generated from TBD54566975/tbd-project-template
-
Notifications
You must be signed in to change notification settings - Fork 17
397 lines (374 loc) · 13.8 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
name: CI
on:
workflow_dispatch:
inputs:
version:
description: 'Version of Kotlin binary to publish to TBD Artifactory. For example "1.0.0" will result in "1.0.0-SNAPSHOT". If not supplied, will default to "commit-$shortSHA-SNAPSHOT" where $shortSHA is the shortform commit SHA.'
required: false
default: "0.0.0-SNAPSHOT"
workflow_call:
inputs:
version:
description: 'Version of Kotlin binary to publish to TBD Artifactory. For example "1.0.0" will result in "1.0.0-SNAPSHOT". If not supplied, will default to "commit-$shortSHA-SNAPSHOT" where $shortSHA is the shortform commit SHA.'
required: true
type: string
push:
branches:
- main
pull_request:
env:
CARGO_TERM_COLOR: always
# Make sure CI fails on all warnings, including Clippy lints
RUSTFLAGS: "-Dwarnings"
WEB5_SDK_LOG_LEVEL: debug
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Init Hermit
uses: cashapp/activate-hermit@v1
with:
cache: true
- name: Lint
run: just lint
msrv:
strategy:
matrix:
os: [ubuntu-latest]
rust: [stable]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Init Hermit
uses: cashapp/activate-hermit@v1
with:
cache: true
- name: Setup
run: just setup
- name: Install MSRV
run: cargo install cargo-msrv
- name: MSRV
run: cargo msrv --path crates/web5/ verify
test:
permissions:
id-token: write
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install Rust 1.74.0
run: rustup toolchain install 1.74.0
- name: Set Rust 1.74.0 as default
run: rustup default 1.74.0
- name: Test
run: |
rustup component add llvm-tools-preview
cargo install grcov
cargo test --package web5
env:
RUSTFLAGS: -Cinstrument-coverage
LLVM_PROFILE_FILE: web5-rs-%p-%m.profraw
- name: Upload test coverage to Codecov
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 #v4.5.0
with:
use_oidc: true
files: '*.profraw'
build_aarch64_apple_darwin:
runs-on: macos-latest
name: Build aarch64-apple-darwin target
steps:
- uses: actions/checkout@v2
- name: Install Rust 1.74.0
run: rustup toolchain install 1.74.0
- name: Set Rust 1.74.0 as default
run: rustup default 1.74.0
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/aarch64_apple_darwin
./build
if cargo tree | grep -q ring; then
echo "::error title=ring library found in compiled binary::The ring library has unclear licensing and we are not sure if it can be put in the compiled binary"
exit 1
fi
- name: Upload .dylib
uses: actions/[email protected]
with:
name: aarch64-apple-darwin-dylib
path: bound/kt/src/main/resources/libweb5_uniffi_aarch64_apple_darwin.dylib
build_x86_64_apple_darwin:
runs-on: macos-12
name: Build x86_64-apple-darwin target
steps:
- uses: actions/checkout@v2
- name: Install Rust 1.74.0
run: rustup toolchain install 1.74.0
- name: Set Rust 1.74.0 as default
run: rustup default 1.74.0
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/x86_64_apple_darwin
./build
if cargo tree | grep -q ring; then
echo "::error title=ring library found in compiled binary::The ring library has unclear licensing and we are not sure if it can be put in the compiled binary"
exit 1
fi
- name: Upload .dylib
uses: actions/[email protected]
with:
name: x86_64-apple-darwin-dylib
path: bound/kt/src/main/resources/libweb5_uniffi_x86_64_apple_darwin.dylib
build_x86_64_unknown_linux_gnu:
runs-on: ubuntu-latest
name: Build x86_64-unknown-linux-gnu target
steps:
- uses: actions/checkout@v2
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/x86_64_unknown_linux_gnu
./build
if cargo tree | grep -q ring; then
echo "::error title=ring library found in compiled binary::The ring library has unclear licensing and we are not sure if it can be put in the compiled binary"
exit 1
fi
- name: Upload .so
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-gnu-so
path: bound/kt/src/main/resources/libweb5_uniffi_x86_64_unknown_linux_gnu.so
build_x86_64_unknown_linux_musl:
runs-on: ubuntu-latest
name: Build x86_64-unknown-linux-musl target
steps:
- uses: actions/checkout@v2
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/x86_64_unknown_linux_musl
./build
if cargo tree | grep -q ring; then
echo "::error title=ring library found in compiled binary::The ring library has unclear licensing and we are not sure if it can be put in the compiled binary"
exit 1
fi
- name: Upload .so
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-musl-so
path: bound/kt/src/main/resources/libweb5_uniffi_x86_64_unknown_linux_musl.so
build_x86_64_pc_windows_msvc:
runs-on: windows-latest
name: Build x86_64-pc-windows-msvc target
steps:
- uses: actions/checkout@v2
- name: Install Rust 1.74.0
run: rustup toolchain install 1.74.0
- name: Set Rust 1.74.0 as default
run: rustup default 1.74.0
- name: Add MSVC target
run: rustup target add x86_64-pc-windows-msvc
- name: Build the library
run: |
cargo build --target x86_64-pc-windows-msvc --release --package web5_uniffi
mkdir -p bound/kt/src/main/resources/
cp target/x86_64-pc-windows-msvc/release/web5_uniffi.dll bound/kt/src/main/resources/web5_uniffi_x86_64_pc_windows_msvc.dll
- name: Upload .dll
uses: actions/[email protected]
with:
name: x86_64-pc-windows-msvc-dll
path: bound/kt/src/main/resources/web5_uniffi_x86_64_pc_windows_msvc.dll
kotlin-acceptance-testing:
permissions:
id-token: write
needs:
- build_aarch64_apple_darwin
- build_x86_64_apple_darwin
- build_x86_64_unknown_linux_gnu
- build_x86_64_unknown_linux_musl
- build_x86_64_pc_windows_msvc
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest, macos-12, windows-latest]
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: "adopt"
java-version: "11"
# Cache Maven repo
- uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
# Package up the native binaries
#TODO Centralize this block as we re-use it via copy/paste right now
- name: Download MacOS aarch64 Native Library
uses: actions/[email protected]
with:
name: aarch64-apple-darwin-dylib
path: bound/kt/src/main/resources/
- name: Download MacOS x86_64 Native Library
uses: actions/[email protected]
with:
name: x86_64-apple-darwin-dylib
path: bound/kt/src/main/resources/
- name: Download Linux x86_64 GNU Native Library
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-gnu-so
path: bound/kt/src/main/resources/
- name: Download Linux x86_64 MUSL Native Library
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-musl-so
path: bound/kt/src/main/resources/
- name: Download Windows x86_64 MSVC Native Library
uses: actions/[email protected]
with:
name: x86_64-pc-windows-msvc-dll
path: bound/kt/src/main/resources/
- name: Run Maven Tests
run: |
cd bound/kt/
mvn test --batch-mode
- name: Upload test coverage to Codecov
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 #v4.5.0
with:
use_oidc: true
working-directory: bound/kt
files: target/kover/test.ic
kotlin-deploy-snapshot:
needs:
- kotlin-acceptance-testing
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: "adopt"
java-version: "11"
# Cache Maven repo
- uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Resolve Snapshot Version
id: resolve_version
run: |
# Version resolution: use provided
if [ -n "${{ github.event.inputs.version }}" ]; then
if [[ "${{ github.event.inputs.version }}" != *-SNAPSHOT ]]; then
resolvedVersion="${{ github.event.inputs.version }}-SNAPSHOT"
else
resolvedVersion="${{ github.event.inputs.version }}"
fi
# Otherwise, construct a version for deployment in form X.Y.Z-commit-$shortSHA-SNAPSHOT
else
longSHA=$(git rev-parse --verify HEAD)
shortSHA=$(echo "${longSHA:0:7}")
resolvedVersion="commit-$shortSHA-SNAPSHOT"
echo "Requesting deployment as version: $resolvedVersion"
fi
echo "Resolved SNAPSHOT Version: $resolvedVersion"
echo "resolved_version=$resolvedVersion" >> $GITHUB_OUTPUT
# Package up the native binaries
#TODO Centralize this block as we re-use it via copy/paste right now
- name: Download MacOS aarch64 Native Library
uses: actions/[email protected]
with:
name: aarch64-apple-darwin-dylib
path: bound/kt/src/main/resources/
- name: Download MacOS x86_64 Native Library
uses: actions/[email protected]
with:
name: x86_64-apple-darwin-dylib
path: bound/kt/src/main/resources/
- name: Download Linux x86_64 GNU Native Library
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-gnu-so
path: bound/kt/src/main/resources/
- name: Download Linux x86_64 MUSL Native Library
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-musl-so
path: bound/kt/src/main/resources/
- name: Download Windows x86_64 MSVC Native Library
uses: actions/[email protected]
with:
name: x86_64-pc-windows-msvc-dll
path: bound/kt/src/main/resources/
- name: Deploy Snapshot / Verify
run: |
# cd into the Kotlin project
cd bound/kt/
# Set newly resolved version in POM config
mvn \
versions:set \
--batch-mode \
-DnewVersion=${{ steps.resolve_version.outputs.resolved_version }}
# Only attempt to publish artifact if we have credentials
if [ -n "${{ secrets.ARTIFACTORY_PASSWORD }}" ]; then
# Maven deploy lifecycle will build, run tests, verify, sign, and deploy
mvn deploy --batch-mode --settings .maven_settings.xml -P sign-artifacts
else
# Otherwise, Maven verify lifecycle will build, run tests, and verify
mvn verify --batch-mode
fi
env:
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
SIGN_KEY_PASS: ${{ secrets.GPG_SECRET_PASSPHRASE }}
SIGN_KEY: ${{ secrets.GPG_SECRET_KEY }}
- name: Upload Kotlin Test Vector Results
uses: actions/[email protected]
with:
name: kotlin-test-results
path: bound/kt/target/surefire-reports/*.xml
rust-test-vectors:
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install Rust 1.75.0
run: rustup toolchain install 1.75.0
- name: Set Rust 1.75.0 as default
run: rustup default 1.75.0
- name: Install Nextest
run: cargo install cargo-nextest
- name: Create nextest.toml
run: |
echo '[profile.ci.junit]' > nextest.toml
echo 'path = "junit.xml"' >> nextest.toml
echo 'store-success-output = true' >> nextest.toml
echo 'store-failure-output = true' >> nextest.toml
- name: Run Rust Tests
run: |
mkdir -p test-results
cargo nextest run --profile ci --config-file ./nextest.toml -E 'test(test_vectors::)'
- name: Modify testsuite name in XML for test runner consumption
run: |
sed -i '' 's/<testsuite name="web5"/<testsuite name="Web5TestVectorsProtocolTest"/' target/nextest/ci/junit.xml
- name: Move Test Results
run: mv target/nextest/ci/junit.xml test-results/rust-test-results.xml
- name: Upload Rust Test Vector Results
uses: actions/upload-artifact@v3
with:
name: rust-test-results
path: test-results/rust-test-results.xml