Skip to content

add sign and verify test vectors #505

add sign and verify test vectors

add sign and verify test vectors #505

Workflow file for this run

name: CI
on:
workflow_dispatch:
inputs:
version:
description: 'Version of Kotlin binary to publish to TBD Artifactory. For example "1.0.0" will result in "1.0.0-SNAPSHOT". If not supplied, will default to "commit-$shortSHA-SNAPSHOT" where $shortSHA is the shortform commit SHA.'
required: false
default: "0.0.0-SNAPSHOT"
workflow_call:
inputs:
version:
description: 'Version of Kotlin binary to publish to TBD Artifactory. For example "1.0.0" will result in "1.0.0-SNAPSHOT". If not supplied, will default to "commit-$shortSHA-SNAPSHOT" where $shortSHA is the shortform commit SHA.'
required: true
type: string
push:
branches:
- main
pull_request:
env:
CARGO_TERM_COLOR: always
# Make sure CI fails on all warnings, including Clippy lints
RUSTFLAGS: "-Dwarnings"
WEB5_SDK_LOG_LEVEL: debug
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Init Hermit
uses: cashapp/activate-hermit@v1
with:
cache: true
- name: Lint
run: just lint
test:
strategy:
matrix:
os: [ubuntu-latest, macos-latest] # TODO add back windows-latest https://github.com/TBD54566975/web5-rs/issues/189
rust: [stable, nightly]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Init Hermit
uses: cashapp/activate-hermit@v1
with:
cache: true
- name: Test
run: just test
build_aarch64_apple_darwin:
runs-on: macos-latest
name: Build aarch64-apple-darwin target
steps:
- uses: actions/checkout@v2
- name: Install Rust
run: rustup toolchain install stable
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/aarch64_apple_darwin
./build
- name: Upload .dylib
uses: actions/[email protected]
with:
name: aarch64-apple-darwin-dylib
path: bound/kt/src/main/resources/libweb5_uniffi_aarch64_apple_darwin.dylib
build_x86_64_apple_darwin:
runs-on: macos-12
name: Build x86_64-apple-darwin target
steps:
- uses: actions/checkout@v2
- name: Install Rust
run: rustup toolchain install stable
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/x86_64_apple_darwin
./build
- name: Upload .dylib
uses: actions/[email protected]
with:
name: x86_64-apple-darwin-dylib
path: bound/kt/src/main/resources/libweb5_uniffi_x86_64_apple_darwin.dylib
build_x86_64_unknown_linux_gnu:
runs-on: ubuntu-latest
name: Build x86_64-unknown-linux-gnu target
steps:
- uses: actions/checkout@v2
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/x86_64_unknown_linux_gnu
./build
- name: Upload .so
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-gnu-so
path: bound/kt/src/main/resources/libweb5_uniffi_x86_64_unknown_linux_gnu.so
build_x86_64_unknown_linux_musl:
runs-on: ubuntu-latest
name: Build x86_64-unknown-linux-musl target
steps:
- uses: actions/checkout@v2
- name: Run Build Script
run: |
cd bindings/web5_uniffi/libtargets/x86_64_unknown_linux_musl
./build
- name: Upload .so
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-musl-so
path: bound/kt/src/main/resources/libweb5_uniffi_x86_64_unknown_linux_musl.so
kotlin-build-test-deploy-snapshot:
needs:
- build_aarch64_apple_darwin
- build_x86_64_apple_darwin
- build_x86_64_unknown_linux_gnu
- build_x86_64_unknown_linux_musl
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: "adopt"
java-version: "11"
# Cache Maven repo
- uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Resolve Snapshot Version
id: resolve_version
run: |
# Version resolution: use provided
if [ -n "${{ github.event.inputs.version }}" ]; then
if [[ "${{ github.event.inputs.version }}" != *-SNAPSHOT ]]; then
resolvedVersion="${{ github.event.inputs.version }}-SNAPSHOT"
else
resolvedVersion="${{ github.event.inputs.version }}"
fi
# Otherwise, construct a version for deployment in form X.Y.Z-commit-$shortSHA-SNAPSHOT
else
longSHA=$(git rev-parse --verify HEAD)
shortSHA=$(echo "${longSHA:0:7}")
resolvedVersion="commit-$shortSHA-SNAPSHOT"
echo "Requesting deployment as version: $resolvedVersion"
fi
echo "Resolved SNAPSHOT Version: $resolvedVersion"
echo "resolved_version=$resolvedVersion" >> $GITHUB_OUTPUT
# Package up the native binaries
#TODO Centralize this block as we re-use it via copy/paste right now
- name: Download MacOS aarch64 Native Library
uses: actions/[email protected]
with:
name: aarch64-apple-darwin-dylib
path: bound/kt/src/main/resources/
- name: Download MacOS x86_64 Native Library
uses: actions/[email protected]
with:
name: x86_64-apple-darwin-dylib
path: bound/kt/src/main/resources/
- name: Download Linux x86_64 GNU Native Library
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-gnu-so
path: bound/kt/src/main/resources/
- name: Download Linux x86_64 MUSL Native Library
uses: actions/[email protected]
with:
name: x86_64-unknown-linux-musl-so
path: bound/kt/src/main/resources/
- name: Deploy Snapshot / Verify
run: |
# cd into the Kotlin project
cd bound/kt/
# Set newly resolved version in POM config
mvn \
versions:set \
--batch-mode \
-DnewVersion=${{ steps.resolve_version.outputs.resolved_version }}
# Only attempt to publish artifact if we have credentials
if [ -n "${{ secrets.ARTIFACTORY_PASSWORD }}" ]; then
# Maven deploy lifecycle will build, run tests, verify, sign, and deploy
mvn deploy --batch-mode --settings .maven_settings.xml -P sign-artifacts
else
# Otherwise, Maven verify lifecycle will build, run tests, and verify
mvn verify --batch-mode
fi
env:
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
SIGN_KEY_PASS: ${{ secrets.GPG_SECRET_PASSPHRASE }}
SIGN_KEY: ${{ secrets.GPG_SECRET_KEY }}
- name: Upload Kotlin Test Vector Results
uses: actions/[email protected]
with:
name: kotlin-test-results
path: bound/kt/target/surefire-reports/*.xml
rust-test-vectors:
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Init Hermit
uses: cashapp/activate-hermit@v1
with:
cache: true
- name: Setup
run: just setup
- name: Install Nextest
run: cargo install cargo-nextest
- name: Create nextest.toml
run: |
echo '[profile.ci.junit]' > nextest.toml
echo 'path = "junit.xml"' >> nextest.toml
echo 'store-success-output = true' >> nextest.toml
echo 'store-failure-output = true' >> nextest.toml
- name: Run Rust Tests
run: |
mkdir -p test-results
cargo nextest run --profile ci --config-file ./nextest.toml -E 'test(test_vectors::)'
- name: Modify testsuite name in XML for test runner consumption
run: |
sed -i '' 's/<testsuite name="web5"/<testsuite name="Web5TestVectorsProtocolTest"/' target/nextest/ci/junit.xml
- name: Move Test Results
run: mv target/nextest/ci/junit.xml test-results/rust-test-results.xml
- name: Upload Rust Test Vector Results
uses: actions/upload-artifact@v3
with:
name: rust-test-results
path: test-results/rust-test-results.xml