mirror of
https://github.com/openpgpjs/openpgpjs.git
synced 2025-03-30 15:08:32 +00:00
4762d2c762
The tests work correctly in Epiphany, but not in the WebKit build, where the native X25519 implementation throws non-standard errors on importKey (DataError) and generateKey (OperationError). Patching this would be simply a matter of catching such errors and falling back to the JS implementation, but since only the CI WebKit build seems to be affected, we prefer not to relax fallback checks in the context of crypto operations without issues reported in the wild.
207 lines
6.5 KiB
YAML
207 lines
6.5 KiB
YAML
name: Code Tests
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
branches: [main]
|
|
|
|
jobs:
|
|
build: # cache both dist and tests (non-lightweight only), based on commit hash
|
|
name: Build
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-node@v4
|
|
- name: Check for cached folders
|
|
id: cache-full
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: |
|
|
dist
|
|
test/lib
|
|
key: cache-${{ github.sha }}
|
|
- name: Build dist and tests
|
|
if: steps.cache-full.outputs.cache-hit != 'true'
|
|
run: |
|
|
npm ci
|
|
npm run build-test
|
|
|
|
node:
|
|
strategy:
|
|
fail-fast: false # if tests for one version fail, continue with the rest
|
|
matrix:
|
|
node-version: [18.x, 20.x, 22.x]
|
|
# See supported Node.js release schedule at https://nodejs.org/en/about/releases/
|
|
|
|
name: Node ${{ matrix.node-version }}
|
|
runs-on: ubuntu-latest
|
|
needs: build
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: ${{ matrix.node-version }}
|
|
- run: npm ci --ignore-scripts # for mocha
|
|
- name: Retrieve cached folders
|
|
uses: actions/cache/restore@v4
|
|
id: cache-full
|
|
with:
|
|
# test/lib is not needed, but the path must be specified fully for a cache-hit
|
|
path: |
|
|
dist
|
|
test/lib
|
|
key: cache-${{ github.sha }}
|
|
# ignore cache miss, since it was taken care of the `build` step and it should never occur here
|
|
- run: npm test
|
|
|
|
test-browsers-latest:
|
|
name: Browsers (latest)
|
|
needs: build
|
|
strategy:
|
|
fail-fast: false # if tests for one version fail, continue with the rest
|
|
matrix:
|
|
# run on all main platforms to test platform-specific code, if present
|
|
# (e.g. webkit's WebCrypto API implementation is different in macOS vs Linux)
|
|
# TODO: windows-latest fails to fetch resources from the wtr server; investigate if the problem is with path declaration or permissions
|
|
runner: ['ubuntu-latest', 'macos-latest']
|
|
runs-on: ${{ matrix.runner }}
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-node@v4
|
|
|
|
- name: Retrieve cached built folders
|
|
uses: actions/cache/restore@v4
|
|
id: cache-full
|
|
with:
|
|
path: |
|
|
dist
|
|
test/lib
|
|
key: cache-${{ github.sha }}
|
|
|
|
- name: Install dependencies
|
|
# cannot use `--ignore-scripts` since playwright seems to use it to set ENV vars
|
|
run: |
|
|
npm pkg delete scripts.prepare
|
|
npm ci
|
|
|
|
- name: Get Playwright version and cache location
|
|
id: playwright-version
|
|
run: |
|
|
PLAYWRIGHT_VERSION=$(npm ls playwright --depth=0 | grep playwright | sed 's/.*@//')
|
|
echo "version=$PLAYWRIGHT_VERSION" >> $GITHUB_OUTPUT
|
|
PLAYWRIGHT_CACHE=${{ fromJSON('{"ubuntu-latest": "~/.cache/ms-playwright", "macos-latest": "~/Library/Caches/ms-playwright"}')[matrix.runner] }}
|
|
echo "playwright_cache=$PLAYWRIGHT_CACHE" >> $GITHUB_OUTPUT
|
|
- name: Check for cached browsers
|
|
id: cache-playwright-browsers
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ${{ steps.playwright-version.outputs.playwright_cache }}
|
|
key: playwright-browsers-${{ matrix.runner }}-${{ steps.playwright-version.outputs.version }}
|
|
- name: Install browsers
|
|
if: steps.cache-playwright-browsers.outputs.cache-hit != 'true'
|
|
run: |
|
|
npx playwright install --with-deps chromium
|
|
npx playwright install --with-deps firefox
|
|
|
|
- name: Install WebKit # caching not possible, external shared libraries required
|
|
if: ${{ matrix.runner == 'macos-latest' }} # do not install on ubuntu, since the X25519 WebCrypto implementation has issues
|
|
run: npx playwright install --with-deps webkit
|
|
|
|
- name: Run browser tests
|
|
run: npm run test-browser:ci -- --static-logging
|
|
|
|
- name: Run browser tests (lightweight) # overwrite test/lib
|
|
run: |
|
|
npm run build-test --lightweight
|
|
npm run test-browser:ci -- --static-logging
|
|
|
|
test-browsers-compatibility:
|
|
name: Browsers (older, on Browserstack)
|
|
runs-on: ubuntu-latest
|
|
needs: test-browsers-latest
|
|
env: # credentials need hardcoding for now since Github secrets aren't accessible on pull requests from forks
|
|
BROWSERSTACK_USERNAME: openpgpjs_PlY4Uq885CQ
|
|
BROWSERSTACK_ACCESS_KEY: VjgBVRMxNVBj7SjJFiau
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-node@v4
|
|
|
|
- name: Generate self-signed HTTPS certificates for web-test-runner server
|
|
uses: kofemann/action-create-certificate@v0.0.4
|
|
with:
|
|
hostcert: '127.0.0.1.pem'
|
|
hostkey: '127.0.0.1-key.pem'
|
|
cachain: 'ca-chain.pem'
|
|
- name: Adjust HTTPS certificates permissions
|
|
run: sudo chown runner:docker *.pem
|
|
|
|
- name: Install dependencies
|
|
run: npm ci --ignore-scripts
|
|
|
|
- name: Retrieve cached dist folder
|
|
uses: actions/cache/restore@v4
|
|
id: cache-full
|
|
with:
|
|
path: |
|
|
dist
|
|
test/lib
|
|
key: cache-${{ github.sha }}
|
|
|
|
- name: Wait for other Browserstack tests to finish
|
|
uses: softprops/turnstyle@v1
|
|
with:
|
|
poll-interval-seconds: 30
|
|
abort-after-seconds: 900
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Run browserstack tests
|
|
run: npm run test-browserstack -- --static-logging
|
|
|
|
- name: Run browserstack tests (lightweight) # overwrite test/lib
|
|
run: |
|
|
npm run build-test --lightweight
|
|
npm run test-browserstack -- --static-logging
|
|
env:
|
|
LIGHTWEIGHT: true
|
|
|
|
types:
|
|
name: Type definitions
|
|
runs-on: ubuntu-latest
|
|
needs: build
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-node@v4
|
|
- run: npm ci --ignore-scripts # TS
|
|
- name: Retrieve cached folders
|
|
uses: actions/cache/restore@v4
|
|
id: cache-full
|
|
with:
|
|
path: |
|
|
dist
|
|
test/lib
|
|
key: cache-${{ github.sha }}
|
|
- run: npm run test-type-definitions
|
|
|
|
lint:
|
|
name: ESLint
|
|
runs-on: ubuntu-latest
|
|
needs: build
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: actions/setup-node@v4
|
|
- run: npm ci --ignore-scripts # linter
|
|
- name: Retrieve cached folders
|
|
uses: actions/cache/restore@v4
|
|
id: cache-full
|
|
with:
|
|
path: |
|
|
dist
|
|
test/lib
|
|
key: cache-${{ github.sha }}
|
|
- run: npm run lint
|