From 2b41ff043c67b1195bf2f7f0d2ccbf31c007ad58 Mon Sep 17 00:00:00 2001 From: vindard <17693119+vindard@users.noreply.github.com> Date: Thu, 16 Nov 2023 14:48:17 -0400 Subject: [PATCH] build: swap new buck audit steps into github actions --- .github/workflows/audit.yml | 22 ------------------ .github/workflows/buck2-audit.yaml | 37 ++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+), 22 deletions(-) delete mode 100644 .github/workflows/audit.yml create mode 100644 .github/workflows/buck2-audit.yaml diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml deleted file mode 100644 index 0095b9bca1e..00000000000 --- a/.github/workflows/audit.yml +++ /dev/null @@ -1,22 +0,0 @@ -#! Auto synced from Shared CI Resources repository -#! Don't change this file, instead change it in github.com/GaloyMoney/concourse-shared - -name: Audit - -on: - pull_request: - branches: [main] - -jobs: - audit: - name: Audit - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Install Nix - uses: DeterminateSystems/nix-installer-action@v4 - - name: Run the Magic Nix Cache - uses: DeterminateSystems/magic-nix-cache-action@v2 - - run: cd core/api && nix develop -c pnpm install --frozen-lockfile - - name: Run check code - run: cd core/api && nix develop -c make audit diff --git a/.github/workflows/buck2-audit.yaml b/.github/workflows/buck2-audit.yaml new file mode 100644 index 00000000000..b60dc4ba3d0 --- /dev/null +++ b/.github/workflows/buck2-audit.yaml @@ -0,0 +1,37 @@ +name: Buck2 audit +on: + pull_request: + branches: [main] + types: [opened, synchronize, labeled, unlabeled] + +jobs: + buck2-test: + name: Buck2 Audit + runs-on: ubuntu-latest + steps: + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@v4 + - name: Run the Magic Nix Cache + uses: DeterminateSystems/magic-nix-cache-action@v2 + - uses: actions/checkout@v3 + - name: Prepare Buck2 audit args from labels + id: prepare_args + run: | + ARGS="" + cat < labels.json + ${{ toJSON(github.event.pull_request.labels.*.name) }} + EOF + for LABEL in dashboard consent core; do + case "$LABEL" in + dashboard|consent) + ARGS+=" //apps/$LABEL:audit" + ;; + core) + ARGS+=" //core/api:audit" + ;; + esac + done + echo "Prepared args: $ARGS" + echo "args=$ARGS" >> "$GITHUB_OUTPUT" + - name: Buck2 test + run: nix develop -c buck2 test ${{ steps.prepare_args.outputs.args }}