diff --git a/.dockerignore b/.dockerignore index dd87e2d73f..2399fcb20b 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,2 +1,4 @@ +# Skip unncecessary folders node_modules build +.github diff --git a/.github/actions/setup-node/action.yml b/.github/actions/setup-node/action.yml deleted file mode 100644 index 27fe8d108d..0000000000 --- a/.github/actions/setup-node/action.yml +++ /dev/null @@ -1,34 +0,0 @@ -name: Setup NodeJS -description: Setup NodeJS with caching -author: 'timo@animo.id' - -inputs: - node-version: - description: Node version to use - required: true - -runs: - using: composite - steps: - - name: Get yarn cache directory path - id: yarn-cache-dir-path - shell: bash - run: echo "::set-output name=dir::$(yarn cache dir)" - - - uses: actions/cache@v2 - id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`) - with: - path: ${{ steps.yarn-cache-dir-path.outputs.dir }} - key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} - restore-keys: | - ${{ runner.os }}-yarn- - - - name: Setup node v${{ inputs.node-version }} - uses: actions/setup-node@v2 - with: - node-version: ${{ inputs.node-version }} - registry-url: 'https://registry.npmjs.org/' - -branding: - icon: scissors - color: purple diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000000..eb9c53f64c --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,32 @@ +################################# +# GitHub Dependabot Config info # +################################# + +version: 2 +updates: + # Maintain dependencies for NPM + - package-ecosystem: 'npm' + directory: '/' + schedule: + interval: 'monthly' + allow: + # Focus on main dependencies, not devDependencies + - dependency-type: 'production' + + # Maintain dependencies for GitHub Actions + - package-ecosystem: 'github-actions' + directory: '/' + schedule: + interval: 'monthly' + + # Maintain dependencies for Docker + - package-ecosystem: 'docker' + directory: '/' + schedule: + interval: 'monthly' + + # Maintain dependencies for Cargo + - package-ecosystem: 'cargo' + directory: '/' + schedule: + interval: 'monthly' diff --git a/.github/workflows/cleanup-cache.yml b/.github/workflows/cleanup-cache.yml new file mode 100644 index 0000000000..4b4ecd5bd5 --- /dev/null +++ b/.github/workflows/cleanup-cache.yml @@ -0,0 +1,16 @@ +# Repositories have 10 GB of cache storage per repository +# Documentation: https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy +name: 'Cleanup - Cache' +on: + schedule: + - cron: '0 0 * * 0/3' + workflow_dispatch: + +jobs: + delete-caches: + name: 'Delete Actions caches' + runs-on: ubuntu-latest + + steps: + - name: 'Wipe Github Actions cache' + uses: easimon/wipe-cache@v2 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 470451a5c8..0000000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: 'CodeQL' - -on: - push: - branches: [main] - pull_request: - branches: [main] - schedule: - - cron: '45 0 * * 6' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: ['javascript'] - - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - with: - languages: ${{ matrix.language }} - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/continuous-deployment.yml b/.github/workflows/continuous-deployment.yml index 82d66fb8f7..7186585fa4 100644 --- a/.github/workflows/continuous-deployment.yml +++ b/.github/workflows/continuous-deployment.yml @@ -5,6 +5,9 @@ on: branches: - main +env: + NODE_OPTIONS: --max_old_space_size=6144 + jobs: release-canary: runs-on: aries-ubuntu-2004 @@ -12,19 +15,21 @@ jobs: if: "!startsWith(github.event.head_commit.message, 'chore(release): v')" steps: - name: Checkout aries-framework-javascript - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: # pulls all commits (needed for lerna to correctly version) fetch-depth: 0 + persist-credentials: false # setup dependencies - name: Setup Libindy uses: ./.github/actions/setup-libindy - name: Setup NodeJS - uses: ./.github/actions/setup-node + uses: actions/setup-node@v3 with: node-version: 16 + cache: 'yarn' - name: Install dependencies run: yarn install --frozen-lockfile @@ -43,7 +48,7 @@ jobs: run: | LAST_RELEASED_VERSION=$(npm view @aries-framework/core@alpha version) - echo "::set-output name=version::$LAST_RELEASED_VERSION" + echo version="${LAST_RELEASED_VERSION}" >> "$GITHUB_OUTPUT" - name: Setup git user run: | @@ -62,16 +67,17 @@ jobs: if: "startsWith(github.event.head_commit.message, 'chore(release): v')" steps: - name: Checkout aries-framework-javascript - uses: actions/checkout@v2 + uses: actions/checkout@v3 # setup dependencies - name: Setup Libindy uses: ./.github/actions/setup-libindy - name: Setup NodeJS - uses: ./.github/actions/setup-node + uses: actions/setup-node@v3 with: node-version: 16 + cache: 'yarn' - name: Install dependencies run: yarn install --frozen-lockfile @@ -82,7 +88,7 @@ jobs: NEW_VERSION=$(node -p "require('./lerna.json').version") echo $NEW_VERSION - echo "::set-output name=version::$NEW_VERSION" + echo version="${NEW_VERSION}" >> "$GITHUB_OUTPUT" - name: Create Tag uses: mathieudutour/github-tag-action@v6.0 diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 19ea4923ba..4eabc4d03e 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -13,13 +13,14 @@ env: ENDORSER_AGENT_PUBLIC_DID_SEED: 00000000000000000000000Endorser9 GENESIS_TXN_PATH: network/genesis/local-genesis.txn LIB_INDY_STRG_POSTGRES: /home/runner/work/aries-framework-javascript/indy-sdk/experimental/plugins/postgres_storage/target/release # for Linux - NODE_OPTIONS: --max_old_space_size=4096 + NODE_OPTIONS: --max_old_space_size=6144 # Make sure we're not running multiple release steps at the same time as this can give issues with determining the next npm version to release. # Ideally we only add this to the 'release' job so it doesn't limit PR runs, but github can't guarantee the job order in that case: # "When concurrency is specified at the job level, order is not guaranteed for jobs or runs that queue within 5 minutes of each other." concurrency: - group: aries-framework-${{ github.ref }}-${{ github.repository }}-${{ github.event_name }} + # Cancel previous runs that are not completed yet + group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: @@ -43,26 +44,27 @@ jobs: fi echo "SHOULD_RUN: ${SHOULD_RUN}" - echo "::set-output name=triggered::${SHOULD_RUN}" + echo triggered="${SHOULD_RUN}" >> "$GITHUB_OUTPUT" validate: runs-on: aries-ubuntu-2004 name: Validate steps: - name: Checkout aries-framework-javascript - uses: actions/checkout@v2 + uses: actions/checkout@v3 # setup dependencies - name: Setup Libindy uses: ./.github/actions/setup-libindy - name: Setup NodeJS - uses: ./.github/actions/setup-node + uses: actions/setup-node@v3 with: node-version: 16 + cache: 'yarn' - name: Install dependencies - run: yarn install + run: yarn install --frozen-lockfile - name: Linting run: yarn lint @@ -86,7 +88,7 @@ jobs: steps: - name: Checkout aries-framework-javascript - uses: actions/checkout@v2 + uses: actions/checkout@v3 # setup dependencies @@ -109,16 +111,17 @@ jobs: uses: ./.github/actions/setup-postgres-wallet-plugin - name: Setup NodeJS - uses: ./.github/actions/setup-node + uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} + cache: 'yarn' - name: Add ref-napi resolution in Node18 - run: node ./scripts/add-ref-napi-resolution.js if: matrix.node-version == '18.x' + run: node ./scripts/add-ref-napi-resolution.js - name: Install dependencies - run: yarn install + run: yarn install --frozen-lockfile - name: Run tests run: TEST_AGENT_PUBLIC_DID_SEED=${TEST_AGENT_PUBLIC_DID_SEED} ENDORSER_AGENT_PUBLIC_DID_SEED=${ENDORSER_AGENT_PUBLIC_DID_SEED} GENESIS_TXN_PATH=${GENESIS_TXN_PATH} yarn test --coverage --forceExit --bail @@ -133,19 +136,21 @@ jobs: if: github.ref == 'refs/heads/main' && github.event_name == 'workflow_dispatch' steps: - name: Checkout aries-framework-javascript - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: # pulls all commits (needed for lerna to correctly version) fetch-depth: 0 + persist-credentials: false # setup dependencies - name: Setup Libindy uses: ./.github/actions/setup-libindy - name: Setup NodeJS - uses: ./.github/actions/setup-node + uses: actions/setup-node@v3 with: node-version: 16 + cache: 'yarn' - name: Install dependencies run: yarn install --frozen-lockfile @@ -174,8 +179,7 @@ jobs: run: | NEW_VERSION=$(node -p "require('./lerna.json').version") echo $NEW_VERSION - - echo "::set-output name=version::$NEW_VERSION" + echo version="${NEW_VERSION}" >> "$GITHUB_OUTPUT" - name: Create Pull Request uses: peter-evans/create-pull-request@v3 diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index d5af138f96..a14c516acb 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -14,7 +14,7 @@ jobs: steps: # Please look up the latest version from # https://github.com/amannn/action-semantic-pull-request/releases - - uses: amannn/action-semantic-pull-request@v3.4.6 + - uses: amannn/action-semantic-pull-request@v5.2.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/repolinter.yml b/.github/workflows/repolinter.yml index f33a30eb1d..4a4501a8a8 100644 --- a/.github/workflows/repolinter.yml +++ b/.github/workflows/repolinter.yml @@ -12,6 +12,7 @@ jobs: container: ghcr.io/todogroup/repolinter:v0.10.1 steps: - name: Checkout Code - uses: actions/checkout@v2 + uses: actions/checkout@v3 + - name: Lint Repo run: bundle exec /app/bin/repolinter.js --rulesetUrl https://raw.githubusercontent.com/hyperledger-labs/hyperledger-community-management-tools/master/repo_structure/repolint.json diff --git a/Dockerfile b/Dockerfile index cd68166f9e..9514936098 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,34 +1,41 @@ -FROM ubuntu:20.04 as base +## Stage 1: Build indy-sdk and postgres plugin -ENV DEBIAN_FRONTEND noninteractive +FROM ubuntu:22.04 as base -RUN apt-get update -y && apt-get install -y \ - software-properties-common \ - apt-transport-https \ - curl \ - # Only needed to build indy-sdk - build-essential \ - git \ - libzmq3-dev libsodium-dev pkg-config libssl-dev +# Set this value only during build +ARG DEBIAN_FRONTEND noninteractive -# libindy -RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 -RUN add-apt-repository "deb https://repo.sovrin.org/sdk/deb bionic stable" +# Define packages to install +ENV PACKAGES software-properties-common ca-certificates \ + curl build-essential git \ + libzmq3-dev libsodium-dev pkg-config -# nodejs 16x LTS Debian -RUN curl -fsSL https://deb.nodesource.com/setup_16.x | bash - +# Combined update and install to ensure Docker caching works correctly +RUN apt-get update -y \ + && apt-get install -y $PACKAGES -# yarn -RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \ - echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list +RUN curl http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1-1ubuntu2.1~18.04.21_amd64.deb -o libssl1.1.deb \ + # libssl1.1 (required by libindy) + && dpkg -i libssl1.1.deb \ + && curl http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_1.1.1-1ubuntu2.1~18.04.21_amd64.deb -o libssl-dev1.1.deb \ + # libssl-dev1.1 (required to compile libindy with posgres plugin) + && dpkg -i libssl-dev1.1.deb -# install depdencies -RUN apt-get update -y && apt-get install -y --allow-unauthenticated \ - libindy \ - nodejs +# Add APT sources +RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 \ + && add-apt-repository "deb https://repo.sovrin.org/sdk/deb bionic stable" \ + && curl -fsSL https://deb.nodesource.com/setup_16.x | bash - \ + && curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \ + && echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list -# Install yarn seperately due to `no-install-recommends` to skip nodejs install -RUN apt-get install -y --no-install-recommends yarn +# Install libindy, NodeJS and yarn +RUN apt-get update -y \ + # Install libindy + && apt-get install -y --allow-unauthenticated libindy \ + && apt-get install -y nodejs \ + && apt-get install -y --no-install-recommends yarn \ + && rm -rf /var/lib/apt/lists/* \ + && apt-get clean -y # postgres plugin setup # install rust and set up rustup @@ -46,14 +53,19 @@ RUN cargo build --release # set up library path for postgres plugin ENV LIB_INDY_STRG_POSTGRES="/indy-sdk/experimental/plugins/postgres_storage/target/release" +## Stage 2: Build Aries Framework JavaScript + FROM base as final -# AFJ specifc setup -WORKDIR /www +# Set environment variables ENV RUN_MODE="docker" -# Copy dependencies +# Set working directory +WORKDIR /www + +# Copy repository files COPY . . -RUN yarn install -RUN yarn build \ No newline at end of file +# Run yarn install and build +RUN yarn install --frozen-lockfile \ + && yarn build