-
Notifications
You must be signed in to change notification settings - Fork 1
132 lines (126 loc) · 3.74 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: ⛷ PR tests
env:
CI: true
NODE_VERSION: 18
defaults:
run:
shell: bash
on:
pull_request:
types: [opened, synchronize, reopened]
jobs:
test:
runs-on: ubuntu-latest
services:
# Postgres image for backend integration tests
postgres:
image: postgres:14-alpine
env:
POSTGRES_DB: seed
POSTGRES_USER: seed
POSTGRES_PASSWORD: Ge0rgesMoustaki
ports:
# Maps tcp port 5432 on service container to the host
- 5434:5432
# Set health checks to wait until postgres has started
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Install pnpm
uses: pnpm/action-setup@v4
with:
version: 9.4.0
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'pnpm'
- name: Install dependencies
run: pnpm install
- name: linters
run: pnpm lint
- name: build
run: pnpm build
- name: Tests
run: pnpm test
- name: Dependency Cruiser
run: pnpm test:circular
security-check:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Install pnpm
uses: pnpm/action-setup@v4
with:
version: 9.4.0
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'pnpm'
- name: Install dependencies
run: pnpm install
- name: Check for vulnerable dependencies
run: pnpm run security
frontend_build_and_deploy:
needs: test
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
env:
surge_url: wfp-dmp-${{ github.event.pull_request.number }}.surge.sh
steps:
- uses: actions/checkout@v3
- uses: pnpm/[email protected]
- name: Setup Node.js
id: setup-node
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
cache: 'pnpm'
- name: Log pnpm version
run: pnpm --version
- name: Check lockfile version
run: |
if grep -q '"lockfileVersion":' ../../pnpm-lock.yaml; then
echo "Lockfile version: $(grep '"lockfileVersion":' ../../pnpm-lock.yaml)";
else
echo "Lockfile version not found";
fi
- name: Install frontend dependencies
run: pnpm install --frozen-lockfile
- name: Clean build folder
run: rm -rf apps/frontend/out
- name: Build Interfaces & Frontend
run: pnpm turbo build
env:
NEXT_PUBLIC_API_BASE_URL: https://api-dmp.ovio.org
- name: Export to static HTML
run: |
cd apps/frontend
./gen_env.sh staging
cd out
cp index.html 200.html
- name: Deploy on surge
uses: dswistowski/surge-sh-action@v1
with:
domain: ${{ env.surge_url }}
project: "apps/frontend/out/."
login: ${{ secrets.surge_login }}
token: ${{ secrets.surge_token }}
- name: Get current date
id: date
run: echo "::set-output name=date::$(date +'%Y-%m-%dT%H:%M:%S')"
- name: Comment PR
uses: marocchino/sticky-pull-request-comment@v1
continue-on-error: true
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
message: |
Build succeeded and deployed at https://${{ env.surge_url }}
(hash ${{ github.event.pull_request.head.sha }} deployed at ${{ steps.date.outputs.date }})