aboutsummaryrefslogtreecommitdiffstats
path: root/.circleci
diff options
context:
space:
mode:
Diffstat (limited to '.circleci')
-rw-r--r--.circleci/config.yml142
-rwxr-xr-x.circleci/scripts/firefox-install2
-rwxr-xr-x.circleci/scripts/npm-audit12
-rw-r--r--.circleci/scripts/npm-audit-check.js24
-rwxr-xr-x.circleci/scripts/release-bump-changelog-version44
-rwxr-xr-x.circleci/scripts/release-bump-manifest-version38
-rwxr-xr-x.circleci/scripts/release-create-gh-release51
-rwxr-xr-x.circleci/scripts/release-create-release-pr54
-rw-r--r--.circleci/scripts/show-changelog.awk52
-rwxr-xr-x.circleci/scripts/yarn-audit20
10 files changed, 328 insertions, 111 deletions
diff --git a/.circleci/config.yml b/.circleci/config.yml
index a69903373..084ddb365 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -2,48 +2,54 @@ version: 2
workflows:
version: 2
- full_test:
+ test_and_release:
jobs:
- - prep-deps-npm
+ - create_release_pull_request:
+ filters:
+ branches:
+ only:
+ - /^Version-v(\d+)[.](\d+)[.](\d+)/
+ - prep-deps
+ - test-deps
- prep-build:
requires:
- - prep-deps-npm
+ - prep-deps
+ - create_github_release:
+ requires:
+ - prep-build
+ filters:
+ branches:
+ only:
+ - develop
# - prep-docs:
# requires:
- # - prep-deps-npm
+ # - prep-deps
- prep-scss:
requires:
- - prep-deps-npm
+ - prep-deps
- test-lint:
requires:
- - prep-deps-npm
- - test-deps:
- requires:
- - prep-deps-npm
+ - prep-deps
- test-e2e-chrome:
requires:
- - prep-deps-npm
+ - prep-deps
- test-e2e-firefox:
requires:
- - prep-deps-npm
- # - test-e2e-beta-drizzle:
- # requires:
- # - prep-deps-npm
- # - prep-build
+ - prep-deps
- test-unit:
requires:
- - prep-deps-npm
+ - prep-deps
- test-mozilla-lint:
requires:
- - prep-deps-npm
+ - prep-deps
- prep-build
- test-integration-flat-chrome:
requires:
- - prep-deps-npm
+ - prep-deps
- prep-scss
- test-integration-flat-firefox:
requires:
- - prep-deps-npm
+ - prep-deps
- prep-scss
- all-tests-pass:
requires:
@@ -52,41 +58,45 @@ workflows:
- test-mozilla-lint
- test-e2e-chrome
- test-e2e-firefox
- # - test-e2e-beta-drizzle
- test-integration-flat-chrome
- test-integration-flat-firefox
- - job-screens:
- requires:
- - prep-deps-npm
- - prep-build
- - all-tests-pass
- job-publish-prerelease:
requires:
- - prep-deps-npm
+ - prep-deps
- prep-build
- - job-screens
- all-tests-pass
- job-publish-release:
filters:
branches:
only: master
requires:
- - prep-deps-npm
+ - prep-deps
- prep-build
# - prep-docs
- - job-screens
- all-tests-pass
jobs:
- prep-deps-npm:
+ create_release_pull_request:
+ docker:
+ - image: circleci/node:8.15.1-browsers
+ steps:
+ - checkout
+ - run:
+ name: Create GitHub Pull Request for version
+ command: |
+ .circleci/scripts/release-bump-changelog-version
+ .circleci/scripts/release-bump-manifest-version
+ .circleci/scripts/release-create-release-pr
+
+ prep-deps:
docker:
- image: circleci/node:10.16-browsers
steps:
- checkout
- run:
- name: Install deps via npm
+ name: Install deps
command: |
- npm ci
+ yarn --frozen-lockfile
- persist_to_workspace:
root: .
paths:
@@ -101,7 +111,7 @@ jobs:
at: .
- run:
name: build:dist
- command: npm run dist
+ command: yarn dist
- run:
name: build:debug
command: find dist/ -type f -exec md5sum {} \; | sort -k 2
@@ -120,7 +130,7 @@ jobs:
at: .
- run:
name: build:dist
- command: npm run doc
+ command: yarn doc
- persist_to_workspace:
root: .
paths:
@@ -139,7 +149,7 @@ jobs:
command: find ui/app/css -type f -exec md5sum {} \; | sort -k 2 > scss_checksum
- run:
name: Build for integration tests
- command: npm run test:integration:build
+ command: yarn test:integration:build
- persist_to_workspace:
root: .
paths:
@@ -154,7 +164,7 @@ jobs:
at: .
- run:
name: Test
- command: npm run lint
+ command: yarn lint
test-deps:
docker:
@@ -164,22 +174,9 @@ jobs:
- attach_workspace:
at: .
- run:
- name: npm audit
- command: .circleci/scripts/npm-audit
+ name: yarn audit
+ command: .circleci/scripts/yarn-audit
- # test-e2e-beta-drizzle:
- # docker:
- # - image: circleci/node:8.11.3-browsers
- # steps:
- # - checkout
- # - attach_workspace:
- # at: .
- # - run:
- # name: test:e2e:drizzle:beta
- # command: npm run test:e2e:drizzle:beta
- # - store_artifacts:
- # path: test-artifacts
- # destination: test-artifacts
test-e2e-chrome:
docker:
- image: circleci/node:10.16-browsers
@@ -189,7 +186,7 @@ jobs:
at: .
- run:
name: test:e2e:chrome
- command: npm run build:test && npm run test:e2e:chrome
+ command: yarn build:test && yarn test:e2e:chrome
no_output_timeout: 20m
- store_artifacts:
path: test-artifacts
@@ -207,27 +204,12 @@ jobs:
at: .
- run:
name: test:e2e:firefox
- command: npm run build:test && npm run test:e2e:chrome
+ command: yarn build:test && yarn test:e2e:chrome
no_output_timeout: 20m
- store_artifacts:
path: test-artifacts
destination: test-artifacts
- job-screens:
- docker:
- - image: circleci/node:10.16-browsers
- steps:
- - checkout
- - attach_workspace:
- at: .
- - run:
- name: Test
- command: npm run test:screens
- - persist_to_workspace:
- root: .
- paths:
- - test-artifacts
-
job-publish-prerelease:
docker:
- image: circleci/node:10.16-browsers
@@ -257,13 +239,13 @@ jobs:
at: .
- run:
name: sentry sourcemaps upload
- command: npm run sentry:publish
+ command: yarn sentry:publish
# - run:
# name: github gh-pages docs publish
# command: >
# git config --global user.name "metamaskbot" &&
# git config --global user.email "admin@metamask.io" &&
- # npm run publish-docs
+ # yarn publish-docs
test-unit:
docker:
@@ -274,7 +256,7 @@ jobs:
at: .
- run:
name: test:coverage
- command: npm run test:coverage
+ command: yarn test:coverage
test-mozilla-lint:
docker:
- image: circleci/node:10.16-browsers
@@ -284,7 +266,7 @@ jobs:
at: .
- run:
name: test:mozilla-lint
- command: npm run mozilla-lint
+ command: NODE_OPTIONS=--max_old_space_size=3072 yarn mozilla-lint
test-integration-flat-firefox:
docker:
@@ -298,7 +280,7 @@ jobs:
command: ./.circleci/scripts/firefox-install
- run:
name: test:integration:flat
- command: npm run test:flat
+ command: yarn test:flat
test-integration-flat-chrome:
environment:
@@ -311,7 +293,7 @@ jobs:
at: .
- run:
name: test:integration:flat
- command: npm run test:flat
+ command: yarn test:flat
all-tests-pass:
docker:
@@ -320,3 +302,15 @@ jobs:
- run:
name: All Tests Passed
command: echo 'weew - everything passed!'
+
+ create_github_release:
+ docker:
+ - image: circleci/node:8.15.1-browsers
+ steps:
+ - checkout
+ - attach_workspace:
+ at: .
+ - run:
+ name: Create GitHub release
+ command: |
+ .circleci/scripts/release-create-gh-release
diff --git a/.circleci/scripts/firefox-install b/.circleci/scripts/firefox-install
index 7c785b987..3f0772f49 100755
--- a/.circleci/scripts/firefox-install
+++ b/.circleci/scripts/firefox-install
@@ -4,7 +4,7 @@ set -e
set -u
set -o pipefail
-FIREFOX_VERSION='62.0'
+FIREFOX_VERSION='68.0'
FIREFOX_BINARY="firefox-${FIREFOX_VERSION}.tar.bz2"
FIREFOX_BINARY_URL="https://ftp.mozilla.org/pub/firefox/releases/${FIREFOX_VERSION}/linux-x86_64/en-US/${FIREFOX_BINARY}"
FIREFOX_PATH='/opt/firefox'
diff --git a/.circleci/scripts/npm-audit b/.circleci/scripts/npm-audit
deleted file mode 100755
index 00a6876ff..000000000
--- a/.circleci/scripts/npm-audit
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-
-set -e
-set -u
-set -o pipefail
-
-if ! npm audit
-then
- ! npm audit --json > audit.json
- printf '%s\n' ''
- node .circleci/scripts/npm-audit-check.js
-fi
diff --git a/.circleci/scripts/npm-audit-check.js b/.circleci/scripts/npm-audit-check.js
deleted file mode 100644
index 2fb408add..000000000
--- a/.circleci/scripts/npm-audit-check.js
+++ /dev/null
@@ -1,24 +0,0 @@
-const path = require('path')
-const audit = require(path.join(__dirname, '..', '..', 'audit.json'))
-const error = audit.error
-const advisories = Object.keys(audit.advisories || []).map((k) => audit.advisories[k])
-
-if (error) {
- process.exit(1)
-}
-
-let count = 0
-for (const advisory of advisories) {
- if (advisory.severity === 'low') {
- continue
- }
-
- count += advisory.findings.some((finding) => (!finding.dev && !finding.optional))
-}
-
-if (count > 0) {
- console.log(`Audit shows ${count} moderate or high severity advisories _in the production dependencies_`)
- process.exit(1)
-} else {
- console.log(`Audit shows _zero_ moderate or high severity advisories _in the production dependencies_`)
-}
diff --git a/.circleci/scripts/release-bump-changelog-version b/.circleci/scripts/release-bump-changelog-version
new file mode 100755
index 000000000..9fd4ddbb8
--- /dev/null
+++ b/.circleci/scripts/release-bump-changelog-version
@@ -0,0 +1,44 @@
+#!/usr/bin/env bash
+
+set -e
+set -u
+set -o pipefail
+
+if [[ "${CI:-}" != 'true' ]]
+then
+ printf '%s\n' 'CI environment variable must be set to true'
+ exit 1
+fi
+
+if [[ "${CIRCLECI:-}" != 'true' ]]
+then
+ printf '%s\n' 'CIRCLECI environment variable must be set to true'
+ exit 1
+fi
+
+version="${CIRCLE_BRANCH/Version-v/}"
+
+if ! grep --quiet --fixed-strings "$version" CHANGELOG.md
+then
+ printf '%s\n' 'Adding this release to CHANGELOG.md'
+ date_str="$(date '+%a %b %d %Y')"
+ cp CHANGELOG.md{,.bak}
+
+update_headers=$(cat <<END
+/## Current Develop Branch/ {
+ print "## Current Develop Branch\n";
+ print "## ${version} ${date_str}";
+ next;
+}
+{
+ print;
+}
+END
+)
+
+ awk "$update_headers" CHANGELOG.md.bak > CHANGELOG.md
+ rm CHANGELOG.md.bak
+else
+ printf '%s\n' "CHANGELOG.md already includes a header for ${version}"
+ exit 0
+fi
diff --git a/.circleci/scripts/release-bump-manifest-version b/.circleci/scripts/release-bump-manifest-version
new file mode 100755
index 000000000..44b193c97
--- /dev/null
+++ b/.circleci/scripts/release-bump-manifest-version
@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+
+set -e
+set -u
+set -o pipefail
+
+if [[ "${CI:-}" != 'true' ]]
+then
+ printf '%s\n' 'CI environment variable must be set to true'
+ exit 1
+fi
+
+if [[ "${CIRCLECI:-}" != 'true' ]]
+then
+ printf '%s\n' 'CIRCLECI environment variable must be set to true'
+ exit 1
+fi
+
+printf '%s\n' 'Updating the manifest version if needed'
+
+version="${CIRCLE_BRANCH/Version-v/}"
+updated_manifest="$(jq ".version = \"$version\"" app/manifest.json)"
+printf '%s\n' "$updated_manifest" > app/manifest.json
+
+if [[ -z $(git status --porcelain) ]]
+then
+ printf '%s\n' 'App manifest version already set'
+ exit 0
+fi
+
+git \
+ -c user.name='MetaMask Bot' \
+ -c user.email='metamaskbot@users.noreply.github.com' \
+ commit --message "${CIRCLE_BRANCH/-/ }" \
+ CHANGELOG.md app/manifest.json
+
+repo_slug="$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME"
+git push "https://$GITHUB_TOKEN_USER:$GITHUB_TOKEN@github.com/$repo_slug" "$CIRCLE_BRANCH"
diff --git a/.circleci/scripts/release-create-gh-release b/.circleci/scripts/release-create-gh-release
new file mode 100755
index 000000000..f40df4998
--- /dev/null
+++ b/.circleci/scripts/release-create-gh-release
@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+
+set -x
+set -e
+set -u
+set -o pipefail
+
+if [[ "${CI:-}" != 'true' ]]
+then
+ printf '%s\n' 'CI environment variable must be set to true'
+ exit 1
+fi
+
+if [[ "${CIRCLECI:-}" != 'true' ]]
+then
+ printf '%s\n' 'CIRCLECI environment variable must be set to true'
+ exit 1
+fi
+
+function install_github_cli ()
+{
+ printf '%s\n' 'Installing hub CLI'
+ pushd "$(mktemp -d)"
+ curl -sSL 'https://github.com/github/hub/releases/download/v2.11.2/hub-linux-amd64-2.11.2.tgz' | tar xz
+ PATH="$PATH:$PWD/hub-linux-amd64-2.11.2/bin"
+ popd
+}
+
+current_commit_msg=$(git show -s --format='%s' HEAD)
+
+if grep --quiet '^Version v' <<< "$current_commit_msg"
+then
+ install_github_cli
+
+ printf '%s\n' 'Creating GitHub Release'
+ read -ra commit_words <<< "$current_commit_msg"
+ tag="${commit_words[1]}"
+ release_body="$(awk -v version="${tag##v}" -f .circleci/scripts/show-changelog.awk CHANGELOG.md)"
+ pushd builds
+ hub release create \
+ --attach metamask-chrome-*.zip \
+ --attach metamask-firefox-*.zip \
+ --message "${commit_words[0]} ${commit_words[1]#v}" \
+ --message "$release_body" \
+ --commitish "$CIRCLE_SHA1" \
+ "$tag"
+ popd
+else
+ printf '%s\n' 'Skipping GitHub Release'
+ exit 0
+fi
diff --git a/.circleci/scripts/release-create-release-pr b/.circleci/scripts/release-create-release-pr
new file mode 100755
index 000000000..8a2238ec4
--- /dev/null
+++ b/.circleci/scripts/release-create-release-pr
@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+
+set -e
+set -u
+set -o pipefail
+
+if [[ "${CI:-}" != 'true' ]]
+then
+ printf '%s\n' 'CI environment variable must be set to true'
+ exit 1
+fi
+
+if [[ "${CIRCLECI:-}" != 'true' ]]
+then
+ printf '%s\n' 'CIRCLECI environment variable must be set to true'
+ exit 1
+fi
+
+if [[ -z "${GITHUB_TOKEN:-}" ]]
+then
+ printf '%s\n' 'GITHUB_TOKEN environment variable must be set'
+ exit 1
+fi
+
+function install_github_cli ()
+{
+ printf '%s\n' 'Installing hub CLI'
+ pushd "$(mktemp -d)"
+ curl -sSL 'https://github.com/github/hub/releases/download/v2.11.2/hub-linux-amd64-2.11.2.tgz' | tar xz
+ PATH="$PATH:$PWD/hub-linux-amd64-2.11.2/bin"
+ popd
+}
+
+version="${CIRCLE_BRANCH/Version-v/}"
+base_branch='develop'
+
+if [[ -n "${CI_PULL_REQUEST:-}" ]]
+then
+ printf '%s\n' 'CI_PULL_REQUEST is set, pull request already exists for this build'
+ exit 0
+fi
+
+install_github_cli
+
+printf '%s\n' "Creating a Pull Request for $version on GitHub"
+
+if ! hub pull-request \
+ --reviewer '@MetaMask/extension-release-team' \
+ --message "${CIRCLE_BRANCH/-/ } RC" --message ':package: :rocket:' \
+ --base "$CIRCLE_PROJECT_USERNAME:$base_branch" \
+ --head "$CIRCLE_PROJECT_USERNAME:$CIRCLE_BRANCH";
+then
+ printf '%s\n' 'Pull Request already exists'
+fi
diff --git a/.circleci/scripts/show-changelog.awk b/.circleci/scripts/show-changelog.awk
new file mode 100644
index 000000000..e490df9db
--- /dev/null
+++ b/.circleci/scripts/show-changelog.awk
@@ -0,0 +1,52 @@
+# DESCRIPTION
+#
+# This script will print out all of the CHANGELOG.md lines for a given version
+# with the assumption that the CHANGELOG.md files looks something along the
+# lines of:
+#
+# ```
+# ## 6.6.2 Fri Jun 07 2019
+#
+# - [#6690](https://github.com/MetaMask/metamask-extension/pull/6690): Some words
+# - [#6700](https://github.com/MetaMask/metamask-extension/pull/6700): some more words
+#
+# ## 6.6.1 Thu Jun 06 2019
+#
+# - [#6691](https://github.com/MetaMask/metamask-extension/pull/6691): Revert other words
+#
+# ## 6.6.0 Mon Jun 03 2019
+#
+# - [#6659](https://github.com/MetaMask/metamask-extension/pull/6659): foo
+# - [#6671](https://github.com/MetaMask/metamask-extension/pull/6671): bar
+# - [#6625](https://github.com/MetaMask/metamask-extension/pull/6625): baz
+# - [#6633](https://github.com/MetaMask/metamask-extension/pull/6633): Many many words
+#
+#
+# ```
+#
+# EXAMPLE
+#
+# Run this script like so, passing in the version:
+#
+# ```
+# awk -v version='6.6.0' -f .circleci/scripts/show-changelog.awk CHANGELOG.md
+# ```
+#
+
+BEGIN {
+ inside_section = 0;
+}
+
+$1 == "##" && $2 == version {
+ inside_section = 1;
+ next;
+}
+
+$1 == "##" && $2 != version {
+ inside_section = 0;
+ next;
+}
+
+inside_section && !/^$/ {
+ print $0;
+}
diff --git a/.circleci/scripts/yarn-audit b/.circleci/scripts/yarn-audit
new file mode 100755
index 000000000..ebe036815
--- /dev/null
+++ b/.circleci/scripts/yarn-audit
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+set -u
+set -o pipefail
+
+yarn audit --level moderate --groups dependencies
+audit_status="$?"
+
+# Use a bitmask to ignore INFO and LOW severity audit results
+# See here: https://yarnpkg.com/lang/en/docs/cli/audit/
+audit_status="$(( audit_status & 11100 ))"
+
+if [[ "$audit_status" != 0 ]]
+then
+ count="$(yarn audit --level moderate --groups dependencies --json | tail -1 | jq '.data.vulnerabilities.moderate + .data.vulnerabilities.high + .data.vulnerabilities.critical')"
+ printf "Audit shows %s moderate or high severity advisories _in the production dependencies_\n" "$count"
+ exit 1
+else
+ printf "Audit shows _zero_ moderate or high severity advisories _in the production dependencies_\n"
+fi
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-10 23:19:55 +0800