Skip to content

ci(audits): define branch for pr #440

ci(audits): define branch for pr

ci(audits): define branch for pr #440

Workflow file for this run

name: Audits
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
javascript:
name: JavaScript
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
workspace:
- apollo-server
- express-graphql
- graph-client
- graphql-helix
- graphql-yoga
- mercurius
env:
PORT: 4000
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up node
uses: actions/setup-node@v3
with:
node-version-file: .nvmrc
cache: yarn
- name: Install
run: yarn install --immutable
- name: Start
run: yarn workspace ${{ matrix.workspace }} start &
- name: Sleep
run: sleep 3
- name: Audit
run: yarn tsx scripts/audit-implementation.ts implementations/${{ matrix.workspace }}
- name: Summary
run: cat implementations/${{ matrix.workspace }}/README.md >> $GITHUB_STEP_SUMMARY
- name: Upload audit report
uses: actions/upload-artifact@v3
with:
name: audit-reports
# > If multiple paths are provided as input, the least common ancestor of all the search paths will be used as the root directory of the artifact.
# https://github.com/actions/upload-artifact#upload-using-multiple-paths-and-exclusions
#
# Because of this, we include the root README.md to maintain the paths during artifact downloads
path: |
README.md
implementations/${{ matrix.workspace }}/README.md
implementations/${{ matrix.workspace }}/report.json
docker:
name: Docker
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
workspace:
- deno
- hotchocolate
- lighthouse
- postgraphile
# TODO: speed up build process
# - pioneer
env:
PORT: 4000
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up docker buildx
uses: docker/setup-buildx-action@v2
- name: Set up node
uses: actions/setup-node@v3
with:
node-version-file: .nvmrc
cache: yarn
- name: Install
run: yarn install --immutable
- name: Bake
uses: docker/bake-action@v2
with:
workdir: implementations/${{ matrix.workspace }}
load: true # load image into docker, otherwise `docker compose up` will rebuild
set: |
*.cache-from=type=gha
*.cache-to=type=gha,mode=max
- name: Start
run: yarn workspace ${{ matrix.workspace }} start --detach --wait
- name: Audit
run: yarn tsx scripts/audit-implementation.ts implementations/${{ matrix.workspace }}
- name: Summary
run: cat implementations/${{ matrix.workspace }}/README.md >> $GITHUB_STEP_SUMMARY
- name: Upload audit report
uses: actions/upload-artifact@v3
with:
name: audit-reports
# > If multiple paths are provided as input, the least common ancestor of all the search paths will be used as the root directory of the artifact.
# https://github.com/actions/upload-artifact#upload-using-multiple-paths-and-exclusions
#
# Because of this, we include the root README.md to maintain the paths during artifact downloads
path: |
README.md
implementations/${{ matrix.workspace }}/README.md
implementations/${{ matrix.workspace }}/report.json
url:
name: URL
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
workspace:
- name: thegraph
url: https://api.thegraph.com/subgraphs/name/sushiswap/exchange/graphql
env:
URL: ${{ matrix.workspace.url }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up node
uses: actions/setup-node@v3
with:
node-version-file: .nvmrc
cache: yarn
- name: Install
run: yarn install --immutable
- name: Audit
run: yarn tsx scripts/audit-implementation.ts implementations/${{ matrix.workspace.name }}
- name: Summary
run: cat implementations/${{ matrix.workspace.name }}/README.md >> $GITHUB_STEP_SUMMARY
- name: Upload audit report
uses: actions/upload-artifact@v3
with:
name: audit-reports
# > If multiple paths are provided as input, the least common ancestor of all the search paths will be used as the root directory of the artifact.
# https://github.com/actions/upload-artifact#upload-using-multiple-paths-and-exclusions
#
# Because of this, we include the root README.md to maintain the paths during artifact downloads
path: |
README.md
implementations/${{ matrix.workspace.name }}/README.md
implementations/${{ matrix.workspace.name }}/report.json
report:
permissions:
contents: write
pull-requests: write
name: Report
runs-on: ubuntu-latest
needs: [javascript, docker, url]
if: always()
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Download audit reports
uses: actions/download-artifact@v3
with:
name: audit-reports
- name: Render servers table
run: node scripts/render-servers-table.mjs
- name: Create Pull Request
uses: peter-evans/create-pull-request@v7
with:
branch: audit-report/${{ github.ref_name }}
title: Audit Report
body: New audit report available.
commit-message: 'docs(implementations): audit report'