feat(pkg): Add secrets SDK and keyring module

.github/workflows/audit.yml

@@ -33,6 +33,10 @@ jobs:
       run: npm audit --production --audit-level=moderate
 
     # TODO Consider using actions-rs/audit-check after https://github.com/actions-rs/audit-check/issues/116 is fixed
-    - name: Check Rust Vulnerabilities
+    - name: Check Daemon Vulnerabilities
       working-directory: zowex
       run: cargo audit --deny warnings
+
+    - name: Check Secrets SDK Vulnerabilities
+      working-directory: packages/secrets/src/keyring
+      run: cargo audit --deny warnings

.github/workflows/secrets-sdk-publish.yml

@@ -0,0 +1,34 @@
+
+name: Secrets SDK Publish
+"on":
+  workflow_dispatch:
+
+jobs:
+  publish:
+    name: Publish
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Setup node
+      uses: actions/setup-node@v3
+      with:
+        node-version: 16
+        check-latest: true
+        cache: npm
+    - name: Install dependencies
+      run: npm ci
+    - name: Publish
+      working-directory: packages/secrets
+      run: |
+        sed -i "s/\"private\": true/\"private\": false/" package.json
+        npx -y npm-cli-login
+        npm publish --access public --tag next
+        # npm dist-tag @zowe/secrets-for-zowe-sdk@$(cat package.json | jq -r .version) zowe-v2-lts
+        # npm dist-tag @zowe/secrets-for-zowe-sdk@$(cat package.json | jq -r .version) next  
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        NPM_USER: ${{ secrets.ARTIFACTORY_USERNAME }}
+        NPM_PASS: ${{ secrets.ARTIFACTORY_PASSWORD }}
+        NPM_EMAIL: ${{ secrets.ZOWE_ROBOT_EMAIL }}
+        NPM_RC_PATH: "../../.npmrc"
+        NPM_SCOPE: "@zowe"

.github/workflows/secrets-sdk.yml

@@ -0,0 +1,274 @@
+name: Secrets SDK CI
+env:
+  DEBUG: napi:*
+  APP_NAME: keyring
+  MACOSX_DEPLOYMENT_TARGET: 10.13
+on:
+  push:
+    paths:
+      - "packages/secrets/**"
+      - ".github/workflows/secrets-sdk.yml"
+  pull_request:
+    paths:
+      - "packages/secrets/**"
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+defaults:
+  run:
+    working-directory: packages/secrets
+
+jobs:
+  build:
+    if: (github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository) && !contains(github.event.head_commit.message, '[ci skip]')
+    strategy:
+      fail-fast: false
+      matrix:
+        settings:
+          - host: macos-latest
+            target: x86_64-apple-darwin
+            build: |
+              npm run build
+          - host: windows-latest
+            build: npm run build
+            target: x86_64-pc-windows-msvc
+          - host: windows-latest
+            build: |
+              npm run build -- --target i686-pc-windows-msvc
+              npm run test
+            target: i686-pc-windows-msvc
+          - host: ubuntu-latest
+            target: x86_64-unknown-linux-gnu
+            use-cross: true
+            build: |
+              set -e
+              CARGO=cross npm run build -- --target x86_64-unknown-linux-gnu
+          - host: ubuntu-latest
+            target: i686-unknown-linux-gnu
+            use-cross: true
+            build: |
+              set -e
+              source scripts/configure-cross.sh i686-unknown-linux-gnu
+              CARGO=cross npm run build -- --target i686-unknown-linux-gnu
+          - host: ubuntu-latest
+            target: armv7-unknown-linux-gnueabihf
+            use-cross: true
+            build: |
+              set -e
+              source scripts/configure-cross.sh armv7-unknown-linux-gnueabihf
+              CARGO=cross npm run build -- --target armv7-unknown-linux-gnueabihf
+          - host: ubuntu-latest
+            target: x86_64-unknown-linux-musl
+            use-cross: true
+            build: |
+              set -e
+              CARGO=cross npm run build -- --target x86_64-unknown-linux-musl
+          - host: macos-latest
+            target: aarch64-apple-darwin
+            build: |
+              sudo rm -Rf /Library/Developer/CommandLineTools/SDKs/*;
+              export CC=$(xcrun -f clang);
+              export CXX=$(xcrun -f clang++);
+              SYSROOT=$(xcrun --sdk macosx --show-sdk-path);
+              export CFLAGS="-isysroot $SYSROOT -isystem $SYSROOT";
+              npm run build -- --target aarch64-apple-darwin
+          - host: ubuntu-latest
+            target: aarch64-unknown-linux-gnu
+            use-cross: true
+            build: |
+              set -e
+              source scripts/configure-cross.sh aarch64-unknown-linux-gnu
+              CARGO=cross npm run build -- --target aarch64-unknown-linux-gnu
+          - host: ubuntu-latest
+            target: aarch64-unknown-linux-musl
+            use-cross: true
+            build: |
+              set -e
+              source scripts/configure-cross.sh aarch64-unknown-linux-musl
+              CARGO=cross npm run build -- --target aarch64-unknown-linux-musl
+          - host: windows-latest
+            target: aarch64-pc-windows-msvc
+            build: npm run build -- --target aarch64-pc-windows-msvc
+    name: stable - ${{ matrix.settings.target }} - node@16
+    runs-on: ${{ matrix.settings.host }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup node
+        uses: actions/setup-node@v3
+        if: ${{ !matrix.settings.docker }}
+        with:
+          node-version: 18
+          check-latest: true
+          cache: npm
+      - name: Install
+        uses: dtolnay/rust-toolchain@stable
+        if: ${{ !matrix.settings.docker }}
+        with:
+          toolchain: stable
+          target: ${{ matrix.settings.target }}
+      - name: Cache cargo
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.cargo/registry/index/
+            ~/.cargo/registry/cache/
+            ~/.cargo/git/db/
+            .cargo-cache
+            target/
+          key: ${{ matrix.settings.target }}-cargo-${{ matrix.settings.host }}
+      - run: cargo install cross
+        if: ${{ matrix.settings.use-cross }}
+      - name: Setup toolchain
+        run: ${{ matrix.settings.setup }}
+        if: ${{ matrix.settings.setup }}
+        shell: bash
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+      - name: Setup node x86
+        uses: actions/setup-node@v3
+        if: matrix.settings.target == 'i686-pc-windows-msvc'
+        with:
+          node-version: 18
+          check-latest: true
+          cache: npm
+          architecture: x86
+      - name: Build in docker
+        uses: addnab/docker-run-action@v3
+        if: ${{ matrix.settings.docker }}
+        with:
+          image: ${{ matrix.settings.docker }}
+          options: "--user 0:0 -v ${{ github.workspace }}/.cargo-cache/git/db:/usr/local/cargo/git/db -v ${{ github.workspace }}/.cargo/registry/cache:/usr/local/cargo/registry/cache -v ${{ github.workspace }}/.cargo/registry/index:/usr/local/cargo/registry/index -v ${{ github.workspace }}:/build -w /build"
+          run: ${{ matrix.settings.build }}
+      - name: Build
+        run: ${{ matrix.settings.build }}
+        if: ${{ !matrix.settings.docker }}
+        shell: bash
+      - name: Upload artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: bindings-${{ matrix.settings.target }}
+          path: packages/secrets/src/keyring/${{ env.APP_NAME }}.*.node
+          if-no-files-found: error
+  # build-freebsd:
+  #   runs-on: macos-12
+  #   name: Build FreeBSD
+  #   steps:
+  #     - uses: actions/checkout@v3
+  #     - name: Build
+  #       id: build
+  #       uses: vmactions/freebsd-vm@v0
+  #       env:
+  #         DEBUG: napi:*
+  #         RUSTUP_HOME: /usr/local/rustup
+  #         CARGO_HOME: /usr/local/cargo
+  #         RUSTUP_IO_THREADS: 1
+  #       with:
+  #         envs: DEBUG RUSTUP_HOME CARGO_HOME RUSTUP_IO_THREADS
+  #         usesh: true
+  #         mem: 3000
+  #         prepare: |
+  #           pkg install -y -f curl node libnghttp2 npm yarn
+  #           curl https://sh.rustup.rs -sSf --output rustup.sh
+  #           sh rustup.sh -y --profile minimal --default-toolchain beta
+  #           export PATH="/usr/local/cargo/bin:$PATH"
+  #           echo "~~~~ rustc --version ~~~~"
+  #           rustc --version
+  #           echo "~~~~ node -v ~~~~"
+  #           node -v
+  #           echo "~~~~ yarn --version ~~~~"
+  #           yarn --version
+  #         run: |
+  #           export PATH="/usr/local/cargo/bin:$PATH"
+  #           pwd
+  #           ls -lah
+  #           whoami
+  #           env
+  #           freebsd-version
+  #           yarn install
+  #           yarn build
+  #           strip -x *.node
+  #           yarn test
+  #           rm -rf node_modules
+  #           rm -rf target
+  #           rm -rf .yarn/cache
+  #     - name: Upload artifact
+  #       uses: actions/upload-artifact@v3
+  #       with:
+  #         name: bindings-freebsd
+  #         path: ${{ env.APP_NAME }}.*.node
+  #         if-no-files-found: error
+  test:
+    name: Test bindings on ${{ matrix.settings.target }} - node@${{ matrix.node }}
+    needs:
+      - build
+    strategy:
+      fail-fast: false
+      matrix:
+        settings:
+          - host: windows-latest
+            target: x86_64-pc-windows-msvc
+          - host: macos-latest
+            target: x86_64-apple-darwin
+          - host: ubuntu-latest
+            target: x86_64-unknown-linux-gnu
+          - host: ubuntu-latest
+            target: x86_64-unknown-linux-musl
+          - host: ubuntu-latest
+            target: aarch64-unknown-linux-gnu
+            platform: linux/arm64
+          - host: ubuntu-latest
+            target: aarch64-unknown-linux-musl
+            platform: linux/arm64
+          - host: ubuntu-latest
+            target: armv7-unknown-linux-gnueabihf
+            platform: linux/arm/v7
+        node:
+          - "16"
+          - "18"
+    runs-on: ${{ matrix.settings.host }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup node
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node }}
+          check-latest: true
+          cache: npm
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+      - name: Download artifacts
+        uses: actions/download-artifact@v3
+        with:
+          name: bindings-${{ matrix.settings.target }}
+          path: packages/secrets/src/keyring/
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+        if: ${{ matrix.settings.platform }}
+        with:
+          platforms: ${{ matrix.settings.platform }}
+      - run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+        if: ${{ matrix.settings.platform }}
+      - name: Test bindings
+        run: npm run test
+        if: ${{ matrix.settings.host != 'ubuntu-latest' }}
+      - name: Setup and run tests
+        uses: addnab/docker-run-action@v3
+        if: ${{ matrix.settings.host == 'ubuntu-latest' && !endsWith(matrix.settings.target, 'musl') }}
+        with:
+          image: ${{ format('node:{0}-slim', matrix.node) }}
+          options: "-v ${{ github.workspace }}:/build -w /build --cap-add=IPC_LOCK ${{ matrix.settings.platform && format('--platform={0}', matrix.settings.platform) }}"
+          run: |
+            set -e
+            apt update -y && apt install -y gnome-keyring
+            cd packages/secrets && dbus-run-session -- bash scripts/linux-test.sh
+      - name: Setup and run tests (MUSL)
+        uses: addnab/docker-run-action@v3
+        if: ${{ matrix.settings.host == 'ubuntu-latest' && endsWith(matrix.settings.target, 'musl') }}
+        with:
+          image: ${{ format('node:{0}-alpine', matrix.node) }}
+          options: "-v ${{ github.workspace }}:/build -w /build --cap-add=IPC_LOCK ${{ matrix.settings.platform && format('--platform={0}', matrix.settings.platform) }}"
+          run: |
+            set -e
+            apk add dbus gnome-keyring libsecret
+            cd packages/secrets && dbus-run-session -- sh scripts/linux-test.sh