-
Notifications
You must be signed in to change notification settings - Fork 16
180 lines (158 loc) · 5.81 KB
/
ci-default.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
# NOTE: This name appears in GitHub's Checks API and in workflow's status badge.
name: ci-default
env:
# CI variables
DOCKER_PLATFORM: "amd64"
TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
# Frontend variables
NODE_ENV: ${{ vars.NODE_ENV }}
PLASMIC_PROJECT_ID: ${{ vars.PLASMIC_PROJECT_ID }}
PLASMIC_PROJECT_API_TOKEN: ${{ vars.PLASMIC_PROJECT_API_TOKEN }}
NEXT_PUBLIC_DOMAIN: "www.opensource.observer"
NEXT_PUBLIC_DB_GRAPHQL_URL: ${{ vars.NEXT_PUBLIC_DB_GRAPHQL_URL }}
HASURA_URL: ${{ vars.HASURA_URL }}
OSO_API_KEY: ${{ secrets.OSO_API_KEY }}
# Docs variables
DOCS_URL: "https://docs.opensource.observer"
DOCS_ALGOLIA_APP_ID: "test"
DOCS_ALGOLIA_API_KEY: "test"
DOCS_ALGOLIA_INDEX: "test"
DOCS_SEGMENT_WRITE_KEY: "test"
# Hasura variables
DBT_TARGET: "production"
# Google variables
GOOGLE_PROJECT_ID: "opensource-observer"
GOOGLE_TEST_DUMMY_CREDENTIALS_JSON: ${{ vars.GOOGLE_TEST_DUMMY_CREDENTIALS_JSON }}
CLICKHOUSE_URL: "http://127.0.0.1:8123" # dummy value
CLICKHOUSE_USERNAME: "username"
CLICKHOUSE_PASSWORD: "password"
# should not be set to a legitimate value for testing. This will use up API
# quota otherwise
DUNE_API_KEY: "none"
# Trigger the workflow when:
on:
# A push occurs to one of the matched branches.
push:
branches:
- main
# Or when a pull request event occurs for a pull request against one of the
# matched branches.
pull_request:
branches:
- main
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
merge_group:
# Cancel in progress jobs on new pushes.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
lint-and-test:
# NOTE: This name appears in GitHub's Checks API.
name: test
environment: testing
runs-on: ubuntu-latest
strategy:
matrix:
component: ["node", "python", "dbt"]
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
# Check out pull request's HEAD commit instead of the merge commit to
# prevent gitlint from failing due to too long commit message titles,
# e.g. "Merge 3e621938d65caaa67f8e35d145335d889d470fc8 into 19a39b2f66cd7a165082d1486b2f1eb36ec2354a".
ref: ${{ github.event.pull_request.head.sha }}
# Fetch all history so gitlint can check the relevant commits.
fetch-depth: "0"
- name: Load public vars
run: |
bash .github/scripts/load-public-vars.sh $GITHUB_ENV \
NODE_ENV \
PLASMIC_PROJECT_ID \
PLASMIC_PROJECT_API_TOKEN \
NEXT_PUBLIC_DOMAIN \
NEXT_PUBLIC_DB_GRAPHQL_URL \
HASURA_URL \
OSO_API_KEY \
GOOGLE_PROJECT_ID \
GOOGLE_TEST_DUMMY_CREDENTIALS_JSON \
PUBLIC_VARS_TEST
- name: Check if algolia is empty, set the variable to some dummy value if it is
shell: bash
run: |
echo "NEXT_PUBLIC_ALGOLIA_API_KEY=${NEXT_PUBLIC_ALGOLIA_API_KEY:-xxxx}" >> "$GITHUB_ENV"
- name: Setup pnpm
uses: pnpm/action-setup@v4
with:
version: 9
run_install: |
- recursive: true
args: [--frozen-lockfile, --strict-peer-dependencies]
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: "20.x"
cache: "pnpm"
- name: "Setup Python, Poetry and Dependencies"
uses: packetcoders/action-setup-cache-python-poetry@main
with:
python-version: 3.12
poetry-version: 1.8.2
- name: Authenticate to google with a test-dummy user
uses: "google-github-actions/auth@v2"
with:
credentials_json: "${{ env.GOOGLE_TEST_DUMMY_CREDENTIALS_JSON }}"
create_credentials_file: true
- name: Setup dbt profile
run: |
bash .github/scripts/create-dbt-profile.sh ${GOOGLE_APPLICATION_CREDENTIALS}
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1
with:
version: nightly-87bc53fc6c874bd4c92d97ed180b949e3a36d78c
if: ${{ matrix.component == 'node' }}
- name: Run supabase local
id: supabase
run: |
bash .github/scripts/run-supabase-local.sh apps/frontend
if: ${{ matrix.component == 'node' }}
# Automatically retry if the build fails
- name: Build (Node)
uses: nick-fields/retry@v3
with:
timeout_minutes: 5
max_attempts: 3
command: |
pnpm build
# Always run this step so that all linting errors can be seen at once.
if: ${{ matrix.component == 'node' }}
- name: Lint (Node)
run: |
pnpm lint
# Always run this step so that all linting errors can be seen at once.
if: ${{ always() && steps.supabase.conclusion == 'success' && matrix.component == 'node' }}
- name: Test (Node)
run: |
pnpm test
# Always run this step so that all linting errors can be seen at once.
if: ${{ always() && steps.supabase.conclusion == 'success' && matrix.component == 'node' }}
# Temporarily include this separately. Eventually this should all be part of lint
- name: Lint SQL (dbt)
run: |
poetry run sqlfluff lint --dialect bigquery ./warehouse/dbt/models
if: ${{ always() && matrix.component == 'dbt' }}
- name: Type Check (Python)
run: |
pnpm pyright
if: ${{ always() && matrix.component == 'python' }}
- name: Lint (Python)
run: |
poetry run ruff check
if: ${{ always() && matrix.component == 'python' }}
- name: Test (Python)
run: |
poetry run pytest
if: ${{ always() && matrix.component == 'python' }}