feat: enable-legacy and enable-weak-ssl-ciphers #221
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build-lint-test | |
on: | |
pull_request: | |
env: | |
LIBCURL_RELEASE: 'LATEST' | |
concurrency: | |
group: ${{ github.head_ref }} | |
cancel-in-progress: true | |
# all jobs here must have a matrix identical to the ones inside build-and-release.yaml | |
jobs: | |
scan: | |
permissions: | |
packages: write | |
contents: write # publish sbom to GH releases/tag assets | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
path: ${{ github.repository }} | |
# Perform SCA analysis for the code repository | |
# Produces SBOM and CVE report | |
# Helps understand vulnerabilities / license compliance across third party dependencies | |
# Drift: Doesn't track any npm global or OS specific packages that involves scanning entire root file system. | |
# (TODO): Produce OS specific SBOM to detect build time depdencies. | |
- id: sca-project | |
uses: Kong/public-shared-actions/security-actions/sca@2f02738ecb1670f01391162e43fe3f5d4e7942a1 # v2.2.2 | |
with: | |
dir: ${{ github.repository }} | |
build-and-test-nodejs: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- macos-13-xlarge | |
- ubuntu-22.04 | |
libcurl-release: | |
- 7.86.0 | |
node-libcurl-cpp-std: | |
- c++17 | |
node: | |
- 20.16.0 | |
include: | |
# Lint | |
- os: ubuntu-latest | |
node: 20.16.0 | |
node-libcurl-cpp-std: c++17 | |
libcurl-release: 7.86.0 | |
run-lint-and-tsc: true | |
env: | |
LIBCURL_RELEASE: ${{ matrix.libcurl-release }} | |
LATEST_LIBCURL_RELEASE: ${{ matrix.libcurl-release }} | |
NODE_LIBCURL_CPP_STD: ${{ matrix.node-libcurl-cpp-std }} | |
steps: | |
- id: timestamp | |
run: echo "timestamp=$(timestamp +%s)" >> $GITHUB_OUTPUT | |
- name: Restore the previous run result | |
uses: actions/cache@v3 | |
with: | |
path: | | |
run_result | |
key: ${{ github.run_id }}-${{ github.job }}-${{ steps.timestamp.outputs.timestamp }} | |
restore-keys: | | |
${{ github.run_id }}-${{ github.job }}- | |
- id: run_result | |
run: cat run_result 2>/dev/null || echo 'default' | |
- if: runner.os == 'macOS' | |
name: Install Needed packages on macOS | |
run: brew install coreutils wget automake libtool cmake gnu-sed m4 autoconf@2.69 groff | |
- if: runner.os == 'Linux' | |
name: Install Needed packages on Linux | |
run: sudo apt-get install -y cmake | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'npm' | |
cache-dependency-path: package-lock.json | |
- name: Restore libcurl deps cache | |
uses: actions/cache@v3 | |
id: libcurl-deps-cache | |
with: | |
path: | | |
~/.node-gyp | |
~/deps | |
key: v4-build-lint-test-${{ runner.os }}-libcurl-deps-cache-node-${{ matrix.node }} | |
restore-keys: | | |
v4-build-lint-test-${{ runner.os }}-libcurl-deps-cache-node-${{ matrix.node }} | |
- name: Build node-libcurl ${{ matrix.node }} | |
if: steps.run_result.outputs.run_result != 'success' | |
run: | | |
RUN_TESTS=false \ | |
RUN_PREGYP_CLEAN=false \ | |
PUBLISH_BINARY=false \ | |
./scripts/ci/build.sh | |
- name: 'Run lint' | |
if: matrix.run-lint-and-tsc && steps.run_result.outputs.run_result != 'success' | |
run: npm run lint | |
- name: 'Run tsc' | |
if: matrix.run-lint-and-tsc && steps.run_result.outputs.run_result != 'success' | |
run: npm run build:dist | |
# we do run tests in all matrix jobs | |
- name: 'Run tests' | |
if: steps.run_result.outputs.run_result != 'success' | |
run: npm run test:coverage | |
# but coverage is only sent for the run-lint-and-tsc job | |
- name: Upload coverage to Codecov | |
if: matrix.run-lint-and-tsc && steps.run_result.outputs.run_result != 'success' | |
uses: codecov/codecov-action@v1 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
file: ./coverage/** | |
fail_ci_if_error: false | |
- name: Upload artifacts | |
if: always() && steps.run_result.outputs.run_result != 'success' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: build-logs-${{ matrix.os }}-${{ matrix.libcurl-release }}-${{ matrix.node }} | |
path: ./logs/ | |
retention-days: 3 | |
# TODO(Filipe) - fix this set-output | |
- run: echo "::set-output name=run_result::success" > run_result | |
build-and-test-electron: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- macos-13-xlarge | |
- ubuntu-22.04 | |
libcurl-release: | |
- 7.86.0 | |
node: | |
- 20.16.0 | |
electron-version: | |
- 31.4.0 | |
env: | |
LIBCURL_RELEASE: ${{ matrix.libcurl-release }} | |
LATEST_LIBCURL_RELEASE: ${{ matrix.libcurl-release }} | |
ELECTRON_VERSION: ${{ matrix.electron-version }} | |
NODE_LIBCURL_CPP_STD: c++17 | |
steps: | |
- id: timestamp | |
run: echo "timestamp=$(timestamp +%s)" >> $GITHUB_OUTPUT | |
- name: Restore the previous run result | |
uses: actions/cache@v3 | |
with: | |
path: | | |
run_result | |
key: ${{ github.run_id }}-${{ github.job }}-${{ steps.timestamp.outputs.timestamp }} | |
restore-keys: | | |
${{ github.run_id }}-${{ github.job }}- | |
- id: run_result | |
run: cat run_result 2>/dev/null || echo 'default' | |
- name: Set up Homebrew | |
id: set-up-homebrew | |
uses: Homebrew/actions/setup-homebrew@master | |
- name: Install Needed packages | |
run: brew install coreutils wget automake libtool cmake gnu-sed m4 autoconf@2.69 groff | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'npm' | |
cache-dependency-path: package-lock.json | |
- name: Restore Electron Cache | |
uses: actions/cache@v3 | |
with: | |
path: ~/Library/Caches/electron | |
key: v1-${{ runner.os }}-electron-cache-${{ matrix.electron-version }} | |
restore-keys: | | |
v1-${{ runner.os }}-electron-cache-${{ matrix.electron-version }} | |
v1-${{ runner.os }}-electron-cache- | |
- name: Restore libcurl deps cache | |
uses: actions/cache@v3 | |
id: libcurl-deps-cache | |
with: | |
path: | | |
~/.node-gyp | |
~/deps | |
key: v4-build-lint-test-${{ runner.os }}-libcurl-deps-cache-electron-${{ matrix.electron-version }} | |
restore-keys: | | |
v4-build-lint-test-${{ runner.os }}-libcurl-deps-cache-electron-${{ matrix.electron-version }} | |
- name: 'Set GIT_TAG' | |
if: startsWith(github.ref, 'refs/tags') | |
run: echo "GIT_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
- name: Build node-libcurl ${{ matrix.node }} ${{ matrix.electron-version }} | |
if: steps.run_result.outputs.run_result != 'success' | |
run: | | |
RUN_TESTS=true \ | |
RUN_PREGYP_CLEAN=false \ | |
PUBLISH_BINARY=false \ | |
./scripts/ci/build.sh | |
- name: Upload artifacts | |
if: always() && steps.run_result.outputs.run_result != 'success' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: build-logs-${{ matrix.os }}-${{ matrix.libcurl-release }}-${{ matrix.electron-version }} | |
path: ./logs/ | |
retention-days: 5 | |
# TODO(Filipe) - fix this set-output | |
- run: echo "::set-output name=run_result::success" > run_result | |
build-and-test-nodejs-windows: | |
runs-on: windows-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
node: | |
- 20.16.0 | |
env: | |
npm_config_msvs_version: 2022 | |
npm_config_build_from_source: true | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Setup Node.js ${{ matrix.node }} | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node }} | |
- name: Install dependencies | |
run: | | |
choco install nasm -y | |
$env:PATH=$env:PROGRAMFILES + "\NASM;" + $env:Path | |
python deps\curl-for-windows\configure.py | |
- name: Build ${{ matrix.node }} | |
run: | | |
$env:PATH=$env:PROGRAMFILES + "\NASM;" + $env:Path | |
npm ci | |
- name: Test | |
run: | | |
npm run ts-node -e "console.log(require('./lib').Curl.getVersionInfoString())" | |
npm run test | |
if ($LASTEXITCODE -eq 0) { | |
$host.SetShouldExit(0) | |
} | |
build-and-test-electron-windows: | |
runs-on: windows-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
node: | |
- 20.16.0 | |
electron-version: | |
- 31.4.0 | |
env: | |
ELECTRON_VERSION: ${{ matrix.electron-version }} | |
npm_config_msvs_version: 2022 | |
npm_config_build_from_source: true | |
npm_config_runtime: 'electron' | |
npm_config_dist_url: 'https://electronjs.org/headers' | |
npm_config_target: ${{ matrix.electron-version }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Setup Node.js ${{ matrix.node }} | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node }} | |
- name: Install dependencies | |
run: | | |
choco install nasm -y | |
$env:PATH=$env:PROGRAMFILES + "\NASM;" + $env:Path | |
python deps\curl-for-windows\configure.py | |
npm install -g electron@${env:ELECTRON_VERSION} | |
- name: Build ${{ matrix.node }} | |
run: | | |
$env:PATH=$env:PROGRAMFILES + "\NASM;" + $env:Path | |
npm ci | |
- name: Test | |
run: | | |
npm run test:electron | |
if ($LASTEXITCODE -eq 0) { | |
$host.SetShouldExit(0) | |
} |