Skip to content

Commit

Permalink
feat: Add support for QS Cloud JWTs
Browse files Browse the repository at this point in the history 
Implements #27
  • Loading branch information
@mountaindude
mountaindude committed Mar 18, 2022
1 parent bd78de1 commit 6597dfa
Show file tree
Hide file tree
Showing 4 changed files with 304 additions and 117 deletions.
154 changes: 48 additions & 106 deletions .github/workflows/release-please.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,9 @@ jobs:
release-please:
runs-on: ubuntu-latest
outputs:
release_created: ${{ steps.release.outputs.release_created }}
release_tag_name: ${{ steps.release.outputs.tag_name }}
release_upload_url: ${{ steps.release.outputs.upload_url }}
releases_created: ${{ steps.release.outputs.releases_created }}
release_tag_name: ${{ steps.release.outputs['src--tag_name'] }}
release_upload_url: ${{ steps.release.outputs['src--upload_url'] }}
env:
GITHUB_REF: ${{ github.ref }}
GITHUB_TOKEN: ${{ secrets.PAT }}
Expand All @@ -27,44 +27,52 @@ jobs:
with:
command: manifest

- name: Show output from Release-Please
if: ${{ steps.release.outputs.release_created }}
- name: Show output from Release-Please 3
if: ${{ steps.release.outputs.releases_created }}
run: |
echo "release_created: ${{ steps.release.outputs.release_created }}"
echo "upload_url: ${{ steps.release.outputs.upload_url }}"
echo "html_url: ${{ steps.release.outputs.html_url }}"
echo "tag_name: ${{ steps.release.outputs.tag_name }}"
echo "major: ${{ steps.release.outputs.major }}"
echo "minor: ${{ steps.release.outputs.minor }}"
echo "patch: ${{ steps.release.outputs.patch }}"
echo "sha: ${{ steps.release.outputs.sha }}"
echo "pr: ${{ steps.release.outputs.pr }}"
echo "releases_created: ${{ steps.release.outputs.releases_created }}"
echo "draft : ${{ steps.release.outputs['src--draft'] }}"
echo "path : ${{ steps.release.outputs['src--path'] }}"
echo "upload_url : ${{ steps.release.outputs['src--upload_url'] }}"
echo "html_url : ${{ steps.release.outputs['src--html_url'] }}"
echo "tag_name : ${{ steps.release.outputs['src--tag_name'] }}"
echo "version : ${{ steps.release.outputs['src--version'] }}"
echo "major : ${{ steps.release.outputs['src--major'] }}"
echo "minor : ${{ steps.release.outputs['src--minor'] }}"
echo "patch : ${{ steps.release.outputs['src--patch'] }}"
echo "sha : ${{ steps.release.outputs['src--sha'] }}"
- name: Checkout repository
if: github.repository_owner == 'ptarmiganlabs'
uses: actions/checkout@v3

- name: Install dependencies
if: ${{ steps.release.outputs.releases_created }}
run: |
ls -la
npm install
- name: Run Snyk to check for vulnerabilities
if: github.repository_owner == 'ptarmiganlabs'
uses: snyk/actions/node@master
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
command: monitor
args: --file=./package.json --sarif-file-output=snyk.sarif
# command: test

- name: Install dependencies
if: ${{ steps.release.outputs.release_created }}
run: |
ls -la
npm install
- name: Upload Snyk result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: snyk.sarif

- name: Install tool for creating stand-alone executables
if: ${{ steps.release.outputs.release_created }}
if: ${{ steps.release.outputs.releases_created }}
run: npm install -g pkg

- name: Package stand-alone binaries
if: ${{ steps.release.outputs.release_created }}
if: ${{ steps.release.outputs.releases_created }}
# mkdir release/alpine
# pkg --output release/alpine/${DIST_FILE_NAME} -t node16-alpine-x64 index.js
run: |
Expand All @@ -77,38 +85,34 @@ jobs:
pkg --config ./package.json --output release/macos/${DIST_FILE_NAME} -t node16-macos-x64 qs-jwt.js
pkg --config ./package.json --output release/win/${DIST_FILE_NAME}.exe -t node16-win-x64 qs-jwt.js
- name: Debug
if: ${{ steps.release.outputs.releases_created }}
run: |
ls -la
ls -la release
ls -la release/macos
ls -la release/linux
ls -la release/win
- name: Compress binaries
if: ${{ steps.release.outputs.release_created }}
if: ${{ steps.release.outputs.releases_created }}
# zip release-zip/${DIST_FILE_NAME}-alpine.zip release/alpine/${DIST_FILE_NAME}
run: |
ls -la
mkdir release-zip
zip --junk-paths release-zip/${DIST_FILE_NAME}-linux.zip release/linux/${DIST_FILE_NAME}
zip --junk-paths release-zip/${DIST_FILE_NAME}-win.zip release/win/${DIST_FILE_NAME}.exe
- name: Debug
if: ${{ steps.release.outputs.release_created }}
run: |
ls -la
ls -la release
ls -la release/macos
- name: Upload macOS build artifacts
if: ${{ steps.release.outputs.release_created }}
if: ${{ steps.release.outputs.releases_created }}
uses: actions/upload-artifact@v3
with:
name: binaries-macos
path: release/macos/*

# - name: Upload Windows build artifacts
# if: ${{ steps.release.outputs.release_created }}
# uses: actions/upload-artifact@v3
# with:
# name: binaries-win
# path: release/win/*

- name: Upload to existing release
if: ${{ steps.release.outputs.release_created }}
if: ${{ steps.release.outputs.releases_created }}
uses: ncipollo/release-action@v1
with:
allowUpdates: true
Expand All @@ -117,7 +121,7 @@ jobs:
# artifactContentType: application/zip
artifactContentType: raw
draft: true
tag: ${{ steps.release.outputs.tag_name }}
tag: ${{ steps.release.outputs['src--tag_name'] }}
artifacts: release-zip/*
token: ${{ github.token }}

Expand All @@ -131,14 +135,15 @@ jobs:
- macos
- sp53
# timeout-minutes: 15
if: ${{ needs.release-please.outputs.release_created }}

if: ${{ needs.release-please.outputs.releases_created }}
env:
DIST_FILE_NAME: qs-jwt
steps:
- name: Release tag and upload url from previous job
run: |
echo ${{ needs.release-please.outputs.release_tag_name }}
echo ${{ needs.release-please.outputs.release_upload_url }}
echo "tag_name : ${{ needs.release-please.outputs.release_tag_name }}"
echo "upload_url : ${{ needs.release-please.outputs.release_upload_url }}"
- name: Checkout
uses: actions/checkout@v3
Expand All @@ -153,10 +158,6 @@ jobs:
run: |
chmod +x release-macos/${DIST_FILE_NAME}
# - name: Install dependencies
# run: |
# npm install

# Needed for GitHub hosted runner
# For self-hosted runner the cert must either be installed manually, or the code below run once and then disabled.
# - name: Import Code-Signing Certificates
Expand Down Expand Up @@ -189,6 +190,7 @@ jobs:
- name: Debug
run: |
pwd
ls -la
ls -la ./release-macos
Expand All @@ -208,63 +210,3 @@ jobs:
- name: Tidy up before existing
run: |
rm -r release-macos
# - name: Upload build artifacts
# uses: actions/upload-artifact@v2
# with:
# name: binaries-macos
# path: release-macos/*

# release-win64:
# needs: release-please
# # runs-on: macos-latest
# runs-on:
# - self-hosted
# - x64
# - windows
# - sp53
# # timeout-minutes: 15
# if: ${{ needs.release-please.outputs.release_created }}
# env:
# DIST_FILE_NAME: qs-jwt
# steps:
# - name: Release tag and upload url from previous job
# run: |
# echo ${{ needs.release-please.outputs.release_tag_name }}
# echo ${{ needs.release-please.outputs.release_upload_url }}

# - name: Checkout
# uses: actions/checkout@v3

# - name: Download-Binaries
# uses: actions/download-artifact@v3
# with:
# name: binaries-win
# path: release-win/

# - name: Install dependencies
# run: |
# npm install

# - name: Debug
# run: |
# ls -la
# ls -la ./release-macos

# - name: Upload to existing release
# uses: ncipollo/release-action@v1
# with:
# allowUpdates: true
# omitBodyDuringUpdate: true
# omitNameDuringUpdate: true
# artifactContentType: raw
# # artifactContentType: application/zip
# draft: true
# tag: ${{ needs.release-please.outputs.release_tag_name }}
# artifacts: release-win/${{ env.DIST_FILE_NAME }}-win.zip
# token: ${{ github.token }}

# - name: Tidy up before existing
# run: |
# Remove-Item -path release-macos
22 changes: 20 additions & 2 deletions lib/create-assert-options.js
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,23 @@
const { logger } = require('../globals');

const createAssertOptions = (options) => {
const createQseowAssertOptions = (options) => {
// If certificates are to be created: Ensure all required field are present with valid values
if (options.certCreate === true || options.certCreate === 'true') {
// Ensure --cert-create-expires-days has valid number
if (!options.certCreateExpiresDays) {
logger.error(
'--cert-create-expires-days is missing or invalid. Use it to specify how long the created certificate should be valid.'
);
process.exit(1);
}
if (Number.isNaN(options.certCreateExpiresDays)) {
logger.error('--cert-create-expires-days must be an integer');
process.exit(1);
}
}
};

const createCloudAssertOptions = (options) => {
// If certificates are to be created: Ensure all required field are present with valid values
if (options.certCreate === true || options.certCreate === 'true') {
// Ensure --cert-create-expires-days has valid number
Expand All @@ -18,5 +35,6 @@ const createAssertOptions = (options) => {
};

module.exports = {
createAssertOptions,
createQseowAssertOptions,
createCloudAssertOptions,
};
Loading

0 comments on commit 6597dfa

Please sign in to comment.