generated from TBD54566975/tbd-project-template
-
Notifications
You must be signed in to change notification settings - Fork 17
383 lines (358 loc) · 13.3 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
name: CI
on:
workflow_dispatch:
inputs:
version:
description: 'Version of Kotlin binary to publish to TBD Artifactory. For example "1.0.0-SNAPSHOT". If not supplied, will default to "commit-$shortSHA-SNAPSHOT" where $shortSHA is the shortform commit SHA. Must end in "-SNAPSHOT".'
required: false
default: "0.0.0-SNAPSHOT"
push:
branches:
- main
pull_request:
workflow_call:
inputs:
version:
description: 'Version of Kotlin binary to publish to TBD Artifactory. For example "1.0.0-SNAPSHOT". If not supplied, will default to "commit-$shortSHA-SNAPSHOT" where $shortSHA is the shortform commit SHA. Must end in "-SNAPSHOT".'
required: true
type: string
env:
CARGO_TERM_COLOR: always
RUSTFLAGS: "-Dwarnings"
WEB5_SDK_LOG_LEVEL: debug
jobs:
test:
permissions:
id-token: write
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install Rust 1.74.0
run: rustup toolchain install 1.74.0
- name: Set Rust 1.74.0 as default
run: rustup default 1.74.0
- name: Test
run: |
rustup component add llvm-tools-preview
cargo install grcov
cargo test --package web5
env:
RUSTFLAGS: -Cinstrument-coverage
LLVM_PROFILE_FILE: web5-rs-%p-%m.profraw
- name: Upload test coverage to Codecov
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 #v4.5.0
with:
use_oidc: true
files: '*.profraw'
assert_full_test_suite:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Run Test Suite
run: tests/unit_test_cases.sh
build_aarch64_apple_darwin:
runs-on: macos-latest
name: Build aarch64-apple-darwin target
steps:
- uses: actions/checkout@v2
- name: Install Rust 1.74.0
run: rustup toolchain install 1.74.0
- name: Set Rust 1.74.0 as default
run: rustup default 1.74.0
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/aarch64_apple_darwin
./build
if cargo tree | grep -q ring; then
echo "::error title=ring library found in compiled binary::The ring library has unclear licensing and we are not sure if it can be put in the compiled binary"
exit 1
fi
- name: Upload .dylib
uses: actions/upload-artifact@v4.0.0
with:
name: aarch64-apple-darwin-dylib
path: bound/kt/src/main/resources/libweb5_uniffi_aarch64_apple_darwin.dylib
build_x86_64_apple_darwin:
runs-on: macos-12
name: Build x86_64-apple-darwin target
steps:
- uses: actions/checkout@v2
- name: Install Rust 1.74.0
run: rustup toolchain install 1.74.0
- name: Set Rust 1.74.0 as default
run: rustup default 1.74.0
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/x86_64_apple_darwin
./build
if cargo tree | grep -q ring; then
echo "::error title=ring library found in compiled binary::The ring library has unclear licensing and we are not sure if it can be put in the compiled binary"
exit 1
fi
- name: Upload .dylib
uses: actions/upload-artifact@v4.0.0
with:
name: x86_64-apple-darwin-dylib
path: bound/kt/src/main/resources/libweb5_uniffi_x86_64_apple_darwin.dylib
build_x86_64_unknown_linux_gnu:
runs-on: ubuntu-latest
name: Build x86_64-unknown-linux-gnu target
steps:
- uses: actions/checkout@v2
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/x86_64_unknown_linux_gnu
./build
if cargo tree | grep -q ring; then
echo "::error title=ring library found in compiled binary::The ring library has unclear licensing and we are not sure if it can be put in the compiled binary"
exit 1
fi
- name: Upload .so
uses: actions/upload-artifact@v4.0.0
with:
name: x86_64-unknown-linux-gnu-so
path: bound/kt/src/main/resources/libweb5_uniffi_x86_64_unknown_linux_gnu.so
build_x86_64_unknown_linux_musl:
runs-on: ubuntu-latest
name: Build x86_64-unknown-linux-musl target
steps:
- uses: actions/checkout@v2
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/x86_64_unknown_linux_musl
./build
if cargo tree | grep -q ring; then
echo "::error title=ring library found in compiled binary::The ring library has unclear licensing and we are not sure if it can be put in the compiled binary"
exit 1
fi
- name: Upload .so
uses: actions/upload-artifact@v4.0.0
with:
name: x86_64-unknown-linux-musl-so
path: bound/kt/src/main/resources/libweb5_uniffi_x86_64_unknown_linux_musl.so
build_x86_64_pc_windows_msvc:
runs-on: windows-latest
name: Build x86_64-pc-windows-msvc target
steps:
- uses: actions/checkout@v2
- name: Install Rust 1.74.0
run: rustup toolchain install 1.74.0
- name: Set Rust 1.74.0 as default
run: rustup default 1.74.0
- name: Add MSVC target
run: rustup target add x86_64-pc-windows-msvc
- name: Build the library
run: |
cargo build --target x86_64-pc-windows-msvc --release --package web5_uniffi
mkdir -p bound/kt/src/main/resources
cp target/x86_64-pc-windows-msvc/release/web5_uniffi.dll bound/kt/src/main/resources/web5_uniffi_x86_64_pc_windows_msvc.dll
- name: Upload .dll
uses: actions/upload-artifact@v4.0.0
with:
name: x86_64-pc-windows-msvc-dll
path: bound/kt/src/main/resources/web5_uniffi_x86_64_pc_windows_msvc.dll
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Init Hermit
uses: cashapp/activate-hermit@v1
with:
cache: true
- name: Setup
run: just setup
- name: Lint
run: just lint
rust-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Init Hermit
uses: cashapp/activate-hermit@v1
with:
cache: true
- name: Setup
run: just setup
- name: Test
run: just test
kotlin-build-test-deploy-snapshot:
needs:
- build_aarch64_apple_darwin
- build_x86_64_apple_darwin
- build_x86_64_unknown_linux_gnu
- build_x86_64_unknown_linux_musl
- build_x86_64_pc_windows_msvc
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: "adopt"
java-version: "11"
# Cache Maven repo
- uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Resolve Snapshot Version
id: resolve_version
run: |
# Version resolution: use provided
if [ -n "${{ github.event.inputs.version }}" ]; then
if [[ "${{ github.event.inputs.version }}" != *-SNAPSHOT ]]; then
resolvedVersion="${{ github.event.inputs.version }}-SNAPSHOT"
else
resolvedVersion="${{ github.event.inputs.version }}"
fi
# Otherwise, construct a version for deployment in form X.Y.Z-commit-$shortSHA-SNAPSHOT
else
longSHA=$(git rev-parse --verify HEAD)
shortSHA=$(echo "${longSHA:0:7}")
resolvedVersion="commit-$shortSHA-SNAPSHOT"
echo "Requesting deployment as version: $resolvedVersion"
fi
echo "Resolved SNAPSHOT Version: $resolvedVersion"
echo "resolved_version=$resolvedVersion" >> $GITHUB_OUTPUT
# Package up the native binaries
#TODO Centralize this block as we re-use it via copy/paste right now
- name: Download MacOS aarch64 Native Library
uses: actions/download-artifact@v4.1.7
with:
name: aarch64-apple-darwin-dylib
path: bound/kt/src/main/resources/
- name: Download MacOS x86_64 Native Library
uses: actions/download-artifact@v4.1.7
with:
name: x86_64-apple-darwin-dylib
path: bound/kt/src/main/resources/
- name: Download Linux x86_64 GNU Native Library
uses: actions/download-artifact@v4.1.7
with:
name: x86_64-unknown-linux-gnu-so
path: bound/kt/src/main/resources/
- name: Download Linux x86_64 MUSL Native Library
uses: actions/download-artifact@v4.1.7
with:
name: x86_64-unknown-linux-musl-so
path: bound/kt/src/main/resources/
- name: Download Windows x86_64 MSVC Native Library
uses: actions/download-artifact@v4.1.7
with:
name: x86_64-pc-windows-msvc-dll
path: bound/kt/src/main/resources/
- name: Deploy Snapshot / Verify
run: |
# cd into the Kotlin project
cd bound/kt/
# Set newly resolved version in POM config
mvn \
versions:set \
--batch-mode \
-DnewVersion=${{ steps.resolve_version.outputs.resolved_version }}
# Only attempt to publish artifact if we have credentials
if [ -n "${{ secrets.ARTIFACTORY_PASSWORD }}" ]; then
# Maven deploy lifecycle will build, run tests, verify, sign, and deploy
mvn deploy --batch-mode --settings .maven_settings.xml -P sign-artifacts
else
# Otherwise, Maven verify lifecycle will build, run tests, and verify
mvn verify --batch-mode
fi
env:
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
SIGN_KEY_PASS: ${{ secrets.GPG_SECRET_PASSPHRASE }}
SIGN_KEY: ${{ secrets.GPG_SECRET_KEY }}
- name: Upload Kotlin Test Results
uses: actions/upload-artifact@v4.0.0
with:
name: kotlin-test-results
path: bound/kt/target/surefire-reports/*.xml
- name: Upload web5 w/ Dependencies JAR
uses: actions/upload-artifact@v4.0.0
with:
name: web5-with-dependencies-jar
path: bound/kt/target/*-with-dependencies.jar
kotlin-acceptance-test:
needs: kotlin-build-test-deploy-snapshot
strategy:
matrix:
os: [ ubuntu-latest, macos-latest, macos-12, windows-latest ]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: "adopt"
java-version: "11"
- name: Download web5 w/ Dependencies JAR
uses: actions/download-artifact@v4.1.7
with:
name: web5-with-dependencies-jar
path: tests/jvm
- name: Run Acceptance Tests (Non-Windows)
if: matrix.os != 'windows-latest'
shell: bash
run: |
cd tests/jvm
mv *-with-dependencies.jar web5-with-dependencies.jar
javac Web5AcceptanceTest.java -cp web5-with-dependencies.jar
java -classpath web5-with-dependencies.jar:. Web5AcceptanceTest
- name: Run Acceptance Tests (Windows)
if: matrix.os == 'windows-latest'
shell: cmd
run: |
cd tests/jvm
ren *-with-dependencies.jar web5-with-dependencies.jar
javac Web5AcceptanceTest.java -cp web5-with-dependencies.jar
java -classpath web5-with-dependencies.jar;. Web5AcceptanceTest
rust-test-vectors:
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Init Hermit
uses: cashapp/activate-hermit@v1
with:
cache: true
- name: Setup
run: just setup
- name: Install latest stable Rust
run: rustup install stable && rustup default stable
- name: Install Nextest
run: cargo install cargo-nextest
- name: Create nextest.toml
run: |
echo '[profile.ci.junit]' > nextest.toml
echo 'path = "junit.xml"' >> nextest.toml
echo 'store-success-output = true' >> nextest.toml
echo 'store-failure-output = true' >> nextest.toml
- name: Run Rust Tests
run: |
mkdir -p test-results
cargo nextest run --profile ci --config-file ./nextest.toml -E 'test(test_vectors::)'
- name: Modify testsuite name in XML for test runner consumption
run: |
sed -i '' 's/<testsuite name="web5"/<testsuite name="Web5TestVectorsProtocolTest"/' target/nextest/ci/junit.xml
- name: Move Test Results
run: mv target/nextest/ci/junit.xml test-results/rust-test-results.xml
- name: Upload Rust Test Vector Results
uses: actions/upload-artifact@v3
with:
name: rust-test-results
path: test-results/rust-test-results.xml