescript/tron-sdk/' && echo true || echo false)
has_svm=$(echo "$CHANGED_FILES" | grep -qE '^(rust/sealevel/|typescript/svm-sdk/)' && echo true || echo false)
# Package-specific changes (run only their targeted CLI e2e tests)
has_relayer=$(echo "$CHANGED_FILES" | grep -qE '^typescript/relayer/' && echo true || echo false)
has_rebalancer=$(echo "$CHANGED_FILES" | grep -qE '^typescript/rebalancer/' && echo true || echo false)
# Core CLI deps that trigger the smoke/full CLI e2e suite
# Peripheral deps (relayer, rebalancer, metrics, http-registry-server) have
# their own unit tests; merge queue runs full suite
CLI_DEPS='^(typescript/(cli|sdk|utils|deploy-sdk|provider-sdk)/|solidity/|starknet/)'
has_cli_changes=$(echo "$CHANGED_FILES" | grep -qE "$CLI_DEPS" && echo true || echo false)
echo "has_cli_changes=$has_cli_changes" >> $GITHUB_OUTPUT
echo "has_radix=$has_radix" >> $GITHUB_OUTPUT
echo "has_aleo=$has_aleo" >> $GITHUB_OUTPUT
echo "has_cosmos=$has_cosmos" >> $GITHUB_OUTPUT
echo "has_starknet=$has_starknet" >> $GITHUB_OUTPUT
echo "has_tron=$has_tron" >> $GITHUB_OUTPUT
echo "has_relayer=$has_relayer" >> $GITHUB_OUTPUT
echo "has_rebalancer=$has_rebalancer" >> $GITHUB_OUTPUT
echo "CLI changes: $has_cli_changes"
echo "VM-specific — radix=$has_radix aleo=$has_aleo cosmos=$has_cosmos starknet=$has_starknet tron=$has_tron"
echo "Package-specific — relayer=$has_relayer rebalancer=$has_rebalancer"
echo "has_svm=$has_svm" >> $GITHUB_OUTPUT
echo "VM-specific — radix=$has_radix aleo=$has_aleo cosmos=$has_cosmos starknet=$has_starknet tron=$has_tron svm=$has_svm"
- name: Decide what to run
id: decide
run: |
echo "Context: ${{ steps.context.outputs.reason }}"
# Determine CI tier: full for merge queue, smoke for PRs
CI_TIER="smoke"
if [[ "${{ github.event_name }}" == "merge_group" ]]; then
CI_TIER="full"
fi
if [[ "${{ steps.context.outputs.should_skip }}" == "true" ]]; then
echo "skip_ts=true" >> $GITHUB_OUTPUT
echo "run_lint_prettier=false" >> $GITHUB_OUTPUT
echo "run_cli_e2e=false" >> $GITHUB_OUTPUT
echo "ci_tier=$CI_TIER" >> $GITHUB_OUTPUT
echo "has_cosmos=false" >> $GITHUB_OUTPUT
echo "has_aleo=false" >> $GITHUB_OUTPUT
echo "has_radix=false" >> $GITHUB_OUTPUT
echo "has_starknet=false" >> $GITHUB_OUTPUT
echo "has_tron=false" >> $GITHUB_OUTPUT
echo "has_relayer=false" >> $GITHUB_OUTPUT
echo "has_rebalancer=false" >> $GITHUB_OUTPUT
echo "has_svm=false" >> $GITHUB_OUTPUT
exit 0
fi
if [[ "${{ steps.context.outputs.must_run }}" == "true" ]]; then
echo "skip_ts=false" >> $GITHUB_OUTPUT
echo "run_lint_prettier=true" >> $GITHUB_OUTPUT
echo "run_cli_e2e=true" >> $GITHUB_OUTPUT
echo "ci_tier=full" >> $GITHUB_OUTPUT
echo "has_cosmos=true" >> $GITHUB_OUTPUT
echo "has_aleo=true" >> $GITHUB_OUTPUT
echo "has_radix=true" >> $GITHUB_OUTPUT
echo "has_starknet=true" >> $GITHUB_OUTPUT
echo "has_tron=true" >> $GITHUB_OUTPUT
echo "has_relayer=true" >> $GITHUB_OUTPUT
echo "has_rebalancer=true" >> $GITHUB_OUTPUT
echo "has_svm=true" >> $GITHUB_OUTPUT
exit 0
fi
SKIP_TS="${{ steps.check-skip-ts.outputs.only_changes }}"
RUN_LINT_PRETTIER=false
if [[ "$SKIP_TS" != "true" || "${{ steps.check-github.outputs.has_changes }}" == "true" ]]; then
RUN_LINT_PRETTIER=true
fi
echo "skip_ts=$SKIP_TS" >> $GITHUB_OUTPUT
echo "run_lint_prettier=$RUN_LINT_PRETTIER" >> $GITHUB_OUTPUT
echo "run_cli_e2e=${{ steps.check-vm.outputs.has_cli_changes }}" >> $GITHUB_OUTPUT
echo "ci_tier=$CI_TIER" >> $GITHUB_OUTPUT
echo "has_cosmos=${{ steps.check-vm.outputs.has_cosmos }}" >> $GITHUB_OUTPUT
echo "has_aleo=${{ steps.check-vm.outputs.has_aleo }}" >> $GITHUB_OUTPUT
echo "has_radix=${{ steps.check-vm.outputs.has_radix }}" >> $GITHUB_OUTPUT
echo "has_starknet=${{ steps.check-vm.outputs.has_starknet }}" >> $GITHUB_OUTPUT
echo "has_tron=${{ steps.check-vm.outputs.has_tron }}" >> $GITHUB_OUTPUT
echo "has_relayer=${{ steps.check-vm.outputs.has_relayer }}" >> $GITHUB_OUTPUT
echo "has_rebalancer=${{ steps.check-vm.outputs.has_rebalancer }}" >> $GITHUB_OUTPUT
echo "has_svm=${{ steps.check-vm.outputs.has_svm }}" >> $GITHUB_OUTPUT
pnpm-test-run:
runs-on: depot-ubuntu-24.04
needs: [change-detection]
timeout-minutes: 20
if: needs.change-detection.outputs.skip_ts != 'true'
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
submodules: recursive
persist-credentials: false
- name: pnpm-build
uses: ./.github/actions/pnpm-build-with-cache
- name: Checkout registry
uses: ./.github/actions/checkout-registry
- name: Unit Tests
run: pnpm run test:ci
pnpm-test:
runs-on: ubuntu-latest
needs: [pnpm-test-run]
if: always()
steps:
- uses: actions/checkout@v6
- name: Check pnpm-test status
uses: ./.github/actions/check-job-status
with:
job_name: 'PNPM Test'
result: ${{ needs.pnpm-test-run.result }}
infra-test:
runs-on: depot-ubuntu-24.04
needs: [set-base-sha, change-detection]
if: needs.change-detection.outputs.skip_ts != 'true'
env:
GRAFANA_SERVICE_ACCOUNT_TOKEN: ${{ secrets.GRAFANA_SERVICE_ACCOUNT_TOKEN }}
BALANCE_CHANGES: false
WARP_CONFIG_CHANGES: false
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
submodules: recursive
persist-credentials: false
fetch-depth: 0
- name: Install gitleaks
id: gitleaks-install
# Skip for merge_group and external PRs (forks don't have access to GITLEAKS_LICENSE secret)
if: github.event_name != 'merge_group' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository)
uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}
- name: Check for balance/config changes
run: |
if git diff ${{ needs.set-base-sha.outputs.base_sha }}...${{ needs.set-base-sha.outputs.current_sha }} --name-only | grep -qE '^typescript/infra/config/environments/mainnet3/balances|^.registryrc$'; then
echo "BALANCE_CHANGES=true" >> $GITHUB_ENV
fi
if git diff ${{ needs.set-base-sha.outputs.base_sha }}...${{ needs.set-base-sha.outputs.current_sha }} --name-only | grep -qE '^typescript/infra/|^.registryrc$'; then
echo "WARP_CONFIG_CHANGES=true" >> $GITHUB_ENV
fi
- name: pnpm-build
uses: ./.github/actions/pnpm-build-with-cache
- name: Checkout registry
uses: ./.github/actions/checkout-registry
- name: GitLeaks Tests
if: steps.gitleaks-install.outcome != 'skipped'
run: pnpm -C typescript/infra test:gitleaks
- name: Balance Tests
if: env.BALANCE_CHANGES == 'true'
run: pnpm -C typescript/infra test:balance
- name: Warp Config Tests
if: env.WARP_CONFIG_CHANGES == 'true'
run: pnpm -C typescript/infra test:warp
cli-install-test-run:
runs-on: depot-ubuntu-24.04
needs: [change-detection]
if: needs.change-detection.outputs.skip_ts != 'true'
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
- name: install-hyperlane-cli
id: install-hyperlane-cli
uses: ./.github/actions/install-cli
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
- name: Test run the CLI
run: hyperlane --version
cli-install-test:
runs-on: ubuntu-latest
needs: [cli-install-test-run]
if: always()
steps:
- uses: actions/checkout@v6
- name: Check cli-install-test status
uses: ./.github/actions/check-job-status
with:
job_name: 'CLI Install Test'
result: ${{ needs.cli-install-test-run.result }}
# Reusable workflow callers
cli-e2e-tests:
needs: [change-detection]
uses: ./.github/workflows/test-cli-e2e.yml
secrets: inherit
with:
run_cli_e2e: ${{ needs.change-detection.outputs.run_cli_e2e }}
ci_tier: ${{ needs.change-detection.outputs.ci_tier }}
has_cosmos: ${{ needs.change-detection.outputs.has_cosmos }}
has_aleo: ${{ needs.change-detection.outputs.has_aleo }}
has_radix: ${{ needs.change-detection.outputs.has_radix }}
has_starknet: ${{ needs.change-detection.outputs.has_starknet }}
has_tron: ${{ needs.change-detection.outputs.has_tron }}
has_relayer: ${{ needs.change-detection.outputs.has_relayer }}
has_rebalancer: ${{ needs.change-detection.outputs.has_rebalancer }}
has_svm: ${{ needs.change-detection.outputs.has_svm }}
cli-e2e:
runs-on: ubuntu-latest
needs: [cli-e2e-tests]
if: always()
steps:
- uses: actions/checkout@v6
- name: Check CLI E2E status
uses: ./.github/actions/check-job-status
with:
job_name: 'CLI E2E'
result: ${{ needs.cli-e2e-tests.result }}
sdk-e2e-tests:
needs: [change-detection]
uses: ./.github/workflows/test-sdk-e2e.yml
secrets: inherit
with:
has_cosmos: ${{ needs.change-detection.outputs.has_cosmos }}
has_aleo: ${{ needs.change-detection.outputs.has_aleo }}
has_radix: ${{ needs.change-detection.outputs.has_radix }}
has_starknet: ${{ needs.change-detection.outputs.has_starknet }}
has_tron: ${{ needs.change-detection.outputs.has_tron }}
has_svm: ${{ needs.change-detection.outputs.has_svm }}
sdk-e2e:
runs-on: ubuntu-latest
needs: [sdk-e2e-tests]
if: always()
steps:
- uses: actions/checkout@v6
- name: Check SDK E2E status
uses: ./.github/actions/check-job-status
with:
job_name: 'SDK E2E'
result: ${{ needs.sdk-e2e-tests.result }}
rust-e2e-tests:
uses: ./.github/workflows/test-rust-e2e.yml
secrets: inherit
with:
event_name: ${{ github.event_name }}
base_ref: ${{ github.base_ref }}
coverage-tests:
needs: [set-base-sha]
uses: ./.github/workflows/test-coverage.yml
secrets: inherit
with:
base_sha: ${{ needs.set-base-sha.outputs.base_sha }}
current_sha: ${{ needs.set-base-sha.outputs.current_sha }}
agent-configs:
runs-on: depot-ubuntu-24.04
needs: [change-detection]
if: needs.change-detection.outputs.skip_ts != 'true'
strategy:
fail-fast: false
matrix:
environment: [mainnet3, testnet4]
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
- name: pnpm-build
uses: ./.github/actions/pnpm-build-with-cache
- name: Checkout registry
uses: ./.github/actions/checkout-registry
- name: Generate ${{ matrix.environment }} agent config
run: |
cd typescript/infra
pnpm tsx ./scripts/agents/update-agent-config.ts -e ${{ matrix.environment }}
CHANGES=$(git status -s . :/rust/main/config)
if [[ ! -z $CHANGES ]]; then
echo "Changes found in agent config: $CHANGES"
exit 1
fi
svm-program-bytes:
runs-on: ubuntu-latest
needs: [change-detection]
if: needs.change-detection.outputs.has_svm == 'true'
steps:
- uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha || github.sha }}
- uses: actions/setup-node@v6
with:
node-version-file: .nvmrc
- name: Check program-bytes.ts staleness
run: node typescript/svm-sdk/scripts/check-program-bytes-hash.mjs
env-tests:
needs: [change-detection]
uses: ./.github/workflows/test-env.yml
secrets: inherit
with:
skip_ts: ${{ needs.change-detection.outputs.skip_ts }}