From 3fa01ca043b1289883e6f85f2b3f98cd159d4e42 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Sat, 11 Jan 2025 22:06:50 -0600 Subject: [PATCH 01/85] chore: updated README with workflows about websites --- README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d53e87e..22fe5e3 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Templates +## Issues, Pull Requests, Merge Requests + This repository stories issue, pull request and merge request templates for Matrix AI GitHub templates are stored in `.github`. This repository must be placed under https://github.com/MatrixAI/.github. The `.github` repository name is essential for GitHub to recognise it as a special organisation-template repository. @@ -19,10 +21,15 @@ are grouped together into different kinds of projects. - feature - for feature branches - staging - for staging branches - tag - for tag branches -* library-js-native - TS/JS projets that produce libraries using native code as NPM packages. +* library-js-native - TS/JS projects that produce libraries using native code as NPM packages. - feature - staging - tag +* application-js-cloudflare - TS/JS projects that produce Cloudflare applications + - feature + - staging + - master + - feature-closed To use them, for example in a library-js project. You create 3 caller workflows in `/.github/workflows`: From 441a3658f5aaee59f5fb75375c1e5f8cc6b2f4f2 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Fri, 20 Dec 2024 14:44:52 -0600 Subject: [PATCH 02/85] feat: replace container image with install-nix-action --- .github/actions/install-nix/action.yml | 41 ++++++ .github/actions/install-nix/install-nix.sh | 123 ++++++++++++++++++ ...plication-js-cloudflare-feature-closed.yml | 4 +- .../application-js-cloudflare-feature.yml | 24 ++-- .../application-js-cloudflare-master.yml | 10 +- .../application-js-cloudflare-staging.yml | 16 +-- .github/workflows/library-js-feature.yml | 16 +-- .github/workflows/library-js-staging.yml | 17 +-- .github/workflows/library-js-tag.yml | 12 +- .gitlab/issue_templates/bug_report.md | 29 ----- .gitlab/issue_templates/design.md | 22 ---- .gitlab/issue_templates/development.md | 13 -- .gitlab/issue_templates/feature_request.md | 13 -- .gitlab/issue_templates/procedure.md | 11 -- .gitlab/issue_templates/research.md | 23 ---- .../merge_request_templates/development.md | 26 ---- README.md | 5 +- 17 files changed, 200 insertions(+), 205 deletions(-) create mode 100644 .github/actions/install-nix/action.yml create mode 100755 .github/actions/install-nix/install-nix.sh delete mode 100644 .gitlab/issue_templates/bug_report.md delete mode 100644 .gitlab/issue_templates/design.md delete mode 100644 .gitlab/issue_templates/development.md delete mode 100644 .gitlab/issue_templates/feature_request.md delete mode 100644 .gitlab/issue_templates/procedure.md delete mode 100644 .gitlab/issue_templates/research.md delete mode 100644 .gitlab/merge_request_templates/development.md diff --git a/.github/actions/install-nix/action.yml b/.github/actions/install-nix/action.yml new file mode 100644 index 0000000..2576643 --- /dev/null +++ b/.github/actions/install-nix/action.yml @@ -0,0 +1,41 @@ +name: 'Install Nix' +description: 'Installs Nix on GitHub Actions for the supported platforms: Linux and macOS.' +author: 'Domen Kožar' +inputs: + extra_nix_config: + description: 'Gets appended to `/etc/nix/nix.conf` if passed.' + github_access_token: + description: 'Configure nix to pull from github using the given github token.' + install_url: + description: 'Installation URL that will contain a script to install Nix.' + install_options: + description: 'Additional installer flags passed to the installer script.' + nix_path: + description: 'Set NIX_PATH environment variable.' + enable_kvm: + description: 'Enable KVM for hardware-accelerated virtualization on Linux, if available.' + required: false + default: true +branding: + color: 'blue' + icon: 'sun' +runs: + using: 'composite' + steps: + - run: | + ${GITHUB_ACTION_PATH}/install-nix.sh + nix profile install nixpkgs#cacert nixpkgs#tzdata + TZDATA=$(nix eval --raw nixpkgs#tzdata.outPath) + CACERT=$(nix eval --raw nixpkgs#cacert.outPath) + echo "TZDIR=$TZDATA/share/zoneinfo" >> "$GITHUB_ENV" + echo "GIT_SSL_CAINFO=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" + echo "NIX_SSL_CERT_FILE=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" + shell: bash + env: + INPUT_EXTRA_NIX_CONFIG: ${{ inputs.extra_nix_config }} + INPUT_GITHUB_ACCESS_TOKEN: ${{ inputs.github_access_token }} + INPUT_INSTALL_OPTIONS: ${{ inputs.install_options }} + INPUT_INSTALL_URL: ${{ inputs.install_url }} + INPUT_NIX_PATH: ${{ inputs.nix_path }} + INPUT_ENABLE_KVM: ${{ inputs.enable_kvm }} + GITHUB_TOKEN: ${{ github.token }} diff --git a/.github/actions/install-nix/install-nix.sh b/.github/actions/install-nix/install-nix.sh new file mode 100755 index 0000000..bdb2b6f --- /dev/null +++ b/.github/actions/install-nix/install-nix.sh @@ -0,0 +1,123 @@ +#!/usr/bin/env bash +set -euo pipefail + +if nix_path="$(type -p nix)" ; then + echo "Aborting: Nix is already installed at ${nix_path}" + exit +fi + +if [[ ($OSTYPE =~ linux) && ($INPUT_ENABLE_KVM == 'true') ]]; then + enable_kvm() { + echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-install-nix-action-kvm.rules + sudo udevadm control --reload-rules && sudo udevadm trigger --name-match=kvm + } + + echo '::group::Enabling KVM support' + enable_kvm && echo 'Enabled KVM' || echo 'KVM is not available' + echo '::endgroup::' +fi + +# GitHub command to put the following log messages into a group which is collapsed by default +echo "::group::Installing Nix" + +# Create a temporary workdir +workdir=$(mktemp -d) +trap 'rm -rf "$workdir"' EXIT + +# Configure Nix +add_config() { + echo "$1" >> "$workdir/nix.conf" +} +add_config "show-trace = true" +# Set jobs to number of cores +add_config "max-jobs = auto" +if [[ $OSTYPE =~ darwin ]]; then + add_config "ssl-cert-file = /etc/ssl/cert.pem" +fi +# Allow binary caches for user +add_config "trusted-users = root ${USER:-}" +# Add a GitHub access token. +# Token-less access is subject to lower rate limits. +if [[ -n "${INPUT_GITHUB_ACCESS_TOKEN:-}" ]]; then + echo "::debug::Using the provided github_access_token for github.com" + add_config "access-tokens = github.com=$INPUT_GITHUB_ACCESS_TOKEN" +# Use the default GitHub token if available. +# Skip this step if running an Enterprise instance. The default token there does not work for github.com. +elif [[ -n "${GITHUB_TOKEN:-}" && $GITHUB_SERVER_URL == "https://github.com" ]]; then + echo "::debug::Using the default GITHUB_TOKEN for github.com" + add_config "access-tokens = github.com=$GITHUB_TOKEN" +else + echo "::debug::Continuing without a GitHub access token" +fi +# Append extra nix configuration if provided +if [[ -n "${INPUT_EXTRA_NIX_CONFIG:-}" ]]; then + add_config "$INPUT_EXTRA_NIX_CONFIG" +fi +if [[ ! $INPUT_EXTRA_NIX_CONFIG =~ "experimental-features" ]]; then + add_config "experimental-features = nix-command flakes" +fi +# Always allow substituting from the cache, even if the derivation has `allowSubstitutes = false`. +# This is a CI optimisation to avoid having to download the inputs for already-cached derivations to rebuild trivial text files. +if [[ ! $INPUT_EXTRA_NIX_CONFIG =~ "always-allow-substitutes" ]]; then + add_config "always-allow-substitutes = true" +fi + +# Nix installer flags +installer_options=( + --no-channel-add + --darwin-use-unencrypted-nix-store-volume + --nix-extra-conf-file "$workdir/nix.conf" +) + +# only use the nix-daemon settings if on darwin (which get ignored) or systemd is supported +if [[ (! $INPUT_INSTALL_OPTIONS =~ "--no-daemon") && ($OSTYPE =~ darwin || -e /run/systemd/system) ]]; then + installer_options+=( + --daemon + --daemon-user-count "$(python3 -c 'import multiprocessing as mp; print(mp.cpu_count() * 2)')" + ) +else + # "fix" the following error when running nix* + # error: the group 'nixbld' specified in 'build-users-group' does not exist + add_config "build-users-group =" + sudo mkdir -p /etc/nix + sudo chmod 0755 /etc/nix + sudo cp "$workdir/nix.conf" /etc/nix/nix.conf +fi + +if [[ -n "${INPUT_INSTALL_OPTIONS:-}" ]]; then + IFS=' ' read -r -a extra_installer_options <<< "$INPUT_INSTALL_OPTIONS" + installer_options=("${extra_installer_options[@]}" "${installer_options[@]}") +fi + +echo "installer options: ${installer_options[*]}" + +# There is --retry-on-errors, but only newer curl versions support that +curl_retries=5 +while ! curl -sS -o "$workdir/install" -v --fail -L "${INPUT_INSTALL_URL:-https://releases.nixos.org/nix/nix-2.25.2/install}" +do + sleep 1 + ((curl_retries--)) + if [[ $curl_retries -le 0 ]]; then + echo "curl retries failed" >&2 + exit 1 + fi +done + +sh "$workdir/install" "${installer_options[@]}" + +# Set paths +echo "/nix/var/nix/profiles/default/bin" >> "$GITHUB_PATH" +# new path for nix 2.14 +echo "$HOME/.nix-profile/bin" >> "$GITHUB_PATH" + +if [[ -n "${INPUT_NIX_PATH:-}" ]]; then + echo "NIX_PATH=${INPUT_NIX_PATH}" >> "$GITHUB_ENV" +fi + +# Set temporary directory (if not already set) to fix https://github.com/cachix/install-nix-action/issues/197 +if [[ -z "${TMPDIR:-}" ]]; then + echo "TMPDIR=${RUNNER_TEMP}" >> "$GITHUB_ENV" +fi + +# Close the log message group which was opened above +echo "::endgroup::" diff --git a/.github/workflows/application-js-cloudflare-feature-closed.yml b/.github/workflows/application-js-cloudflare-feature-closed.yml index 771fbfd..2d41541 100644 --- a/.github/workflows/application-js-cloudflare-feature-closed.yml +++ b/.github/workflows/application-js-cloudflare-feature-closed.yml @@ -26,8 +26,6 @@ jobs: feature-closed-deployment-stop: name: "Feature Closed / Deployment Stop" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner concurrency: group: feature-closed-deployment-stop cancel-in-progress: false @@ -35,12 +33,12 @@ jobs: # This means the feature branch PR is closed if: startsWith(inputs.featureBranch, 'feature') permissions: - packages: read contents: read steps: - uses: actions/checkout@v4 with: lfs: true + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Stop Deployment env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 6f4669e..68e3c89 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -16,20 +16,21 @@ on: DEPLOY_SECRETS: required: true +env: + NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} + jobs: # Lint the code feature-lint: name: "Feature / Lint" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read steps: - uses: actions/checkout@v4 with: lfs: true + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run linting env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -42,16 +43,14 @@ jobs: feature-build: name: "Feature / Build" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read actions: write steps: - uses: actions/checkout@v4 with: lfs: true + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run build env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -70,8 +69,6 @@ jobs: name: "Feature / Deployment" runs-on: ubuntu-latest needs: feature-build - container: - image: ghcr.io/matrixai/github-runner concurrency: group: feature-deployment cancel-in-progress: false @@ -89,17 +86,26 @@ jobs: - uses: actions/checkout@v4 with: lfs: true + - uses: MatrixAI/.github/.github/actions/install-nix@master - uses: actions/download-artifact@v4 with: name: public path: ./public + - name: Setup Deploy Secrets + run: | + echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV - name: Run deployment env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} + name: "feature/${{ github.ref_name }}" + url: "https://${{ github.ref_name }}.dev.zeta.house" run: | echo 'Perform service deployment for feature' + echo "$SECRET1" + echo "$SECRET2" + echo "$SECRET3" nix develop .#ci --command bash -c $' npm run deploy -- \ --feature "$GITHUB_REF_NAME" \ --env "$GITHUB_REF_NAME" - ' \ No newline at end of file + ' diff --git a/.github/workflows/application-js-cloudflare-master.yml b/.github/workflows/application-js-cloudflare-master.yml index 8c07e3c..d244671 100644 --- a/.github/workflows/application-js-cloudflare-master.yml +++ b/.github/workflows/application-js-cloudflare-master.yml @@ -21,16 +21,14 @@ jobs: master-build: name: "Master / Build" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read actions: write steps: - uses: actions/checkout@v4 with: lfs: true + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run build env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -49,13 +47,10 @@ jobs: name: "Master / Deployment" runs-on: ubuntu-latest needs: master-build - container: - image: ghcr.io/matrixai/github-runner concurrency: group: master-deployment cancel-in-progress: false permissions: - packages: read contents: read steps: - name: Checkout Actions @@ -64,6 +59,7 @@ jobs: repository: MatrixAI/.github ref: ${{ inputs.ref }} path: tmp/.github + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Parse Secrets uses: ./tmp/.github/.github/actions/secrets-parse with: @@ -82,4 +78,4 @@ jobs: echo 'Perform service deployment for master' nix develop .#ci --command bash -c $' npm run deploy -- --env master - ' \ No newline at end of file + ' diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index 2019385..f4a334e 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -31,15 +31,13 @@ jobs: staging-lint: name: "Staging / Lint" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read steps: - uses: actions/checkout@v4 with: lfs: true + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run linting env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -53,7 +51,6 @@ jobs: name: "Staging / Merge Begin" runs-on: ubuntu-latest permissions: - packages: read contents: read pull-requests: write steps: @@ -78,16 +75,14 @@ jobs: staging-build: name: "Staging / Build" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read actions: write steps: - uses: actions/checkout@v4 with: lfs: true + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run build env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -106,13 +101,10 @@ jobs: name: "Staging / Deployment" runs-on: ubuntu-latest needs: staging-build - container: - image: ghcr.io/matrixai/github-runner concurrency: group: staging-deployment cancel-in-progress: false permissions: - packages: read contents: read steps: - name: Checkout Actions @@ -121,6 +113,7 @@ jobs: repository: MatrixAI/.github ref: ${{ inputs.ref }} path: tmp/.github + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Parse Secrets uses: ./tmp/.github/.github/actions/secrets-parse with: @@ -153,7 +146,6 @@ jobs: group: staging-merge-finish cancel-in-progress: true permissions: - packages: read contents: write pull-requests: write steps: @@ -176,4 +168,4 @@ jobs: --repo "$GITHUB_REPOSITORY" git checkout master git merge --ff-only "$GITHUB_SHA" - git push origin master \ No newline at end of file + git push origin master diff --git a/.github/workflows/library-js-feature.yml b/.github/workflows/library-js-feature.yml index a3745f4..6713912 100644 --- a/.github/workflows/library-js-feature.yml +++ b/.github/workflows/library-js-feature.yml @@ -8,13 +8,11 @@ jobs: feature-lint: name: "Feature / Lint" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read steps: - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run linting run: | nix develop .#ci --command bash -c $' @@ -25,14 +23,12 @@ jobs: feature-build: name: "Feature / Build" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read actions: write steps: - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run build run: | nix develop .#ci --command bash -c $' @@ -48,15 +44,13 @@ jobs: feature-test: name: "Feature / Test" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read actions: write checks: write steps: - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run tests run: | nix develop .#ci --command bash -c $' @@ -83,14 +77,12 @@ jobs: feature-bench: name: "Feature / Bench" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read actions: write steps: - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run bench run: | nix develop .#ci --command bash -c $' diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 7407227..1bdfb7b 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -19,13 +19,11 @@ jobs: staging-lint: name: "Staging / Lint" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read steps: - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run linting run: | nix develop .#ci --command bash -c $' @@ -37,7 +35,6 @@ jobs: name: "Staging / Merge Begin" runs-on: ubuntu-latest permissions: - packages: read contents: read pull-requests: write steps: @@ -62,14 +59,12 @@ jobs: staging-build: name: "Staging / Build" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read actions: write steps: - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run build run: | nix develop .#ci --command bash -c $' @@ -88,10 +83,7 @@ jobs: needs: - staging-build runs-on: ${{ matrix.os }} - container: - image: ${{ matrix.platform == 'linux' && 'ghcr.io/matrixai/github-runner' || null }} permissions: - packages: read contents: read actions: write checks: write @@ -133,6 +125,8 @@ jobs: npm run bench --if-present steps: - uses: actions/checkout@v4 + - if: matrix.platform == 'linux' + uses: MatrixAI/.github/.github/actions/install-nix@master - uses: actions/download-artifact@v4 with: name: dist @@ -177,7 +171,6 @@ jobs: group: staging-merge-finish cancel-in-progress: true permissions: - packages: read contents: write pull-requests: write steps: @@ -199,4 +192,4 @@ jobs: --repo "$GITHUB_REPOSITORY" git checkout master git merge --ff-only "$GITHUB_SHA" - git push origin master \ No newline at end of file + git push origin master diff --git a/.github/workflows/library-js-tag.yml b/.github/workflows/library-js-tag.yml index 04e23c2..7f3c79a 100644 --- a/.github/workflows/library-js-tag.yml +++ b/.github/workflows/library-js-tag.yml @@ -11,14 +11,12 @@ jobs: tag-build: name: "Tag / Build" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner permissions: - packages: read contents: read actions: write steps: - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/install-nix@master - name: Run build run: | nix develop .#ci --command bash -c $' @@ -34,19 +32,17 @@ jobs: tag-prerelease: name: "Tag / Pre-release" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner concurrency: group: tag-prerelease cancel-in-progress: false needs: - tag-build permissions: - packages: read contents: read if: startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '-') steps: - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/install-nix@master - uses: actions/download-artifact@v4 with: name: dist @@ -68,19 +64,17 @@ jobs: tag-release: name: "Tag / Release" runs-on: ubuntu-latest - container: - image: ghcr.io/matrixai/github-runner concurrency: group: tag-release cancel-in-progress: false needs: - tag-build permissions: - packages: read contents: read if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-') steps: - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/install-nix@master - uses: actions/download-artifact@v4 with: name: dist diff --git a/.gitlab/issue_templates/bug_report.md b/.gitlab/issue_templates/bug_report.md deleted file mode 100644 index 5499b1b..0000000 --- a/.gitlab/issue_templates/bug_report.md +++ /dev/null @@ -1,29 +0,0 @@ -### Describe the bug - - -### To Reproduce - -1. ... -2. ... -3. ... - -### Expected behavior - - -### Screenshots - - -### Platform (please complete the following information) - - Device: [e.g. iPhone6] - - OS: [e.g. iOS] - - Version [e.g. 22] - -### Additional context - - -### Notify maintainers - - -/label ~bug \ No newline at end of file diff --git a/.gitlab/issue_templates/design.md b/.gitlab/issue_templates/design.md deleted file mode 100644 index 60e595f..0000000 --- a/.gitlab/issue_templates/design.md +++ /dev/null @@ -1,22 +0,0 @@ -### Requirements of this design - -1. ... -2. ... -3. ... - -### Additional context - - -### Specification - -1. ... -2. ... -3. ... - -### Sub-Issues & Sub-PRs created - -1. ... -2. ... -3. ... - -/label ~design ~enhancement \ No newline at end of file diff --git a/.gitlab/issue_templates/development.md b/.gitlab/issue_templates/development.md deleted file mode 100644 index b42937d..0000000 --- a/.gitlab/issue_templates/development.md +++ /dev/null @@ -1,13 +0,0 @@ -### Specification - - -### Additional context - - -### Tasks - -1. ... -2. ... -3. ... - -/label ~development \ No newline at end of file diff --git a/.gitlab/issue_templates/feature_request.md b/.gitlab/issue_templates/feature_request.md deleted file mode 100644 index 5d2a31c..0000000 --- a/.gitlab/issue_templates/feature_request.md +++ /dev/null @@ -1,13 +0,0 @@ -### Is your feature request related to a problem? Please describe. - - -### Describe the solution you'd like - - -### Describe alternatives you've considered - - -### Additional context - - -/label ~enhancement \ No newline at end of file diff --git a/.gitlab/issue_templates/procedure.md b/.gitlab/issue_templates/procedure.md deleted file mode 100644 index 03b228b..0000000 --- a/.gitlab/issue_templates/procedure.md +++ /dev/null @@ -1,11 +0,0 @@ -### Tasks - -- [ ] 1. ... -- [ ] 2. ... -- [ ] 3. ... - -/label ~procedure \ No newline at end of file diff --git a/.gitlab/issue_templates/research.md b/.gitlab/issue_templates/research.md deleted file mode 100644 index 5954057..0000000 --- a/.gitlab/issue_templates/research.md +++ /dev/null @@ -1,23 +0,0 @@ -### What is your research hypothesis/question? - - -### Review existing ideas, literature and prior work - -- [ ] 1. ... -- [ ] 2. ... -- [ ] 3. ... - -### Research conclusion - - -### Sub-Issues & Sub-PRs created - -1. ... -2. ... -3. ... - -/label ~research \ No newline at end of file diff --git a/.gitlab/merge_request_templates/development.md b/.gitlab/merge_request_templates/development.md deleted file mode 100644 index a8d7d77..0000000 --- a/.gitlab/merge_request_templates/development.md +++ /dev/null @@ -1,26 +0,0 @@ -### Description - - -### Issues Fixed - -* Fixes #... - -### Tasks - -- [ ] 1. ... -- [ ] 2. ... -- [ ] 3. ... - -### Final checklist - - -* [ ] Domain specific tests -* [ ] Full tests -* [ ] Updated inline-comment documentation -* [ ] Lint fixed -* [ ] Squash and rebased -* [ ] Sanity check the final build diff --git a/README.md b/README.md index 22fe5e3..6d9e12f 100644 --- a/README.md +++ b/README.md @@ -51,7 +51,6 @@ in `/.github/workflows`: jobs: use-library-js-feature: permissions: - packages: read contents: read actions: write checks: write @@ -74,7 +73,6 @@ in `/.github/workflows`: jobs: use-library-js-staging: permissions: - packages: read contents: read actions: write checks: write @@ -95,9 +93,8 @@ in `/.github/workflows`: jobs: use-library-js-tag: permissions: - packages: read contents: read actions: write uses: MatrixAI/.github/.github/workflows/library-js-tag.yml@master secrets: inherit - ``` \ No newline at end of file + ``` From 3288e0e9ad7d184fb826147fc43844f0e05f3a54 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Thu, 16 Jan 2025 11:39:40 +1030 Subject: [PATCH 03/85] feat: add caching --- .github/actions/install-nix/action.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/actions/install-nix/action.yml b/.github/actions/install-nix/action.yml index 2576643..5efb1b4 100644 --- a/.github/actions/install-nix/action.yml +++ b/.github/actions/install-nix/action.yml @@ -32,7 +32,10 @@ runs: echo "NIX_SSL_CERT_FILE=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" shell: bash env: - INPUT_EXTRA_NIX_CONFIG: ${{ inputs.extra_nix_config }} + INPUT_EXTRA_NIX_CONFIG: | + ${{ inputs.extra_nix_config }} + substituters = s3://matrix-ai-nix-cache?profile=matrix-nix-cache®ion=ap-southeast-2 https://cache.nixos.org/ + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= matrix-ai-nix-cache:yhxzASVutUGCY2o/U4jkiNVj06M6Fi1h94LiC5TkYBg= INPUT_GITHUB_ACCESS_TOKEN: ${{ inputs.github_access_token }} INPUT_INSTALL_OPTIONS: ${{ inputs.install_options }} INPUT_INSTALL_URL: ${{ inputs.install_url }} From 4a22a4a55ca533cf821d865ace600ab99e3d509e Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 20 Jan 2025 08:29:03 +1100 Subject: [PATCH 04/85] fix: move `cacert` and `tzdata` setup to nix-enabled shell --- .github/actions/install-nix/action.yml | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/actions/install-nix/action.yml b/.github/actions/install-nix/action.yml index 5efb1b4..5ce041d 100644 --- a/.github/actions/install-nix/action.yml +++ b/.github/actions/install-nix/action.yml @@ -24,12 +24,6 @@ runs: steps: - run: | ${GITHUB_ACTION_PATH}/install-nix.sh - nix profile install nixpkgs#cacert nixpkgs#tzdata - TZDATA=$(nix eval --raw nixpkgs#tzdata.outPath) - CACERT=$(nix eval --raw nixpkgs#cacert.outPath) - echo "TZDIR=$TZDATA/share/zoneinfo" >> "$GITHUB_ENV" - echo "GIT_SSL_CAINFO=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" - echo "NIX_SSL_CERT_FILE=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" shell: bash env: INPUT_EXTRA_NIX_CONFIG: | @@ -42,3 +36,12 @@ runs: INPUT_NIX_PATH: ${{ inputs.nix_path }} INPUT_ENABLE_KVM: ${{ inputs.enable_kvm }} GITHUB_TOKEN: ${{ github.token }} + - run: | + nix profile install nixpkgs#cacert nixpkgs#tzdata + TZDATA=$(nix eval --raw nixpkgs#tzdata.outPath) + CACERT=$(nix eval --raw nixpkgs#cacert.outPath) + echo "TZDIR=$TZDATA/share/zoneinfo" >> "$GITHUB_ENV" + echo "GIT_SSL_CAINFO=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" + echo "NIX_SSL_CERT_FILE=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" + shell: bash + From 519bd3bf2cadd3eae9c4a485c117b2c880bf79e5 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 20 Jan 2025 08:34:55 +1100 Subject: [PATCH 05/85] chore: rename setup action to `matrixai-env-setup` --- .../{install-nix => matrixai-env-setup}/action.yml | 8 ++------ .../{install-nix => matrixai-env-setup}/install-nix.sh | 4 ++-- .../application-js-cloudflare-feature-closed.yml | 2 +- .github/workflows/application-js-cloudflare-feature.yml | 6 +++--- .github/workflows/application-js-cloudflare-master.yml | 4 ++-- .github/workflows/application-js-cloudflare-staging.yml | 6 +++--- .github/workflows/library-js-feature.yml | 8 ++++---- .github/workflows/library-js-staging.yml | 6 +++--- .github/workflows/library-js-tag.yml | 6 +++--- 9 files changed, 23 insertions(+), 27 deletions(-) rename .github/actions/{install-nix => matrixai-env-setup}/action.yml (93%) rename .github/actions/{install-nix => matrixai-env-setup}/install-nix.sh (96%) diff --git a/.github/actions/install-nix/action.yml b/.github/actions/matrixai-env-setup/action.yml similarity index 93% rename from .github/actions/install-nix/action.yml rename to .github/actions/matrixai-env-setup/action.yml index 5ce041d..6f63171 100644 --- a/.github/actions/install-nix/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -1,6 +1,5 @@ -name: 'Install Nix' +name: 'MatrixAI Environment Setup' description: 'Installs Nix on GitHub Actions for the supported platforms: Linux and macOS.' -author: 'Domen Kožar' inputs: extra_nix_config: description: 'Gets appended to `/etc/nix/nix.conf` if passed.' @@ -16,14 +15,11 @@ inputs: description: 'Enable KVM for hardware-accelerated virtualization on Linux, if available.' required: false default: true -branding: - color: 'blue' - icon: 'sun' runs: using: 'composite' steps: - run: | - ${GITHUB_ACTION_PATH}/install-nix.sh + ${GITHUB_ACTION_PATH}/matrixai-env-setup.sh shell: bash env: INPUT_EXTRA_NIX_CONFIG: | diff --git a/.github/actions/install-nix/install-nix.sh b/.github/actions/matrixai-env-setup/install-nix.sh similarity index 96% rename from .github/actions/install-nix/install-nix.sh rename to .github/actions/matrixai-env-setup/install-nix.sh index bdb2b6f..c0ee73a 100755 --- a/.github/actions/install-nix/install-nix.sh +++ b/.github/actions/matrixai-env-setup/install-nix.sh @@ -8,7 +8,7 @@ fi if [[ ($OSTYPE =~ linux) && ($INPUT_ENABLE_KVM == 'true') ]]; then enable_kvm() { - echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-install-nix-action-kvm.rules + echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-matrixai-env-setup-action-kvm.rules sudo udevadm control --reload-rules && sudo udevadm trigger --name-match=kvm } @@ -114,7 +114,7 @@ if [[ -n "${INPUT_NIX_PATH:-}" ]]; then echo "NIX_PATH=${INPUT_NIX_PATH}" >> "$GITHUB_ENV" fi -# Set temporary directory (if not already set) to fix https://github.com/cachix/install-nix-action/issues/197 +# Set temporary directory (if not already set) to fix https://github.com/cachix/matrixai-env-setup-action/issues/197 if [[ -z "${TMPDIR:-}" ]]; then echo "TMPDIR=${RUNNER_TEMP}" >> "$GITHUB_ENV" fi diff --git a/.github/workflows/application-js-cloudflare-feature-closed.yml b/.github/workflows/application-js-cloudflare-feature-closed.yml index 2d41541..12a7640 100644 --- a/.github/workflows/application-js-cloudflare-feature-closed.yml +++ b/.github/workflows/application-js-cloudflare-feature-closed.yml @@ -38,7 +38,7 @@ jobs: - uses: actions/checkout@v4 with: lfs: true - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Stop Deployment env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 68e3c89..8a6fae3 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -30,7 +30,7 @@ jobs: - uses: actions/checkout@v4 with: lfs: true - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run linting env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -50,7 +50,7 @@ jobs: - uses: actions/checkout@v4 with: lfs: true - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run build env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -86,7 +86,7 @@ jobs: - uses: actions/checkout@v4 with: lfs: true - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/download-artifact@v4 with: name: public diff --git a/.github/workflows/application-js-cloudflare-master.yml b/.github/workflows/application-js-cloudflare-master.yml index d244671..f4845e7 100644 --- a/.github/workflows/application-js-cloudflare-master.yml +++ b/.github/workflows/application-js-cloudflare-master.yml @@ -28,7 +28,7 @@ jobs: - uses: actions/checkout@v4 with: lfs: true - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run build env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -59,7 +59,7 @@ jobs: repository: MatrixAI/.github ref: ${{ inputs.ref }} path: tmp/.github - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Parse Secrets uses: ./tmp/.github/.github/actions/secrets-parse with: diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index f4a334e..c6e28d9 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -37,7 +37,7 @@ jobs: - uses: actions/checkout@v4 with: lfs: true - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run linting env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -82,7 +82,7 @@ jobs: - uses: actions/checkout@v4 with: lfs: true - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run build env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} @@ -113,7 +113,7 @@ jobs: repository: MatrixAI/.github ref: ${{ inputs.ref }} path: tmp/.github - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Parse Secrets uses: ./tmp/.github/.github/actions/secrets-parse with: diff --git a/.github/workflows/library-js-feature.yml b/.github/workflows/library-js-feature.yml index 6713912..7a2e41a 100644 --- a/.github/workflows/library-js-feature.yml +++ b/.github/workflows/library-js-feature.yml @@ -12,7 +12,7 @@ jobs: contents: read steps: - uses: actions/checkout@v4 - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run linting run: | nix develop .#ci --command bash -c $' @@ -28,7 +28,7 @@ jobs: actions: write steps: - uses: actions/checkout@v4 - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run build run: | nix develop .#ci --command bash -c $' @@ -50,7 +50,7 @@ jobs: checks: write steps: - uses: actions/checkout@v4 - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run tests run: | nix develop .#ci --command bash -c $' @@ -82,7 +82,7 @@ jobs: actions: write steps: - uses: actions/checkout@v4 - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run bench run: | nix develop .#ci --command bash -c $' diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 1bdfb7b..3affefe 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -23,7 +23,7 @@ jobs: contents: read steps: - uses: actions/checkout@v4 - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run linting run: | nix develop .#ci --command bash -c $' @@ -64,7 +64,7 @@ jobs: actions: write steps: - uses: actions/checkout@v4 - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run build run: | nix develop .#ci --command bash -c $' @@ -126,7 +126,7 @@ jobs: steps: - uses: actions/checkout@v4 - if: matrix.platform == 'linux' - uses: MatrixAI/.github/.github/actions/install-nix@master + uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/download-artifact@v4 with: name: dist diff --git a/.github/workflows/library-js-tag.yml b/.github/workflows/library-js-tag.yml index 7f3c79a..d63f0ef 100644 --- a/.github/workflows/library-js-tag.yml +++ b/.github/workflows/library-js-tag.yml @@ -16,7 +16,7 @@ jobs: actions: write steps: - uses: actions/checkout@v4 - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run build run: | nix develop .#ci --command bash -c $' @@ -42,7 +42,7 @@ jobs: if: startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '-') steps: - uses: actions/checkout@v4 - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/download-artifact@v4 with: name: dist @@ -74,7 +74,7 @@ jobs: if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-') steps: - uses: actions/checkout@v4 - - uses: MatrixAI/.github/.github/actions/install-nix@master + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/download-artifact@v4 with: name: dist From 209acd0820d34d0c05be6949dd0e0e3d7164577a Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 20 Jan 2025 09:15:03 +1100 Subject: [PATCH 06/85] fix: rename setup script --- .../matrixai-env-setup/{install-nix.sh => matrixai-env-setup.sh} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/actions/matrixai-env-setup/{install-nix.sh => matrixai-env-setup.sh} (100%) diff --git a/.github/actions/matrixai-env-setup/install-nix.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh similarity index 100% rename from .github/actions/matrixai-env-setup/install-nix.sh rename to .github/actions/matrixai-env-setup/matrixai-env-setup.sh From c6581ad50e30dd0e0b764f13317f387db1b77c7c Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 20 Jan 2025 12:15:03 +1100 Subject: [PATCH 07/85] feat: switch to `GITHUB_TOKEN` instead of `GH_TOKEN` --- .github/workflows/application-js-cloudflare-staging.yml | 8 ++++---- .github/workflows/library-js-staging.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index c6e28d9..c8458df 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -15,7 +15,7 @@ on: required: true DEPLOY_SECRETS: required: true - GH_TOKEN: + GITHUB_TOKEN: required: true GIT_AUTHOR_EMAIL: required: true @@ -57,7 +57,7 @@ jobs: - uses: actions/checkout@v4 - name: Create Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh pr create \ --head staging \ @@ -153,10 +153,10 @@ jobs: with: lfs: true fetch-depth: 0 - token: ${{ secrets.GH_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} - name: Merge Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 3affefe..7539da7 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -3,7 +3,7 @@ name: "CI / Library JS Staging" on: workflow_call: secrets: - GH_TOKEN: + GITHUB_TOKEN: required: true GIT_AUTHOR_EMAIL: required: true @@ -41,7 +41,7 @@ jobs: - uses: actions/checkout@v4 - name: Create Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh pr create \ --head staging \ @@ -177,10 +177,10 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - token: ${{ secrets.GH_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} - name: Merge Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} From 479fd5e1ce3745ee873297d9d84d21af85b0cb8a Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 20 Jan 2025 12:18:40 +1100 Subject: [PATCH 08/85] Revert "fix: rename setup script" This reverts commit 209acd0820d34d0c05be6949dd0e0e3d7164577a. --- .../matrixai-env-setup/{matrixai-env-setup.sh => install-nix.sh} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/actions/matrixai-env-setup/{matrixai-env-setup.sh => install-nix.sh} (100%) diff --git a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh b/.github/actions/matrixai-env-setup/install-nix.sh similarity index 100% rename from .github/actions/matrixai-env-setup/matrixai-env-setup.sh rename to .github/actions/matrixai-env-setup/install-nix.sh From ff10a79e7c1c3e22a0cb607ecafd0c1e705629b7 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 20 Jan 2025 12:22:30 +1100 Subject: [PATCH 09/85] Reapply "fix: rename setup script" This reverts commit 479fd5e1ce3745ee873297d9d84d21af85b0cb8a. --- .../matrixai-env-setup/{install-nix.sh => matrixai-env-setup.sh} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/actions/matrixai-env-setup/{install-nix.sh => matrixai-env-setup.sh} (100%) diff --git a/.github/actions/matrixai-env-setup/install-nix.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh similarity index 100% rename from .github/actions/matrixai-env-setup/install-nix.sh rename to .github/actions/matrixai-env-setup/matrixai-env-setup.sh From e65a978a66ea4d11404b01ad53b6974c0facf618 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 20 Jan 2025 12:23:51 +1100 Subject: [PATCH 10/85] Revert "feat: switch to `GITHUB_TOKEN` instead of `GH_TOKEN`" This reverts commit c6581ad50e30dd0e0b764f13317f387db1b77c7c. --- .github/workflows/application-js-cloudflare-staging.yml | 8 ++++---- .github/workflows/library-js-staging.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index c8458df..c6e28d9 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -15,7 +15,7 @@ on: required: true DEPLOY_SECRETS: required: true - GITHUB_TOKEN: + GH_TOKEN: required: true GIT_AUTHOR_EMAIL: required: true @@ -57,7 +57,7 @@ jobs: - uses: actions/checkout@v4 - name: Create Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} run: | gh pr create \ --head staging \ @@ -153,10 +153,10 @@ jobs: with: lfs: true fetch-depth: 0 - token: ${{ secrets.GITHUB_TOKEN }} + token: ${{ secrets.GH_TOKEN }} - name: Merge Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 7539da7..3affefe 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -3,7 +3,7 @@ name: "CI / Library JS Staging" on: workflow_call: secrets: - GITHUB_TOKEN: + GH_TOKEN: required: true GIT_AUTHOR_EMAIL: required: true @@ -41,7 +41,7 @@ jobs: - uses: actions/checkout@v4 - name: Create Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} run: | gh pr create \ --head staging \ @@ -177,10 +177,10 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - token: ${{ secrets.GITHUB_TOKEN }} + token: ${{ secrets.GH_TOKEN }} - name: Merge Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} From 83dc081983227e0f1abe8f3403dbc9632d0858ff Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 20 Jan 2025 12:37:29 +1100 Subject: [PATCH 11/85] fix: remove assignee tag --- .github/workflows/library-js-staging.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 3affefe..96ab95d 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -48,7 +48,6 @@ jobs: --base master \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ - --assignee "@me" \ --no-maintainer-edit || true printf "Pipeline Attempt on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ | gh pr comment staging \ From 0f181e7f535aba5381651bbb4434901ac5e02ef7 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 20 Jan 2025 12:57:46 +1100 Subject: [PATCH 12/85] fix: remove assignee tag again --- .github/workflows/application-js-cloudflare-staging.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index c6e28d9..3ad420e 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -64,7 +64,6 @@ jobs: --base master \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ - --assignee "@me" \ --no-maintainer-edit || true printf "Pipeline Attempt on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ | gh pr comment staging \ From eaf6d9065bb47c7e1197d13ff3a13823c9cb7d1d Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 09:27:51 +1100 Subject: [PATCH 13/85] fix: use `GH_TOKEN` for final push --- .github/workflows/library-js-staging.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 96ab95d..d4a839f 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -5,6 +5,8 @@ on: secrets: GH_TOKEN: required: true + GH_TOKEN_PUSH: + required: true GIT_AUTHOR_EMAIL: required: true GIT_AUTHOR_NAME: @@ -176,15 +178,14 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - token: ${{ secrets.GH_TOKEN }} + token: ${{ secrets.GH_TOKEN_PUSH }} - name: Merge Pull Request from Staging to Master env: GH_TOKEN: ${{ secrets.GH_TOKEN }} - GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} - GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} - GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} - GIT_COMMITTER_NAME: ${{ secrets.GIT_COMMITTER_NAME }} run: | + git config user.name github-actions + git config user.email github-actions@github.com + printf "Pipeline Succeeded on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ | gh pr comment staging \ --body-file - \ From 323c75a3ecd454f90954ded6bc171c1452c6ad72 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 09:39:38 +1100 Subject: [PATCH 14/85] Revert "fix: use `GH_TOKEN` for final push" This reverts commit eaf6d9065bb47c7e1197d13ff3a13823c9cb7d1d. --- .github/workflows/library-js-staging.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index d4a839f..96ab95d 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -5,8 +5,6 @@ on: secrets: GH_TOKEN: required: true - GH_TOKEN_PUSH: - required: true GIT_AUTHOR_EMAIL: required: true GIT_AUTHOR_NAME: @@ -178,14 +176,15 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - token: ${{ secrets.GH_TOKEN_PUSH }} + token: ${{ secrets.GH_TOKEN }} - name: Merge Pull Request from Staging to Master env: GH_TOKEN: ${{ secrets.GH_TOKEN }} + GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} + GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} + GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} + GIT_COMMITTER_NAME: ${{ secrets.GIT_COMMITTER_NAME }} run: | - git config user.name github-actions - git config user.email github-actions@github.com - printf "Pipeline Succeeded on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ | gh pr comment staging \ --body-file - \ From 6fb881e9bbcc3f4f5a8a87a1733faf8c0869b493 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 09:50:05 +1100 Subject: [PATCH 15/85] fix: readd `GITHUB_TOKEN` --- .github/workflows/library-js-staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 96ab95d..71675ef 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -41,7 +41,7 @@ jobs: - uses: actions/checkout@v4 - name: Create Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh pr create \ --head staging \ @@ -179,7 +179,7 @@ jobs: token: ${{ secrets.GH_TOKEN }} - name: Merge Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} From 4751ef8841d9026fedfbb0fc372bd038438f224a Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 09:52:42 +1100 Subject: [PATCH 16/85] fix: readd `GITHUB_TOKEN again` --- .github/workflows/application-js-cloudflare-staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index 3ad420e..4b75378 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -57,7 +57,7 @@ jobs: - uses: actions/checkout@v4 - name: Create Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh pr create \ --head staging \ @@ -155,7 +155,7 @@ jobs: token: ${{ secrets.GH_TOKEN }} - name: Merge Pull Request from Staging to Master env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} From f9751d1117ee0711c70a09e9a364c91e2a165677 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 10:41:08 +1100 Subject: [PATCH 17/85] feat: add `registry.json` --- .../matrixai-env-setup/matrixai-env-setup.sh | 1 + .../actions/matrixai-env-setup/registry.json | 29 +++++++++++++++++++ 2 files changed, 30 insertions(+) create mode 100644 .github/actions/matrixai-env-setup/registry.json diff --git a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh index c0ee73a..57f2275 100755 --- a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh +++ b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh @@ -82,6 +82,7 @@ else sudo mkdir -p /etc/nix sudo chmod 0755 /etc/nix sudo cp "$workdir/nix.conf" /etc/nix/nix.conf + sudo cp "$workdir/registry.json" /etc/nix/registry.json fi if [[ -n "${INPUT_INSTALL_OPTIONS:-}" ]]; then diff --git a/.github/actions/matrixai-env-setup/registry.json b/.github/actions/matrixai-env-setup/registry.json new file mode 100644 index 0000000..d7e8543 --- /dev/null +++ b/.github/actions/matrixai-env-setup/registry.json @@ -0,0 +1,29 @@ +{ + "flakes": [ + { + "exact": true, + "from": { "id": "nixpkgs", "type": "indirect" }, + "to": { + "path": "/etc/nixpkgs", + "type": "path" + } + }, + { + "exact": true, + "from": { "id": "nixpkgs-matrix", "type": "indirect" }, + "to": { + "path": "https://github.com/MatrixAI/nixpkgs-matrix", + "type": "url" + } + }, + { + "exact": true, + "from": { "id": "nixpkgs-matrix-private", "type": "indirect" }, + "to": { + "path": "https://github.com/MatrixAI/nixpkgs-matrix-private", + "type": "url" + } + } + ], + "version": 2 +} From 2ee86e672cdd92ec843bb9a07d4271fb37fc97eb Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:04:14 +1100 Subject: [PATCH 18/85] fix: debugging --- .github/actions/matrixai-env-setup/matrixai-env-setup.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh index 57f2275..89a9d47 100755 --- a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh +++ b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh @@ -82,7 +82,12 @@ else sudo mkdir -p /etc/nix sudo chmod 0755 /etc/nix sudo cp "$workdir/nix.conf" /etc/nix/nix.conf - sudo cp "$workdir/registry.json" /etc/nix/registry.json + if [[ -f "$workdir/registry.json" ]]; then + sudo cp "$workdir/registry.json" /etc/nix/registry.json + echo "Installed registry.json" + else + echo "Warning: registry.json file not found in $workdir. Skipping registry injection." + fi fi if [[ -n "${INPUT_INSTALL_OPTIONS:-}" ]]; then From ba033a5f092bcfd85fabd321c8eda2465db3f800 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:07:31 +1100 Subject: [PATCH 19/85] fix: debugging --- .../matrixai-env-setup/matrixai-env-setup.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh index 89a9d47..29f737a 100755 --- a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh +++ b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh @@ -82,12 +82,6 @@ else sudo mkdir -p /etc/nix sudo chmod 0755 /etc/nix sudo cp "$workdir/nix.conf" /etc/nix/nix.conf - if [[ -f "$workdir/registry.json" ]]; then - sudo cp "$workdir/registry.json" /etc/nix/registry.json - echo "Installed registry.json" - else - echo "Warning: registry.json file not found in $workdir. Skipping registry injection." - fi fi if [[ -n "${INPUT_INSTALL_OPTIONS:-}" ]]; then @@ -125,5 +119,12 @@ if [[ -z "${TMPDIR:-}" ]]; then echo "TMPDIR=${RUNNER_TEMP}" >> "$GITHUB_ENV" fi +if [[ -f "$workdir/registry.json" ]]; then + sudo cp "$workdir/registry.json" /etc/nix/registry.json + echo "Installed registry.json" +else + echo "Warning: registry.json file not found in $workdir. Skipping registry injection." +fi + # Close the log message group which was opened above echo "::endgroup::" From a56e584affc6362f2437aa051fa11d5938029458 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:09:23 +1100 Subject: [PATCH 20/85] fix: debugging --- .github/actions/matrixai-env-setup/matrixai-env-setup.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh index 29f737a..a812d92 100755 --- a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh +++ b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh @@ -119,11 +119,11 @@ if [[ -z "${TMPDIR:-}" ]]; then echo "TMPDIR=${RUNNER_TEMP}" >> "$GITHUB_ENV" fi -if [[ -f "$workdir/registry.json" ]]; then - sudo cp "$workdir/registry.json" /etc/nix/registry.json +if [[ -f "./registry.json" ]]; then + sudo cp "./registry.json" /etc/nix/registry.json echo "Installed registry.json" else - echo "Warning: registry.json file not found in $workdir. Skipping registry injection." + echo "Warning: registry.json file not found in dir. Skipping registry injection." fi # Close the log message group which was opened above From 7b4611e5f6be4ccf46a26962195c618b6440e7e8 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:11:02 +1100 Subject: [PATCH 21/85] fix: debugging --- .../actions/matrixai-env-setup/matrixai-env-setup.sh | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh index a812d92..4346ada 100755 --- a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh +++ b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh @@ -119,11 +119,14 @@ if [[ -z "${TMPDIR:-}" ]]; then echo "TMPDIR=${RUNNER_TEMP}" >> "$GITHUB_ENV" fi -if [[ -f "./registry.json" ]]; then - sudo cp "./registry.json" /etc/nix/registry.json - echo "Installed registry.json" +REGISTRY_JSON_PATH=".github/actions/matrixai-env-setup/registry.json" + +if [[ -f "$REGISTRY_JSON_PATH" ]]; then + sudo cp "$REGISTRY_JSON_PATH" /etc/nix/registry.json + echo "registry.json has been copied to /etc/nix/registry.json" else - echo "Warning: registry.json file not found in dir. Skipping registry injection." + echo "Error: registry.json not found at $REGISTRY_JSON_PATH" + exit 1 fi # Close the log message group which was opened above From 3bb2dd39685855a10ce6ec3e0d6c6206fbc6caf4 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:12:35 +1100 Subject: [PATCH 22/85] fix: debugging --- .github/actions/matrixai-env-setup/matrixai-env-setup.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh index 4346ada..13b6c03 100755 --- a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh +++ b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh @@ -121,6 +121,9 @@ fi REGISTRY_JSON_PATH=".github/actions/matrixai-env-setup/registry.json" +ls -la +pwd + if [[ -f "$REGISTRY_JSON_PATH" ]]; then sudo cp "$REGISTRY_JSON_PATH" /etc/nix/registry.json echo "registry.json has been copied to /etc/nix/registry.json" From cabd7f5448517714bd431b22dc9d158b609519ca Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:15:58 +1100 Subject: [PATCH 23/85] fix: debugging --- .github/actions/matrixai-env-setup/action.yml | 30 +++++++++++++++++++ .../matrixai-env-setup/matrixai-env-setup.sh | 14 ++++----- 2 files changed, 35 insertions(+), 9 deletions(-) diff --git a/.github/actions/matrixai-env-setup/action.yml b/.github/actions/matrixai-env-setup/action.yml index 6f63171..29672f8 100644 --- a/.github/actions/matrixai-env-setup/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -26,6 +26,36 @@ runs: ${{ inputs.extra_nix_config }} substituters = s3://matrix-ai-nix-cache?profile=matrix-nix-cache®ion=ap-southeast-2 https://cache.nixos.org/ trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= matrix-ai-nix-cache:yhxzASVutUGCY2o/U4jkiNVj06M6Fi1h94LiC5TkYBg= + INPUT_REGISTRY: | + { + "flakes": [ + { + "exact": true, + "from": { "id": "nixpkgs", "type": "indirect" }, + "to": { + "path": "/etc/nixpkgs", + "type": "path" + } + }, + { + "exact": true, + "from": { "id": "nixpkgs-matrix", "type": "indirect" }, + "to": { + "path": "https://github.com/MatrixAI/nixpkgs-matrix", + "type": "url" + } + }, + { + "exact": true, + "from": { "id": "nixpkgs-matrix-private", "type": "indirect" }, + "to": { + "path": "https://github.com/MatrixAI/nixpkgs-matrix-private", + "type": "url" + } + } + ], + "version": 2 + } INPUT_GITHUB_ACCESS_TOKEN: ${{ inputs.github_access_token }} INPUT_INSTALL_OPTIONS: ${{ inputs.install_options }} INPUT_INSTALL_URL: ${{ inputs.install_url }} diff --git a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh index 13b6c03..c374dfa 100755 --- a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh +++ b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh @@ -119,16 +119,12 @@ if [[ -z "${TMPDIR:-}" ]]; then echo "TMPDIR=${RUNNER_TEMP}" >> "$GITHUB_ENV" fi -REGISTRY_JSON_PATH=".github/actions/matrixai-env-setup/registry.json" - -ls -la -pwd - -if [[ -f "$REGISTRY_JSON_PATH" ]]; then - sudo cp "$REGISTRY_JSON_PATH" /etc/nix/registry.json - echo "registry.json has been copied to /etc/nix/registry.json" +if [[ -n "${INPUT_REGISTRY:-}" ]]; then + # Output the INPUT_REGISTRY variable contents to /etc/nix/registry.json + echo "$INPUT_REGISTRY" | sudo tee /etc/nix/registry.json > /dev/null + echo "Contents of INPUT_REGISTRY have been written to /etc/nix/registry.json" else - echo "Error: registry.json not found at $REGISTRY_JSON_PATH" + echo "Error: INPUT_REGISTRY is not set. Cannot create /etc/nix/registry.json" exit 1 fi From 00f36f31ee6bcb514f419837c88e158fbeb12ed9 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:17:47 +1100 Subject: [PATCH 24/85] fix: debugging --- .github/actions/matrixai-env-setup/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/matrixai-env-setup/action.yml b/.github/actions/matrixai-env-setup/action.yml index 29672f8..5cda734 100644 --- a/.github/actions/matrixai-env-setup/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -33,8 +33,8 @@ runs: "exact": true, "from": { "id": "nixpkgs", "type": "indirect" }, "to": { - "path": "/etc/nixpkgs", - "type": "path" + "path": "https://github.com/NixOS/nixpkgs", + "type": "url" } }, { From c59df7f25a8e5af750c4d548ccbdd4cd32b8aa90 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:19:13 +1100 Subject: [PATCH 25/85] fix: debugging --- .github/actions/matrixai-env-setup/action.yml | 10 +------ .../actions/matrixai-env-setup/registry.json | 29 ------------------- 2 files changed, 1 insertion(+), 38 deletions(-) delete mode 100644 .github/actions/matrixai-env-setup/registry.json diff --git a/.github/actions/matrixai-env-setup/action.yml b/.github/actions/matrixai-env-setup/action.yml index 5cda734..d0bb67f 100644 --- a/.github/actions/matrixai-env-setup/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -29,14 +29,6 @@ runs: INPUT_REGISTRY: | { "flakes": [ - { - "exact": true, - "from": { "id": "nixpkgs", "type": "indirect" }, - "to": { - "path": "https://github.com/NixOS/nixpkgs", - "type": "url" - } - }, { "exact": true, "from": { "id": "nixpkgs-matrix", "type": "indirect" }, @@ -63,7 +55,7 @@ runs: INPUT_ENABLE_KVM: ${{ inputs.enable_kvm }} GITHUB_TOKEN: ${{ github.token }} - run: | - nix profile install nixpkgs#cacert nixpkgs#tzdata + nix profile install nixpkgs-matrix#cacert nixpkgs-matrix#tzdata TZDATA=$(nix eval --raw nixpkgs#tzdata.outPath) CACERT=$(nix eval --raw nixpkgs#cacert.outPath) echo "TZDIR=$TZDATA/share/zoneinfo" >> "$GITHUB_ENV" diff --git a/.github/actions/matrixai-env-setup/registry.json b/.github/actions/matrixai-env-setup/registry.json deleted file mode 100644 index d7e8543..0000000 --- a/.github/actions/matrixai-env-setup/registry.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "flakes": [ - { - "exact": true, - "from": { "id": "nixpkgs", "type": "indirect" }, - "to": { - "path": "/etc/nixpkgs", - "type": "path" - } - }, - { - "exact": true, - "from": { "id": "nixpkgs-matrix", "type": "indirect" }, - "to": { - "path": "https://github.com/MatrixAI/nixpkgs-matrix", - "type": "url" - } - }, - { - "exact": true, - "from": { "id": "nixpkgs-matrix-private", "type": "indirect" }, - "to": { - "path": "https://github.com/MatrixAI/nixpkgs-matrix-private", - "type": "url" - } - } - ], - "version": 2 -} From 1b334f4bca7ffcde7ed3c885a09bf35704a02fbc Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:23:55 +1100 Subject: [PATCH 26/85] fix: debugging --- .github/actions/matrixai-env-setup/action.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/actions/matrixai-env-setup/action.yml b/.github/actions/matrixai-env-setup/action.yml index d0bb67f..6afe419 100644 --- a/.github/actions/matrixai-env-setup/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -33,16 +33,16 @@ runs: "exact": true, "from": { "id": "nixpkgs-matrix", "type": "indirect" }, "to": { - "path": "https://github.com/MatrixAI/nixpkgs-matrix", - "type": "url" + "type": "git", + "url": "https://github.com/MatrixAI/nixpkgs-matrix" } }, { "exact": true, "from": { "id": "nixpkgs-matrix-private", "type": "indirect" }, "to": { - "path": "https://github.com/MatrixAI/nixpkgs-matrix-private", - "type": "url" + "type": "git", + "url": "https://github.com/MatrixAI/nixpkgs-matrix-private" } } ], From 7de5e38c5e04a165715e52eeb26026dd7bbe114c Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:31:30 +1100 Subject: [PATCH 27/85] fix: debugging --- .github/actions/matrixai-env-setup/action.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/actions/matrixai-env-setup/action.yml b/.github/actions/matrixai-env-setup/action.yml index 6afe419..55f4467 100644 --- a/.github/actions/matrixai-env-setup/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -61,5 +61,8 @@ runs: echo "TZDIR=$TZDATA/share/zoneinfo" >> "$GITHUB_ENV" echo "GIT_SSL_CAINFO=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" echo "NIX_SSL_CERT_FILE=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" + ls -l /nix/store/laxddg60hy9rxs0icvp9aw1imdwn1p01-nss-cacert-3.107/etc/ssl/certs/ca-bundle.crt + sudo chmod 644 /nix/store/laxddg60hy9rxs0icvp9aw1imdwn1p01-nss-cacert-3.107/etc/ssl/certs/ca-bundle.crt + ls -l /nix/store/laxddg60hy9rxs0icvp9aw1imdwn1p01-nss-cacert-3.107/etc/ssl/certs/ca-bundle.crt shell: bash From 8bbbaa4d24bd9590b4b50e985566be68a2058106 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:34:07 +1100 Subject: [PATCH 28/85] fix: debugging --- .github/actions/matrixai-env-setup/action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/matrixai-env-setup/action.yml b/.github/actions/matrixai-env-setup/action.yml index 55f4467..e00b36d 100644 --- a/.github/actions/matrixai-env-setup/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -61,8 +61,8 @@ runs: echo "TZDIR=$TZDATA/share/zoneinfo" >> "$GITHUB_ENV" echo "GIT_SSL_CAINFO=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" echo "NIX_SSL_CERT_FILE=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" - ls -l /nix/store/laxddg60hy9rxs0icvp9aw1imdwn1p01-nss-cacert-3.107/etc/ssl/certs/ca-bundle.crt - sudo chmod 644 /nix/store/laxddg60hy9rxs0icvp9aw1imdwn1p01-nss-cacert-3.107/etc/ssl/certs/ca-bundle.crt - ls -l /nix/store/laxddg60hy9rxs0icvp9aw1imdwn1p01-nss-cacert-3.107/etc/ssl/certs/ca-bundle.crt + ls -l $CACERT/etc/ssl/certs/ca-bundle.crt + sudo chmod 644 $CACERT/etc/ssl/certs/ca-bundle.crt + ls -l $CACERT/etc/ssl/certs/ca-bundle.crt shell: bash From 60af50e2547652fbae9a136e8c6403a77be51e9e Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:36:57 +1100 Subject: [PATCH 29/85] fix: debugging --- .github/actions/matrixai-env-setup/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/matrixai-env-setup/action.yml b/.github/actions/matrixai-env-setup/action.yml index e00b36d..1e3e91a 100644 --- a/.github/actions/matrixai-env-setup/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -56,8 +56,8 @@ runs: GITHUB_TOKEN: ${{ github.token }} - run: | nix profile install nixpkgs-matrix#cacert nixpkgs-matrix#tzdata - TZDATA=$(nix eval --raw nixpkgs#tzdata.outPath) - CACERT=$(nix eval --raw nixpkgs#cacert.outPath) + TZDATA=$(nix eval --raw nixpkgs-matrix#tzdata.outPath) + CACERT=$(nix eval --raw nixpkgs-matrix#cacert.outPath) echo "TZDIR=$TZDATA/share/zoneinfo" >> "$GITHUB_ENV" echo "GIT_SSL_CAINFO=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" echo "NIX_SSL_CERT_FILE=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" From 2a0fd42d4698f8a47111af8dba8a0311cfac2a44 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:38:25 +1100 Subject: [PATCH 30/85] fix: debugging --- .github/actions/matrixai-env-setup/action.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/actions/matrixai-env-setup/action.yml b/.github/actions/matrixai-env-setup/action.yml index 1e3e91a..a2cca43 100644 --- a/.github/actions/matrixai-env-setup/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -61,8 +61,5 @@ runs: echo "TZDIR=$TZDATA/share/zoneinfo" >> "$GITHUB_ENV" echo "GIT_SSL_CAINFO=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" echo "NIX_SSL_CERT_FILE=$CACERT/etc/ssl/certs/ca-bundle.crt" >> "$GITHUB_ENV" - ls -l $CACERT/etc/ssl/certs/ca-bundle.crt - sudo chmod 644 $CACERT/etc/ssl/certs/ca-bundle.crt - ls -l $CACERT/etc/ssl/certs/ca-bundle.crt shell: bash From 2c33164edd02c02b8377d4dd155e6156d42eee6f Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 21 Jan 2025 11:39:31 +1100 Subject: [PATCH 31/85] fix: `registry.json` fixes --- .github/actions/matrixai-env-setup/matrixai-env-setup.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh index c374dfa..675cc79 100755 --- a/.github/actions/matrixai-env-setup/matrixai-env-setup.sh +++ b/.github/actions/matrixai-env-setup/matrixai-env-setup.sh @@ -122,10 +122,6 @@ fi if [[ -n "${INPUT_REGISTRY:-}" ]]; then # Output the INPUT_REGISTRY variable contents to /etc/nix/registry.json echo "$INPUT_REGISTRY" | sudo tee /etc/nix/registry.json > /dev/null - echo "Contents of INPUT_REGISTRY have been written to /etc/nix/registry.json" -else - echo "Error: INPUT_REGISTRY is not set. Cannot create /etc/nix/registry.json" - exit 1 fi # Close the log message group which was opened above From c51094c90c9fee47895468019a02b6a651d00048 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Wed, 22 Jan 2025 13:04:04 +1100 Subject: [PATCH 32/85] feat: implement native library js staging workflow --- .../workflows/native-library-js-staging.yml | 199 ++++++++++++++++++ 1 file changed, 199 insertions(+) create mode 100644 .github/workflows/native-library-js-staging.yml diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml new file mode 100644 index 0000000..9c42656 --- /dev/null +++ b/.github/workflows/native-library-js-staging.yml @@ -0,0 +1,199 @@ +name: "CI / Native Library JS Staging" + +on: + workflow_call: + secrets: + GH_TOKEN: + required: true + GIT_AUTHOR_EMAIL: + required: true + GIT_AUTHOR_NAME: + required: true + GIT_COMMITTER_EMAIL: + required: true + GIT_COMMITTER_NAME: + required: true + +jobs: + # Lint the code + staging-lint: + name: "Staging / Lint" + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run linting + run: | + nix develop .#ci --command bash -c $' + npm run lint + npm run lint-native + npm run lint-shell + ' + + # Create the merge PR + staging-merge-begin: + name: "Staging / Merge Begin" + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + steps: + - uses: actions/checkout@v4 + - name: Create Pull Request from Staging to Master + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh pr create \ + --head staging \ + --base master \ + --title "ci: merge staging to master" \ + --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ + --no-maintainer-edit || true + printf "Pipeline Attempt on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ + | gh pr comment staging \ + --body-file - \ + --repo "$GITHUB_REPOSITORY" + + # Build the distribution - JS is platform-agnostic + staging-build: + name: "Staging / Build" + runs-on: ubuntu-latest + permissions: + contents: read + actions: write + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run build + run: | + nix develop .#ci --command bash -c $' + npm run build --verbose + ' + - name: Upload Build + uses: actions/upload-artifact@v4 + with: + name: dist + path: ./dist + + # Build on every platform + # This re-uses the built `./dist`, and run tests and benches + staging-platforms: + name: "Staging / Platforms" + needs: + - staging-build + runs-on: ${{ matrix.os }} + permissions: + contents: read + actions: write + checks: write + strategy: + fail-fast: true + matrix: + include: + - platform: linux + os: ubuntu-latest + env: {} + script: | + nix develop .#ci --command bash -c $' + npm run prebuild --verbose + npm test -- --ci --coverage + npm run bench --if-present + ' + - platform: windows + os: windows-latest + env: {} + script: | + mkdir -Force "$CI_PROJECT_DIR/tmp" + Import-Module $env:ChocolateyInstall\helpers\chocolateyProfile.psm1 + ./scripts/choco-install.ps1 + refreshenv + npm install --ignore-scripts + $env:Path = "$(npm root)\.bin;" + $env:Path + npm run prebuild --verbose + npm test -- --ci --coverage + npm run bench --if-present + - platform: macos + os: macos-latest + env: {} + script: | + mkdir -p "$CI_PROJECT_DIR/tmp" + eval "$(brew shellenv)" + ./scripts/brew-install.sh + hash -r + npm install --ignore-scripts + export PATH="$(npm root)/.bin:$PATH" + npm run prebuild --verbose + npm test -- --ci --coverage + npm run bench --if-present + steps: + - uses: actions/checkout@v4 + - if: matrix.platform == 'linux' + uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - uses: actions/download-artifact@v4 + with: + name: dist + path: ./dist + - name: Build + env: ${{ matrix.env }} + run: ${{ matrix.script }} + - name: Upload JUnit Report + if: success() || failure() + uses: actions/upload-artifact@v4 + with: + name: junit-report-${{ matrix.platform }} + path: ./tmp/junit/junit.xml + - name: Publish JUnit Report + uses: mikepenz/action-junit-report@v5 + with: + check_name: JUnit Test Report - ${{matrix.platform}} + report_paths: ./tmp/junit/junit.xml + - name: Upload Cobertura report + if: success() || failure() + uses: actions/upload-artifact@v4 + with: + name: coverage-report-${{ matrix.platform }} + path: ./tmp/coverage/cobertura-coverage.xml + - name: Upload Metrics Report + if: success() || failure() + uses: actions/upload-artifact@v4 + with: + name: metrics-report-${{ matrix.platform }} + path: ./benches/results/metrics.txt + if-no-files-found: ignore + + staging-merge-finish: + name: "Staging / Merge Finish" + needs: + - staging-lint + - staging-merge-begin + - staging-build + - staging-platforms + runs-on: ubuntu-latest + concurrency: + group: staging-merge-finish + cancel-in-progress: true + permissions: + contents: write + pull-requests: write + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ secrets.GH_TOKEN }} + - name: Merge Pull Request from Staging to Master + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} + GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} + GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} + GIT_COMMITTER_NAME: ${{ secrets.GIT_COMMITTER_NAME }} + run: | + printf "Pipeline Succeeded on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ + | gh pr comment staging \ + --body-file - \ + --repo "$GITHUB_REPOSITORY" + git checkout master + git merge --ff-only "$GITHUB_SHA" + git push origin master From 37961845805d8c096e20cefcc7cde53556e3d8c5 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Wed, 22 Jan 2025 13:10:30 +1100 Subject: [PATCH 33/85] fix: add `--ignore-scripts` to native job --- .github/workflows/native-library-js-staging.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 9c42656..6e1d2b8 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -69,7 +69,7 @@ jobs: - name: Run build run: | nix develop .#ci --command bash -c $' - npm run build --verbose + npm run build --ignore-scripts --verbose ' - name: Upload Build uses: actions/upload-artifact@v4 From b4f3bce2d070f6f8137557489d032358a621d5df Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Wed, 22 Jan 2025 13:17:25 +1100 Subject: [PATCH 34/85] fix: ci fixes --- .github/workflows/native-library-js-staging.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 6e1d2b8..3521b6e 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -116,7 +116,9 @@ jobs: npm run bench --if-present - platform: macos os: macos-latest - env: {} + env: + npm_config_devdir: "${{ github.workspace }}/tmp/node-gyp" + npm_config_arch: 'x64+arm64' script: | mkdir -p "$CI_PROJECT_DIR/tmp" eval "$(brew shellenv)" From 22a6b36f5c2629aed7b0e1999e18ce89def39f0e Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Wed, 22 Jan 2025 13:20:59 +1100 Subject: [PATCH 35/85] Revert "fix: ci fixes" This reverts commit b4f3bce2d070f6f8137557489d032358a621d5df. --- .github/workflows/native-library-js-staging.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 3521b6e..6e1d2b8 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -116,9 +116,7 @@ jobs: npm run bench --if-present - platform: macos os: macos-latest - env: - npm_config_devdir: "${{ github.workspace }}/tmp/node-gyp" - npm_config_arch: 'x64+arm64' + env: {} script: | mkdir -p "$CI_PROJECT_DIR/tmp" eval "$(brew shellenv)" From 5ea960b8a83be9f6f07eb8ff12e5bc4641998b16 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Fri, 24 Jan 2025 10:44:59 +1100 Subject: [PATCH 36/85] fix: remove `npm run lint-native` --- .github/workflows/native-library-js-staging.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 6e1d2b8..d1615f8 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -28,7 +28,6 @@ jobs: run: | nix develop .#ci --command bash -c $' npm run lint - npm run lint-native npm run lint-shell ' From 15edbcd7f2ca2cdcd91a0c7e9cefd63266102169 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 28 Jan 2025 14:05:50 +1100 Subject: [PATCH 37/85] feat: add tag and feature workflows for native-js --- .../workflows/native-library-js-feature.yml | 96 +++++++++++++++++++ .github/workflows/native-library-js-tag.yml | 93 ++++++++++++++++++ 2 files changed, 189 insertions(+) create mode 100644 .github/workflows/native-library-js-feature.yml create mode 100644 .github/workflows/native-library-js-tag.yml diff --git a/.github/workflows/native-library-js-feature.yml b/.github/workflows/native-library-js-feature.yml new file mode 100644 index 0000000..7a2e41a --- /dev/null +++ b/.github/workflows/native-library-js-feature.yml @@ -0,0 +1,96 @@ +name: "CI / Library JS Feature" + +on: + workflow_call: + +jobs: + # Lint the code + feature-lint: + name: "Feature / Lint" + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run linting + run: | + nix develop .#ci --command bash -c $' + npm run lint + ' + + # Build the dist + feature-build: + name: "Feature / Build" + runs-on: ubuntu-latest + permissions: + contents: read + actions: write + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run build + run: | + nix develop .#ci --command bash -c $' + npm run build --verbose + ' + - name: Upload Build + uses: actions/upload-artifact@v4 + with: + name: dist + path: ./dist + + # Test the dist + feature-test: + name: "Feature / Test" + runs-on: ubuntu-latest + permissions: + contents: read + actions: write + checks: write + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run tests + run: | + nix develop .#ci --command bash -c $' + npm run test -- --ci --coverage + ' + - name: Upload JUnit report + if: success() || failure() + uses: actions/upload-artifact@v4 + with: + name: junit-report + path: tmp/junit/junit.xml + - name: Publish JUnit Report + uses: mikepenz/action-junit-report@v5 + with: + report_paths: tmp/junit/junit.xml + - name: Upload Cobertura report + if: success() || failure() + uses: actions/upload-artifact@v4 + with: + name: coverage-report + path: tmp/coverage/cobertura-coverage.xml + + # Bench the dist + feature-bench: + name: "Feature / Bench" + runs-on: ubuntu-latest + permissions: + contents: read + actions: write + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run bench + run: | + nix develop .#ci --command bash -c $' + npm run bench --if-present + ' + - name: Upload Bench + uses: actions/upload-artifact@v4 + with: + name: metrics-report + path: ./benches/results/metrics.txt + if-no-files-found: ignore diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml new file mode 100644 index 0000000..d63f0ef --- /dev/null +++ b/.github/workflows/native-library-js-tag.yml @@ -0,0 +1,93 @@ +name: "CI / Library JS Tag" + +on: + workflow_call: + secrets: + NPM_TOKEN: + required: true + +jobs: + # Build the distribution - JS is platform-agnostic + tag-build: + name: "Tag / Build" + runs-on: ubuntu-latest + permissions: + contents: read + actions: write + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run build + run: | + nix develop .#ci --command bash -c $' + npm run build --verbose + ' + - name: Upload Build + uses: actions/upload-artifact@v4 + with: + name: dist + path: ./dist + + # Publish the prerelease + tag-prerelease: + name: "Tag / Pre-release" + runs-on: ubuntu-latest + concurrency: + group: tag-prerelease + cancel-in-progress: false + needs: + - tag-build + permissions: + contents: read + if: startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '-') + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - uses: actions/download-artifact@v4 + with: + name: dist + path: ./dist + - name: Publishing library prerelease + env: + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + run: | + echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc + nix develop .#ci --command bash -c $' + npm publish --tag prerelease --access public + ' + - name: Remove `.npmrc` + if: success() || failure() + run: | + rm -f ./.npmrc + + # Publish the release + tag-release: + name: "Tag / Release" + runs-on: ubuntu-latest + concurrency: + group: tag-release + cancel-in-progress: false + needs: + - tag-build + permissions: + contents: read + if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-') + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - uses: actions/download-artifact@v4 + with: + name: dist + path: ./dist + - name: Publishing library release + env: + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + run: | + echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc + nix develop .#ci --command bash -c $' + npm publish --access public + ' + - name: Remove `.npmrc` + if: success() || failure() + run: | + rm -f ./.npmrc From 4f871f73d67f2931660d5bcd8d4e0aec9accce4b Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 28 Jan 2025 14:17:56 +1100 Subject: [PATCH 38/85] fix: add prebuild before publish --- .github/workflows/native-library-js-tag.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index d63f0ef..6980247 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -53,6 +53,7 @@ jobs: run: | echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc nix develop .#ci --command bash -c $' + npm run prebuild --verbose npm publish --tag prerelease --access public ' - name: Remove `.npmrc` @@ -85,6 +86,7 @@ jobs: run: | echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc nix develop .#ci --command bash -c $' + npm run prebuild --verbose npm publish --access public ' - name: Remove `.npmrc` From 8c9a8adb53c5e99bf96b1f72873a7f72a7bfb223 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 3 Feb 2025 12:57:18 +1100 Subject: [PATCH 39/85] fix: correctly perform native tag publishing --- .github/workflows/native-library-js-tag.yml | 140 +++++++++++++++++++- 1 file changed, 135 insertions(+), 5 deletions(-) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 6980247..8098d3e 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -7,6 +7,23 @@ on: required: true jobs: + # Lint the code + tag-lint: + name: "Tag / Lint" + runs-on: ubuntu-latest + permissions: + contents: read + actions: write + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run linting + run: | + nix develop .#ci --command bash -c $' + npm run lint + npm run lint-shell + ' + # Build the distribution - JS is platform-agnostic tag-build: name: "Tag / Build" @@ -14,6 +31,7 @@ jobs: permissions: contents: read actions: write + needs: tag-lint steps: - uses: actions/checkout@v4 - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master @@ -28,6 +46,81 @@ jobs: name: dist path: ./dist + tag-platforms: + name: "Tag / Platforms" + needs: + - tag-build + runs-on: ${{ matrix.os }} + permissions: + contents: read + actions: write + checks: write + strategy: + fail-fast: false + matrix: + include: + - platform: linux + os: ubuntu-latest + env: + npm_config_arch: "x64" + RUST_BACKTRACE: "1" + script: | + nix develop .#ci --command bash -c $' + npm run prebuild --verbose -- --production + npm test -- --ci --coverage + npm run bench + ' + - platform: windows + os: windows-latest + env: + npm_config_arch: "x64" + RUST_BACKTRACE: "1" + LIBCLANG_PATH: "C:\\Program Files\\LLVM\\bin" + script: | + mkdir -Force "$CI_PROJECT_DIR/tmp" + Import-Module $env:ChocolateyInstall\helpers\chocolateyProfile.psm1 + ./scripts/choco-install.ps1 + refreshenv + npm install --ignore-scripts + $env:Path = "$(npm root)\.bin;" + $env:Path + npm run prebuild --verbose -- --production + npm test -- --ci --coverage + npm run bench + - platform: macos + os: macos-latest + env: + RUST_BACKTRACE: "1" + script: | + eval "$(brew shellenv)" + ./scripts/brew-install.sh + hash -r + npm install --ignore-scripts + export PATH="$(npm root)/.bin:$PATH" + export PATH="$HOME/.cargo/bin:$PATH" + npm run prebuild --verbose -- --arch x64 --production + npm run prebuild --verbose -- --arch arm64 --production + lipo -create -output prebuild/quic-darwin-x64+arm64.node prebuild/quic-darwin-arm64.node prebuild/quic-darwin-x64.node + rm -rf node_modules/@matrixai/quic-* + npm test -- --ci --coverage + npm run bench + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: '20' + - uses: actions/download-artifact@v4 + with: + name: dist + path: ./dist + - name: Build + env: ${{ matrix.env }} + run: ${{ matrix.script }} + - uses: actions/upload-artifact@v4 + with: + name: prebuild-${{ matrix.platform }} + path: ./prebuild + + # Publish the prerelease tag-prerelease: name: "Tag / Pre-release" @@ -45,8 +138,9 @@ jobs: - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/download-artifact@v4 with: - name: dist - path: ./dist + pattern: prebuild* + path: prebuild + merge-multiple: true - name: Publishing library prerelease env: NPM_TOKEN: ${{ secrets.NPM_TOKEN }} @@ -56,6 +150,24 @@ jobs: npm run prebuild --verbose npm publish --tag prerelease --access public ' + for d in prebuild/*; do + tar \ + --create \ + --verbose \ + --file="prebuild/$(basename $d).tar" \ + --directory=prebuild \ + "$(basename $d)" + done + nix develop .#ci --command bash -c $' + gh release \ + create "$GITHUB_REF_NAME" \ + prebuild/*.tar \ + --title "$GITHUB_REF_NAME-$(date -u +"%Y-%m-%dT%H:%M:%SZ")" \ + --notes "" \ + --prerelease \ + --target staging \ + --repo "$GITHUB_REPOSITORY" + ' - name: Remove `.npmrc` if: success() || failure() run: | @@ -69,7 +181,7 @@ jobs: group: tag-release cancel-in-progress: false needs: - - tag-build + - tag-platforms permissions: contents: read if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-') @@ -78,8 +190,9 @@ jobs: - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/download-artifact@v4 with: - name: dist - path: ./dist + pattern: prebuild* + path: prebuild + merge-multiple: true - name: Publishing library release env: NPM_TOKEN: ${{ secrets.NPM_TOKEN }} @@ -89,6 +202,23 @@ jobs: npm run prebuild --verbose npm publish --access public ' + for d in prebuild/*; do + tar \ + --create \ + --verbose \ + --file="prebuild/$(basename $d).tar" \ + --directory=prebuild \ + "$(basename $d)" + done + nix develop .#ci --command bash -c $' + gh release \ + create "$GITHUB_REF_NAME" \ + prebuild/*.tar \ + --title "$GITHUB_REF_NAME-$(date -u +"%Y-%m-%dT%H:%M:%SZ")" \ + --notes "" \ + --target master \ + --repo "$GITHUB_REPOSITORY" + ' - name: Remove `.npmrc` if: success() || failure() run: | From 103a17b2bad2df537386ee96559d5fd68d1c67fa Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 3 Feb 2025 13:03:45 +1100 Subject: [PATCH 40/85] fix: race condition --- .github/workflows/native-library-js-tag.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 8098d3e..7db9264 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -129,7 +129,7 @@ jobs: group: tag-prerelease cancel-in-progress: false needs: - - tag-build + - tag-platforms permissions: contents: read if: startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '-') From 0af2452c1f56de9e1579a31e618923ff9584ef57 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 3 Feb 2025 13:20:16 +1100 Subject: [PATCH 41/85] fix: set up matrix nix env at platforms step for linux --- .github/workflows/native-library-js-tag.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 7db9264..b957ac8 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -105,6 +105,8 @@ jobs: npm run bench steps: - uses: actions/checkout@v4 + - if: matrix.platform == 'linux' + uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/setup-node@v4 with: node-version: '20' From 101527d672b5125c3d56d8ad269ecec1b8b6e932 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 3 Feb 2025 13:49:23 +1100 Subject: [PATCH 42/85] fix: remove unecessary prebuild step --- .github/workflows/native-library-js-tag.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index b957ac8..f00113f 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -149,7 +149,6 @@ jobs: run: | echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc nix develop .#ci --command bash -c $' - npm run prebuild --verbose npm publish --tag prerelease --access public ' for d in prebuild/*; do @@ -201,7 +200,6 @@ jobs: run: | echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc nix develop .#ci --command bash -c $' - npm run prebuild --verbose npm publish --access public ' for d in prebuild/*; do From 6315ef313ea63cd47e28f5b48dc93592e068ff7c Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 3 Feb 2025 14:36:51 +1100 Subject: [PATCH 43/85] fix: add `GH_TOKEN` --- .github/workflows/native-library-js-tag.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index f00113f..0390027 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -146,6 +146,7 @@ jobs: - name: Publishing library prerelease env: NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc nix develop .#ci --command bash -c $' @@ -197,6 +198,7 @@ jobs: - name: Publishing library release env: NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc nix develop .#ci --command bash -c $' From 7c973ac5c0bc40b2cf92866a8045c8843d52a1fe Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Mon, 3 Feb 2025 15:05:25 +1100 Subject: [PATCH 44/85] fix: add `content: write` permissions --- .github/workflows/native-library-js-tag.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 0390027..7304b60 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -133,7 +133,7 @@ jobs: needs: - tag-platforms permissions: - contents: read + contents: write if: startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '-') steps: - uses: actions/checkout@v4 @@ -185,7 +185,7 @@ jobs: needs: - tag-platforms permissions: - contents: read + contents: write if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-') steps: - uses: actions/checkout@v4 From bb66a375fcfafe67751148ab537917169189ddba Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Wed, 12 Feb 2025 09:54:00 +1100 Subject: [PATCH 45/85] fix: propagate deployment secrets during build jobs --- .../application-js-cloudflare-feature.yml | 17 +++++++++++++++++ .../application-js-cloudflare-master.yml | 17 +++++++++++++++++ .../application-js-cloudflare-staging.yml | 17 +++++++++++++++++ 3 files changed, 51 insertions(+) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 8a6fae3..01fd297 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -47,10 +47,27 @@ jobs: contents: read actions: write steps: + - name: Checkout Actions + uses: actions/checkout@v4 + with: + repository: MatrixAI/.github + ref: ${{ inputs.ref }} + path: tmp/.github + - name: Parse Secrets + uses: ./tmp/.github/.github/actions/secrets-parse + with: + secrets: ${{ secrets.DEPLOY_SECRETS }} - uses: actions/checkout@v4 with: lfs: true - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - uses: actions/download-artifact@v4 + with: + name: public + path: ./public + - name: Setup Deploy Secrets + run: | + echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV - name: Run build env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} diff --git a/.github/workflows/application-js-cloudflare-master.yml b/.github/workflows/application-js-cloudflare-master.yml index f4845e7..b59681c 100644 --- a/.github/workflows/application-js-cloudflare-master.yml +++ b/.github/workflows/application-js-cloudflare-master.yml @@ -25,10 +25,27 @@ jobs: contents: read actions: write steps: + - name: Checkout Actions + uses: actions/checkout@v4 + with: + repository: MatrixAI/.github + ref: ${{ inputs.ref }} + path: tmp/.github + - name: Parse Secrets + uses: ./tmp/.github/.github/actions/secrets-parse + with: + secrets: ${{ secrets.DEPLOY_SECRETS }} - uses: actions/checkout@v4 with: lfs: true - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - uses: actions/download-artifact@v4 + with: + name: public + path: ./public + - name: Setup Deploy Secrets + run: | + echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV - name: Run build env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index 4b75378..3d86230 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -78,10 +78,27 @@ jobs: contents: read actions: write steps: + - name: Checkout Actions + uses: actions/checkout@v4 + with: + repository: MatrixAI/.github + ref: ${{ inputs.ref }} + path: tmp/.github + - name: Parse Secrets + uses: ./tmp/.github/.github/actions/secrets-parse + with: + secrets: ${{ secrets.DEPLOY_SECRETS }} - uses: actions/checkout@v4 with: lfs: true - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - uses: actions/download-artifact@v4 + with: + name: public + path: ./public + - name: Setup Deploy Secrets + run: | + echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV - name: Run build env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} From 473d11c1f1f2aaaba84f2506fb6e5e14e8758227 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Wed, 12 Feb 2025 09:58:45 +1100 Subject: [PATCH 46/85] fix: remove unecessary artifact download --- .github/workflows/application-js-cloudflare-feature.yml | 4 ---- .github/workflows/application-js-cloudflare-master.yml | 4 ---- .github/workflows/application-js-cloudflare-staging.yml | 4 ---- 3 files changed, 12 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 01fd297..6828938 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -61,10 +61,6 @@ jobs: with: lfs: true - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - - uses: actions/download-artifact@v4 - with: - name: public - path: ./public - name: Setup Deploy Secrets run: | echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV diff --git a/.github/workflows/application-js-cloudflare-master.yml b/.github/workflows/application-js-cloudflare-master.yml index b59681c..808b085 100644 --- a/.github/workflows/application-js-cloudflare-master.yml +++ b/.github/workflows/application-js-cloudflare-master.yml @@ -39,10 +39,6 @@ jobs: with: lfs: true - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - - uses: actions/download-artifact@v4 - with: - name: public - path: ./public - name: Setup Deploy Secrets run: | echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index 3d86230..67f20f3 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -92,10 +92,6 @@ jobs: with: lfs: true - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - - uses: actions/download-artifact@v4 - with: - name: public - path: ./public - name: Setup Deploy Secrets run: | echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV From 38fef411abe7454e5c03c27dff1004a1442af71d Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Thu, 6 Mar 2025 13:16:14 +1100 Subject: [PATCH 47/85] feat: add Polykey to env --- .github/actions/matrixai-env-setup/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/matrixai-env-setup/action.yml b/.github/actions/matrixai-env-setup/action.yml index a2cca43..e10d5ce 100644 --- a/.github/actions/matrixai-env-setup/action.yml +++ b/.github/actions/matrixai-env-setup/action.yml @@ -55,7 +55,7 @@ runs: INPUT_ENABLE_KVM: ${{ inputs.enable_kvm }} GITHUB_TOKEN: ${{ github.token }} - run: | - nix profile install nixpkgs-matrix#cacert nixpkgs-matrix#tzdata + nix profile install nixpkgs-matrix#cacert nixpkgs-matrix#tzdata nixpkgs-matrix#polykey-cli TZDATA=$(nix eval --raw nixpkgs-matrix#tzdata.outPath) CACERT=$(nix eval --raw nixpkgs-matrix#cacert.outPath) echo "TZDIR=$TZDATA/share/zoneinfo" >> "$GITHUB_ENV" From 11102eb25a80efe4a0d7170a069e5d32c007db40 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Fri, 7 Mar 2025 15:10:48 +1100 Subject: [PATCH 48/85] feat: add `application-js*` repos --- .github/workflows/application-js-feature.yml | 35 +++++++ .github/workflows/application-js-staging.yml | 103 +++++++++++++++++++ 2 files changed, 138 insertions(+) create mode 100644 .github/workflows/application-js-feature.yml create mode 100644 .github/workflows/application-js-staging.yml diff --git a/.github/workflows/application-js-feature.yml b/.github/workflows/application-js-feature.yml new file mode 100644 index 0000000..afbb568 --- /dev/null +++ b/.github/workflows/application-js-feature.yml @@ -0,0 +1,35 @@ +name: "CI / Application JS Feature" + +on: + workflow_call: + +jobs: + # Lint the code + feature-lint: + name: "Feature / Lint" + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run linting + run: | + nix develop .#ci --command bash -c $' + npm run lint + ' + + # Run a dry run + feature-dry: + name: "Feature / Dry Run" + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Dry run + run: | + nix build .#default --dry-run + nix build .#docker --dry-run + diff --git a/.github/workflows/application-js-staging.yml b/.github/workflows/application-js-staging.yml new file mode 100644 index 0000000..aa3015a --- /dev/null +++ b/.github/workflows/application-js-staging.yml @@ -0,0 +1,103 @@ +name: "CI / Application JS Staging" + +on: + workflow_call: + secrets: + GH_TOKEN: + required: true + GIT_AUTHOR_EMAIL: + required: true + GIT_AUTHOR_NAME: + required: true + GIT_COMMITTER_EMAIL: + required: true + GIT_COMMITTER_NAME: + required: true + +jobs: + # Lint the code + staging-lint: + name: "Staging / Lint" + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run linting + run: | + nix develop .#ci --command bash -c $' + npm run lint + ' + + # Run a dry run + staging-dry: + name: "Staging / Dry Run" + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Dry run + run: | + nix build .#default --dry-run + nix build .#docker --dry-run + + # Create the merge PR + staging-merge-begin: + name: "Staging / Merge Begin" + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + steps: + - uses: actions/checkout@v4 + - name: Create Pull Request from Staging to Master + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh pr create \ + --head staging \ + --base master \ + --title "ci: merge staging to master" \ + --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ + --no-maintainer-edit || true + printf "Pipeline Attempt on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ + | gh pr comment staging \ + --body-file - \ + --repo "$GITHUB_REPOSITORY" + + staging-merge-finish: + name: "Staging / Merge Finish" + needs: + - staging-lint + - staging-dry + - staging-merge-begin + runs-on: ubuntu-latest + concurrency: + group: staging-merge-finish + cancel-in-progress: true + permissions: + contents: write + pull-requests: write + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ secrets.GH_TOKEN }} + - name: Merge Pull Request from Staging to Master + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }} + GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }} + GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }} + GIT_COMMITTER_NAME: ${{ secrets.GIT_COMMITTER_NAME }} + run: | + printf "Pipeline Succeeded on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \ + | gh pr comment staging \ + --body-file - \ + --repo "$GITHUB_REPOSITORY" + git checkout master + git merge --ff-only "$GITHUB_SHA" + git push origin master From cb77e8888aa47ad642a7c8ae4d1d7a798fa86207 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Fri, 7 Mar 2025 15:23:03 +1100 Subject: [PATCH 49/85] fix: require private PAT on js-applications --- .github/workflows/application-js-feature.yml | 7 +++++++ .github/workflows/application-js-staging.yml | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/.github/workflows/application-js-feature.yml b/.github/workflows/application-js-feature.yml index afbb568..d69c4b1 100644 --- a/.github/workflows/application-js-feature.yml +++ b/.github/workflows/application-js-feature.yml @@ -2,6 +2,9 @@ name: "CI / Application JS Feature" on: workflow_call: + secrets: + NIXPKGS_PRIVATE_PAT: + required: true jobs: # Lint the code @@ -14,6 +17,8 @@ jobs: - uses: actions/checkout@v4 - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run linting + env: + NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} run: | nix develop .#ci --command bash -c $' npm run lint @@ -29,6 +34,8 @@ jobs: - uses: actions/checkout@v4 - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Dry run + env: + NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} run: | nix build .#default --dry-run nix build .#docker --dry-run diff --git a/.github/workflows/application-js-staging.yml b/.github/workflows/application-js-staging.yml index aa3015a..5e9bdce 100644 --- a/.github/workflows/application-js-staging.yml +++ b/.github/workflows/application-js-staging.yml @@ -3,6 +3,8 @@ name: "CI / Application JS Staging" on: workflow_call: secrets: + NIXPKGS_PRIVATE_PAT: + required: true GH_TOKEN: required: true GIT_AUTHOR_EMAIL: @@ -25,6 +27,8 @@ jobs: - uses: actions/checkout@v4 - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run linting + env: + NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} run: | nix develop .#ci --command bash -c $' npm run lint @@ -40,6 +44,8 @@ jobs: - uses: actions/checkout@v4 - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Dry run + env: + NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} run: | nix build .#default --dry-run nix build .#docker --dry-run From 0d9039ba2fe6b7edb1293b44b0de03cf572e7554 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Fri, 21 Mar 2025 13:23:01 +1100 Subject: [PATCH 50/85] feat: added environments for `application-js-cloudflare` workflows --- .github/workflows/application-js-cloudflare-feature.yml | 2 ++ .github/workflows/application-js-cloudflare-master.yml | 2 ++ .github/workflows/application-js-cloudflare-staging.yml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 6828938..87c5a1d 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -46,6 +46,7 @@ jobs: permissions: contents: read actions: write + environment: feature steps: - name: Checkout Actions uses: actions/checkout@v4 @@ -85,6 +86,7 @@ jobs: concurrency: group: feature-deployment cancel-in-progress: false + environment: feature steps: - name: Checkout Actions uses: actions/checkout@v4 diff --git a/.github/workflows/application-js-cloudflare-master.yml b/.github/workflows/application-js-cloudflare-master.yml index 808b085..8be4be4 100644 --- a/.github/workflows/application-js-cloudflare-master.yml +++ b/.github/workflows/application-js-cloudflare-master.yml @@ -24,6 +24,7 @@ jobs: permissions: contents: read actions: write + environment: master steps: - name: Checkout Actions uses: actions/checkout@v4 @@ -65,6 +66,7 @@ jobs: cancel-in-progress: false permissions: contents: read + environment: master steps: - name: Checkout Actions uses: actions/checkout@v4 diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index 67f20f3..420bc42 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -77,6 +77,7 @@ jobs: permissions: contents: read actions: write + environment: staging steps: - name: Checkout Actions uses: actions/checkout@v4 @@ -118,6 +119,7 @@ jobs: cancel-in-progress: false permissions: contents: read + environment: staging steps: - name: Checkout Actions uses: actions/checkout@v4 From 96093d097039ff9bd5bf33d3ffdfdef3f3515f5f Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 25 Mar 2025 11:03:22 +1100 Subject: [PATCH 51/85] fix: add `PYTHON` to macos native jobs --- .github/workflows/native-library-js-staging.yml | 1 + .github/workflows/native-library-js-tag.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index d1615f8..246a81d 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -120,6 +120,7 @@ jobs: mkdir -p "$CI_PROJECT_DIR/tmp" eval "$(brew shellenv)" ./scripts/brew-install.sh + export PYTHON=$(brew --prefix python@3.10)/bin/python3 hash -r npm install --ignore-scripts export PATH="$(npm root)/.bin:$PATH" diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 7304b60..86c374e 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -93,6 +93,7 @@ jobs: script: | eval "$(brew shellenv)" ./scripts/brew-install.sh + export PYTHON=$(brew --prefix python@3.10)/bin/python3 hash -r npm install --ignore-scripts export PATH="$(npm root)/.bin:$PATH" From 663b6ef921b233ba5fbafc80a480315e831565ae Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 25 Mar 2025 11:09:51 +1100 Subject: [PATCH 52/85] fix: use subversion for `python3` executable --- .github/workflows/native-library-js-staging.yml | 2 +- .github/workflows/native-library-js-tag.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 246a81d..9872d34 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -120,7 +120,7 @@ jobs: mkdir -p "$CI_PROJECT_DIR/tmp" eval "$(brew shellenv)" ./scripts/brew-install.sh - export PYTHON=$(brew --prefix python@3.10)/bin/python3 + export PYTHON=$(brew --prefix python@3.10)/bin/python3.10 hash -r npm install --ignore-scripts export PATH="$(npm root)/.bin:$PATH" diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 86c374e..a696ce8 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -93,7 +93,7 @@ jobs: script: | eval "$(brew shellenv)" ./scripts/brew-install.sh - export PYTHON=$(brew --prefix python@3.10)/bin/python3 + export PYTHON=$(brew --prefix python@3.10)/bin/python3.10 hash -r npm install --ignore-scripts export PATH="$(npm root)/.bin:$PATH" From 39f026e62579b664d7ef3c94d5297ec6bc610324 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 14:09:39 +1100 Subject: [PATCH 53/85] fix: environments must come from the inputs of the reusable workflows --- .../application-js-cloudflare-feature-closed.yml | 5 +++++ .../workflows/application-js-cloudflare-feature.yml | 9 +++++++-- .../workflows/application-js-cloudflare-master.yml | 8 ++++++-- .../workflows/application-js-cloudflare-staging.yml | 11 +++++++++-- 4 files changed, 27 insertions(+), 6 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-feature-closed.yml b/.github/workflows/application-js-cloudflare-feature-closed.yml index 12a7640..b7fcefc 100644 --- a/.github/workflows/application-js-cloudflare-feature-closed.yml +++ b/.github/workflows/application-js-cloudflare-feature-closed.yml @@ -3,6 +3,10 @@ name: "CI / Application JS Cloudflare Feature Closed" on: workflow_call: inputs: + environment: + description: 'Deployment Environment' + type: environment + required: true appName: type: string required: true @@ -34,6 +38,7 @@ jobs: if: startsWith(inputs.featureBranch, 'feature') permissions: contents: read + environment: ${{ inputs.environment }} steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 87c5a1d..494e591 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -3,6 +3,10 @@ name: "CI / Application JS Cloudflare Feature" on: workflow_call: inputs: + environment: + description: 'Deployment Environment' + type: environment + required: true ref: type: string default: master @@ -26,6 +30,7 @@ jobs: runs-on: ubuntu-latest permissions: contents: read + environment: ${{ inputs.environment }} steps: - uses: actions/checkout@v4 with: @@ -46,7 +51,7 @@ jobs: permissions: contents: read actions: write - environment: feature + environment: ${{ inputs.environment }} steps: - name: Checkout Actions uses: actions/checkout@v4 @@ -86,7 +91,7 @@ jobs: concurrency: group: feature-deployment cancel-in-progress: false - environment: feature + environment: ${{ inputs.environment }} steps: - name: Checkout Actions uses: actions/checkout@v4 diff --git a/.github/workflows/application-js-cloudflare-master.yml b/.github/workflows/application-js-cloudflare-master.yml index 8be4be4..79404a0 100644 --- a/.github/workflows/application-js-cloudflare-master.yml +++ b/.github/workflows/application-js-cloudflare-master.yml @@ -3,6 +3,10 @@ name: "CI / Application JS Cloudflare Master" on: workflow_call: inputs: + environment: + description: 'Deployment Environment' + type: environment + required: true ref: type: string default: master @@ -24,7 +28,7 @@ jobs: permissions: contents: read actions: write - environment: master + environment: ${{ inputs.environment }} steps: - name: Checkout Actions uses: actions/checkout@v4 @@ -66,7 +70,7 @@ jobs: cancel-in-progress: false permissions: contents: read - environment: master + environment: ${{ inputs.environment }} steps: - name: Checkout Actions uses: actions/checkout@v4 diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index 420bc42..cc69a45 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -3,6 +3,10 @@ name: "CI / Application JS Cloudflare Staging" on: workflow_call: inputs: + environment: + description: 'Deployment Environment' + type: environment + required: true ref: type: string default: master @@ -33,6 +37,7 @@ jobs: runs-on: ubuntu-latest permissions: contents: read + environment: ${{ inputs.environment }} steps: - uses: actions/checkout@v4 with: @@ -53,6 +58,7 @@ jobs: permissions: contents: read pull-requests: write + environment: ${{ inputs.environment }} steps: - uses: actions/checkout@v4 - name: Create Pull Request from Staging to Master @@ -77,7 +83,7 @@ jobs: permissions: contents: read actions: write - environment: staging + environment: ${{ inputs.environment }} steps: - name: Checkout Actions uses: actions/checkout@v4 @@ -119,7 +125,7 @@ jobs: cancel-in-progress: false permissions: contents: read - environment: staging + environment: ${{ inputs.environment }} steps: - name: Checkout Actions uses: actions/checkout@v4 @@ -162,6 +168,7 @@ jobs: permissions: contents: write pull-requests: write + environment: ${{ inputs.environment }} steps: - uses: actions/checkout@v4 with: From b363b3e5198120b0fcffcec004a41fe767c44fbf Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 14:13:37 +1100 Subject: [PATCH 54/85] fix: environment input has to be of type string --- .github/workflows/application-js-cloudflare-feature-closed.yml | 2 +- .github/workflows/application-js-cloudflare-feature.yml | 2 +- .github/workflows/application-js-cloudflare-master.yml | 2 +- .github/workflows/application-js-cloudflare-staging.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-feature-closed.yml b/.github/workflows/application-js-cloudflare-feature-closed.yml index b7fcefc..a3ca582 100644 --- a/.github/workflows/application-js-cloudflare-feature-closed.yml +++ b/.github/workflows/application-js-cloudflare-feature-closed.yml @@ -5,7 +5,7 @@ on: inputs: environment: description: 'Deployment Environment' - type: environment + type: string required: true appName: type: string diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 494e591..1122c29 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -5,7 +5,7 @@ on: inputs: environment: description: 'Deployment Environment' - type: environment + type: string required: true ref: type: string diff --git a/.github/workflows/application-js-cloudflare-master.yml b/.github/workflows/application-js-cloudflare-master.yml index 79404a0..a993baf 100644 --- a/.github/workflows/application-js-cloudflare-master.yml +++ b/.github/workflows/application-js-cloudflare-master.yml @@ -5,7 +5,7 @@ on: inputs: environment: description: 'Deployment Environment' - type: environment + type: string required: true ref: type: string diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index cc69a45..60cc507 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -5,7 +5,7 @@ on: inputs: environment: description: 'Deployment Environment' - type: environment + type: string required: true ref: type: string From 987d034e3a69525f854a29da074658ea29e8fdd5 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 14:21:56 +1100 Subject: [PATCH 55/85] chore: test receiving an environment variable --- .../application-js-cloudflare-feature.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 1122c29..f8063ba 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -24,6 +24,22 @@ env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} jobs: + feature-test-secret: + name: "Feature / Secret Test" + runs-on: ubuntu-latest + permissions: + contents: read + environment: ${{ inputs.environment }} + steps: + - uses: actions/checkout@v4 + with: + lfs: true + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run The Test + run: | + echo "WHAT IS THIS? $ABC AFTER THE ABC" + [ -n "$ABC" ] && echo "ABC is set and non-empty" || echo "ABC is not set or empty" + # Lint the code feature-lint: name: "Feature / Lint" From 33fb17389aa931b564a75e08f1d78d79055991bf Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 14:27:55 +1100 Subject: [PATCH 56/85] chore: set the `env` for testing environment variables --- .github/workflows/application-js-cloudflare-feature.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index f8063ba..122dc38 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -36,6 +36,8 @@ jobs: lfs: true - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run The Test + env: + ABC: ${{ secrets.ABC }} run: | echo "WHAT IS THIS? $ABC AFTER THE ABC" [ -n "$ABC" ] && echo "ABC is set and non-empty" || echo "ABC is not set or empty" From 18646d39cb52d6fb8bef7858348fd4b2c9d57dda Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 14:35:47 +1100 Subject: [PATCH 57/85] chore: get the environment secrets from DEPLOY_SECRETS --- .../application-js-cloudflare-feature.yml | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 122dc38..756613f 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -31,13 +31,24 @@ jobs: contents: read environment: ${{ inputs.environment }} steps: + - name: Checkout Actions + uses: actions/checkout@v4 + with: + repository: MatrixAI/.github + ref: ${{ inputs.ref }} + path: tmp/.github + - name: Parse Secrets + uses: ./tmp/.github/.github/actions/secrets-parse + with: + secrets: ${{ secrets.DEPLOY_SECRETS }} - uses: actions/checkout@v4 with: lfs: true - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Setup Deploy Secrets + run: | + echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV - name: Run The Test - env: - ABC: ${{ secrets.ABC }} run: | echo "WHAT IS THIS? $ABC AFTER THE ABC" [ -n "$ABC" ] && echo "ABC is set and non-empty" || echo "ABC is not set or empty" From f788d5621b2a1525f2aa381b5ca9a0b0337d0162 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 14:41:25 +1100 Subject: [PATCH 58/85] chore: maybe the `environment` key is useless if we use `DEPLOY_SECRETS` --- .github/workflows/application-js-cloudflare-feature.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 756613f..0e9b6f8 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -29,7 +29,6 @@ jobs: runs-on: ubuntu-latest permissions: contents: read - environment: ${{ inputs.environment }} steps: - name: Checkout Actions uses: actions/checkout@v4 From 193e071ee5527fcc50925aecb0f5a2b3e2d6347f Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 14:47:38 +1100 Subject: [PATCH 59/85] chore: the `environment` key seems to be useful for maintaining environment restrictions for the jobs, but not for passing the secrets because we are using `DEPLOY_SECRETS` --- .../application-js-cloudflare-feature.yml | 28 ------------------- 1 file changed, 28 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 0e9b6f8..1122c29 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -24,34 +24,6 @@ env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} jobs: - feature-test-secret: - name: "Feature / Secret Test" - runs-on: ubuntu-latest - permissions: - contents: read - steps: - - name: Checkout Actions - uses: actions/checkout@v4 - with: - repository: MatrixAI/.github - ref: ${{ inputs.ref }} - path: tmp/.github - - name: Parse Secrets - uses: ./tmp/.github/.github/actions/secrets-parse - with: - secrets: ${{ secrets.DEPLOY_SECRETS }} - - uses: actions/checkout@v4 - with: - lfs: true - - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - - name: Setup Deploy Secrets - run: | - echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV - - name: Run The Test - run: | - echo "WHAT IS THIS? $ABC AFTER THE ABC" - [ -n "$ABC" ] && echo "ABC is set and non-empty" || echo "ABC is not set or empty" - # Lint the code feature-lint: name: "Feature / Lint" From 09af40f87d229a0ef0ff30d15f11eded3826aa3a Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 14:51:08 +1100 Subject: [PATCH 60/85] chore: testing final security separation between environments --- .../application-js-cloudflare-feature.yml | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 1122c29..d2a94e4 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -24,6 +24,37 @@ env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} jobs: + feature-test-secret: + name: "Feature / Secret Test" + runs-on: ubuntu-latest + permissions: + contents: read + environment: ${{ inputs.environment }} + steps: + - name: Checkout Actions + uses: actions/checkout@v4 + with: + repository: MatrixAI/.github + ref: ${{ inputs.ref }} + path: tmp/.github + - name: Parse Secrets + uses: ./tmp/.github/.github/actions/secrets-parse + with: + secrets: ${{ secrets.DEPLOY_SECRETS }} + - uses: actions/checkout@v4 + with: + lfs: true + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Setup Deploy Secrets + run: | + echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV + - name: Run The Test + run: | + echo "WHAT IS THIS? $ABC_FEATURE AFTER THE ABC_FEATURE" + [ -n "$ABC_FEATURE" ] && echo "ABC_MASTER is set and non-empty" || echo "ABC is not set or empty" + echo "WHAT IS THIS? $ABC_MASTER AFTER THE ABC_MASTER" + [ -n "$ABC_MASTER" ] && echo "ABC_FEATURE is set and non-empty" || echo "ABC is not set or empty" + # Lint the code feature-lint: name: "Feature / Lint" From 4b9631bf7ab26f345c68e0f7d5b1850db4dcb100 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 14:57:52 +1100 Subject: [PATCH 61/85] chore: test the actual values of the 2 variables --- .github/workflows/application-js-cloudflare-feature.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index d2a94e4..0e79a29 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -54,6 +54,10 @@ jobs: [ -n "$ABC_FEATURE" ] && echo "ABC_MASTER is set and non-empty" || echo "ABC is not set or empty" echo "WHAT IS THIS? $ABC_MASTER AFTER THE ABC_MASTER" [ -n "$ABC_MASTER" ] && echo "ABC_FEATURE is set and non-empty" || echo "ABC is not set or empty" + [ "$ABC_MASTER" = "xxx" ] && echo 'ABC_MASTER is xxx' + [ "$ABC_MASTER" = "yyy" ] && echo 'ABC_MASTER is yyy' + [ "$ABC_FEATURE" = "xxx" ] && echo 'ABC_FEATURE is xxx' + [ "$ABC_FEATURE" = "yyy" ] && echo 'ABC_FEATURE is yyy' # Lint the code feature-lint: From de48b5ae9be1d6bee2ed9d8fc2c95bcaf9527364 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 25 Mar 2025 15:07:04 +1100 Subject: [PATCH 62/85] chore: no need for testing, environments work --- .../application-js-cloudflare-feature.yml | 35 ------------------- 1 file changed, 35 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 0e79a29..1122c29 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -24,41 +24,6 @@ env: NIX_CONFIG: access-tokens = github.com=${{ secrets.NIXPKGS_PRIVATE_PAT }} jobs: - feature-test-secret: - name: "Feature / Secret Test" - runs-on: ubuntu-latest - permissions: - contents: read - environment: ${{ inputs.environment }} - steps: - - name: Checkout Actions - uses: actions/checkout@v4 - with: - repository: MatrixAI/.github - ref: ${{ inputs.ref }} - path: tmp/.github - - name: Parse Secrets - uses: ./tmp/.github/.github/actions/secrets-parse - with: - secrets: ${{ secrets.DEPLOY_SECRETS }} - - uses: actions/checkout@v4 - with: - lfs: true - - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - - name: Setup Deploy Secrets - run: | - echo "${{ inputs.DEPLOY_SECRETS }}" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' >> $GITHUB_ENV - - name: Run The Test - run: | - echo "WHAT IS THIS? $ABC_FEATURE AFTER THE ABC_FEATURE" - [ -n "$ABC_FEATURE" ] && echo "ABC_MASTER is set and non-empty" || echo "ABC is not set or empty" - echo "WHAT IS THIS? $ABC_MASTER AFTER THE ABC_MASTER" - [ -n "$ABC_MASTER" ] && echo "ABC_FEATURE is set and non-empty" || echo "ABC is not set or empty" - [ "$ABC_MASTER" = "xxx" ] && echo 'ABC_MASTER is xxx' - [ "$ABC_MASTER" = "yyy" ] && echo 'ABC_MASTER is yyy' - [ "$ABC_FEATURE" = "xxx" ] && echo 'ABC_FEATURE is xxx' - [ "$ABC_FEATURE" = "yyy" ] && echo 'ABC_FEATURE is yyy' - # Lint the code feature-lint: name: "Feature / Lint" From 8152f62ccdd339e20cbb455ae69b891f694f73d5 Mon Sep 17 00:00:00 2001 From: Brian Botha Date: Wed, 26 Mar 2025 10:53:11 +1100 Subject: [PATCH 63/85] fix: adding submodule support to native workflows --- .github/workflows/native-library-js-feature.yml | 8 ++++++++ .github/workflows/native-library-js-staging.yml | 9 +++++++++ .github/workflows/native-library-js-tag.yml | 10 ++++++++++ 3 files changed, 27 insertions(+) diff --git a/.github/workflows/native-library-js-feature.yml b/.github/workflows/native-library-js-feature.yml index 7a2e41a..a3975ce 100644 --- a/.github/workflows/native-library-js-feature.yml +++ b/.github/workflows/native-library-js-feature.yml @@ -12,6 +12,8 @@ jobs: contents: read steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run linting run: | @@ -28,6 +30,8 @@ jobs: actions: write steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run build run: | @@ -50,6 +54,8 @@ jobs: checks: write steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run tests run: | @@ -82,6 +88,8 @@ jobs: actions: write steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run bench run: | diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 9872d34..06eb43e 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -23,6 +23,8 @@ jobs: contents: read steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run linting run: | @@ -40,6 +42,8 @@ jobs: pull-requests: write steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - name: Create Pull Request from Staging to Master env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -64,6 +68,8 @@ jobs: actions: write steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run build run: | @@ -129,6 +135,8 @@ jobs: npm run bench --if-present steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - if: matrix.platform == 'linux' uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/download-artifact@v4 @@ -181,6 +189,7 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 + submodules: 'recursive' token: ${{ secrets.GH_TOKEN }} - name: Merge Pull Request from Staging to Master env: diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index a696ce8..bb9b8bd 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -16,6 +16,8 @@ jobs: actions: write steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run linting run: | @@ -34,6 +36,8 @@ jobs: needs: tag-lint steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - name: Run build run: | @@ -106,6 +110,8 @@ jobs: npm run bench steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - if: matrix.platform == 'linux' uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/setup-node@v4 @@ -138,6 +144,8 @@ jobs: if: startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '-') steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/download-artifact@v4 with: @@ -190,6 +198,8 @@ jobs: if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-') steps: - uses: actions/checkout@v4 + with: + submodules: 'recursive' - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - uses: actions/download-artifact@v4 with: From 831e718c033cb14055a518ea68902365798df28e Mon Sep 17 00:00:00 2001 From: Brian Botha Date: Wed, 26 Mar 2025 11:03:49 +1100 Subject: [PATCH 64/85] fix: disabling fail-fast for native workflows --- .github/workflows/native-library-js-staging.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 06eb43e..fdc8239 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -94,7 +94,7 @@ jobs: actions: write checks: write strategy: - fail-fast: true + fail-fast: false matrix: include: - platform: linux From ec8ea669c54464e6b37ea7b5ebe12a5eda3a9640 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Thu, 27 Mar 2025 08:59:03 +1100 Subject: [PATCH 65/85] fix: force `prebuild` folder name --- .github/workflows/native-library-js-tag.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index bb9b8bd..3dd3115 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -70,7 +70,7 @@ jobs: RUST_BACKTRACE: "1" script: | nix develop .#ci --command bash -c $' - npm run prebuild --verbose -- --production + npm run prebuild --verbose -- --production --output=prebuild npm test -- --ci --coverage npm run bench ' @@ -87,7 +87,7 @@ jobs: refreshenv npm install --ignore-scripts $env:Path = "$(npm root)\.bin;" + $env:Path - npm run prebuild --verbose -- --production + npm run prebuild --verbose -- --production --output=prebuild npm test -- --ci --coverage npm run bench - platform: macos @@ -102,8 +102,8 @@ jobs: npm install --ignore-scripts export PATH="$(npm root)/.bin:$PATH" export PATH="$HOME/.cargo/bin:$PATH" - npm run prebuild --verbose -- --arch x64 --production - npm run prebuild --verbose -- --arch arm64 --production + npm run prebuild --verbose -- --arch x64 --production --output=prebuild + npm run prebuild --verbose -- --arch arm64 --production --output=prebuild lipo -create -output prebuild/quic-darwin-x64+arm64.node prebuild/quic-darwin-arm64.node prebuild/quic-darwin-x64.node rm -rf node_modules/@matrixai/quic-* npm test -- --ci --coverage From f267c2fd469a0777f09d545c4dd177c5f60bff14 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Thu, 27 Mar 2025 09:05:51 +1100 Subject: [PATCH 66/85] Revert "fix: force `prebuild` folder name" This reverts commit ec8ea669c54464e6b37ea7b5ebe12a5eda3a9640. --- .github/workflows/native-library-js-tag.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 3dd3115..bb9b8bd 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -70,7 +70,7 @@ jobs: RUST_BACKTRACE: "1" script: | nix develop .#ci --command bash -c $' - npm run prebuild --verbose -- --production --output=prebuild + npm run prebuild --verbose -- --production npm test -- --ci --coverage npm run bench ' @@ -87,7 +87,7 @@ jobs: refreshenv npm install --ignore-scripts $env:Path = "$(npm root)\.bin;" + $env:Path - npm run prebuild --verbose -- --production --output=prebuild + npm run prebuild --verbose -- --production npm test -- --ci --coverage npm run bench - platform: macos @@ -102,8 +102,8 @@ jobs: npm install --ignore-scripts export PATH="$(npm root)/.bin:$PATH" export PATH="$HOME/.cargo/bin:$PATH" - npm run prebuild --verbose -- --arch x64 --production --output=prebuild - npm run prebuild --verbose -- --arch arm64 --production --output=prebuild + npm run prebuild --verbose -- --arch x64 --production + npm run prebuild --verbose -- --arch arm64 --production lipo -create -output prebuild/quic-darwin-x64+arm64.node prebuild/quic-darwin-arm64.node prebuild/quic-darwin-x64.node rm -rf node_modules/@matrixai/quic-* npm test -- --ci --coverage From 61ecbd292ae0b67903d97aae1779337e79ac7600 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Thu, 27 Mar 2025 09:31:16 +1100 Subject: [PATCH 67/85] fix: separate rust and gyp workflows --- .../workflows/native-library-js-tag-gyp.yml | 238 ++++++++++++++++++ ...tag.yml => native-library-js-tag-rust.yml} | 0 2 files changed, 238 insertions(+) create mode 100644 .github/workflows/native-library-js-tag-gyp.yml rename .github/workflows/{native-library-js-tag.yml => native-library-js-tag-rust.yml} (100%) diff --git a/.github/workflows/native-library-js-tag-gyp.yml b/.github/workflows/native-library-js-tag-gyp.yml new file mode 100644 index 0000000..00785df --- /dev/null +++ b/.github/workflows/native-library-js-tag-gyp.yml @@ -0,0 +1,238 @@ +name: "CI / Library JS Tag" + +on: + workflow_call: + secrets: + NPM_TOKEN: + required: true + +jobs: + # Lint the code + tag-lint: + name: "Tag / Lint" + runs-on: ubuntu-latest + permissions: + contents: read + actions: write + steps: + - uses: actions/checkout@v4 + with: + submodules: 'recursive' + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run linting + run: | + nix develop .#ci --command bash -c $' + npm run lint + npm run lint-shell + ' + + # Build the distribution - JS is platform-agnostic + tag-build: + name: "Tag / Build" + runs-on: ubuntu-latest + permissions: + contents: read + actions: write + needs: tag-lint + steps: + - uses: actions/checkout@v4 + with: + submodules: 'recursive' + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - name: Run build + run: | + nix develop .#ci --command bash -c $' + npm run build --verbose + ' + - name: Upload Build + uses: actions/upload-artifact@v4 + with: + name: dist + path: ./dist + + tag-platforms: + name: "Tag / Platforms" + needs: + - tag-build + runs-on: ${{ matrix.os }} + permissions: + contents: read + actions: write + checks: write + strategy: + fail-fast: false + matrix: + include: + - platform: linux + os: ubuntu-latest + env: + npm_config_arch: "x64" + RUST_BACKTRACE: "1" + script: | + nix develop .#ci --command bash -c $' + npm run prebuild --verbose -- --production + npm test -- --ci --coverage + npm run bench + ' + - platform: windows + os: windows-latest + env: + npm_config_arch: "x64" + RUST_BACKTRACE: "1" + LIBCLANG_PATH: "C:\\Program Files\\LLVM\\bin" + script: | + mkdir -Force "$CI_PROJECT_DIR/tmp" + Import-Module $env:ChocolateyInstall\helpers\chocolateyProfile.psm1 + ./scripts/choco-install.ps1 + refreshenv + npm install --ignore-scripts + $env:Path = "$(npm root)\.bin;" + $env:Path + npm run prebuild --verbose -- --production + npm test -- --ci --coverage + npm run bench + - platform: macos + os: macos-latest + env: + RUST_BACKTRACE: "1" + script: | + eval "$(brew shellenv)" + ./scripts/brew-install.sh + export PYTHON=$(brew --prefix python@3.10)/bin/python3.10 + hash -r + npm install --ignore-scripts + export PATH="$(npm root)/.bin:$PATH" + export PATH="$HOME/.cargo/bin:$PATH" + npm run prebuild --verbose -- --arch x64 --production + npm run prebuild --verbose -- --arch arm64 --production + lipo -create -output prebuilds/quic-darwin-x64+arm64.node prebuilds/quic-darwin-arm64.node prebuilds/quic-darwin-x64.node + rm -rf node_modules/@matrixai/quic-* + npm test -- --ci --coverage + npm run bench + steps: + - uses: actions/checkout@v4 + with: + submodules: 'recursive' + - if: matrix.platform == 'linux' + uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - uses: actions/setup-node@v4 + with: + node-version: '20' + - uses: actions/download-artifact@v4 + with: + name: dist + path: ./dist + - name: Build + env: ${{ matrix.env }} + run: ${{ matrix.script }} + - uses: actions/upload-artifact@v4 + with: + name: prebuild-${{ matrix.platform }} + path: ./prebuilds + + + # Publish the prerelease + tag-prerelease: + name: "Tag / Pre-release" + runs-on: ubuntu-latest + concurrency: + group: tag-prerelease + cancel-in-progress: false + needs: + - tag-platforms + permissions: + contents: write + if: startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '-') + steps: + - uses: actions/checkout@v4 + with: + submodules: 'recursive' + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - uses: actions/download-artifact@v4 + with: + pattern: prebuild* + path: prebuilds + merge-multiple: true + - name: Publishing library prerelease + env: + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc + nix develop .#ci --command bash -c $' + npm publish --tag prerelease --access public + ' + for d in prebuilds/*; do + tar \ + --create \ + --verbose \ + --file="prebuilds/$(basename $d).tar" \ + --directory=prebuilds \ + "$(basename $d)" + done + nix develop .#ci --command bash -c $' + gh release \ + create "$GITHUB_REF_NAME" \ + prebuilds/*.tar \ + --title "$GITHUB_REF_NAME-$(date -u +"%Y-%m-%dT%H:%M:%SZ")" \ + --notes "" \ + --prerelease \ + --target staging \ + --repo "$GITHUB_REPOSITORY" + ' + - name: Remove `.npmrc` + if: success() || failure() + run: | + rm -f ./.npmrc + + # Publish the release + tag-release: + name: "Tag / Release" + runs-on: ubuntu-latest + concurrency: + group: tag-release + cancel-in-progress: false + needs: + - tag-platforms + permissions: + contents: write + if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-') + steps: + - uses: actions/checkout@v4 + with: + submodules: 'recursive' + - uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master + - uses: actions/download-artifact@v4 + with: + pattern: prebuild* + path: prebuilds + merge-multiple: true + - name: Publishing library release + env: + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ./.npmrc + nix develop .#ci --command bash -c $' + npm publish --access public + ' + for d in prebuilds/*; do + tar \ + --create \ + --verbose \ + --file="prebuilds/$(basename $d).tar" \ + --directory=prebuilds \ + "$(basename $d)" + done + nix develop .#ci --command bash -c $' + gh release \ + create "$GITHUB_REF_NAME" \ + prebuilds/*.tar \ + --title "$GITHUB_REF_NAME-$(date -u +"%Y-%m-%dT%H:%M:%SZ")" \ + --notes "" \ + --target master \ + --repo "$GITHUB_REPOSITORY" + ' + - name: Remove `.npmrc` + if: success() || failure() + run: | + rm -f ./.npmrc diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag-rust.yml similarity index 100% rename from .github/workflows/native-library-js-tag.yml rename to .github/workflows/native-library-js-tag-rust.yml From a31afbca0fb68dadeaf934b16169ae9050d056d7 Mon Sep 17 00:00:00 2001 From: Brian Botha Date: Thu, 27 Mar 2025 09:40:28 +1100 Subject: [PATCH 68/85] fix: renamed `native-libray-js-tag-rust.ymp` back to `native-libray-js-tag.ymp` --- .../{native-library-js-tag-rust.yml => native-library-js-tag.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{native-library-js-tag-rust.yml => native-library-js-tag.yml} (100%) diff --git a/.github/workflows/native-library-js-tag-rust.yml b/.github/workflows/native-library-js-tag.yml similarity index 100% rename from .github/workflows/native-library-js-tag-rust.yml rename to .github/workflows/native-library-js-tag.yml From 45a465d91999abce71fddce2a1e7ab4d336b9f1f Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Thu, 27 Mar 2025 10:00:29 +1100 Subject: [PATCH 69/85] fix: remove rust from gyp macos workflow --- .github/workflows/native-library-js-tag-gyp.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/.github/workflows/native-library-js-tag-gyp.yml b/.github/workflows/native-library-js-tag-gyp.yml index 00785df..b34f32f 100644 --- a/.github/workflows/native-library-js-tag-gyp.yml +++ b/.github/workflows/native-library-js-tag-gyp.yml @@ -92,8 +92,6 @@ jobs: npm run bench - platform: macos os: macos-latest - env: - RUST_BACKTRACE: "1" script: | eval "$(brew shellenv)" ./scripts/brew-install.sh @@ -101,11 +99,7 @@ jobs: hash -r npm install --ignore-scripts export PATH="$(npm root)/.bin:$PATH" - export PATH="$HOME/.cargo/bin:$PATH" - npm run prebuild --verbose -- --arch x64 --production - npm run prebuild --verbose -- --arch arm64 --production - lipo -create -output prebuilds/quic-darwin-x64+arm64.node prebuilds/quic-darwin-arm64.node prebuilds/quic-darwin-x64.node - rm -rf node_modules/@matrixai/quic-* + npm run prebuild --verbose -- --production npm test -- --ci --coverage npm run bench steps: From e4e1e6cd38de052e87aaee46471cfc7d76cba1c8 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Thu, 27 Mar 2025 10:12:04 +1100 Subject: [PATCH 70/85] fix: add env to macos job --- .github/workflows/native-library-js-tag-gyp.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/native-library-js-tag-gyp.yml b/.github/workflows/native-library-js-tag-gyp.yml index b34f32f..38b60e6 100644 --- a/.github/workflows/native-library-js-tag-gyp.yml +++ b/.github/workflows/native-library-js-tag-gyp.yml @@ -92,6 +92,7 @@ jobs: npm run bench - platform: macos os: macos-latest + env: {} script: | eval "$(brew shellenv)" ./scripts/brew-install.sh From eb48b7da8343285da3f5272ae292f1cbba08553e Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Thu, 27 Mar 2025 22:13:24 +1100 Subject: [PATCH 71/85] fix: left some echoing of irrelevant variables --- .github/workflows/application-js-cloudflare-feature.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 1122c29..3cf4a3a 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -121,9 +121,6 @@ jobs: url: "https://${{ github.ref_name }}.dev.zeta.house" run: | echo 'Perform service deployment for feature' - echo "$SECRET1" - echo "$SECRET2" - echo "$SECRET3" nix develop .#ci --command bash -c $' npm run deploy -- \ --feature "$GITHUB_REF_NAME" \ From 720925292dec90577577adda49dbda0c2beb401a Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Thu, 27 Mar 2025 22:13:53 +1100 Subject: [PATCH 72/85] fix: automatic staging PRs should be assigned to the bot itself --- .github/workflows/application-js-cloudflare-staging.yml | 1 + .github/workflows/application-js-staging.yml | 1 + .github/workflows/library-js-staging.yml | 1 + .github/workflows/native-library-js-staging.yml | 1 + 4 files changed, 4 insertions(+) diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index 60cc507..137a418 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -68,6 +68,7 @@ jobs: gh pr create \ --head staging \ --base master \ + --assign '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true diff --git a/.github/workflows/application-js-staging.yml b/.github/workflows/application-js-staging.yml index 5e9bdce..44be975 100644 --- a/.github/workflows/application-js-staging.yml +++ b/.github/workflows/application-js-staging.yml @@ -66,6 +66,7 @@ jobs: gh pr create \ --head staging \ --base master \ + --assign '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 71675ef..782721d 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -46,6 +46,7 @@ jobs: gh pr create \ --head staging \ --base master \ + --assign '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index fdc8239..2935725 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -51,6 +51,7 @@ jobs: gh pr create \ --head staging \ --base master \ + --assign '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true From 7e890c322f2da11be68787e2cf6f290481ebefe2 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Thu, 27 Mar 2025 22:16:26 +1100 Subject: [PATCH 73/85] fix: the `--assign` should be `--assignee` --- .github/workflows/application-js-cloudflare-staging.yml | 2 +- .github/workflows/application-js-staging.yml | 2 +- .github/workflows/library-js-staging.yml | 2 +- .github/workflows/native-library-js-staging.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index 137a418..3ac23b7 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -68,7 +68,7 @@ jobs: gh pr create \ --head staging \ --base master \ - --assign '@me' \ + --assignee '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true diff --git a/.github/workflows/application-js-staging.yml b/.github/workflows/application-js-staging.yml index 44be975..9c7a322 100644 --- a/.github/workflows/application-js-staging.yml +++ b/.github/workflows/application-js-staging.yml @@ -66,7 +66,7 @@ jobs: gh pr create \ --head staging \ --base master \ - --assign '@me' \ + --assignee '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 782721d..3513ba5 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -46,7 +46,7 @@ jobs: gh pr create \ --head staging \ --base master \ - --assign '@me' \ + --assignee '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 2935725..9c6689e 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -51,7 +51,7 @@ jobs: gh pr create \ --head staging \ --base master \ - --assign '@me' \ + --assignee '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true From 337bca061c3ebbb097e2eff3857b36c07c301a68 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Tue, 1 Apr 2025 21:08:39 +1100 Subject: [PATCH 74/85] fix: revert using `--assignee` cause it does not work with the github-actions[bot] --- .github/workflows/application-js-cloudflare-staging.yml | 1 - .github/workflows/application-js-staging.yml | 1 - .github/workflows/library-js-staging.yml | 1 - .github/workflows/native-library-js-staging.yml | 1 - 4 files changed, 4 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-staging.yml b/.github/workflows/application-js-cloudflare-staging.yml index 3ac23b7..60cc507 100644 --- a/.github/workflows/application-js-cloudflare-staging.yml +++ b/.github/workflows/application-js-cloudflare-staging.yml @@ -68,7 +68,6 @@ jobs: gh pr create \ --head staging \ --base master \ - --assignee '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true diff --git a/.github/workflows/application-js-staging.yml b/.github/workflows/application-js-staging.yml index 9c7a322..5e9bdce 100644 --- a/.github/workflows/application-js-staging.yml +++ b/.github/workflows/application-js-staging.yml @@ -66,7 +66,6 @@ jobs: gh pr create \ --head staging \ --base master \ - --assignee '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 3513ba5..71675ef 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -46,7 +46,6 @@ jobs: gh pr create \ --head staging \ --base master \ - --assignee '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 9c6689e..fdc8239 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -51,7 +51,6 @@ jobs: gh pr create \ --head staging \ --base master \ - --assignee '@me' \ --title "ci: merge staging to master" \ --body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \ --no-maintainer-edit || true From 47a2c588fa6107b27191feef207ec6cf991e347b Mon Sep 17 00:00:00 2001 From: Brian Botha Date: Tue, 15 Apr 2025 08:11:35 +1000 Subject: [PATCH 75/85] test: running check for native tag workflow --- .github/workflows/native-library-js-tag.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index bb9b8bd..e16f8bc 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -104,6 +104,11 @@ jobs: export PATH="$HOME/.cargo/bin:$PATH" npm run prebuild --verbose -- --arch x64 --production npm run prebuild --verbose -- --arch arm64 --production + echo "checking prebuild files" + ls prebuild + echo "checking lipo help" + lipo --help + echo "running lipo" lipo -create -output prebuild/quic-darwin-x64+arm64.node prebuild/quic-darwin-arm64.node prebuild/quic-darwin-x64.node rm -rf node_modules/@matrixai/quic-* npm test -- --ci --coverage From bb7e9b5628a328531e32fc69157a255a98664bd0 Mon Sep 17 00:00:00 2001 From: Brian Botha Date: Tue, 15 Apr 2025 09:04:46 +1000 Subject: [PATCH 76/85] fix: quick fix for exec ci release --- .github/workflows/native-library-js-tag.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index e16f8bc..73f6696 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -102,16 +102,16 @@ jobs: npm install --ignore-scripts export PATH="$(npm root)/.bin:$PATH" export PATH="$HOME/.cargo/bin:$PATH" + echo "Prebuilding for darwin-x64" npm run prebuild --verbose -- --arch x64 --production + echo "Prebuilding for darwin-arm64" npm run prebuild --verbose -- --arch arm64 --production - echo "checking prebuild files" - ls prebuild - echo "checking lipo help" - lipo --help - echo "running lipo" - lipo -create -output prebuild/quic-darwin-x64+arm64.node prebuild/quic-darwin-arm64.node prebuild/quic-darwin-x64.node - rm -rf node_modules/@matrixai/quic-* + echo "Creating universal binary" + lipo -create -output prebuild/exec-darwin-x64+arm64.node prebuild/exec-darwin-arm64.node prebuild/exec-darwin-x64.node + rm -rf node_modules/@matrixai/exec-* + echo "Running tests" npm test -- --ci --coverage + echo "Running benchmarks" npm run bench steps: - uses: actions/checkout@v4 From 7840f6fe3062f9bbee42659da4756b11af5fe88c Mon Sep 17 00:00:00 2001 From: Brian Botha Date: Tue, 15 Apr 2025 09:24:58 +1000 Subject: [PATCH 77/85] fix: reverting temp fix --- .github/workflows/native-library-js-tag.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 73f6696..0b47bb1 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -107,8 +107,8 @@ jobs: echo "Prebuilding for darwin-arm64" npm run prebuild --verbose -- --arch arm64 --production echo "Creating universal binary" - lipo -create -output prebuild/exec-darwin-x64+arm64.node prebuild/exec-darwin-arm64.node prebuild/exec-darwin-x64.node - rm -rf node_modules/@matrixai/exec-* + lipo -create -output prebuild/quic-darwin-x64+arm64.node prebuild/quic-darwin-arm64.node prebuild/quic-darwin-x64.node + rm -rf node_modules/@matrixai/quic-* echo "Running tests" npm test -- --ci --coverage echo "Running benchmarks" From cd2e9a3db0bbca14feefd5038f02076c8b94a39a Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 15 Apr 2025 11:35:58 +1000 Subject: [PATCH 78/85] fix: use globbing for prebuilds during lipo step --- .github/workflows/native-library-js-tag.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 0b47bb1..0af340e 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -107,8 +107,14 @@ jobs: echo "Prebuilding for darwin-arm64" npm run prebuild --verbose -- --arch arm64 --production echo "Creating universal binary" - lipo -create -output prebuild/quic-darwin-x64+arm64.node prebuild/quic-darwin-arm64.node prebuild/quic-darwin-x64.node - rm -rf node_modules/@matrixai/quic-* + for f in prebuild/*-darwin-arm64.node; do + prefix=$(basename "$f" | sed -E 's/-darwin-arm64\.node$//') + lipo -create \ + -output "prebuild/${prefix}-darwin-x64+arm64.node" \ + "prebuild/${prefix}-darwin-arm64.node" \ + "prebuild/${prefix}-darwin-x64.node" + done + rm -rf node_modules/@matrixai/*-* echo "Running tests" npm test -- --ci --coverage echo "Running benchmarks" From 6a02d56fd5a2dd2c37a914fdc3dbe5ceb1644bac Mon Sep 17 00:00:00 2001 From: Aryan Jassal Date: Wed, 21 May 2025 11:40:18 +1000 Subject: [PATCH 79/85] chore: remove lint-shell from ci lint step With the introduction of `@matrixai/lint`, the `lint` script handles shell check as well. Thus, the lint-shell script is now redundant. --- .github/workflows/native-library-js-staging.yml | 1 - .github/workflows/native-library-js-tag-gyp.yml | 1 - .github/workflows/native-library-js-tag.yml | 1 - 3 files changed, 3 deletions(-) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index fdc8239..1637b0c 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -30,7 +30,6 @@ jobs: run: | nix develop .#ci --command bash -c $' npm run lint - npm run lint-shell ' # Create the merge PR diff --git a/.github/workflows/native-library-js-tag-gyp.yml b/.github/workflows/native-library-js-tag-gyp.yml index 38b60e6..fe95d44 100644 --- a/.github/workflows/native-library-js-tag-gyp.yml +++ b/.github/workflows/native-library-js-tag-gyp.yml @@ -23,7 +23,6 @@ jobs: run: | nix develop .#ci --command bash -c $' npm run lint - npm run lint-shell ' # Build the distribution - JS is platform-agnostic diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 0af340e..6b239e9 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -23,7 +23,6 @@ jobs: run: | nix develop .#ci --command bash -c $' npm run lint - npm run lint-shell ' # Build the distribution - JS is platform-agnostic From 1de04a2be70bdc6827f84888258504d6e5ab28df Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 10 Jun 2025 13:12:50 +1000 Subject: [PATCH 80/85] fix: removed `--feature` flag from wrangler deployment --- .github/workflows/application-js-cloudflare-feature.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 3cf4a3a..4e74bc5 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -122,7 +122,5 @@ jobs: run: | echo 'Perform service deployment for feature' nix develop .#ci --command bash -c $' - npm run deploy -- \ - --feature "$GITHUB_REF_NAME" \ - --env "$GITHUB_REF_NAME" + npm run deploy -- --env "$GITHUB_REF_NAME" ' From 1c86e6a9db68949669c24a2325282ede4036f228 Mon Sep 17 00:00:00 2001 From: Brynley Llewellyn-Roux Date: Tue, 10 Jun 2025 13:29:32 +1000 Subject: [PATCH 81/85] Revert "fix: removed `--feature` flag from wrangler deployment" This reverts commit 1de04a2be70bdc6827f84888258504d6e5ab28df. --- .github/workflows/application-js-cloudflare-feature.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/application-js-cloudflare-feature.yml b/.github/workflows/application-js-cloudflare-feature.yml index 4e74bc5..3cf4a3a 100644 --- a/.github/workflows/application-js-cloudflare-feature.yml +++ b/.github/workflows/application-js-cloudflare-feature.yml @@ -122,5 +122,7 @@ jobs: run: | echo 'Perform service deployment for feature' nix develop .#ci --command bash -c $' - npm run deploy -- --env "$GITHUB_REF_NAME" + npm run deploy -- \ + --feature "$GITHUB_REF_NAME" \ + --env "$GITHUB_REF_NAME" ' From c374e64125dcf9e8e3bab04c50005de66ff6674f Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Mon, 16 Feb 2026 07:37:03 +0000 Subject: [PATCH 82/85] fix(ci): stabilise Windows Node selection in reusable workflows - Pin Windows runner to windows-2022 in shared workflows: library-js-staging.yml, native-library-js-staging.yml, native-library-js-tag.yml, native-library-js-tag-gyp.yml - Remove workflow-level PATH refresh via refreshenv / Chocolatey profile import (prevents Node/npm mismatch after PATH reconstruction) - Split Windows into two steps: Bootstrap runs ./scripts/choco-install.ps1 and writes Node home to $GITHUB_PATH; Build/Test runs npm in the next step so the selected Node persists - Add explicit diagnostics (where.exe node/npm, node -v, npm -v, npm exec --yes node -v) in Bootstrap + Build steps to prove node/npm pairing - Remove workflow-owned Node provisioning from tag workflows so downstream choco-install.ps1 fully owns Node selection: native-library-js-tag.yml, native-library-js-tag-gyp.yml - Document the Windows two-step/bootstrap requirement in README.md --- .github/workflows/library-js-staging.yml | 74 +++++----- .../workflows/native-library-js-staging.yml | 82 +++++++----- .../workflows/native-library-js-tag-gyp.yml | 95 +++++++------ .github/workflows/native-library-js-tag.yml | 126 ++++++++++-------- README.md | 13 ++ 5 files changed, 228 insertions(+), 162 deletions(-) diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 71675ef..433ec93 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -92,36 +92,10 @@ jobs: include: - platform: linux os: ubuntu-latest - env: {} - script: | - nix develop .#ci --command bash -c $' - npm test -- --ci --coverage - npm run bench --if-present - ' - platform: windows - os: windows-latest - env: {} - script: | - mkdir -Force "$CI_PROJECT_DIR/tmp" - Import-Module $env:ChocolateyInstall\helpers\chocolateyProfile.psm1 - ./scripts/choco-install.ps1 - refreshenv - npm install --ignore-scripts - $env:Path = "$(npm root)\.bin;" + $env:Path - npm test -- --ci --coverage - npm run bench --if-present + os: windows-2022 - platform: macos os: macos-latest - env: {} - script: | - mkdir -p "$CI_PROJECT_DIR/tmp" - eval "$(brew shellenv)" - ./scripts/brew-install.sh - hash -r - npm install --ignore-scripts - export PATH="$(npm root)/.bin:$PATH" - npm test -- --ci --coverage - npm run bench --if-present steps: - uses: actions/checkout@v4 - if: matrix.platform == 'linux' @@ -130,9 +104,49 @@ jobs: with: name: dist path: ./dist - - name: Build - env: ${{ matrix.env }} - run: ${{ matrix.script }} + - name: Windows Bootstrap + if: matrix.platform == 'windows' + shell: pwsh + run: | + mkdir -Force "$CI_PROJECT_DIR/tmp" + ./scripts/choco-install.ps1 + where.exe node + where.exe npm + node -v + npm -v + npm exec --yes node -v + - name: Build (Windows) + if: matrix.platform == 'windows' + shell: pwsh + run: | + npm install --ignore-scripts + $env:Path = "$(npm root)\.bin;" + $env:Path + where.exe node + where.exe npm + node -v + npm -v + npm exec --yes node -v + npm test -- --ci --coverage + npm run bench --if-present + - name: Build (Linux) + if: matrix.platform == 'linux' + run: | + nix develop .#ci --command bash -c $' + npm test -- --ci --coverage + npm run bench --if-present + ' + - name: Build (macOS) + if: matrix.platform == 'macos' + shell: bash + run: | + mkdir -p "$CI_PROJECT_DIR/tmp" + eval "$(brew shellenv)" + ./scripts/brew-install.sh + hash -r + npm install --ignore-scripts + export PATH="$(npm root)/.bin:$PATH" + npm test -- --ci --coverage + npm run bench --if-present - name: Upload JUnit Report if: success() || failure() uses: actions/upload-artifact@v4 diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 1637b0c..8da67a8 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -98,40 +98,10 @@ jobs: include: - platform: linux os: ubuntu-latest - env: {} - script: | - nix develop .#ci --command bash -c $' - npm run prebuild --verbose - npm test -- --ci --coverage - npm run bench --if-present - ' - platform: windows - os: windows-latest - env: {} - script: | - mkdir -Force "$CI_PROJECT_DIR/tmp" - Import-Module $env:ChocolateyInstall\helpers\chocolateyProfile.psm1 - ./scripts/choco-install.ps1 - refreshenv - npm install --ignore-scripts - $env:Path = "$(npm root)\.bin;" + $env:Path - npm run prebuild --verbose - npm test -- --ci --coverage - npm run bench --if-present + os: windows-2022 - platform: macos os: macos-latest - env: {} - script: | - mkdir -p "$CI_PROJECT_DIR/tmp" - eval "$(brew shellenv)" - ./scripts/brew-install.sh - export PYTHON=$(brew --prefix python@3.10)/bin/python3.10 - hash -r - npm install --ignore-scripts - export PATH="$(npm root)/.bin:$PATH" - npm run prebuild --verbose - npm test -- --ci --coverage - npm run bench --if-present steps: - uses: actions/checkout@v4 with: @@ -142,9 +112,53 @@ jobs: with: name: dist path: ./dist - - name: Build - env: ${{ matrix.env }} - run: ${{ matrix.script }} + - name: Windows Bootstrap + if: matrix.platform == 'windows' + shell: pwsh + run: | + mkdir -Force "$CI_PROJECT_DIR/tmp" + ./scripts/choco-install.ps1 + where.exe node + where.exe npm + node -v + npm -v + npm exec --yes node -v + - name: Build (Windows) + if: matrix.platform == 'windows' + shell: pwsh + run: | + npm install --ignore-scripts + $env:Path = "$(npm root)\.bin;" + $env:Path + where.exe node + where.exe npm + node -v + npm -v + npm exec --yes node -v + npm run prebuild --verbose + npm test -- --ci --coverage + npm run bench --if-present + - name: Build (Linux) + if: matrix.platform == 'linux' + run: | + nix develop .#ci --command bash -c $' + npm run prebuild --verbose + npm test -- --ci --coverage + npm run bench --if-present + ' + - name: Build (macOS) + if: matrix.platform == 'macos' + shell: bash + run: | + mkdir -p "$CI_PROJECT_DIR/tmp" + eval "$(brew shellenv)" + ./scripts/brew-install.sh + export PYTHON=$(brew --prefix python@3.10)/bin/python3.10 + hash -r + npm install --ignore-scripts + export PATH="$(npm root)/.bin:$PATH" + npm run prebuild --verbose + npm test -- --ci --coverage + npm run bench --if-present - name: Upload JUnit Report if: success() || failure() uses: actions/upload-artifact@v4 diff --git a/.github/workflows/native-library-js-tag-gyp.yml b/.github/workflows/native-library-js-tag-gyp.yml index fe95d44..448f60b 100644 --- a/.github/workflows/native-library-js-tag-gyp.yml +++ b/.github/workflows/native-library-js-tag-gyp.yml @@ -64,60 +64,73 @@ jobs: include: - platform: linux os: ubuntu-latest - env: - npm_config_arch: "x64" - RUST_BACKTRACE: "1" - script: | - nix develop .#ci --command bash -c $' - npm run prebuild --verbose -- --production - npm test -- --ci --coverage - npm run bench - ' - platform: windows - os: windows-latest - env: - npm_config_arch: "x64" - RUST_BACKTRACE: "1" - LIBCLANG_PATH: "C:\\Program Files\\LLVM\\bin" - script: | - mkdir -Force "$CI_PROJECT_DIR/tmp" - Import-Module $env:ChocolateyInstall\helpers\chocolateyProfile.psm1 - ./scripts/choco-install.ps1 - refreshenv - npm install --ignore-scripts - $env:Path = "$(npm root)\.bin;" + $env:Path - npm run prebuild --verbose -- --production - npm test -- --ci --coverage - npm run bench + os: windows-2022 - platform: macos os: macos-latest - env: {} - script: | - eval "$(brew shellenv)" - ./scripts/brew-install.sh - export PYTHON=$(brew --prefix python@3.10)/bin/python3.10 - hash -r - npm install --ignore-scripts - export PATH="$(npm root)/.bin:$PATH" - npm run prebuild --verbose -- --production - npm test -- --ci --coverage - npm run bench steps: - uses: actions/checkout@v4 with: submodules: 'recursive' - if: matrix.platform == 'linux' uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - - uses: actions/setup-node@v4 - with: - node-version: '20' - uses: actions/download-artifact@v4 with: name: dist path: ./dist - - name: Build - env: ${{ matrix.env }} - run: ${{ matrix.script }} + - name: Windows Bootstrap + if: matrix.platform == 'windows' + shell: pwsh + run: | + mkdir -Force "$CI_PROJECT_DIR/tmp" + ./scripts/choco-install.ps1 + where.exe node + where.exe npm + node -v + npm -v + npm exec --yes node -v + - name: Build (Windows) + if: matrix.platform == 'windows' + shell: pwsh + env: + npm_config_arch: "x64" + RUST_BACKTRACE: "1" + LIBCLANG_PATH: "C:\\Program Files\\LLVM\\bin" + run: | + npm install --ignore-scripts + $env:Path = "$(npm root)\.bin;" + $env:Path + where.exe node + where.exe npm + node -v + npm -v + npm exec --yes node -v + npm run prebuild --verbose -- --production + npm test -- --ci --coverage + npm run bench + - name: Build (Linux) + if: matrix.platform == 'linux' + env: + npm_config_arch: "x64" + RUST_BACKTRACE: "1" + run: | + nix develop .#ci --command bash -c $' + npm run prebuild --verbose -- --production + npm test -- --ci --coverage + npm run bench + ' + - name: Build (macOS) + if: matrix.platform == 'macos' + shell: bash + run: | + eval "$(brew shellenv)" + ./scripts/brew-install.sh + export PYTHON=$(brew --prefix python@3.10)/bin/python3.10 + hash -r + npm install --ignore-scripts + export PATH="$(npm root)/.bin:$PATH" + npm run prebuild --verbose -- --production + npm test -- --ci --coverage + npm run bench - uses: actions/upload-artifact@v4 with: name: prebuild-${{ matrix.platform }} diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 6b239e9..c85fbb8 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -64,76 +64,88 @@ jobs: include: - platform: linux os: ubuntu-latest - env: - npm_config_arch: "x64" - RUST_BACKTRACE: "1" - script: | - nix develop .#ci --command bash -c $' - npm run prebuild --verbose -- --production - npm test -- --ci --coverage - npm run bench - ' - platform: windows - os: windows-latest - env: - npm_config_arch: "x64" - RUST_BACKTRACE: "1" - LIBCLANG_PATH: "C:\\Program Files\\LLVM\\bin" - script: | - mkdir -Force "$CI_PROJECT_DIR/tmp" - Import-Module $env:ChocolateyInstall\helpers\chocolateyProfile.psm1 - ./scripts/choco-install.ps1 - refreshenv - npm install --ignore-scripts - $env:Path = "$(npm root)\.bin;" + $env:Path - npm run prebuild --verbose -- --production - npm test -- --ci --coverage - npm run bench + os: windows-2022 - platform: macos os: macos-latest - env: - RUST_BACKTRACE: "1" - script: | - eval "$(brew shellenv)" - ./scripts/brew-install.sh - export PYTHON=$(brew --prefix python@3.10)/bin/python3.10 - hash -r - npm install --ignore-scripts - export PATH="$(npm root)/.bin:$PATH" - export PATH="$HOME/.cargo/bin:$PATH" - echo "Prebuilding for darwin-x64" - npm run prebuild --verbose -- --arch x64 --production - echo "Prebuilding for darwin-arm64" - npm run prebuild --verbose -- --arch arm64 --production - echo "Creating universal binary" - for f in prebuild/*-darwin-arm64.node; do - prefix=$(basename "$f" | sed -E 's/-darwin-arm64\.node$//') - lipo -create \ - -output "prebuild/${prefix}-darwin-x64+arm64.node" \ - "prebuild/${prefix}-darwin-arm64.node" \ - "prebuild/${prefix}-darwin-x64.node" - done - rm -rf node_modules/@matrixai/*-* - echo "Running tests" - npm test -- --ci --coverage - echo "Running benchmarks" - npm run bench steps: - uses: actions/checkout@v4 with: submodules: 'recursive' - if: matrix.platform == 'linux' uses: MatrixAI/.github/.github/actions/matrixai-env-setup@master - - uses: actions/setup-node@v4 - with: - node-version: '20' - uses: actions/download-artifact@v4 with: name: dist path: ./dist - - name: Build - env: ${{ matrix.env }} - run: ${{ matrix.script }} + - name: Windows Bootstrap + if: matrix.platform == 'windows' + shell: pwsh + run: | + mkdir -Force "$CI_PROJECT_DIR/tmp" + ./scripts/choco-install.ps1 + where.exe node + where.exe npm + node -v + npm -v + npm exec --yes node -v + - name: Build (Windows) + if: matrix.platform == 'windows' + shell: pwsh + env: + npm_config_arch: "x64" + RUST_BACKTRACE: "1" + LIBCLANG_PATH: "C:\\Program Files\\LLVM\\bin" + run: | + npm install --ignore-scripts + $env:Path = "$(npm root)\.bin;" + $env:Path + where.exe node + where.exe npm + node -v + npm -v + npm exec --yes node -v + npm run prebuild --verbose -- --production + npm test -- --ci --coverage + npm run bench + - name: Build (Linux) + if: matrix.platform == 'linux' + env: + npm_config_arch: "x64" + RUST_BACKTRACE: "1" + run: | + nix develop .#ci --command bash -c $' + npm run prebuild --verbose -- --production + npm test -- --ci --coverage + npm run bench + ' + - name: Build (macOS) + if: matrix.platform == 'macos' + shell: bash + run: | + eval "$(brew shellenv)" + ./scripts/brew-install.sh + export PYTHON=$(brew --prefix python@3.10)/bin/python3.10 + hash -r + npm install --ignore-scripts + export PATH="$(npm root)/.bin:$PATH" + export PATH="$HOME/.cargo/bin:$PATH" + echo "Prebuilding for darwin-x64" + npm run prebuild --verbose -- --arch x64 --production + echo "Prebuilding for darwin-arm64" + npm run prebuild --verbose -- --arch arm64 --production + echo "Creating universal binary" + for f in prebuild/*-darwin-arm64.node; do + prefix=$(basename "$f" | sed -E 's/-darwin-arm64\.node$//') + lipo -create \ + -output "prebuild/${prefix}-darwin-x64+arm64.node" \ + "prebuild/${prefix}-darwin-arm64.node" \ + "prebuild/${prefix}-darwin-x64.node" + done + rm -rf node_modules/@matrixai/*-* + echo "Running tests" + npm test -- --ci --coverage + echo "Running benchmarks" + npm run bench - uses: actions/upload-artifact@v4 with: name: prebuild-${{ matrix.platform }} diff --git a/README.md b/README.md index 6d9e12f..bce300d 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,19 @@ Ensure that this repository is mirrored from GitLab to GitHub. This is where we centralized re-usable workflows for GitHub actions. Workflows are grouped together into different kinds of projects. +### Windows runners and Node.js + +On GitHub-hosted Windows runners it is common to have multiple Node versions on `PATH` (for example Node 22 may be preinstalled). If a workflow calls `refreshenv` / `Update-SessionEnvironment` after selecting Node, it can rebuild `PATH` and cause `npm.cmd` to come from a different Node installation than `node.exe`. + +To avoid the Node/npm mismatch: + +* Windows jobs are pinned to `windows-2022`. +* Windows execution is split into two steps: + 1. **Bootstrap** runs repo-local `./scripts/choco-install.ps1` and prints: + `where.exe node`, `where.exe npm`, `node -v`, `npm -v`, `npm exec --yes node -v`. + 2. **Build/Test** runs npm commands in a separate step so `$GITHUB_PATH` updates from the bootstrap step are applied deterministically. +* Reusable workflows in this repository do not use `actions/setup-node` for Windows; they delegate Node selection to the downstream repo’s `./scripts/choco-install.ps1`. + * library-js - TS/JS projects that produce libraries as NPM packages. - feature - for feature branches - staging - for staging branches From ce9b66ec607240ecc8a2ce2f66ed89692c122171 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Mon, 16 Feb 2026 07:51:56 +0000 Subject: [PATCH 83/85] =?UTF-8?q?fix:=20fixed=20npm=20exec=20verification?= =?UTF-8?q?=20to=20include=20the=20terminator=20--=20so=20npm=20v10=20does?= =?UTF-8?q?n=E2=80=99t=20treat=20the=20command=20as=20an=20option:=20updat?= =?UTF-8?q?ed=20in=20js-lint=20script=20and=20all=20shared=20workflows.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/library-js-staging.yml | 4 ++-- .github/workflows/native-library-js-staging.yml | 4 ++-- .github/workflows/native-library-js-tag-gyp.yml | 4 ++-- .github/workflows/native-library-js-tag.yml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 433ec93..a39ba68 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -114,7 +114,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes node -v + npm exec --yes -- node -v - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -125,7 +125,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes node -v + npm exec --yes -- node -v npm test -- --ci --coverage npm run bench --if-present - name: Build (Linux) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 8da67a8..565f416 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -122,7 +122,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes node -v + npm exec --yes -- node -v - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -133,7 +133,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes node -v + npm exec --yes -- node -v npm run prebuild --verbose npm test -- --ci --coverage npm run bench --if-present diff --git a/.github/workflows/native-library-js-tag-gyp.yml b/.github/workflows/native-library-js-tag-gyp.yml index 448f60b..0c750a7 100644 --- a/.github/workflows/native-library-js-tag-gyp.yml +++ b/.github/workflows/native-library-js-tag-gyp.yml @@ -88,7 +88,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes node -v + npm exec --yes -- node -v - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -103,7 +103,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes node -v + npm exec --yes -- node -v npm run prebuild --verbose -- --production npm test -- --ci --coverage npm run bench diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index c85fbb8..fc1ce51 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -88,7 +88,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes node -v + npm exec --yes -- node -v - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -103,7 +103,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes node -v + npm exec --yes -- node -v npm run prebuild --verbose -- --production npm test -- --ci --coverage npm run bench From 74335e07dad1bf0b715b1bbd78c9e1e0dbdbdf88 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Mon, 16 Feb 2026 08:24:37 +0000 Subject: [PATCH 84/85] =?UTF-8?q?fix:=20shared=20workflows=20(.github/work?= =?UTF-8?q?flows/library-js-staging.yml,=20native-library-js-staging.yml,?= =?UTF-8?q?=20native-library-js-tag.yml,=20native-library-js-tag-gyp.yml):?= =?UTF-8?q?=20Windows=20diagnostics=20now=20use=20where.exe=20node/npm,=20?= =?UTF-8?q?node=20-v,=20npm=20-v,=20and=20npm=20config=20get=20user-agent?= =?UTF-8?q?=20(removed=20npm=20exec=20=E2=80=A6=20node=20-v=20to=20prevent?= =?UTF-8?q?=20npm=20auto-installing=20a=20registry=20node=20package).=20Th?= =?UTF-8?q?is=20preserves=20the=20two-step=20Windows=20flow=20and=20window?= =?UTF-8?q?s-2022=20runner.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/library-js-staging.yml | 4 ++-- .github/workflows/native-library-js-staging.yml | 4 ++-- .github/workflows/native-library-js-tag-gyp.yml | 4 ++-- .github/workflows/native-library-js-tag.yml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index a39ba68..504a0c5 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -114,7 +114,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes -- node -v + npm config get user-agent - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -125,7 +125,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes -- node -v + npm config get user-agent npm test -- --ci --coverage npm run bench --if-present - name: Build (Linux) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index 565f416..ef93471 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -122,7 +122,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes -- node -v + npm config get user-agent - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -133,7 +133,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes -- node -v + npm config get user-agent npm run prebuild --verbose npm test -- --ci --coverage npm run bench --if-present diff --git a/.github/workflows/native-library-js-tag-gyp.yml b/.github/workflows/native-library-js-tag-gyp.yml index 0c750a7..0f0a835 100644 --- a/.github/workflows/native-library-js-tag-gyp.yml +++ b/.github/workflows/native-library-js-tag-gyp.yml @@ -88,7 +88,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes -- node -v + npm config get user-agent - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -103,7 +103,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes -- node -v + npm config get user-agent npm run prebuild --verbose -- --production npm test -- --ci --coverage npm run bench diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index fc1ce51..8902ac9 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -88,7 +88,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes -- node -v + npm config get user-agent - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -103,7 +103,7 @@ jobs: where.exe npm node -v npm -v - npm exec --yes -- node -v + npm config get user-agent npm run prebuild --verbose -- --production npm test -- --ci --coverage npm run bench From dda1c88cbfb22cfac448b5b7511275c46a8a3724 Mon Sep 17 00:00:00 2001 From: Roger Qiu Date: Mon, 16 Feb 2026 08:51:18 +0000 Subject: [PATCH 85/85] fix: removed `npm config get user-agent` because it only tells us `npm/{npm-version} node/{node-version} {platform} {arch} workspaces/{workspaces} {ci}` which is useless --- .github/workflows/library-js-staging.yml | 2 -- .github/workflows/native-library-js-staging.yml | 2 -- .github/workflows/native-library-js-tag-gyp.yml | 2 -- .github/workflows/native-library-js-tag.yml | 2 -- 4 files changed, 8 deletions(-) diff --git a/.github/workflows/library-js-staging.yml b/.github/workflows/library-js-staging.yml index 504a0c5..4e92368 100644 --- a/.github/workflows/library-js-staging.yml +++ b/.github/workflows/library-js-staging.yml @@ -114,7 +114,6 @@ jobs: where.exe npm node -v npm -v - npm config get user-agent - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -125,7 +124,6 @@ jobs: where.exe npm node -v npm -v - npm config get user-agent npm test -- --ci --coverage npm run bench --if-present - name: Build (Linux) diff --git a/.github/workflows/native-library-js-staging.yml b/.github/workflows/native-library-js-staging.yml index ef93471..2ff19d1 100644 --- a/.github/workflows/native-library-js-staging.yml +++ b/.github/workflows/native-library-js-staging.yml @@ -122,7 +122,6 @@ jobs: where.exe npm node -v npm -v - npm config get user-agent - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -133,7 +132,6 @@ jobs: where.exe npm node -v npm -v - npm config get user-agent npm run prebuild --verbose npm test -- --ci --coverage npm run bench --if-present diff --git a/.github/workflows/native-library-js-tag-gyp.yml b/.github/workflows/native-library-js-tag-gyp.yml index 0f0a835..5025739 100644 --- a/.github/workflows/native-library-js-tag-gyp.yml +++ b/.github/workflows/native-library-js-tag-gyp.yml @@ -88,7 +88,6 @@ jobs: where.exe npm node -v npm -v - npm config get user-agent - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -103,7 +102,6 @@ jobs: where.exe npm node -v npm -v - npm config get user-agent npm run prebuild --verbose -- --production npm test -- --ci --coverage npm run bench diff --git a/.github/workflows/native-library-js-tag.yml b/.github/workflows/native-library-js-tag.yml index 8902ac9..141da76 100644 --- a/.github/workflows/native-library-js-tag.yml +++ b/.github/workflows/native-library-js-tag.yml @@ -88,7 +88,6 @@ jobs: where.exe npm node -v npm -v - npm config get user-agent - name: Build (Windows) if: matrix.platform == 'windows' shell: pwsh @@ -103,7 +102,6 @@ jobs: where.exe npm node -v npm -v - npm config get user-agent npm run prebuild --verbose -- --production npm test -- --ci --coverage npm run bench