Skip to content

feat(gate,sdk): update auth interface, better oauth2 #1600

feat(gate,sdk): update auth interface, better oauth2

feat(gate,sdk): update auth interface, better oauth2 #1600

Workflow file for this run

on:
push:
branches:
- main
pull_request:
types:
- opened
- synchronize
- ready_for_review
env:
PYTHON_VERSION: "3.8"
PROTOC_VERSION: "v24.x"
POETRY_VERSION: "1.6.1"
DENO_BINDGEN_URL: https://raw.githubusercontent.com/Natoandro/deno_bindgen/main/cli.ts
DENO_VERSION: "1.37.1"
PNPM_VERSION: "8.8.0"
NODE_VERSION: "20.8.0"
WASM_TOOLS_VERSION: "1.0.45"
JCO_VERSION: "0.12.1"
WASMEDGE_VERSION: "0.12.1"
RUST_BACKTRACE: "full"
jobs:
changes:
runs-on: ubuntu-latest
permissions:
pull-requests: read
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v2
id: filter
with:
filters: |
website:
- '.github/workflows/tests.yml'
- 'website/**'
typegraph:
- '.github/workflows/tests.yml'
- 'typegraph/**'
meta-cli:
- '.github/workflows/tests.yml'
- 'libs/**'
- 'meta-cli/**'
- 'Cargo.lock'
typegate:
- '.github/workflows/tests.yml'
- 'libs/**'
- 'typegate/**'
- 'typegraph/**'
- 'Cargo.lock'
rust:
- '.github/workflows/tests.yml'
- 'libs/**'
- 'typegate/native/**'
- 'Cargo.lock'
outputs:
website: ${{ steps.filter.outputs.website }}
typegraph: ${{ steps.filter.outputs.typegraph }}
meta-cli: ${{ steps.filter.outputs.meta-cli }}
typegate: ${{ steps.filter.outputs.typegate }}
rust: ${{ steps.filter.outputs.rust }}
test-pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- uses: pnpm/action-setup@v2.4.0
with:
version: ${{ env.PNPM_VERSION }}
- uses: arduino/setup-protoc@v2
with:
version: ${{ env.PROTOC_VERSION }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: dsherret/rust-toolchain-file@v1
- uses: Swatinem/rust-cache@v2
with:
shared-key: ${{ runner.os }}-rust-${{ hashFiles('**/rust-toolchain.toml') }}-${{ hashFiles('**/Cargo.lock') }}
- uses: denoland/setup-deno@v1
with:
deno-version: ${{ env.DENO_VERSION }}
- run: |
curl -sSf https://raw.githubusercontent.com/WasmEdge/WasmEdge/master/utils/install.sh | bash -s -- -v $WASMEDGE_VERSION
cd website
pnpm install --frozen-lockfile
cd ..
- uses: pre-commit/action@v3.0.0
test-website:
needs: changes
if: ${{ needs.changes.outputs.website == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- uses: abatilo/actions-poetry@v2
with:
poetry-version: ${{ env.POETRY_VERSION }}
- uses: actions/cache@v3
with:
path: .venv
key: ${{ runner.os }}-venv-${{ hashFiles('**/poetry.lock') }}
- uses: pnpm/action-setup@v2.4.0
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
cache: "pnpm"
cache-dependency-path: website/pnpm-lock.yaml
- run: |
python3 -m venv .venv
source .venv/bin/activate
poetry install
cd website
pnpm install --frozen-lockfile
pnpm lint
pnpm build
test-typegraph-core:
needs:
- changes
if: ${{ needs.changes.outputs.typegraph == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dsherret/rust-toolchain-file@v1
- uses: Swatinem/rust-cache@v2
with:
shared-key: ${{ runner.os }}-rust-${{ hashFiles('**/rust-toolchain.toml') }}-${{ hashFiles('**/Cargo.lock') }}
- run: |
# test in native rust, not in wasm for a future rust SDK
# without --tests, the --doc is causing a link error "syntax error in VERSION script"
cargo test --locked --package typegraph_core --tests
test-meta-cli:
needs: changes
if: ${{ needs.changes.outputs.meta-cli == 'true' || needs.changes.outputs.typegraph == 'true' || needs.changes.outputs.typegate == 'true' || needs.changes.outputs.rust == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dsherret/rust-toolchain-file@v1
- uses: Swatinem/rust-cache@v2
with:
shared-key: ${{ runner.os }}-rust-${{ hashFiles('**/rust-toolchain.toml') }}-${{ hashFiles('**/Cargo.lock') }}
- uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- uses: abatilo/actions-poetry@v2
with:
poetry-version: ${{ env.POETRY_VERSION }}
- uses: actions/cache@v3
with:
path: .venv
key: ${{ runner.os }}-venv-${{ hashFiles('**/poetry.lock') }}
- env:
WASM_FILE: target/debug/typegraph_core.wasm
run: |
python3 -m venv .venv
source .venv/bin/activate
cd typegraph/python
poetry install --sync
cd ../..
curl -sSf https://raw.githubusercontent.com/WasmEdge/WasmEdge/master/utils/install.sh | bash -s -- -v $WASMEDGE_VERSION
export LD_LIBRARY_PATH="$HOME/.wasmedge/lib:$LD_LIBRARY_PATH"
cargo install wasm-tools --version $WASM_TOOLS_VERSION --locked
cargo build -p typegraph_core --target wasm32-unknown-unknown
wasm-tools component new target/wasm32-unknown-unknown/debug/typegraph_core.wasm -o $WASM_FILE
rm -rf typegraph/python/typegraph/gen
poetry run python -m wasmtime.bindgen $WASM_FILE --out-dir typegraph/python/typegraph/gen
cargo run --locked --package meta-cli -- --help
cargo test --locked --package meta-cli
tar -cvf meta.tar target/debug/meta
- uses: actions/upload-artifact@v3
with:
name: meta
path: meta.tar
retention-days: 1
test-meta-cli-compat:
needs: changes
if: ${{ needs.changes.outputs.meta-cli == 'true' }}
runs-on: "${{ matrix.os }}"
strategy:
matrix:
include:
- os: macos-latest
activate: "source .venv/bin/activate"
#- os: windows-latest
# activate: '.venv\Scripts\activate.bat'
steps:
- uses: actions/checkout@v4
- uses: dsherret/rust-toolchain-file@v1
- uses: Swatinem/rust-cache@v2
with:
shared-key: ${{ runner.os }}-rust-${{ hashFiles('**/rust-toolchain.toml') }}-${{ hashFiles('**/Cargo.lock') }}
- uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- uses: abatilo/actions-poetry@v2
with:
poetry-version: ${{ env.POETRY_VERSION }}
- uses: actions/cache@v3
with:
path: .venv
key: ${{ runner.os }}-venv-${{ hashFiles('**/poetry.lock') }}
- env:
WASM_FILE: target/debug/typegraph_core.wasm
run: |
python3 -m venv .venv
${{ matrix.activate }}
cd typegraph/python
poetry install --sync
cd ../..
curl -sSf https://raw.githubusercontent.com/WasmEdge/WasmEdge/master/utils/install.sh | bash -s -- -v $WASMEDGE_VERSION
export LD_LIBRARY_PATH="$HOME/.wasmedge/lib:$LD_LIBRARY_PATH"
cargo install wasm-tools --version $WASM_TOOLS_VERSION --locked
cargo build -p typegraph_core --target wasm32-unknown-unknown
wasm-tools component new target/wasm32-unknown-unknown/debug/typegraph_core.wasm -o $WASM_FILE
rm -rf typegraph/python/typegraph/gen
poetry run python -m wasmtime.bindgen $WASM_FILE --out-dir typegraph/python/typegraph/gen
cargo run --locked --package meta-cli -- --help
cargo test --locked --package meta-cli
test-typegate:
needs:
- changes
- test-meta-cli
if: ${{ needs.changes.outputs.typegate == 'true' }}
runs-on:
- self-hosted # https://check-jsonschema.readthedocs.io/en/latest/faq.html#using-self-hosted-runners
- custom-linux
timeout-minutes: 60
services:
redis:
image: bitnami/redis:7.0
env:
REDIS_PASSWORD: password
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
postgres:
image: postgres:15
env:
POSTGRES_DB: db
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
ports:
- 5432:5432
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
minio:
image: bitnami/minio:2022
env:
MINIO_REGION_NAME: local
MINIO_ROOT_USER: minio
MINIO_ROOT_PASSWORD: password
MINIO_DEFAULT_BUCKETS: "bucket:none"
ports:
- "9000:9000"
- "9001:9001"
env:
DENO_DIR: deno-dir
steps:
- uses: actions/checkout@v4
- uses: dsherret/rust-toolchain-file@v1
- uses: Swatinem/rust-cache@v2
with:
shared-key: ${{ runner.os }}-rust-${{ hashFiles('**/rust-toolchain.toml') }}-${{ hashFiles('**/Cargo.lock') }}
- uses: denoland/setup-deno@v1
with:
deno-version: ${{ env.DENO_VERSION }}
- uses: actions/cache@v3
with:
path: ${{ env.DENO_DIR }}
key: deno-${{ hashFiles('**/deno.lock') }}
- uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- uses: abatilo/actions-poetry@v2
with:
poetry-version: ${{ env.POETRY_VERSION }}
- uses: arduino/setup-protoc@v2
with:
version: ${{ env.PROTOC_VERSION }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
- uses: actions/cache@v3
with:
path: .venv
key: ${{ runner.os }}-venv-${{ hashFiles('**/poetry.lock') }}
- uses: actions/download-artifact@v3
with:
name: meta
- env:
WASM_FILE: target/debug/typegraph_core.wasm
run: |
sudo apt update
sudo apt install -y --no-install-recommends gcc-multilib pkg-config libssl-dev libclang-dev perl make
tar -xvf meta.tar
python3 -m venv .venv
source .venv/bin/activate
poetry install --sync
curl -sSf https://raw.githubusercontent.com/WasmEdge/WasmEdge/master/utils/install.sh | bash -s -- -v $WASMEDGE_VERSION
export LD_LIBRARY_PATH="$HOME/.wasmedge/lib:$LD_LIBRARY_PATH"
cargo install wasm-tools --version $WASM_TOOLS_VERSION --locked
npm install --global @bytecodealliance/jco@$JCO_VERSION
cargo build -p typegraph_core --target wasm32-unknown-unknown
wasm-tools component new target/wasm32-unknown-unknown/debug/typegraph_core.wasm -o $WASM_FILE
rm -rf typegraph/deno/src/gen
jco transpile $WASM_FILE -o typegraph/deno/src/gen
deno run -A typegraph/deno/dev/fix-declarations.ts
rm -rf typegraph/python/typegraph/gen
poetry run python -m wasmtime.bindgen $WASM_FILE --out-dir typegraph/python/typegraph/gen
deno install -A -n deno_bindgen $DENO_BINDGEN_URL
OUT_DIR=target deno_bindgen -- --locked --package native -F deno
deno run -A dev/update.ts --cache-only || deno run -A dev/update.ts --cache-only
deno run -A dev/test.ts --threads 2 -- --coverage=coverage
deno --unstable coverage ./coverage --lcov > coverage.lcov
cargo test --locked --package native
- uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./coverage.lcov
fail_ci_if_error: true
test-libs:
needs:
- changes
- test-meta-cli
if: ${{ needs.changes.outputs.rust == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: dsherret/rust-toolchain-file@v1
- uses: Swatinem/rust-cache@v2
with:
shared-key: ${{ runner.os }}-rust-${{ hashFiles('**/rust-toolchain.toml') }}-${{ hashFiles('**/Cargo.lock') }}
- uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- uses: abatilo/actions-poetry@v2
with:
poetry-version: ${{ env.POETRY_VERSION }}
- uses: actions/cache@v3
with:
path: .venv
key: ${{ runner.os }}-venv-${{ hashFiles('**/poetry.lock') }}
- uses: actions/download-artifact@v3
with:
name: meta
- run: |
tar -xvf meta.tar
python3 -m venv .venv
source .venv/bin/activate
cd typegraph/python
poetry install --sync
cd ../..
cargo test --locked --exclude meta-cli --exclude native --exclude typegraph_core --workspace
test-docker:
needs: changes
if: ${{ needs.changes.outputs.typegate == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- uses: scherermichael-oss/action-has-permission@master
id: check
with:
required-permission: write
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: docker/login-action@v3
if: steps.check.outputs.has-permission
with:
registry: docker.io
username: zifeo
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build with cache (internal)
uses: docker/build-push-action@v5
if: steps.check.outputs.has-permission
with:
file: dev/Dockerfile
platforms: linux/amd64
push: false
cache-from: type=registry,ref=docker.io/zifeo/metatype-cache:ci
cache-to: type=registry,ref=docker.io/zifeo/metatype-cache:ci,mode=max
- name: Build without cache (external)
uses: docker/build-push-action@v5
if: "! steps.check.outputs.has-permission"
with:
file: dev/Dockerfile
platforms: linux/amd64
push: false
cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/typegate:latest