feat(CI): handle remote files in a safer way#2217
Conversation
Signed-off-by: onur-ozkan <work@onurozkan.dev>
Signed-off-by: onur-ozkan <work@onurozkan.dev>
onur-ozkan
force-pushed
the
safer-pipelines
branch
from
a773a72 to
cabce77
Compare
There was a problem hiding this comment.
- name: Install libudev (Linux)
- name: Install python3
- name: Install
paramikopip package
Is there some reason we don't want to lock these as well?
There was a problem hiding this comment.
Is there some reason we don't want to lock these as well?
They are fairly known dependencies and if we lock the versions we might miss the important fixes. It's also helpful to see if we are compatible with their recent releases.
There was a problem hiding this comment.
Can we use scp instead of paramiko? I understand windows is an outlier here, and we might continue to use it in that case.
There was a problem hiding this comment.
It's not clear to me what requires libudev. It's reference in the fmt-and-lint workflow only. Is it required for cargo clippy or cargo fmt?
There was a problem hiding this comment.
Can we use scp instead of paramiko? I understand windows is an outlier here, and we might continue to use it in that case.
We can but we need to rewrite this script.
It's not clear to me what requires libudev. It's reference in the fmt-and-lint workflow only. Is it required for cargo clippy or cargo fmt?
It's probably outdated (since e71e2cf maybe?), let me try to remove it.
There was a problem hiding this comment.
We have this https://github.com/KomodoPlatform/komodo-defi-framework/actions/runs/10940703111/job/30373689262?pr=2217#step:7:1267 in CI after libudev removal
There was a problem hiding this comment.
Most probably required from the non-default features.
Reverted.
There was a problem hiding this comment.
requirement is introduced by solana-remote-wallet@1.9.20
Could we check if this is absolutely necessary? Can someone please confirm that we actually use this crate?
There was a problem hiding this comment.
Could we check if this is absolutely necessary? Can someone please confirm that we actually use this crate?
It is necessary for enable-solana feature (and we run --all-features for linting runner). As we don't provide any output (like executable binary) to public from linting runner, there shouldn't be any concern for including libudev in that runner I think.
onur-ozkan
force-pushed
the
safer-pipelines
branch
from
04426a9 to
cabce77
Compare
Signed-off-by: onur-ozkan <work@onurozkan.dev>
onur-ozkan
force-pushed
the
safer-pipelines
branch
from
a5a84ae to
e472d3b
Compare
Signed-off-by: onur-ozkan <work@onurozkan.dev>
* dev: fix(orders): fix cancel order race condition using time-based cache (#2232) fix(legacy-swap): taker failed spend maker payment marked as failed (#2199) chore(adex-cli): deprecate adex-cli (#2234) feat(new-RPC): connection healthcheck implementation for peers (#2194) fix(proxy-signature): add message lifetime overflows (#2233) feat(CI): handle remote files in a safer way (#2217) chore(doc): update issue address in README (#2227) fix(merge): remove duplicated db_root function (#2229) feat(wallets): add `get_wallet_names` rpc (#2202) chore(tests): don't use `.wait()` and use `block_on` instead (#2220) fix(native-rpc): remove escaped response body (#2219) fix(clippy): fix coins mod clippy warnings in wasm (#2224) feat(core): handling CTRL-C signal with graceful shutdown (#2213) docs(README): fix typos (#2212) remove the non-sense arguments (#2216) fix(db): stop creating the all-zeroes dir on KDF start (#2218)
* dev: fix(orders): fix cancel order race condition using time-based cache (#2232) fix(legacy-swap): taker failed spend maker payment marked as failed (#2199) chore(adex-cli): deprecate adex-cli (#2234) feat(new-RPC): connection healthcheck implementation for peers (#2194) fix(proxy-signature): add message lifetime overflows (#2233) feat(CI): handle remote files in a safer way (#2217) chore(doc): update issue address in README (#2227) fix(merge): remove duplicated db_root function (#2229) feat(wallets): add `get_wallet_names` rpc (#2202) chore(tests): don't use `.wait()` and use `block_on` instead (#2220) fix(native-rpc): remove escaped response body (#2219) fix(clippy): fix coins mod clippy warnings in wasm (#2224) feat(core): handling CTRL-C signal with graceful shutdown (#2213) docs(README): fix typos (#2212) remove the non-sense arguments (#2216) fix(db): stop creating the all-zeroes dir on KDF start (#2218)
* dev: fix(cosmos): fix tx broadcasting error (#2238) chore(solana): remove solana implementation (#2239) chore(cli): remove leftover subcommands from help message (#2235) fix(orders): fix cancel order race condition using time-based cache (#2232) fix(legacy-swap): taker failed spend maker payment marked as failed (#2199) chore(adex-cli): deprecate adex-cli (#2234) feat(new-RPC): connection healthcheck implementation for peers (#2194) fix(proxy-signature): add message lifetime overflows (#2233) feat(CI): handle remote files in a safer way (#2217) chore(doc): update issue address in README (#2227) fix(merge): remove duplicated db_root function (#2229) feat(wallets): add `get_wallet_names` rpc (#2202) chore(tests): don't use `.wait()` and use `block_on` instead (#2220) fix(native-rpc): remove escaped response body (#2219) fix(clippy): fix coins mod clippy warnings in wasm (#2224) feat(core): handling CTRL-C signal with graceful shutdown (#2213) docs(README): fix typos (#2212) remove the non-sense arguments (#2216) fix(db): stop creating the all-zeroes dir on KDF start (#2218)
4 participants
This PR updates GHA runners to use locked scripts rather than always using the latest one from the master branch. It also adds a new GHA helper/plugin to easily download files and verify their checksums.
cc @Alrighttt