kind: pipeline type: docker name: build-and-test when: event: pull_request path: exclude: - "formulas/**" - "evidence/**" - "docs/**" - "*.md" clone: git: image: woodpeckerci/plugin-git settings: depth: 50 reference: /git-mirrors/harb.git netrc_machine: codeberg.org netrc_username: johba netrc_password: from_secret: codeberg_token steps: - name: bootstrap-deps depends_on: [] image: registry.niovi.voyage/harb/node-ci:latest commands: - | bash -c ' set -euo pipefail git submodule update --init --recursive yarn --cwd onchain/lib/uni-v3-lib install --frozen-lockfile ' - name: foundry-suite depends_on: [bootstrap-deps] image: registry.niovi.voyage/harb/node-ci:latest commands: - | bash -c ' set -euo pipefail cd onchain export PATH=/root/.foundry/bin:$PATH forge --version forge build forge test -vvv forge snapshot ' - name: contracts-local-fork depends_on: [foundry-suite] image: registry.niovi.voyage/harb/node-ci:latest environment: HARB_ENV: BASE_SEPOLIA_LOCAL_FORK commands: - | bash -c ' set -euo pipefail cd onchain export PATH=/root/.foundry/bin:$PATH forge test -vv --ffi ' # NOTE: contracts-base-sepolia step removed — requires base_sepolia_rpc secret # which is not configured. Re-add when RPC secret is provisioned. - name: transpiler-tests depends_on: [] image: registry.niovi.voyage/harb/node-ci:latest when: - event: pull_request path: include: - tools/push3-transpiler/** - tools/push3-evolution/** commands: - | bash -c ' set -euo pipefail cd tools/push3-transpiler npm install --silent npm run build npm test ' - name: evolution-tests depends_on: [] image: registry.niovi.voyage/harb/node-ci:latest when: - event: pull_request path: include: - tools/push3-evolution/** - tools/push3-transpiler/** commands: - | bash -c ' set -euo pipefail cd tools/push3-transpiler npm install --silent cd ../push3-evolution npm install --silent npm run build npm test ' - name: seed-transpile-check depends_on: [bootstrap-deps] image: registry.niovi.voyage/harb/node-ci:latest when: - event: pull_request path: include: - tools/push3-transpiler/** - tools/push3-evolution/seeds/** commands: - | bash -c ' set -euo pipefail cd tools/push3-transpiler npm install --silent cd ../.. export PATH=/root/.foundry/bin:$PATH failed=0 for seed in tools/push3-evolution/seeds/*.push3; do name=$(basename "$seed") echo "--- Transpiling $name ---" if ! npx tsx tools/push3-transpiler/src/index.ts "$seed" onchain/src/OptimizerV3Push3.sol; then echo "WARN: $name failed to transpile (invalid program) — skipping" >&2 continue fi echo "--- Compiling $name ---" if ! (cd onchain && forge build --skip test script --silent); then echo "FAIL: $name transpiled but Solidity compilation failed" >&2 failed=1 fi done git checkout onchain/src/OptimizerV3Push3.sol if [ "$failed" -ne 0 ]; then echo "ERROR: One or more seeds failed transpile+compile check" >&2 exit 1 fi echo "All seeds transpile and compile successfully." ' - name: single-package-manager depends_on: [] image: registry.niovi.voyage/harb/node-ci:latest commands: - | bash -c ' set -euo pipefail if [ -f kraiken-lib/yarn.lock ]; then echo "ERROR: kraiken-lib/yarn.lock must not be committed. Use npm only (see packageManager field in kraiken-lib/package.json)." >&2 exit 1 fi ' - name: validate-evolution-patch depends_on: [] image: registry.niovi.voyage/harb/node-ci:latest when: - event: pull_request path: include: - onchain/** - tools/push3-evolution/** commands: - | bash -c ' set -euo pipefail if ! git apply --check tools/push3-evolution/evolution.patch; then echo "ERROR: evolution.patch needs regeneration — see tools/push3-evolution/evolution.conf" >&2 exit 1 fi echo "evolution.patch applies cleanly." ' - name: optimizer-not-mutated depends_on: [] image: registry.niovi.voyage/harb/node-ci:latest commands: - | bash -c ' set -euo pipefail if ! git diff --exit-code onchain/src/OptimizerV3.sol; then echo "ERROR: onchain/src/OptimizerV3.sol has uncommitted mutations (likely left by batch-eval or inject.sh)." >&2 exit 1 fi echo "OptimizerV3.sol is clean." ' - name: node-quality depends_on: [foundry-suite] image: registry.niovi.voyage/harb/node-ci:latest environment: CI: "true" NODE_OPTIONS: "--max-old-space-size=2048" commands: - | bash -c ' set -euo pipefail npm config set fund false npm config set audit false ./scripts/build-kraiken-lib.sh # Root install links workspace packages (@harb/web3) + all workspace members npm install --no-audit --no-fund # Landing (workspace member — deps already installed by root) npm run lint --prefix landing npm run build --prefix landing # Web-app (workspace member) npm run lint --prefix web-app npm run test --prefix web-app -- --run npm run build --prefix web-app # Ponder (standalone — not a workspace member) npm install --prefix services/ponder --no-audit --no-fund npm run lint --prefix services/ponder npm run build --prefix services/ponder # TxnBot (standalone) npm install --prefix services/txnBot --no-audit --no-fund npm run lint --prefix services/txnBot npm run test --prefix services/txnBot npm run build --prefix services/txnBot '