From 37dc5d37cb9b9d1cfea47f87aa477168e17aa051 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Ch=C4=99ci=C5=84ski?= Date: Fri, 10 May 2024 11:36:23 +0200 Subject: [PATCH] [DEVOPS-1748] Build pipeline for C++ sdk (#687) ## Type of change ``` - [ ] Bug fix - [ ] New feature development - [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc) - [x] Build/deploy pipeline (DevOps) - [ ] Other ``` ## Objective ## Code changes - **.github/workflows/generate_schemas.yml:** Add C++ schemas artifact upload - **.github/workflows/build-cpp.yml** Add build workflow for C++ SDK ## Before you submit - Please add **unit tests** where it makes sense to do so --------- Co-authored-by: Thomas Avery --- .github/workflows/build-cpp.yml | 166 ++++++++++++++++++++++++ .github/workflows/generate_schemas.yml | 7 + .github/workflows/release-cpp.yml | 169 +++++++++++++++++++++++++ .github/workflows/version-bump.yml | 7 + languages/cpp/vcpkg.json | 10 ++ 5 files changed, 359 insertions(+) create mode 100644 .github/workflows/build-cpp.yml create mode 100644 .github/workflows/release-cpp.yml create mode 100644 languages/cpp/vcpkg.json diff --git a/.github/workflows/build-cpp.yml b/.github/workflows/build-cpp.yml new file mode 100644 index 000000000..0fb032853 --- /dev/null +++ b/.github/workflows/build-cpp.yml @@ -0,0 +1,166 @@ +name: Build C++ SDK + +on: + push: + branches: + - main + - rc + - hotfix-rc + + pull_request: + workflow_dispatch: + +jobs: + generate-schemas: + uses: ./.github/workflows/generate_schemas.yml + + build_rust: + uses: ./.github/workflows/build-rust-cross-platform.yml + + build: + name: Build for ${{ matrix.settings.os }} ${{ matrix.settings.target }} + needs: + - generate-schemas + - build_rust + runs-on: ${{ matrix.settings.os }} + strategy: + fail-fast: false + matrix: + settings: + - os: macos-12 + target: x86_64-apple-darwin + + # - os: windows-2022 + # target: x86_64-pc-windows-msvc + + - os: ubuntu-22.04 + target: x86_64-unknown-linux-gnu + + steps: + - name: Checkout Repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: install dependencies linux + if: runner.os == 'Linux' + run: | + sudo apt-get install -y nlohmann-json3-dev + sudo apt-get install -y libboost-all-dev + + - name: install dependencies macos + if: runner.os == 'macOS' + run: | + brew install nlohmann-json + brew install boost + + - name: Cache vcpkg + if: runner.os == 'Windows' + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + with: + path: C:/vcpkg/ + key: vcpkg-${{ runner.os }}-${{ matrix.settings.target }} + restore-keys: | + vcpkg-${{ runner.os }}- + vcpkg- + + - name: Export GitHub Actions cache environment variables + if: runner.os == 'Windows' + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + with: + script: | + core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || ''); + core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || ''); + + - name: Install libraries for Windows + if: runner.os == 'Windows' && steps.cache.outputs.cache-hit != 'true' + env: + VCPKG_BINARY_SOURCES: "clear;x-gha,readwrite" + run: | + vcpkg install boost --binarysource="clear;x-gha,readwrite" + vcpkg install nlohmann-json --binarysource="clear;x-gha,readwrite" + shell: pwsh + + - name: Save cache + if: runner.os == 'Windows' + uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + with: + path: C:/vcpkg/ + key: vcpkg-${{ runner.os }}-${{ matrix.settings.target }} + + - name: Download schemas + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 + with: + name: sdk-schemas-cpp + path: languages/cpp/include + + - name: Download ${{ matrix.settings.target }} files + uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 + with: + name: libbitwarden_c_files-${{ matrix.settings.target }} + path: languages/cpp/include + + - name: Set permissions to include folder + if: runner.os == 'Windows' + shell: pwsh + run: | + Get-Acl languages/cpp/include/* | Format-List + + $path = "./languages/cpp/include" + $name = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name + $acl = Get-Acl languages/cpp/include + $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($name,"FullControl","Allow") + $acl.SetAccessRule($accessRule) + $acl | Set-Acl languages/cpp/include + Get-ChildItem -Path "$path" -Recurse -Force | Set-Acl -aclObject $acl -Verbose + + Get-Acl languages/cpp/include/* | Format-List + + - name: Build unix + working-directory: languages/cpp + if: runner.os == 'macOS' || runner.os == 'Linux' + run: | + if [[ '${{ runner.os }}' == 'macOS' ]]; then + export DNLOHMANN_PATH=/usr/local/opt/nlohmann-json + export DBOOST_PATH=/usr/local/opt/boost + export DTARGET=include/libbitwarden_c.dylib + fi + + if [[ '${{ runner.os }}' == 'Linux' ]]; then + export DNLOHMANN_PATH=/usr/share/doc/nlohmann-json3-dev + export DBOOST_PATH=/usr/share/doc/libboost-all-dev + export DTARGET=include/libbitwarden_c.so + fi + + mkdir build + cd build + cmake .. -DNLOHMANN=$DNLOHMANN_PATH -DBOOST=$DBOOST_PATH -DTARGET=$DTARGET + cmake --build . + + - name: Build windows + if: runner.os == 'Windows' + working-directory: languages/cpp + env: + BOOST_INCLUDE_DIR: C:\vcpkg\installed\x64-windows\include\boost + NLOHMANN_JSON_INCLUDE_DIR: C:\vcpkg\installed\x64-windows\include\nlohmann-json + run: | + mkdir build + cd build + $DNLOHMANN_PATH="C:\vcpkg\installed\x64-windows\include\nlohmann-json" + $DBOOST_PATH="C:\vcpkg\installed\x64-windows\include\boost" + $DTARGET="include/libbitwarden_c.dll" + cmake .. -DNLOHMANN=$DNLOHMANN_PATH -DBOOST=$DBOOST_PATH -DTARGET="include/libbitwarden_c.dll" -DCMAKE_TOOLCHAIN_FILE=C:/vcpkg/scripts/buildsystems/vcpkg.cmake -DCMAKE_INSTALL_PREFIX=${{github.workspace}}/languages/cpp/ -DBUILD_TESTING=OFF + cmake --build . + shell: pwsh + + - name: Copy artifacts + working-directory: languages/cpp/build + run: | + mkdir artifacts + cp libbitwarden_c.* artifacts + cp libBitwardenClient.* artifacts + + - name: Upload C++ package for ${{ matrix.settings.target }} + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + with: + name: libbitwarden_cpp-${{ matrix.settings.target }} + path: languages/cpp/build/artifacts + if-no-files-found: error diff --git a/.github/workflows/generate_schemas.yml b/.github/workflows/generate_schemas.yml index 0c9254f59..008ee31e9 100644 --- a/.github/workflows/generate_schemas.yml +++ b/.github/workflows/generate_schemas.yml @@ -89,3 +89,10 @@ jobs: name: sdk-schemas-java path: ${{ github.workspace }}/languages/java/src/main/java/com/bitwarden/sdk/schema/* if-no-files-found: error + + - name: Upload cpp schemas artifact + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + with: + name: sdk-schemas-cpp + path: ${{ github.workspace }}/languages/cpp/include/schemas.hpp + if-no-files-found: error diff --git a/.github/workflows/release-cpp.yml b/.github/workflows/release-cpp.yml new file mode 100644 index 000000000..65517eb39 --- /dev/null +++ b/.github/workflows/release-cpp.yml @@ -0,0 +1,169 @@ +name: Release C++ SDK +run-name: Release C++ SDK ${{ inputs.release_type }} + +on: + workflow_dispatch: + inputs: + release_type: + description: "Release Options" + required: true + default: "Release" + type: choice + options: + - Release + - Dry Run + +env: + _KEY_VAULT: "bitwarden-ci" + +jobs: + validate: + name: Setup + runs-on: ubuntu-22.04 + outputs: + version: ${{ steps.version.outputs.version }} + steps: + - name: Checkout repo + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Branch check + if: ${{ inputs.release_type != 'Dry Run' }} + run: | + if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then + echo "===================================" + echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches" + echo "===================================" + exit 1 + fi + + - name: Get version + id: version + run: | + VERSION=$(cat languages/cpp/vcpkg.json | grep -Eo "[0-9]+\.[0-9]+\.[0-9]+") + echo "version=$VERSION" >> $GITHUB_OUTPUT + + github-release: + name: GitHub Release + runs-on: ubuntu-22.04 + needs: + - repo-sync + - validate + env: + _PKG_VERSION: ${{ needs.validate.outputs.version }} + steps: + - name: Login to Azure - Prod Subscription + uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 + with: + creds: ${{ secrets.AZURE_CI_SERVICE_PRINCIPAL }} + + - name: Retrieve secrets + id: retrieve-secrets + uses: bitwarden/gh-actions/get-keyvault-secrets@main + with: + keyvault: ${{ env._KEY_VAULT }} + secrets: "github-pat-bitwarden-devops-bot-repo-scope" + + - name: Download x86_64-apple-darwin C artifact + uses: bitwarden/gh-actions/download-artifacts@main + with: + workflow: build-rust-cross-platform.yml + workflow_conclusion: success + branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} + artifacts: libbitwarden_c_files-x86_64-apple-darwin + skip_unpack: true + + - name: Download aarch64-apple-darwin C artifact + uses: bitwarden/gh-actions/download-artifacts@main + with: + workflow: build-rust-cross-platform.yml + workflow_conclusion: success + branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} + artifacts: libbitwarden_c_files-aarch64-apple-darwin + skip_unpack: true + + - name: Download x86_64-unknown-linux-gnu C artifact + uses: bitwarden/gh-actions/download-artifacts@main + with: + workflow: build-rust-cross-platform.yml + workflow_conclusion: success + branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} + artifacts: libbitwarden_c_files-x86_64-unknown-linux-gnu + skip_unpack: true + + - name: Download x86_64-pc-windows-msvc C artifact + uses: bitwarden/gh-actions/download-artifacts@main + with: + workflow: build-rust-cross-platform.yml + workflow_conclusion: success + branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} + artifacts: libbitwarden_c_files-x86_64-pc-windows-msvc + skip_unpack: true + + - name: Rename C build artifacts + run: | + artifacts=("x86_64-apple-darwin" "aarch64-apple-darwin" "x86_64-unknown-linux-gnu" "x86_64-pc-windows-msvc") # aarch64-unknown-linux-gnu) + for value in "${artifacts[@]}" + do + unzip libbitwarden_c_files-$value.zip -d libbitwarden_c_files-$value + cd libbitwarden_c_files-$value + zip -Rj ../libbitwarden_c_files-$value-$_PKG_VERSION.zip 'libbitwarden_c.*' + cd .. + done + + - name: Download schemas + uses: bitwarden/gh-actions/download-artifacts@main + with: + name: sdk-schemas-cpp + workflow: generate_schemas.yml + workflow_conclusion: success + branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} + artifacts: sdk-schemas-cpp + skip_unpack: true + + - name: Rename schemas artifacts + run: mv sdk-schemas-cpp.zip sdk-schemas-cpp-$_PKG_VERSION.zip + + - name: Download x86_64-apple-darwin C++ artifact + uses: bitwarden/gh-actions/download-artifacts@main + with: + workflow: build-cpp.yml + workflow_conclusion: success + branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} + artifacts: libbitwarden_cpp-x86_64-apple-darwin + skip_unpack: true + + - name: Download x86_64-unknown-linux-gnu C++ artifact + uses: bitwarden/gh-actions/download-artifacts@main + with: + workflow: build-cpp.yml + workflow_conclusion: success + branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} + artifacts: libbitwarden_cpp-x86_64-unknown-linux-gnu + skip_unpack: true + + - name: Rename C++ build artifacts + run: | + artifacts=("x86_64-apple-darwin" "x86_64-unknown-linux-gnu") # "x86_64-pc-windows-msvc" "aarch64-apple-darwin" "aarch64-unknown-linux-gnu") + for value in "${artifacts[@]}" + do + mv libbitwarden_cpp-$value.zip libbitwarden_cpp_files-$value-$_PKG_VERSION.zip + done + + - name: Create release + if: ${{ inputs.release_type != 'Dry Run' }} + uses: ncipollo/release-action@6c75be85e571768fa31b40abf38de58ba0397db5 # v1.13.0 + with: + tag: cpp-sdk-v${{ env._PKG_VERSION }} + name: "C++ SDK v${{ env._PKG_VERSION }}" + body: "" + token: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} + draft: true + repo: sdk + owner: bitwarden + artifacts: "libbitwarden_c_files-x86_64-apple-darwin-${{ env._PKG_VERSION }}.zip, + libbitwarden_c_files-aarch64-apple-darwin-${{ env._PKG_VERSION }}.zip, + libbitwarden_c_files-x86_64-unknown-linux-gnu-${{ env._PKG_VERSION }}.zip, + libbitwarden_c_files-x86_64-pc-windows-msvc-${{ env._PKG_VERSION }}.zip, + libbitwarden_cpp_files-x86_64-unknown-linux-gnu-${{ env._PKG_VERSION }}.zip, + libbitwarden_cpp_files-x86_64-apple-darwin-${{ env._PKG_VERSION }}.zip, + sdk-schemas-cpp-${{ env._PKG_VERSION }}.zip" diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index 325252481..cc453c577 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -18,6 +18,7 @@ on: - go-sdk - dotnet-sdk - php-sdk + - cpp-sdk version_number: description: "New version (example: '2024.1.0')" required: true @@ -140,6 +141,12 @@ jobs: run: | sed -i 's/"version": "[0-9]\.[0-9]\.[0-9]"/"version": "${{ inputs.version_number }}"/' ./languages/php/composer.json + ### cpp sdk + - name: Bump C++ SDK Version + if: ${{ inputs.project == 'cpp-sdk' }} + run: | + sed -i 's/"version": "[0-9]\.[0-9]\.[0-9]"/"version": "${{ inputs.version_number }}"/' ./languages/cpp/vcpkg.json + ############################ # VERSION BUMP SECTION END # ############################ diff --git a/languages/cpp/vcpkg.json b/languages/cpp/vcpkg.json new file mode 100644 index 000000000..06a7b968c --- /dev/null +++ b/languages/cpp/vcpkg.json @@ -0,0 +1,10 @@ +{ + "name": "bitwarden-sdk-secrets", + "version": "0.1.0", + "homepage": "https://github.com/bitwarden/sdk/tree/languages/cpp", + "description": "Bitwarden Secrets Manager SDK for C++", + "dependencies": [ + "boost", + "nlohmann-json" + ] +}