Updates readme for action hooks to reflect present state of the featu… #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
jobs: | |
test: | |
name: Unit tests | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 30 | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
# See nx recipe: https://nx.dev/recipes/ci/monorepo-ci-github-actions | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
fetch-depth: 0 # nx recipe | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
registry-url: 'https://registry.npmjs.org' | |
cache: yarn | |
- name: Use Github Personal Access Token | |
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/ | |
- uses: nrwl/nx-set-shas@v3 # nx recipe | |
- name: Install Dependencies | |
run: yarn install --frozen-lockfile | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Build (Affected) | |
run: NODE_ENV=production yarn nx affected -t build --parallel=3 # nx recipe | |
- name: Test (Affected) | |
run: yarn nx affected -t test --parallel=3 # nx recipe | |
lint: | |
name: Lint | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 20 | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
fetch-depth: 0 # nx recipe | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
registry-url: 'https://registry.npmjs.org' | |
cache: yarn | |
- name: Use Github Personal Access Token | |
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/ | |
- uses: nrwl/nx-set-shas@v3 # nx recipe | |
- name: Install Dependencies | |
run: yarn install --frozen-lockfile | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Build # TODO: This monorepo should be refactored so packages can be linted invidually. "affected" will not work ATM. | |
run: NODE_ENV=production yarn build # nx recipe | |
- name: Lint | |
env: | |
NODE_OPTIONS: '--max-old-space-size=4096' | |
run: yarn lint | |
validate: | |
name: Validate | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 20 | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
fetch-depth: 0 # nx recipe | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
registry-url: 'https://registry.npmjs.org' | |
cache: yarn | |
- name: Use Github Personal Access Token | |
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/ | |
- uses: nrwl/nx-set-shas@v3 # nx recipe | |
- name: Install Dependencies | |
run: yarn install --frozen-lockfile | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Assert yarn.lock is up-to-date | |
run: bash scripts/assert-lockfile-updated.sh | |
- name: Build # TODO: This monorepo should be refactored so packages can be linted invidually. "affected" will not work ATM. | |
run: NODE_ENV=production yarn build # nx recipe | |
- name: Validate Definitions | |
run: yarn validate | |
- name: Destination Subscription Size | |
run: | | |
if $(lerna changed | grep -q destination-subscriptions); then | |
yarn subscriptions size | |
fi | |
- name: Assert generated types are up-to-date | |
run: bash scripts/assert-types-updated.sh | |
browser-destination-bundle-qa: | |
name: Browser Destination Bundle QA | |
# env: # Disable saucelabs - we blew through our quota. | |
# SAUCE_USERNAME: ${{secrets.SAUCE_USERNAME}} | |
# SAUCE_ACCESS_KEY: ${{secrets.SAUCE_ACCESS_KEY}} | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 20 | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
registry-url: 'https://registry.npmjs.org' | |
cache: yarn | |
- name: Use Github Personal Access Token | |
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/ | |
- name: Install Dependencies | |
run: yarn install --frozen-lockfile | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Build | |
run: NODE_ENV=production yarn build:browser-bundles | |
- name: Size Limit | |
run: yarn browser size | |
# - name: Run Saucelabs Tests | |
# working-directory: packages/browser-destinations-integration-tests | |
# shell: bash | |
# run: | | |
# yarn start-destination-server & | |
# yarn test:sauce | |
browser-tests-core: | |
name: 'Browser tests: actions-core' | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 10 | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v2 | |
with: | |
node-version: ${{ matrix.node-version }} | |
registry-url: 'https://registry.npmjs.org' | |
- name: Get yarn cache directory path | |
id: yarn-cache-dir-path | |
run: echo "::set-output name=dir::$(yarn cache dir)" | |
- uses: actions/cache@v2 | |
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`) | |
with: | |
path: ${{ steps.yarn-cache-dir-path.outputs.dir }} | |
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} | |
restore-keys: | | |
${{ runner.os }}-yarn- | |
- name: Use Github Personal Access Token | |
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/ | |
- name: Install Dependencies | |
run: yarn install --frozen-lockfile | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Install Browser Dependencies | |
run: npx playwright install-deps | |
- name: Build | |
run: NODE_ENV=production yarn lerna run build --scope=@segment/actions-core --include-dependencies --stream | |
- name: Browser Test | |
run: yarn test-browser | |
snyk: | |
name: Snyk | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 5 | |
strategy: | |
matrix: | |
node-version: [18.x] | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
persist-credentials: false | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v2 | |
with: | |
node-version: ${{ matrix.node-version }} | |
registry-url: https://registry.npmjs.org | |
- name: Get yarn cache directory path | |
id: yarn-cache-dir-path | |
run: echo "::set-output name=dir::$(yarn cache dir)" | |
- uses: actions/cache@v2 | |
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`) | |
with: | |
path: ${{ steps.yarn-cache-dir-path.outputs.dir }} | |
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} | |
restore-keys: | | |
${{ runner.os }}-yarn- | |
- name: Use Github Personal Access Token | |
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/ | |
- name: Install Dependencies | |
run: yarn install --frozen-lockfile | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: Run Snyk to check for vulnerabilities | |
uses: snyk/actions/node@master | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
with: | |
args: --severity-threshold=high --fail-on=upgradable --all-projects --policy-path=.snyk |