Check #36198
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check | |
| on: | |
| # ..any pull request, workflow dispatch and merge queue (covers main) | |
| pull_request: | |
| workflow_dispatch: | |
| merge_group: | |
| # Cron job to run checks @ 8:30 pm daily on the latest commit on the default branch - main | |
| schedule: | |
| - cron: '30 20 * * *' | |
| # Cancel any in progress run of the workflow for a given PR | |
| # This avoids building outdated code | |
| concurrency: | |
| # Fallback used github.ref_name as it is always defined | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }} | |
| cancel-in-progress: true | |
| jobs: | |
| vulnerability: | |
| name: Vulnerabilities | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: ./.github/actions/yarn-install | |
| - run: ./scripts/ci_check_vulnerabilities.sh | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: ./.github/actions/yarn-install | |
| - run: yarn run format:check | |
| - run: yarn run lint | |
| - run: yarn typecheck | |
| - run: yarn tsc -p .github/scripts | |
| yarn-lock: | |
| name: 'yarn.lock Up-to-date' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: ./.github/actions/yarn-install | |
| - run: git diff --exit-code | |
| licenses: | |
| name: Licenses | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: ./.github/actions/yarn-install | |
| - run: yarn check-licenses | |
| knip: | |
| name: Knip | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - uses: ./.github/actions/yarn-install | |
| - run: yarn knip | |
| # Ensure the release notes script is working | |
| release-notes: | |
| name: Release Notes | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| # Fetch all history for all tags and branches | |
| fetch-depth: 0 | |
| - uses: ./.github/actions/yarn-install | |
| - run: yarn generate-release-notes | |
| # Sync Node.js version between package.json and eas.json | |
| eas-node-sync: | |
| name: EAS Node.js Version Sync | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Generate Valora Actions Token | |
| id: valora-actions-token | |
| uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 | |
| with: | |
| app-id: ${{ vars.VALORA_ACTIONS_APP_ID }} | |
| private-key: ${{ secrets.VALORA_ACTIONS_PRIVATE_KEY }} | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| token: ${{ steps.valora-actions-token.outputs.token }} | |
| ref: ${{ github.head_ref || github.ref }} | |
| - uses: ./.github/actions/yarn-install | |
| - run: yarn sync-eas-node-version | |
| - name: Check for EAS node version changes | |
| id: eas-node-version | |
| run: | | |
| if [ -n "$(git status --porcelain eas.json)" ]; then | |
| echo "changes=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "changes=false" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Commit EAS node version | |
| if: "${{ steps.eas-node-version.outputs.changes == 'true' && github.event_name == 'pull_request' && !startsWith(github.event.head_commit.message, 'chore: auto sync eas node version') }}" | |
| run: | | |
| git config user.name "valora-actions[bot]" | |
| git config user.email "258016485+valora-actions[bot]@users.noreply.github.com" | |
| git add eas.json | |
| git commit -m "chore: auto sync eas node version" | |
| git push |