cln-application icon indicating copy to clipboard operation
cln-application copied to clipboard
verified publisher icon ElementsProject

Add ci pipelines

Open evansmj opened this issue 10 months ago • 5 comments

Add ci pipelines

Add test workflow to Artifact, Pull Request, and Build and publish workflows. Refactor build steps into build.yml

evansmj avatar Mar 11 '25 01:03 evansmj

hey @ShahanaFarooqui I took a pass at fixing some failing tests due to the recent ConnectWallet updates in this pr, since it will need the new checks to pass.

The only change to ConnectWallet is I updated the REST case to use DEVICE_DOMAIN_NAME instead of HIDDEN_SERVICE_URL since that should be for the Tor case.

Can you double check the urls? I see http:// inside of some like ln-message://http://oqaer4kd7ufryngx6dsztovs4pnlmaouwmtkofjsd2m7pkq8wd.onion:5001?rune=mRXhnFyVWrRQChA9eJ01RQT9W502daqrP0JA4BiHHw89MCZGb3IgQXBwbGljYXRpb24j&invoiceRune=aHFhnFyVWrRQChA9eJ01RQT9W502daqrP0JA4BiHHw89MCZGb3IgQXBwbGljYXRpb2== and i'm not sure if that is supposed to be there.

I am not sure on the Client Key, Client Cert, and CA Cert field behavior, I updated the tests to match the behavior I see.

thanks

evansmj avatar Mar 11 '25 05:03 evansmj

@evansmj Thanks for bringing it to my attention. I merged your connect wallet test fixes with fixed https:// suffix in PR #88. Please rebase this PR on Release-0.0.7 again.

Client Key, Client Cert, and CA Cert field behavior was as expected.

ShahanaFarooqui avatar Mar 11 '25 05:03 ShahanaFarooqui

hi @ShahanaFarooqui, what do you think of us enabling github's dependabot? I had in mind to add dependency vulnerability scanning in the pipelines, but github can manage it easier than in a pipeline from scratch.

It can alert us to vulnerabilities in our dependencies and as a separate option it can make draft pull requests with version updates for them. It uses the OWASP db which I had in mind, plus some others.

it would mean just enabling these two settings, which I don't have access to since im not a maintainer:

Screenshot 2025-03-11 at 1 35 28 PM

evansmj avatar Mar 11 '25 17:03 evansmj

it would mean just enabling these two settings, which I don't have access to since im not a maintainer:

We already have it enabled, but it may not be functioning as expected due to potential conflicts with organisational settings (ElementsProject).

Screenshot from 2025-03-11 10-48-37

ShahanaFarooqui avatar Mar 11 '25 17:03 ShahanaFarooqui

it would mean just enabling these two settings, which I don't have access to since im not a maintainer:

We already have it enabled, but it may not be functioning as expected due to potential conflicts with organisational settings (ElementsProject).

Oh ok, ill bring it up at the next cln call. this pr is ready then if it looks fine

evansmj avatar Mar 12 '25 14:03 evansmj