Skip to content

feat(x509): add key usage to X.509 certificate (#2114) #137

feat(x509): add key usage to X.509 certificate (#2114)

feat(x509): add key usage to X.509 certificate (#2114) #137

name: Continuous Integration
on:
pull_request:
branches:
- main
- '**-pre'
types: [opened, synchronize, reopened, labeled]
push:
branches:
- main
- '**-pre'
workflow_dispatch:
env:
NODE_OPTIONS: --max_old_space_size=6144
# Make sure we're not running multiple release steps at the same time as this can give issues with determining the next npm version to release.
# Ideally we only add this to the 'release' job so it doesn't limit PR runs, but github can't guarantee the job order in that case:
# "When concurrency is specified at the job level, order is not guaranteed for jobs or runs that queue within 5 minutes of each other."
concurrency:
# Cancel previous runs that are not completed yet
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# PRs created by github actions won't trigger CI. Before we can merge a PR we need to run the tests and
# validation scripts. To still be able to run the CI we can manually trigger it by adding the 'ci-test'
# label to the pull request
ci-trigger:
runs-on: ubuntu-20.04
outputs:
triggered: ${{ steps.check.outputs.triggered }}
steps:
- name: Determine if CI should run
id: check
run: |
if [[ "${{ github.event.action }}" == "labeled" && "${{ github.event.label.name }}" == "ci-test" ]]; then
export SHOULD_RUN='true'
elif [[ "${{ github.event.action }}" == "labeled" && "${{ github.event.label.name }}" != "ci-test" ]]; then
export SHOULD_RUN='false'
else
export SHOULD_RUN='true'
fi
echo "SHOULD_RUN: ${SHOULD_RUN}"
echo triggered="${SHOULD_RUN}" >> "$GITHUB_OUTPUT"
validate:
runs-on: ubuntu-20.04
name: Validate
steps:
- name: Checkout credo-ts
uses: actions/checkout@v4
- uses: pnpm/action-setup@v2
with:
version: 9.1.0
- name: Setup NodeJS
uses: actions/setup-node@v4
with:
node-version: 18
cache: 'pnpm'
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Linting
run: pnpm lint
- name: Prettier
run: pnpm check-format
- name: Check Types
run: pnpm check-types
- name: Compile
run: pnpm build
unit-tests:
runs-on: ubuntu-20.04
name: Unit Tests
strategy:
fail-fast: false
matrix:
node-version: [18, 20]
# Each shard runs a set of the tests
# Make sure to UPDATE THE TEST command with the total length of
# the shards if you change this!!
shard: [1, 2]
steps:
- name: Checkout credo
uses: actions/checkout@v4
- name: Setup NodeJS
id: setup-node
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- uses: pnpm/action-setup@v2
with:
version: 9.1.0
# See https://github.com/actions/setup-node/issues/641#issuecomment-1358859686
- name: pnpm cache path
id: pnpm-cache-path
run: |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
- name: pnpm cache
uses: actions/cache@v3
with:
path: ${{ steps.pnpm-cache-path.outputs.STORE_PATH }}
key: ${{ runner.os }}-${{ steps.setup-node.outputs.node-version }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-${{ steps.setup-node.outputs.node-version }}-pnpm-store-
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Run tests
run: pnpm test:unit --coverage --forceExit --shard=${{ matrix.shard }}/2
# Upload coverage for shard
- run: mv coverage/coverage-final.json coverage/${{ matrix.shard }}.json
- uses: actions/upload-artifact@v4
with:
name: coverage-artifacts-${{ matrix.node-version }}
path: coverage/${{ matrix.shard }}.json
overwrite: true
e2e-tests:
runs-on: ubuntu-20.04
name: E2E Tests
strategy:
fail-fast: false
matrix:
node-version: [18, 20]
steps:
- name: Checkout credo
uses: actions/checkout@v4
# setup dependencies
- name: Setup services
run: docker compose up -d
- name: Setup NodeJS
id: setup-node
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- uses: pnpm/action-setup@v2
with:
version: 9.1.0
# See https://github.com/actions/setup-node/issues/641#issuecomment-1358859686
- name: pnpm cache path
id: pnpm-cache-path
run: |
echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT
- name: pnpm cache
uses: actions/cache@v3
with:
path: ${{ steps.pnpm-cache-path.outputs.STORE_PATH }}
key: ${{ runner.os }}-${{ steps.setup-node.outputs.node-version }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
restore-keys: |
${{ runner.os }}-${{ steps.setup-node.outputs.node-version }}-pnpm-store-
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Run tests
run: pnpm test:e2e --coverage --forceExit
# Upload coverage for e2e
- run: mv coverage/coverage-final.json coverage/e2e.json
- uses: actions/upload-artifact@v4
with:
name: coverage-artifacts-${{ matrix.node-version }}
path: coverage/e2e.json
overwrite: true
# Upload all the coverage reports
report-coverage:
runs-on: ubuntu-20.04
needs: [e2e-tests, unit-tests]
steps:
- uses: actions/download-artifact@v4
with:
name: coverage-artifacts-20
path: coverage
- uses: codecov/codecov-action@v4
with:
directory: coverage
token: ${{ secrets.CODECOV_TOKEN }}