feat: scope the CI and add QoL improvements (#3316)

## Description

This PR modifies the monorepo workflows, and introduces QoL improvements
to the overall CI.
The PR is not meant to be a cover-all fix for the CI, but a start on how
we can begin improving it.

@gfanton We should start looking into how to group txtars soon 🙏

.github/.editorconfig

@@ -0,0 +1,8 @@
+# Make sure this is the top-level editorconfig
+# https://editorconfig.org/
+root = true
+
+# GitHub Actions Workflows
+[workflows/**.yml]
+indent_style = space
+indent_size = 2

.github/codecov.yml

@@ -4,7 +4,7 @@ codecov:
     wait_for_ci: true
 
 comment:
-  require_changes: false
+  require_changes: true
 
 coverage:
   round: down
@@ -13,7 +13,7 @@ coverage:
     project:
       default:
         target: auto
-        threshold: 10 # Let's decrease this later.
+        threshold: 5 # Let's decrease this later.
         base: parent
         if_no_uploads: error
         if_not_found: success
@@ -22,12 +22,12 @@ coverage:
     patch:
       default:
         target: auto
-        threshold: 10 # Let's decrease this later.
+        threshold: 5 # Let's decrease this later.
         base: auto
         if_no_uploads: error
         if_not_found: success
         if_ci_failed: error
-        only_pulls: false
+        only_pulls: true # Only check patch coverage on PRs
 
 flag_management:
   default_rules:

.github/golangci.yml

@@ -44,9 +44,11 @@ linters:
 linters-settings:
   gofmt:
     simplify: true
+
   goconst:
     min-len: 3
     min-occurrences: 3
+
   gosec:
     excludes:
       - G204 # Subprocess launched with a potential tainted input or cmd arguments
@@ -56,13 +58,15 @@ linters-settings:
     checks: [ "all", "-ST1022", "-ST1003" ]
   errorlint:
     asserts: false
+
   gocritic:
     enabled-tags:
       - diagnostic
       - experimental
       - opinionated
       - performance
       - style
+
   forbidigo:
     forbid:
       - p: '^regexp\.(Match|MatchString)$'
@@ -74,6 +78,7 @@ issues:
   max-same-issues: 0
   new: false
   fix: false
+
   exclude-rules:
     - path: _test\.go
       linters:

.github/workflows/auto-author-assign.yml

@@ -1,4 +1,4 @@
-name: auto-author-assign
+name: Auto Assign PR Author
 
 on:
   pull_request_target:

.github/workflows/autocounterd.yml

@@ -1,19 +1,13 @@
-name: autocounterd
+name: Portal Loop - autocounterd
 
 on:
-  pull_request:
-    branches:
-      - master
   push:
+    branches:
+      - "master"
     paths:
       - misc/autocounterd
       - misc/loop
       - .github/workflows/autocounterd.yml
-    branches:
-      - "master"
-      - "misc/autocounterd"
-    tags:
-      - "v*"
 
 permissions:
   contents: read

.github/workflows/benchmark-master-push.yml

@@ -1,14 +1,14 @@
-name: run benchmarks when pushing on main branch
+name: Run and Save Benchmarks
 
 on:
   push:
     branches:
       - master
     paths:
-      - contribs/**
-      - gno.land/**
-      - gnovm/**
-      - tm2/**
+      - contribs/**/*.go
+      - gno.land/**/*.go
+      - gnovm/**/*.go
+      - tm2/**/*.go
 
 permissions:
   # deployments permission to deploy GitHub pages website
@@ -22,7 +22,7 @@ env:
 jobs:
   benchmarks:
     if: ${{ github.repository == 'gnolang/gno' }}
-    runs-on: [self-hosted, Linux, X64, benchmarks]
+    runs-on: [ self-hosted, Linux, X64, benchmarks ]
     steps:
       - name: Checkout
         uses: actions/checkout@v4

.github/workflows/codeql.yml

@@ -9,7 +9,7 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: "CodeQL"
+name: CodeQL
 
 on:
   push:
@@ -41,8 +41,8 @@ jobs:
       fail-fast: false
       matrix:
         include:
-        - language: go
-          build-mode: autobuild
+          - language: go
+            build-mode: autobuild
         # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
         # Use `c-cpp` to analyze code written in C, C++ or both
         # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
@@ -52,38 +52,38 @@ jobs:
         # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
+      - name: Checkout repository
+        uses: actions/checkout@v4
 
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: ${{ matrix.language }}
-        build-mode: ${{ matrix.build-mode }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          build-mode: ${{ matrix.build-mode }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
 
-        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-        # queries: security-extended,security-and-quality
+          # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+          # queries: security-extended,security-and-quality
 
-    # If the analyze step fails for one of the languages you are analyzing with
-    # "We were unable to automatically build your code", modify the matrix above
-    # to set the build mode to "manual" for that language. Then modify this step
-    # to build your code.
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-    - if: matrix.build-mode == 'manual'
-      run: |
-        echo 'If you are using a "manual" build mode for one or more of the' \
-          'languages you are analyzing, replace this with the commands to build' \
-          'your code, for example:'
-        echo '  make bootstrap'
-        echo '  make release'
-        exit 1
+      # If the analyze step fails for one of the languages you are analyzing with
+      # "We were unable to automatically build your code", modify the matrix above
+      # to set the build mode to "manual" for that language. Then modify this step
+      # to build your code.
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+      - if: matrix.build-mode == 'manual'
+        run: |
+          echo 'If you are using a "manual" build mode for one or more of the' \
+            'languages you are analyzing, replace this with the commands to build' \
+            'your code, for example:'
+          echo '  make bootstrap'
+          echo '  make release'
+          exit 1
 
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
-      with:
-        category: "/language:${{matrix.language}}"
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{matrix.language}}"

.github/workflows/contribs.yml

@@ -1,30 +1,54 @@
-name: contribs
+name: Contribs
 
 on:
   push:
     branches:
       - master
-  workflow_dispatch:
   pull_request:
+    paths:
+      - contribs/**
+  workflow_dispatch:
 
 jobs:
   setup:
     runs-on: ubuntu-latest
     outputs:
       programs: ${{ steps.set-matrix.outputs.programs }}
+      go-versions: ${{ steps.get-go-versions.outputs.go-versions }}
     steps:
       - uses: actions/checkout@v4
+
       - id: set-matrix
-        run: echo "::set-output name=programs::$(ls -d contribs/*/ | cut -d/ -f2 | jq -R -s -c 'split("\n")[:-1]')"
+        run: |
+          echo "::set-output name=programs::$(ls -d contribs/*/ | cut -d/ -f2 | jq -R -s -c 'split("\n")[:-1]')"
+
+      - id: get-go-versions
+        run: |
+          contribs_programs=$(ls -d contribs/*/ | cut -d/ -f2)
+          versions_map="{"
+          
+          for p in $contribs_programs; do
+            # Fetch the go version of the contribs entry, and save it
+            # to a versions map we can reference later in the workflow
+            go_version=$(grep "^go [0-9]" contribs/$p/go.mod | cut -d ' ' -f2)
+            versions_map="$versions_map\"$p\":\"$go_version\","
+          done
+          
+          # Close out the JSON
+          versions_map="${versions_map%,}"
+          versions_map="$versions_map}"
+          echo "::set-output name=go-versions::$versions_map"
+
   main:
     needs: setup
     strategy:
-        fail-fast: false
-        matrix:
-          program: ${{ fromJson(needs.setup.outputs.programs) }}
+      fail-fast: false
+      matrix:
+        program: ${{ fromJson(needs.setup.outputs.programs) }}
     name: Run Main
     uses: ./.github/workflows/main_template.yml
     with:
       modulepath: contribs/${{ matrix.program }}
+      go-version: ${{ (fromJson(needs.setup.outputs.go-versions))[matrix.program] }}
     secrets:
       codecov-token: ${{ secrets.CODECOV_TOKEN }}

.github/workflows/dependabot-validate.yml

@@ -1,10 +1,11 @@
-name: dependabot validate
+name: Validate Dependabot Config
 
 on:
   pull_request:
     paths:
       - '.github/dependabot.yml'
       - '.github/workflows/dependabot-validate.yml'
+
 jobs:
   validate:
     runs-on: ubuntu-latest

.github/workflows/deploy-docs.yml

@@ -1,4 +1,6 @@
-name: deploy docs on gnolang/docs.gno.land repository
+# This workflow triggers a cross-repo workflow call,
+# that deploys the monorepo docs on Netlify, using Docusaurus
+name: Deploy the Documentation
 on:
   push:
     branches:

.github/workflows/docs.yml → .github/workflows/docs-linter.yml

@@ -1,8 +1,8 @@
-name: "docs / lint"
+name: Docs Linter
 
 on:
   push:
-    paths:
+    branches:
       - master
   pull_request:
     paths:

.github/workflows/examples.yml

@@ -1,9 +1,13 @@
-name: examples
+name: Gno Examples
 
 on:
-  pull_request:
   push:
-    branches: ["master"]
+    branches:
+      - master
+  pull_request:
+    paths:
+      - gnovm/**/*.gno
+      - examples/**/*.gno
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
@@ -67,26 +71,22 @@ jobs:
       # TODO: consider running lint on every other directories, maybe in "warning" mode?
     # TODO: track coverage
   fmt:
-    strategy:
-      fail-fast: false
-      matrix:
-        goversion: ["1.22.x"]
+    name: Run gno fmt
     runs-on: ubuntu-latest
-    timeout-minutes: 10
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v5
+      - name: gno fmt
+        uses: ./.github/workflows/gnofmt_template.yml
         with:
-          go-version: ${{ matrix.goversion }}
-      - run: |
-          make fmt -C ./examples
-          # Check if there are changes after running make fmt
+          path: "examples/..."
+      - name: Check for unformatted gno files
+        run: |
           git diff --exit-code || (echo "Some gno files are not formatted, please run 'make fmt'." && exit 1)
+
   mod-tidy:
     strategy:
       fail-fast: false
       matrix:
-        go-version: ["1.22.x"]
+        go-version: [ "1.22.x" ]
         # unittests: TODO: matrix with contracts
     runs-on: ubuntu-latest
     timeout-minutes: 10

.github/workflows/fossa.yml

@@ -1,6 +1,18 @@
 name: Dependency License Scanning
 
 on:
+  push:
+    branches:
+      - master
+    paths:
+      - '**/*.go'
+      - 'go.mod'
+      - 'go.sum'
+  pull_request:
+    paths:
+      - '**/*.go'
+      - 'go.mod'
+      - 'go.sum'
   workflow_dispatch:
 
 permissions: