Refactor Key Management in @web5/crypto
and add `@web5/crypto-aws-k…
#875
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
jobs: | |
security-audit: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout source | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 | |
- name: Set up Node.js | |
uses: actions/setup-node@5ef044f9d09786428e6e895be6be17937becee3a #v4.0.0 | |
with: | |
node-version: 18 | |
cache: "npm" | |
- name: Report known vulnerabilities | |
run: npm audit | |
test-with-node: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout source | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 | |
- name: Set up Node.js | |
uses: actions/setup-node@5ef044f9d09786428e6e895be6be17937becee3a #v4.0.0 | |
with: | |
node-version: 18 | |
registry-url: https://registry.npmjs.org/ | |
cache: "npm" | |
- name: Install dependencies | |
run: npm ci | |
- name: Build all workspace packages | |
run: npm run build | |
- name: Run linter for all packages | |
run: npm run lint --ws | |
- name: Run dwn-server (background) | |
run: | | |
node node_modules/@web5/dwn-server/dist/esm/src/main.js & | |
echo "DWN_SERVER_BACKGROUND_PROCESS=$!" >> $GITHUB_ENV | |
- name: Run tests for all packages | |
run: npm run test:node --ws -- --color --reporter mocha-junit-reporter --reporter-options mochaFile=./results.xml | |
env: | |
TEST_DWN_URL: http://localhost:3000 | |
- name: Terminate dwn-server | |
run: kill $DWN_SERVER_BACKGROUND_PROCESS || true | |
- name: Upload test coverage to Codecov | |
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
- name: Upload test results to update SDK reports | |
uses: actions/upload-artifact@v3 | |
with: | |
name: junit-results | |
path: packages/*/results.xml | |
- name: Generate an access token to trigger downstream repo | |
uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 | |
id: generate_token | |
if: github.ref == 'refs/heads/main' | |
with: | |
app-id: ${{ secrets.CICD_ROBOT_GITHUB_APP_ID }} | |
private-key: ${{ secrets.CICD_ROBOT_GITHUB_APP_PRIVATE_KEY }} | |
owner: TBD54566975 | |
repositories: sdk-development | |
- name: Trigger sdk-development report build | |
if: github.ref == 'refs/heads/main' | |
run: | | |
curl -L \ | |
-H "Authorization: Bearer ${APP_TOKEN}" \ | |
-H "X-GitHub-Api-Version: 2022-11-28" \ | |
-H "Content-Type: application/json" \ | |
--fail \ | |
--data '{"ref": "main"}' \ | |
https://api.github.com/repos/TBD54566975/sdk-development/actions/workflows/build-report.yaml/dispatches | |
env: | |
APP_TOKEN: ${{ steps.generate_token.outputs.token }} | |
test-with-browsers: | |
name: test-with-browsers (group ${{ matrix.group }}) | |
# Run browser tests using macOS so that WebKit tests don't fail under a Linux environment | |
runs-on: macos-latest | |
strategy: | |
# parallelism strategy: agent takes as long as roughly all other pkgs combined. | |
matrix: | |
include: | |
- group: "A" | |
packages: "--workspace packages/agent --workspace packages/dids" | |
- group: "B" | |
packages: "--workspace packages/common --workspace packages/crypto --workspace packages/credentials --workspace packages/user-agent --workspace packages/proxy-agent --workspace packages/api --workspace packages/identity-agent" | |
steps: | |
- name: Checkout source | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1 | |
- name: Set up Node.js | |
uses: actions/setup-node@5ef044f9d09786428e6e895be6be17937becee3a #v4.0.0 | |
with: | |
node-version: 18 | |
registry-url: https://registry.npmjs.org/ | |
cache: "npm" | |
- name: Install dependencies | |
run: npm ci | |
- name: Get Playwright Version (for cache) | |
id: get-playwright-version | |
run: | | |
PLAYWRIGHT_VERSION=$(npm view @playwright/test version) | |
echo "Playwright Version: $PLAYWRIGHT_VERSION" | |
echo "PLAYWRIGHT_VERSION=$PLAYWRIGHT_VERSION" >> $GITHUB_ENV | |
- name: Restore Cached Playwright Browsers | |
id: cache-playwright-restore | |
uses: actions/cache/restore@84995e0d91a927aa8da027221d329f84446b8c9b #v3.3.2 | |
with: | |
path: ~/Library/Caches/ms-playwright | |
key: ${{ runner.os }}-playwright-${{ env.PLAYWRIGHT_VERSION }} | |
- name: Install Playwright Browsers (if no cache) | |
if: steps.cache-playwright-restore.outputs.cache-hit != 'true' | |
run: npx playwright install --with-deps | |
- name: Save Playwright Cache (if no cache) | |
uses: actions/cache/save@e08330827dd5663b268018076572bea59a734b60 #v3.3.2 | |
id: cache-playwright-save | |
if: steps.cache-playwright-restore.outputs.cache-hit != 'true' | |
with: | |
path: ~/Library/Caches/ms-playwright | |
key: ${{ runner.os }}-playwright-${{ env.PLAYWRIGHT_VERSION }} | |
- name: Build esm | |
run: npm run build:esm --ws | |
- name: Build browser for matrix ${{ matrix.group }} | |
run: npm run build:browser ${{ matrix.packages }} | |
- name: Run dwn-server (background) | |
run: | | |
node node_modules/@web5/dwn-server/dist/esm/src/main.js & | |
echo "DWN_SERVER_BACKGROUND_PROCESS=$!" >> $GITHUB_ENV | |
- name: Run tests for matrix ${{ matrix.group }} | |
run: npm run test:browser ${{ matrix.packages }} | |
- name: Terminate dwn-server | |
run: kill $DWN_SERVER_BACKGROUND_PROCESS || true |