-
Notifications
You must be signed in to change notification settings - Fork 0
143 lines (143 loc) · 4.1 KB
/
WebCI.yaml
File metadata and controls
143 lines (143 loc) · 4.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
name: Web Frontend CI
on:
push:
branches:
- main
paths:
- "clients/web/**"
- "clients/shared/**"
- "backend/docs/**"
- ".github/workflows/WebCI.yaml"
pull_request:
branches:
- main
paths:
- "clients/web/**"
- "clients/shared/**"
- "backend/docs/**"
- ".github/workflows/WebCI.yaml"
permissions:
contents: read
checks: write
pull-requests: write
jobs:
secrets-scan:
name: Secrets Scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: TruffleHog secrets scan
uses: trufflesecurity/trufflehog@main
with:
extra_args: --only-verified
web-lint:
name: Lint & Format Check
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./clients/web
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: "./clients/web/package.json"
cache: "npm"
cache-dependency-path: "./clients/web/package-lock.json"
- name: Install dependencies
run: npm ci
- name: Install shared dependencies
run: cd ../shared && npm ci
- name: Generate API types
run: cd ../shared && npm run generate:api
- name: Run ESLint
run: npm run lint
- name: Check code formatting
run: npx prettier --check .
web-typecheck:
name: Type Check
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./clients/web
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: "./clients/web/package.json"
cache: "npm"
cache-dependency-path: "./clients/web/package-lock.json"
- name: Install dependencies
run: npm ci
- name: Install shared dependencies
run: cd ../shared && npm ci
- name: Generate API types
run: cd ../shared && npm run generate:api
- name: Run TypeScript compiler
run: npx tsc --noEmit
web-test:
name: Test
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./clients/web
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 2
- uses: actions/setup-node@v4
with:
node-version-file: "./clients/web/package.json"
cache: "npm"
cache-dependency-path: "./clients/web/package-lock.json"
- name: Install dependencies
run: npm ci
- name: Install shared dependencies
run: cd ../shared && npm ci
- name: Generate API types
run: cd ../shared && npm run generate:api
- name: Run tests with coverage
run: npx vitest run --coverage
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./coverage/lcov.info
flags: web
web-build:
name: Build
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./clients/web
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: "./clients/web/package.json"
cache: "npm"
cache-dependency-path: "./clients/web/package-lock.json"
- name: Install dependencies
run: npm ci
- name: Install shared dependencies
run: cd ../shared && npm ci
- name: Generate API types
run: cd ../shared && npm run generate:api
- name: Verify package-lock.json is up to date
run: |
npm install --package-lock-only
git diff --exit-code package-lock.json
- name: Install Doppler CLI
uses: dopplerhq/cli-action@v3
- name: Build application
# Not needed currently, just for builds and deployment using doppler run command
env:
DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN_WEB }}
run: npm run build
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: web-build
path: clients/web/dist
retention-days: 7