From 1329c753fec05e204075bc649872091fb6044bb1 Mon Sep 17 00:00:00 2001 From: Aditi Khare Date: Wed, 22 May 2024 15:16:55 -0400 Subject: [PATCH] temp for testing --- .github/workflows/release-4.x.yml | 33 +++++++++++++++++++++++++--- .github/workflows/release-5.x.yml | 33 +++++++++++++++++++++++++--- .github/workflows/release.yml | 36 ++++++++++++++++++++++++++++--- README.md | 13 +++++++++++ 4 files changed, 106 insertions(+), 9 deletions(-) diff --git a/.github/workflows/release-4.x.yml b/.github/workflows/release-4.x.yml index dcda4e2d82..81f3d4bbd6 100644 --- a/.github/workflows/release-4.x.yml +++ b/.github/workflows/release-4.x.yml @@ -27,12 +27,39 @@ jobs: default-branch: 4.x # If release-please created a release, publish to npm - - if: ${{ steps.release.outputs.release_created }} + - if: ${{ true }} uses: actions/checkout@v3 - - if: ${{ steps.release.outputs.release_created }} + - if: ${{ true }} name: actions/setup uses: ./.github/actions/setup - - if: ${{ steps.release.outputs.release_created }} + - if: true + run: npm pack + shell: bash + - if: true + name: Get release version and release package file name + run: | + PACKAGE_VERSION=$(jq '.version' package.json | tr -d '"') + echo "PACKAGE_VERSION=${PACKAGE_VERSION}" >> "$GITHUB_ENV" + echo "PACKAGE_FILE=mongodb-${PACKAGE_VERSION}.tgz" >> "$GITHUB_ENV" + - if: true + name: Create detached signature + uses: mongodb-labs/drivers-github-tools/garasign/gpg-sign@main + with: + filenames: ${{ env.PACKAGE_FILE }} + garasign_username: ${{ secrets.GRS_CONFIG_USER1_USERNAME }} + garasign_password: ${{ secrets.GRS_CONFIG_USER1_PASSWORD }} + artifactory_username: ${{ secrets.ARTIFACTORY_USER }} + artifactory_password: ${{ secrets.ARTIFACTORY_PASSWORD }} + - if: true + name: "Upload artifacts" + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PACKAGE_FILE }} + path: | + ${{ env.PACKAGE_FILE }} + ${{ env.PACKAGE_FILE }}.sig + retention-days: 3 + - if: false run: npm publish --provenance --tag=4x env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/release-5.x.yml b/.github/workflows/release-5.x.yml index f909eefc7d..c4e5bdf58a 100644 --- a/.github/workflows/release-5.x.yml +++ b/.github/workflows/release-5.x.yml @@ -27,12 +27,39 @@ jobs: default-branch: 5.x # If release-please created a release, publish to npm - - if: ${{ steps.release.outputs.release_created }} + - if: ${{ true }} uses: actions/checkout@v3 - - if: ${{ steps.release.outputs.release_created }} + - if: ${{ true }} name: actions/setup uses: ./.github/actions/setup - - if: ${{ steps.release.outputs.release_created }} + - if: true + run: npm pack + shell: bash + - if: true + name: Get release version and release package file name + run: | + PACKAGE_VERSION=$(jq '.version' package.json | tr -d '"') + echo "PACKAGE_VERSION=${PACKAGE_VERSION}" >> "$GITHUB_ENV" + echo "PACKAGE_FILE=mongodb-${PACKAGE_VERSION}.tgz" >> "$GITHUB_ENV" + - if: true + name: Create detached signature + uses: mongodb-labs/drivers-github-tools/garasign/gpg-sign@main + with: + filenames: ${{ env.PACKAGE_FILE }} + garasign_username: ${{ secrets.GRS_CONFIG_USER1_USERNAME }} + garasign_password: ${{ secrets.GRS_CONFIG_USER1_PASSWORD }} + artifactory_username: ${{ secrets.ARTIFACTORY_USER }} + artifactory_password: ${{ secrets.ARTIFACTORY_PASSWORD }} + - if: true + name: "Upload artifacts" + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PACKAGE_FILE }} + path: | + ${{ env.PACKAGE_FILE }} + ${{ env.PACKAGE_FILE }}.sig + retention-days: 3 + - if: false run: npm publish --provenance --tag=5x env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7cc1ca92af..96d0017a90 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,12 +27,42 @@ jobs: default-branch: main # If release-please created a release, publish to npm - - if: ${{ steps.release.outputs.release_created }} + - if: ${{ true }} uses: actions/checkout@v3 - - if: ${{ steps.release.outputs.release_created }} + - if: ${{ true }} name: actions/setup uses: ./.github/actions/setup - - if: ${{ steps.release.outputs.release_created }} + - if: true + run: npm pack + shell: bash + - if: true + name: Get release version and release package file name + run: | + PACKAGE_VERSION=$(jq '.version' package.json | tr -d '"') + echo "PACKAGE_VERSION=${PACKAGE_VERSION}" >> "$GITHUB_ENV" + echo "PACKAGE_FILE=mongodb-${PACKAGE_VERSION}.tgz" >> "$GITHUB_ENV" + - if: true + name: Create detached signature + uses: mongodb-labs/drivers-github-tools/garasign/gpg-sign@main + with: + filenames: ${{ env.PACKAGE_FILE }} + garasign_username: ${{ secrets.GRS_CONFIG_USER1_USERNAME }} + garasign_password: ${{ secrets.GRS_CONFIG_USER1_PASSWORD }} + artifactory_username: ${{ secrets.ARTIFACTORY_USER }} + artifactory_password: ${{ secrets.ARTIFACTORY_PASSWORD }} + - if: true + name: "Upload artifacts" + uses: actions/upload-artifact@v4 + with: + name: ${{ env.PACKAGE_FILE }} + path: | + ${{ env.PACKAGE_FILE }} + ${{ env.PACKAGE_FILE }}.sig + retention-days: 3 + - if: false run: npm publish --provenance env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + + diff --git a/README.md b/README.md index 1a62b08d99..5caf8a7b20 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,19 @@ The official [MongoDB](https://www.mongodb.com/) driver for Node.js. | Contributing | [CONTRIBUTING.md](https://github.com/mongodb/node-mongodb-native/blob/HEAD/CONTRIBUTING.md) | | Changelog | [HISTORY.md](https://github.com/mongodb/node-mongodb-native/blob/HEAD/HISTORY.md) | + +### Release Integrity + +The GitHub release contains a detached signature file for the NPM package (named +`mongodb-X.Y.Z.tgz.sig`). + +To verify the integrity of the downloaded package, run the following command: + +```shell +gpg --verify mongodb-X.Y.Z.tgz.sig mongodb-X.Y.Z.tgz +``` + + ### Bugs / Feature Requests Think you’ve found a bug? Want to see a new feature in `node-mongodb-native`? Please open a