-
Notifications
You must be signed in to change notification settings - Fork 32
188 lines (166 loc) · 6.86 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
name: Node CI
on: [push]
jobs:
test:
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, 'ci skip') && !contains(github.event.head_commit.message, 'skip ci')"
name: Run unit tests
env:
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
NX_BRANCH: ${{ github.event.number || github.ref_name }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
# We need to fetch all branches and commits so that Nx affected has a base to compare against.
fetch-depth: 0
- uses: nrwl/nx-set-shas@v3
- name: Setup .npmrc file for NPM registry
uses: actions/setup-node@v4
with:
node-version: '20'
registry-url: 'https://registry.npmjs.org'
cache: 'npm'
- name: Install dependencies
run: npm ci --no-audit
- name: Check types
run: npm exec nx affected -- --target typecheck --parallel
- name: Lint
run: npm exec nx affected -- --target lint --parallel
- name: Unit tests
run: npm exec nx affected -- --target test --ci
- name: Build all packages
run: npm run build
generate-plugins:
name: Test plugin scaffolding
if: "!contains(github.event.head_commit.message, 'ci skip') && !contains(github.event.head_commit.message, 'skip ci')"
needs: [test]
runs-on: ubuntu-latest
strategy:
matrix:
include:
- cmd: generate-app
hasBackend: false
- cmd: generate-app-backend
hasBackend: true
- cmd: generate-panel
hasBackend: false
- cmd: generate-datasource
hasBackend: false
- cmd: generate-datasource-backend
hasBackend: true
- cmd: generate-scenes-app
hasBackend: false
env:
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
NX_BRANCH: ${{ github.event.number || github.ref_name }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
# We need to fetch all branches and commits so that Nx affected has a base to compare against.
fetch-depth: 0
- uses: nrwl/nx-set-shas@v3
- name: Setup .npmrc file for NPM registry
uses: actions/setup-node@v4
with:
node-version: '20'
registry-url: 'https://registry.npmjs.org'
cache: 'npm'
- name: Install package dependencies
run: npm ci --no-audit
- name: Generate plugin
run: npm exec nx run @grafana/create-plugin:${{ matrix.cmd }}
- name: Restore cached generated plugin dependencies
id: cache-generated-deps-restore
uses: actions/cache/restore@v3
with:
path: |
./packages/create-plugin/generated/package-lock.json
./packages/create-plugin/generated/node_modules
key: ${{ matrix.cmd }}-${{ hashFiles('./packages/create-plugin/generated/package-lock.json') }}
- name: Install generated plugin dependencies
run: npm install --prefer-offline --no-audit
working-directory: ./packages/create-plugin/generated
- name: Lint plugin frontend
run: npm run lint
working-directory: ./packages/create-plugin/generated
- name: Build plugin frontend
run: npm run build
working-directory: ./packages/create-plugin/generated
- name: '@grafana/sign-plugin - build'
if: ${{ matrix.cmd == 'generate-panel' && github.actor != 'dependabot[bot]' }}
env:
GRAFANA_ACCESS_POLICY_TOKEN: ${{ secrets.GRAFANA_ACCESS_POLICY_TOKEN }}
run: npm exec nx run @grafana/sign-plugin:build
- name: '@grafana/sign-plugin - use GRAFANA_ACCESS_POLICY_TOKEN to sign generate-panel plugin'
if: ${{ matrix.cmd == 'generate-panel' && github.actor != 'dependabot[bot]' }}
env:
GRAFANA_ACCESS_POLICY_TOKEN: ${{ secrets.GRAFANA_ACCESS_POLICY_TOKEN }}
run: node ../../sign-plugin/dist/bin/run.js --rootUrls http://www.example.com --signatureType private
working-directory: ./packages/create-plugin/generated
- name: '@grafana/sign-plugin - use GRAFANA_API_KEY to sign generate-panel plugin'
if: ${{ matrix.cmd == 'generate-panel' && github.actor != 'dependabot[bot]' }}
env:
GRAFANA_API_KEY: ${{ secrets.GRAFANA_API_KEY }}
run: node ../../sign-plugin/dist/bin/run.js --rootUrls http://www.example.com --signatureType private
working-directory: ./packages/create-plugin/generated
- name: Save generated plugin dependencies
id: cache-generated-deps-save
if: ${{ steps.cache-generated-deps-restore.outputs.cache-hit != 'true' }}
uses: actions/cache/save@v3
with:
path: |
./packages/create-plugin/generated/package-lock.json
./packages/create-plugin/generated/node_modules
key: ${{ matrix.cmd }}-${{ hashFiles('./packages/create-plugin/generated/package-lock.json') }}
- uses: actions/setup-go@v4
with:
go-version: '~1.20'
check-latest: true
cache-dependency-path: ./packages/create-plugin/generated/go.sum
if: ${{ matrix.hasBackend == true }}
- name: Build plugin backend
uses: magefile/mage-action@v3
with:
version: latest
args: -v build:linux
workdir: ./packages/create-plugin/generated
if: ${{ matrix.hasBackend == true }}
release:
runs-on: ubuntu-latest
needs: [test, generate-plugins]
if: "!contains(github.event.head_commit.message, 'ci skip') && !contains(github.event.head_commit.message, 'skip ci') && github.actor != 'dependabot[bot]'"
name: Release packages
env:
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
NX_BRANCH: ${{ github.event.number || github.ref_name }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a
with:
app_id: ${{ secrets.PLUGINS_PLATFORM_BOT_APP_ID }}
private_key: ${{ secrets.PLUGINS_PLATFORM_BOT_APP_PEM }}
- uses: actions/checkout@v4
with:
token: ${{ steps.generate_token.outputs.token }}
- name: Prepare repository
run: git fetch --unshallow --tags
- name: Setup environment
uses: actions/setup-node@v4
with:
node-version: '20'
registry-url: 'https://registry.npmjs.org'
cache: 'npm'
- name: Install dependencies
run: npm ci --no-audit
- name: Build
run: npm run build
- name: Create Release
env:
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
run: npm run release