Skip to content
💡🏠

[Snyk] Fix for 12 vulnerabilities #84

Sign in to view logs

[Snyk] Fix for 12 vulnerabilities

[Snyk] Fix for 12 vulnerabilities #84

Workflow file for this run

.github/workflows/ci.yml at 48f59f0
name: 💡🏠
on:
push:
branches: [master]
pull_request: # run on all PRs, not just PRs to a particular branch
jobs:
# `basics` includes all non-smoke CI, except for unit and proto
basics:
runs-on: ubuntu-latest
# A few steps are duplicated across all jobs. Can be done better when this feature lands:
# https://github.community/t/reusing-sharing-inheriting-steps-between-jobs-declarations/16851
# https://github.com/actions/runner/issues/438
steps:
- name: git clone
uses: actions/checkout@v2
- name: Use Node.js 10.x
uses: actions/setup-node@v1
with:
node-version: 10.x
- run: yarn --frozen-lockfile
- run: yarn build-all
# Run tests that require headfull Chrome.
- run: sudo apt-get install xvfb
- name: yarn test-clients
run: xvfb-run --auto-servernum yarn test-clients
- name: yarn test-docs
run: xvfb-run --auto-servernum yarn test-docs
- name: yarn test-viewer
run: xvfb-run --auto-servernum yarn test-viewer
- run: yarn diff:sample-json
- run: yarn type-check
- run: yarn lint
- run: yarn test-lantern
- run: yarn test-legacy-javascript
- run: yarn i18n:checks
- run: yarn dogfood-lhci
# Fail if any changes were written to any source files or generated untracked files (ex, from: build/build-cdt-lib.js).
- run: git add -A && git diff --cached --exit-code
# buildtracker runs `git merge-base HEAD origin/master` which needs more history than depth=1. https://github.com/paularmstrong/build-tracker/issues/106
- name: Deepen git fetch (for buildtracker)
run: git fetch --deepen=100
- name: Store in buildtracker
# TODO(paulirish): Don't allow this to fail the build. https://github.com/paularmstrong/build-tracker/issues/200
run: yarn bt-cli upload-build || true
env:
# https://buildtracker.dev/docs/guides/github-actions#configuration
BT_API_AUTH_TOKEN: ${{ secrets.BT_API_AUTH_TOKEN }}
- name: Upload dist
uses: actions/upload-artifact@v1
with:
name: dist
path: dist/
# `unit` includes just unit and proto tests.
unit:
strategy:
matrix:
os: [ubuntu-latest, windows-latest]
runs-on: ${{ matrix.os }}
name: unit_${{ matrix.os }}
steps:
- name: git clone
uses: actions/checkout@v2
- name: Use Node.js 10.x
uses: actions/setup-node@v1
with:
node-version: 10.x
- name: Set up protoc
uses: arduino/setup-protoc@7ad700d
with:
version: '3.7.1'
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Python
uses: actions/setup-python@v1
with:
python-version: 2.7
- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
pip install protobuf==3.7.1
- run: yarn --frozen-lockfile
- run: yarn test-proto # Run before unit-core because the roundtrip json is needed for proto tests.
- run: sudo apt-get install xvfb
if: matrix.os == 'ubuntu-latest'
- name: yarn unit
run: xvfb-run --auto-servernum yarn unit
if: matrix.os == 'ubuntu-latest'
# For windows, just test the potentially platform-specific code.
- name: yarn unit-cli
run: yarn unit-cli
if: matrix.os == 'windows-latest'
- run: yarn diff:sample-json
if: matrix.os == 'windows-latest'
# Fail if any changes were written to any source files or generated untracked files (ex, from -GA).
- run: git add -A && git diff --cached --exit-code
# `smoke` runs as a matrix across 4 jobs:
# * The smoketest groups are split across two runners, to parallelize.
# * Then, those are run with both Chrome stable and ToT Chromium, in parallel
smoke:
strategy:
matrix:
chrome-channel: ['stable', 'ToT']
smoke-test-invert: [false, true]
# e.g. if smoke 0 fails, continue with smoke 1 anyway
fail-fast: false
runs-on: ubuntu-latest
env:
# The smokehouse tests run by job `smoke_0`. `smoke_1` will run the rest.
SMOKE_GROUP_1: a11y oopif pwa pwa2 pwa3 dbw redirects errors offline
name: smoke_${{ strategy.job-index }}_${{ matrix.chrome-channel }}
steps:
- name: git clone
uses: actions/checkout@v2
- name: Use Node.js 10.x
uses: actions/setup-node@v1
with:
node-version: 10.x
- name: Define ToT chrome path
if: matrix.chrome-channel == 'ToT'
run: echo "::set-env name=CHROME_PATH::/home/runner/chrome-linux-tot/chrome"
# Chrome Stable is already installed by default.
- name: Install Chrome ToT
if: matrix.chrome-channel == 'ToT'
working-directory: /home/runner
run: bash $GITHUB_WORKSPACE/lighthouse-core/scripts/download-chrome.sh && mv chrome-linux chrome-linux-tot
- run: yarn --frozen-lockfile
- run: sudo apt-get install xvfb
- name: Run smoke tests
run: xvfb-run --auto-servernum yarn smoke --debug -j=1 --retries=2 --invert-match ${{ matrix.smoke-test-invert }} $SMOKE_GROUP_1
# Fail if any changes were written to source files.
- run: git diff --exit-code
# Only run smoke tests for windows against stable chrome.
smoke-windows:
runs-on: windows-latest
name: smoke_stable_windows
steps:
- name: git clone
uses: actions/checkout@v2
- name: Use Node.js 10.x
uses: actions/setup-node@v1
with:
node-version: 10.x
- run: yarn --frozen-lockfile
- name: Run smoke tests
run: yarn smoke --debug -j=1 --retries=2 dbw oopif offline lantern metrics
smoke-bundle:
runs-on: ubuntu-latest
name: smoke_bundle
steps:
- name: git clone
uses: actions/checkout@v2
- name: Use Node.js 10.x
uses: actions/setup-node@v1
with:
node-version: 10.x
- run: yarn --frozen-lockfile
- run: yarn build-devtools
- run: sudo apt-get install xvfb
- name: yarn test-bundle
run: xvfb-run --auto-servernum yarn test-bundle
# Fail if any changes were written to source files.
- run: git diff --exit-code