Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 36 additions & 30 deletions .github/workflows/checks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,18 +9,21 @@ on:
- 'v*'
pull_request:

permissions:
contents: read

jobs:
setup-dependencies:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- uses: actions/setup-go@v6
- uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.0.0
with:
go-version-file: go.mod

- name: Restore Go modules cache
uses: actions/cache@v6
uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.0.0
with:
path: /go/pkg/mod
key: go-mod-${{ hashFiles('**/go.sum') }}
Expand All @@ -35,7 +38,7 @@ jobs:
run: git gc

- name: Save source code cache
uses: actions/cache@v6
uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.0.0
with:
path: .git
key: go-src-${{ github.sha }}
Expand All @@ -45,8 +48,8 @@ jobs:
runs-on: ubuntu-latest
needs: setup-dependencies
steps:
- uses: actions/checkout@v7
- uses: actions/setup-go@v6
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.0.0
with:
go-version-file: go.mod
- name: Check go mod tidy
Expand All @@ -58,12 +61,12 @@ jobs:
runs-on: ubuntu-latest
needs: setup-dependencies
steps:
- uses: actions/checkout@v7
- uses: actions/setup-go@v6
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.0.0
with:
go-version-file: go.mod
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v9
uses: golangci/golangci-lint-action@ba0d7d2ec06a0ea1cb5fa41b2e4a3ab91d21278a # v9.2.0
with:
version: v2.11.3
args: --tests=false --timeout=5m0s
Expand All @@ -75,14 +78,14 @@ jobs:
matrix:
shard: [1, 2, 3, 4]
steps:
- uses: actions/checkout@v7
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- uses: actions/setup-go@v6
- uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.0.0
with:
go-version-file: go.mod

- name: Restore Go modules cache
uses: actions/cache@v6
uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.0.0
with:
path: /go/pkg/mod
key: go-mod-${{ hashFiles('**/go.sum') }}
Expand All @@ -108,7 +111,7 @@ jobs:
fi

- name: Upload coverage and logs
uses: actions/upload-artifact@v7
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.0
with:
name: coverage-${{ matrix.shard }}
path: |
Expand All @@ -119,10 +122,10 @@ jobs:
runs-on: ubuntu-latest
needs: test-cover
steps:
- uses: actions/checkout@v7
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- name: Download coverage artifacts
uses: actions/download-artifact@v8
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.0
with:
path: artifacts

Expand All @@ -132,20 +135,23 @@ jobs:
find artifacts -name '*.out' | xargs -I{} tail -n +2 {} >> coverage.txt

- name: Upload to Codecov
run: bash <(curl -s https://codecov.io/bash) -f coverage.txt
uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
with:
files: coverage.txt
fail_ci_if_error: false

test-system:
runs-on: ubuntu-latest
needs: test-cover
steps:
- uses: actions/checkout@v7
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- uses: actions/setup-go@v6
- uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.0.0
with:
go-version-file: go.mod

- name: Restore Go modules cache
uses: actions/cache@v6
uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.0.0
with:
path: /go/pkg/mod
key: go-mod-${{ hashFiles('**/go.sum') }}
Expand All @@ -164,7 +170,7 @@ jobs:

- name: Upload test system artifacts
if: failure()
uses: actions/upload-artifact@v7
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.0
with:
name: test-system-artifacts
path: /tmp/test-system-artifacts
Expand All @@ -174,14 +180,14 @@ jobs:
runs-on: ubuntu-latest
needs: test-cover
steps:
- uses: actions/checkout@v7
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- uses: actions/setup-go@v6
- uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.0.0
with:
go-version-file: go.mod

- name: Restore Go modules cache
uses: actions/cache@v6
uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.0.0
with:
path: /go/pkg/mod
key: go-mod-${{ hashFiles('**/go.sum') }}
Expand All @@ -200,9 +206,9 @@ jobs:
runs-on: ubuntu-latest
needs: setup-dependencies
steps:
- uses: actions/checkout@v7
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- uses: actions/setup-go@v6
- uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.0.0
with:
go-version-file: go.mod

Expand All @@ -215,14 +221,14 @@ jobs:
env:
IMAGE_NAME: cosmwasm/wasmd
steps:
- uses: actions/checkout@v7
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- uses: actions/setup-go@v6
- uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.0.0
with:
go-version-file: go.mod

- name: Set up Docker
uses: docker/setup-buildx-action@v4
uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4.0.0

- name: Build Docker image
run: |
Expand All @@ -242,15 +248,15 @@ jobs:
fi

- name: Login to DockerHub
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')
if: github.repository == 'CosmWasm/wasmd' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/'))
env:
DOCKER_USER: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKER_PASS: ${{ secrets.DOCKERHUB_TOKEN }}
run: |
echo $DOCKER_PASS | docker login -u $DOCKER_USER --password-stdin

- name: Push Docker image
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')
if: github.repository == 'CosmWasm/wasmd' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/'))
run: |
SHA=${{ github.sha }}
docker push $IMAGE_NAME:$SHA
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/codeql-analizer.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,18 +19,18 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v7
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
uses: github/codeql-action/init@1ad29ea4a422cce9a242a9fae469541dcd08addc # v4.32.6
with:
languages: 'go'
queries: crypto-com/cosmos-sdk-codeql@main,security-and-quality
queries: security-and-quality

- name: Autobuild
uses: github/codeql-action/autobuild@v4
uses: github/codeql-action/autobuild@1ad29ea4a422cce9a242a9fae469541dcd08addc # v4.32.6

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
uses: github/codeql-action/analyze@1ad29ea4a422cce9a242a9fae469541dcd08addc # v4.32.6

6 changes: 3 additions & 3 deletions .github/workflows/proto-buf-linter.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,10 @@ jobs:
buf-lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- uses: bufbuild/buf-setup-action@v1.50.0
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: bufbuild/buf-setup-action@a47c93e0b1648d5651a065437926377d060baa99 # v1.50.0

# lint checks
- uses: bufbuild/buf-lint-action@v1
- uses: bufbuild/buf-lint-action@06f9dd823d873146471cfaaf108a993fe00e5325 # v1.1.1
with:
input: "proto"
19 changes: 8 additions & 11 deletions .github/workflows/proto-buf-publisher.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,27 +12,24 @@ on:
tags:
- "v[0-9]+.[0-9]+.[0-9]+.*" # Push events to matching v*, //i.e. v20.15.10, v0.27.0-rc1

permissions:
contents: read

jobs:
push:
if: github.repository == 'CosmWasm/wasmd'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v7
- uses: bufbuild/buf-setup-action@v1.50.0
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- uses: bufbuild/buf-setup-action@a47c93e0b1648d5651a065437926377d060baa99 # v1.50.0

# lint checks
- uses: bufbuild/buf-lint-action@v1
- uses: bufbuild/buf-lint-action@06f9dd823d873146471cfaaf108a993fe00e5325 # v1.1.1
with:
input: 'proto'

# TODO: Add this when project is more stable.
# backward compatibility breaking checks
#- uses: bufbuild/buf-breaking-action@v1
# with:
# input: 'proto'
# against: 'https://github.com/CosmWasm/wasmd.git#branch=master'

# publish proto files
- uses: bufbuild/buf-push-action@v1
- uses: bufbuild/buf-push-action@a654ff18effe4641ebea4a4ce242c49800728459 # v1.2.0
with:
input: 'proto'
buf_token: ${{ secrets.BUF_TOKEN }}
5 changes: 3 additions & 2 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,14 @@ env:

jobs:
release:
if: github.repository == 'CosmWasm/wasmd'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v7
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0

- name: Set up Docker
uses: docker/setup-buildx-action@v4
uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4.0.0

- name: Build Docker image
run: |
Expand Down
7 changes: 5 additions & 2 deletions .github/workflows/typo-check.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,15 @@ on:
- main
workflow_dispatch:

permissions:
contents: read

jobs:
check-typos:
name: "Spell-check repository source"
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v7
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- name: Run spell-check
uses: crate-ci/typos@master
uses: crate-ci/typos@bee27e3a4fd1ea2111cf90ab89cd076c870fce14 # v1.48.0
3 changes: 2 additions & 1 deletion IPI_FORK_STATUS.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@
- Upstream: [`CosmWasm/wasmd`](https://github.com/CosmWasm/wasmd)
- Fork relationship: GitHub-native public fork
- Upstream license: Apache License 2.0
- IPI-specific commits at the time this notice was added: none
- IPI-specific changes: provenance documentation and fork-safe CI permissions;
no consensus or application changes
- IPI maturity: research base, not a released node

The Git history, upstream contributors, `LICENSE`, `NOTICE`, security guidance,
Expand Down
10 changes: 6 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,12 @@

This repository is a tracking fork of
[`CosmWasm/wasmd`](https://github.com/CosmWasm/wasmd). At the time of this
notice, the fork contains no IPI-specific commits and is not an IPI node binary,
canonical network release, or independent implementation. It is retained as an
upstream engineering base while the IPI node architecture, reproducible build,
genesis binding, upgrade path, and verification suite are defined publicly.
notice, IPI-specific changes are limited to provenance documentation and
fork-safe CI permissions. The fork contains no IPI consensus or application
changes and is not an IPI node binary, canonical network release, or independent
implementation. It is retained as an upstream engineering base while the IPI
node architecture, reproducible build, genesis binding, upgrade path, and
verification suite are defined publicly.

Do not infer IPI compatibility, network identity, or production readiness from
the repository name. The unmodified upstream documentation follows and remains
Expand Down
Loading