Skip to content

feat: generate nonce and use it #5309

feat: generate nonce and use it

feat: generate nonce and use it #5309

Workflow file for this run

name: CI
on:
push:
branches: [main]
pull_request:
concurrency:
group: ci-${{ github.ref }}
cancel-in-progress: true
env:
MIX_ENV: test
MBTA_API_BASE_URL: ${{ secrets.MBTA_API_BASE_URL }}
MBTA_API_KEY: ${{ secrets.MBTA_API_KEY }}
jobs:
file_changes:
runs-on: ubuntu-latest
outputs:
ts: ${{ steps.changes.outputs.ts == 'true' }}
js: ${{ steps.changes.outputs.js == 'true' }}
ex: ${{ steps.changes.outputs.ex == 'true' }}
scss: ${{ steps.changes.outputs.scss == 'true' }}
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
id: changes
with:
filters: |
ts:
- 'assets/ts/**'
js:
- 'assets/js/**'
ex:
- '**.ex'
- '**.exs'
- '**.eex'
- '**.heex'
scss:
- 'assets/css/**.scss'
build_image:
name: Build Docker image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: docker build .
eslintts:
name: Linting / TypeScript
runs-on: ubuntu-latest
needs: file_changes
if: ${{ contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.ts }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- run: npm run ci:lint:ts
jslint:
name: Linting / JavaScript
runs-on: ubuntu-latest
needs: file_changes
if: ${{ contains(github.head_ref, 'dependabot/') ||needs.file_changes.outputs.js }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- run: npm run ci:lint:js
stylelint:
name: Linting / CSS
runs-on: ubuntu-latest
needs: file_changes
if: ${{ contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.scss }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- run: npm run ci:lint:scss
elixirlint:
name: Linting / Elixir
runs-on: ubuntu-latest
needs: file_changes
if: ${{ (contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.ex) && github.event_name == 'pull_request' }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- run: git fetch origin main:main
- run: npm run ci:lint:ex
build_app:
name: Build application and assets
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- name: Cache _build
uses: actions/cache@v4
with:
path: |
_build
priv
react_renderer/dist/app.js
key: ci-application-cache-${{ github.sha }}
- run: npm install --prefix assets -S -install-links deps/mbta_metro/priv/
- run: npm --prefix assets run webpack:build
- run: npm --prefix assets run webpack:build:react
- run: mix compile --all-warnings
elixir_unit:
name: Unit tests / Elixir / mix coveralls.html
runs-on: ubuntu-latest
needs: [file_changes, build_app]
if: ${{ contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.ex }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- uses: actions/cache/restore@v4
with:
path: |
_build
priv
react_renderer/dist/app.js
key: ci-application-cache-${{ github.sha }}
restore-keys: |
ci-application-cache-
- run: npm run ci:unit:exunit
- name: Upload coverage artifact
if: ${{ always() }}
uses: actions/upload-artifact@v4
with:
name: Elixir test coverage report
path: cover/
js_unit_1:
name: Unit tests / JavaScript / Mocha
runs-on: ubuntu-latest
needs: file_changes
if: ${{ contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.js }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- run: npm run ci:unit:mocha
js_unit_2:
name: Unit tests / JavaScript & TypeScript / Jest
runs-on: ubuntu-latest
needs: file_changes
if: ${{ contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.ts || needs.file_changes.outputs.js }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- run: TZ="America/New_York" npm run ci:unit:jest
type_dialyzer:
name: Type checks / Elixir
runs-on: ubuntu-latest
needs: file_changes
if: ${{ contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.ex }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- uses: mbta/actions/dialyzer@v2
with:
cmd-line: "--ignore-exit-status"
type_typescript:
name: Type checks / TypeScript
runs-on: ubuntu-latest
needs: file_changes
if: ${{ contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.ts }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- run: npm run ci:types:ts
elixir_format_check:
name: Formatting / Elixir
runs-on: ubuntu-latest
needs: file_changes
if: ${{ contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.ex }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- run: npm run ci:format:ex
js_format_check:
name: Formatting / JavaScript & TypeScript
runs-on: ubuntu-latest
needs: file_changes
if: ${{ contains(github.head_ref, 'dependabot/') || needs.file_changes.outputs.js || needs.file_changes.outputs.ts }}
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-all
- run: npm run ci:format:ts