SD-JWT scenario #776
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: zenroom | |
on: | |
push: | |
paths-ignore: | |
- 'docs/**' | |
- 'examples/**' | |
- '*.md' | |
branches: | |
- master | |
pull_request: | |
paths-ignore: | |
- 'docs/**' | |
- 'examples/**' | |
- '*.md' | |
branches: | |
- master | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref_name }} | |
cancel-in-progress: true | |
jobs: | |
reuse: | |
name: 🚨 REUSE Compliance | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: fsfe/reuse-action@v1 | |
c-lint: | |
name: 🚨 C lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: reviewdog/action-cpplint@master | |
env: | |
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
reporter: github-pr-check | |
targets: --recursive src | |
level: warning | |
flags: --linelength=120 # Optional | |
filter: "-readability/braces\ | |
,-readability/casting\ | |
,-whitespace/comma\ | |
,-whitespace/braces\ | |
,-whitespace/comments\ | |
,-whitespace/indent\ | |
,-whitespace/newline\ | |
,-whitespace/operators\ | |
,-whitespace/parens\ | |
,-whitespace/tab\ | |
" # Optional | |
# - name: Fail fast?! | |
# if: steps.linter.outputs.checks-failed > 0 | |
# run: | | |
# echo "😤 Some files failed the C linting checks!" | |
lua-lint: | |
name: 🚨 Lua lint | |
runs-on: ubuntu-latest | |
steps: | |
# - uses: dorny/paths-filter@v2 | |
# with: | |
# filters: | | |
# src: | |
# - 'src/lua' | |
# - if: steps.changes.outputs.src == 'true' | |
- uses: actions/checkout@v3 | |
- name: Setup luacheck | |
run: | | |
if ! hash luacheck &>/dev/null; then | |
sudo apt-get install -yq luarocks 1>/dev/null || exit 1 | |
sudo luarocks install luacheck 1>/dev/null || exit 1 | |
sudo luarocks install lanes &>/dev/null || true | |
fi | |
luacheck --version | |
shell: bash | |
- name: 🚨 LUA lint | |
continue-on-error: true | |
working-directory: src/lua | |
run: | | |
luacheck --config .luacheckrc --std lua54 . | |
meson-build: | |
name: 🥷 meson/ninja build | |
needs: [reuse, c-lint, lua-lint] | |
if: "!contains(github.event.pull_request.labels.*.name, 'SKIP_MESON')" | |
strategy: | |
matrix: | |
command: [meson-ccache, meson-clang-ccache] | |
fail-fast: false | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.10' | |
- uses: hendrikmuhs/ccache-action@v1.2 | |
- name: install dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y vim zsh luajit lua-cjson | |
pip3 install meson ninja | |
- name: Compile with command ${{ matrix.command }} | |
run: | | |
make ${{ matrix.command }} | |
- run: make meson-test | |
linux-build: | |
name: 🐧 Linux build | |
needs: [reuse, c-lint, lua-lint] | |
if: "github.event_name == 'pull_request'" | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: install dependencies | |
run: sudo apt install -y zsh jq musl-dev meson | |
- name: Build mimalloc | |
run: make mimalloc | |
- name: Build x86_64 with musl-system | |
run: | | |
make musl-system | |
make clean | |
- name: Build x86_64 shlib | |
run: make linux-meson-clang-release | |
windows-build: | |
name: 🪟 Windows build | |
needs: [reuse, c-lint, lua-lint] | |
if: "github.event_name == 'pull_request'" | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: install dependencies | |
run : sudo apt install -y zsh jq gcc-mingw-w64 g++-mingw-w64 | |
- name: Build x86_64 windows .exe | |
run: | | |
make win | |
make win-dll | |
macosx-build: | |
name: 🍎 Macosx build | |
needs: [reuse, c-lint, lua-lint] | |
if: "github.event_name == 'pull_request'" | |
runs-on: macos-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- run: make osx | |
go-build-check: | |
name: 🐹 go build & checks | |
needs: [reuse, c-lint, lua-lint] | |
runs-on: ubuntu-latest | |
if: "!contains(github.event.pull_request.labels.*.name, 'SKIP_GO')" | |
strategy: | |
matrix: | |
go: ['1.13', '1.14', '1.15', '1.16', '1.19'] | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ matrix.go }} | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: '3.10' | |
- run: | | |
pip3 install meson ninja | |
sudo apt-get install --force-yes zsh | |
- run: make linux | |
- run: cp src/zencode-exec /usr/local/bin/ | |
- name: 🧪 test bindings go-${{ matrix.go }} | |
working-directory: bindings/golang/zenroom | |
run: make test | |
# - name: 🔐 check crypto with go-${{ matrix.go }} | |
# run: make check-go | |
rust-build-check: | |
name: 🦀 rust build & checks | |
needs: [reuse, c-lint, lua-lint] | |
runs-on: ubuntu-latest | |
if: "!contains(github.event.pull_request.labels.*.name, 'SKIP_RUST')" | |
strategy: | |
matrix: | |
rust: ['stable', 'nightly'] | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: dtolnay/rust-toolchain@stable | |
with: | |
toolchain: ${{ matrix.rust }} | |
- run: | | |
pip3 install meson ninja | |
sudo apt-get install --force-yes zsh | |
- run: make linux | |
- run: cp src/zencode-exec /usr/local/bin/ | |
- name: 🧪 test bindings rust-${{ matrix.rust }} | |
working-directory: bindings/rust | |
run: cargo test | |
- name: 🔐 check crypto with rust-${{ matrix.rust }} | |
run: make check-rs | |
# cortex-m-build-check: | |
# name: 📟 cortex-m build & checks | |
# needs: [reuse, c-lint, lua-lint] | |
# runs-on: ubuntu-latest | |
# if: ${{ contains(github.event.pull_request.labels.*.name, 'run cortex') || contains(github.event.head_commit.message, 'run cortex') }} | |
# steps: | |
# - uses: actions/checkout@v3 | |
# with: | |
# fetch-depth: 0 | |
# - uses: numworks/setup-arm-toolchain@2021-10 | |
# - run: sudo apt install zsh qemu-system-arm | |
# - name: Download cmsis | |
# run: | | |
# curl -LO https://github.com/ARM-software/CMSIS_5/archive/refs/tags/5.7.0.tar.gz | |
# tar xvf 5.7.0.tar.gz -C lib | |
# mv lib/CMSIS_5-5.7.0 lib/cmsis | |
# - run: make cortex-arm | |
# - name: 🔐 check crypto with cortex-m | |
# run: make check-cortex-m | |
js-build-check: | |
name: 🐯 js build & checks | |
needs: [reuse, c-lint, lua-lint] | |
runs-on: ubuntu-latest | |
if: "!contains(github.event.pull_request.labels.*.name, 'SKIP_JS')" | |
strategy: | |
matrix: | |
node-version: [16.x, 18.x, 20.x] | |
env: | |
EM_VERSION: latest | |
defaults: | |
run: | |
working-directory: bindings/javascript | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- uses: mymindstorm/setup-emsdk@v12 | |
with: | |
version: ${{ env.EM_VERSION }} | |
- run: sudo apt-get update; sudo apt-get install zsh meson ninja-build | |
- run: yarn | |
- run: yarn build | |
env: | |
EMSCRIPTEN: ${{ env.EMSDK }}/upstream/emscripten | |
- name: 🧪 test bindings node-${{ matrix.node-version }} | |
run: yarn test | |
- name: 🔐 check crypto with node-${{ matrix.node-version }} | |
working-directory: ./ | |
run: make check-js | |
python-check: | |
name: 🐍 Python checks | |
needs: [reuse, c-lint, lua-lint] | |
if: "!contains(github.event.pull_request.labels.*.name, 'SKIP_PY') && github.event_name == 'pull_request'" | |
runs-on: ${{ matrix.os }} | |
defaults: | |
run: | |
working-directory: bindings/python3 | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, macos-latest] | |
python-version: ["3.8", "3.9", "3.10"] | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- run: sudo apt update | |
if: runner.os == 'Linux' | |
- run: sudo apt install -y zsh cmake | |
if: runner.os == 'Linux' | |
- run: brew install zsh | |
if: runner.os == 'macOS' | |
- run: | | |
cd ../.. | |
make linux | |
cp src/zencode-exec /usr/local/bin/ | |
- run: | | |
./prepare.sh | |
pipx install meson | |
pipx install ninja | |
pip3 install .[test] | |
- run: pytest -s tests | |
semantic-release: | |
name: 🤖 Semantic release | |
needs: [rust-build-check, go-build-check, meson-build, js-build-check] | |
runs-on: ubuntu-latest | |
if: ${{ github.ref_name == 'master' && github.event_name == 'push' }} | |
outputs: | |
release: ${{ steps.tag_release.outputs.release }} | |
version: ${{ steps.tag_release.outputs.version }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Setup Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18.x | |
- run: yarn | |
- name: Tag release | |
id: tag_release | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
npx semantic-release | tee semantic-release.log | |
if [[ `git tag --points-at HEAD` == "" ]]; then | |
echo "release=False" >> $GITHUB_OUTPUT | |
else | |
echo "release=True" >> $GITHUB_OUTPUT | |
awk '/Published release/ { printf("version=v%s\n",$8) }' semantic-release.log >> $GITHUB_OUTPUT | |
fi | |
js-build-release: | |
name: 🐯 js build release | |
needs: [semantic-release] | |
if: ${{ needs.semantic-release.outputs.release == 'True' }} | |
runs-on: ubuntu-latest | |
env: | |
EM_VERSION: 3.1.26 | |
defaults: | |
run: | |
working-directory: bindings/javascript | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 16.x | |
- uses: mymindstorm/setup-emsdk@v12 | |
with: | |
version: ${{ env.EM_VERSION }} | |
- run: sudo apt-get update; sudo apt-get install zsh meson ninja-build | |
- run: yarn | |
- run: yarn build | |
env: | |
EMSCRIPTEN: ${{ env.EMSDK }}/upstream/emscripten | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: javascript-artifact | |
path: | | |
./bindings/javascript/CHANGELOG.md | |
./bindings/javascript/LICENSE | |
./bindings/javascript/package.json | |
./bindings/javascript/README.md | |
./bindings/javascript/dist/ | |
build-release-on-ubuntu: | |
name: 🐧 Binary builds on Ubuntu | |
runs-on: ubuntu-latest | |
needs: [semantic-release] | |
if: ${{ needs.semantic-release.outputs.release == 'True' }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Upload release docs artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: documentation | |
path: | | |
build/release-intro.md | |
- name: Install build deps | |
run: | | |
sudo apt install zsh tree jq cmake make gcc g++ musl-dev meson clang gcc-mingw-w64 g++-mingw-w64 | |
- name: Build mimalloc | |
run: make mimalloc | |
- name: Build x86_64 with musl-system | |
run: make musl-system | |
- name: Upload artifact linux-amd64 | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release-bin-linux-amd64 | |
path: | | |
src/zenroom | |
src/zencode-exec | |
- name: Clean for next build | |
run: make clean | |
- name: Build x86_64 shlib | |
run: make linux-meson-clang-release | |
- name: Upload artifact linux-lib-amd64 | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release-lib-linux-amd64 | |
path: | | |
meson/libzenroom.a | |
meson/libzenroom.so | |
- name: Clean for next build | |
run: make clean | |
- name: Build x86_64 windows .exe | |
run: | | |
make win | |
make win-dll | |
- name: Upload artifact win x86_64 | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release-exe-win-w64 | |
path: | | |
src/zenroom.exe | |
src/zencode-exec.exe | |
src/libzenroom_dll.lib | |
src/zenroom.dll | |
file-changes: | |
name: "🗃️ Check file changes" | |
runs-on: ubuntu-latest | |
needs: [semantic-release] | |
if: "needs.semantic-release.outputs.release == 'True'" | |
outputs: | |
python3: ${{ steps.filter.outputs.python3 }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: dorny/paths-filter@v2 | |
id: filter | |
with: | |
filters: | | |
python3: | |
- 'bindings/python3/**' | |
python-sdist: | |
name: 🐍 Python create source distribution | |
runs-on: ubuntu-latest | |
needs: [semantic-release, file-changes] | |
if: "needs.semantic-release.outputs.release == 'True' && needs.file-changes.outputs.python3 == 'true'" | |
defaults: | |
run: | |
working-directory: bindings/python3 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: master | |
fetch-depth: 0 | |
- run: | | |
pip install ninja twine | |
./prepare.sh | |
- run: pipx run build --sdist | |
- run: twine check dist/*.tar.gz | |
- uses: actions/upload-artifact@v3 | |
with: | |
path: ./bindings/python3/dist/*.tar.gz | |
build-release-on-osx: | |
name: 🍎 mac osx release build | |
needs: [semantic-release] | |
runs-on: macos-latest | |
if: ${{ needs.semantic-release.outputs.release == 'True' }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- run: | | |
make osx | |
- name: Upload artifact win x86_64 | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release-bin-osx | |
path: | | |
src/zenroom.command | |
src/zencode-exec.command | |
npm-release: | |
name: 📦 npm release | |
runs-on: ubuntu-latest | |
needs: [js-build-release, build-release-on-osx, build-release-on-ubuntu] | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: master | |
fetch-depth: 0 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 16.x | |
registry-url: 'https://registry.npmjs.org' | |
- uses: actions/download-artifact@v3 | |
with: | |
name: javascript-artifact | |
path: . | |
- run: | | |
version=$(git describe --tags --abbrev=0) | |
yarn version --new-version ${version:1} --no-git-tag-version | |
- run: npm publish . --tag latest | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
pypi-release: | |
name: 📦 PyPI release | |
needs: [js-build-release, python-sdist, build-release-on-osx, build-release-on-ubuntu] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/download-artifact@v3 | |
with: | |
name: artifact | |
path: dist | |
- uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
user: __token__ | |
password: ${{ secrets.PYPI_API_TOKEN }} | |
draft-binary-release: | |
name: 📦 Pack release | |
needs: [semantic-release, js-build-release, build-release-on-osx, build-release-on-ubuntu] | |
runs-on: ubuntu-latest | |
steps: | |
- name: download binary artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
path: | | |
zenroom-bin | |
- name: show directory structure | |
run: tree -dL 3 | |
- name: relase all binary artifacts | |
uses: softprops/action-gh-release@v1 | |
with: | |
files: | | |
zenroom-bin/release*/* | |
tag_name: ${{ needs.semantic-release.outputs.version }} | |
body_path: zenroom-bin/documentation/release-intro.md | |
append_body: true | |
draft: false | |
prerelease: false | |
fail_on_unmatched_files: true | |
generate_release_notes: true | |
remove-tag-on-fail: | |
name: 🧻 Remove tag on fail | |
needs: [semantic-release, js-build-release, build-release-on-osx, build-release-on-ubuntu] | |
runs-on: ubuntu-latest | |
if: ${{ (failure() || cancelled()) && needs.semantic-release.outputs.release == 'True' }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Remove tag | |
uses: dev-drprasad/delete-tag-and-release@v1.0 | |
with: | |
tag_name: ${{ needs.semantic-release.outputs.version }} | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
delete_release: false | |
repo: dyne/zenroom |