[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-cicd-smart-contract-testing-regresi-gas-keamanan":3},{"article":4,"author":58},{"id":5,"category_id":6,"title":7,"slug":8,"excerpt":9,"content_md":10,"content_html":11,"locale":12,"author_id":13,"published":14,"published_at":15,"meta_title":7,"meta_description":16,"focus_keyword":17,"og_image":18,"canonical_url":18,"robots_meta":19,"created_at":15,"updated_at":15,"tags":20,"category_name":38,"related_articles":39},"d2000000-0000-0000-0000-000000000120","a0000000-0000-0000-0000-000000000022","CI\u002FCD untuk Smart Contract — Testing, Regresi Gas, dan Keamanan","cicd-smart-contract-testing-regresi-gas-keamanan","Pipeline CI\u002FCD lengkap untuk smart contract: unit test, fuzz test, gas snapshot, analisis keamanan statis, dan deployment otomatis dengan verifikasi.","## Mengapa CI\u002FCD untuk Smart Contract\n\nSmart contract tidak bisa diupdate setelah deployment — bug yang lolos ke mainnet bisa menyebabkan kerugian dana yang tidak dapat dipulihkan. CI\u002FCD pipeline yang ketat adalah pertahanan terakhir sebelum kode mencapai blockchain.\n\n## Pipeline Overview\n\n```\ncommit → lint → compile → unit test → fuzz test → gas check → security → deploy\n```\n\nSetiap tahap harus lulus sebelum melanjutkan. Satu kegagalan menghentikan pipeline.\n\n## GitHub Actions Workflow\n\n```yaml\nname: Smart Contract CI\n\non:\n push:\n branches: [main]\n pull_request:\n branches: [main]\n\njobs:\n test:\n runs-on: ubuntu-latest\n steps:\n - uses: actions\u002Fcheckout@v4\n \n - name: Install Foundry\n uses: foundry-rs\u002Ffoundry-toolchain@v1\n \n - name: Compile\n run: forge build --sizes\n \n - name: Unit Tests\n run: forge test -vvv\n \n - name: Fuzz Tests\n run: forge test --match-test testFuzz -vvv --fuzz-runs 10000\n \n - name: Gas Snapshot\n run: |\n forge snapshot\n forge snapshot --diff --check --tolerance 5\n```\n\n### Penjelasan Tahap\n\n1. **Compile** — `forge build --sizes` mengkompilasi dan melaporkan ukuran bytecode. Kontrak yang melebihi 24KB (batas EIP-170) gagal.\n\n2. **Unit Tests** — Semua test standar dengan verbosity level 3 untuk trace pada kegagalan.\n\n3. **Fuzz Tests** — Test khusus fuzzing dengan 10.000 iterasi. Jalankan terpisah karena memakan waktu lebih lama.\n\n4. **Gas Snapshot** — Bandingkan gas saat ini dengan snapshot tersimpan. Toleransi 5% mengizinkan variasi kecil.\n\n## Gas Regression Check\n\nGas snapshot adalah file yang melacak biaya gas per test:\n\n```bash\n# File: .gas-snapshot\ntestSwapExactIn() (gas: 72543)\ntestTransfer() (gas: 24123)\ntestMultiHopSwap() (gas: 145678)\n```\n\nDalam CI:\n```yaml\n- name: Gas Check\n run: |\n forge snapshot --snap .gas-snapshot-new\n # Bandingkan dan gagalkan jika ada regresi > 5%\n python scripts\u002Fcheck_gas_regression.py \\\n .gas-snapshot .gas-snapshot-new 5\n```\n\nScript Python membandingkan setiap entri dan menghitung persentase perubahan.\n\n## Analisis Keamanan Statis\n\n### Slither\n```yaml\n- name: Slither Analysis\n run: |\n pip install slither-analyzer\n slither . --config-file slither.config.json\n```\n\nSlither mendeteksi kerentanan umum: reentrancy, unchecked return value, shadow variable, dan lainnya.\n\n### Mythril\n```yaml\n- name: Mythril\n run: |\n docker run -v $PWD:\u002Fcode mythril\u002Fmyth analyze \u002Fcode\u002Fsrc\u002FContract.sol\n```\n\nMythril menggunakan symbolic execution untuk menemukan kerentanan yang lebih dalam.\n\n## Deployment Otomatis\n\n```yaml\n deploy:\n needs: [test]\n if: github.ref == 'refs\u002Fheads\u002Fmain'\n runs-on: ubuntu-latest\n steps:\n - name: Deploy to Testnet\n run: |\n forge script script\u002FDeploy.s.sol \\\n --rpc-url $TESTNET_RPC \\\n --broadcast \\\n --verify\n env:\n PRIVATE_KEY: ${{ secrets.DEPLOYER_KEY }}\n ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_KEY }}\n```\n\n### Script Deployment Foundry\n```solidity\ncontract Deploy is Script {\n function run() external {\n vm.startBroadcast();\n \n MyContract contract = new MyContract();\n console.log(\"Deployed at:\", address(contract));\n \n \u002F\u002F Verifikasi constructor\n assertEq(contract.owner(), msg.sender);\n \n vm.stopBroadcast();\n }\n}\n```\n\n## Pre-commit Hook\n\n```bash\n#!\u002Fbin\u002Fbash\n# .git\u002Fhooks\u002Fpre-commit\nset -e\n\nforge fmt --check\nforge build\nforge test --match-test testUnit -q\nforge snapshot --diff --check --tolerance 2\n```\n\n## Monitoring Post-Deployment\n\nCI\u002FCD tidak berakhir di deployment. Monitor kontrak di produksi:\n\n1. **Event monitoring** — Pantau event mencurigakan (transfer besar, ownership change)\n2. **Balance tracking** — Alert jika saldo kontrak turun tidak terduga\n3. **Gas usage** — Lacak rata-rata gas per fungsi\n4. **Revert rate** — Alert jika persentase revert meningkat\n\n## Kesimpulan\n\nCI\u002FCD untuk smart contract bukan opsional — ini adalah keharusan. Pipeline yang mencakup unit test, fuzz test, gas regression, analisis keamanan statis, dan deployment otomatis menciptakan pertahanan berlapis terhadap bug yang bisa menjadi bencana keuangan.","\u003Ch2 id=\"mengapa-ci-cd-untuk-smart-contract\">Mengapa CI\u002FCD untuk Smart Contract\u003C\u002Fh2>\n\u003Cp>Smart contract tidak bisa diupdate setelah deployment — bug yang lolos ke mainnet bisa menyebabkan kerugian dana yang tidak dapat dipulihkan. CI\u002FCD pipeline yang ketat adalah pertahanan terakhir sebelum kode mencapai blockchain.\u003C\u002Fp>\n\u003Ch2 id=\"pipeline-overview\">Pipeline Overview\u003C\u002Fh2>\n\u003Cpre>\u003Ccode>commit → lint → compile → unit test → fuzz test → gas check → security → deploy\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Setiap tahap harus lulus sebelum melanjutkan. Satu kegagalan menghentikan pipeline.\u003C\u002Fp>\n\u003Ch2 id=\"github-actions-workflow\">GitHub Actions Workflow\u003C\u002Fh2>\n\u003Cpre>\u003Ccode class=\"language-yaml\">name: Smart Contract CI\n\non:\n push:\n branches: [main]\n pull_request:\n branches: [main]\n\njobs:\n test:\n runs-on: ubuntu-latest\n steps:\n - uses: actions\u002Fcheckout@v4\n \n - name: Install Foundry\n uses: foundry-rs\u002Ffoundry-toolchain@v1\n \n - name: Compile\n run: forge build --sizes\n \n - name: Unit Tests\n run: forge test -vvv\n \n - name: Fuzz Tests\n run: forge test --match-test testFuzz -vvv --fuzz-runs 10000\n \n - name: Gas Snapshot\n run: |\n forge snapshot\n forge snapshot --diff --check --tolerance 5\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Penjelasan Tahap\u003C\u002Fh3>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Compile\u003C\u002Fstrong> — \u003Ccode>forge build --sizes\u003C\u002Fcode> mengkompilasi dan melaporkan ukuran bytecode. Kontrak yang melebihi 24KB (batas EIP-170) gagal.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Unit Tests\u003C\u002Fstrong> — Semua test standar dengan verbosity level 3 untuk trace pada kegagalan.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Fuzz Tests\u003C\u002Fstrong> — Test khusus fuzzing dengan 10.000 iterasi. Jalankan terpisah karena memakan waktu lebih lama.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Gas Snapshot\u003C\u002Fstrong> — Bandingkan gas saat ini dengan snapshot tersimpan. Toleransi 5% mengizinkan variasi kecil.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch2 id=\"gas-regression-check\">Gas Regression Check\u003C\u002Fh2>\n\u003Cp>Gas snapshot adalah file yang melacak biaya gas per test:\u003C\u002Fp>\n\u003Cpre>\u003Ccode class=\"language-bash\"># File: .gas-snapshot\ntestSwapExactIn() (gas: 72543)\ntestTransfer() (gas: 24123)\ntestMultiHopSwap() (gas: 145678)\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Dalam CI:\u003C\u002Fp>\n\u003Cpre>\u003Ccode class=\"language-yaml\">- name: Gas Check\n run: |\n forge snapshot --snap .gas-snapshot-new\n # Bandingkan dan gagalkan jika ada regresi > 5%\n python scripts\u002Fcheck_gas_regression.py \\\n .gas-snapshot .gas-snapshot-new 5\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Script Python membandingkan setiap entri dan menghitung persentase perubahan.\u003C\u002Fp>\n\u003Ch2 id=\"analisis-keamanan-statis\">Analisis Keamanan Statis\u003C\u002Fh2>\n\u003Ch3>Slither\u003C\u002Fh3>\n\u003Cpre>\u003Ccode class=\"language-yaml\">- name: Slither Analysis\n run: |\n pip install slither-analyzer\n slither . --config-file slither.config.json\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Slither mendeteksi kerentanan umum: reentrancy, unchecked return value, shadow variable, dan lainnya.\u003C\u002Fp>\n\u003Ch3>Mythril\u003C\u002Fh3>\n\u003Cpre>\u003Ccode class=\"language-yaml\">- name: Mythril\n run: |\n docker run -v $PWD:\u002Fcode mythril\u002Fmyth analyze \u002Fcode\u002Fsrc\u002FContract.sol\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Mythril menggunakan symbolic execution untuk menemukan kerentanan yang lebih dalam.\u003C\u002Fp>\n\u003Ch2 id=\"deployment-otomatis\">Deployment Otomatis\u003C\u002Fh2>\n\u003Cpre>\u003Ccode class=\"language-yaml\"> deploy:\n needs: [test]\n if: github.ref == 'refs\u002Fheads\u002Fmain'\n runs-on: ubuntu-latest\n steps:\n - name: Deploy to Testnet\n run: |\n forge script script\u002FDeploy.s.sol \\\n --rpc-url $TESTNET_RPC \\\n --broadcast \\\n --verify\n env:\n PRIVATE_KEY: ${{ secrets.DEPLOYER_KEY }}\n ETHERSCAN_API_KEY: ${{ secrets.ETHERSCAN_KEY }}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch3>Script Deployment Foundry\u003C\u002Fh3>\n\u003Cpre>\u003Ccode class=\"language-solidity\">contract Deploy is Script {\n function run() external {\n vm.startBroadcast();\n \n MyContract contract = new MyContract();\n console.log(\"Deployed at:\", address(contract));\n \n \u002F\u002F Verifikasi constructor\n assertEq(contract.owner(), msg.sender);\n \n vm.stopBroadcast();\n }\n}\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch2 id=\"pre-commit-hook\">Pre-commit Hook\u003C\u002Fh2>\n\u003Cpre>\u003Ccode class=\"language-bash\">#!\u002Fbin\u002Fbash\n# .git\u002Fhooks\u002Fpre-commit\nset -e\n\nforge fmt --check\nforge build\nforge test --match-test testUnit -q\nforge snapshot --diff --check --tolerance 2\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch2 id=\"monitoring-post-deployment\">Monitoring Post-Deployment\u003C\u002Fh2>\n\u003Cp>CI\u002FCD tidak berakhir di deployment. Monitor kontrak di produksi:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\u003Cstrong>Event monitoring\u003C\u002Fstrong> — Pantau event mencurigakan (transfer besar, ownership change)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Balance tracking\u003C\u002Fstrong> — Alert jika saldo kontrak turun tidak terduga\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Gas usage\u003C\u002Fstrong> — Lacak rata-rata gas per fungsi\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Revert rate\u003C\u002Fstrong> — Alert jika persentase revert meningkat\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch2 id=\"kesimpulan\">Kesimpulan\u003C\u002Fh2>\n\u003Cp>CI\u002FCD untuk smart contract bukan opsional — ini adalah keharusan. Pipeline yang mencakup unit test, fuzz test, gas regression, analisis keamanan statis, dan deployment otomatis menciptakan pertahanan berlapis terhadap bug yang bisa menjadi bencana keuangan.\u003C\u002Fp>\n","id","b0000000-0000-0000-0000-000000000001",true,"2026-03-28T10:44:25.123485Z","Pipeline CI\u002FCD smart contract: unit test, fuzz test, gas snapshot, analisis keamanan Slither\u002FMythril, dan deployment Foundry.","CI\u002FCD smart contract",null,"index, follow",[21,26,30,34],{"id":22,"name":23,"slug":24,"created_at":25},"c0000000-0000-0000-0000-000000000012","DevOps","devops","2026-03-28T10:44:21.513630Z",{"id":27,"name":28,"slug":29,"created_at":25},"c0000000-0000-0000-0000-000000000016","EVM","evm",{"id":31,"name":32,"slug":33,"created_at":25},"c0000000-0000-0000-0000-000000000021","Foundry","foundry",{"id":35,"name":36,"slug":37,"created_at":25},"c0000000-0000-0000-0000-000000000013","Security","security","Blockchain",[40,46,52],{"id":41,"title":42,"slug":43,"excerpt":44,"locale":12,"category_name":23,"published_at":45},"d0000000-0000-0000-0000-000000000644","Platform Engineering Memakan DevOps: Membangun Internal Developer Platform di 2026","platform-engineering-memakan-devops-membangun-idp-2026","80% organisasi engineering besar kini memiliki tim platform khusus, naik dari 45% di 2024. Internal developer platform — portal self-service, infrastruktur yang sudah disetujui, guardrail otomatis — telah menjadi cara standar untuk menghadirkan DevOps secara besar-besaran.","2026-03-28T10:44:47.476351Z",{"id":47,"title":48,"slug":49,"excerpt":50,"locale":12,"category_name":23,"published_at":51},"d0000000-0000-0000-0000-000000000643","Observabilitas Tanpa Instrumentasi: Bagaimana eBPF Menggantikan Armada Sidecar","observabilitas-tanpa-instrumentasi-ebpf-menggantikan-armada-sidecar","67% tim Kubernetes kini menggunakan alat observabilitas berbasis eBPF, naik dari 29% di 2024. Dengan memindahkan pengumpulan telemetri ke kernel, eBPF menghilangkan kontainer sidecar, memangkas penggunaan RAM sebesar 84%, dan memberikan overhead CPU di bawah 1%.","2026-03-28T10:44:47.469045Z",{"id":53,"title":54,"slug":55,"excerpt":56,"locale":12,"category_name":23,"published_at":57},"d0000000-0000-0000-0000-000000000642","WASI 0.3 dan Kematian Cold Start: Wasm Sisi Server di Produksi","wasi-0-3-kematian-cold-start-wasm-sisi-server-di-produksi","WASI 0.3 dirilis pada Februari 2026 dengan async I\u002FO native, tipe stream, dan dukungan socket penuh. WebAssembly sisi server kini menghadirkan cold start dalam hitungan mikrodetik, dan setiap penyedia cloud besar menawarkan Wasm serverless.","2026-03-28T10:44:47.445780Z",{"id":13,"name":59,"slug":60,"bio":61,"photo_url":18,"linkedin":18,"role":62,"created_at":63,"updated_at":63},"Open Soft Team","open-soft-team","The engineering team at Open Soft, building premium software solutions from Bali, Indonesia.","Engineering Team","2026-03-28T08:31:22.226811Z"]