-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Publish WASM package to enable argon2 support on CLI #691
Merged
Merged
Changes from 4 commits
Commits
Show all changes
16 commits
Select commit
Hold shift + click to select a range
99d5178
Expose argon2 in wasm
Hinton a1d80e7
Change wasm argon2 to use vec
dani-garcia 7d15daf
Build wasm workflow
dani-garcia f6c6da7
Publish wasm workflow
dani-garcia c779c32
Merge branch 'main' into ps/argon2-publish
dani-garcia 30881a4
Prettier
dani-garcia be94ec6
Fix missing files in package.json
dani-garcia affe24c
Apply review comments
dani-garcia 89d6c83
Merge branch 'main' into ps/argon2-publish
dani-garcia 38fd5a5
Remove redeploy
dani-garcia 1a52120
Remove unused base64
dani-garcia 4ebd280
Merge branch 'main' into ps/argon2-publish
dani-garcia 49f9978
Switch to results
dani-garcia db5b055
Actually return the value
dani-garcia 92eeea5
Merge branch 'main' into ps/argon2-publish
dani-garcia 1ada3f5
Merge branch 'main' into ps/argon2-publish
dani-garcia File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
--- | ||
name: Build @bitwarden/sdk-wasm | ||
|
||
on: | ||
pull_request: | ||
push: | ||
branches: | ||
- "main" | ||
- "rc" | ||
- "hotfix-rc" | ||
workflow_dispatch: | ||
|
||
defaults: | ||
run: | ||
shell: bash | ||
working-directory: crates/bitwarden-wasm | ||
|
||
jobs: | ||
build: | ||
name: Building @bitwarden/sdk-wasm | ||
runs-on: ubuntu-22.04 | ||
|
||
steps: | ||
- name: Checkout repo | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
|
||
- name: Setup Node | ||
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | ||
with: | ||
node-version: 18 | ||
cache: "npm" | ||
|
||
- name: Install dependencies | ||
run: npm i -g binaryen | ||
|
||
- name: Install rust | ||
uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable | ||
with: | ||
toolchain: stable | ||
targets: wasm32-unknown-unknown | ||
|
||
- name: Cache cargo registry | ||
uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3 | ||
with: | ||
key: wasm-cargo-cache | ||
|
||
- name: Install wasm-bindgen-cli | ||
run: cargo install wasm-bindgen-cli | ||
|
||
- name: Build | ||
run: ./build.sh -r | ||
|
||
- name: Upload artifact | ||
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | ||
with: | ||
name: sdk-bitwarden-wasm | ||
path: ${{ github.workspace }}/languages/js/wasm/* | ||
if-no-files-found: error |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,143 @@ | ||
--- | ||
name: Release @bitwarden/sdk-wasm | ||
run-name: Release @bitwarden/sdk-wasm ${{ inputs.release_type }} | ||
|
||
on: | ||
workflow_dispatch: | ||
inputs: | ||
release_type: | ||
description: "Release Options" | ||
required: true | ||
default: "Initial Release" | ||
michalchecinski marked this conversation as resolved.
Show resolved
Hide resolved
|
||
type: choice | ||
options: | ||
- Initial Release | ||
- Redeploy | ||
michalchecinski marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- Dry Run | ||
npm_publish: | ||
description: "Publish to NPM registry" | ||
required: true | ||
default: true | ||
type: boolean | ||
|
||
defaults: | ||
run: | ||
shell: bash | ||
working-directory: languages/js/wasm | ||
|
||
jobs: | ||
setup: | ||
name: Setup | ||
runs-on: ubuntu-22.04 | ||
outputs: | ||
release-version: ${{ steps.version.outputs.version }} | ||
steps: | ||
- name: Checkout repo | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
|
||
- name: Branch check | ||
if: ${{ github.event.inputs.release_type != 'Dry Run' }} | ||
run: | | ||
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then | ||
echo "===================================" | ||
echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches" | ||
echo "===================================" | ||
exit 1 | ||
fi | ||
|
||
- name: Check Release Version | ||
id: version | ||
uses: bitwarden/gh-actions/release-version-check@main | ||
with: | ||
release-type: ${{ github.event.inputs.release_type }} | ||
project-type: ts | ||
file: languages/js/wasm/package.json | ||
monorepo: false | ||
|
||
- name: Create GitHub deployment | ||
if: ${{ github.event.inputs.release_type != 'Dry Run' }} | ||
uses: chrnorm/deployment-action@55729fcebec3d284f60f5bcabbd8376437d696b1 # v2.0.7 | ||
id: deployment | ||
with: | ||
token: "${{ secrets.GITHUB_TOKEN }}" | ||
initial-status: "in_progress" | ||
environment: "Bitwarden SDK WASM - Production" | ||
description: "Deployment ${{ steps.version.outputs.version }} from branch ${{ github.ref_name }}" | ||
task: release | ||
|
||
- name: Update deployment status to Success | ||
if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }} | ||
uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1 | ||
with: | ||
token: "${{ secrets.GITHUB_TOKEN }}" | ||
state: "success" | ||
deployment-id: ${{ steps.deployment.outputs.deployment_id }} | ||
|
||
- name: Update deployment status to Failure | ||
if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }} | ||
uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1 | ||
with: | ||
token: "${{ secrets.GITHUB_TOKEN }}" | ||
state: "failure" | ||
deployment-id: ${{ steps.deployment.outputs.deployment_id }} | ||
|
||
npm: | ||
name: Publish NPM | ||
runs-on: ubuntu-22.04 | ||
needs: setup | ||
if: inputs.npm_publish | ||
env: | ||
_PKG_VERSION: ${{ needs.setup.outputs.release-version }} | ||
steps: | ||
- name: Checkout repo | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
|
||
- name: Setup Node | ||
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | ||
with: | ||
node-version: 18 | ||
cache: "npm" | ||
|
||
- name: Login to Azure | ||
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 | ||
with: | ||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} | ||
|
||
- name: Retrieve secrets | ||
id: retrieve-secrets | ||
uses: bitwarden/gh-actions/get-keyvault-secrets@main | ||
with: | ||
keyvault: "bitwarden-ci" | ||
secrets: "npm-api-key" | ||
|
||
- name: Download artifacts | ||
if: ${{ github.event.inputs.release_type != 'Dry Run' }} | ||
michalchecinski marked this conversation as resolved.
Show resolved
Hide resolved
|
||
uses: bitwarden/gh-actions/download-artifacts@main | ||
with: | ||
workflow: build-wasm.yml | ||
path: ${{ github.workspace }}/languages/js/wasm | ||
workflow_conclusion: success | ||
branch: ${{ github.ref_name }} | ||
michalchecinski marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
- name: Dry Run - Download artifacts | ||
if: ${{ github.event.inputs.release_type == 'Dry Run' }} | ||
uses: bitwarden/gh-actions/download-artifacts@main | ||
with: | ||
workflow: build-wasm.yml | ||
path: ${{ github.workspace }}/languages/js/wasm | ||
workflow_conclusion: success | ||
branch: main | ||
michalchecinski marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
- name: Setup NPM | ||
run: | | ||
echo 'registry="https://registry.npmjs.org/"' > ./.npmrc | ||
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ./.npmrc | ||
|
||
echo 'registry="https://registry.npmjs.org/"' > ~/.npmrc | ||
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc | ||
env: | ||
NPM_TOKEN: ${{ steps.retrieve-secrets.outputs.npm-api-key }} | ||
|
||
- name: Publish NPM | ||
if: ${{ github.event.inputs.release_type != 'Dry Run' }} | ||
run: npm publish --access public --registry=https://registry.npmjs.org/ --userconfig=./.npmrc |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -15,6 +15,7 @@ | |
"main": "node/bitwarden_wasm.js", | ||
"module": "index.js", | ||
"types": "bitwarden_wasm.d.ts", | ||
"scripts": {}, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This isn't technically required, but npm would output a confusing warning if it wasn't there, so I decided to add it. |
||
"sideEffects": [ | ||
"./bitwarden_wasm.js", | ||
"./snippets/*" | ||
|
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you can get rid of the SETUP NPM by using the
actions/setup-node
action withregistry-url
per https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages#publishing-packages-to-the-npm-registry. You can also omit writing the token to disk and just pass it in as an env during the publish command.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm hesitant to change this here as all our other NPM publishing workflows in sdk and clients are doing it this way, so I wouldn't want a single workflow being different than the rest.
I definitely think this is a good improvement over manually creating the file, and we definitely want to switch to it, but I think it would be better for a separate PR to update all workflows at once.