mirror of https://github.com/ConsenSys/mythril
blockchainethereumsmart-contractssoliditysecurityprogram-analysissecurity-analysissymbolic-execution
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
198 lines
6.0 KiB
198 lines
6.0 KiB
defaults: &defaults
|
|
docker:
|
|
# TODO: Try to replace this with `mythril/mythx-ci` image. That image is
|
|
# used for new integration testing, and it is build on top of the previous
|
|
# `mythril/dev_test_environment:0.0.43`, though a bit newer versions, thus
|
|
# there is a chance that it breaks some small things.
|
|
- image: mythril/dev_test_environment:0.0.43
|
|
|
|
version: 2
|
|
jobs:
|
|
# Basic testing of a new commit to any branch.
|
|
test:
|
|
<<: *defaults
|
|
steps:
|
|
- checkout:
|
|
path: /home/mythril
|
|
|
|
# Uncomment, for local testing with circleci command, as it ignores
|
|
# path param in checkout command, and this symlink compenstates for that.
|
|
# - run: ln -s /root/project /home/mythril
|
|
|
|
- restore-cache:
|
|
keys:
|
|
- tox-env-{{ checksum "/home/mythril/setup.py" }}
|
|
|
|
- run:
|
|
name: Install tox envs
|
|
command: tox -vv --notest
|
|
working_directory: /home/mythril
|
|
environment:
|
|
LC_ALL: en_US.ASCII
|
|
LANG: en_US.ASCII
|
|
|
|
- save_cache:
|
|
key: tox-env-{{ checksum "/home/mythril/setup.py" }}
|
|
paths:
|
|
- .tox/py*
|
|
- /root/.cache/pip/wheels/
|
|
|
|
- run:
|
|
name: Black style check
|
|
command: |
|
|
pip3 install --user black
|
|
python3 -m black --check /home/mythril/
|
|
|
|
- run:
|
|
background: true
|
|
name: Launch of background geth instance
|
|
command: geth --syncmode full --rpc --shh
|
|
|
|
- run:
|
|
name: Unit-testing
|
|
command: tox
|
|
working_directory: /home/mythril
|
|
no_output_timeout: 10m
|
|
environment:
|
|
LC_ALL: en_US.ASCII
|
|
LANG: en_US.ASCII
|
|
MYTHRIL_DIR: '/home/mythril'
|
|
|
|
- store_test_results:
|
|
path: /home/mythril/.tox/output
|
|
|
|
- store_artifacts:
|
|
path: /home/mythril/.tox/output
|
|
|
|
- run:
|
|
name: Ensuring that setup script is functional
|
|
command: python3 setup.py install
|
|
working_directory: /home/mythril
|
|
|
|
- run:
|
|
name: Sonar analysis
|
|
command: if [ -z "$CIRCLE_PR_NUMBER" ]; then if [ -z "$CIRCLE_TAG" ]; then sonar-scanner -Dsonar.projectKey=$SONAR_PROJECT_KEY -Dsonar.organization=$SONAR_ORGANIZATION -Dsonar.branch.name=$CIRCLE_BRANCH -Dsonar.projectBaseDir=/home/mythril -Dsonar.sources=mythril -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.tests=/home/mythril/tests -Dsonar.login=$SONAR_LOGIN; fi; fi
|
|
|
|
# - run:
|
|
# name: Integration tests
|
|
# command: if [ -z "$CIRCLE_PR_NUMBER" ]; then ./run-integration-tests.sh; fi
|
|
# working_directory: /home
|
|
|
|
integration_tests:
|
|
docker:
|
|
- image: circleci/python:3.6.4
|
|
working_directory: ~/project
|
|
steps:
|
|
- checkout
|
|
- setup_remote_docker
|
|
- run:
|
|
name: Clone Edelweiss
|
|
command: git clone --recurse-submodules https://$GITHUB_TOKEN@github.com/Consensys/Edelweiss.git
|
|
- run:
|
|
name: Update SWC-registry
|
|
working_directory: ~/project/Edelweiss
|
|
command: git submodule update --recursive --remote
|
|
- run:
|
|
name: Build Edelweiss
|
|
command: |
|
|
docker build \
|
|
--build-arg AWS_ACCESS_KEY_ID=$S3_AWS_ACCESS_KEY_ID \
|
|
--build-arg AWS_SECRET_ACCESS_KEY=$S3_AWS_SECRET_ACCESS_KEY \
|
|
--build-arg AWS_DEFAULT_REGION=us-east-1 --rm -t "edelweiss-mythril:latest" . -f Edelweiss/dockerfiles/mythril/Dockerfile
|
|
- run:
|
|
name: Run Edelweiss
|
|
command: |
|
|
docker run \
|
|
-e CIRCLE_BUILD_NUM=$CIRCLE_BUILD_NUM \
|
|
-e CIRCLE_BUILD_URL=$CIRCLE_BUILD_URL \
|
|
-e CIRCLE_WEBHOOK_URL=$CIRCLE_WEBHOOK_URL \
|
|
--rm edelweiss-mythril:latest \
|
|
--timeout 90 \
|
|
--output-dir /opt/edelweiss \
|
|
--s3 \
|
|
--dynamodb \
|
|
--circle-ci CircleCI/mythril.csv \
|
|
--ignore-false-positives $IGNORE_FALSE_POSITIVES \
|
|
--ignore-regressions $IGNORE_REGRESSIONS
|
|
|
|
pypi_release:
|
|
<<: *defaults
|
|
steps:
|
|
- checkout:
|
|
path: /home/mythril
|
|
- run:
|
|
name: Verify Git tag vs. version
|
|
command: python3 setup.py verify
|
|
working_directory: /home/mythril
|
|
- run:
|
|
name: Build
|
|
command: python3 setup.py sdist
|
|
working_directory: /home/mythril
|
|
- run:
|
|
name: Deploy
|
|
command: twine upload dist/*
|
|
working_directory: /home/mythril
|
|
|
|
# Release of the mainstream (current stable) version as mythril/myth
|
|
# container.
|
|
dockerhub_release:
|
|
docker:
|
|
- image: docker:stable
|
|
steps:
|
|
- checkout
|
|
- setup_remote_docker
|
|
- run:
|
|
name: Building Docker Image
|
|
command: ./docker_build_and_deploy.sh mythril/myth
|
|
|
|
# Release of the latest development version as mythril/myth-dev container.
|
|
dockerhub_dev_release:
|
|
docker:
|
|
- image: docker:stable
|
|
steps:
|
|
- checkout
|
|
- setup_remote_docker
|
|
- run:
|
|
name: Building Docker Image
|
|
command: ./docker_build_and_deploy.sh mythril/myth-dev
|
|
|
|
workflows:
|
|
version: 2
|
|
build:
|
|
jobs:
|
|
- test:
|
|
filters:
|
|
tags:
|
|
only: /.*/
|
|
- integration_tests:
|
|
filters:
|
|
branches:
|
|
only:
|
|
- develop
|
|
- master
|
|
tags:
|
|
only: /v[0-9]+(\.[0-9]+)*/
|
|
requires:
|
|
- test
|
|
- pypi_release:
|
|
filters:
|
|
branches:
|
|
ignore: /.*/
|
|
tags:
|
|
only: /v[0-9]+(\.[0-9]+)*/
|
|
requires:
|
|
- integration_tests
|
|
- dockerhub_dev_release:
|
|
filters:
|
|
branches:
|
|
only: develop
|
|
requires:
|
|
- integration_tests
|
|
- dockerhub_release:
|
|
filters:
|
|
branches:
|
|
ignore: /.*/
|
|
tags:
|
|
only: /v[0-9]+(\.[0-9]+)*/
|
|
requires:
|
|
- integration_tests
|
|
|