forked from aragon/osx-plugin-template-hardhat
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* add dummy js-client * update yarn.lock * update package.json * fix formatting * fix comments and add js-client github actions * update js-client test workflow * fix test workflow * fix lint * update workflow * wip * fix comments and add implementation * update yarn lock and remove docs workflow * Update packages/contracts-ethers/package.json Co-authored-by: Jør∂¡ <4456749+brickpop@users.noreply.github.com> * Update packages/js-client/src/context.ts Co-authored-by: Jør∂¡ <4456749+brickpop@users.noreply.github.com> * Update packages/js-client/test/unit/context.test.ts Co-authored-by: Jør∂¡ <4456749+brickpop@users.noreply.github.com> * add tests * fix comments * fix comments * update client-common version * fix lint command * Update packages/js-client/src/internal/modules/methods.ts Co-authored-by: Jør∂¡ <4456749+brickpop@users.noreply.github.com> * update size limit * update gh actions * update gh actions * fix gh actions * add build command * update gh actions * fix gh action * fix lint * fix lint * ignore js-client tests * minor fixes --------- Co-authored-by: Jør∂¡ <4456749+brickpop@users.noreply.github.com>
- Loading branch information
1 parent
066c53a
commit 70b6b7e
Showing
48 changed files
with
7,660 additions
and
363 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
# These labels (common, client, ipfs and client-common) are only informative. | ||
# While the labels <pkg-name>-release are for trriggering the release process. | ||
|
||
js-client: | ||
- ./packages/js-client/**/* | ||
- ./packages/js-client/* | ||
|
||
subgraph: | ||
- ./packages/subgraph/**/* | ||
- ./packages/subgraph/* | ||
|
||
contracts: | ||
- ./packages/contracts/**/* | ||
- ./packages/contracts/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
import json | ||
import os | ||
|
||
# | ||
# // PULL_LABELS = toJson(github.event.pull_request.labels) | ||
# | ||
# [ | ||
# { | ||
# "color": "FFFFF7", | ||
# "default": false, | ||
# "description": "Issue describes change in the development process", | ||
# "id": 1786730933, | ||
# "name": "label_pqr-xyz-release", | ||
# "node_id": "MDU6TGFiZWwxNzg2NzMwOTMz", | ||
# "url": "https://api.github.com/repos/parzh/parzh.github.io/labels/Domain:%20dev" | ||
# }, | ||
# { | ||
# "color": "cc062a", | ||
# "default": false, | ||
# "description": "Issue must be addressed right now", | ||
# "id": 1786706637, | ||
# "name": "label_abc-release", | ||
# "node_id": "MDU6TGFiZWwxNzg2NzA2NjM3", | ||
# "url": "https://api.github.com/repos/parzh/parzh.github.io/labels/Priority:%20top" | ||
# }, | ||
# { | ||
# "color": "00727C", | ||
# "default": false, | ||
# "description": "Issue describes lack of a functionality or an open possibility of enhancement", | ||
# "id": 1786726751, | ||
# "name": "label_123-improvement", | ||
# "node_id": "MDU6TGFiZWwxNzg2NzI2NzUx", | ||
# "url": "https://api.github.com/repos/parzh/parzh.github.io/labels/Type:%20improvement" | ||
# } | ||
# ] | ||
# | ||
# Test: | ||
# PULL_LABELS=$(cat labels.json) python3 js-clientt-generate-release-matrix.py | ||
# | ||
|
||
try: | ||
labels = json.loads(os.getenv('PULL_LABELS')) | ||
except: | ||
labels = [] | ||
|
||
trigger_substring = "-release" | ||
matrix = [] | ||
hasLabels = False | ||
for label in labels: | ||
label_name = str(label['name']) | ||
trigger_substring_index = label_name.find(trigger_substring) | ||
if trigger_substring_index != -1: | ||
matrix.append({ | ||
'package': label_name[:trigger_substring_index], | ||
}) | ||
hasLabels = True | ||
# print("hasLabels=" + str(hasLabels) + " >> $GITHUB_OUTPUT") | ||
# print("matrix=" + json.dumps({'include': matrix}) + " >> $GITHUB_OUTPUT") | ||
print(json.dumps({'include': matrix})) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
import sys | ||
|
||
changelog = sys.argv[1] | ||
|
||
releaseNotesLines = [] | ||
with open(changelog, 'r') as f: | ||
lines = f.readlines() | ||
foundStart = False | ||
i = 0 | ||
while i < len(lines): | ||
line = lines[i] | ||
if foundStart: | ||
if line.startswith('## ['): | ||
break | ||
releaseNotesLines.append(line.strip()) | ||
if line.startswith("<!--\n"): # Skip the token line | ||
i += 3 | ||
continue | ||
if line.startswith('## [UPCOMING]'): | ||
foundStart = True | ||
i += 1 | ||
|
||
releaseNotesMsg=' \n'.join(releaseNotesLines) | ||
|
||
with open("release-notes.txt", "w") as f: | ||
f.write(releaseNotesMsg) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
name: 02-JS-Publish | ||
|
||
on: | ||
push: | ||
tags: | ||
- '*' | ||
paths: | ||
- 'packages/js-client/**' | ||
- '.github/workflows/js-client-*.yml' | ||
|
||
jobs: | ||
check_tag: | ||
runs-on: ubuntu-latest | ||
outputs: | ||
package: ${{ steps.tag-info.outputs.package }} | ||
version: ${{ steps.tag-info.outputs.version }} | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
- name: Get package and version from Github Tag | ||
id: tag-info | ||
run: | | ||
GITHUB_REF="${{ github.ref }}" | ||
TAG=${GITHUB_REF##*/} | ||
VERSION=$(echo "$TAG" | grep -woP "([0-9]+\.[0-9]+\.[0-9]+)-\w+" | sed 's/-javascript//') | ||
PACKAGE=$(echo "$TAG" | grep -oP "javascript-(.+)" | sed 's/javascript-//') | ||
if [ -d "./packages/$PACKAGE" ]; then | ||
echo "package=$PACKAGE" >> $GITHUB_OUTPUT | ||
echo "version=$VERSION" >> $GITHUB_OUTPUT | ||
fi | ||
test: | ||
uses: ./.github/workflows/javascript_test.yml | ||
secrets: | ||
IPFS_API_KEY: ${{ secrets.IPFS_API_KEY }} | ||
with: | ||
run: true | ||
|
||
publish: | ||
runs-on: ubuntu-latest | ||
needs: [check_tag, test] | ||
if: ${{ needs.check_tag.outputs.package }} | ||
steps: | ||
- name: Validate values (package and version) from Github Tag | ||
run: | | ||
if [ -z "${{ needs.check_tag.outputs.package }}" ]; then | ||
echo "::error ::No package found in tag" | ||
exit 1 | ||
fi | ||
if [ -z "${{ needs.check_tag.outputs.version }}" ]; then | ||
echo "::error ::No version found in tag" | ||
exit 1 | ||
fi | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: 'develop' | ||
- name: Setup NodeJS | ||
uses: actions/setup-node@v3 | ||
with: | ||
cache: 'yarn' | ||
node-version: 16.x | ||
registry-url: https://registry.npmjs.org | ||
- name: Install deps | ||
run: yarn install --frozen-lockfile | ||
- name: Build subpackages | ||
run: yarn run build | ||
- name: Publish NPM pkg (${{ needs.check_tag.outputs.package }} - ${{ needs.check_tag.outputs.version }}) | ||
run: yarn publish --no-git-tag-version --new-version ${{ needs.check_tag.outputs.version }} | ||
working-directory: ./packages/${{ needs.check_tag.outputs.package }} | ||
env: | ||
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} | ||
- name: Setup Python environment | ||
uses: actions/setup-python@v4 | ||
with: | ||
python-version: 3.x | ||
- name: Generate release-notes.txt | ||
id: notes | ||
run: python ./.github/scripts/js-client-generate-release-notes.py "./packages/${{ needs.check_tag.outputs.package }}/CHANGELOG.md" | ||
- name: Add NPM pkg info to release-notes.txt | ||
run: | | ||
echo "### NPM Packages" >> release-notes.txt | ||
echo "- [@aragon/sdk-${{ needs.check_tag.outputs.package }} version ${{ needs.check_tag.outputs.version }}](https://www.npmjs.com/package/@aragon/sdk-${{ needs.check_tag.outputs.package }})" >> release-notes.txt | ||
echo " " >> release-notes.txt | ||
- name: Create a Github Release | ||
uses: softprops/action-gh-release@v1 | ||
if: startsWith(github.ref, 'refs/tags/') | ||
with: | ||
prerelease: false | ||
body_path: release-notes.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
name: 01-JS-Release | ||
|
||
on: | ||
pull_request: | ||
types: | ||
- closed | ||
paths: | ||
- 'packages/js-client/**' | ||
- '.github/workflows/js-client-*.yml' | ||
|
||
jobs: | ||
test: | ||
uses: ./.github/workflows/javascript_test.yml | ||
secrets: | ||
IPFS_API_KEY: ${{ secrets.IPFS_API_KEY }} | ||
|
||
prepare: | ||
name: Prepare release generation | ||
needs: ['test'] | ||
runs-on: ubuntu-latest | ||
if: github.event.pull_request.merged | ||
outputs: | ||
PACKAGE_LIST: ${{ steps.matrix.outputs.pkg_list }} | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: 'develop' | ||
- name: Setup Python environment | ||
uses: actions/setup-python@v4 | ||
with: | ||
python-version: 3.x | ||
- name: Get package-list from label-list | ||
id: matrix | ||
run: | | ||
PKG_LIST=$(python ./.github/scripts/js-client-generate-release-matrix.py) | ||
PR_LABEL_LIST="${{ toJson(github.event.pull_request.labels.*.name) }}" | ||
echo "Pkg list: $PKG_LIST" | ||
echo "Label list: $PR_LABEL_LIST" | ||
echo "pkg_list=$PKG_LIST" >> $GITHUB_OUTPUT | ||
env: | ||
PULL_LABELS: ${{ toJson(github.event.pull_request.labels) }} | ||
|
||
release: | ||
name: Set Github Tag | ||
runs-on: ubuntu-latest | ||
needs: [prepare] | ||
## This condition gets TRUE if used in this way: ${{ contains(toJson(xyz), 'substr') }} | ||
if: ${{ contains( toJson(github.event.pull_request.labels.*.name), '-release' ) }} | ||
strategy: | ||
fail-fast: true | ||
matrix: ${{ fromJson(needs.prepare.outputs.PACKAGE_LIST) }} | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
with: | ||
ref: 'develop' | ||
- name: Get version from '${{ matrix.package }}' package.json | ||
id: getver | ||
working-directory: './packages/${{ matrix.package }}' | ||
run: | | ||
VERSION=$(cat package.json | jq -r .version) | ||
echo "version=$VERSION" >> $GITHUB_OUTPUT | ||
echo "Version: $VERSION" | ||
- name: Set Github Tag via API | ||
uses: actions/github-script@v6 | ||
with: | ||
github-token: ${{ secrets.ARABOT_PAT_TRIGGER_WORKFLOW }} | ||
script: | | ||
github.rest.git.createRef({ | ||
owner: context.repo.owner, | ||
repo: context.repo.repo, | ||
ref: `refs/tags/${{ steps.getver.outputs.version }}-javascript-${{ matrix.package }}`, | ||
sha: "${{ github.sha }}" | ||
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
name: Scan vulnerable dependencies | ||
|
||
on: | ||
workflow_dispatch: | ||
push: | ||
paths: | ||
- 'packages/js-client/**' | ||
- '.github/workflows/js-client-*.yml' | ||
|
||
jobs: | ||
scan-vuln-deps-in-repo: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
|
||
- name: Set myvars | ||
id: myvars | ||
run: | | ||
branchname=$(echo ${GITHUB_REF#refs/heads/} | tr '/' '-' ) | ||
dateinsecs=$(date +%s) | ||
githashshort=$(git rev-parse --short HEAD) | ||
echo "BRANCH_NAME=$branchname" >> $GITHUB_OUTPUT | ||
echo "GIT_HASH_SHORT=$githashshort" >> $GITHUB_OUTPUT | ||
echo "DATE_IN_SECS=$dateinsecs" >> $GITHUB_OUTPUT | ||
## The 'fs' scan mode requires *.lock files in order to scan for vulns | ||
## and to collect license info of packages you should run npm install before. | ||
- name: Setup NodeJS before scanning with Trivy | ||
uses: actions/setup-node@v3 | ||
with: | ||
node-version: 16.x | ||
cache: 'yarn' | ||
|
||
- name: Install deps before scanning with Trivy | ||
run: yarn install | ||
# run: yarn install --frozen-lockfile | ||
|
||
# - name: Build subpackages | ||
# run: yarn run build | ||
|
||
- name: Scan in Repo (html) | ||
uses: aquasecurity/trivy-action@master | ||
if: success() || failure() | ||
with: | ||
scan-type: fs | ||
scanners: vuln,secret,config | ||
scan-ref: . | ||
format: template | ||
template: '@/contrib/html.tpl' | ||
output: trivy-results-repo-${{ steps.myvars.outputs.GIT_HASH_SHORT }}.html | ||
env: | ||
TRIVY_USERNAME: ${{ github.repository_owner }} | ||
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Scan in Repo (sarif) | ||
uses: aquasecurity/trivy-action@master | ||
if: success() || failure() | ||
with: | ||
scan-type: fs | ||
scanners: vuln,secret,config | ||
scan-ref: . | ||
format: sarif | ||
output: trivy-results-repo-${{ steps.myvars.outputs.GIT_HASH_SHORT }}.sarif | ||
env: | ||
TRIVY_USERNAME: ${{ github.repository_owner }} | ||
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Publish Repo Scan Results as Artifact | ||
uses: actions/upload-artifact@v3 | ||
if: success() || failure() | ||
with: | ||
name: trivy-results-repo-${{ steps.myvars.outputs.DATE_IN_SECS }} | ||
path: trivy-results-repo-${{ steps.myvars.outputs.GIT_HASH_SHORT }}.* | ||
|
||
- name: Load Repo Scan Results (sarif) to Github | ||
uses: github/codeql-action/upload-sarif@v2 | ||
if: always() | ||
#if: false ## false = bypass | ||
with: | ||
sarif_file: trivy-results-repo-${{ steps.myvars.outputs.GIT_HASH_SHORT }}.sarif | ||
category: vulns-in-repo |
Oops, something went wrong.