-
Notifications
You must be signed in to change notification settings - Fork 37
296 lines (276 loc) · 13.4 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
# TODO: See if we can automate wallet version bumps
name: Talisman CI
on:
push:
branches: ["dev"]
pull_request:
types: [opened, synchronize]
concurrency:
# only run 1 job per branch/pr/etc at a time
# (afaik this prevents a race condition in changesets version bumps)
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
# This job will build and test the talisman wallet
build:
name: "Build and test the wallet"
timeout-minutes: 15
runs-on: ubuntu-latest
# To use Remote Caching, uncomment the next lines and follow the steps below.
# env:
# TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
# TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
fetch-depth: 2 # also get the previous commit
- name: Enable corepack
run: corepack enable
- name: Setup pnpm
uses: pnpm/action-setup@v4
- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version: 18
cache: pnpm
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Test
run: pnpm preconstruct:dev && pnpm test
- name: Extract short SHA + package version
id: vars
run: |
sha_short=$(git rev-parse --short HEAD)
echo "sha_short=$sha_short" >> $GITHUB_OUTPUT
npm_package_version=$(cat apps/extension/package.json | jq -r .version)
echo "npm_package_version=$npm_package_version" >> $GITHUB_OUTPUT
- name: Extract translatable strings
run: pnpm chore:update-translations
- name: Upload translatable strings
uses: simplelocalize/github-action-cli@v1
with:
api-key: ${{ secrets.SIMPLE_LOCALIZE_API_KEY }}
command: "upload"
cli-version: "2.2.0"
args: "--apiKey ${{ secrets.SIMPLE_LOCALIZE_API_KEY }}"
- name: Build
run: pnpm build:extension:ci
env:
COMMIT_SHA_SHORT: ${{ steps.vars.outputs.sha_short }}
API_KEY_ONFINALITY: ${{ secrets.API_KEY_ONFINALITY }}
POSTHOG_AUTH_TOKEN: ${{ secrets.POSTHOG_AUTH_TOKEN }}
SIMPLE_LOCALIZE_API_KEY: ${{ secrets.SIMPLE_LOCALIZE_API_KEY }}
SIMPLE_LOCALIZE_PROJECT_TOKEN: ${{ secrets.SIMPLE_LOCALIZE_PROJECT_TOKEN }}
# SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
# SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
- name: Upload build artifacts
uses: actions/upload-artifact@v3
with:
name: build
path: ./apps/extension/dist/chrome/talisman_extension_ci_${{ steps.vars.outputs.sha_short }}_chrome.zip
retention-days: 5
# This job will build and publish a snapshot version of the packages which have changesets in this PR
publish_snapshot:
name: "Publish a snapshot version of any packages with changesets in this PR to npm"
timeout-minutes: 15
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
fetch-depth: 2 # also get the previous commit
- name: Enable corepack
run: corepack enable
- name: Setup pnpm
uses: pnpm/action-setup@v4
- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version: 18
cache: pnpm
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Bump changed package versions to a snapshot version
run: pnpm changeset version --snapshot pr${{ github.event.pull_request.number }}
- name: Build snapshot packages
run: pnpm build:packages
- name: Set publish config
run: pnpm config set '//registry.npmjs.org/:_authToken' "${PNPM_TOKEN}"
env:
PNPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Publish snapshot packages
run: pnpm --filter './packages/*' publish --no-git-checks --access public --tag pr${{ github.event.pull_request.number }}
# This job will check for changed packages in this PR, and will comment on the PR if any changed packages do not yet have changesets
ensure_pr_has_changeset:
name: "Check that changed packages have changesets in the current PR"
timeout-minutes: 15
runs-on: ubuntu-latest
if: github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'dev'
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
# fetch all branches on the repo
# (we need this in order to compare the changes between this PR and the default branch)
fetch-depth: 0
- name: Enable corepack
run: corepack enable
- name: Setup pnpm
uses: pnpm/action-setup@v4
- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version: 18
cache: pnpm
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Compile list of changed files
id: changed-files
# this will find the files which have been changed in this PR
run: |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
HEAD_REF="remotes/origin/${{ github.event.pull_request.head.ref }}"
BASE_REF="remotes/origin/${{ github.event.pull_request.base.ref }}"
echo "CHANGED_FILES<<$EOF" >> "$GITHUB_OUTPUT"
git diff --name-only $HEAD_REF $(git merge-base $HEAD_REF $BASE_REF) >> $GITHUB_OUTPUT
echo "$EOF" >> "$GITHUB_OUTPUT"
- name: Compile list of changed packages
id: changed-packages
# this will turn the list of files changed by this PR into a list of packages changed by this PR
run: |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
FILES_IN_PACKAGES="$(echo '${{ steps.changed-files.outputs.CHANGED_FILES }}' | { grep ^packages || true; } | { grep -v -e '^packages/extension-core' -e '^packages/extension-shared' -e '^packages/talisman-ui' || true; })"
if [[ $FILES_IN_PACKAGES != '' ]]; then
UNIQ_PACKAGE_DIRS="$(echo $FILES_IN_PACKAGES | cut -d/ -f1-2 | sort | uniq)"
UNIQ_PACKAGE_JSONS="$(find $UNIQ_PACKAGE_DIRS -name node_modules -prune -o -name package.json -print || true)"
UNIQ_PACKAGE_NAMES="$(echo $UNIQ_PACKAGE_JSONS | xargs jq .name | sort | uniq | { grep -v null || true; })"
else
UNIQ_PACKAGE_NAMES=""
fi
echo "CHANGED_PACKAGES<<$EOF" >> "$GITHUB_OUTPUT"
echo $UNIQ_PACKAGE_NAMES >> $GITHUB_OUTPUT
echo "$EOF" >> "$GITHUB_OUTPUT"
- name: Compile list of packages with changesets
id: changesets
# this will find the packages which have changesets in this PR
# need to use temporary file `changeset-status.json` until one of these are fixed:
# https://github.com/changesets/changesets/issues/1020
# https://github.com/changesets/changesets/issues/1021
run: |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
BASE_REF="remotes/origin/${{ github.event.pull_request.base.ref }}"
echo "CHANGESETS<<$EOF" >> "$GITHUB_OUTPUT"
pnpm changeset status --since $BASE_REF --output changeset-status.json && cat changeset-status.json | jq '.releases[] | select(.changesets | length > 0) | .name' | sort | uniq >> $GITHUB_OUTPUT
echo "$EOF" >> "$GITHUB_OUTPUT"
- name: Check if any changed packages don't have changesets
id: without-changesets
run: |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
echo "WITHOUT_CHANGESETS<<$EOF" >> "$GITHUB_OUTPUT"
comm -23 <(echo '${{ steps.changed-packages.outputs.CHANGED_PACKAGES }}') <(echo '${{ steps.changesets.outputs.CHANGESETS }}') >> $GITHUB_OUTPUT
echo "$EOF" >> "$GITHUB_OUTPUT"
- name: Set IS_MISSING_CHANGESETS var
id: is-missing-changesets
run: echo IS_MISSING_CHANGESETS=$([[ '${{ steps.without-changesets.outputs.WITHOUT_CHANGESETS }}' == '' ]] && echo no || echo yes) >> $GITHUB_OUTPUT
- name: Debug action variables
run: |
echo '**Debug output for `ensure_pr_has_changeset` action**' >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
echo "--CHANGED_FILES--" >> $GITHUB_STEP_SUMMARY
echo '${{ steps.changed-files.outputs.CHANGED_FILES }}' >> $GITHUB_STEP_SUMMARY
echo "--CHANGED_PACKAGES--" >> $GITHUB_STEP_SUMMARY
echo '${{ steps.changed-packages.outputs.CHANGED_PACKAGES }}' >> $GITHUB_STEP_SUMMARY
echo "--CHANGESETS--" >> $GITHUB_STEP_SUMMARY
echo '${{ steps.changesets.outputs.CHANGESETS }}' >> $GITHUB_STEP_SUMMARY
echo "--WITHOUT_CHANGESETS--" >> $GITHUB_STEP_SUMMARY
echo '${{ steps.without-changesets.outputs.WITHOUT_CHANGESETS }}' >> $GITHUB_STEP_SUMMARY
echo "--IS_MISSING_CHANGESETS--" >> $GITHUB_STEP_SUMMARY
echo '${{ steps.is-missing-changesets.outputs.IS_MISSING_CHANGESETS }}' >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY
- name: Comment on the PR to indicate which packages they should add a changeset to
uses: thollander/actions-comment-pull-request@v2
if: steps.is-missing-changesets.outputs.IS_MISSING_CHANGESETS == 'yes'
with:
comment_tag: "missing-changesets"
message: |
### :boom: No changeset(s) detected
This PR is missing changesets for the following packages:
```
${{ steps.without-changesets.outputs.WITHOUT_CHANGESETS }}
```
Please add a changeset for these packages.
You can do so by running `pnpm changeset` in your local development environment.
Not sure what this means? [Click here to learn what changesets are](https://github.com/changesets/changesets/blob/main/docs/adding-a-changeset.md).
- name: Update PR comment to indicate that all packages have changesets
uses: thollander/actions-comment-pull-request@v2
if: steps.is-missing-changesets.outputs.IS_MISSING_CHANGESETS == 'no' && steps.changed-packages.outputs.CHANGED_PACKAGES != ''
with:
comment_tag: "missing-changesets"
create_if_not_exists: false
message: |
### :butterfly: Changeset(s) detected
This PR includes changeset(s) for the following changed packages:
```
${{ steps.changesets.outputs.CHANGESETS }}
```
Not sure what this means? [Click here to learn what changesets are](https://github.com/changesets/changesets/blob/main/docs/adding-a-changeset.md).
- name: Update PR comment to indicate that no changesets are needed
uses: thollander/actions-comment-pull-request@v2
if: steps.is-missing-changesets.outputs.IS_MISSING_CHANGESETS == 'no' && steps.changed-packages.outputs.CHANGED_PACKAGES == ''
with:
comment_tag: "missing-changesets"
create_if_not_exists: false
message: |
### :sparkles: No changeset(s) required
This PR does not include any package changes, and so it does not require any changesets to be added.
Not sure what this means? [Click here to learn what changesets are](https://github.com/changesets/changesets/blob/main/docs/adding-a-changeset.md).
- name: Fail job if some packages don't have a changeset
if: steps.is-missing-changesets.outputs.IS_MISSING_CHANGESETS == 'yes'
run: exit 1
# When a PR is merged into dev, this job will create a PR to version bump the packages which have changesets
# When the PR is merged, this job will publish the new package versions to npm
release_changesets:
name: "Create a PR to bump package versions on dev, and publish the new versions to npm when the PR is merged"
timeout-minutes: 15
runs-on: ubuntu-latest
if: github.event_name == 'push' && github.event.ref == 'refs/heads/dev'
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
fetch-depth: 2 # also get the previous commit
- name: Enable corepack
run: corepack enable
- name: Setup pnpm
uses: pnpm/action-setup@v4
- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version: 18
cache: pnpm
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Create pull request
id: changesets
uses: changesets/action@v1
with:
commit: "chore: bump package versions"
title: "chore: bump package versions"
createGithubReleases: false
env:
# GITHUB_TOKEN is automatically added into the ENV by GitHub CI
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build packages
if: steps.changesets.outputs.hasChangesets == 'false'
run: pnpm build:packages
- name: Set publish config
if: steps.changesets.outputs.hasChangesets == 'false'
run: pnpm config set '//registry.npmjs.org/:_authToken' "${PNPM_TOKEN}"
env:
PNPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Publish packages
if: steps.changesets.outputs.hasChangesets == 'false'
run: pnpm --filter './packages/*' publish --no-git-checks --access public