Skip to content

Update all dependencies #291

Update all dependencies

Update all dependencies #291

Workflow file for this run

name: ci
on:
pull_request:
branches:
- main
- stage
- prod
jobs:
ci:
if: always()
needs:
[
app-code-linting,
app-tests-unit-node,
app-tests-unit-dom,
app-tests-playwright-e2e,
app-tests-playwright-api,
commits-linting,
forbidden-comments-linting,
]
runs-on: ubuntu-24.04
steps:
- name: Check jobs status
run: if ${{ contains(needs.*.result, 'failure') }}; then exit 1; fi
- name: Dependencies completed
run: echo 'All dependencies completed'
app-code-linting:
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
# Make sure the actual branch is checked out when running on pull requests
ref: ${{ github.head_ref }}
- name: Reveal secret .env files
uses: entrostat/git-secret-action@v4
with:
gpg-private-key: ${{ secrets.GIT_SECRET_PRIVATE_KEY }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22.18.0'
cache: 'npm'
cache-dependency-path: package-lock.json
- name: Install NPM dependencies
run: npm ci
- name: Build and lint
run: npm run build && npm run lint
app-tests-unit-node:
runs-on: ubuntu-24.04
strategy:
matrix:
index: ['1']
steps:
- name: Checkout
uses: actions/checkout@v4
with:
# Make sure the actual branch is checked out when running on pull requests
ref: ${{ github.head_ref }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22.18.0'
cache: 'npm'
cache-dependency-path: package-lock.json
- name: Install NPM dependencies
run: npm ci
- name: Run node unit tests
run: |
npm run test:unit:node -- --shard=${{matrix.index}}/1
app-tests-unit-dom:
runs-on: ubuntu-24.04
strategy:
matrix:
index: ['1']
steps:
- name: Checkout
uses: actions/checkout@v4
with:
# Make sure the actual branch is checked out when running on pull requests
ref: ${{ github.head_ref }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22.18.0'
cache: 'npm'
cache-dependency-path: package-lock.json
- name: Install NPM dependencies
run: npm ci
- name: Run dom unit tests
run: |
npm run test:unit:dom -- --shard=${{matrix.index}}/1
app-tests-playwright-e2e:
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22.18.0'
cache: 'npm'
cache-dependency-path: package-lock.json
- name: Install NPM dependencies
run: npm ci
- name: Reveal secret .env files
uses: entrostat/git-secret-action@v4
with:
gpg-private-key: ${{ secrets.GIT_SECRET_PRIVATE_KEY }}
- name: Prepare folders for failed test data
run: mkdir --parents "${PWD}/reports/playwright/e2e/playwright-report" "${PWD}/reports/playwright/e2e/test-results"
- name: Run E2E tests
id: run-e2e-tests
run: ./scripts/stack/local/all/e2e/headless.js
- name: Upload data for failed tests
if: failure() && steps.run-e2e-tests.outcome == 'failure'
uses: actions/upload-artifact@v4
with:
name: e2e-failed-tests-data
path: |
${{ github.workspace }}/reports/playwright/e2e/playwright-report
${{ github.workspace }}/reports/playwright/e2e/test-results
retention-days: 3
app-tests-playwright-api:
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22.18.0'
cache: 'npm'
cache-dependency-path: package-lock.json
- name: Install NPM dependencies
run: npm ci
- name: Reveal secret .env files
uses: entrostat/git-secret-action@v4
with:
gpg-private-key: ${{ secrets.GIT_SECRET_PRIVATE_KEY }}
- name: Prepare folders for failed test data
run: mkdir --parents "${PWD}/reports/playwright/api/playwright-report" "${PWD}/reports/playwright/api/test-results"
- name: Run API tests
id: run-api-tests
run: ./scripts/stack/local/all/api/headless.js
- name: Upload data for failed tests
if: failure() && steps.run-api-tests.outcome == 'failure'
uses: actions/upload-artifact@v4
with:
name: api-failed-tests-data
path: |
${{ github.workspace }}/reports/playwright/api/playwright-report
${{ github.workspace }}/reports/playwright/api/test-results
retention-days: 3
commits-linting:
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
- name: 'Validate PR commits messages'
run: |
PATTERN="(^wip|^fixup)"
MESSAGES=$(git log -n ${{ github.event.pull_request.commits }} --pretty="%s")
if echo "$MESSAGES" | grep -Eqi "$PATTERN"; then
echo "Commits messages are not valid"
exit 1
fi
echo "Commits messages are valid"
forbidden-comments-linting:
runs-on: ubuntu-24.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
- name: Setup todos CLI command
run: |
curl -sSLo slsa-verifier https://github.com/slsa-framework/slsa-verifier/releases/download/v2.4.1/slsa-verifier-linux-amd64 \
&& echo "e81900c9f11a44276e1552afb7c1f6ea7b13ad9c6efdb920d97f23a76659e25f slsa-verifier" | sha256sum -c - \
&& chmod +x slsa-verifier
curl -sSLo todos https://github.com/ianlewis/todos/releases/download/v0.8.0/todos-linux-amd64 \
&& curl -sSLo todos.intoto.jsonl https://github.com/ianlewis/todos/releases/download/v0.8.0/todos-linux-amd64.intoto.jsonl \
&& ./slsa-verifier verify-artifact todos --provenance-path todos.intoto.jsonl --source-uri github.com/ianlewis/todos --source-tag v0.8.0 \
&& chmod +x todos \
&& sudo cp todos /usr/local/bin
- name: Run todos CLI command
run: |
output=$(./todos --output github --todo-types PTODO .)
echo "$output"
if [[ -z $(echo "$output" | grep -v '^[[:space:]]*$') ]]; then
# No non-empty lines found
exit 0
else
# Non-empty lines found
exit 1
fi