iExecBlockchainComputing · PierreJeanjacquot · Jul 3, 2025 · Mar 25, 2025 · Apr 21, 2025 · Apr 21, 2025
diff --git a/.drone.yml b/.drone.yml
diff --git a/...workflows/conventional-commits-check.yaml → ...ows/conventional-commit-check-commits.yml b/...workflows/conventional-commits-check.yaml → ...ows/conventional-commit-check-commits.yml
@@ -1,13 +1,12 @@
-name: Conventional Commits Check
+name: Conventional Commit Check Commits
+description: checks every commit in the PR respects the conventional commit
 
 on: [pull_request]
 
 jobs:
   check-conventional-commits:
-    name: Conventional Commits
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-
       - name: Check Commit Conventions
         uses: webiny/action-conventional-commits@v1.3.0
diff --git a/.github/workflows/conventional-commit-check-pr-title.yml b/.github/workflows/conventional-commit-check-pr-title.yml
@@ -0,0 +1,15 @@
+name: Conventional Commit Check PR Title
+description: checks the PR title respects the conventional commit
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - edited
+      - reopened
+
+jobs:
+  lint-pr-title:
+    permissions:
+      pull-requests: read
+    uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/conventional-commits.yml@conventional-commits-v1.1.0
diff --git a/.github/workflows/docker-staging.yml b/.github/workflows/docker-staging.yml
@@ -0,0 +1,19 @@
+name: docker publish staging
+description: Publish a staging version on docker registry
+
+on:
+  workflow_dispatch:
+
+jobs:
+  compute-staging-version:
+    uses: ./.github/workflows/reusable-compute-staging-version.yml
+
+  docker-publish:
+    uses: ./.github/workflows/reusable-docker.yml
+    needs: compute-staging-version
+    with:
+      dry-run: true # TODO set to false
+      tag: ${{ needs.compute-staging-version.outputs.version }}
+    secrets:
+      docker-username: ${{ secrets.DOCKERHUB_USERNAME }} # TODO ensure secret is set
+      docker-password: ${{ secrets.DOCKERHUB_TOKEN }} # TODO ensure secret is set
diff --git a/.github/workflows/npm-staging.yml b/.github/workflows/npm-staging.yml
@@ -0,0 +1,19 @@
+name: npm publish staging
+description: Publish a staging version on npm
+
+on:
+  workflow_dispatch:
+
+jobs:
+  compute-staging-version:
+    uses: ./.github/workflows/reusable-compute-staging-version.yml
+
+  npm-publish:
+    uses: ./.github/workflows/reusable-npm.yml
+    needs: compute-staging-version
+    with:
+      dry-run: true # TODO set to false
+      version: ${{ needs.compute-staging-version.outputs.version }}
+      tag: ${{ needs.compute-staging-version.outputs.dist-tag }}
+    secrets:
+      npm-token: ${{ secrets.NPM_TOKEN }}
diff --git a/.github/workflows/pr-test.yml b/.github/workflows/pr-test.yml
@@ -0,0 +1,88 @@
+name: PR test
+description: tests the PR
+
+on: [pull_request]
+
+concurrency:
+  group: ${{ github.ref }}-pr-test
+  cancel-in-progress: true
+
+jobs:
+  check-code:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci && npm run codegen
+
+      - name: Check format
+        run: npm run check-format
+
+      - name: Lint
+        run: npm run lint
+
+  test:
+    uses: ./.github/workflows/reusable-test.yml
+    with:
+      node-version: '18'
+      upload-coverage: true
+    secrets:
+      infura-project-id: ${{ secrets.INFURA_PROJECT_ID }}
+      etherscan-api-key: ${{ secrets.ETHERSCAN_API_KEY }}
+      alchemy-api-key: ${{ secrets.ALCHEMY_API_KEY }}
+
+  test-node-versions:
+    uses: ./.github/workflows/reusable-test.yml
+    # for release PR run tests on all supported node versions
+    if: ${{ contains('release-please--',  github.ref_name ) }}
+    strategy:
+      matrix:
+        node-version: ['20', '22', '24']
+    with:
+      node-version:
+    secrets:
+      infura-project-id: ${{ secrets.INFURA_PROJECT_ID }}
+      etherscan-api-key: ${{ secrets.ETHERSCAN_API_KEY }}
+      alchemy-api-key: ${{ secrets.ALCHEMY_API_KEY }}
+
+  sonar:
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci && npm run codegen
+
+      - uses: actions/download-artifact@v4
+        with:
+          artifact-ids: ${{ needs.test.outputs.coverage-artifact-id }}
+
+      - name: SonarScanner
+        uses: SonarSource/sonarqube-scan-action@v5.1.0
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
+  npm-dry-run:
+    uses: ./.github/workflows/reusable-npm.yml
+    with:
+      dry-run: true
+
+  docker-dry-run:
+    uses: ./.github/workflows/reusable-docker.yml
+    with:
+      dry-run: true
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
@@ -1,3 +1,6 @@
+name: release-please
+description: triggers release-please to open the next release PR
+
 on:
   push:
     branches:
@@ -8,8 +11,6 @@ permissions:
   issues: write
   pull-requests: write
 
-name: release-please
-
 jobs:
   release-please:
     uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/release-please.yml@release-please-v2.1.0

diff --git a/.github/workflows/reusable-compute-staging-version.yml b/.github/workflows/reusable-compute-staging-version.yml
@@ -0,0 +1,33 @@
+name: Compute staging version
+description: compute a staging version from the current version, branch name and commit
+
+on:
+  workflow_call:
+    outputs:
+      version:
+        value: ${{ jobs.compute-staging-version.outputs.version }}
+      dist-tag:
+        value: ${{ jobs.compute-staging-version.outputs.dist-tag }}
+
+jobs:
+  compute-staging-version:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - name: Set publish version
+        id: set-publish-version
+        run: |
+          BRANCH=$(echo "${{ github.ref_name }}" | sed 's|/|-|g')
+          COMMIT_SHA="${{ github.sha }}"
+          CURRENT_VERSION=$(npm pkg get version | tr -d '"')
+          STAGING_VERSION="${CURRENT_VERSION}-${BRANCH}-${COMMIT_SHA::7}"
+          echo "VERSION=${STAGING_VERSION}" | tee -a $GITHUB_OUTPUT
+          echo "DIST_TAG=${BRANCH}" | tee -a $GITHUB_OUTPUT
+    outputs:
+      version: ${{ steps.set-publish-version.outputs.VERSION }}
+      dist-tag: ${{ steps.set-publish-version.outputs.DIST_TAG }}
diff --git a/.github/workflows/reusable-docker.yml b/.github/workflows/reusable-docker.yml
@@ -0,0 +1,38 @@
+name: docker publish
+description: reusable docker workflow for this project
+
+on:
+  workflow_call:
+    inputs:
+      dry-run:
+        description: 'Run in dry-run mode (the docker image will not be published)'
+        default: false
+        type: boolean
+      tag:
+        description: 'Tag of Docker Image'
+        default: 'latest'
+        type: string
+    secrets:
+      docker-username:
+        description: 'Docker registry username (required unless `dry-run: true`)'
+        required: false
+      docker-password:
+        description: 'Docker registry password or PAT (required unless `dry-run: true`)'
+        required: false
+
+jobs:
+  docker-publish:
+    uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/docker-build.yml@docker-build-v2.3.0
+    with:
+      image-name: 'iexechub/iexec-sdk'
+      registry: 'docker.io'
+      dockerfile: 'Dockerfile'
+      context: '.'
+      security-scan: true
+      security-report: 'sarif'
+      hadolint: true
+      push: ${{ !inputs.dry-run }}
+      image-tag: ${{ inputs.tag }}
+    secrets:
+      username: ${{ secrets.docker-username }}
+      password: ${{ secrets.docker-password }}
diff --git a/.github/workflows/reusable-npm.yml b/.github/workflows/reusable-npm.yml
@@ -0,0 +1,36 @@
+name: npm publish
+description: reusable npm workflow for this project
+
+on:
+  workflow_call:
+    inputs:
+      dry-run:
+        description: 'Run in dry-run mode (the package will not be published)'
+        default: false
+        type: boolean
+      version:
+        description: 'Version to publish (leave empty to use package.json version)'
+        default: ''
+        type: string
+      tag:
+        description: 'npm publish tag (e.g., latest, nightly)'
+        default: ''
+        type: string
+    secrets:
+      npm-token:
+        description: 'NPM auth token (required unless `dry-run: true`)'
+        required: false
+
+jobs:
+  npm-publish:
+    uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/publish-npm.yml@publish-npm-v1.5.0
+    with:
+      install-command: npm ci
+      build-command: npm run build
+      dry-run: ${{ inputs.dry-run }}
+      tag: ${{ inputs.tag }}
+      version: ${{ inputs.version }}
+      environment: ${{ (inputs.dry-run && '') || inputs.tag }}
+      provenance: ${{ !inputs.dry-run }}
+    secrets:
+      npm-token: ${{ secrets.npm-token }}
diff --git a/.github/workflows/reusable-test.yml b/.github/workflows/reusable-test.yml
@@ -0,0 +1,71 @@
+name: test SDK
+description: reusable test workflow for this project
+
+on:
+  workflow_call:
+    inputs:
+      node-version:
+        description: 'Node version to use as specified in actions/setup-node@v4'
+        default: '20'
+        type: string
+      upload-coverage:
+        description: 'Upload coverage data for later reuse'
+        type: boolean
+        default: false
+    secrets:
+      infura-project-id:
+        required: true
+      etherscan-api-key:
+        required: true
+      alchemy-api-key:
+        required: true
+    outputs:
+      coverage-artifact-id:
+        description: 'Coverage artifact id (if `upload-coverage: true`)'
+        value: ${{ jobs.test.outputs.coverage-artifact-id }}
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    outputs:
+      coverage-artifact-id: ${{ steps.upload-coverage.outputs.artifact-id }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ inputs.node-version }}
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci && npm run
+
+      - name: Build
+        run: npm run build
+
+      - name: Install global
+        run: npm install -g .
+
+      - name: Start e2e test stack
+        run: npm run start-test-stack
+
+      - name: Test
+        run: npm test
+        env:
+          INFURA_PROJECT_ID: ${{ secrets.infura-project-id }}
+          ETHERSCAN_API_KEY: ${{ secrets.etherscan-api-key }}
+          ALCHEMY_API_KEY: ${{ secrets.alchemy-api-key }}
+
+      - name: Stop e2e test stack
+        if: always()
+        run: npm run stop-test-stack
+
+      - name: Upload coverage
+        id: upload-coverage
+        if: ${{ inputs.upload-coverage }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: coverage
+          path: coverage
+          overwrite: true
diff --git a/.gitignore b/.gitignore
@@ -29,6 +29,9 @@ test/tests-working-dir
 # sonar output
 .scannerwork
 
+# codegen output
+src/common/generated
+
 # build output
 dist/**
 IExec*/**

diff --git a/README.md b/README.md
@@ -45,6 +45,7 @@ Check the [documentation](./CLI.md)
 
 ```sh
 npm ci
+npm run codegen
 ```
 
 ### Build
-Original file line number
+Diff line change
@@ @@ -45,6 +45,7 @@ Check the [documentation](./CLI.md) @@
     ```sh
     npm ci
+    npm run codegen
     ```
     ### Build