Bundle action using esbuild #38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: PR Checks | |
on: | |
push: | |
pull_request: | |
# Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened | |
# by other workflows. | |
types: [opened, synchronize, reopened, ready_for_review] | |
workflow_dispatch: | |
jobs: | |
check-js: | |
name: Check JS | |
runs-on: ubuntu-latest | |
timeout-minutes: 45 | |
permissions: | |
contents: read | |
security-events: write | |
strategy: | |
fail-fast: false | |
matrix: | |
node-types-version: [16.11, current] # run tests on 16.11 while CodeQL Action v2 is still supported | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install | |
shell: bash | |
run: npm install | |
- name: Lint | |
id: lint | |
run: npm run-script lint-ci | |
- name: Upload sarif | |
uses: github/codeql-action/upload-sarif@v3 | |
# Only upload SARIF for the latest version of Node.js | |
if: ${{ !cancelled() && matrix.node-types-version == 'current' && !startsWith(github.head_ref, 'dependabot/') }} | |
with: | |
sarif_file: eslint.sarif | |
category: eslint | |
- name: Override version of @types/node | |
if: matrix.node-types-version != 'current' | |
env: | |
NODE_TYPES_VERSION: ${{ matrix.node-types-version }} | |
run: | | |
# Export `NODE_TYPES_VERSION` so it's available to jq | |
export NODE_TYPES_VERSION="${NODE_TYPES_VERSION}" | |
contents=$(jq '.devDependencies."@types/node" = env.NODE_TYPES_VERSION' package.json) | |
echo "${contents}" > package.json | |
# Usually we run `npm install` on macOS to ensure that we pick up macOS-only dependencies. | |
# However we're not checking in the updated lockfile here, so it's fine to run | |
# `npm install` on Linux. | |
npm install | |
# esbuild embeds package.json version details into these files. | |
# Since the jq step has actively changed package.json, we know that if these files | |
# are successfully rebuilt (without the changes below), they would be dirty. | |
# | |
# In order to allow check-js.sh to verify that it can build them at all, we ignore them, | |
# delete them, and commit those changes. Thus, when it runs, it will be able to try to | |
# build them, and as long at they build, it will be happy. If it can't build them, it can | |
# complain, although that error won't make much sense, because you shouldn't update them | |
# using the wrong node types version information. | |
( | |
echo '*/*-action.js'; | |
echo '*/*-action-post.js' | |
) >> .gitignore | |
for action in $( | |
find * -mindepth 1 -maxdepth 1 -type f -name action.yml | |
); do | |
git rm -f "$(dirname "$action")"/*-action*.js | |
done | |
if [ ! -z "$(git status --porcelain)" ]; then | |
git config --global user.email "github-actions@github.com" | |
git config --global user.name "github-actions[bot]" | |
# The period in `git add --all .` ensures that we stage deleted files too. | |
git add --all . | |
git commit -m "Use @types/node=${NODE_TYPES_VERSION}" | |
fi | |
- name: Check generated JS | |
run: .github/workflows/script/check-js.sh | |
check-node-modules: | |
if: github.event_name != 'push' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/releases/v') | |
name: Check modules up to date | |
runs-on: macos-latest | |
timeout-minutes: 45 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Check node modules up to date | |
run: .github/workflows/script/check-node-modules.sh | |
check-file-contents: | |
if: github.event_name != 'push' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/releases/v') | |
name: Check file contents | |
runs-on: ubuntu-latest | |
timeout-minutes: 45 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.11 | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
# When updating this, update the autogenerated code header in `sync.py` too. | |
pip install ruamel.yaml==0.17.31 | |
# Ensure the generated PR check workflows are up to date. | |
- name: Verify PR checks up to date | |
run: .github/workflows/script/verify-pr-checks.sh | |
npm-test: | |
if: github.event_name != 'push' || github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/releases/v') | |
name: Unit Test | |
needs: [check-js, check-node-modules] | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, macos-latest, windows-latest] | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 45 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Build | |
run: | | |
npm run build | |
- name: npm test | |
run: | | |
# Run any commands referenced in package.json using Bash, otherwise | |
# we won't be able to find them on Windows. | |
npm config set script-shell bash | |
npm test | |
check-node-version: | |
if: github.event.pull_request | |
name: Check Action Node versions | |
runs-on: ubuntu-latest | |
timeout-minutes: 45 | |
env: | |
BASE_REF: ${{ github.base_ref }} | |
steps: | |
- uses: actions/checkout@v4 | |
- id: head-version | |
name: Verify all Actions use the same Node version | |
run: | | |
NODE_VERSION=$(find . -name "action.yml" -exec yq -e '.runs.using' {} \; | grep node | sort | uniq) | |
echo "NODE_VERSION: ${NODE_VERSION}" | |
if [[ $(echo "$NODE_VERSION" | wc -l) -gt 1 ]]; then | |
echo "::error::More than one node version used in 'action.yml' files." | |
exit 1 | |
fi | |
echo "node_version=${NODE_VERSION}" >> $GITHUB_OUTPUT | |
- id: checkout-base | |
name: 'Backport: Check out base ref' | |
if: ${{ startsWith(github.head_ref, 'backport-') }} | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ env.BASE_REF }} | |
- name: 'Backport: Verify Node versions unchanged' | |
if: steps.checkout-base.outcome == 'success' | |
env: | |
HEAD_VERSION: ${{ steps.head-version.outputs.node_version }} | |
run: | | |
BASE_VERSION=$(find . -name "action.yml" -exec yq -e '.runs.using' {} \; | grep node | sort | uniq) | |
echo "HEAD_VERSION: ${HEAD_VERSION}" | |
echo "BASE_VERSION: ${BASE_VERSION}" | |
if [[ "$BASE_VERSION" != "$HEAD_VERSION" ]]; then | |
echo "::error::Cannot change the Node version of an Action in a backport PR." | |
exit 1 | |
fi |