diff --git a/.github/workflows/shared-ci.yml b/.github/workflows/shared-ci.yml index 74ef2c067..88233a595 100644 --- a/.github/workflows/shared-ci.yml +++ b/.github/workflows/shared-ci.yml @@ -22,7 +22,7 @@ jobs: strategy: fail-fast: false matrix: - node-version: ['18.x', '20.x', '22.x', 'latest'] + node-version: ['22.x', '24.x', 'latest'] test-type: ['node', 'browser'] # Determine test categories based on whether testing published packages or source code: # - Testing published packages: only run vector tests (don't have build artifacts to test coverage or compliance) diff --git a/codebuild/browser18.yml b/codebuild/browser18.yml deleted file mode 100644 index 19a17bb0d..000000000 --- a/codebuild/browser18.yml +++ /dev/null @@ -1,17 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - -phases: - install: - commands: - - n 18 - - npm ci --unsafe-perm - - npm run build - build: - commands: - - npm -v - - node -v - - npm run coverage-browser diff --git a/codebuild/compliance.yml b/codebuild/compliance.yml deleted file mode 100644 index 209f0116a..000000000 --- a/codebuild/compliance.yml +++ /dev/null @@ -1,15 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - -phases: - install: - commands: - - n 18 - - npm ci --unsafe-perm - build: - commands: - - npm run lint - - npm run test_conditions diff --git a/codebuild/nodejs16.yml b/codebuild/nodejs16.yml deleted file mode 100644 index fd7421a15..000000000 --- a/codebuild/nodejs16.yml +++ /dev/null @@ -1,19 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - -phases: - install: - commands: - - n 16 - - node -v - - npm -v - - npm ci --unsafe-perm - - npm run build - build: - commands: - - npm -v - - node -v - - npm run coverage-node diff --git a/codebuild/nodejs18.yml b/codebuild/nodejs18.yml deleted file mode 100644 index 6b43b4055..000000000 --- a/codebuild/nodejs18.yml +++ /dev/null @@ -1,19 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - -phases: - install: - commands: - - n 18 - - node -v - - npm -v - - npm ci --unsafe-perm - - npm run build - build: - commands: - - npm -v - - node -v - - npm run coverage-node diff --git a/codebuild/nodejs20.yml b/codebuild/nodejs20.yml deleted file mode 100644 index 76479dc0a..000000000 --- a/codebuild/nodejs20.yml +++ /dev/null @@ -1,23 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - -phases: - install: - commands: - - TMP_ROLE=$(aws sts assume-role --role-arn "arn:aws:iam::370957321024:role/GitHub-CI-MPL-Dafny-Role-us-west-2" --role-session-name "CB-TestVectorResources") - - export TMP_ROLE - - export AWS_ACCESS_KEY_ID=$(echo "${TMP_ROLE}" | jq -r '.Credentials.AccessKeyId') - - export AWS_SECRET_ACCESS_KEY=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SecretAccessKey') - - export AWS_SESSION_TOKEN=$(echo "${TMP_ROLE}" | jq -r '.Credentials.SessionToken') - - aws sts get-caller-identity - - - n 20 - - node --version ; npm --version - - npm ci --unsafe-perm - - npm run build - build: - commands: - - npm run coverage-node diff --git a/codebuild/release/prod-release.yml b/codebuild/release/prod-release.yml deleted file mode 100644 index 40f574929..000000000 --- a/codebuild/release/prod-release.yml +++ /dev/null @@ -1,69 +0,0 @@ -version: 0.2 - -batch: - fast-fail: true - build-graph: - -# Lint and specification compliance - - identifier: compliance - buildspec: codebuild/compliance.yml - -# Unit Tests - - identifier: testNodejs20 - buildspec: codebuild/nodejs20.yml - env: - image: aws/codebuild/standard:5.0 - - identifier: testBrowser18 - buildspec: codebuild/browser18.yml - -# Integration Tests - - identifier: testVectorsNodejs20 - buildspec: codebuild/test_vectors/nodejs20.yml - env: - variables: - PUBLISH_LOCAL: "true" - image: aws/codebuild/standard:5.0 - - identifier: testVectorsBrowser18 - buildspec: codebuild/test_vectors/browser18.yml - env: - variables: - PUBLISH_LOCAL: "true" - image: aws/codebuild/standard:5.0 - -# Version the project and push git commits and tags - - identifier: version - depend-on: - - compliance - - testNodejs20 - - testBrowser18 - - testVectorsNodejs20 - - testVectorsBrowser18 - buildspec: codebuild/release/version.yml - env: - image: aws/codebuild/standard:6.0 - -# Publish the release to npm - - identifier: publish - depend-on: - - version - buildspec: codebuild/release/publish.yml - env: - image: aws/codebuild/standard:6.0 - -# Validate that the published versions are available - - identifier: validateNodejs - depend-on: - - publish - buildspec: codebuild/test_vectors/nodejs20.yml - env: - variables: - PUBLISH_LOCAL: "false" - image: aws/codebuild/standard:5.0 - - identifier: validateBrowser - depend-on: - - publish - buildspec: codebuild/test_vectors/browser18.yml - env: - variables: - PUBLISH_LOCAL: "false" - image: aws/codebuild/standard:5.0 diff --git a/codebuild/release/publish.yml b/codebuild/release/publish.yml deleted file mode 100644 index 3463e7b8d..000000000 --- a/codebuild/release/publish.yml +++ /dev/null @@ -1,50 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - BRANCH: "master" - # An explicit distribution tag - DIST_TAG: "latest" - secrets-manager: - OTP_SECRET_KEY: npm/aws-crypto-tools-ci-bot/2FA:OTP_SECRET_KEY - NPM_TOKEN: npm/aws-crypto-tools-ci-bot/2FA:NPM_TOKEN - -phases: - install: - commands: - - npm ci --unsafe-perm - # Install `otplib` to extract the OTP from the npm 2FA secret - - npm install otplib --no-save - - npm run build - runtime-versions: - nodejs: 16 - pre_build: - commands: - - git checkout $BRANCH - build: - commands: - # Extract the otp using the secrets environment variables from above. - # This will wait for the next token. This is because npm uses - # TOTP and the tokens time out after 30 seconds. If the process just - # extracted the token then the lifetime for this token - # would be very random. This will maximize the amount of time - # available on the OTP to publish. - - >- - OTP=`node -e " - auth=require('otplib').authenticator; - setTimeout(() => - console.log(auth.generate(process.env.OTP_SECRET_KEY)), - auth.timeRemaining() * 1000); - "` - # npm will only expand env vars inside .npmrc - # NOTE the ' this is to keep the env var NPM_TOKEN from expanding! - - echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' > .npmrc - # Now we publish to npm. - # This is going to use the OTP generated above and the NPM_TOKEN - # environment variable. This will only publish things that are - # missing from npm. It is therefore safe to run repeatedly. - - npx lerna publish from-package --yes --otp $OTP --dist-tag $DIST_TAG - # remove after publishing - - rm .npmrc - diff --git a/codebuild/release/version.yml b/codebuild/release/version.yml deleted file mode 100644 index e5639ad1d..000000000 --- a/codebuild/release/version.yml +++ /dev/null @@ -1,27 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - BRANCH: "master" - # An explicit version bump - VERSION_BUMP: "" - git-credential-helper: yes - -phases: - install: - commands: - - npm ci --unsafe-perm - runtime-versions: - nodejs: 16 - pre_build: - commands: - - git config --global user.name "aws-crypto-tools-ci-bot" - - git config --global user.email "no-reply@noemail.local" - - git checkout $BRANCH - build: - commands: - # Generate new version and CHANGELOG entry and push it - - npx lerna version --conventional-commits --git-remote origin --yes ${VERSION_BUMP:+$VERSION_BUMP --force-publish} - # Log the commit for posterity - - git log -n 1 diff --git a/codebuild/test_vectors/browser18.yml b/codebuild/test_vectors/browser18.yml deleted file mode 100644 index 4ae2a8e97..000000000 --- a/codebuild/test_vectors/browser18.yml +++ /dev/null @@ -1,26 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - NPM_CONFIG_UNSAFE_PERM: true - -phases: - install: - commands: - - n 18 - - npm ci --unsafe-perm - - |- - if [ "$PUBLISH_LOCAL" = "true" ]; then - npm run build - fi - build: - commands: - - npm -v - - node -v - - |- - if [ "$PUBLISH_LOCAL" = "true" ]; then - npm run verdaccio-publish - fi - - npm run verdaccio-browser-decrypt - - npm run verdaccio-browser-encrypt diff --git a/codebuild/test_vectors/nodejs16.yml b/codebuild/test_vectors/nodejs16.yml deleted file mode 100644 index 42e78f246..000000000 --- a/codebuild/test_vectors/nodejs16.yml +++ /dev/null @@ -1,25 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - NPM_CONFIG_UNSAFE_PERM: true - -phases: - install: - commands: - - n 16 - - npm ci --unsafe-perm - - |- - if [ "$PUBLISH_LOCAL" = "true" ]; then - npm run build - fi - build: - commands: - - node -v - - |- - if [ "$PUBLISH_LOCAL" = "true" ]; then - npm run verdaccio-publish - fi - - npm run verdaccio-node-decrypt - - npm run verdaccio-node-encrypt diff --git a/codebuild/test_vectors/nodejs18.yml b/codebuild/test_vectors/nodejs18.yml deleted file mode 100644 index 982c2b1b7..000000000 --- a/codebuild/test_vectors/nodejs18.yml +++ /dev/null @@ -1,25 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - NPM_CONFIG_UNSAFE_PERM: true - -phases: - install: - commands: - - n 18 - - npm ci --unsafe-perm - - |- - if [ "$PUBLISH_LOCAL" = "true" ]; then - npm run build - fi - build: - commands: - - node -v - - |- - if [ "$PUBLISH_LOCAL" = "true" ]; then - npm run verdaccio-publish - fi - - npm run verdaccio-node-decrypt - - npm run verdaccio-node-encrypt diff --git a/codebuild/test_vectors/nodejs20.yml b/codebuild/test_vectors/nodejs20.yml deleted file mode 100644 index 3a2657beb..000000000 --- a/codebuild/test_vectors/nodejs20.yml +++ /dev/null @@ -1,25 +0,0 @@ -version: 0.2 - -env: - variables: - NODE_OPTIONS: "--max-old-space-size=4096" - NPM_CONFIG_UNSAFE_PERM: true - -phases: - install: - commands: - - n 20 - - npm ci --unsafe-perm - - |- - if [ "$PUBLISH_LOCAL" = "true" ]; then - npm run build - fi - build: - commands: - - node -v - - |- - if [ "$PUBLISH_LOCAL" = "true" ]; then - npm run verdaccio-publish - fi - - npm run verdaccio-node-decrypt - - npm run verdaccio-node-encrypt