diff --git a/.github/workflows/circuits-build.yml b/.github/workflows/circuits-build.yml index b729c65eb..5db9806c6 100644 --- a/.github/workflows/circuits-build.yml +++ b/.github/workflows/circuits-build.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install cpp dependencies run: | diff --git a/.github/workflows/circuits.yml b/.github/workflows/circuits.yml index d27071900..021753870 100644 --- a/.github/workflows/circuits.yml +++ b/.github/workflows/circuits.yml @@ -5,12 +5,45 @@ on: - dev - staging - main - paths: - - "circuits/**" jobs: + check_changes: + runs-on: ubuntu-slim + outputs: + should_run: ${{ steps.filter.outputs.should_run }} + steps: + - uses: actions/checkout@v6 + with: + fetch-depth: 0 + + - name: Check if should run + id: filter + run: | + set -e + if [[ "${{ github.base_ref }}" == "main" ]] || [[ "${{ github.base_ref }}" == "staging" ]]; then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "Running for ${{ github.base_ref }} - no path filter" + else + # For dev branch, check if circuits files changed + CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD) || { + echo "Error: Failed to diff against base branch" + exit 1 + } + if echo "$CHANGED_FILES" | grep -qE "^circuits/"; then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "Running for dev - circuits files changed" + else + echo "should_run=false" >> $GITHUB_OUTPUT + echo "Skipping for dev - no circuits files changed" + fi + fi + run_circuit_tests: - if: github.event.pull_request.draft == false - runs-on: ubuntu-latest + needs: check_changes + if: github.event.pull_request.draft == false && needs.check_changes.outputs.should_run == 'true' + runs-on: + - "self-hosted" + - "selfxyz-org" + - "ubuntu-24-04" environment: development permissions: contents: read @@ -18,7 +51,7 @@ jobs: CIRCOM_VERSION: "2.1.9" CIRCOM_SHA256: "e5575829252d763b7818049df9de2ef9304df834697de77fa63ce7babc23c967" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 # Circom installation from https://github.com/erhant/circomkit/blob/main/.github/workflows/tests.yml - name: Install dependencies @@ -106,6 +139,14 @@ jobs: - name: Print Circom version run: circom --version + - name: Setup Node.js + uses: actions/setup-node@v6 + with: + node-version-file: .nvmrc + + - name: Enable Corepack + run: corepack enable + - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: diff --git a/.github/workflows/common-ci.yml b/.github/workflows/common-ci.yml index 92d90e910..a4b8d7426 100644 --- a/.github/workflows/common-ci.yml +++ b/.github/workflows/common-ci.yml @@ -8,7 +8,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: @@ -34,7 +34,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: @@ -54,7 +54,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: @@ -90,7 +90,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn with: diff --git a/.github/workflows/contracts.yml b/.github/workflows/contracts.yml index 4e6fcc4a1..2c41d18a8 100644 --- a/.github/workflows/contracts.yml +++ b/.github/workflows/contracts.yml @@ -5,21 +5,50 @@ on: - dev - staging - main - paths: - - "contracts/**" - - "common/**" concurrency: group: contracts-ci-${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: + check_changes: + runs-on: ubuntu-slim + outputs: + should_run: ${{ steps.filter.outputs.should_run }} + steps: + - uses: actions/checkout@v6 + with: + fetch-depth: 0 + + - name: Check if should run + id: filter + run: | + set -e + if [[ "${{ github.base_ref }}" == "main" ]] || [[ "${{ github.base_ref }}" == "staging" ]]; then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "Running for ${{ github.base_ref }} - no path filter" + else + # For dev branch, check if contracts or common files changed + CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}...HEAD) || { + echo "Error: Failed to diff against base branch" + exit 1 + } + if echo "$CHANGED_FILES" | grep -qE "^(contracts|common)/"; then + echo "should_run=true" >> $GITHUB_OUTPUT + echo "Running for dev - contracts or common files changed" + else + echo "should_run=false" >> $GITHUB_OUTPUT + echo "Skipping for dev - no contracts or common files changed" + fi + fi + test_contracts: - if: github.event.pull_request.draft == false + needs: check_changes + if: github.event.pull_request.draft == false && needs.check_changes.outputs.should_run == 'true' runs-on: ubuntu-latest environment: development steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/core-sdk-ci.yml b/.github/workflows/core-sdk-ci.yml index 1896ba57c..64f1ff412 100644 --- a/.github/workflows/core-sdk-ci.yml +++ b/.github/workflows/core-sdk-ci.yml @@ -14,7 +14,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Build dependencies @@ -38,7 +38,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Corepack run: | corepack enable @@ -67,7 +67,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Corepack run: | corepack enable @@ -96,7 +96,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Corepack run: | corepack enable diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index 0e3ecb9c5..736794dd5 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -7,7 +7,7 @@ jobs: gitleaks: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Install gitleaks diff --git a/.github/workflows/mobile-bundle-analysis.yml b/.github/workflows/mobile-bundle-analysis.yml index 9e653f9cb..a1d7e4c98 100644 --- a/.github/workflows/mobile-bundle-analysis.yml +++ b/.github/workflows/mobile-bundle-analysis.yml @@ -34,7 +34,7 @@ jobs: analyze-android: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -101,7 +101,7 @@ jobs: # runs-on: macos-latest-large runs-on: namespace-profile-apple-silicon-6cpu steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/mobile-ci.yml b/.github/workflows/mobile-ci.yml index f6ea2ea06..badf7b698 100644 --- a/.github/workflows/mobile-ci.yml +++ b/.github/workflows/mobile-ci.yml @@ -38,7 +38,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 60 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -96,7 +96,7 @@ jobs: needs: build-deps timeout-minutes: 60 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -214,7 +214,7 @@ jobs: IOS_PROJECT_NAME: "Self" IOS_PROJECT_SCHEME: "OpenPassport" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -428,7 +428,7 @@ jobs: if: github.event_name == 'workflow_dispatch' timeout-minutes: 60 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/mobile-deploy.yml b/.github/workflows/mobile-deploy.yml index 1084325b6..cef3ccdd3 100644 --- a/.github/workflows/mobile-deploy.yml +++ b/.github/workflows/mobile-deploy.yml @@ -168,7 +168,7 @@ jobs: version_bump_type: ${{ steps.determine-bump.outputs.version_bump }} platform: ${{ steps.determine-platform.outputs.platform }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # Build from the branch that triggered the workflow (staging, feature branch, etc.) @@ -292,7 +292,7 @@ jobs: fi fi - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # Checkout the branch that triggered the workflow @@ -888,7 +888,7 @@ jobs: fi fi - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 if: inputs.platform != 'ios' with: fetch-depth: 0 @@ -1298,7 +1298,7 @@ jobs: env: APP_PATH: ${{ github.workspace }}/app steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # Checkout target branch for version bump PR (default: dev, override with bump_target_branch input) @@ -1487,7 +1487,7 @@ jobs: (needs.build-ios.result == 'success' || needs.build-android.result == 'success') && (inputs.deployment_track == 'production') steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 # Checkout target branch for tagging (usually dev) diff --git a/.github/workflows/mobile-e2e.yml b/.github/workflows/mobile-e2e.yml index ad4ea7083..84bf429b2 100644 --- a/.github/workflows/mobile-e2e.yml +++ b/.github/workflows/mobile-e2e.yml @@ -47,7 +47,7 @@ jobs: timeout-minutes: 120 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -251,7 +251,7 @@ jobs: IOS_PROJECT_NAME: "Self" IOS_PROJECT_SCHEME: "OpenPassport" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/mobile-sdk-ci.yml b/.github/workflows/mobile-sdk-ci.yml index 8812eb942..e39e94407 100644 --- a/.github/workflows/mobile-sdk-ci.yml +++ b/.github/workflows/mobile-sdk-ci.yml @@ -12,7 +12,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Build dependencies @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Restore build artifacts @@ -56,7 +56,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Restore build artifacts @@ -77,7 +77,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Restore build artifacts @@ -98,7 +98,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Restore build artifacts diff --git a/.github/workflows/mobile-sdk-demo-ci.yml b/.github/workflows/mobile-sdk-demo-ci.yml index 2bc07d764..c68339460 100644 --- a/.github/workflows/mobile-sdk-demo-ci.yml +++ b/.github/workflows/mobile-sdk-demo-ci.yml @@ -12,7 +12,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Node uses: actions/setup-node@v4 with: diff --git a/.github/workflows/mobile-sdk-demo-e2e.yml b/.github/workflows/mobile-sdk-demo-e2e.yml index 684a61963..f52fd6940 100644 --- a/.github/workflows/mobile-sdk-demo-e2e.yml +++ b/.github/workflows/mobile-sdk-demo-e2e.yml @@ -50,7 +50,7 @@ jobs: timeout-minutes: 60 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -225,7 +225,7 @@ jobs: IOS_WORKSPACE_PATH: packages/mobile-sdk-demo/ios/SelfDemoApp.xcworkspace IOS_PROJECT_SCHEME: SelfDemoApp steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index bd61914f8..3ae0a3a19 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -28,7 +28,7 @@ jobs: qrcode_angular_changed: ${{ steps.check-version.outputs.qrcode_angular_changed }} msdk_changed: ${{ steps.check-version.outputs.msdk_changed }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 2 @@ -63,7 +63,7 @@ jobs: echo "qrcode_angular_changed=true" >> $GITHUB_OUTPUT fi - if git diff HEAD^ HEAD -- sdk/mobile-sdk-alpha/package.json | grep -q '"version":' || [ "${{ github.event_name }}" = "workflow_dispatch" ]; then + if git diff HEAD^ HEAD -- packages/mobile-sdk-alpha/package.json | grep -q '"version":' || [ "${{ github.event_name }}" = "workflow_dispatch" ]; then echo "msdk_changed=true" >> $GITHUB_OUTPUT fi @@ -72,7 +72,7 @@ jobs: if: needs.detect-changes.outputs.core_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: @@ -100,7 +100,7 @@ jobs: if: needs.detect-changes.outputs.qrcode_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: @@ -128,13 +128,12 @@ jobs: if: needs.detect-changes.outputs.common_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: node-version-file: .nvmrc registry-url: "https://registry.npmjs.org" - - uses: actions/checkout@v4 - name: Install Dependencies uses: ./.github/actions/yarn-install @@ -155,7 +154,7 @@ jobs: if: needs.detect-changes.outputs.contracts_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: @@ -179,7 +178,7 @@ jobs: if: needs.detect-changes.outputs.qrcode_angular_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: @@ -207,7 +206,7 @@ jobs: if: needs.detect-changes.outputs.msdk_changed == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/qrcode-sdk-ci.yml b/.github/workflows/qrcode-sdk-ci.yml index 8b4852cc7..10202c07e 100644 --- a/.github/workflows/qrcode-sdk-ci.yml +++ b/.github/workflows/qrcode-sdk-ci.yml @@ -25,7 +25,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -85,7 +85,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -153,7 +153,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | @@ -215,7 +215,7 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Read and sanitize Node.js version shell: bash run: | diff --git a/.github/workflows/release-calendar.yml b/.github/workflows/release-calendar.yml index 67638d1e7..9c51e862d 100644 --- a/.github/workflows/release-calendar.yml +++ b/.github/workflows/release-calendar.yml @@ -77,7 +77,7 @@ jobs: - name: Check out repository if: ${{ steps.guard_schedule.outputs.continue == 'true' }} - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -256,7 +256,7 @@ jobs: - name: Check out repository if: ${{ steps.guard_schedule.outputs.continue == 'true' }} - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/web.yml b/.github/workflows/web.yml index 7f010e975..6bf358a26 100644 --- a/.github/workflows/web.yml +++ b/.github/workflows/web.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest if: false steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Install Dependencies uses: ./.github/actions/yarn-install - name: Build dependencies diff --git a/.github/workflows/workspace-ci.yml b/.github/workflows/workspace-ci.yml index f81c44c9a..56ebcbee8 100644 --- a/.github/workflows/workspace-ci.yml +++ b/.github/workflows/workspace-ci.yml @@ -18,7 +18,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -47,7 +47,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -76,7 +76,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -106,7 +106,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -147,7 +147,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Cache Yarn dependencies uses: ./.github/actions/cache-yarn @@ -176,7 +176,7 @@ jobs: # permissions: # contents: read # steps: - # - uses: actions/checkout@v4 + # - uses: actions/checkout@v6 # - name: Cache Yarn dependencies # uses: ./.github/actions/cache-yarn diff --git a/app/.github/workflows/test-coverage.yml b/app/.github/workflows/test-coverage.yml index 9674dac75..f21176c17 100644 --- a/app/.github/workflows/test-coverage.yml +++ b/app/.github/workflows/test-coverage.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Use Node.js uses: actions/setup-node@v4