WIP multifile encrypt/decrypt #1281

Workflow file for this run

	name: Build, Test, and Deliver Client

	env:
	do_sonarscan: ${{ github.event_name == 'push' \|\| github.event.pull_request.head.repo.full_name == github.repository }}

	on:
	pull_request:
	push:
	branches:
	- main
	- release/[0-9]+.[0-9]+.[0-9]+
	release:
	types: [created]
	jobs:
	lib:
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./lib
	timeout-minutes: 5
	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: ${{ !fromJSON(env.do_sonarscan) && 1 \|\| 0 }}
	- uses: actions/setup-node@v3
	with:
	node-version: '18'
	cache: 'npm'
	cache-dependency-path: './lib/package-lock.json'
	- run: npm ci
	- run: npm test
	- uses: fingerprintjs/action-coverage-report-md@v1
	id: coverage-md
	with:
	srcBasePath: './'
	textReportPath: './lib/coverage/coverage.txt'
	- run: echo "${MARKDOWN_REPORT}" >> $GITHUB_STEP_SUMMARY
	env:
	MARKDOWN_REPORT: '${{ steps.coverage-md.outputs.markdownReport }}'
	- run: npm audit --omit dev && npm audit --audit-level high
	- run: npm run license-check
	- run: npm run lint
	- run: npm pack
	- uses: actions/upload-artifact@v3
	with:
	name: opentdf-client-lib
	path: ./lib/opentdf-client-*.tgz
	- name: SonarCloud Scan
	if: fromJSON(env.do_sonarscan)
	uses: SonarSource/sonarcloud-github-action@master
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

	remote-store:
	needs:
	- lib
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./remote-store
	timeout-minutes: 5
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	node-version: '18'
	cache: 'npm'
	cache-dependency-path: './remote-store/package-lock.json'
	- uses: actions/download-artifact@v3
	with:
	name: opentdf-client-lib
	path: lib/
	- run: npm uninstall @opentdf/client && npm ci && npm i ../lib/opentdf-client-*.tgz
	- run: npm install
	- run: npm test
	- run: npm audit
	- run: npm run license-check
	- run: npm run lint
	- run: npm pack

	web-app:
	needs:
	- lib
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./web-app
	timeout-minutes: 5
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	node-version: '18'
	cache: 'npm'
	cache-dependency-path: './web-app/package-lock.json'
	- uses: actions/download-artifact@v3
	with:
	name: opentdf-client-lib
	path: lib/
	- run: npm uninstall @opentdf/client && npm ci && npm i ../lib/opentdf-client-*.tgz
	- run: npm install
	- run: npm test
	- run: npm audit --omit dev && npm audit --audit-level high
	- run: npm run license-check
	- run: npm run lint
	- run: npm pack

	scripts:
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: .github/workflows
	timeout-minutes: 5
	steps:
	- uses: actions/checkout@v3
	- uses: mig4/setup-bats@v1
	with:
	bats-version: 1.2.1
	- name: 🦇🦇🦇🦇🦇🦇
	run: docker run --rm -v "$PWD:/mnt" --workdir "/mnt" bats/bats:1.5.0 *.bats
	- name: 🦪 ✔ 🧼🧼🧼
	run: >-
	docker run --rm -v "$PWD:/mnt" --workdir "/mnt" "koalaman/shellcheck:v0.8.0"
	--color=always *.sh

	backend-roundtrip:
	needs:
	- web-app
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: .github/workflows/roundtrip
	timeout-minutes: 45
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	node-version: '18'
	cache: 'npm'
	cache-dependency-path: './web-app/package-lock.json'
	- uses: actions/download-artifact@v3
	with:
	name: opentdf-client-lib
	path: lib/
	- uses: yokawasa/action-setup-kube-tools@v0.11.1
	with:
	setup-tools: \|
	kubectl
	helm
	tilt
	# This should be in sync with the minikube-deployed kube version below
	kubectl: '1.30.0'
	helm: '3.14.4'
	tilt: '0.33.13'
	- run: \|
	kubectl version --client
	kustomize version
	tilt version
	- name: start minikube
	id: minikube
	uses: medyagh/setup-minikube@master
	with:
	minikube-version: 1.33.0
	# This should be in sync with the setup-tools version above
	kubernetes-version: 1.30.0
	- name: Run tilt ci
	env:
	TEST_SCRIPT: ./wait-and-test.sh
	OPENTDF_INGRESS_HOST_PORT: "5432"
	PLAYWRIGHT_TESTS_TO_RUN: roundtrip
	run: tilt ci

	deliver-ghp:
	needs: [lib, web-app, scripts, backend-roundtrip]
	runs-on: ubuntu-latest
	timeout-minutes: 5
	# To publish from a release or feature branch, remove the ref == condition below
	if: >-
	(github.event_name == 'push' && github.ref == 'refs/heads/main')
	\|\| (github.event_name == 'push' && startsWith(github.ref, 'refs/heads/release/'))
	\|\| (github.event_name == 'release' && startsWith(github.ref, 'refs/tags/'))
	outputs:
	FULL_VERSION: ${{ steps.guess-build-metadata.outputs.FULL_VERSION }}
	DIST_TAG: ${{ steps.guess-build-metadata.outputs.DIST_TAG }}
	TARGET_VERSION: ${{ steps.check-version.outputs.TARGET_VERSION }}
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	node-version: '18.x'
	registry-url: https://npm.pkg.github.com
	- name: Check version number is same between tag, library, and/or release
	id: check-version
	run: \|-
	if [[ ${{ github.ref }} = refs/heads/release/* ]]; then
	scripts/check-version-is.sh "${GITHUB_REF##*release/}"
	elif [[ ${{ github.ref }} = refs/tags/v* ]]; then
	scripts/check-version-is.sh "${GITHUB_REF_NAME#v}"
	else
	scripts/check-version-is.sh
	fi
	- name: Check version number is same between tag, library, and/or release
	id: guess-build-metadata
	run: \|-
	echo "FULL_VERSION=$(.github/workflows/gh-semver.sh)" >> $GITHUB_OUTPUT
	echo "DIST_TAG=$(.github/workflows/guess-dist-tag.sh)" >> $GITHUB_OUTPUT
	- run: make test
	- run: make doc
	- run: >-
	echo "::notice file=lib/package.json::Will be published to [GitHub Packages](https://github.com/opentdf/client-web/pkgs/npm/client)as ${{ steps.guess-build-metadata.outputs.DIST_TAG }} with version=[${{ steps.guess-build-metadata.outputs.FULL_VERSION }}]"
	- run: >-
	.github/workflows/publish-to.sh
	${{ steps.guess-build-metadata.outputs.FULL_VERSION }}
	${{ steps.guess-build-metadata.outputs.DIST_TAG }}
	env:
	NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- run: echo "- [Client Library](https://github.com/opentdf/client-web/pkgs/npm/client)">>$GITHUB_STEP_SUMMARY
	- name: trigger xtest
	run: >-
	curl -XPOST
	-u "virtru-cloudnative:${{secrets.PERSONAL_ACCESS_TOKEN}}"
	-H "Accept: application/vnd.github.everest-preview+json"
	-H "Content-Type: application/json"
	"https://api.github.com/repos/opentdf/backend/dispatches"
	--data '{"event_type":"xtest","client_payload":{"version":"'${FULL_VERSION%%+*}'"}}'
	env:
	FULL_VERSION: ${{ steps.guess-build-metadata.outputs.FULL_VERSION }}
	- name: Publish documentation to gh-pages
	uses: JamesIves/github-pages-deploy-action@v4.4.1
	with:
	branch: gh-pages
	folder: lib/dist/docs

	deliver-npmjs:
	runs-on: ubuntu-latest
	timeout-minutes: 5
	environment: npmjs
	needs: deliver-ghp
	if: >-
	(github.event_name == 'push' && github.ref == 'refs/heads/main')
	\|\| (github.event_name == 'push' && startsWith(github.ref, 'refs/heads/release/'))
	\|\| (github.event_name == 'release' && startsWith(github.ref, 'refs/tags/'))
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	node-version: '18.x'
	registry-url: 'https://registry.npmjs.org'
	- run: make all
	- run: >-
	.github/workflows/publish-to.sh ${{ needs.deliver-ghp.outputs.FULL_VERSION }}
	${{ needs.deliver-ghp.outputs.DIST_TAG }}
	env:
	NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
	- run: echo "- [Client Library](https://www.npmjs.com/package/@opentdf/client/v/${{ needs.deliver-ghp.outputs.FULL_VERSION }})">>$GITHUB_STEP_SUMMARY
	- run: echo "- [Remote Store](https://www.npmjs.com/package/@opentdf/remote-store/v/${{ needs.deliver-ghp.outputs.FULL_VERSION }})">>$GITHUB_STEP_SUMMARY
	- run: echo "- [unpkg](https://unpkg.com/browse/@opentdf/client@${{ needs.deliver-ghp.outputs.FULL_VERSION }})">>$GITHUB_STEP_SUMMARY

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

WIP multifile encrypt/decrypt #1281

Workflow file

WIP multifile encrypt/decrypt #1281

Jobs

Run details

Workflow file for this run