Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make xcframework done manually by PR authors is error-prone and a potential security hazard #99

Open
daira opened this issue Sep 12, 2023 · 2 comments · May be fixed by pacu/zcash-light-client-ffi#4
Open

make xcframework done manually by PR authors is error-prone and a potential security hazard #99

daira opened this issue Sep 12, 2023 · 2 comments · May be fixed by pacu/zcash-light-client-ffi#4
Labels
enhancement New feature or request

Comments

@daira
Copy link
Contributor

daira commented Sep 12, 2023
edited
Loading

Ideally make xcframework would be automatic. Having it be done manually by the committer is error-prone and results in PRs that can't be fully reviewed, which is a security hazard (for example if the committer's machine / build environment is compromised).

If make xcframework is deterministic (I don't know whether it is or could be made so), then perhaps a CI step could do make clean xcframework and then check that the resulting tree is clean.

Originally posted by @daira in #98 (comment)
@daira
Copy link
Contributor Author

daira commented Sep 12, 2023

@nuttycom wrote:

I think that we need to overhaul how these build artifacts are stored as well; having them committed as blobs to github is really not ideal, because the repo size is enormous. When we fix the blob storage problem, we'll probably put the FFI layer back into ZcashLightClientKit as well.

@nuttycom
Copy link
Contributor

Related to the comment of mine that @daira mentioned, this repository should no longer be maintained under zcash-hackworks in any case. I think that the best way forward here is:

  1. Move the source code into the [zcash/ZcashLightClientKit] repository (for consistency, it would also be good to rename that repository zcash-ios-wallet-sdk for consistency with the Android repository, but that's a separate niggle.)
  2. Set up automated builds that publish to an object store as a CI action.

@daira daira added the enhancement New feature or request label Sep 12, 2023
pacu added a commit to pacu/zcash-light-client-ffi that referenced this issue May 31, 2024
@pacu
Make a release workflow for the Swift FFI that:
9a71ca5 
    - builds the existing rust code
    - packages into Xcframework
    - updates the Swift package directory
    - zips and calculates SHA-256 of xcframework
    - updates the Package.swift with the artifact url and checksum
    - commits the changes, pushes them and tags the repo
    - creates a Github Release with notes that have the Diff and checksum

closes #2
closes Electric-Coin-Company#99
@pacu pacu mentioned this issue May 31, 2024
Closed
pacu added a commit to pacu/zcash-light-client-ffi that referenced this issue May 31, 2024
@pacu
Make a release workflow for the Swift FFI that:
eae274a 
    - builds the existing rust code
    - packages into Xcframework
    - updates the Swift package directory
    - zips and calculates SHA-256 of xcframework
    - updates the Package.swift with the artifact url and checksum
    - commits the changes, pushes them and tags the repo
    - creates a Github Release with notes that have the Diff and checksum

closes #2
closes Electric-Coin-Company#99
This was referenced May 30, 2024
Closed
Closed
Closed
pacu added a commit to pacu/zcash-light-client-ffi that referenced this issue May 31, 2024
@pacu
Make a release workflow for the Swift FFI that:
72dcfc1 
    - builds the existing rust code
    - packages into Xcframework
    - updates the Swift package directory
    - zips and calculates SHA-256 of xcframework
    - updates the Package.swift with the artifact url and checksum
    - commits the changes, pushes them and tags the repo
    - creates a Github Release with notes that have the Diff and checksum

closes #2
closes Electric-Coin-Company#99
@pacu pacu linked a pull request May 31, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
2 participants
@nuttycom @daira