Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
mythril/.circleci/config.yml

208 lines
7.0 KiB

defaults:
&defaults
docker:
# TODO: Try to replace this with `mythril/mythx-ci` image. That image is
# used for new integration testing, and it is build on top of the previous
# `mythril/dev_test_environment:0.0.43`, though a bit newer versions, thus
# there is a chance that it breaks some small things.
- image: norhh/mythril-ci
version: 2
jobs:
# Basic testing of a new commit to any branch.
test:
<<: *defaults
parallelism: 4
steps:
- checkout:
path: /home/mythril
# Uncomment, for local testing with circleci command, as it ignores
# path param in checkout command, and this symlink compenstates for that.
# - run: ln -s /root/project /home/mythril
- restore-cache:
keys:
- tox-env-{{ checksum "/home/mythril/setup.py" }}
- run:
name: Install tox envs
command: tox -vv --notest
working_directory: /home/mythril
environment:
LC_ALL: en_US.ASCII
LANG: en_US.ASCII
- save_cache:
key: tox-env-{{ checksum "/home/mythril/setup.py" }}
paths:
- .tox/py*
- /root/.cache/pip/wheels/
# TODO: Remove all --break-system-packages here in and mythril-ci image
- run:
name: Black style check
command: |
pip3 install --user black==22.3.0 --break-system-packages
python3 -m black --check /home/mythril/
- run:
background: true
name: Launch of background geth instance
command: geth --syncmode full --http --http.api="db,eth,net,web3,personal"
- run:
name: Unit-testing
command: |
TESTFILES=$(circleci tests glob tests/**/*test.py | circleci tests split --split-by=timings)
tox -- $TESTFILES
working_directory: /home/mythril
no_output_timeout: 10m
environment:
LANG: en_US.ASCII
MYTHRIL_DIR: '/home/mythril'
INFURA_ID: $INFURA_ID
- store_test_results:
path: /home/mythril/.tox/output
- store_artifacts:
path: /home/mythril/.tox/output
- run:
name: Ensuring that setup script is functional
command: python3 -m build
working_directory: /home/mythril
#- run:
# name: Sonar analysis
# command: if [ -z "$CIRCLE_PR_NUMBER" ]; then if [ -z "$CIRCLE_TAG" ]; then
# sonar-scanner -Dsonar.projectKey=$SONAR_PROJECT_KEY
# -Dsonar.organization=$SONAR_ORGANIZATION
# -Dsonar.branch.name=$CIRCLE_BRANCH
# -Dsonar.projectBaseDir=/home/mythril -Dsonar.sources=mythril
# -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.tests=/home/mythril/tests
# -Dsonar.login=$SONAR_LOGIN; fi; fi
# - run:
# name: Integration tests
# command: if [ -z "$CIRCLE_PR_NUMBER" ]; then ./run-integration-tests.sh; fi
# working_directory: /home
# The resource_class feature allows configuring CPU and RAM resources for each job. Different resource classes are available for different executors. https://circleci.com/docs/2.0/configuration-reference/#resourceclass
resource_class: large
# integration_tests:
# docker:
# - image: circleci/python:3.6.4
# working_directory: ~/project
# steps:
# - checkout
# - setup_remote_docker
# - run:
# name: Clone Edelweiss
# command: git clone --recurse-submodules https://$GITHUB_TOKEN@github.com/Consensys/Edelweiss.git
# - run:
# name: Update SWC-registry
# working_directory: ~/project/Edelweiss
# command: git submodule update --recursive --remote
# - run:
# name: Build Edelweiss
# command: |
# docker build \
# --build-arg AWS_ACCESS_KEY_ID=$S3_AWS_ACCESS_KEY_ID \
# --build-arg AWS_SECRET_ACCESS_KEY=$S3_AWS_SECRET_ACCESS_KEY \
# --build-arg AWS_DEFAULT_REGION=us-east-1 --rm -t "edelweiss-mythril:latest" . -f Edelweiss/dockerfiles/mythril/Dockerfile
# - run:
# name: Run Edelweiss
# command: |
# docker run \
# -e CIRCLE_BRANCH=$CIRCLE_BRANCH \
# -e CIRCLE_SHA1=$CIRCLE_SHA1 \
# -e CIRCLE_BUILD_NUM=$CIRCLE_BUILD_NUM \
# -e CIRCLE_BUILD_URL=$CIRCLE_BUILD_URL \
# -e CIRCLE_WEBHOOK_URL=$CIRCLE_WEBHOOK_URL \
# -e MONGO_URL=$MONGO_URL \
# --rm edelweiss-mythril:latest \
# --timeout 90 \
# --output-dir /opt/edelweiss \
# --s3 \
# --dynamodb \
# --circle-ci CircleCI/mythril.csv \
# --ignore-false-positives $IGNORE_FALSE_POSITIVES \
# --ignore-regressions $IGNORE_REGRESSIONS
pypi_release:
<<: *defaults
steps:
- checkout:
path: /home/mythril
- run:
name: Verify Git tag vs. version
command: python3 setup.py verify
working_directory: /home/mythril
- run:
name: Build
command: python3 setup.py sdist
working_directory: /home/mythril
- run:
name: Deploy
command: twine upload dist/*
working_directory: /home/mythril
# Release of the mainstream (current stable) version as mythril/myth
# container.
dockerhub_release:
docker:
- image: docker:latest
steps:
- checkout
- setup_remote_docker
- run:
name: Install bash
command: apk add --no-cache bash
- run:
name: Building Docker Image
command: ./docker_build_and_deploy.sh mythril/myth
resource_class: arm.large
# Release of the latest development version as mythril/myth-dev container.
dockerhub_dev_release:
docker:
- image: docker:latest
steps:
- checkout
- setup_remote_docker
- run:
name: Install bash
command: apk add --no-cache bash
- run:
name: Building Docker Image
command: ./docker_build_and_deploy.sh mythril/myth-dev
# The resource_class feature allows configuring CPU and RAM resources for each job. Different resource classes are available for different executors. https://circleci.com/docs/2.0/configuration-reference/#resourceclass
resource_class: arm.xlarge
workflows:
version: 2
build:
jobs:
- test:
filters:
tags:
only: /.*/
- pypi_release:
filters:
branches:
ignore: /.*/
tags:
only: /v[0-9]+(\.[0-9]+)*/
requires:
- test
- dockerhub_dev_release:
filters:
branches:
only: develop
requires:
- test
- dockerhub_release:
filters:
branches:
ignore: /.*/
tags:
only: /v[0-9]+(\.[0-9]+)*/
requires:
- test