Skip to content

Migrate the guest module to a proper synapse module #13

Migrate the guest module to a proper synapse module

Migrate the guest module to a proper synapse module #13

Workflow file for this run

name: CI
on:
push:
branches:
- main
pull_request:
jobs:
build-js:
name: Build Javascript
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
with:
node-version: '20'
cache: 'yarn'
registry-url: 'https://npm.pkg.github.com'
scope: '@nordeck'
- name: yarn install
run: yarn install --frozen-lockfile
- name: prettier:check
run: yarn prettier:check
- name: depcheck
run: yarn depcheck
- name: lint
run: yarn lint
- name: type checking and declarations
run: yarn tsc
- name: test
run: yarn test:all
- name: build
run: yarn build
build-py:
name: Build Python
runs-on: ubuntu-latest
timeout-minutes: 15
defaults:
run:
working-directory: ./synapse-guest-module/
env:
DOCKER_IMAGE: ghcr.io/nordeck/synapse-guest-module
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
with:
python-version: '3.x'
- run: python -m pip install tox
- name: lint
run: tox -e check_codestyle
- name: type checking and declarations
run: tox -e check_types
- name: test
run: tox -e py
- name: Login to ghcr.io
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Generate Docker metadata
id: meta
uses: docker/metadata-action@v4
env:
DOCKER_METADATA_PR_HEAD_SHA: true
with:
images: ${{ env.DOCKER_IMAGE }}
labels: |
org.opencontainers.image.title=Synapse Guest Module
org.opencontainers.image.description=A synapse module to restrict the actions of guests
org.opencontainers.image.vendor=Nordeck IT + Consulting GmbH
tags: |
type=sha,prefix=
- name: Docker build and push
uses: docker/build-push-action@v4
id: dockerBuild
with:
push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event_name == 'pull_request' && secrets.GH_APP_OS_APP_ID != '' }}
context: synapse-guest-module
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64,linux/s390x
sbom: true
provenance: true
run-changesets:
runs-on: ubuntu-latest
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
timeout-minutes: 5
needs:
- build-js
- build-py
steps:
- uses: actions/checkout@v4
with:
# required for changesets
fetch-depth: '0'
# don't persist the credentials so the changesets action doesn't use the
# github actions token but the git token provided via environment variable
persist-credentials: false
- uses: actions/setup-node@v3
with:
node-version: '20'
cache: 'yarn'
registry-url: 'https://npm.pkg.github.com'
scope: '@nordeck'
- name: yarn install
run: yarn install --frozen-lockfile
- name: Generate GitHub token
id: generate_token
uses: tibdex/github-app-token@0914d50df753bbc42180d982a6550f195390069f # @v2.0.0
with:
app_id: ${{ secrets.GH_APP_OS_APP_ID }}
private_key: ${{ secrets.GH_APP_OS_PRIVATE_KEY }}
- name: Create Release Pull Request or Publish Packages
uses: changesets/action@f13b1baaa620fde937751f5d2c3572b9da32af23 # @v1.4.5
with:
version: yarn run version
publish: yarn release
env:
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
e2e:
name: Run e2e tests
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
with:
node-version: '20'
cache: 'yarn'
registry-url: 'https://npm.pkg.github.com'
scope: '@nordeck'
- name: yarn install
run: yarn install --frozen-lockfile
- name: build
run: yarn build
- name: Install Playwright Browsers
run: npx playwright install --with-deps chromium
- name: Run Playwright tests
working-directory: ./e2e/
run: DEBUG=testcontainers:pull,testcontainers:build yarn playwright test --project=chromium
- uses: actions/upload-artifact@v3
if: always()
with:
name: playwright-report-chromium
path: e2e/playwright-report/
retention-days: 7