Merge remote-tracking branch 'origin/v0.42-dev' into feat/blockchain-identities-account-type

Author: lklimek

.codecov.yml

@@ -35,7 +35,6 @@ flags:
   wallet:
     paths:
       - key-wallet/src/
-      - key-wallet-manager/src/
   ffi:
     paths:
       - dash-spv-ffi/src/

.coderabbit.yaml

@@ -1,3 +1,12 @@
 # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
 reviews:
   request_changes_workflow: true
+  path_instructions:
+    - path: "**"
+      instructions: |
+        Check whether the PR title prefix allowed in the pr-title.yml workflow
+        accurately describes the changes. Flag e.g. if a PR labeled "fix" appears to add
+        new functionality, if a "feat" PR only refactors existing code, or if a
+        "chore" PR contains logic changes that should be a "feat" or "fix".
+        If a PR mixes unrelated concerns (e.g., a bug fix bundled with a refactor
+        or new feature), suggest splitting it into separate focused PRs.

.github/ci-groups.yml

@@ -12,7 +12,6 @@ groups:
 
   wallet:
     - key-wallet
-    - key-wallet-manager
 
   ffi:
     - dash-spv-ffi

.github/scripts/check_ci_status.sh

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+# Evaluate CI check status for a PR, excluding the ready-for-review gate jobs.
+# Usage: check_ci_status.sh <pr_number> <repo>
+# Outputs one of: no_checks, all_passed, has_failures, pending
+
+set -euo pipefail
+
+PR_NUMBER="$1"
+REPO="$2"
+
+gh pr checks "$PR_NUMBER" --repo "$REPO" --json name,bucket --jq '
+  [.[] | select(.name | test("^(on-review|on-ci-complete)$") | not)] |
+  if length == 0 then "no_checks"
+  elif all(.bucket == "pass" or .bucket == "skipping") then "all_passed"
+  elif any(.bucket == "fail") then "has_failures"
+  else "pending"
+  end
+'

.github/scripts/ci_config.py

@@ -11,6 +11,7 @@
 import argparse
 import json
 import os
+import re
 import subprocess
 import sys
 from pathlib import Path
@@ -95,9 +96,34 @@ def verify_groups(args):
 
     print(f"All {len(workspace_crates)} workspace crates are assigned to test groups")
 
-    # Output groups for GitHub Actions matrix
-    github_output("groups", json.dumps(list(groups.keys())))
+    # Verify the hardcoded matrix in build-and-test.yml matches ci-groups.yml
+    workflow_file = Path(".github/workflows/build-and-test.yml")
+    expected = sorted(groups.keys())
 
+    try:
+        with open(workflow_file) as f:
+            content = f.read()
+    except FileNotFoundError:
+        github_error(f"Workflow file not found: {workflow_file}")
+        return 1
+
+    match = re.search(r'group:\s*\[([^\]]+)\]', content)
+    if not match:
+        github_error(f"No hardcoded group matrix found in {workflow_file}")
+        return 1
+
+    actual = sorted(
+        name.strip().strip('"').strip("'") for name in match.group(1).split(",")
+    )
+
+    if actual != expected:
+        github_error(
+            f"Hardcoded matrix {actual} does not match ci-groups.yml {expected}. "
+            f"Update the group list in {workflow_file}."
+        )
+        return 1
+
+    print(f"Hardcoded matrix matches ci-groups.yml: {expected}")
     return 0
 
 
@@ -120,17 +146,18 @@ def run_group_tests(args):
     for crate in crates:
         github_group_start(f"Testing {crate}")
 
-        if coverage:
-            cmd = ["cargo", "llvm-cov", "--no-report", "-p", crate, "--all-features"]
-        else:
-            cmd = ["cargo", "test", "-p", crate, "--all-features"]
-        result = subprocess.run(cmd)
-
-        github_group_end()
-
-        if result.returncode != 0:
-            failed.append(crate)
-            github_error(f"Test failed for {crate} on {args.os}")
+        try:
+            if coverage:
+                cmd = ["cargo", "llvm-cov", "--no-report", "-p", crate, "--all-features"]
+            else:
+                cmd = ["cargo", "test", "-p", crate, "--all-features"]
+            result = subprocess.run(cmd)
+
+            if result.returncode != 0:
+                failed.append(crate)
+                github_error(f"Test failed for {crate} on {args.os}")
+        finally:
+            github_group_end()
 
     if failed:
         print("\n" + "=" * 40)

.github/workflows/build-and-test.yml

@@ -6,9 +6,6 @@ on:
       os:
         required: true
         type: string
-      groups:
-        required: true
-        type: string
       coverage:
         required: false
         type: boolean
@@ -21,7 +18,7 @@ permissions:
 env:
   DASHVERSION: "23.1.0"
   TEST_DATA_REPO: "dashpay/regtest-blockchain"
-  TEST_DATA_VERSION: "v0.0.2"
+  TEST_DATA_VERSION: "v0.0.3"
 
 jobs:
   test:
@@ -30,7 +27,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        group: ${{ fromJson(inputs.groups) }}
+        group: ["core", "spv", "wallet", "ffi", "rpc"]
     env:
       RUST_BACKTRACE: 1
     steps:
@@ -66,7 +63,7 @@ jobs:
       - name: Run tests
         id: tests
         env:
-          DASHD_TEST_RETAIN_DIR: ${{ (matrix.group == 'spv' || matrix.group == 'ffi') && '/tmp/dashd-test-logs' || '' }}
+          DASHD_TEST_RETAIN_DIR: ${{ (matrix.group == 'spv' || matrix.group == 'ffi') && format('{0}/dashd-test-logs', runner.temp) || '' }}
         run: >
           python .github/scripts/ci_config.py run-group ${{ matrix.group }}
           --os ${{ inputs.os }}
@@ -90,6 +87,6 @@ jobs:
         uses: actions/upload-artifact@v4
         with:
           name: ${{ matrix.group }}-test-logs-${{ inputs.os }}
-          path: /tmp/dashd-test-logs/
+          path: ${{ runner.temp }}/dashd-test-logs/
           retention-days: 7
           if-no-files-found: ignore

.github/workflows/pr-title.yml

@@ -0,0 +1,30 @@
+name: PR Title Check
+
+on:
+  pull_request_target:
+    types: [opened, edited, synchronize]
+
+permissions:
+  pull-requests: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
+  cancel-in-progress: true
+
+jobs:
+  check-title:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: amannn/action-semantic-pull-request@v6
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          types: |
+            build
+            chore
+            ci
+            docs
+            feat
+            fix
+            refactor
+            test

.github/workflows/ready-for-review.yml

@@ -0,0 +1,155 @@
+name: Ready for Review Label
+
+on:
+  pull_request_review:
+    types: [submitted, dismissed]
+  workflow_run:
+    workflows: ["Continuous integration", "Pre-commit Checks", "Sanitizer"]
+    types: [completed]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.event.workflow_run.head_branch }}
+  cancel-in-progress: true
+
+permissions:
+  pull-requests: write
+  checks: read
+
+jobs:
+  # Handle CodeRabbit review events
+  on-review:
+    runs-on: ubuntu-latest
+    if: >-
+      github.event_name == 'pull_request_review' &&
+      github.event.review.user.login == 'coderabbitai[bot]'
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          sparse-checkout: .github/scripts
+          sparse-checkout-cone-mode: true
+      - name: Evaluate label
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+          REVIEW_STATE: ${{ github.event.review.state }}
+          EVENT_ACTION: ${{ github.event.action }}
+          REPO: ${{ github.repository }}
+        run: |
+          # On dismissal or changes requested, always remove label
+          if [ "$EVENT_ACTION" = "dismissed" ] || [ "$REVIEW_STATE" = "changes_requested" ]; then
+            echo "CodeRabbit review dismissed or changes requested, removing label."
+            gh pr edit "$PR_NUMBER" --repo "$REPO" --remove-label "ready-for-review" || true
+            exit 0
+          fi
+
+          # On approval, check if all CI checks have also passed
+          if [ "$EVENT_ACTION" = "submitted" ] && [ "$REVIEW_STATE" = "approved" ]; then
+            echo "CodeRabbit approved. Checking CI status..."
+
+            CI_STATUS=$(.github/scripts/check_ci_status.sh "$PR_NUMBER" "$REPO")
+
+            echo "CI status: $CI_STATUS"
+            if [ "$CI_STATUS" = "all_passed" ]; then
+              echo "All conditions met. Adding ready-for-review label."
+              gh pr edit "$PR_NUMBER" --repo "$REPO" --add-label "ready-for-review"
+            else
+              echo "CI checks not all passing ($CI_STATUS). Label not added."
+            fi
+          fi
+
+  # Handle CI workflow completions
+  on-ci-complete:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'workflow_run'
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          sparse-checkout: |
+            .github/scripts
+            .github/workflows
+          sparse-checkout-cone-mode: true
+      - name: Validate workflow trigger coverage
+        run: |
+          SELF=".github/workflows/ready-for-review.yml"
+
+          # Extract workflow names from the workflow_run trigger list in this file
+          MONITORED=$(grep -A1 'workflows:' "$SELF" \
+            | grep '\[' \
+            | tr ',' '\n' \
+            | sed 's/.*"\([^"]*\)".*/\1/')
+
+          MISSING=""
+          for f in .github/workflows/*.yml; do
+            # Skip self
+            [ "$f" = "$SELF" ] && continue
+
+            # Check if this workflow triggers on pull_request (not
+            # pull_request_target which has different semantics, and not
+            # workflow_call which is for reusable workflows).
+            if ! grep -qE '^[[:space:]]+pull_request:' "$f"; then
+              continue
+            fi
+
+            # Extract the workflow name
+            WF_NAME=$(grep -m1 '^name:' "$f" | sed "s/^name:\s*//; s/[\"']//g")
+
+            # Check if it's in the monitored list
+            if ! echo "$MONITORED" | grep -qF "$WF_NAME"; then
+              MISSING="$MISSING\n  - $WF_NAME ($f)"
+            fi
+          done
+
+          if [ -n "$MISSING" ]; then
+            echo ""
+            echo "ERROR: The following workflows trigger on pull_request but are"
+            echo "not listed in ready-for-review.yml's workflow_run trigger."
+            echo "Please add them to keep the ready-for-review label gate working correctly."
+            echo -e "$MISSING"
+            exit 1
+          fi
+
+          echo "All pull_request workflows are covered by workflow_run triggers."
+      - name: Evaluate label for associated PRs
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          REPO: ${{ github.repository }}
+          PULL_REQUESTS_JSON: ${{ toJson(github.event.workflow_run.pull_requests) }}
+        run: |
+          # Get PR numbers associated with this workflow run
+          PR_NUMBERS=$(echo "$PULL_REQUESTS_JSON" | jq -r '.[].number')
+
+          if [ -z "$PR_NUMBERS" ]; then
+            echo "No associated pull requests found, skipping."
+            exit 0
+          fi
+
+          for PR_NUMBER in $PR_NUMBERS; do
+            echo "=== Checking PR #$PR_NUMBER ==="
+
+            # Check if CodeRabbit has approved
+            CODERABBIT_STATE=$(gh api --paginate "repos/$REPO/pulls/$PR_NUMBER/reviews" | jq -rs '
+              add
+              | map(select(.user.login == "coderabbitai[bot]"))
+              | sort_by(.submitted_at)
+              | last
+              | .state // "NONE"
+            ')
+            echo "CodeRabbit review state: $CODERABBIT_STATE"
+
+            if [ "$CODERABBIT_STATE" != "APPROVED" ]; then
+              echo "CodeRabbit has not approved. Skipping."
+              continue
+            fi
+
+            # Check if all CI checks have passed
+            CI_STATUS=$(.github/scripts/check_ci_status.sh "$PR_NUMBER" "$REPO")
+
+            echo "CI status: $CI_STATUS"
+            if [ "$CI_STATUS" = "all_passed" ]; then
+              echo "Both conditions met. Adding ready-for-review label."
+              gh pr edit "$PR_NUMBER" --repo "$REPO" --add-label "ready-for-review"
+            else
+              echo "CI checks not all passing ($CI_STATUS). Removing label if present."
+              gh pr edit "$PR_NUMBER" --repo "$REPO" --remove-label "ready-for-review" || true
+            fi
+          done