diff --git a/.github/gon-config.json b/.github/gon-config.json new file mode 100644 index 0000000000..47fc602791 --- /dev/null +++ b/.github/gon-config.json @@ -0,0 +1,13 @@ +{ + "source": ["./bindings/nodejs/build/Release/index.node"], + "bundle_id": "org.iota.cli-wallet", + "apple_id": { + "password": "@env:AC_PASSWORD" + }, + "sign": { + "application_identity": "Developer ID Application: IOTA Stiftung (UG77RJKZHH)" + }, + "zip": { + "output_path": "./bindings/nodejs/binary.zip" + } +} \ No newline at end of file diff --git a/.github/workflows/bindings-nodejs-publish.yml b/.github/workflows/bindings-nodejs-publish.yml index a1c25e7e15..c7fe27004e 100644 --- a/.github/workflows/bindings-nodejs-publish.yml +++ b/.github/workflows/bindings-nodejs-publish.yml @@ -6,62 +6,63 @@ env: CARGO_INCREMENTAL: 0 jobs: - publish-nodejs: - runs-on: ubuntu-latest + # publish-nodejs: + # runs-on: ubuntu-latest - defaults: - run: - working-directory: bindings/nodejs + # defaults: + # run: + # working-directory: bindings/nodejs - steps: - - uses: actions/checkout@v3 + # steps: + # - uses: actions/checkout@v3 - - name: Set up Rust - uses: ./.github/actions/setup-rust + # - name: Set up Rust + # uses: ./.github/actions/setup-rust - # Required for ledger-nano - - name: Install required packages - run: | - sudo apt-get update - sudo apt-get install libudev-dev libusb-1.0-0-dev + # # Required for ledger-nano + # - name: Install required packages + # run: | + # sudo apt-get update + # sudo apt-get install libudev-dev libusb-1.0-0-dev - - name: Set up Node.js - uses: actions/setup-node@v2 - with: - node-version: "18.x" - registry-url: "https://registry.npmjs.org" + # - name: Set up Node.js + # uses: actions/setup-node@v2 + # with: + # node-version: "18.x" + # registry-url: "https://registry.npmjs.org" - - name: Install Yarn - run: npm i -g yarn + # - name: Install Yarn + # run: npm i -g yarn - - name: Install JS dependencies - run: yarn + # - name: Install JS dependencies + # run: yarn - - name: Build project - run: yarn build + # - name: Build project + # run: yarn build - - name: Update Cargo.toml with git - run: sed -i 's#path = "../core"#git = "https://github.com/iotaledger/iota-sdk", rev = "'$GITHUB_SHA'"#g' Cargo.toml + # - name: Update Cargo.toml with git + # run: sed -i 's#path = "../core"#git = "https://github.com/iotaledger/iota-sdk", rev = "'$GITHUB_SHA'"#g' Cargo.toml - - name: Print Cargo.toml - run: cat Cargo.toml + # - name: Print Cargo.toml + # run: cat Cargo.toml - - name: Publish nodejs bindings to NPM - shell: sh - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - run: npm publish --access public + # - name: Publish nodejs bindings to NPM + # shell: sh + # env: + # NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + # run: npm publish --access public nodejs-binding-prebuild: runs-on: ${{ matrix.os }} - needs: publish-nodejs + # needs: publish-nodejs strategy: fail-fast: false matrix: # The GitHub hosted Windows 2022 image comes with Visual Studio 2022, but node-gyp # (which is used by neon-sys) sadly fails to recognize it. As a mitigation, we still run the # tests on Windows 2019, until we can figure out a way to fix the problem. - os: [ubuntu-20.04, macos-13, windows-2019] + # os: [ubuntu-20.04, macos-13, windows-2019] + os: [macos-13] node-version: ["18.x"] steps: @@ -119,6 +120,18 @@ jobs: run: echo "MACOSX_DEPLOYMENT_TARGET=10.13" >> $GITHUB_ENV if: matrix.os == 'macos-13' + - name: Set deployment target (macOS) + if: ${{ startsWith(matrix.os, 'macos') }} + run: rustup target add aarch64-apple-darwin + + - name: Set deployment target (linux) + if: ${{ startsWith(matrix.os, 'ubuntu') }} + run: rustup target add aarch64-unknown-linux-gnu + + - name: Set deployment target (windows) + if: ${{ startsWith(matrix.os, 'windows') }} + run: rustup target add aarch64-pc-windows-msvc + - name: Get current date run: echo "CURRENT_DATE=$(date +'%Y-%m-%d')" >> $GITHUB_ENV if: matrix.os == 'macos-13' || ${{ startsWith(matrix.os, 'ubuntu') }} @@ -169,11 +182,67 @@ jobs: working-directory: bindings/nodejs - name: Build Node.js prebuild (x64) + # TODO: remove again + if: ${{ !startsWith(matrix.os, 'macos') }} run: yarn run prebuild-x64 working-directory: bindings/nodejs - - name: Build Node.js prebuild (arm64) - run: yarn run prebuild-arm64 + - name: Build Node.js prebuild (macos, arm64) + if: ${{ !startsWith(matrix.os, 'macos') }} + run: | + yarn run prebuild-macos-arm64 + working-directory: bindings/nodejs + + - name: Build Node.js prebuild (linux, arm64) + if: ${{ !startsWith(matrix.os, 'ubuntu') }} + run: | + yarn run prebuild-linux-arm64 + working-directory: bindings/nodejs + + - name: Build Node.js prebuild (windows, arm64) + if: ${{ startsWith(matrix.os, 'windows') }} + run: | + yarn run prebuild-windows-arm64 + working-directory: bindings/nodejs + + - name: Import code signing assets (macOS) + # Based on https://github.com/Apple-Actions/import-codesign-certs/blob/master/src/security.ts + run: | + security create-keychain -p $KEYCHAIN_PASSWORD signing.keychain + security set-keychain-settings -lut 3600 signing.keychain + security unlock-keychain -p $KEYCHAIN_PASSWORD signing.keychain + echo $MAC_CERT_BASE64 | base64 -D -o signing.p12 + security import signing.p12 -k signing.keychain -f pkcs12 -T "/usr/bin/codesign" -T "/usr/bin/security" -P $MAC_CERT_PASSWORD + rm signing.p12 + security -q set-key-partition-list -S apple-tool:,apple: -k $KEYCHAIN_PASSWORD signing.keychain > /dev/null + security -v list-keychains -s signing.keychain + security find-identity -vp codesigning + env: + KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} + MAC_CERT_BASE64: ${{ secrets.MAC_CERT_BASE64 }} + MAC_CERT_PASSWORD: ${{ secrets.MAC_CERT_PASSWORD }} + if: ${{ startsWith(matrix.os, 'macos') }} + + - name: Sign and notarize index.node binary (macOS) + run: | + ls prebuilds/@iota/ + + # unpack to only get the index.node + tar -xvf prebuilds/@iota/sdk-v1.0.0-rc.1-napi-v6-darwin-arm64.tar.gz + + gon .github/gon-config.json + unzip binary.zip + + # clean existing build/Release + rm -rf build + mkdir -p build/Release + + mv -f index.node build/Release/index.node + tar -czf prebuilds/@iota/sdk-v1.0.0-rc.1-napi-v6-darwin-arm64.tar.gz build/Release/index.node + env: + AC_USERNAME: ${{ secrets.ASC_APPLE_ID }} + AC_PASSWORD: ${{ secrets.ASC_PASSWORD }} + if: ${{ startsWith(matrix.os, 'macos') }} working-directory: bindings/nodejs - name: Upload prebuild to GitHub release diff --git a/bindings/nodejs/package.json b/bindings/nodejs/package.json index c71390aed4..b5070cc9e4 100644 --- a/bindings/nodejs/package.json +++ b/bindings/nodejs/package.json @@ -11,7 +11,9 @@ "build": "node scripts/neon-build && tsc", "build:neon": "cargo-cp-artifact -ac iota-sdk-nodejs ./index.node -- cargo build --release --message-format=json-render-diagnostics", "prebuild-x64": "prebuild --runtime napi --target 6 --prepack scripts/neon-build.js --strip --arch x64", - "prebuild-arm64": "prebuild --runtime napi --target 6 --prepack scripts/neon-build.js --strip --arch arm64", + "prebuild-macos-arm64": "prebuild --runtime napi --target 6 --prepack 'cargo-cp-artifact -ac iota-sdk-nodejs ./index.node -- cargo build --release --message-format=json-render-diagnostics --target aarch64-apple-darwin' --strip --arch arm64", + "prebuild-linux-arm64": "prebuild --runtime napi --target 6 --prepack 'cargo-cp-artifact -ac iota-sdk-nodejs ./index.node -- cargo build --release --message-format=json-render-diagnostics --target aarch64-unknown-linux-gnu' --strip --arch arm64", + "prebuild-windows-arm64": "prebuild --runtime napi --target 6 --prepack 'cargo-cp-artifact -ac iota-sdk-nodejs ./index.node -- cargo build --release --message-format=json-render-diagnostics --target aarch64-pc-windows-msvc' --strip --arch arm64", "rebuild": "node scripts/neon-build && tsc && node scripts/strip.js", "install": "prebuild-install --runtime napi --tag-prefix='iota-sdk-nodejs-v' && tsc || npm run rebuild", "test": "jest" @@ -54,7 +56,7 @@ }, "repository": { "type": "git", - "url": "git+https://github.com/iotaledger/iota-sdk.git" + "url": "git+https://github.com/Thoralf-M/iota-sdk.git" }, "binary": { "napi_versions": [