-
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ci(workflows): [
ci
] split ci
job into multiple jobs
Signed-off-by: Lexus Drumgold <[email protected]>
- Loading branch information
1 parent
3c86791
commit 704144b
Showing
2 changed files
with
245 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -9,6 +9,7 @@ dessant | |
docast | ||
dohm | ||
fbca | ||
ggshield | ||
gpgsign | ||
hmarr | ||
iife | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,10 +2,21 @@ | |
# | ||
# References: | ||
# | ||
# - https://docs.github.com/actions/automating-builds-and-tests/building-and-testing-nodejs | ||
# - https://docs.github.com/actions/learn-github-actions/contexts | ||
# - https://docs.github.com/actions/learn-github-actions/expressions | ||
# - https://docs.github.com/actions/using-jobs/using-a-matrix-for-your-jobs | ||
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#pull_request | ||
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#push | ||
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch | ||
# - https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions | ||
# - https://github.com/GitGuardian/ggshield-action | ||
# - https://github.com/actions/cache | ||
# - https://github.com/actions/cache/discussions/650 | ||
# - https://github.com/actions/checkout | ||
# - https://github.com/actions/setup-node | ||
# - https://github.com/actions/setup-node/blob/main/docs/advanced-usage.md#yarn2-configuration | ||
# - https://github.com/actions/upload-artifact | ||
# - https://github.com/hmarr/debug-action | ||
|
||
--- | ||
|
@@ -17,23 +28,29 @@ on: | |
- feat/** | ||
- hotfix/** | ||
- main | ||
- release/** | ||
workflow_dispatch: | ||
permissions: | ||
packages: read | ||
env: | ||
CACHE_PATH: node_modules | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
HUSKY: 0 | ||
REF: ${{ github.head_ref || github.ref_name }} | ||
SHA: ${{ github.event.pull_request.head.sha || github.sha }} | ||
concurrency: | ||
group: ${{ github.workflow }}-${{ github.ref }} | ||
cancel-in-progress: true | ||
jobs: | ||
ci: | ||
metadata: | ||
if: | | ||
github.event_name == 'pull_request' || | ||
github.event_name == 'workflow_dispatch' || | ||
!startsWith(github.event.head_commit.message, 'release:') | ||
github.event.head_commit.author.name != 'dependabot[bot]' | ||
&& github.event.head_commit.author.username != 'flexdevelopment' | ||
&& !startsWith(github.event.head_commit.message, 'release:') | ||
runs-on: ubuntu-latest | ||
outputs: | ||
version: ${{ steps.version.outputs.result }} | ||
version-typescript: ${{ steps.version-typescript.outputs.result }} | ||
steps: | ||
- id: debug | ||
name: Print environment variables and event payload | ||
|
@@ -43,31 +60,242 @@ jobs: | |
uses: actions/[email protected] | ||
with: | ||
ref: ${{ env.REF }} | ||
- id: node | ||
name: Setup Node.js | ||
uses: actions/[email protected] | ||
with: | ||
cache: yarn | ||
cache-dependency-path: yarn.lock | ||
node-version-file: .nvmrc | ||
- id: yarn | ||
name: Install dependencies | ||
if: github.actor != 'dependabot[bot]' | ||
run: yarn | ||
- id: yarn-dependabot | ||
name: Install dependencies for dependabot | ||
if: github.actor == 'dependabot[bot]' | ||
run: yarn --no-immutable | ||
run: yarn ${{ github.actor == 'dependabot[bot]' && '--no-immutable' || '--immutable' }} | ||
- id: cache | ||
name: Cache dependencies | ||
uses: actions/[email protected] | ||
with: | ||
key: ${{ runner.os }}-${{ github.run_id }} | ||
path: ${{ env.CACHE_PATH }} | ||
- id: version | ||
name: Get package version | ||
run: echo "result=$(jq .version package.json -r)" >> $GITHUB_OUTPUT | ||
- id: version-typescript | ||
name: Get TypeScript version | ||
run: echo "result=$(jq .devDependencies.typescript package.json -r)" >> $GITHUB_OUTPUT | ||
commitlint: | ||
needs: metadata | ||
runs-on: ubuntu-latest | ||
steps: | ||
- id: checkout | ||
name: Checkout ${{ env.REF }} | ||
uses: actions/[email protected] | ||
with: | ||
fetch-depth: 0 | ||
ref: ${{ env.REF }} | ||
- id: node | ||
name: Setup Node.js | ||
uses: actions/[email protected] | ||
with: | ||
cache: yarn | ||
cache-dependency-path: yarn.lock | ||
node-version-file: .nvmrc | ||
- id: cache | ||
name: Restore dependencies cache | ||
uses: actions/[email protected] | ||
with: | ||
key: ${{ runner.os }}-${{ github.run_id }} | ||
path: ${{ env.CACHE_PATH }} | ||
- id: lint | ||
name: Check commitlint status | ||
run: yarn commitlint --from $SHA~${{ github.event.pull_request.commits || 1 }} --to $SHA | ||
gitguardian: | ||
needs: commitlint | ||
runs-on: ubuntu-latest | ||
steps: | ||
- id: checkout | ||
name: Checkout ${{ env.REF }} | ||
uses: actions/[email protected] | ||
with: | ||
fetch-depth: 0 | ||
ref: ${{ env.REF }} | ||
- id: scan | ||
name: Scan commits for secrets and policy breaches | ||
uses: GitGuardian/ggshield-action@master | ||
with: | ||
args: --all-policies --show-secrets --verbose | ||
env: | ||
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }} | ||
GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} | ||
GITHUB_PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }} | ||
GITHUB_PUSH_BASE_SHA: ${{ github.event.base }} | ||
GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }} | ||
format: | ||
needs: | ||
- commitlint | ||
- gitguardian | ||
runs-on: ubuntu-latest | ||
steps: | ||
- id: checkout | ||
name: Checkout ${{ env.REF }} | ||
uses: actions/[email protected] | ||
with: | ||
ref: ${{ env.REF }} | ||
- id: node | ||
name: Setup Node.js | ||
uses: actions/[email protected] | ||
with: | ||
cache: yarn | ||
cache-dependency-path: yarn.lock | ||
node-version-file: .nvmrc | ||
- id: cache | ||
name: Restore dependencies cache | ||
uses: actions/[email protected] | ||
with: | ||
key: ${{ runner.os }}-${{ github.run_id }} | ||
path: ${{ env.CACHE_PATH }} | ||
- id: format | ||
name: Check code formatting | ||
run: yarn check:format | ||
lint: | ||
needs: | ||
- commitlint | ||
- gitguardian | ||
runs-on: ubuntu-latest | ||
steps: | ||
- id: checkout | ||
name: Checkout ${{ env.REF }} | ||
uses: actions/[email protected] | ||
with: | ||
ref: ${{ env.REF }} | ||
- id: node | ||
name: Setup Node.js | ||
uses: actions/[email protected] | ||
with: | ||
cache: yarn | ||
cache-dependency-path: yarn.lock | ||
node-version-file: .nvmrc | ||
- id: cache | ||
name: Restore dependencies cache | ||
uses: actions/[email protected] | ||
with: | ||
key: ${{ runner.os }}-${{ github.run_id }} | ||
path: ${{ env.CACHE_PATH }} | ||
- id: build | ||
name: Build project | ||
run: yarn build | ||
- id: lint | ||
name: Check lint status | ||
run: yarn check:lint | ||
spelling: | ||
needs: | ||
- commitlint | ||
- gitguardian | ||
runs-on: ubuntu-latest | ||
steps: | ||
- id: checkout | ||
name: Checkout ${{ env.REF }} | ||
uses: actions/[email protected] | ||
with: | ||
ref: ${{ env.REF }} | ||
- id: node | ||
name: Setup Node.js | ||
uses: actions/[email protected] | ||
with: | ||
cache: yarn | ||
cache-dependency-path: yarn.lock | ||
node-version-file: .nvmrc | ||
- id: cache | ||
name: Restore dependencies cache | ||
uses: actions/[email protected] | ||
with: | ||
key: ${{ runner.os }}-${{ github.run_id }} | ||
path: ${{ env.CACHE_PATH }} | ||
- id: spelling | ||
name: Check spelling | ||
run: yarn check:spelling | ||
- id: types | ||
name: Check types | ||
run: yarn check:types | ||
- id: types-build | ||
name: Check types build | ||
run: yarn check:types:build | ||
typescript: | ||
needs: | ||
- commitlint | ||
- gitguardian | ||
- metadata | ||
runs-on: ubuntu-latest | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
typescript-version: | ||
- ${{ needs.metadata.outputs.version-typescript }} | ||
- latest | ||
- ~4.9.0 | ||
- ~4.8.0 | ||
steps: | ||
- id: checkout | ||
name: Checkout ${{ env.REF }} | ||
uses: actions/[email protected] | ||
with: | ||
ref: ${{ env.REF }} | ||
- id: node | ||
name: Setup Node.js | ||
uses: actions/[email protected] | ||
with: | ||
cache: yarn | ||
cache-dependency-path: yarn.lock | ||
node-version-file: .nvmrc | ||
- id: cache | ||
name: Restore dependencies cache | ||
uses: actions/[email protected] | ||
with: | ||
key: ${{ runner.os }}-${{ github.run_id }} | ||
path: ${{ env.CACHE_PATH }} | ||
- id: typescript | ||
name: Install typescript@${{ matrix.typescript-version }} | ||
run: yarn add -D typescript@${{ matrix.typescript-version }} | ||
- id: set-typescript-version | ||
name: Set env.TYPESCRIPT_VERSION | ||
run: | | ||
echo "TYPESCRIPT_VERSION=$(jq .devDependencies.typescript package.json -r)" >> $GITHUB_ENV | ||
- id: print-typescript-version | ||
name: Print TypeScript version | ||
run: echo $TYPESCRIPT_VERSION | ||
- id: typecheck | ||
name: Run typecheck | ||
run: yarn typecheck | ||
build: | ||
needs: | ||
- commitlint | ||
- gitguardian | ||
- metadata | ||
runs-on: ubuntu-latest | ||
steps: | ||
- id: checkout | ||
name: Checkout ${{ env.REF }} | ||
uses: actions/[email protected] | ||
with: | ||
ref: ${{ env.REF }} | ||
- id: node | ||
name: Setup Node.js | ||
uses: actions/[email protected] | ||
with: | ||
cache: yarn | ||
cache-dependency-path: yarn.lock | ||
node-version-file: .nvmrc | ||
- id: cache | ||
name: Restore dependencies cache | ||
uses: actions/[email protected] | ||
with: | ||
key: ${{ runner.os }}-${{ github.run_id }} | ||
path: ${{ env.CACHE_PATH }} | ||
- id: pack | ||
name: Pack project | ||
run: yarn pack -o %s-%v.tgz | ||
env: | ||
NODE_ENV: production | ||
- id: typecheck | ||
name: Run typecheck | ||
run: yarn check:types:build | ||
- id: archive | ||
name: Archive production artifacts | ||
uses: actions/[email protected] | ||
with: | ||
name: | | ||
${{ format('@{0}-{1}-{2}', github.repository_owner, github.event.repository.name, needs.metadata.outputs.version) }} | ||
path: '*.tgz' |