-
Notifications
You must be signed in to change notification settings - Fork 43
266 lines (217 loc) · 9.81 KB
/
bindings-nodejs-publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
name: Node.js publish to NPM
on: workflow_dispatch
env:
CARGO_INCREMENTAL: 0
jobs:
publish-nodejs:
runs-on: ubuntu-latest
defaults:
run:
working-directory: bindings/nodejs
steps:
- uses: actions/checkout@v3
- name: Set up Rust
uses: ./.github/actions/setup-rust
# Required for ledger-nano
- name: Install required packages
run: |
sudo apt-get update
sudo apt-get install libudev-dev libusb-1.0-0-dev
- name: Set up Node.js
uses: actions/setup-node@v3
with:
node-version: "18.x"
registry-url: "https://registry.npmjs.org"
- name: Install Yarn
run: npm i -g yarn
- name: Install JS dependencies
run: yarn
- name: Build project
run: yarn build
- name: Update Cargo.toml with git
run: sed -i 's#path = "../core"#git = "https://github.com/iotaledger/iota-sdk", rev = "'$GITHUB_SHA'"#g' Cargo.toml
- name: Print Cargo.toml
run: cat Cargo.toml
- name: Publish nodejs bindings to NPM
shell: sh
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: yarn publish --access public --tag alpha
nodejs-binding-prebuild:
runs-on: ${{ matrix.os }}
needs: publish-nodejs
strategy:
fail-fast: false
matrix:
# The GitHub hosted Windows 2022 image comes with Visual Studio 2022, but node-gyp
# (which is used by neon-sys) sadly fails to recognize it. As a mitigation, we still run the
# tests on Windows 2019, until we can figure out a way to fix the problem.
os: [ubuntu-20.04, macos-13, windows-2019]
node-version: ["18.x"]
steps:
- uses: actions/checkout@v3
- name: Set up Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Install Yarn
run: npm i -g yarn
- name: Select Xcode
uses: maxim-lobanov/setup-xcode@v1
if: matrix.os == 'macos-13'
with:
xcode-version: "14.3"
# Temporary fix for "ValueError: invalid mode: 'rU' while trying to load binding.gyp"
# This can be removed when "prebuild" updates "node-gyp"
- name: Set up Python 3.10
uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Set up Rust
uses: ./.github/actions/setup-rust
# This step can be removed as soon as official Windows arm64 builds are published:
# https://github.com/nodejs/build/issues/2450#issuecomment-705853342
- name: Install Windows arm64 node.lib
if: ${{ matrix.os == 'windows-2019' }}
run: |
$NodeVersion = (node --version) -replace '^.'
$NodeFallbackVersion = "16.19.0"
& .\scripts\download-node-lib-win-arm64.ps1 $NodeVersion $NodeFallbackVersion
working-directory: bindings/nodejs
- name: Install LLVM and Clang (Windows) # required for bindgen to work, see https://github.com/rust-lang/rust-bindgen/issues/1797
uses: KyleMayes/install-llvm-action@c135b3937686fd69c2651507aabc9925a8f9eee8
if: matrix.os == 'windows-2019'
with:
version: "11.0"
directory: ${{ runner.temp }}/llvm
- name: Set LIBCLANG_PATH (Windows)
if: matrix.os == 'windows-2019'
run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV
- name: Install gon (macOS)
# Fork of https://github.com/mitchellh/gon
# https://github.com/Bearer/gon
# Since we're dealing with code signing secrets we want to pin the version of gon
if: ${{ startsWith(matrix.os, 'macos') }}
run: |
wget https://raw.githubusercontent.com/Bearer/homebrew-tap/366bc999e14a8d04e07e24f9387bcbaf89c1bc53/Formula/gon.rb
brew install --formula gon.rb
rm gon.rb
- name: Set deployment target (macOS)
if: matrix.os == 'macos-13'
run: echo "MACOSX_DEPLOYMENT_TARGET=10.13" >> $GITHUB_ENV
- name: Add aarch64 target (macOS)
if: ${{ startsWith(matrix.os, 'macos') }}
run: rustup target add aarch64-apple-darwin
# TODO: enable https://github.com/iotaledger/iota-sdk/issues/97
# - name: Add aarch64 target (linux)
# if: ${{ startsWith(matrix.os, 'ubuntu') }}
# run: rustup target add aarch64-unknown-linux-gnu
# - name: Add aarch64 target (windows)
# if: ${{ startsWith(matrix.os, 'windows') }}
# run: rustup target add aarch64-pc-windows-msvc
- name: Get current date
if: matrix.os == 'macos-13' || ${{ startsWith(matrix.os, 'ubuntu') }}
run: echo "CURRENT_DATE=$(date +'%Y-%m-%d')" >> $GITHUB_ENV
- name: Get current date
if: matrix.os == 'windows-2019'
run: echo "CURRENT_DATE=$(Get-Date -Format "yyyy-MM-dd")" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
- name: Install required packages (Ubuntu)
if: ${{ startsWith(matrix.os, 'ubuntu') }}
run: |
sudo apt-get update
sudo apt-get install libudev-dev libusb-1.0-0-dev
- name: Cache cargo registry
uses: actions/cache@v3
with:
path: ~/.cargo/registry
# Add date to the cache to keep it up to date
key: ${{ matrix.os }}-stable-cargo-registry-${{ hashFiles('**/Cargo.lock') }}-${{ env.CURRENT_DATE }}
# Restore from outdated cache for speed
restore-keys: |
${{ matrix.os }}-stable-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
${{ matrix.os }}-stable-cargo-registry-
- name: Cache cargo index
uses: actions/cache@v3
with:
path: ~/.cargo/git
# Add date to the cache to keep it up to date
key: ${{ matrix.os }}-stable-cargo-index-${{ hashFiles('**/Cargo.lock') }}-${{ env.CURRENT_DATE }}
# Restore from outdated cache for speed
restore-keys: |
${{ matrix.os }}-stable-cargo-index-${{ hashFiles('**/Cargo.lock') }}
${{ matrix.os }}-stable-cargo-index-
# This step is required to support macOS 10.13
- name: Patch librocksdb-sys (macOS)
if: ${{ startsWith(matrix.os, 'macos') }}
run: |
cargo install cargo-patch
cp ${{ github.workspace }}/.patches/rocksdb_faligned_allocation.patch .
git apply --ignore-space-change --ignore-whitespace ${{ github.workspace }}/.patches/macos_cargo_toml.patch
cat Cargo.toml
cargo patch
- name: Install dependencies
run: yarn install --frozen-lockfile
working-directory: bindings/nodejs
- name: Build Node.js prebuild (x64)
run: yarn run prebuild-x64
working-directory: bindings/nodejs
- name: Build Node.js prebuild (macos, arm64)
if: ${{ startsWith(matrix.os, 'macos') }}
run: yarn run prebuild-macos-arm64
working-directory: bindings/nodejs
# TODO: enable https://github.com/iotaledger/iota-sdk/issues/97
# - name: Build Node.js prebuild (ubuntu/linux, arm64)
# if: ${{ startsWith(matrix.os, 'ubuntu') }}
# run: yarn run prebuild-linux-arm64
# working-directory: bindings/nodejs
# - name: Build Node.js prebuild (windows, arm64)
# if: ${{ startsWith(matrix.os, 'windows') }}
# run: yarn run prebuild-windows-arm64
# working-directory: bindings/nodejs
- name: Import code signing assets (macOS)
if: ${{ startsWith(matrix.os, 'macos') }}
env:
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
MAC_CERT_BASE64: ${{ secrets.MAC_CERT_BASE64 }}
MAC_CERT_PASSWORD: ${{ secrets.MAC_CERT_PASSWORD }}
# Based on https://github.com/Apple-Actions/import-codesign-certs/blob/master/src/security.ts
run: |
security create-keychain -p $KEYCHAIN_PASSWORD signing.keychain
security set-keychain-settings -lut 3600 signing.keychain
security unlock-keychain -p $KEYCHAIN_PASSWORD signing.keychain
echo $MAC_CERT_BASE64 | base64 -D -o signing.p12
security import signing.p12 -k signing.keychain -f pkcs12 -T "/usr/bin/codesign" -T "/usr/bin/security" -P $MAC_CERT_PASSWORD
rm signing.p12
security -q set-key-partition-list -S apple-tool:,apple: -k $KEYCHAIN_PASSWORD signing.keychain > /dev/null
security -v list-keychains -s signing.keychain
security find-identity -vp codesigning
- name: Prepare Github release
id: prepare_release
shell: bash
run: |
echo "tag_name=iota-sdk-nodejs-v$(cat package.json | jq -r '.version')" >> "$GITHUB_OUTPUT"
working-directory: bindings/nodejs
- name: Sign and notarize index.node binary (macOS arm64)
if: ${{ startsWith(matrix.os, 'macos') }}
env:
AC_USERNAME: ${{ secrets.ASC_APPLE_ID }}
AC_PASSWORD: ${{ secrets.ASC_PASSWORD }}
working-directory: bindings/nodejs
run: |
TAR_NAME=sdk-v$(cat package.json | jq -r '.version')-napi-v6-darwin-arm64.tar.gz
# unpack to only get the index.node
tar -xvf prebuilds/@iota/$TAR_NAME
gon gon-config.json
unzip -o binary.zip
mkdir -p build/Release
mv -f index.node build/Release/index.node
tar -czf prebuilds/@iota/$TAR_NAME build/Release/index.node
- name: Upload prebuild to Github release
uses: softprops/action-gh-release@v1
with:
# Token expires Jan 25, 2025
token: ${{ secrets.GH_RELEASE_PUBLISH_PAT }}
body: https://github.com/iotaledger/iota-sdk/blob/develop/bindings/nodejs/CHANGELOG.md
files: bindings/nodejs/prebuilds/@iota/*
tag_name: ${{ steps.prepare_release.outputs.tag_name }}
target_commitish: ${{ github.sha }}