Skip to content

Smoke test #115

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 23 commits into from
Oct 8, 2025
Merged

Smoke test #115

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
0b3759f
Try smoke test
ernest-nowacki Oct 3, 2025
55d0cf0
Potential fix for code scanning alert no. 17: Cache Poisoning via exe…
ernest-nowacki Oct 3, 2025
b6801a6
Update workflow to fix downloading cre cli
ernest-nowacki Oct 3, 2025
791b874
Add better triggering
ernest-nowacki Oct 3, 2025
0e1d8a9
fix on comment issue
ernest-nowacki Oct 3, 2025
b086e1d
Smoke test again
ernest-nowacki Oct 3, 2025
ae20ed9
Use proper binary name structure
ernest-nowacki Oct 3, 2025
1c726e9
Merge branch 'main' of github.com:smartcontractkit/cre-sdk-typescript…
ernest-nowacki Oct 8, 2025
3d38a41
Rework smoke test action to start small
ernest-nowacki Oct 8, 2025
79ab9d2
Install zsh
ernest-nowacki Oct 8, 2025
a6b4586
Specifically state permissions and pin bun install action to commit
ernest-nowacki Oct 8, 2025
a12083f
Add full checks now instead of just lint
ernest-nowacki Oct 8, 2025
4d646ba
Add rust toolchain installation
ernest-nowacki Oct 8, 2025
206f42e
Make sure we do check out the submodules too
ernest-nowacki Oct 8, 2025
e1a2f09
Try installing CRE CLI and see if it would work on the CI
ernest-nowacki Oct 8, 2025
38b0bba
Change the version we use for ubuntu-latest
ernest-nowacki Oct 8, 2025
7ace272
Simulate the hello world workflow
ernest-nowacki Oct 8, 2025
0d2bce9
Add a step to setup env variables
ernest-nowacki Oct 8, 2025
d8cfedd
Add proper key to simulate workflow using headless
ernest-nowacki Oct 8, 2025
6d0e658
Add actual expectations
ernest-nowacki Oct 8, 2025
c2dd4fe
Try improving validation step to properly match expected outcome
ernest-nowacki Oct 8, 2025
dc04971
Make CRE CLI simulation part of CI checks
ernest-nowacki Oct 8, 2025
d84f7f1
Restore full-checks as a name to pass the required checks
ernest-nowacki Oct 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
150 changes: 150 additions & 0 deletions .github/workflows/smoke-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,150 @@
name: Smoke Test
permissions:
contents: read

on:
pull_request:
branches: [main]

jobs:
smoke-test:
runs-on: ubuntu-latest

# Run for pull requests targeting main branch
if: github.event_name == 'pull_request'

steps:
- name: Checkout code
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
submodules: recursive
token: ${{ secrets.GITHUB_TOKEN }}

- name: Install system dependencies
run: |
sudo apt-get update
sudo apt-get install -y make zsh curl libclang-dev git build-essential

- name: Install asdf and toolchain from .tool-versions
run: |
# Install asdf with specific version and verification
ASDF_VERSION="v0.14.0"
git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch "$ASDF_VERSION" --depth 1

# Make asdf available to subsequent steps without re-sourcing
echo "$HOME/.asdf/bin" >> $GITHUB_PATH
echo "$HOME/.asdf/shims" >> $GITHUB_PATH

# Init asdf
source ~/.asdf/asdf.sh

# Add plugins required for the project with verification
asdf plugin add bun || echo "bun plugin already exists"
asdf plugin add golang || echo "golang plugin already exists"
asdf plugin add rust || echo "rust plugin already exists"
asdf plugin add nodejs || echo "nodejs plugin already exists"

# Install all versions pinned in .tool-versions
asdf install
asdf reshim

# Add Rust target for WASM (asdf-rust uses rustup under the hood)
rustup target add wasm32-wasip1

- name: Install dependencies
run: bun install

- name: Run full checks
run: bun full-checks

- name: Download and install cre-cli (ubuntu-latest)
env:
CRE_CLI_TAG: v0.6.1-alpha.0
run: |
set -euo pipefail

# Validate tag format to prevent injection
if [[ ! "$CRE_CLI_TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.-]+)?$ ]]; then
echo "Invalid tag format: $CRE_CLI_TAG"; exit 1
fi

# Map runner arch to release naming
case "$(uname -m)" in
x86_64|amd64) ARCH=amd64 ;;
aarch64|arm64) ARCH=arm64 ;;
*) echo "Unsupported arch: $(uname -m)"; exit 1 ;;
esac

ASSET="cre_linux_${ARCH}.tar.gz"
BASE_URL="https://github.com/smartcontractkit/cre-cli/releases/download/${CRE_CLI_TAG}"

echo "Downloading ${ASSET} and checksums.txt from ${CRE_CLI_TAG}..."
# Use more secure curl options
curl -fsSL --retry 3 --retry-delay 2 --max-time 300 \
--proto '=https' --tlsv1.2 \
-o "${ASSET}" "${BASE_URL}/${ASSET}"
curl -fsSL --retry 3 --retry-delay 2 --max-time 300 \
--proto '=https' --tlsv1.2 \
-o checksums.txt "${BASE_URL}/checksums.txt"

echo "Verifying checksum..."
# checksums.txt contains lines like: "<sha256> <filename>"
grep " ${ASSET}$" checksums.txt > sha_line.txt
if [ ! -s sha_line.txt ]; then
echo "No checksum entry for ${ASSET}"; exit 1
fi
sha256sum -c sha_line.txt

echo "Extracting..."
# Extract with restricted permissions
tar -xzf "${ASSET}" --no-same-owner --no-same-permissions

# Find the 'cre' binary (tarball is expected to contain it at top-level)
BIN="./cre"
if [ ! -f "$BIN" ]; then
BIN="$(tar -tzf "${ASSET}" | grep -E '/?cre$' | head -n1 || true)"
[ -z "$BIN" ] && { echo "Could not locate 'cre' in archive"; exit 1; }
tar -xzf "${ASSET}" "$BIN" --no-same-owner --no-same-permissions
fi

# Validate binary before installation
if [ ! -x "$BIN" ]; then
chmod +x "$BIN"
fi

echo "Installing to /usr/local/bin..."
sudo mv "${BIN:-./cre}" /usr/local/bin/cre
sudo chmod 755 /usr/local/bin/cre

echo "Installed version:"
cre --version

- name: Setup CRE SDK examples
run: |
cd packages/cre-sdk-examples
bunx cre-setup

- name: Simulate Hello World workflow
run: |
cd packages/cre-sdk-examples
cre workflow simulate ./src/workflows/hello-world --target local-simulation

- name: Simulate Http Fetch workflow
run: |
cd packages/cre-sdk-examples
cre workflow simulate ./src/workflows/http-fetch --target local-simulation

- name: Simulate On Chain Read workflow
run: |
cd packages/cre-sdk-examples
cre workflow simulate ./src/workflows/on-chain --target local-simulation

- name: Simulate On Chain Write workflow
run: |
cd packages/cre-sdk-examples
cre workflow simulate ./src/workflows/on-chain-write --target local-simulation

- name: Simulate Proof of Reserve workflow
run: |
cd packages/cre-sdk-examples
cre workflow simulate ./src/workflows/proof-of-reserve --target local-simulation --secrets ../../../secrets.yaml
4 changes: 2 additions & 2 deletions packages/cre-sdk-examples/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,13 @@ cre workflow simulate ./src/workflows/on-chain --target local-simulation
[On Chain Write workflow](https://github.com/smartcontractkit/cre-sdk-typescript/blob/main/packages/cre-sdk-examples/src/workflows/on-chain-write/index.ts):

```zsh
cre workflow simulate ./src/workflows/on-chain-write --target local-simulation --broadcast
cre workflow simulate ./src/workflows/on-chain-write --target local-simulation
```

[Proof of Reserve workflow](https://github.com/smartcontractkit/cre-sdk-typescript/blob/main/packages/cre-sdk-examples/src/workflows/proof-of-reserve/index.ts):

```zsh
cre workflow simulate ./src/workflows/proof-of-reserve --target local-simulation --broadcast --secrets ../../../secrets.yaml
cre workflow simulate ./src/workflows/proof-of-reserve --target local-simulation --secrets ../../../secrets.yaml
```

## Testing workflow compilation only
Expand Down
Loading