Update dependency webpack to v5.94.0 [SECURITY] (master) #3342
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a basic workflow to help you get started with Actions | |
name: CI | |
# Controls when the action will run. | |
on: | |
# Triggers the workflow on push or pull request events but only for the master branch | |
push: | |
paths-ignore: | |
- '.circleci' | |
branches-ignore: | |
# Run only renovate PR | |
- 'renovate/*' | |
pull_request: | |
branches: | |
- '*' | |
paths-ignore: | |
- '.circleci' | |
types: [opened, reopened, synchronize, closed] | |
# Allows you to run this workflow manually from the Actions tab | |
workflow_dispatch: | |
# A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
jobs: | |
webpack: | |
if: github.event.action != 'closed' || github.event.pull_request.merged == true | |
runs-on: ubuntu-latest | |
steps: | |
# Dump environment variables & event | |
- uses: hmarr/debug-action@v2 | |
- name: Cancel Previous Runs | |
uses: styfle/cancel-workflow-action@0.11.0 | |
with: | |
access_token: ${{ github.token }} | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- name: Checkout | |
uses: actions/checkout@v3.1.0 | |
- name: Setup Node.js environment | |
uses: actions/setup-node@v3 | |
with: | |
# Version Spec of the version to use. Examples: 12.x, 10.15.1, >=10.15.0 | |
node-version: '16' | |
- name: Cache npm files | |
id: cache-npm | |
uses: actions/cache@v3 | |
with: | |
path: ~/.npm | |
key: | | |
modules-${{ hashFiles('**/package-lock.json') }} | |
- name: Install dependencies | |
if: steps.cache.outputs.cache-npm != 'true' | |
run: npm ci --ignore-scripts | |
- name: Cache node modules | |
id: cache-node_modules | |
uses: actions/cache@v3 | |
with: | |
path: ~/.npm | |
key: | | |
modules-${{ hashFiles('**/package-lock.json') }} | |
- name: 'Tar node_modules files' | |
run: tar -cf ~/node_modules.tar node_modules | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: node_modules | |
path: ~/node_modules.tar | |
- name: Cache Dojo | |
id: cache-dojo | |
uses: actions/cache@v3 | |
with: | |
path: UI/js | |
key: dojo-${{ hashFiles('UI/js-src/**', 'UI/src/**', 'UI/css/**','UI/**/*.html','doc/sources/**') }} | |
- name: Build Dojo | |
run: | | |
make dojo | |
make readme | |
if: steps.cache-dojo.outputs.cache-hit != 'true' || | |
steps.cache-node_modules.outputs.cache-hit != 'true' | |
- name: 'Tar Webpacked files' | |
run: tar -cf ~/webpacked_js.tar UI/js | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: webpacked_js | |
path: ~/webpacked_js.tar | |
# This workflow contains a single job called "build" | |
build: | |
if: (github.event.action != 'closed' || github.event.pull_request.merged == true) | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
needs: webpack | |
# Don't let it run for more than an hour | |
timeout-minutes: 60 | |
# Service containers to run | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- perl: "5.34" | |
postgres: "13" | |
BROWSER: "chrome" | |
COVERAGE: 1 | |
- perl: "5.32" | |
postgres: "latest" | |
BROWSER: "firefox" | |
COA_TESTING: 1 | |
- perl: "5.32" | |
postgres: "12" | |
BROWSER: "operablink" | |
DB_TESTING: 1 | |
services: | |
# Label used to access the service container | |
postgres: | |
# Docker database image | |
image: ghcr.io/ledgersmb/dev-postgres:${{ matrix.postgres }} | |
# Maps tcp port 5432 on service container to the host | |
ports: | |
- 5432:5432 | |
# Provide the password for postgres | |
env: | |
POSTGRES_PASSWORD: test | |
# needed because the postgres container does not provide a healthcheck | |
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
mailhog: | |
image: mailhog/mailhog:latest | |
ports: | |
- 1025:1025 | |
- 8025:8025 | |
env: | |
BROWSER: ${{ matrix.BROWSER }} | |
COA_TESTING: ${{ matrix.COA_TESTING }} | |
DB_TESTING: ${{ matrix.DB_TESTING }} | |
DEVEL_COVER_OPTIONS: -silent,1,+ignore,(^x?t/|^local/|^utils/|\.lttc\$|^/usr/|^/opt/|starman\$\$),-summary,1 | |
JOB_COUNT: 5 | |
LSMB_BASE_URL: http://lsmb:5000 | |
LSMB_NEW_DB: lsmb_test | |
LSMB_NEW_DB_API: lsmb_test_api | |
MONITOR_FILE: cpu-memory-usage | |
PGDB: lsmb_test | |
PGHOST: localhost | |
PGPASSWORD: test | |
PGPORT: 5432 | |
PGUSER: postgres | |
PSGI_BASE_URL: http://lsmb:5762 | |
RELEASE_TESTING: 1 | |
REMOTE_SERVER_ADDR: 127.0.0.1 | |
SSMTP_FROMLINE_OVERRIDE: YES | |
SSMTP_HOSTNAME: lsmb | |
SSMTP_MAILHUB: lsmb:1025 | |
MH_SENDMAIL_SMTP_ADDR: lsmb:1025 | |
UIUSER: Jest | |
UIPASSWORD: Tester | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/cancel-workflow-action@0.11.0 | |
with: | |
access_token: ${{ github.token }} | |
- name: Install TinyTex | |
uses: r-lib/actions/setup-tinytex@v2 | |
- name: Install missing TeX packages | |
run: | | |
tlmgr update --self | |
tlmgr install koma-script | |
- name: Set host alias (why doesn't Github do it itself) | |
run: | | |
hostname -i | awk '{printf("%s lsmb\n",$1)}' | sudo tee -a /etc/hosts | |
- name: Sendmail | |
run: | | |
wget --quiet https://github.com/mailhog/mhsendmail/releases/download/v0.2.0/mhsendmail_linux_amd64 | |
sudo chmod +x mhsendmail_linux_amd64 | |
sudo mv mhsendmail_linux_amd64 /usr/local/bin/sendmail | |
echo -e "To: you@lsmb\n" \ | |
"Subject: sendmail test\n" \ | |
"From: me@lsmb\n" "\n" \ | |
"And here goes the e-mail body, test test test..\n" | \ | |
sendmail me@test | |
curl lsmb:8025/api/v2/messages | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- name: Checkout | |
uses: actions/checkout@v3.1.0 | |
- name: Install GNU gettext | |
run: sudo apt -q -y install gettext | |
- name: Create logging directories | |
run: | | |
mkdir -p logs/screens | |
cp doc/conf/ledgersmb.conf.default ledgersmb.conf | |
sed -i -e 's/db_namespace = public/db_namespace = xyz/' ledgersmb.conf | |
- name: Setup Perl environment | |
uses: shogo82148/actions-setup-perl@v1 | |
with: | |
perl-version: ${{ matrix.perl }} | |
install-modules-with: cpanm | |
install-modules: | | |
Devel::Cover | |
Devel::Cover::Report::Coveralls | |
Syntax::Keyword::Try | |
Syntax::Keyword::Try::Deparse | |
# Features and Devel modules | |
install-modules-args: > | |
--metacpan | |
--with-develop | |
--with-feature=starman | |
--with-feature=latex-pdf-ps | |
--with-feature=openoffice | |
--with-feature=xls | |
--with-feature=edi | |
- uses: actions/download-artifact@v3 | |
with: | |
name: webpacked_js | |
- name: 'Untar Webpacked files' | |
run: tar -xf webpacked_js.tar | |
- name: Starting 'nginx' | |
run: | | |
nginx -c $GITHUB_WORKSPACE/doc/conf/webserver/nginx-github.conf \ | |
-p $GITHUB_WORKSPACE & | |
# This will start a hub and JOB_COUNT matrix. | |
- name: Starting hub with ${{ matrix.BROWSER }} | |
run: | | |
docker-compose --log-level CRITICAL \ | |
--file=utils/selenium/docker-compose.yml \ | |
--file=utils/selenium/docker-compose-${{ matrix.BROWSER }}.yml \ | |
up \ | |
--detach \ | |
--scale ${{ matrix.BROWSER }}=$JOB_COUNT \ | |
- name: Setup coverage | |
run: | | |
echo "PERL5LIB=$GITHUB_WORKSPACE/local/lib/perl5/x86_64-linux:$PERL5LIB" >> $GITHUB_ENV | |
echo "PERL5OPT=-MSyntax::Keyword::Try::Deparse -MDevel::Cover=${{ env.DEVEL_COVER_OPTIONS }}" >> $GITHUB_ENV | |
echo "YATH_DEVEL_COVER_OPTIONS=--cover=\"${{ env.DEVEL_COVER_OPTIONS }}\"" >> $GITHUB_ENV | |
echo "JOB_COUNT=2" >> $GITHUB_ENV | |
echo "UITESTS=--coverage" >> $GITHUB_ENV | |
if: ${{ matrix.COVERAGE }} | |
- name: Starting 'starman' | |
run: | | |
PERL5OPT="$PERL5OPT $STARMAN_DEVEL_COVER_OPTIONS" \ | |
starman --preload-app --pid starman.pid --workers $JOB_COUNT \ | |
--max-requests 5000 --error-log logs/starman-error.log \ | |
-Ilib -Iold/lib --port 5762 bin/ledgersmb-server.psgi & | |
# Fix the condition to debug | |
- name: Setup upterm session | |
uses: mxschmitt/action-tmate@v3 | |
if: ${{ matrix.BROWSER == 'chrome' && 0 }} | |
# Do API Tests | |
- uses: actions/download-artifact@v3 | |
with: | |
name: node_modules | |
- name: 'Untar node modules' | |
run: tar -xf node_modules.tar | |
- name: Run API tests | |
run: | | |
PERL5LIB="lib:old/lib:$PERL5LIB" make jstest TESTS="$UITESTS" | |
# Do perl tests | |
- name: Run Perl tests | |
run: | | |
make devtest TESTS="$TESTS --no-progress --job-count $JOB_COUNT $YATH_DEVEL_COVER_OPTIONS t xt" | |
env: | |
LSMB_TEST_DB: 1 | |
COA_TESTING: ${{ matrix.COA_TESTING }} | |
COVERAGE: ${{ matrix.COVERAGE }} | |
DB_TESTING: ${{ matrix.DB_TESTING }} | |
# Send UI coverage before Perl | |
- name: Upload UI coverage data | |
uses: coverallsapp/github-action@1.1.3 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
flag-name: ui | |
parallel: true | |
path-to-lcov: ${{ github.workspace }}/coverage/lcov.info | |
if: ${{ matrix.COVERAGE }} | |
# Upload coverage data if needed | |
- name: Upload coverage data | |
run: | | |
unset PERL5OPT | |
cover -report coveralls | |
cover -report text > logs/coverage.txt | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
COVERALLS_FLAG_NAME: perl | |
COVERALLS_PARALLEL: true | |
if: ${{ matrix.COVERAGE }} | |
- name: Close parallel UI coverage data | |
uses: coverallsapp/github-action@1.1.3 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
parallel-finished: true | |
path-to-lcov: ${{ github.workspace }}/coverage/lcov.info | |
if: ${{ matrix.COVERAGE }} | |
# Send logs & artifacts | |
- name: Collect docker logs | |
uses: jwalton/gh-docker-logs@v2 | |
with: | |
dest: 'logs/docker-logs' | |
if: always() | |
- name: Archive production artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: logs-and-screens ${{ matrix.perl }} ${{ matrix.BROWSER }} | |
path: | | |
logs/** | |
/tmp/nginx*.log | |
if: always() | |
build-dev: | |
if: github.event.action == 'closed' && github.event.pull_request.merged == true | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3.1.0 | |
- name: Check if merge must trigger | |
id: pr_trigger | |
shell: bash | |
run: | | |
URL="https://api.github.com/repos/${{ github.repository }}/commits/${{ github.sha }}" | |
FILES=$(curl -s -X GET -G $URL | jq -r '.files[].filename') | |
if echo $FILES | grep -q "cpanfile"; then | |
echo ::set-output name=MUST_TRIGGER::1 | |
fi | |
- name: Repository Dispatch to the Development image | |
uses: peter-evans/repository-dispatch@v2 | |
with: | |
token: ${{ secrets.DOCKER_TOKEN }} | |
repository: ${{ github.repository_owner }}/ledgersmb-dev-docker | |
event-type: master-updated | |
client-payload: '{"ref": "${{ github.ref }}", "sha": "${{ github.sha }}"}' | |
if: steps.pr_trigger.outputs.MUST_TRIGGER |