ci: move CI to GitHub actions and get prebuilds working again

[mcous]

Overview

(Diff ignoring lockfile: 141 insertions(+), 203 deletions(-))

As noted in #134, #140, #151, the existing CI setup has started to have issues, resulting in prebuilds not being correctly published to GitHub Releases.

From what I can tell, the problem may be that CI setup is configured somewhat redundantly. The prebuild utility is able to generate prebuilds for all available ABI versions while running on a single version of Node. However, CI is configured to run a matrix of different Node.js versions, too many of which are configured to run prebuild --all. Prebuilds only need to be generated once per OS/arch combination, and the compilation works most smoothly on later versions of Node.

Additionally, there's a few other snags and updates since these problems started appearing:

• The travis-ci.org infrastructure the current CI pipeline is set up on has been shut down
• The oldest non-EOL'd Node.js version is now v12

Rather than try to work around Travis' .org shutdown and figure out the .com migration, I decided to see what this CI would look like on GitHub Actions. Over at Opentrons/opentrons, where we use usb-detection, we switched from a Travis/AppVeyor combo to GH Actions, and it's gone pretty well. If the switch to GH Actions isn't too presumptuous, I think this is a good change!

• IMO the config is easier to understand (caveat: GH Actions is my current default-choice for CI, so I'm used to it)
• It means AppVeyor isn't needed, because GH Actions has macOS, Windows, and Linux
  • That being said, I believe Travis also has Windows support these days
• It's a little easier for external contributors to inspect CI logs because they're in the repository
• Since all builds happen in one CI pipeline, auto-publish to npm is possible because you can halt the autopublish if any OS/arch build fails

Relevant outputs from my fork running this CI:

• Non-tag CI run
• Tagged CI run
• GitHub release with CI uploaded prebuilds

Heavy caveat: I don't write native Node.js modules. This is not my area of expertise, though I'm pretty handy with a CI config. I haven't actually tested any these prebuilds; the only thing I know about these builds right now is that they are compiling without errors.

Open questions / TODO

• Is switching to GitHub Actions a good idea for this repository?
  • Resolution: Upsides outweigh the downsides
• Should the engines.node field in package.json be bumped from 4 to 12?
  • All Node.js versions prior to 12 are EOL'd
  • At least one dependeny requires Node >= 6, so spec'ing >=4 is already inaccurate
  • This would be a breaking change, but I think it's a good idea to ease potential maintenance burden
  • Resolution: Probably, but not in this PR
• Should CI be configured to publish tags to npm?
  • I think this is a good idea given the single multi-OS build pipeline
  • I couldn't tell how usb-detection is currently published, so I'm guess the answer is "manually"
  • Resolution: Yes, secrets have been added to the repo
• Make sure older Node versions are in the build matrix to ensure regular compile from source works

Change log

• Replace TravisCI and AppVeyor with GitHub Actions
  • Bumped Node.js in CI to 12, 14, and 16
  • Bumped recommended dev version to 14
    • Note: this also bumps npm to v7, resulting in some serious lockfile churn; sorry about this diff
  • Dropped Linux x86 from CI, since Node.js stopped officially publishing Linux x86 builds after v8
• Bump various dependencies to keep things building
• Set 'MACOSX_DEPLOYMENT_TARGET': '10.9' in node-gyp config
  • Without this change, I was unable to build this project on macOS locally
  • I believe this has to do with the switch from GCC to Clang that first happened in OSX 10.9
• Update and simply development section in README, accordingly
  • Remove Python 2 requirement, because node-gyp now only supports Python 3 and Python 2 has been EOL'd
  • Remove some outdated links and instructions in favor of linking to node-gyp documentation

How does this CI pipeline work?

The CI pipeline starts by kicking off several jobs in parallel:

• A job to run linting
  • Only run on Ubuntu, because there's no need for a matrix build for linting
• A matrix of jobs to run npm ci --build-from-source on all the OS's and architectures we want
  • macOS x64, Linux x64, Windows x64, Windows x86
  • Node 12, 14, and 16
  • Within this matrix, one job per OS/arch combo will run prebuild --all and upload prebuilds to GH Actions artifact storage

If all those jobs complete and the CI run was triggered by a tag, then a publish job will run, which will:

1. Download all prebuilt artifacts
2. Upload those artifacts to the GH release for the built version
3. (TODO) Publish the release to npm

[mcous]

@MadLittleMods this is ready for your review. I'm going to keep it listed as a draft while there are still TODO items to address:

• Is switching to GitHub Actions actually a path you would like to take with this repository?
• Should this PR bump minimum required Node version to 12?
• Should this PR enable auto-publishing to npm?

[mcous]

By uncommenting this and adding an NPM_TOKEN secret to the repository, the CI would automatically publish tagged builds to npm if and only if all builds and prebuilds succeed

Suggested change

	# - name: 'Publish to npm'
	# run: npm publish
	# env:
	# NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
	- name: 'Publish to npm'
	run: npm publish
	env:
	NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

[MadLittleMods]

Should CI be configured to publish tags to npm?

• I think this is a good idea given the single multi-OS build pipeline
• I couldn't tell how usb-detection is currently published, so I'm guess the answer is "manually"

Added secret to the repo ✅ Seems good to me 👍

[mcous]

@MadLittleMods gentle ping on this one again. Is GitHub Actions a path you'd be willing to take on this repository?

[MadLittleMods]

Should the engines.node field in package.json be bumped from 4 to 12?

• All Node.js versions prior to 12 are EOL'd
• At least one dependeny requires Node >= 6, so spec'ing >=4 is already inaccurate
• This would be a breaking change, but I think it's a good idea to ease potential maintenance burden

Sounds good to update this but we can do this in another PR 👍

[MadLittleMods]

Is switching to GitHub Actions a good idea for this repository?

@mcous and I discussed this a bit at https://gitter.im/MadLittleMods/node-usb-detection?at=6165a80e29ddcd02931b22cc

Some pain points with GitHub actions but probably a good way forward for this project ⏩

[MadLittleMods]

@mcous Thanks for this great migration and moving this project in the new up-to-date and more sane direction instead of fiddling with the old stuff! ♥

Sorry for the delay to get some eyes on this 🙇

[MadLittleMods]

Also to note the sanity check, I see it running on your fork ✅

• https://github.com/mcous/node-usb-detection/actions/runs/1338151169
• https://github.com/mcous/node-usb-detection/actions/runs/1275586665

(also linked in issue description)

[MadLittleMods]

Woot woot! https://github.com/MadLittleMods/node-usb-detection/releases/tag/v4.13.0 with a multitude of prebuilds and available on npm https://www.npmjs.com/package/usb-detection/v/4.13.0 🚀

Thanks again @mcous 🥰