Skip to content

[GF-10] [BACKEND] CI/CD Hardening (cargo test, clippy, pnpm lint, SDK build) #43

Description

@wumibals

Overview

⚠️ Depends on: #34#40 (GF-01 through GF-07) — cargo test is only meaningful once the contract tests written in those issues exist. The CI job should be updated when the first contract implementation is merged.

The CI pipeline has critical gaps that allow broken code to pass undetected. This issue hardens the pipeline so that every PR is fully validated before merge.

Problem

Reviewing .github/workflows/ci.yml reveals:

  1. cargo test is not run — the contracts job only runs cargo build --target wasm32-unknown-unknown --release. A failing test will pass CI without any warning.
  2. pnpm lint is not run — the app package.json defines a lint script (next lint) but the CI workflow only runs pnpm typecheck. Linting errors are never caught automatically.
  3. cargo clippy is missing — no Rust lint step exists. Common mistakes (unused variables, needless borrows, etc.) are not flagged.
  4. SDK tsc build not verified — the SDK CI job only runs pnpm typecheck (tsc --noEmit) but never runs pnpm build (tsc), so the dist/ output required by package.json's main and types fields is never verified to generate correctly.
  5. No testnet smoke test — after testnet deployment (GF-11), there is no automated check that the deployed contracts respond correctly.

Proposed Solution

Update .github/workflows/ci.yml:

1. Add cargo test to the contracts job

- name: Run contract tests
  run: cargo test

Add this after the existing build step.

2. Add cargo clippy to the contracts job

- name: Clippy lint
  run: cargo clippy -- -D warnings

-D warnings treats all warnings as errors, preventing gradual lint drift.

3. Add pnpm lint to the app job

- name: Lint
  working-directory: app
  run: pnpm lint

Add this after the existing pnpm typecheck step.

4. Add SDK build step

- name: Build SDK
  working-directory: sdks/typescript
  run: pnpm build

This verifies the dist/ output is generated without TypeScript errors.

5. Add testnet smoke-test job (runs after GF-11 deployment)
A separate job that:

  • Reads contract addresses from deployments/testnet.json
  • Calls VaultRouter.position(test_address, Flex) via the Soroban RPC
  • Asserts a valid response (not a Soroban error)
  • Fails the workflow if the RPC call errors

Acceptance Criteria

  • cargo test runs in CI and fails the workflow if any test fails
  • cargo clippy -- -D warnings runs in CI and fails on any warning
  • pnpm lint runs in CI for the app and fails on lint errors
  • pnpm build runs in CI for the SDK and verifies dist/ is generated
  • All existing CI checks continue to pass
  • Testnet smoke-test job added (can be behind a workflow_dispatch trigger initially)

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions