feat(ci): update inbrowser.link on release publish #193
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - '**' | |
| release: | |
| types: [ published ] | |
| workflow_dispatch: | |
| env: | |
| KUBO_VER: 'v0.27.0' # kubo daemon used for publishing to IPFS | |
| CLUSTER_CTL_VER: 'v1.0.8' # ipfs-cluster-ctl used by publish-to-ipfs | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - name: Save ./dist output for later | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist_${{ github.sha }} | |
| path: dist | |
| check: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - run: npm run --if-present lint | |
| - run: npm run --if-present dep-check | |
| - run: npm run --if-present doc-check | |
| test-node: | |
| needs: build | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [windows-latest, ubuntu-latest, macos-latest] | |
| node: [lts/*] | |
| fail-fast: true | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node }} | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - run: npm run --if-present test:node | |
| - uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5 | |
| with: | |
| flags: node | |
| files: .coverage/*,packages/*/.coverage/* | |
| test-chrome: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - run: npm run --if-present test:chrome | |
| - uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5 | |
| with: | |
| flags: chrome | |
| files: .coverage/*,packages/*/.coverage/* | |
| test-chrome-webworker: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - run: npm run --if-present test:chrome-webworker | |
| - uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5 | |
| with: | |
| flags: chrome-webworker | |
| files: .coverage/*,packages/*/.coverage/* | |
| test-firefox: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - run: npm run --if-present test:firefox | |
| - uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5 | |
| with: | |
| flags: firefox | |
| files: .coverage/*,packages/*/.coverage/* | |
| test-firefox-webworker: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - run: npm run --if-present test:firefox-webworker | |
| - uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5 | |
| with: | |
| flags: firefox-webworker | |
| files: .coverage/*,packages/*/.coverage/* | |
| test-webkit: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - run: npm run --if-present test:webkit | |
| - uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5 | |
| with: | |
| flags: webkit | |
| files: .coverage/*,packages/*/.coverage/* | |
| test-electron-main: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - run: npx xvfb-maybe npm run --if-present test:electron-main | |
| - uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5 | |
| with: | |
| flags: electron-main | |
| files: .coverage/*,packages/*/.coverage/* | |
| test-electron-renderer: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - uses: ipfs/aegir/actions/cache-node-modules@master | |
| - run: npx xvfb-maybe npm run --if-present test:electron-renderer | |
| - uses: codecov/codecov-action@4fe8c5f003fae66aa5ebb77cfd3e7bfbbda0b6b0 # v3.1.5 | |
| with: | |
| flags: electron-renderer | |
| files: .coverage/*,packages/*/.coverage/* | |
| publish-to-ipfs: | |
| # NOTE: workflow_dispatch here allows maintainer to manually run against any branch, and it will produce a CAR with CID that is pinned | |
| # TODO: if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'release' && github.event.action == 'published') | |
| needs: build | |
| runs-on: ubuntu-latest | |
| environment: Deploy # Clusteer secrets | |
| concurrency: | |
| # only one job runs at a time == DNSLinks are updated in-order | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| outputs: | |
| cid: ${{ steps.ipfs-import.outputs.cid }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Retrieve ./dist produced by build job | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist_${{ github.sha }} | |
| path: dist | |
| - uses: ipfs/download-ipfs-distribution-action@v1 | |
| with: | |
| name: kubo | |
| version: "${{ env.KUBO_VER }}" | |
| - uses: ipfs/download-ipfs-distribution-action@v1 | |
| with: | |
| name: ipfs-cluster-ctl | |
| version: "${{ env.CLUSTER_CTL_VER }}" | |
| - name: Init IPFS daemon | |
| run: | | |
| # TODO remove if we no longer need these | |
| # fix resolv - DNS provided by Github is unreliable for DNSLik/dnsaddr | |
| #sudo sed -i -e 's/nameserver 127.0.0.*/nameserver 1.1.1.1/g' /etc/resolv.conf | |
| #ipfs init --profile flatfs,server,randomports,lowpower | |
| # make flatfs async for faster ci | |
| #ipfs config --json 'Datastore.Spec.mounts' "$(ipfs config 'Datastore.Spec.mounts' | jq -c '.[0].child.sync=false')" | |
| shell: bash | |
| - uses: ipfs/start-ipfs-daemon-action@v1 | |
| - name: Preconnect to cluster peers | |
| run: | | |
| ipfs-cluster-ctl --enc=json \ | |
| --host "/dnsaddr/ipfs-websites.collab.ipfscluster.io" \ | |
| --basic-auth "$CLUSTER_USER:$CLUSTER_PASSWORD" \ | |
| peers ls | tee cluster-peers-ls | |
| for maddr in $(jq -r '.ipfs.addresses[]?' cluster-peers-ls); do | |
| ipfs swarm peering add $maddr | |
| ipfs swarm connect $maddr || true & | |
| done | |
| shell: bash | |
| env: | |
| CLUSTER_USER: ${{ secrets.CLUSTER_USER }} | |
| CLUSTER_PASSWORD: ${{ secrets.CLUSTER_PASSWORD }} | |
| - name: IPFS import of ./dist | |
| id: ipfs-import | |
| run: | | |
| root_cid=$(ipfs add --cid-version 1 --inline --chunker size-1048576 -Q -r --offline ./dist) | |
| echo "cid=$root_cid" >> $GITHUB_OUTPUT | |
| - name: ℹ️ Generated DAG and CID | |
| run: ipfs dag stat --progress=false ${{ steps.ipfs-import.outputs.cid }} | |
| - name: Create CAR file | |
| run: ipfs dag export ${{ steps.ipfs-import.outputs.cid }} > dist_${{ github.sha }}.car | |
| - name: Attach CAR to Github Action | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist_${{ github.sha }}.car | |
| path: dist_${{ github.sha }}.car | |
| if-no-files-found: error | |
| - name: Pin to ipfs-websites.collab.ipfscluster.io | |
| run: | | |
| ipfs-cluster-ctl --enc=json \ | |
| --host "/dnsaddr/ipfs-websites.collab.ipfscluster.io" \ | |
| --basic-auth "${CLUSTER_USER}:${CLUSTER_PASSWORD}" \ | |
| pin add \ | |
| --name "${{ github.repository }}/${{ github.sha }}" \ | |
| --replication-min 2 \ | |
| --replication-max 6 \ | |
| --wait \ | |
| "$PIN_CID" | |
| env: | |
| PIN_CID: ${{ steps.ipfs-import.outputs.cid }} | |
| CLUSTER_USER: ${{ secrets.CLUSTER_USER }} | |
| CLUSTER_PASSWORD: ${{ secrets.CLUSTER_PASSWORD }} | |
| timeout-minutes: 60 | |
| - name: Update DNSLink at inbrowser.dev (Staging for Dev Testing) if main branch was updated | |
| if: (github.event_name == 'workflow_dispatch' || github.event_name == 'push') && github.ref == 'refs/heads/main' | |
| run: | | |
| curl --request PUT --header "Authorization: Bearer ${AUTH_TOKEN}" --header 'Content-Type: application/json' \ | |
| --url "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${RECORD_ID}" \ | |
| --data "{\"type\":\"TXT\",\"name\":\"_dnslink.${DNSLINK_NAME}\",\"content\":\"dnslink=/ipfs/${DNSLINK_CID}\",\"comment\":\"${{ github.repository }}/${{ github.sha }}\"}" | |
| env: | |
| DNSLINK_NAME: inbrowser.dev | |
| DNSLINK_CID: ${{ steps.ipfs-import.outputs.cid }} | |
| ZONE_ID: ${{ secrets.CF_INBROWSERDEV_ZONE_ID }} | |
| RECORD_ID: ${{ secrets.CF_INBROWSERDEV_RECORD_ID }} | |
| AUTH_TOKEN: ${{ secrets.CF_INBROWSERDEV_AUTH_TOKEN }} | |
| - name: Update DNSLink at inbrowser.link (Stable Production) if new release was published | |
| if: github.event_name == 'release' && github.event.action == 'published' | |
| run: | | |
| curl --request PUT --header "Authorization: Bearer ${AUTH_TOKEN}" --header 'Content-Type: application/json' \ | |
| --url "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${RECORD_ID}" \ | |
| --data "{\"type\":\"TXT\",\"name\":\"_dnslink.${DNSLINK_NAME}\",\"content\":\"dnslink=/ipfs/${DNSLINK_CID}\",\"comment\":\"${{ github.repository }}/${{ github.sha }}\"}" | |
| env: | |
| DNSLINK_NAME: inbrowser.link | |
| DNSLINK_CID: ${{ steps.ipfs-import.outputs.cid }} | |
| ZONE_ID: ${{ secrets.CF_INBROWSERLINK_ZONE_ID }} | |
| RECORD_ID: ${{ secrets.CF_INBROWSERLINK_RECORD_ID }} | |
| AUTH_TOKEN: ${{ secrets.CF_INBROWSERLINK_AUTH_TOKEN }} | |
| pin-to-w3: # ported from ipfs/ipfs-webui | |
| if: needs.publish-to-ipfs.outputs.cid | |
| needs: publish-to-ipfs | |
| runs-on: ubuntu-latest | |
| environment: web3.storage | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| - name: Retrieve CAR produced by publish-to-ipfs job | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist_${{ github.sha }}.car | |
| - name: Pin with @web3-storage/w3cli | |
| run: | | |
| # ensure whoami | |
| npx -y --package=@web3-storage/w3cli@latest -- w3 whoami | |
| # convert base64 env var to file | |
| echo $W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING | base64 -d > ipfs-webui-ci-space.ucan.proof | |
| # Add space | |
| export W3CLI_SPACE_DID=$(npx -y --package=@web3-storage/w3cli@latest -- w3 space add ipfs-webui-ci-space.ucan.proof) | |
| # use space | |
| npx -y --package=@web3-storage/w3cli@latest -- w3 space use $W3CLI_SPACE_DID | |
| # upload car | |
| npx -y --package=@web3-storage/w3cli@latest -- w3 up --no-wrap --car dist_${{ github.sha }}.car | |
| env: | |
| W3_STORE_NAME: ${{ secrets.W3_STORE_NAME }} | |
| W3_AGENT_DID: ${{ secrets.W3_AGENT_DID }} | |
| # W3_PRINCIPAL env name is expected by w3cli tool: https://github.com/web3-storage/w3cli#w3_principal | |
| W3_PRINCIPAL: ${{ secrets.W3_AGENT_PRINCIPAL }} | |
| W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING: ${{ secrets.W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING }} | |
| pin-to-scaleway: | |
| if: needs.publish-to-ipfs.outputs.cid | |
| needs: publish-to-ipfs | |
| runs-on: ubuntu-latest | |
| environment: Scaleway | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ipfs/download-ipfs-distribution-action@v1 | |
| with: | |
| name: kubo | |
| version: "${{ env.KUBO_VER }}" | |
| - name: Init IPFS daemon | |
| run: ipfs init --profile flatfs,server,randomports,lowpower | |
| - uses: ipfs/start-ipfs-daemon-action@v1 | |
| with: | |
| args: --enable-gc=false | |
| - name: Retrieve CAR produced by publish-to-ipfs job | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: dist_${{ github.sha }}.car | |
| - name: Import CAR to local Kubo | |
| run: ipfs dag import --offline dist_${{ github.sha }}.car | |
| - name: Set up and check Scaleway | |
| id: scaleway | |
| run: | | |
| ipfs pin remote service add scaleway "$SCALEWAY_URL" "$SCALEWAY_SECRET" | |
| echo "existing-pin=$(ipfs pin remote ls --service=scaleway --name=$CID)" >> $GITHUB_OUTPUT # using --name because --cid does not work with Scaleway (2024-Q1) | |
| env: | |
| CID: ${{ needs.publish-to-ipfs.outputs.cid }} | |
| SCALEWAY_SECRET: ${{ secrets.SCALEWAY_SECRET }} | |
| SCALEWAY_URL: ${{ secrets.SCALEWAY_URL }} | |
| - name: Pin to Scaleway | |
| if: ${{ steps.scaleway.outputs.existing-pin == '' }} | |
| run: ipfs pin remote add --service=scaleway --name=$CID $CID # using --name because --cid does not work with Scaleway (2024-Q1) | |
| env: | |
| CID: ${{ needs.publish-to-ipfs.outputs.cid }} | |
| smoke-test-cached-http: # basic smoke test that lets us know when stale-while-revalidate caching does not work on either env | |
| if: needs.publish-to-ipfs.outputs.cid | |
| needs: publish-to-ipfs | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| dnslink: | |
| - inbrowser.link | |
| - inbrowser.dev | |
| steps: | |
| - name: Smoke-test instant (cached, stale-while-revalidate) /ipfs-sw-main.js at ${{ matrix.dnslink }} | |
| run: curl --retry 3 --retry-delay 61 --retry-all-errors -v https://${{ matrix.dnslink }}/ipfs-sw-main.js > /dev/null | |
| smoke-test-fresh-http: # basic smoke test for getting new DAG over HTTP gateways | |
| if: needs.publish-to-ipfs.outputs.cid | |
| needs: publish-to-ipfs | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| gateway: | |
| - trustless-gateway.link | |
| - cloudflare-ipfs.com | |
| - w3s.link | |
| steps: | |
| - name: Smoke-test fetching the new CID as CAR from ${{ matrix.gateway }} | |
| run: curl --retry 3 --retry-delay 61 --retry-all-errors -v "https://${{ matrix.gateway }}/ipfs/${{ needs.publish-to-ipfs.outputs.cid }}?format=car" > /dev/null | |
| smoke-test-fresh-p2p: # basic smoke test for getting new DAG over P2P with Kubo | |
| if: needs.publish-to-ipfs.outputs.cid | |
| needs: publish-to-ipfs | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: ipfs/download-ipfs-distribution-action@v1 | |
| with: | |
| name: kubo | |
| version: "${{ env.KUBO_VER }}" | |
| - uses: ipfs/start-ipfs-daemon-action@v1 | |
| - name: Confirm a fresh Kubo instance can fetch the entire DAG | |
| run: ipfs dag stat ${{ needs.publish-to-ipfs.outputs.cid }} |