Skip to content

feat: automated blueprint validation CI pipeline#272

Merged
Osuochasam merged 4 commits into
Open-audit-foundation:mainfrom
michaelvic123:feat/blueprint-validation-ci
Jun 29, 2026
Merged

feat: automated blueprint validation CI pipeline#272
Osuochasam merged 4 commits into
Open-audit-foundation:mainfrom
michaelvic123:feat/blueprint-validation-ci

Conversation

@michaelvic123

@michaelvic123 michaelvic123 commented Jun 29, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

closes #234

Summary

Adds a full CI pipeline for community blueprint contributions. Zero changes to existing source files or tests.

Files

File What it does
docs/blueprint.schema.json JSON Schema (draft-07) every blueprint must conform to
scripts/validate-blueprint.js Zero-dependency Node script: schema check → placeholder cross-check → dry-run translation
.github/workflows/blueprint-validation.yml CI job: validate → lint → test → PR comment
.github/ISSUE_TEMPLATE/blueprint_contribution.md Structured issue template for proposing blueprints

Blueprint schema rules

  • contractId — must match ^C[A-Z2-7]{55}$ (valid Stellar strkey)
  • version — semver (e.g. 1.0.0)
  • Each event requires topic, template, and at least one field
  • Field type must be one of: address | amount | asset | string | integer | boolean
  • Field source must be one of: topic | data

Validation pipeline (3 checks)

  1. Schema validation — structural correctness against blueprint.schema.json
  2. Placeholder cross-check — every {placeholder} in the template must have a matching field definition, and every field must be referenced in the template
  3. Dry-run translation — synthetic params are substituted; fails if any placeholder remains unresolved in the output

PR comment output

After validation the bot posts (or updates) a sticky comment with:

  • Per-blueprint pass/fail with specific error messages
  • A preview table showing each event's dry-run output
  • A reviewer checklist (contract ID verifiable, template reads naturally, types match XDR)

Acceptance criteria

  • Valid blueprint → passes all three checks, receives preview comment
  • Broken {placeholder} → fails with template placeholder {x} has no matching field
  • Invalid contractId → fails with regex error identifying the bad value
  • Job completes in under 3 minutes (timeout-minutes: 3 enforced)
  • No changes to existing source files or tests required

@michaelvic123
feat: automated blueprint validation CI pipeline
b43d7cd 
- Add docs/blueprint.schema.json: strict JSON Schema (draft-07) for
  blueprint files. Enforces contractId regex (C + 55 base32 chars),
  semver version, required fields, typed field enums (address/amount/
  asset/string/integer/boolean), and source enums (topic/data).
- Add scripts/validate-blueprint.js: zero-dependency Node script that
  runs schema validation, placeholder cross-check ({placeholder} must
  have a matching field, every field must appear in the template), and
  a dry-run translation test. Writes a Markdown report for the CI bot.
- Add .github/workflows/blueprint-validation.yml: triggers on PRs that
  touch lib/translator/blueprints/**/*.json. Validates changed files,
  runs lint + tests, posts/updates a sticky PR comment with per-event
  translation previews and a reviewer checklist. Fails the check on
  any validation error. Completes in under 3 minutes.
- Add .github/ISSUE_TEMPLATE/blueprint_contribution.md: structured
  issue template for proposing new blueprints before implementation
@michaelvic123
fix: resolve CI failures in Docker build and Dependency Scanning
3845c03 
- package.json: bump vitest from ^3.2.6 to ^4.1.9 to match
  the peer dependency required by @vitest/ui@^4.1.9. The
  mismatched versions caused npm ci to fail with ERESOLVE
  inside the Docker build stage, breaking both linux/amd64
  and linux/arm64 image builds.

- native/soroban-xdr-decode/Cargo.toml: update stellar-xdr
  from 0.0.18 to 26.0.1. The old constraint no longer resolves
  on crates.io (available versions start at 26.0.0), which caused
  cargo generate-lockfile to exit 101 and broke the Dependency
  Scanning with Trivy job on every PR.

- native/: bring in the full native/ directory from upstream
  (soroban-xdr-decode and soroban-dsl) which was missing from
  this fork, causing the Cargo.toml fix to have no effect.
@michaelvic123
Merge branch 'fix/ci-vitest-cargo-deps' into feat/blueprint-validatio…
eb4bcd6 
…n-ci
@michaelvic123

michaelvic123 commented Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

I've pushed a fix to this branch that also resolves the two pre-existing CI failures affecting all PRs:

1. Docker Build (ERESOLVE): vitest bumped from ^3.2.6^4.1.9 to satisfy @vitest/ui@^4.1.9's peer dependency.

2. Dependency Scanning with Trivy (cargo exit 101): stellar-xdr updated from "0.0.18""26.0.1" in native/soroban-xdr-decode/Cargo.toml. The 0.x line no longer exists on crates.io.

The native/ directory (missing from fork) has also been synced from upstream so the Cargo fix takes effect.

Could a maintainer approve the workflow run so CI can re-trigger? The checks are pending approval.

@Osuochasam Osuochasam merged commit b45bca3 into Open-audit-foundation:main Jun 29, 2026
5 of 8 checks passed
@grantfox-oss grantfox-oss Bot mentioned this pull request Jun 29, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

ci: Add automated blueprint contribution pipeline with schema validation, dry-run translation test, and PR comment bot

2 participants

@michaelvic123 @Osuochasam