From c87240cc5fe8c40dead8f416147c6709eaaf6ce5 Mon Sep 17 00:00:00 2001 From: Evan Sims Date: Tue, 29 Aug 2023 17:54:18 -0500 Subject: [PATCH 1/4] test: Migrate to GitHub Actions --- .github/dependabot.yml | 6 ++ .github/workflows/codeql.yml | 54 +++++++++++ .github/workflows/publish.yml | 163 ++++++++++++++++++++++++++++++++ .github/workflows/semgrep.yml | 40 ++++++-- .github/workflows/snyk.yml | 48 ++++++++++ .github/workflows/test.yml | 171 ++++++++++++++++++++++++++++++++++ 6 files changed, 475 insertions(+), 7 deletions(-) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/publish.yml create mode 100644 .github/workflows/snyk.yml create mode 100644 .github/workflows/test.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..12301490 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,6 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..ce70e8f7 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,54 @@ +name: CodeQL + +on: + merge_group: + pull_request: + types: + - opened + - synchronize + push: + branches: + - master + - beta + schedule: + - cron: '37 10 * * 2' + +permissions: + actions: read + contents: read + security-events: write + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/master' }} + +jobs: + analyze: + name: Check for Vulnerabilities + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + language: [javascript] + + steps: + - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' + run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. + + - name: Checkout + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + queries: +security-and-quality + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: '/language:${{ matrix.language }}' diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 00000000..0cdd53ca --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,163 @@ +name: Publish Release + +on: + workflow_dispatch: + inputs: + branch: + description: The branch to release from + required: true + default: master + release-type: + description: The type of release to publish + required: true + default: stable + type: choice + options: + - stable + - beta + - alpha + version-number: + description: The version number to publish. For pre-releases, do not include the release type or prerelease number, as these will be appended automatically when applicable. + required: true + default: '1.0.0' + type: string + prerelease-number: + description: For pre-releases, please identify the release number (i.e. 1 for beta.1, 2 for beta.2, etc.) Ignored for stable releases. + required: true + default: '1' + type: string + dry-run: + type: boolean + description: Perform a publishing dry run. This will not publish the release, but will validate the release and log the commands that would be run. + default: false + +permissions: + contents: read + id-token: write # For publishing to NPM with provenance. Allows developers to run `npm audit signatures` and verify release signature of SDK. @see https://github.blog/2023-04-19-introducing-npm-package-provenance/ + packages: write # For cross-publishing to GitHub Packages registry. + +env: + NODE_VERSION: 18 + NODE_ENV: development + +jobs: + configure: + name: Validate input parameters + runs-on: ubuntu-latest + environment: release + + outputs: + vtag: ${{ steps.vtag.outputs.vtag }} # The fully constructed release tag to use for publishing + release-suffix: ${{ steps.release-suffix.outputs.release-suffix }} # The release suffix to use for pre-releases, if applicable + dry-run: ${{ steps.dry-run.outputs.dry-run }} # The dry-run flag to use for publishing, if applicable + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + with: + fetch-depth: 0 + ref: ${{ github.event.inputs.branch }} + + # Configure for dry-run, if applicable. @see https://docs.npmjs.com/cli/v9/commands/npm-publish#dry-run + - id: dry-run + if: ${{ github.event.inputs.dry-run == 'true' }} + name: Configure for `--dry-run` + run: | + echo "dry-run=--dry-run" >> $GITHUB_ENV + echo "dry-run=--dry-run" >> $GITHUB_OUTPUT + + # Build the release suffix for pre-releases using the type and prerelease number, if applicable. Produces something like `-beta.1` for a beta, or `-alpha.1` for an alpha. + - id: release-suffix + if: ${{ github.event.inputs.release-type != 'stable' }} + name: Build release suffix + run: | + echo "release-suffix=-${{ github.event.inputs.release-type }}.${{ github.event.inputs.prerelease-number }}" >> $GITHUB_ENV + echo "release-suffix=-${{ github.event.inputs.release-type }}.${{ github.event.inputs.prerelease-number }}" >> $GITHUB_OUTPUT + + # Build the tag string from package.json version and release suffix. Produces something like `1.0.0-beta.1` for a beta, or `1.0.0` for a stable release. + - name: Build tag + id: vtag + run: | + PACKAGE_VERSION="${{ github.event.inputs.version-number }}" + PACKAGE_SUFFIX="${{ steps.release-suffix.outputs.release-suffix }}" + VTAG="${PACKAGE_VERSION}${PACKAGE_SUFFIX}" + echo "vtag=${VTAG}" >> $GITHUB_ENV + echo "vtag=${VTAG}" >> $GITHUB_OUTPUT + + # Ensure tag does not already exist. + - name: Validate version + uses: actions/github-script@v6 + env: + vtag: ${{ env.vtag }} + with: + script: | + const releaseMeta = github.rest.repos.listReleases.endpoint.merge({ + owner: context.repo.owner, + repo: context.repo.repo, + }); + + const releases = await github.paginate(releaseMeta); + + for (const release of releases) { + if (release.name === process.env.vtag) { + throw new Error(`${process.env.vtag} already exists`); + } + } + + console.log(`${process.env.vtag} does not exist. Proceeding with release.`) + + publish-npm: + needs: configure + + name: Publish to NPM + runs-on: ubuntu-latest + environment: release + + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + fetch-depth: 0 + ref: ${{ github.event.inputs.branch }} + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ env.NODE_VERSION }} + cache: npm + + - name: Install dependencies + run: npm ci + + - name: Publish release to NPM + run: npm publish --provenance --tag ${{ needs.configure.outputs.vtag }} ${{ needs.configure.outputs.dry-run }} + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + publish-gh: + needs: + - configure + - publish-npm # Don't publish to GitHub Packages until publishing to NPM is successfully completed + + name: Publish to GitHub Packages + runs-on: ubuntu-latest + environment: release + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ env.NODE_VERSION }} + registry-url: 'https://npm.pkg.github.com' + cache: npm + + - name: Install dependencies + run: npm ci + + - name: Publish release to GitHub Packages + run: npm publish --provenance --tag ${{ needs.configure.outputs.vtag }} ${{ needs.configure.outputs.dry-run }} + env: + NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index e0227e37..ce8607f4 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -1,23 +1,49 @@ name: Semgrep on: - pull_request: {} - + merge_group: + pull_request_target: + types: + - opened + - synchronize push: - branches: ["master", "main"] - + branches: + - master + - beta schedule: - cron: '30 0 1,15 * *' +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/master' }} + jobs: - semgrep: - name: Scan + authorize: + name: Authorize + environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} runs-on: ubuntu-latest + steps: + - run: true + + run: + needs: authorize # Require approval before running on forked pull requests + + name: Check for Vulnerabilities + runs-on: ubuntu-latest + container: image: returntocorp/semgrep - if: (github.actor != 'dependabot[bot]') + steps: + - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' + run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} - run: semgrep ci env: diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml new file mode 100644 index 00000000..33f2871d --- /dev/null +++ b/.github/workflows/snyk.yml @@ -0,0 +1,48 @@ +name: Snyk + +on: + merge_group: + workflow_dispatch: + pull_request_target: + types: + - opened + - synchronize + push: + branches: + - master + - beta + schedule: + - cron: '30 0 1,15 * *' + +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/master' }} + +jobs: + authorize: + name: Authorize + environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} + runs-on: ubuntu-latest + steps: + - run: true + + check: + needs: authorize + + name: Check for Vulnerabilities + runs-on: ubuntu-latest + + steps: + - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' + run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. + + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - uses: snyk/actions/php@b98d498629f1c368650224d6d212bf7dfa89e4bf # pin@0.4.0 + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..3f2fce5f --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,171 @@ +name: Build and Test + +on: + merge_group: + workflow_dispatch: + pull_request_target: + types: + - opened + - synchronize + push: + branches: + - master + +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/master' }} + +env: + NODE_VERSION: 18 + CACHE_KEY: '${{ github.event.pull_request.head.sha || github.ref }}-${{ github.run_id }}-${{ github.run_attempt }}' + +jobs: + authorize: + name: Authorize + environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} + runs-on: ubuntu-latest + steps: + - run: true + + build: + needs: authorize # Require approval before running on forked pull requests + + name: Build Package + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - name: Build package + uses: ./.github/actions/build + with: + node: ${{ env.NODE_VERSION }} + + - name: Save build artifacts + uses: actions/cache/save@v3 + with: + path: . + key: ${{ env.CACHE_KEY }} + + unit: + needs: build # Require build to complete before running tests + + name: Unit Tests + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ env.NODE_VERSION }} + cache: npm + + - name: Restore build artifacts + uses: actions/cache/restore@v3 + with: + path: . + key: ${{ env.CACHE_KEY }} + + - name: Run tests + run: npm run ci:test + env: + MOCHA_FILE: junit/test-results.xml + + - name: Upload coverage + uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # pin@3.1.4 + + compatibility: + needs: build # Require build to complete before running tests + + name: Compatibility Tests + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ env.NODE_VERSION }} + cache: npm + + - name: Restore build artifacts + uses: actions/cache/restore@v3 + with: + path: . + key: ${{ env.CACHE_KEY }} + + - name: Run tests + run: npm run test:es-check:es5 && npm run test:es-check:es2015:module + + lint: + needs: build # Require build to complete before running tests + + name: Lint Tests + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ env.NODE_VERSION }} + cache: npm + + - name: Restore build artifacts + uses: actions/cache/restore@v3 + with: + path: . + key: ${{ env.CACHE_KEY }} + + - name: Run tests + run: npm run lint + + browserstack: + needs: unit # Only run if unit tests pass + + name: BrowserStack Tests + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ env.NODE_VERSION }} + cache: npm + + - name: Restore build artifacts + uses: actions/cache/restore@v3 + with: + path: . + key: ${{ env.CACHE_KEY }} + + - name: Run tests + shell: bash + run: npm run test:e2e:browserstack + env: + BROWSERSTACK_ACCESS_KEY: ${{ secrets.BROWSERSTACK_ACCESS_KEY }} + BROWSERSTACK_USERNAME: ${{ secrets.BROWSERSTACK_USERNAME }} From 6cc4e35b0c8841d5a3419926c58984d67b7da203 Mon Sep 17 00:00:00 2001 From: Evan Sims Date: Wed, 6 Sep 2023 23:13:51 -0500 Subject: [PATCH 2/4] Relocate BrowserStack test to it's own seperate workflow --- .github/workflows/browserstack.yml | 85 ++++++++++++++++++++++++++++++ .github/workflows/codeql.yml | 3 +- .github/workflows/publish.yml | 48 ++++------------- .github/workflows/semgrep.yml | 3 +- .github/workflows/snyk.yml | 3 +- .github/workflows/test.yml | 63 +++------------------- 6 files changed, 106 insertions(+), 99 deletions(-) create mode 100644 .github/workflows/browserstack.yml diff --git a/.github/workflows/browserstack.yml b/.github/workflows/browserstack.yml new file mode 100644 index 00000000..7da12a66 --- /dev/null +++ b/.github/workflows/browserstack.yml @@ -0,0 +1,85 @@ +name: Build and Test + +on: + merge_group: + workflow_dispatch: + pull_request_target: + types: + - opened + - synchronize + push: + branches: + - master + +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/master' }} + +env: + NODE_VERSION: 18 + CACHE_KEY: '${{ github.event.pull_request.head.sha || github.ref }}-${{ github.run_id }}-${{ github.run_attempt }}' + +jobs: + authorize: + name: Authorize + environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} + runs-on: ubuntu-latest + steps: + - run: true + + build: + needs: authorize # Require approval before running on forked pull requests + + name: Build Package + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - name: Build package + uses: ./.github/actions/build + with: + node: ${{ env.NODE_VERSION }} + + - name: Save build artifacts + uses: actions/cache/save@v3 + with: + path: . + key: ${{ env.CACHE_KEY }} + + browserstack: + needs: build # Only run if unit tests pass + + name: BrowserStack Tests + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ env.NODE_VERSION }} + cache: npm + + - name: Restore build artifacts + uses: actions/cache/restore@v3 + with: + path: . + key: ${{ env.CACHE_KEY }} + + - name: Run tests + shell: bash + run: npm run test:e2e:browserstack + env: + BROWSERSTACK_ACCESS_KEY: ${{ secrets.BROWSERSTACK_ACCESS_KEY }} + BROWSERSTACK_USERNAME: ${{ secrets.BROWSERSTACK_USERNAME }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ce70e8f7..f47f6795 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -9,7 +9,6 @@ on: push: branches: - master - - beta schedule: - cron: '37 10 * * 2' @@ -37,7 +36,7 @@ jobs: run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Initialize CodeQL uses: github/codeql-action/init@v2 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0cdd53ca..2f79d54e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -7,24 +7,10 @@ on: description: The branch to release from required: true default: master - release-type: - description: The type of release to publish + version: + description: The version being published. This should be a valid semver version, such as `1.0.0`. required: true - default: stable - type: choice - options: - - stable - - beta - - alpha - version-number: - description: The version number to publish. For pre-releases, do not include the release type or prerelease number, as these will be appended automatically when applicable. - required: true - default: '1.0.0' - type: string - prerelease-number: - description: For pre-releases, please identify the release number (i.e. 1 for beta.1, 2 for beta.2, etc.) Ignored for stable releases. - required: true - default: '1' + default: '' type: string dry-run: type: boolean @@ -44,16 +30,14 @@ jobs: configure: name: Validate input parameters runs-on: ubuntu-latest - environment: release outputs: vtag: ${{ steps.vtag.outputs.vtag }} # The fully constructed release tag to use for publishing - release-suffix: ${{ steps.release-suffix.outputs.release-suffix }} # The release suffix to use for pre-releases, if applicable dry-run: ${{ steps.dry-run.outputs.dry-run }} # The dry-run flag to use for publishing, if applicable steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 ref: ${{ github.event.inputs.branch }} @@ -66,23 +50,13 @@ jobs: echo "dry-run=--dry-run" >> $GITHUB_ENV echo "dry-run=--dry-run" >> $GITHUB_OUTPUT - # Build the release suffix for pre-releases using the type and prerelease number, if applicable. Produces something like `-beta.1` for a beta, or `-alpha.1` for an alpha. - - id: release-suffix - if: ${{ github.event.inputs.release-type != 'stable' }} - name: Build release suffix - run: | - echo "release-suffix=-${{ github.event.inputs.release-type }}.${{ github.event.inputs.prerelease-number }}" >> $GITHUB_ENV - echo "release-suffix=-${{ github.event.inputs.release-type }}.${{ github.event.inputs.prerelease-number }}" >> $GITHUB_OUTPUT - # Build the tag string from package.json version and release suffix. Produces something like `1.0.0-beta.1` for a beta, or `1.0.0` for a stable release. - name: Build tag id: vtag run: | - PACKAGE_VERSION="${{ github.event.inputs.version-number }}" - PACKAGE_SUFFIX="${{ steps.release-suffix.outputs.release-suffix }}" - VTAG="${PACKAGE_VERSION}${PACKAGE_SUFFIX}" - echo "vtag=${VTAG}" >> $GITHUB_ENV - echo "vtag=${VTAG}" >> $GITHUB_OUTPUT + PACKAGE_VERSION="${{ github.event.inputs.version }}" + echo "vtag=${PACKAGE_VERSION}" >> $GITHUB_ENV + echo "vtag=${PACKAGE_VERSION}" >> $GITHUB_OUTPUT # Ensure tag does not already exist. - name: Validate version @@ -111,11 +85,11 @@ jobs: name: Publish to NPM runs-on: ubuntu-latest - environment: release + environment: 'release' steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 ref: ${{ github.event.inputs.branch }} @@ -141,11 +115,11 @@ jobs: name: Publish to GitHub Packages runs-on: ubuntu-latest - environment: release + environment: 'release' steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Node uses: actions/setup-node@v3 diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index ce8607f4..fc7d2eeb 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -9,7 +9,6 @@ on: push: branches: - master - - beta schedule: - cron: '30 0 1,15 * *' @@ -41,7 +40,7 @@ jobs: - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha || github.ref }} diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index 33f2871d..4b27ea3d 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -10,7 +10,6 @@ on: push: branches: - master - - beta schedule: - cron: '30 0 1,15 * *' @@ -39,7 +38,7 @@ jobs: - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha || github.ref }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3f2fce5f..7cded193 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -3,10 +3,9 @@ name: Build and Test on: merge_group: workflow_dispatch: - pull_request_target: - types: - - opened - - synchronize + pull_request: + branches: + - master push: branches: - master @@ -23,24 +22,13 @@ env: CACHE_KEY: '${{ github.event.pull_request.head.sha || github.ref }}-${{ github.run_id }}-${{ github.run_attempt }}' jobs: - authorize: - name: Authorize - environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} - runs-on: ubuntu-latest - steps: - - run: true - build: - needs: authorize # Require approval before running on forked pull requests - name: Build Package runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.sha || github.ref }} + uses: actions/checkout@v4 - name: Build package uses: ./.github/actions/build @@ -61,9 +49,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.sha || github.ref }} + uses: actions/checkout@v4 - name: Setup Node uses: actions/setup-node@v3 @@ -93,9 +79,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.sha || github.ref }} + uses: actions/checkout@v4 - name: Setup Node uses: actions/setup-node@v3 @@ -120,9 +104,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.sha || github.ref }} + uses: actions/checkout@v4 - name: Setup Node uses: actions/setup-node@v3 @@ -138,34 +120,3 @@ jobs: - name: Run tests run: npm run lint - - browserstack: - needs: unit # Only run if unit tests pass - - name: BrowserStack Tests - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.sha || github.ref }} - - - name: Setup Node - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: npm - - - name: Restore build artifacts - uses: actions/cache/restore@v3 - with: - path: . - key: ${{ env.CACHE_KEY }} - - - name: Run tests - shell: bash - run: npm run test:e2e:browserstack - env: - BROWSERSTACK_ACCESS_KEY: ${{ secrets.BROWSERSTACK_ACCESS_KEY }} - BROWSERSTACK_USERNAME: ${{ secrets.BROWSERSTACK_USERNAME }} From 664b9645d34e8f04e8c52d99a76c3989547b0918 Mon Sep 17 00:00:00 2001 From: Evan Sims Date: Wed, 6 Sep 2023 23:17:37 -0500 Subject: [PATCH 3/4] Update browserstack.yml --- .github/workflows/browserstack.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/browserstack.yml b/.github/workflows/browserstack.yml index 7da12a66..1f3cdc0d 100644 --- a/.github/workflows/browserstack.yml +++ b/.github/workflows/browserstack.yml @@ -1,4 +1,4 @@ -name: Build and Test +name: Browserstack on: merge_group: From 0ea28edc7531348d1b0f6b7ba99afe5a1f08c7a0 Mon Sep 17 00:00:00 2001 From: Evan Sims Date: Wed, 6 Sep 2023 23:21:56 -0500 Subject: [PATCH 4/4] Fix for missing build cache --- .github/actions/build/action.yml | 26 ++++++++++++++++++++++++++ .github/workflows/test.yml | 2 +- .gitignore | 4 ++-- 3 files changed, 29 insertions(+), 3 deletions(-) create mode 100644 .github/actions/build/action.yml diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml new file mode 100644 index 00000000..24029c53 --- /dev/null +++ b/.github/actions/build/action.yml @@ -0,0 +1,26 @@ +name: Build package +description: Build the SDK package + +inputs: + node: + description: The Node version to use + required: false + default: 18 + +runs: + using: composite + + steps: + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ inputs.node }} + cache: 'npm' + + - name: Install dependencies + shell: bash + run: npm ci --include=dev + + - name: Build package + shell: bash + run: npm run build diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7cded193..a38828a9 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -19,7 +19,7 @@ concurrency: env: NODE_VERSION: 18 - CACHE_KEY: '${{ github.event.pull_request.head.sha || github.ref }}-${{ github.run_id }}-${{ github.run_attempt }}' + CACHE_KEY: '${{ github.ref }}-${{ github.run_id }}-${{ github.run_attempt }}' jobs: build: diff --git a/.gitignore b/.gitignore index e85d1d06..24e54eaa 100644 --- a/.gitignore +++ b/.gitignore @@ -10,7 +10,7 @@ lib-cov *.out *.pid *.gz - + pids logs results @@ -23,7 +23,7 @@ release .DS_Store -build +/build .gitignore coverage