From 07e935c21f4c84c07deb7b3b4a8058bd0ce46e4a Mon Sep 17 00:00:00 2001 From: Trae Yelovich Date: Mon, 24 Jul 2023 10:54:12 -0400 Subject: [PATCH] ci: add secrets SDK workflow, update install script Signed-off-by: Trae Yelovich --- .github/workflows/secrets-sdk.yml | 489 ++++++++++++++++++++++++ npm-shrinkwrap.json | 13 +- packages/secrets/package.json | 2 +- packages/secrets/scripts/prebuildify.sh | 20 +- 4 files changed, 493 insertions(+), 31 deletions(-) create mode 100644 .github/workflows/secrets-sdk.yml diff --git a/.github/workflows/secrets-sdk.yml b/.github/workflows/secrets-sdk.yml new file mode 100644 index 0000000000..c06ec35376 --- /dev/null +++ b/.github/workflows/secrets-sdk.yml @@ -0,0 +1,489 @@ +name: Secrets SDK CI +env: + DEBUG: napi:* + APP_NAME: keyring + MACOSX_DEPLOYMENT_TARGET: '10.13' +'on': + push: + paths: + - 'packages/secrets/**' + - '.github/workflows/secrets-sdk.yml' + pull_request: + paths: + - 'packages/secrets/**' +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true +jobs: + build: + defaults: + run: + working-directory: packages/secrets + if: (github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository) && !contains(github.event.head_commit.message, '[ci skip]') + strategy: + fail-fast: false + matrix: + settings: + - host: macos-latest + target: x86_64-apple-darwin + build: | + npm run build + - host: windows-latest + build: npm run build + target: x86_64-pc-windows-msvc + - host: windows-latest + build: | + npm run build --target i686-pc-windows-msvc + npm run test + target: i686-pc-windows-msvc + - host: ubuntu-latest + target: x86_64-unknown-linux-gnu + use-cross: true + build: | + set -e + CARGO=cross npm run build --target x86_64-unknown-linux-gnu + - host: ubuntu-latest + target: i686-unknown-linux-gnu + use-cross: true + build: | + set -e + source scripts/configure-cross.sh i686-unknown-linux-gnu + CARGO=cross npm run build --target i686-unknown-linux-gnu + - host: ubuntu-latest + target: armv7-unknown-linux-gnueabihf + use-cross: true + build: | + set -e + source scripts/configure-cross.sh armv7-unknown-linux-gnueabihf + CARGO=cross npm run build --target armv7-unknown-linux-gnueabihf + - host: ubuntu-latest + target: x86_64-unknown-linux-musl + use-cross: true + build: | + set -e + CARGO=cross npm run build --target x86_64-unknown-linux-musl + - host: macos-latest + target: aarch64-apple-darwin + build: | + sudo rm -Rf /Library/Developer/CommandLineTools/SDKs/*; + export CC=$(xcrun -f clang); + export CXX=$(xcrun -f clang++); + SYSROOT=$(xcrun --sdk macosx --show-sdk-path); + export CFLAGS="-isysroot $SYSROOT -isystem $SYSROOT"; + npm run build --target aarch64-apple-darwin + - host: ubuntu-latest + target: aarch64-unknown-linux-gnu + use-cross: true + build: | + set -e + source scripts/configure-cross.sh aarch64-unknown-linux-gnu + CARGO=cross npm run build --target aarch64-unknown-linux-gnu + - host: ubuntu-latest + target: aarch64-unknown-linux-musl + use-cross: true + build: | + set -e + source scripts/configure-cross.sh aarch64-unknown-linux-musl + CARGO=cross npm run build --target aarch64-unknown-linux-musl + - host: windows-latest + target: aarch64-pc-windows-msvc + build: npm run build --target aarch64-pc-windows-msvc + name: stable - ${{ matrix.settings.target }} - node@16 + runs-on: ${{ matrix.settings.host }} + steps: + - uses: actions/checkout@v3 + - name: Setup node + uses: actions/setup-node@v3 + if: ${{ !matrix.settings.docker }} + with: + node-version: 18 + check-latest: true + cache: npm + - name: Install + uses: dtolnay/rust-toolchain@stable + if: ${{ !matrix.settings.docker }} + with: + toolchain: stable + target: ${{ matrix.settings.target }} + - name: Cache cargo + uses: actions/cache@v3 + with: + path: | + ~/.cargo/registry/index/ + ~/.cargo/registry/cache/ + ~/.cargo/git/db/ + .cargo-cache + target/ + key: ${{ matrix.settings.target }}-cargo-${{ matrix.settings.host }} + - run: cargo install cross + if: ${{ matrix.settings.use-cross }} + - name: Setup toolchain + run: ${{ matrix.settings.setup }} + if: ${{ matrix.settings.setup }} + shell: bash + - name: Install dependencies + run: npm ci + working-directory: . + - name: Setup node x86 + uses: actions/setup-node@v3 + if: matrix.settings.target == 'i686-pc-windows-msvc' + with: + node-version: 18 + check-latest: true + cache: npm + architecture: x86 + - name: Build in docker + uses: addnab/docker-run-action@v3 + if: ${{ matrix.settings.docker }} + with: + image: ${{ matrix.settings.docker }} + options: '--user 0:0 -v ${{ github.workspace }}/.cargo-cache/git/db:/usr/local/cargo/git/db -v ${{ github.workspace }}/.cargo/registry/cache:/usr/local/cargo/registry/cache -v ${{ github.workspace }}/.cargo/registry/index:/usr/local/cargo/registry/index -v ${{ github.workspace }}:/build -w /build' + run: ${{ matrix.settings.build }} + - name: Build + run: ${{ matrix.settings.build }} + if: ${{ !matrix.settings.docker }} + shell: bash + - name: Upload artifact + uses: actions/upload-artifact@v3 + with: + name: bindings-${{ matrix.settings.target }} + path: ${{ env.APP_NAME }}.*.node + if-no-files-found: error + # build-freebsd: + # runs-on: macos-12 + # name: Build FreeBSD + # steps: + # - uses: actions/checkout@v3 + # - name: Build + # id: build + # uses: vmactions/freebsd-vm@v0 + # env: + # DEBUG: napi:* + # RUSTUP_HOME: /usr/local/rustup + # CARGO_HOME: /usr/local/cargo + # RUSTUP_IO_THREADS: 1 + # with: + # envs: DEBUG RUSTUP_HOME CARGO_HOME RUSTUP_IO_THREADS + # usesh: true + # mem: 3000 + # prepare: | + # pkg install -y -f curl node libnghttp2 npm yarn + # curl https://sh.rustup.rs -sSf --output rustup.sh + # sh rustup.sh -y --profile minimal --default-toolchain beta + # export PATH="/usr/local/cargo/bin:$PATH" + # echo "~~~~ rustc --version ~~~~" + # rustc --version + # echo "~~~~ node -v ~~~~" + # node -v + # echo "~~~~ yarn --version ~~~~" + # yarn --version + # run: | + # export PATH="/usr/local/cargo/bin:$PATH" + # pwd + # ls -lah + # whoami + # env + # freebsd-version + # yarn install + # yarn build + # strip -x *.node + # yarn test + # rm -rf node_modules + # rm -rf target + # rm -rf .yarn/cache + # - name: Upload artifact + # uses: actions/upload-artifact@v3 + # with: + # name: bindings-freebsd + # path: ${{ env.APP_NAME }}.*.node + # if-no-files-found: error + test-macOS-windows-binding: + defaults: + run: + working-directory: packages/secrets + name: Test bindings on ${{ matrix.settings.target }} - node@${{ matrix.node }} + needs: + - build + strategy: + fail-fast: false + matrix: + settings: + - host: windows-latest + target: x86_64-pc-windows-msvc + - host: macos-latest + target: x86_64-apple-darwin + node: + - '14' + - '16' + - '18' + runs-on: ${{ matrix.settings.host }} + steps: + - uses: actions/checkout@v3 + - name: Setup node + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node }} + check-latest: true + cache: npm + - name: Install dependencies + run: npm ci + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + name: bindings-${{ matrix.settings.target }} + path: . + - name: List packages + run: ls -R . + shell: bash + - name: Test bindings + run: npm run test + test-linux-x64-gnu-binding: + defaults: + run: + working-directory: packages/secrets + name: Test bindings on Linux-x64-gnu - node@${{ matrix.node }} + needs: + - build + strategy: + fail-fast: false + matrix: + node: + - '14' + - '16' + - '18' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Setup node + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node }} + check-latest: true + cache: npm + - name: Install dependencies + run: npm run install + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + name: bindings-x86_64-unknown-linux-gnu + path: . + - name: List packages + run: ls -R . + shell: bash + - name: Setup and run tests + uses: addnab/docker-run-action@v3 + with: + image: node:${{ matrix.node }}-slim + options: '-v ${{ github.workspace }}:/build -w /build --cap-add=IPC_LOCK' + run: | + set -e + apt update -y && apt install -y gnome-keyring + dbus-run-session -- bash linux-test.sh + test-linux-x64-musl-binding: + defaults: + run: + working-directory: packages/secrets + name: Test bindings on x86_64-unknown-linux-musl - node@${{ matrix.node }} + needs: + - build + strategy: + fail-fast: false + matrix: + node: + - '14' + - '16' + - '18' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Setup node + uses: actions/setup-node@v3 + with: + node-version: ${{ matrix.node }} + check-latest: true + cache: npm + - name: Install dependencies + run: npm ci + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + name: bindings-x86_64-unknown-linux-musl + path: . + - name: List packages + run: ls -R . + shell: bash + - name: Setup and run tests + uses: addnab/docker-run-action@v3 + with: + image: node:${{ matrix.node }}-alpine + options: '-v ${{ github.workspace }}:/build -w /build --cap-add=IPC_LOCK' + run: | + set -e + apk add dbus gnome-keyring libsecret + dbus-run-session -- sh linux-test.sh + test-linux-aarch64-gnu-binding: + defaults: + run: + working-directory: packages/secrets + name: Test bindings on aarch64-unknown-linux-gnu - node@${{ matrix.node }} + needs: + - build + strategy: + fail-fast: false + matrix: + node: + - '14' + - '16' + - '18' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + name: bindings-aarch64-unknown-linux-gnu + path: . + - name: List packages + run: ls -R . + shell: bash + - name: Install dependencies + run: npm ci + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: arm64 + - run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + - name: Setup and run tests + uses: addnab/docker-run-action@v3 + with: + image: ghcr.io/napi-rs/napi-rs/nodejs:aarch64-${{ matrix.node }} + options: '-v ${{ github.workspace }}:/build -w /build --cap-add=IPC_LOCK' + run: | + set -e + apt update -y && apt install -y gnome-keyring + dbus-run-session -- bash linux-test.sh + test-linux-aarch64-musl-binding: + defaults: + run: + working-directory: packages/secrets + name: Test bindings on aarch64-unknown-linux-musl - node@${{ matrix.node }} + needs: + - build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + name: bindings-aarch64-unknown-linux-musl + path: . + - name: List packages + run: ls -R . + shell: bash + - name: Install dependencies + run: npm ci + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: arm64 + - run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + - name: Setup and run tests + uses: addnab/docker-run-action@v3 + with: + image: multiarch/alpine:aarch64-latest-stable + options: '-v ${{ github.workspace }}:/build -w /build --cap-add=IPC_LOCK' + run: | + set -e + apk add dbus nodejs npm gnome-keyring libsecret + dbus-run-session -- sh linux-test.sh + test-linux-arm-gnueabihf-binding: + defaults: + run: + working-directory: packages/secrets + name: Test bindings on armv7-unknown-linux-gnueabihf - node@${{ matrix.node }} + needs: + - build + strategy: + fail-fast: false + matrix: + node: + - '14' + - '16' + - '18' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Download artifacts + uses: actions/download-artifact@v3 + with: + name: bindings-armv7-unknown-linux-gnueabihf + path: . + - name: List packages + run: ls -R . + shell: bash + - name: Install dependencies + run: npm ci + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: arm + - run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + - name: Setup and run tests + uses: addnab/docker-run-action@v3 + with: + image: ghcr.io/napi-rs/napi-rs/nodejs:armhf-${{ matrix.node }} + options: '-v ${{ github.workspace }}:/build -w /build --cap-add=IPC_LOCK' + run: | + set -e + apt update -y && apt install -y gnome-keyring + dbus-run-session -- bash linux-test.sh + publish: + defaults: + run: + working-directory: packages/secrets + name: Publish + runs-on: ubuntu-latest + needs: + # - build-freebsd + - test-macOS-windows-binding + - test-linux-x64-gnu-binding + - test-linux-x64-musl-binding + - test-linux-aarch64-gnu-binding + - test-linux-aarch64-musl-binding + - test-linux-arm-gnueabihf-binding + steps: + - uses: actions/checkout@v3 + - name: Setup node + uses: actions/setup-node@v3 + with: + node-version: 16 + check-latest: true + cache: npm + - name: Install dependencies + run: npm ci + - name: Package + run: npm run prepublishOnly && npm pack + env: + GH_TOKEN: ${{ github.token }} + - name: Upload artifact + uses: actions/upload-artifact@v3 + with: + name: npm-package + path: '*.tgz' + if-no-files-found: error + # - name: Publish + # run: | + # if git log -1 --pretty=%B | grep "^[0-9]\+\.[0-9]\+\.[0-9]\+$"; + # then + # echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc + # npm publish --access public + # elif git log -1 --pretty=%B | grep "^[0-9]\+\.[0-9]\+\.[0-9]\+"; + # then + # echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc + # npm publish --tag next --access public + # else + # echo "Not a release, skipping publish" + # fi + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # NPM_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 5deb560583..3c793f2c10 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -6677,16 +6677,6 @@ "node": ">= 6" } }, - "node_modules/@traeok/keytar-rs": { - "version": "0.0.0", - "resolved": "git+ssh://git@github.com/traeok/keytar-rs.git#adaf8cea0aa5b447f6aa0eee6232763a7b3cbbbb", - "hasInstallScript": true, - "license": "MIT", - "optional": true, - "engines": { - "node": ">= 10" - } - }, "node_modules/@tsconfig/node10": { "version": "1.0.9", "dev": true, @@ -21519,7 +21509,6 @@ "@zowe/imperative": "5.15.1", "@zowe/perf-timing": "1.0.7", "@zowe/provisioning-for-zowe-sdk": "7.17.0", - "@zowe/secrets-for-zowe-sdk": "7.17.0", "@zowe/zos-console-for-zowe-sdk": "7.17.0", "@zowe/zos-files-for-zowe-sdk": "7.17.0", "@zowe/zos-jobs-for-zowe-sdk": "7.17.0", @@ -21559,7 +21548,7 @@ "node": ">=14.0.0" }, "optionalDependencies": { - "@traeok/keytar-rs": "github:traeok/keytar-rs" + "@zowe/secrets-for-zowe-sdk": "7.17.0" } }, "packages/cli/node_modules/brace-expansion": { diff --git a/packages/secrets/package.json b/packages/secrets/package.json index 189241dd27..016d9cbd55 100644 --- a/packages/secrets/package.json +++ b/packages/secrets/package.json @@ -27,7 +27,7 @@ "artifacts": "napi artifacts", "build": "cd src/keyring && napi build --config napi.json --js false --platform --release", "build:debug": "cd src/keyring && napi build --config napi.json --js false --platform", - "install": "node scripts/platformCheck.js || npm run rebuild", + "install": "node src/keyring/index.js || npm run rebuild", "prepublishOnly": "bash scripts/prebuildify.sh", "rebuild": "npx --yes --package=@napi-rs/cli@2.16.2 -- napi build --config src/keyring/napi.json --cargo-cwd src/keyring --platform --release --js=false src/keyring", "test": "ava", diff --git a/packages/secrets/scripts/prebuildify.sh b/packages/secrets/scripts/prebuildify.sh index 05309ef26e..9b54986ce8 100644 --- a/packages/secrets/scripts/prebuildify.sh +++ b/packages/secrets/scripts/prebuildify.sh @@ -1,21 +1,5 @@ #!/bin/bash set -ex - -cd "$(git rev-parse --show-toplevel)" -sed -i "s/join(__dirname, 'keyring/join(__dirname, 'prebuilds', 'keyring/g" index.js -sed -i "s|require('./keyring|require('./prebuilds/keyring|g" index.js -targets=("aarch64-apple-darwin" - "aarch64-pc-windows-msvc" - "aarch64-unknown-linux-gnu" - "aarch64-unknown-linux-musl" - "armv7-unknown-linux-gnueabihf" - "i686-pc-windows-msvc" - "i686-unknown-linux-gnu" - "x86_64-apple-darwin" - "x86_64-pc-windows-msvc" - "x86_64-unknown-linux-gnu" - "x86_64-unknown-linux-musl") rm -rf prebuilds && mkdir -p prebuilds -for target in "${targets[@]}"; do - gh run download --dir prebuilds --name "bindings-$target" -done +gh run download --dir prebuilds --pattern "bindings-*" +mv prebuilds/*/* prebuilds && rm -r prebuilds/*/ \ No newline at end of file