Merge branch 'main' into julien/core-gas

cosmos · May 8, 2024 · fefa773 · fefa773
2 parents 7e88b3c + 03d70aa
commit fefa773
Show file tree

Hide file tree

Showing 1,051 changed files with 67,329 additions and 29,655 deletions.
diff --git a/.github/codeql/config.yml b/.github/codeql/config.yml
@@ -0,0 +1,11 @@
+packs:
+  - crypto-com/cosmos-sdk-codeql
+queries:
+  - uses: security-and-quality
+  - uses: security-experimental
+  - uses: security-extended
+paths-ignore:
+  - api
+  - '**/*_test.go'
+  - '**/*.pulsar.go'
+  - '**/*.pb.gp'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -11,6 +11,10 @@ on:
     paths:
       - "**.go"
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
 jobs:
   analyze:
     name: Analyze
@@ -32,8 +36,8 @@ jobs:
         uses: github/codeql-action/init@v3
         with:
           languages: "go"
-          queries: +security-and-quality,github/codeql/go/ql/src/experimental/InconsistentCode/DeferInLoop.ql@main,github/codeql/go/ql/src/experimental/Unsafe/WrongUsageOfUnsafe.ql@main,github/codeql/go/ql/src/experimental/CWE-369/DivideByZero.ql@main
-          packs: +crypto-com/cosmos-sdk-codeql
+          config-file: ./.github/codeql/config.yml
+
           # If you wish to specify custom queries, you can do so here or in a config file.
           # By default, queries listed here will override any specified in a config file.
           # Prefix the list here with "+" to use these queries and those in the config file.

diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -1,6 +1,9 @@
 name: Run Gosec
 on:
   pull_request:
+    branches:
+      - main
+      - release/**
     paths:
       - "**/*.go"
       - "go.mod"
@@ -13,6 +16,10 @@ on:
       - "go.mod"
       - "go.sum"
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
 jobs:
   Gosec:
     permissions:
@@ -29,7 +36,7 @@ jobs:
         uses: securego/gosec@master
         with:
           # we let the report trigger content trigger a failure using the GitHub Security features.
-          args: "-exclude=G101,G107 -no-fail -fmt sarif -out results.sarif ./..."
+          args: "-exclude=G101,G107 -exclude-dir=systemtests -no-fail -fmt sarif -out results.sarif ./..."
 
       - name: Upload SARIF file
         uses: github/codeql-action/upload-sarif@v3

diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml
@@ -17,7 +17,7 @@ jobs:
       statuses: write # for amannn/action-semantic-pull-request to mark status of analyzed PR
     runs-on: ubuntu-latest
     steps:
-      - uses: amannn/action-semantic-pull-request@v5.4.0
+      - uses: amannn/action-semantic-pull-request@v5.5.2
         id: lint_pr_title
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -18,7 +18,7 @@ jobs:
       - uses: DeterminateSystems/magic-nix-cache-action@main
       - uses: actions/setup-go@v5
         with:
-          go-version: "1.22"
+          go-version: "1.22.2"
           check-latest: true
       - uses: technote-space/get-diff-action@v6.1.2
         id: git_diff

diff --git a/.github/workflows/proto.yml b/.github/workflows/proto.yml
@@ -15,7 +15,7 @@ jobs:
     timeout-minutes: 5
     steps:
       - uses: actions/checkout@v4
-      - uses: bufbuild/buf-setup-action@v1.30.1
+      - uses: bufbuild/buf-setup-action@v1.31.0
       - uses: bufbuild/buf-lint-action@v1
         with:
           input: "proto"
@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: bufbuild/buf-setup-action@v1.30.1
+      - uses: bufbuild/buf-setup-action@v1.31.0
       - uses: bufbuild/buf-breaking-action@v1
         with:
           input: "proto"

diff --git a/.github/workflows/starship-tests.yml b/.github/workflows/starship-tests.yml
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -144,6 +144,57 @@ jobs:
           name: "${{ github.sha }}-e2e-coverage"
           path: ./tests/e2e-profile.out
 
+  test-system:
+    needs: [tests, test-integration, test-e2e]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-tags: true
+      - uses: actions/setup-go@v5
+        with:
+          go-version: "1.22"
+          check-latest: true
+          cache: true
+          cache-dependency-path: |
+            simapp/go.sum
+            systemtest/go.sum
+      - uses: technote-space/get-diff-action@v6.1.2
+        id: git_diff
+        with:
+          PATTERNS: |
+            **/*.go
+            go.mod
+            go.sum
+            **/go.mod
+            **/go.sum
+            **/Makefile
+            Makefile
+      - name: Install musl lib for simd (docker) binary
+        if: env.GIT_DIFF
+        run: |
+          sudo apt-get install -y musl
+      - name: system tests v1
+        if: env.GIT_DIFF
+        run: |
+          COSMOS_BUILD_OPTIONS=legacy make test-system
+      - uses: actions/upload-artifact@v3
+        if: failure()
+        with:
+          name: "testnet-setup"
+          path: ./systemtests/testnet/
+          retention-days: 3
+      #      - name: system tests v2
+      #        if: env.GIT_DIFF
+      #        run: |
+      #          make test-system
+      - uses: actions/upload-artifact@v3
+        if: failure()
+        with:
+          name: "testnet-setup"
+          path: ./systemtests/testnet/
+          retention-days: 3
+
   repo-analysis:
     runs-on: ubuntu-latest
     needs: [tests, test-integration, test-e2e]
@@ -700,6 +751,29 @@ jobs:
         with:
           projectBaseDir: x/accounts/
 
+  test-x-accounts-lockup:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: "1.22"
+          check-latest: true
+          cache: true
+          cache-dependency-path: x/accounts/defaults/lockup/go.sum
+      - uses: technote-space/get-diff-action@v6.1.2
+        id: git_diff
+        with:
+          PATTERNS: |
+            x/accounts/defaults/lockup/**/*.go
+            x/accounts/defaults/lockup/go.mod
+            x/accounts/defaults/lockup/go.sum
+      - name: tests
+        if: env.GIT_DIFF
+        run: |
+          cd x/accounts/defaults/lockup
+          go test -mod=readonly -timeout 30m -coverprofile=coverage.out -covermode=atomic -tags='norace ledger test_ledger_mock' ./...
+
   test-x-tx:
     runs-on: ubuntu-latest
     steps:
@@ -1222,7 +1296,7 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         with:
           projectBaseDir: x/mint/
-  
+
   test-x-epochs:
     runs-on: ubuntu-latest
     steps:
@@ -1253,3 +1327,34 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
         with:
           projectBaseDir: x/epochs/
+
+  test-x-consensus:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: "1.22"
+          check-latest: true
+          cache: true
+          cache-dependency-path: x/consensus/go.sum
+      - uses: technote-space/get-diff-action@v6.1.2
+        id: git_diff
+        with:
+          PATTERNS: |
+            x/consensus/**/*.go
+            x/consensus/go.mod
+            x/consensus/go.sum
+      - name: tests
+        if: env.GIT_DIFF
+        run: |
+          cd x/consensus
+          go test -mod=readonly -timeout 30m -coverprofile=coverage.out -covermode=atomic -tags='norace ledger test_ledger_mock' ./...
+      - name: sonarcloud
+        if: ${{ env.GIT_DIFF && !github.event.pull_request.draft && env.SONAR_TOKEN != null }}
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          projectBaseDir: x/consensus/