Skip to content

chore: use two-step build #206

chore: use two-step build

chore: use two-step build #206

Workflow file for this run

name: CI
on:
push:
branches:
- main
pull_request:
branches:
- '**'
workflow_dispatch:
env:
KUBO_VER: 'v0.27.0' # kubo daemon used for publishing to IPFS
CLUSTER_CTL_VER: 'v1.0.8' # ipfs-cluster-ctl used by publish-to-ipfs
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: ipfs/aegir/actions/cache-node-modules@master
- name: Save ./dist output for later
uses: actions/upload-artifact@v4
with:
name: dist_${{ github.sha }}
path: dist
check:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: ipfs/aegir/actions/cache-node-modules@master
- run: npm run --if-present lint
- run: npm run --if-present dep-check
- run: npm run --if-present doc-check
test-node:
needs: build
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [windows-latest, ubuntu-latest, macos-latest]
node: [lts/*]
fail-fast: true
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- uses: ipfs/aegir/actions/cache-node-modules@master
- run: npm run --if-present test:node
- uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5
with:
flags: node
files: .coverage/*,packages/*/.coverage/*
test-chrome:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: ipfs/aegir/actions/cache-node-modules@master
- run: npx playwright install --with-deps
- run: npm run --if-present test:chrome
- uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5
with:
flags: chrome
files: .coverage/*,packages/*/.coverage/*
test-chrome-webworker:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: ipfs/aegir/actions/cache-node-modules@master
- run: npm run --if-present test:chrome-webworker
- uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5
with:
flags: chrome-webworker
files: .coverage/*,packages/*/.coverage/*
test-firefox:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: ipfs/aegir/actions/cache-node-modules@master
- run: npx playwright install --with-deps
- run: npm run --if-present test:firefox
- uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5
with:
flags: firefox
files: .coverage/*,packages/*/.coverage/*
test-firefox-webworker:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: ipfs/aegir/actions/cache-node-modules@master
- run: npm run --if-present test:firefox-webworker
- uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5
with:
flags: firefox-webworker
files: .coverage/*,packages/*/.coverage/*
test-webkit:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: ipfs/aegir/actions/cache-node-modules@master
- run: npm run --if-present test:webkit
- uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5
with:
flags: webkit
files: .coverage/*,packages/*/.coverage/*
test-electron-main:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: ipfs/aegir/actions/cache-node-modules@master
- run: npx xvfb-maybe npm run --if-present test:electron-main
- uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5
with:
flags: electron-main
files: .coverage/*,packages/*/.coverage/*
test-electron-renderer:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- uses: ipfs/aegir/actions/cache-node-modules@master
- run: npx xvfb-maybe npm run --if-present test:electron-renderer
- uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5
with:
flags: electron-renderer
files: .coverage/*,packages/*/.coverage/*
publish-to-ipfs:
# TODO: make this run also on release
if: github.ref == 'refs/heads/main'
needs: build
runs-on: ubuntu-latest
environment: Deploy # CF and Clusteer secrets
concurrency:
# only one job runs at a time == DNSLinks are updated in-order
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
outputs:
cid: ${{ steps.ipfs-import.outputs.cid }}
steps:
- uses: actions/checkout@v4
- name: Retrieve ./dist produced by build job
uses: actions/download-artifact@v4
with:
name: dist_${{ github.sha }}
path: dist
- uses: ipfs/download-ipfs-distribution-action@v1
with:
name: kubo
version: "${{ env.KUBO_VER }}"
- uses: ipfs/download-ipfs-distribution-action@v1
with:
name: ipfs-cluster-ctl
version: "${{ env.CLUSTER_CTL_VER }}"
- name: Init IPFS daemon
run: |
# fix resolv - DNS provided by Github is unreliable for DNSLik/dnsaddr
sudo sed -i -e 's/nameserver 127.0.0.*/nameserver 1.1.1.1/g' /etc/resolv.conf
ipfs init --profile flatfs,server,randomports,lowpower
# make flatfs async for faster ci
ipfs config --json 'Datastore.Spec.mounts' "$(ipfs config 'Datastore.Spec.mounts' | jq -c '.[0].child.sync=false')"
shell: bash
- uses: ipfs/start-ipfs-daemon-action@v1
with:
args: --enable-gc=false
- name: Preconnect to cluster peers
run: |
ipfs-cluster-ctl --enc=json \
--host "/dnsaddr/ipfs-websites.collab.ipfscluster.io" \
--basic-auth "$CLUSTER_USER:$CLUSTER_PASSWORD" \
peers ls | tee cluster-peers-ls
for maddr in $(jq -r '.ipfs.addresses[]?' cluster-peers-ls); do
ipfs swarm peering add $maddr
ipfs swarm connect $maddr || true &
done
shell: bash
env:
CLUSTER_USER: ${{ secrets.CLUSTER_USER }}
CLUSTER_PASSWORD: ${{ secrets.CLUSTER_PASSWORD }}
- name: IPFS import of ./dist
id: ipfs-import
run: |
root_cid=$(ipfs add --cid-version 1 --inline --chunker size-1048576 -Q -r --offline ./dist)
echo "cid=$root_cid" >> $GITHUB_OUTPUT
- name: ℹ️ Generated DAG and CID
run: ipfs dag stat --progress=false ${{ steps.ipfs-import.outputs.cid }}
- name: Create CAR file
run: ipfs dag export ${{ steps.ipfs-import.outputs.cid }} > dist_${{ github.sha }}.car
- name: Attach CAR to Github Action
uses: actions/upload-artifact@v4
with:
name: dist_${{ github.sha }}.car
path: dist_${{ github.sha }}.car
if-no-files-found: error
- name: Pin to ipfs-websites.collab.ipfscluster.io
run: |
ipfs-cluster-ctl --enc=json \
--host "/dnsaddr/ipfs-websites.collab.ipfscluster.io" \
--basic-auth "${CLUSTER_USER}:${CLUSTER_PASSWORD}" \
pin add \
--name "${{ github.repository }}/${{ github.sha }}" \
--replication-min 2 \
--replication-max 6 \
--wait \
"$PIN_CID"
env:
PIN_CID: ${{ steps.ipfs-import.outputs.cid }}
CLUSTER_USER: ${{ secrets.CLUSTER_USER }}
CLUSTER_PASSWORD: ${{ secrets.CLUSTER_PASSWORD }}
timeout-minutes: 60
- name: Update DNSLink at inbrowser.dev (Dev Testing)
if: github.ref == 'refs/heads/main'
run: |
curl --request PUT --header "Authorization: Bearer ${AUTH_TOKEN}" --header 'Content-Type: application/json' \
--url "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${RECORD_ID}" \
--data "{\"type\":\"TXT\",\"name\":\"_dnslink.${DNSLINK_NAME}\",\"content\":\"dnslink=/ipfs/${DNSLINK_CID}\",\"comment\":\"${{ github.repository }}/${{ github.sha }}\"}"
env:
DNSLINK_NAME: inbrowser.dev
DNSLINK_CID: ${{ steps.ipfs-import.outputs.cid }}
ZONE_ID: ${{ secrets.CF_INBROWSERDEV_ZONE_ID }}
RECORD_ID: ${{ secrets.CF_INBROWSERDEV_RECORD_ID }}
AUTH_TOKEN: ${{ secrets.CF_INBROWSERDEV_AUTH_TOKEN }}
- name: Update DNSLink at inbrowser.link (Stable Production)
# TODO: make this run only on release
if: github.ref == 'refs/heads/main'
run: |
curl --request PUT --header "Authorization: Bearer ${AUTH_TOKEN}" --header 'Content-Type: application/json' \
--url "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${RECORD_ID}" \
--data "{\"type\":\"TXT\",\"name\":\"_dnslink.${DNSLINK_NAME}\",\"content\":\"dnslink=/ipfs/${DNSLINK_CID}\",\"comment\":\"${{ github.repository }}/${{ github.sha }}\"}"
env:
DNSLINK_NAME: inbrowser.link
DNSLINK_CID: ${{ steps.ipfs-import.outputs.cid }}
ZONE_ID: ${{ secrets.CF_INBROWSERLINK_ZONE_ID }}
RECORD_ID: ${{ secrets.CF_INBROWSERLINK_RECORD_ID }}
AUTH_TOKEN: ${{ secrets.CF_INBROWSERLINK_AUTH_TOKEN }}
pin-to-w3: # ported from ipfs/ipfs-webui
if: ${{ success() && needs.publish-to-ipfs.outputs.cid }}
needs: publish-to-ipfs
runs-on: ubuntu-latest
environment: web3.storage
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: lts/*
- name: Retrieve CAR produced by publish-to-ipfs job
uses: actions/download-artifact@v4
with:
name: dist_${{ github.sha }}.car
- name: Pin with @web3-storage/w3cli
run: |
# ensure whoami
npx -y --package=@web3-storage/w3cli@latest -- w3 whoami
# convert base64 env var to file
echo $W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING | base64 -d > ipfs-webui-ci-space.ucan.proof
# Add space
export W3CLI_SPACE_DID=$(npx -y --package=@web3-storage/w3cli@latest -- w3 space add ipfs-webui-ci-space.ucan.proof)
# use space
npx -y --package=@web3-storage/w3cli@latest -- w3 space use $W3CLI_SPACE_DID
# upload car
npx -y --package=@web3-storage/w3cli@latest -- w3 up --no-wrap --car dist_${{ github.sha }}.car
env:
W3_STORE_NAME: ${{ secrets.W3_STORE_NAME }}
W3_AGENT_DID: ${{ secrets.W3_AGENT_DID }}
# W3_PRINCIPAL env name is expected by w3cli tool: https://github.com/web3-storage/w3cli#w3_principal
W3_PRINCIPAL: ${{ secrets.W3_AGENT_PRINCIPAL }}
W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING: ${{ secrets.W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING }}
pin-to-scaleway:
if: ${{ success() && needs.publish-to-ipfs.outputs.cid }}
needs: publish-to-ipfs
runs-on: ubuntu-latest
environment: Scaleway
steps:
- uses: actions/checkout@v4
- uses: ipfs/download-ipfs-distribution-action@v1
with:
name: kubo
version: "${{ env.KUBO_VER }}"
- name: Init IPFS daemon
run: ipfs init --profile flatfs,server,randomports,lowpower
- uses: ipfs/start-ipfs-daemon-action@v1
with:
args: --enable-gc=false
- name: Retrieve CAR produced by publish-to-ipfs job
uses: actions/download-artifact@v4
with:
name: dist_${{ github.sha }}.car
- name: Import CAR to local Kubo
run: ipfs dag import --offline dist_${{ github.sha }}.car
- name: Set up and check Scaleway
id: scaleway
run: |
ipfs pin remote service add scaleway "$SCALEWAY_URL" "$SCALEWAY_SECRET"
echo "existing-pin=$(ipfs pin remote ls --service=scaleway --name=$CID)" >> $GITHUB_OUTPUT # using --name because --cid does not work with Scaleway (2024-Q1)
env:
CID: ${{ needs.publish-to-ipfs.outputs.cid }}
SCALEWAY_SECRET: ${{ secrets.SCALEWAY_SECRET }}
SCALEWAY_URL: ${{ secrets.SCALEWAY_URL }}
- name: Pin to Scaleway
if: ${{ steps.scaleway.outputs.existing-pin == '' }}
run: ipfs pin remote add --service=scaleway --name=$CID $CID # using --name because --cid does not work with Scaleway (2024-Q1)
env:
CID: ${{ needs.publish-to-ipfs.outputs.cid }}
smoke-test-http: # basic smoke test that lets us know when eother caching or content routing does not work
if: ${{ success() && needs.publish-to-ipfs.outputs.cid }}
needs: [ publish-to-ipfs, pin-to-scaleway, pin-to-w3 ]
runs-on: ubuntu-latest
steps:
- name: Smoke-test instant (cached, stale-while-revalidate) /ipfs-sw-main.js at inbrowser.link
run: curl --retry 3 --retry-delay 61 --retry-all-errors -v https://inbrowser.link/ipfs-sw-main.js > /dev/null
- name: Smoke-test instant (cached, stale-while-revalidate) /ipfs-sw-main.js at inbrowser.dev
run: curl --retry 3 --retry-delay 61 --retry-all-errors -v https://inbrowser.dev/ipfs-sw-main.js > /dev/null
- name: Smoke-test fetching the new CID as CAR from trustless-gateway.link
run: curl --retry 3 --retry-delay 61 --retry-all-errors -v "https://trustless-gateway.link/ipfs/${{ needs.publish-to-ipfs.outputs.cid }}?format=car" > /dev/null