From bed8c42557b3383e6bef021a73df0fa5592723c2 Mon Sep 17 00:00:00 2001 From: Evan Sims Date: Mon, 18 Sep 2023 00:31:50 -0500 Subject: [PATCH 01/17] test: Migrate CI to GtiHub --- .github/actions/build/action.yml | 28 ++++++ .github/actions/prepare/action.yml | 25 ++++++ .github/dependabot.yml | 9 +- .github/workflows/browserstack.yml | 57 ++++++++++++ .github/workflows/codeql.yml | 53 +++++++++++ .github/workflows/publish.yml | 137 +++++++++++++++++++++++++++++ .github/workflows/semgrep.yml | 42 +++++++-- .github/workflows/snyk.yml | 47 ++++++++++ .github/workflows/test.yml | 75 ++++++++++++++++ 9 files changed, 462 insertions(+), 11 deletions(-) create mode 100644 .github/actions/build/action.yml create mode 100644 .github/actions/prepare/action.yml create mode 100644 .github/workflows/browserstack.yml create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/publish.yml create mode 100644 .github/workflows/snyk.yml create mode 100644 .github/workflows/test.yml diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml new file mode 100644 index 000000000..489e87710 --- /dev/null +++ b/.github/actions/build/action.yml @@ -0,0 +1,28 @@ +name: Build package +description: Build the SDK package + +inputs: + node: + description: The Node version to use + required: false + default: 18 + +runs: + using: composite + + steps: + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ inputs.node }} + cache: npm + + - name: Install dependencies + shell: bash + run: npm ci + env: + NODE_ENV: development + + - name: Build package + shell: bash + run: npm run build diff --git a/.github/actions/prepare/action.yml b/.github/actions/prepare/action.yml new file mode 100644 index 000000000..0523b7f70 --- /dev/null +++ b/.github/actions/prepare/action.yml @@ -0,0 +1,25 @@ +name: Prepare test +description: Prepare an SDK test + +inputs: + node: + description: The Node version to use + required: false + default: 18 + cache: + description: The cache key identifier to use + required: true + +runs: + using: composite + + steps: + - uses: actions/setup-node@v3 + with: + node-version: ${{ input.node }} + cache: npm + + - uses: actions/cache/restore@v3 + with: + path: . + key: ${{ input.cache }} diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 5c2596fe4..0da9efbe6 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,9 +1,14 @@ version: 2 updates: - - package-ecosystem: "npm" - directory: "/" + - package-ecosystem: "npm" + directory: "/" schedule: interval: "daily" ignore: - dependency-name: "*" update-types: ["version-update:semver-major"] + + - package-ecosystem: 'github-actions' + directory: '/' + schedule: + interval: 'daily' diff --git a/.github/workflows/browserstack.yml b/.github/workflows/browserstack.yml new file mode 100644 index 000000000..d8d8804ef --- /dev/null +++ b/.github/workflows/browserstack.yml @@ -0,0 +1,57 @@ +name: Browserstack + +on: + merge_group: + workflow_dispatch: + pull_request_target: + types: + - opened + - synchronize + push: + branches: + - main + +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + +env: + NODE_VERSION: 18 + CACHE_KEY: '${{ github.event.pull_request.head.sha || github.ref }}-${{ github.run_id }}-${{ github.run_attempt }}' + +jobs: + authorize: + name: Authorize + environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} + runs-on: ubuntu-latest + steps: + - run: true + + browserstack: + needs: authorize # Require approval before running on forked pull requests + + name: Run Tests + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - uses: ./.github/actions/build + with: + node: ${{ env.NODE_VERSION }} + + - shell: bash + run: npm i --prefix=example-app --no-package-lock + env: + NODE_ENV: development + + - shell: bash + run: npx start-server-and-test 'start:example-local' http://localhost:3000 + env: + BROWSERSTACK_ACCESS_KEY: ${{ secrets.BROWSERSTACK_ACCESS_KEY }} + BROWSERSTACK_USERNAME: ${{ secrets.BROWSERSTACK_USERNAME }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 000000000..71ca1e941 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,53 @@ +name: CodeQL + +on: + merge_group: + pull_request: + types: + - opened + - synchronize + push: + branches: + - main + schedule: + - cron: '37 10 * * 2' + +permissions: + actions: read + contents: read + security-events: write + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + +jobs: + analyze: + name: Check for Vulnerabilities + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + language: [javascript] + + steps: + - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' + run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. + + - name: Checkout + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + queries: +security-and-quality + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: '/language:${{ matrix.language }}' diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 000000000..ed02ab961 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,137 @@ +name: Publish Release + +on: + workflow_dispatch: + inputs: + branch: + description: The branch to release from + required: true + default: main + version: + description: The version being published. This should be a valid semver version, such as `1.0.0`. + required: true + default: '' + type: string + dry-run: + type: boolean + description: Perform a publishing dry run. This will not publish the release, but will validate the release and log the commands that would be run. + default: false + +permissions: + contents: read + id-token: write # For publishing to NPM with provenance. Allows developers to run `npm audit signatures` and verify release signature of SDK. @see https://github.blog/2023-04-19-introducing-npm-package-provenance/ + packages: write # For cross-publishing to GitHub Packages registry. + +env: + NODE_VERSION: 18 + NODE_ENV: development + +jobs: + configure: + name: Validate input parameters + runs-on: ubuntu-latest + + outputs: + vtag: ${{ steps.vtag.outputs.vtag }} # The fully constructed release tag to use for publishing + dry-run: ${{ steps.dry-run.outputs.dry-run }} # The dry-run flag to use for publishing, if applicable + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + ref: ${{ github.event.inputs.branch }} + + # Configure for dry-run, if applicable. @see https://docs.npmjs.com/cli/v9/commands/npm-publish#dry-run + - id: dry-run + if: ${{ github.event.inputs.dry-run == 'true' }} + name: Configure for `--dry-run` + run: | + echo "dry-run=--dry-run" >> $GITHUB_ENV + echo "dry-run=--dry-run" >> $GITHUB_OUTPUT + + # Build the tag string from package.json version and release suffix. Produces something like `1.0.0-beta.1` for a beta, or `1.0.0` for a stable release. + - name: Build tag + id: vtag + run: | + PACKAGE_VERSION="${{ github.event.inputs.version }}" + echo "vtag=${PACKAGE_VERSION}" >> $GITHUB_ENV + echo "vtag=${PACKAGE_VERSION}" >> $GITHUB_OUTPUT + + # Ensure tag does not already exist. + - name: Validate version + uses: actions/github-script@v6 + env: + vtag: ${{ env.vtag }} + with: + script: | + const releaseMeta = github.rest.repos.listReleases.endpoint.merge({ + owner: context.repo.owner, + repo: context.repo.repo, + }); + + const releases = await github.paginate(releaseMeta); + + for (const release of releases) { + if (release.name === process.env.vtag) { + throw new Error(`${process.env.vtag} already exists`); + } + } + + console.log(`${process.env.vtag} does not exist. Proceeding with release.`) + + publish-npm: + needs: configure + + name: Publish to NPM + runs-on: ubuntu-latest + environment: 'release' + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + ref: ${{ github.event.inputs.branch }} + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ env.NODE_VERSION }} + cache: npm + + - name: Install dependencies + run: npm ci + + - name: Publish release to NPM + run: npm publish --provenance --tag ${{ needs.configure.outputs.vtag }} ${{ needs.configure.outputs.dry-run }} + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + publish-gh: + needs: + - configure + - publish-npm # Don't publish to GitHub Packages until publishing to NPM is successfully completed + + name: Publish to GitHub Packages + runs-on: ubuntu-latest + environment: 'release' + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Node + uses: actions/setup-node@v3 + with: + node-version: ${{ env.NODE_VERSION }} + registry-url: 'https://npm.pkg.github.com' + cache: npm + + - name: Install dependencies + run: npm ci + + - name: Publish release to GitHub Packages + run: npm publish --provenance --tag ${{ needs.configure.outputs.vtag }} ${{ needs.configure.outputs.dry-run }} + env: + NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 916745ee4..a3aace780 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -1,24 +1,48 @@ name: Semgrep on: - pull_request: {} - + merge_group: + pull_request_target: + types: + - opened + - synchronize push: - branches: ["master", "main"] - + branches: + - main schedule: - cron: '30 0 1,15 * *' +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + jobs: - semgrep: - name: Scan + authorize: + name: Authorize + environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} runs-on: ubuntu-latest + steps: + - run: true + + run: + needs: authorize # Require approval before running on forked pull requests + + name: Check for Vulnerabilities + runs-on: ubuntu-latest + container: image: returntocorp/semgrep - # Skip any PR created by dependabot to avoid permission issues - if: (github.actor != 'dependabot[bot]') + steps: - - uses: actions/checkout@v3 + - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' + run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. + + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} - run: semgrep ci env: diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml new file mode 100644 index 000000000..8ad5b37ca --- /dev/null +++ b/.github/workflows/snyk.yml @@ -0,0 +1,47 @@ +name: Snyk + +on: + merge_group: + workflow_dispatch: + pull_request_target: + types: + - opened + - synchronize + push: + branches: + - main + schedule: + - cron: '30 0 1,15 * *' + +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + +jobs: + authorize: + name: Authorize + environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} + runs-on: ubuntu-latest + steps: + - run: true + + check: + needs: authorize + + name: Check for Vulnerabilities + runs-on: ubuntu-latest + + steps: + - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' + run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. + + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha || github.ref }} + + - uses: snyk/actions/php@b98d498629f1c368650224d6d212bf7dfa89e4bf # pin@0.4.0 + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 000000000..9ded5eb05 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,75 @@ +name: Build and Test + +on: + merge_group: + workflow_dispatch: + pull_request: + branches: + - main + push: + branches: + - main + +permissions: + contents: read + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + +env: + NODE_VERSION: 18 + CACHE_KEY: "${{ github.ref }}-${{ github.run_id }}-${{ github.run_attempt }}" + +jobs: + build: + name: Build Package + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - uses: ./.github/actions/build + with: + node: ${{ env.NODE_VERSION }} + + - name: Save build artifacts + uses: actions/cache/save@v3 + with: + path: . + key: ${{ env.CACHE_KEY }} + + unit: + needs: build # Require build to complete before running tests + + name: Run Unit Tests + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - uses: ./.github/actions/prepare + with: + node: ${{ env.NODE_VERSION }} + cache: ${{ env.CACHE_KEY }} + + - run: npm run test + + - uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # pin@3.1.4 + + lint: + needs: build # Require build to complete before running tests + + name: Lint Code + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - uses: ./.github/actions/prepare + with: + node: ${{ env.NODE_VERSION }} + cache: ${{ env.CACHE_KEY }} + + - run: npm run lint From f95aa517c317de258c5dd1e79f2e3d599b2030da Mon Sep 17 00:00:00 2001 From: Evan Sims Date: Mon, 18 Sep 2023 00:35:35 -0500 Subject: [PATCH 02/17] Update action.yml --- .github/actions/prepare/action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/prepare/action.yml b/.github/actions/prepare/action.yml index 0523b7f70..4d2915619 100644 --- a/.github/actions/prepare/action.yml +++ b/.github/actions/prepare/action.yml @@ -16,10 +16,10 @@ runs: steps: - uses: actions/setup-node@v3 with: - node-version: ${{ input.node }} + node-version: ${{ inputs.node }} cache: npm - uses: actions/cache/restore@v3 with: path: . - key: ${{ input.cache }} + key: ${{ inputs.cache }} From 662360e36f0843229cdcf5a674da5e9bb5dd5bbe Mon Sep 17 00:00:00 2001 From: Evan Sims Date: Mon, 18 Sep 2023 11:00:20 -0500 Subject: [PATCH 03/17] Update action.yml --- .github/actions/build/action.yml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/actions/build/action.yml b/.github/actions/build/action.yml index 489e87710..b67c2b0ae 100644 --- a/.github/actions/build/action.yml +++ b/.github/actions/build/action.yml @@ -11,18 +11,20 @@ runs: using: composite steps: - - name: Setup Node - uses: actions/setup-node@v3 + - uses: actions/setup-node@v3 with: node-version: ${{ inputs.node }} cache: npm - - name: Install dependencies - shell: bash + - shell: bash run: npm ci env: NODE_ENV: development - - name: Build package - shell: bash + - shell: bash + run: npm run install:example + env: + NODE_ENV: development + + - shell: bash run: npm run build From 32f77909b942aa0d790e653e2a94c8b9ae23e3d7 Mon Sep 17 00:00:00 2001 From: Evan Sims Date: Mon, 18 Sep 2023 11:00:22 -0500 Subject: [PATCH 04/17] Update publish.yml --- .github/workflows/publish.yml | 29 +---------------------------- 1 file changed, 1 insertion(+), 28 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index ed02ab961..c2efb4f8c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -99,6 +99,7 @@ jobs: with: node-version: ${{ env.NODE_VERSION }} cache: npm + registry-url: 'https://registry.npmjs.org' - name: Install dependencies run: npm ci @@ -107,31 +108,3 @@ jobs: run: npm publish --provenance --tag ${{ needs.configure.outputs.vtag }} ${{ needs.configure.outputs.dry-run }} env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - publish-gh: - needs: - - configure - - publish-npm # Don't publish to GitHub Packages until publishing to NPM is successfully completed - - name: Publish to GitHub Packages - runs-on: ubuntu-latest - environment: 'release' - - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup Node - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - registry-url: 'https://npm.pkg.github.com' - cache: npm - - - name: Install dependencies - run: npm ci - - - name: Publish release to GitHub Packages - run: npm publish --provenance --tag ${{ needs.configure.outputs.vtag }} ${{ needs.configure.outputs.dry-run }} - env: - NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 3f0984e1305b5e35943ce76fde43da5fdc669bd8 Mon Sep 17 00:00:00 2001 From: Evan Sims Date: Mon, 18 Sep 2023 11:00:24 -0500 Subject: [PATCH 05/17] Update test.yml --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9ded5eb05..88264ec20 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -54,7 +54,7 @@ jobs: node: ${{ env.NODE_VERSION }} cache: ${{ env.CACHE_KEY }} - - run: npm run test + - run: npm test - uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # pin@3.1.4 From 7a4ab224faf69230a74786b7825f441ffd0b1b2b Mon Sep 17 00:00:00 2001 From: frederikprijck Date: Mon, 18 Sep 2023 21:05:11 +0200 Subject: [PATCH 06/17] Build test harness before running tests --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 88264ec20..dd75c3810 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -54,6 +54,7 @@ jobs: node: ${{ env.NODE_VERSION }} cache: ${{ env.CACHE_KEY }} + - run: npm run build:test - run: npm test - uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # pin@3.1.4 From 9d70179a0a539fc08f2fd5db8fa2c9ef01f4ed74 Mon Sep 17 00:00:00 2001 From: frederikprijck Date: Mon, 18 Sep 2023 21:12:12 +0200 Subject: [PATCH 07/17] Build before running tests --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index dd75c3810..66b91c097 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -54,6 +54,7 @@ jobs: node: ${{ env.NODE_VERSION }} cache: ${{ env.CACHE_KEY }} + - run: npm run build - run: npm run build:test - run: npm test From 145a7d0e017f9486cf594e74d56c377e39b9ac9f Mon Sep 17 00:00:00 2001 From: frederikprijck Date: Mon, 18 Sep 2023 21:52:22 +0200 Subject: [PATCH 08/17] run same steps as circle --- .github/workflows/test.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 66b91c097..8300dd73e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -53,7 +53,8 @@ jobs: with: node: ${{ env.NODE_VERSION }} cache: ${{ env.CACHE_KEY }} - + - run: nom ci + - run: npm run install:example - run: npm run build - run: npm run build:test - run: npm test From e8355d65217253a269fb25c1b52cc9f1baabab0b Mon Sep 17 00:00:00 2001 From: frederikprijck Date: Mon, 18 Sep 2023 21:55:22 +0200 Subject: [PATCH 09/17] fix typo --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8300dd73e..e6f87f379 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -53,7 +53,7 @@ jobs: with: node: ${{ env.NODE_VERSION }} cache: ${{ env.CACHE_KEY }} - - run: nom ci + - run: npm ci - run: npm run install:example - run: npm run build - run: npm run build:test From 110abcc3d8ac1db56056e77841a5f278a22b5904 Mon Sep 17 00:00:00 2001 From: frederikprijck Date: Mon, 18 Sep 2023 22:50:45 +0200 Subject: [PATCH 10/17] revert --- .github/workflows/test.yml | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index e6f87f379..ec06ccb70 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -48,15 +48,7 @@ jobs: steps: - uses: actions/checkout@v4 - - - uses: ./.github/actions/prepare - with: - node: ${{ env.NODE_VERSION }} - cache: ${{ env.CACHE_KEY }} - - run: npm ci - - run: npm run install:example - - run: npm run build - - run: npm run build:test + - run: npm test - uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # pin@3.1.4 From 65ea97b213136a394934e199506b15559495205f Mon Sep 17 00:00:00 2001 From: frederikprijck Date: Mon, 18 Sep 2023 22:54:01 +0200 Subject: [PATCH 11/17] Run unit tests on macos --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ec06ccb70..d36067acc 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -44,11 +44,11 @@ jobs: needs: build # Require build to complete before running tests name: Run Unit Tests - runs-on: ubuntu-latest + runs-on: macos-13 steps: - uses: actions/checkout@v4 - + - run: npm test - uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # pin@3.1.4 From 611b862e271e7be26a520046bd25a29cefe11ce0 Mon Sep 17 00:00:00 2001 From: frederikprijck Date: Mon, 18 Sep 2023 22:56:50 +0200 Subject: [PATCH 12/17] bring back prepare --- .github/workflows/test.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d36067acc..314ea3093 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -49,6 +49,11 @@ jobs: steps: - uses: actions/checkout@v4 + - uses: ./.github/actions/prepare + with: + node: ${{ env.NODE_VERSION }} + cache: ${{ env.CACHE_KEY }} + - run: npm test - uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # pin@3.1.4 From d7860d0048c0675587e8efd07b5fe4e79d2c5d1d Mon Sep 17 00:00:00 2001 From: frederikprijck Date: Mon, 18 Sep 2023 23:11:22 +0200 Subject: [PATCH 13/17] Revert macos --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 314ea3093..88264ec20 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -44,7 +44,7 @@ jobs: needs: build # Require build to complete before running tests name: Run Unit Tests - runs-on: macos-13 + runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 From 5d932c79ba1fa587b3d8e2b3a5e3c18b9512f411 Mon Sep 17 00:00:00 2001 From: Adam Mcgrath Date: Thu, 12 Oct 2023 14:56:34 +0100 Subject: [PATCH 14/17] Fix bs action --- .github/workflows/browserstack.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/browserstack.yml b/.github/workflows/browserstack.yml index d8d8804ef..e7d9ddc18 100644 --- a/.github/workflows/browserstack.yml +++ b/.github/workflows/browserstack.yml @@ -3,7 +3,7 @@ name: Browserstack on: merge_group: workflow_dispatch: - pull_request_target: + pull_request: types: - opened - synchronize @@ -15,7 +15,7 @@ permissions: contents: read concurrency: - group: ${{ github.workflow }}-${{ github.ref }} + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} env: @@ -51,7 +51,7 @@ jobs: NODE_ENV: development - shell: bash - run: npx start-server-and-test 'start:example-local' http://localhost:3000 + run: npx start-server-and-test "start:example-local" http://localhost:3000 "browserstack-cypress run --build-name ${{ github.event.pull_request.head.sha || github.ref }} --no-wrap" env: BROWSERSTACK_ACCESS_KEY: ${{ secrets.BROWSERSTACK_ACCESS_KEY }} BROWSERSTACK_USERNAME: ${{ secrets.BROWSERSTACK_USERNAME }} From 387494172418f7e3a4f90b12df71dacd95b10150 Mon Sep 17 00:00:00 2001 From: Adam Mcgrath Date: Thu, 12 Oct 2023 15:40:42 +0100 Subject: [PATCH 15/17] Add test secret --- example-app/server.js | 1 + 1 file changed, 1 insertion(+) diff --git a/example-app/server.js b/example-app/server.js index eb2036f36..a243ccf97 100644 --- a/example-app/server.js +++ b/example-app/server.js @@ -6,6 +6,7 @@ const port = +(process.env.PORT || 3000); const app = next({ dev: true, hostname: 'localhost', port }); const handle = app.getRequestHandler(); +process.env.AUTH0_SECRET = 'testing123'; process.env.AUTH0_ISSUER_BASE_URL = `http://localhost:${port}/oidc/`; process.env.AUTH0_CLIENT_ID = 'testing'; process.env.AUTH0_CLIENT_SECRET = 'testing'; From 7d93801c6833063556b3bf5e48861ffbb810801a Mon Sep 17 00:00:00 2001 From: Adam Mcgrath Date: Fri, 13 Oct 2023 13:11:57 +0100 Subject: [PATCH 16/17] Add test base url --- example-app/server.js | 1 + 1 file changed, 1 insertion(+) diff --git a/example-app/server.js b/example-app/server.js index a243ccf97..6312318c0 100644 --- a/example-app/server.js +++ b/example-app/server.js @@ -6,6 +6,7 @@ const port = +(process.env.PORT || 3000); const app = next({ dev: true, hostname: 'localhost', port }); const handle = app.getRequestHandler(); +process.env.AUTH0_BASE_URL = 'http://localhost:3000'; process.env.AUTH0_SECRET = 'testing123'; process.env.AUTH0_ISSUER_BASE_URL = `http://localhost:${port}/oidc/`; process.env.AUTH0_CLIENT_ID = 'testing'; From c6839a670527647719ad42f372a14563dfbb5ed9 Mon Sep 17 00:00:00 2001 From: Adam Mcgrath Date: Fri, 13 Oct 2023 13:21:01 +0100 Subject: [PATCH 17/17] Remove CircleCI --- .circleci/config.yml | 55 -------------------------------------------- 1 file changed, 55 deletions(-) delete mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index f4afbc770..000000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,55 +0,0 @@ -version: 2.1 -orbs: - ship: auth0/ship@0.7.7 -jobs: - build: - docker: - - image: cimg/node:lts-browsers - resource_class: 2xlarge - steps: - - checkout - - restore_cache: - key: dependencies-{{ .Branch }}-{{ checksum "package-lock.json" }}-{{ checksum "example-app/package.json" }} - - run: npm ci - - run: - name: npm run install:example - command: | - if [ -z "$CIRCLE_PR_NUMBER" ]; then - npm run install:example - fi - - save_cache: - key: dependencies-{{ .Branch }}-{{ checksum "package-lock.json" }}-{{ checksum "example-app/package.json" }} - paths: - - ~/.npm - - ~/.cache - - run: npm run build - - run: npm test - - run: npm run lint - - run: - name: browserstack - command: | - if [ -z "$CIRCLE_PR_NUMBER" ]; then - npx start-server-and-test 'start:example-local' http://localhost:3000 'browserstack-cypress run --build-name $CIRCLE_BRANCH --no-wrap' - fi - - store_test_results: - path: test-results - - store_artifacts: - path: cypress/videos - - store_artifacts: - path: cypress/screenshots -workflows: - Build and Test: - jobs: - - build: - context: - - browserstack-env - - ship/node-publish: - requires: - - build - context: - - publish-npm - - publish-gh - filters: - branches: - only: - - main