chore: migrate workflows to ubuntu-26.04, drop PGDG repo dependency #11
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: 2008-2026 Hack23 AB | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # | |
| # Renders every ```mermaid block in every *.md file in the repository via the | |
| # official @mermaid-js/mermaid-cli and fails if any diagram does not render. | |
| # Runs on every PR that touches a markdown file, on every push to master, and | |
| # weekly to catch regressions caused by upstream Mermaid releases. | |
| # | |
| # See MERMAID_STYLE_GUIDE.md for the conventions this workflow enforces. | |
| name: Validate Mermaid Diagrams | |
| on: | |
| push: | |
| branches: [master] | |
| paths: | |
| - '**/*.md' | |
| - 'scripts/validate-mermaid.mjs' | |
| - 'scripts/deep-check-mermaid.mjs' | |
| - 'scripts/fix-mermaid-quotes.mjs' | |
| - '.github/workflows/validate-mermaid.yml' | |
| pull_request: | |
| paths: | |
| - '**/*.md' | |
| - 'scripts/validate-mermaid.mjs' | |
| - 'scripts/deep-check-mermaid.mjs' | |
| - 'scripts/fix-mermaid-quotes.mjs' | |
| - '.github/workflows/validate-mermaid.yml' | |
| schedule: | |
| - cron: '17 4 * * 1' # Weekly, Monday 04:17 UTC | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| jobs: | |
| validate-mermaid: | |
| name: Validate Mermaid diagrams | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 | |
| with: | |
| node-version: '24' | |
| - name: Install Chrome runtime dependencies for Puppeteer | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y --no-install-recommends \ | |
| libatk-bridge2.0-0 libatk1.0-0 libcups2 libdrm2 libgbm1 libnspr4 \ | |
| libnss3 libxcomposite1 libxdamage1 libxfixes3 libxkbcommon0 \ | |
| libxrandr2 libxshmfence1 libgtk-3-0 fonts-noto-color-emoji | |
| - name: Install @mermaid-js/mermaid-cli | |
| run: | | |
| mkdir -p .mermaid-tools | |
| cd .mermaid-tools | |
| echo '{"name":"mermaid-tools","private":true}' > package.json | |
| npm install --no-audit --no-fund @mermaid-js/mermaid-cli | |
| - name: Run mermaid validator | |
| env: | |
| MMDC: ${{ github.workspace }}/.mermaid-tools/node_modules/.bin/mmdc | |
| run: node scripts/validate-mermaid.mjs | |
| - name: Run mermaid deep-check (advisory) | |
| if: always() | |
| run: node scripts/deep-check-mermaid.mjs | |
| - name: Upload validation report | |
| if: always() | |
| uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: mermaid-validation-report | |
| path: | | |
| .mermaid-validate/report.json | |
| .mermaid-validate/deep-issues.json | |
| retention-days: 30 | |
| if-no-files-found: warn |