🔨 CI workflow improvements

.github/workflows/build.yaml

@@ -115,54 +115,9 @@ jobs:
           docker run --rm -v "$PWD:/mnt" --workdir "/mnt" "koalaman/shellcheck:v0.8.0"
           --color=always *.sh
 
-  format:
-    runs-on: ubuntu-latest
-    if: github.event_name == 'pull_request' && github.ref != 'refs/heads/main'
-    steps:
-      - uses: actions/checkout@v2
-        with:
-          ref: ${{ github.head_ref }}
-      - uses: actions/setup-node@v2
-        with:
-          node-version: '16'
-          cache: 'npm'
-          cache-dependency-path: './lib/package-lock.json'
-      - run: make format
-      - name: ignore package-lock changes
-        run: git checkout -- {cli,sample-web-app}/package-lock.json
-      - name: Commit changes
-        id: auto-commit
-        uses: stefanzweifel/git-auto-commit-action@v4
-        with:
-          commit_message: |-
-            🤖 🎨 Autoformat
-
-      - name: Suggest user signoff
-        if: steps.auto-commit.outputs.changes_detected == 'true'
-        uses: actions/github-script@v6
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            const body = `If these changes look good, signoff on them with:
-            \`\`\`
-            git pull && git commit --amend --signoff && git push --force-with-lease origin
-            \`\`\`
-
-            If they aren't any good, please remove them with:
-            \`\`\`
-            git pull && git reset --hard HEAD~1 && git push --force-with-lease origin
-            \`\`\`
-            `;
-            github.rest.issues.createComment({
-              issue_number: context.issue.number,
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              body,
-            });
-
   backend-roundtrip:
     needs:
-        - cli
+      - cli
     runs-on: ubuntu-latest
     defaults:
       run:
@@ -181,7 +136,7 @@ jobs:
       - uses: actions/download-artifact@v2
         with:
           name: opentdf-cli
-      - name: Git clone backend 
+      - name: Git clone backend
         run: |
           git clone https://github.com/opentdf/opentdf.git
       - uses: yokawasa/action-setup-kube-tools@v0.7.1
@@ -191,9 +146,9 @@ jobs:
             helm
             tilt
           # This should be in sync with the minikube-deployed kube version below
-          kubectl: "1.23.1"
-          helm: "3.8.0"
-          tilt: "0.26.2"
+          kubectl: '1.23.1'
+          helm: '3.8.0'
+          tilt: '0.26.2'
       - run: |
           kubectl version --client
           kustomize version
@@ -242,7 +197,7 @@ jobs:
       - name: trigger xtest
         run: |
           curl -XPOST -u "virtru-cloudnative:${{secrets.PERSONAL_ACCESS_TOKEN}}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" "https://api.github.com/repos/opentdf/backend/dispatches" --data '{"event_type": "xtest", "client_payload": {"version":"'$(BUILD_META="" .github/workflows/gh-semver.sh)'"}}'
-      - name: 
+      - name: Publish documentation to gh-pages
         uses: JamesIves/github-pages-deploy-action@v4.3.3
         with:
           branch: gh-pages

.github/workflows/format.yaml

@@ -0,0 +1,45 @@
+name: '🤖 🎨'
+on:
+  pull_request:
+jobs:
+  format:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: '16'
+          cache: 'npm'
+          cache-dependency-path: './lib/package-lock.json'
+      - run: make format
+      - name: ignore package-lock changes
+        run: git checkout -- {cli,sample-web-app}/package-lock.json
+      - name: Commit changes
+        id: auto-commit
+        uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          commit_message: |-
+            🤖 🎨 Autoformat
+
+      - name: Suggest user signoff
+        if: steps.auto-commit.outputs.changes_detected == 'true'
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const body = `If these changes look good, signoff on them with:
+            \`\`\`
+            git pull && git commit --amend --signoff && git push --force-with-lease origin
+            \`\`\`
+
+            If they aren't any good, please remove them with:
+            \`\`\`
+            git pull && git reset --hard HEAD~1 && git push --force-with-lease origin
+            \`\`\`
+            `;
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body,
+            });

.github/workflows/roundtrip/encrypt-decrypt.sh

@@ -1,27 +1,21 @@
 #!/usr/bin/env bash
 set -e
 
-cd ../..
-pwd
-
-cp ../../../opentdf-cli-*.tgz ../../../cli
-npm uninstall @opentdf/cli && npm ci && npm i ../../../cli/opentdf-cli-*.tgz
-
-echo "Hello World!" > ./sample.txt
+echo "Hello World!" >./sample.txt
 
 npx @opentdf/cli --log-level DEBUG \
---kasEndpoint http://localhost:65432/api/kas \
---oidcEndpoint http://localhost:65432 \
---auth tdf:tdf-client:123-456 \
---output sample.txt.tdf encrypt sample.txt \
---attributes https://example.com/attr/Classification/value/S,https://example.com/attr/COI/value/PRX
+  --kasEndpoint http://localhost:65432/api/kas \
+  --oidcEndpoint http://localhost:65432/auth \
+  --auth tdf:tdf-client:123-456 \
+  --output sample.txt.tdf encrypt sample.txt \
+  --attributes https://example.com/attr/Classification/value/S,https://example.com/attr/COI/value/PRX
 
 npx @opentdf/cli --log-level DEBUG \
---kasEndpoint http://localhost:65432/api/kas \
---oidcEndpoint http://localhost:65432 \
---auth tdf:tdf-client:123-456 \
---output sample_out.txt decrypt sample.txt.tdf
+  --kasEndpoint http://localhost:65432/api/kas \
+  --oidcEndpoint http://localhost:65432 \
+  --auth tdf:tdf-client:123-456 \
+  --output sample_out.txt decrypt sample.txt.tdf
 
 diff sample.txt sample_out.txt
 
-echo "Roundtrip successful!"
+echo "Roundtrip successful!"

.github/workflows/roundtrip/wait-and-test.sh

@@ -1,16 +1,33 @@
 #!/usr/bin/env bash
 
 APP_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null && pwd)"
+ROOT_DIR="$(cd "${APP_DIR}/../../.." >/dev/null && pwd)"
+
 APP="${APP_DIR}/encrypt-decrypt.sh"
 
+_configure_app() {
+  cli_version=$(cd "${ROOT_DIR}/cli" && node -p "require('./package.json').version")
+  if [ -f "${ROOT_DIR}/opentdf-cli-${cli_version}.tgz" ]; then
+    echo "installing tgz"
+    cp "${ROOT_DIR}/opentdf-cli-${cli_version}.tgz" "${ROOT_DIR}/cli/"
+    (
+      cd "${APP_DIR}" || exit 1
+      npm uninstall @opentdf/cli && npm ci && npm i "../../../cli/opentdf-cli-${cli_version}.tgz"
+    )
+  else
+    npm i
+  fi
+}
+
 _wait-for() {
   echo "[INFO] In retry loop for quickstarted opentdf backend..."
   limit=5
   for i in $(seq 1 $limit); do
     if sh "${APP}"; then
       return 0
     fi
-    if [[ $i == $limit ]]; then
+    if [[ $i == "$limit" ]]; then
+      echo "[WARN] Breaking _wait-for loop as we are at limit"
       break
     fi
     sleep_for=$((10 + i * i * 2))
@@ -21,4 +38,5 @@ _wait-for() {
   exit 1
 }
 
+_configure_app
 _wait-for

lib/tsconfig.json

@@ -1,6 +1,5 @@
 {
   "compilerOptions": {
-    "allowJs": true,
     "alwaysStrict": true,
     "baseUrl": "./",
     "paths": {