Skip to content

Commit 18d979f

Browse files
pshirshovpshirshov
committed
v1.0.6
0 parents  commit 18d979f

29 files changed

+5092
-0
lines changed

.envrc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
use flake

.github/workflows/ci.yml

Lines changed: 170 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,170 @@
1+
name: CI/CD
2+
3+
on:
4+
push:
5+
branches: [main, master, develop]
6+
tags:
7+
- 'v*'
8+
pull_request:
9+
branches: [main, master]
10+
release:
11+
types: [created]
12+
13+
jobs:
14+
build-and-test:
15+
name: Build and Test
16+
runs-on: ubuntu-latest
17+
18+
steps:
19+
- name: Checkout code
20+
uses: actions/checkout@v4
21+
with:
22+
submodules: recursive
23+
24+
- name: Install Nix
25+
uses: cachix/install-nix-action@v25
26+
with:
27+
nix_path: nixpkgs=channel:nixos-unstable
28+
extra_nix_config: |
29+
experimental-features = nix-command flakes
30+
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
31+
32+
- name: Cache Emscripten
33+
uses: actions/cache@v3
34+
with:
35+
path: .emscripten-cache
36+
key: ${{ runner.os }}-emscripten-${{ hashFiles('flake.lock') }}
37+
restore-keys: |
38+
${{ runner.os }}-emscripten-
39+
40+
- name: Cache OpenSSL
41+
uses: actions/cache@v3
42+
with:
43+
path: openssl-wasm
44+
key: ${{ runner.os }}-openssl-3.3.2-wasm
45+
restore-keys: |
46+
${{ runner.os }}-openssl-
47+
48+
- name: Build OpenSSL
49+
run: |
50+
if [ ! -d "openssl-wasm/lib" ]; then
51+
echo "Building OpenSSL for WASM..."
52+
nix develop --command bash -c "./build-openssl.sh"
53+
else
54+
echo "Using cached OpenSSL"
55+
fi
56+
57+
- name: Build WASM
58+
run: |
59+
nix develop --command bash -c "./build.sh"
60+
61+
- name: Prepare cross-platform test
62+
run: |
63+
nix develop --command bash -c "./tools/prepare-cross-platform-test.sh"
64+
65+
- name: Run all tests
66+
run: |
67+
nix develop --command bash -c "npm test"
68+
69+
- name: Run benchmarks
70+
run: |
71+
nix develop --command bash -c "npm run bench"
72+
73+
- name: Check build artifacts
74+
run: |
75+
ls -lh dist/
76+
test -f dist/sqlcipher.js
77+
test -f dist/sqlcipher.wasm
78+
79+
- name: Upload build artifacts
80+
uses: actions/upload-artifact@v4
81+
with:
82+
name: wasm-build
83+
path: |
84+
dist/
85+
lib/
86+
retention-days: 30
87+
88+
- name: Upload test results
89+
if: always()
90+
uses: actions/upload-artifact@v4
91+
with:
92+
name: test-results
93+
path: |
94+
test/*.log
95+
if-no-files-found: ignore
96+
97+
publish:
98+
name: Publish
99+
needs: build-and-test
100+
runs-on: ubuntu-latest
101+
if: (github.event_name == 'release' && github.event.action == 'created') || (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v'))
102+
permissions:
103+
contents: write
104+
id-token: write
105+
106+
steps:
107+
- name: Checkout code
108+
uses: actions/checkout@v4
109+
with:
110+
submodules: recursive
111+
112+
- name: Install Nix
113+
uses: cachix/install-nix-action@v24
114+
with:
115+
nix_path: nixpkgs=channel:nixos-unstable
116+
extra_nix_config: |
117+
experimental-features = nix-command flakes
118+
119+
- name: Setup Node.js
120+
uses: actions/setup-node@v4
121+
with:
122+
node-version: "20"
123+
registry-url: "https://registry.npmjs.org"
124+
125+
- name: Cache Emscripten
126+
uses: actions/cache@v3
127+
with:
128+
path: .emscripten-cache
129+
key: ${{ runner.os }}-emscripten-${{ hashFiles('flake.lock') }}
130+
restore-keys: |
131+
${{ runner.os }}-emscripten-
132+
133+
- name: Cache OpenSSL
134+
uses: actions/cache@v3
135+
with:
136+
path: openssl-wasm
137+
key: ${{ runner.os }}-openssl-3.3.2-wasm
138+
restore-keys: |
139+
${{ runner.os }}-openssl-
140+
141+
- name: Build OpenSSL
142+
run: |
143+
if [ ! -d "openssl-wasm/lib" ]; then
144+
echo "Building OpenSSL for WASM..."
145+
nix develop --command bash -c "./build-openssl.sh"
146+
else
147+
echo "Using cached OpenSSL"
148+
fi
149+
150+
- name: Build WASM for release
151+
run: |
152+
nix develop --command bash -c "./build.sh"
153+
154+
- name: Verify package contents
155+
run: |
156+
npm pack --dry-run
157+
ls -lh dist/
158+
159+
- name: Publish to NPM
160+
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
161+
run: nix develop --command npm publish --provenance --access public
162+
163+
- name: Create GitHub Release
164+
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
165+
uses: softprops/action-gh-release@v1
166+
with:
167+
files: |
168+
dist/sqlcipher.js
169+
dist/sqlcipher.wasm
170+
generate_release_notes: true

.github/workflows/pr-check.yml

Lines changed: 196 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,196 @@
1+
name: PR Checks
2+
3+
on:
4+
pull_request:
5+
types: [ opened, synchronize, reopened ]
6+
7+
jobs:
8+
lint-and-format:
9+
name: Lint and Format Check
10+
runs-on: ubuntu-latest
11+
12+
steps:
13+
- name: Checkout code
14+
uses: actions/checkout@v4
15+
16+
- name: Check shell scripts
17+
run: |
18+
find . -name "*.sh" -type f | while read file; do
19+
echo "Checking $file"
20+
bash -n "$file" || exit 1
21+
done
22+
23+
- name: Check for TODO/FIXME
24+
run: |
25+
echo "Checking for unresolved TODOs/FIXMEs..."
26+
! grep -rn "FIXME\|XXX" --include="*.{js,cjs,cpp,sh}" . || echo "Found items to fix"
27+
28+
quick-build:
29+
name: Quick Build Check
30+
runs-on: ubuntu-latest
31+
32+
steps:
33+
- name: Checkout code
34+
uses: actions/checkout@v4
35+
36+
- name: Install Nix
37+
uses: cachix/install-nix-action@v24
38+
with:
39+
nix_path: nixpkgs=channel:nixos-unstable
40+
extra_nix_config: |
41+
experimental-features = nix-command flakes
42+
43+
- name: Cache Emscripten
44+
uses: actions/cache@v3
45+
with:
46+
path: .emscripten-cache
47+
key: ${{ runner.os }}-emscripten-${{ hashFiles('flake.lock') }}
48+
restore-keys: |
49+
${{ runner.os }}-emscripten-
50+
51+
- name: Cache OpenSSL
52+
uses: actions/cache@v3
53+
with:
54+
path: openssl-wasm
55+
key: ${{ runner.os }}-openssl-3.3.2-wasm
56+
restore-keys: |
57+
${{ runner.os }}-openssl-
58+
59+
- name: Build OpenSSL
60+
run: |
61+
if [ ! -d "openssl-wasm/lib" ]; then
62+
echo "Building OpenSSL for WASM..."
63+
nix develop --command bash -c "./build-openssl.sh"
64+
else
65+
echo "Using cached OpenSSL"
66+
fi
67+
68+
- name: Quick build test
69+
run: |
70+
nix develop --command bash -c "./build.sh"
71+
ls -lh dist/
72+
73+
quick-test:
74+
name: Quick Test Suite
75+
runs-on: ubuntu-latest
76+
needs: quick-build
77+
78+
steps:
79+
- name: Checkout code
80+
uses: actions/checkout@v4
81+
82+
- name: Install Nix
83+
uses: cachix/install-nix-action@v24
84+
with:
85+
nix_path: nixpkgs=channel:nixos-unstable
86+
extra_nix_config: |
87+
experimental-features = nix-command flakes
88+
89+
- name: Cache Emscripten
90+
uses: actions/cache@v3
91+
with:
92+
path: .emscripten-cache
93+
key: ${{ runner.os }}-emscripten-${{ hashFiles('flake.lock') }}
94+
restore-keys: |
95+
${{ runner.os }}-emscripten-
96+
97+
- name: Cache OpenSSL
98+
uses: actions/cache@v3
99+
with:
100+
path: openssl-wasm
101+
key: ${{ runner.os }}-openssl-3.3.2-wasm
102+
restore-keys: |
103+
${{ runner.os }}-openssl-
104+
105+
- name: Build OpenSSL
106+
run: |
107+
if [ ! -d "openssl-wasm/lib" ]; then
108+
echo "Building OpenSSL for WASM..."
109+
nix develop --command bash -c "./build-openssl.sh"
110+
else
111+
echo "Using cached OpenSSL"
112+
fi
113+
114+
- name: Build
115+
run: |
116+
nix develop --command bash -c "./build.sh"
117+
118+
- name: Prepare cross-platform test
119+
run: |
120+
nix develop --command bash -c "./tools/prepare-cross-platform-test.sh"
121+
122+
- name: Run tests
123+
run: |
124+
nix develop --command bash -c "npm test"
125+
126+
size-check:
127+
name: Bundle Size Check
128+
runs-on: ubuntu-latest
129+
130+
steps:
131+
- name: Checkout code
132+
uses: actions/checkout@v4
133+
134+
- name: Install Nix
135+
uses: cachix/install-nix-action@v24
136+
with:
137+
nix_path: nixpkgs=channel:nixos-unstable
138+
extra_nix_config: |
139+
experimental-features = nix-command flakes
140+
141+
- name: Cache Emscripten
142+
uses: actions/cache@v3
143+
with:
144+
path: .emscripten-cache
145+
key: ${{ runner.os }}-emscripten-${{ hashFiles('flake.lock') }}
146+
restore-keys: |
147+
${{ runner.os }}-emscripten-
148+
149+
- name: Cache OpenSSL
150+
uses: actions/cache@v3
151+
with:
152+
path: openssl-wasm
153+
key: ${{ runner.os }}-openssl-3.3.2-wasm
154+
restore-keys: |
155+
${{ runner.os }}-openssl-
156+
157+
- name: Build OpenSSL
158+
run: |
159+
if [ ! -d "openssl-wasm/lib" ]; then
160+
echo "Building OpenSSL for WASM..."
161+
nix develop --command bash -c "./build-openssl.sh"
162+
else
163+
echo "Using cached OpenSSL"
164+
fi
165+
166+
- name: Build
167+
run: |
168+
nix develop --command bash -c "./build.sh"
169+
170+
- name: Check bundle sizes
171+
run: |
172+
echo "## Bundle Sizes" >> $GITHUB_STEP_SUMMARY
173+
echo "" >> $GITHUB_STEP_SUMMARY
174+
echo "| File | Size |" >> $GITHUB_STEP_SUMMARY
175+
echo "|------|------|" >> $GITHUB_STEP_SUMMARY
176+
du -h dist/sqlcipher.js | awk '{print "| sqlcipher.js | " $1 " |"}' >> $GITHUB_STEP_SUMMARY
177+
du -h dist/sqlcipher.wasm | awk '{print "| sqlcipher.wasm | " $1 " |"}' >> $GITHUB_STEP_SUMMARY
178+
echo "" >> $GITHUB_STEP_SUMMARY
179+
180+
# Check if sizes are reasonable
181+
JS_SIZE=$(stat -c%s dist/sqlcipher.js)
182+
WASM_SIZE=$(stat -c%s dist/sqlcipher.wasm)
183+
184+
if [ $JS_SIZE -gt 100000 ]; then
185+
echo "✓ JS size OK: $JS_SIZE bytes"
186+
else
187+
echo "⚠ JS size seems too small: $JS_SIZE bytes"
188+
exit 1
189+
fi
190+
191+
if [ $WASM_SIZE -gt 1000000 ]; then
192+
echo "✓ WASM size OK: $WASM_SIZE bytes"
193+
else
194+
echo "⚠ WASM size seems too small: $WASM_SIZE bytes"
195+
exit 1
196+
fi

0 commit comments

Comments
 (0)