feat(expo-passkeys): Introduce Passkeys module for expo #9194
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
workflow_dispatch: | |
merge_group: | |
pull_request: | |
branches: | |
- main | |
- release/v4 | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
formatting-linting: | |
name: Formatting, linting & changeset checks | |
runs-on: ${{ vars.RUNNER_LARGE || 'ubuntu-latest-l' }} | |
timeout-minutes: ${{ vars.TIMEOUT_MINUTES_NORMAL && fromJSON(vars.TIMEOUT_MINUTES_NORMAL) || 10 }} | |
env: | |
TURBO_SUMMARIZE: false | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
show-progress: false | |
- name: Setup | |
id: config | |
uses: ./.github/actions/init | |
with: | |
turbo-signature: ${{ secrets.TURBO_REMOTE_CACHE_SIGNATURE_KEY }} | |
turbo-summarize: ${{ env.TURBO_SUMMARIZE }} | |
turbo-team: ${{ vars.TURBO_TEAM }} | |
turbo-token: ${{ secrets.TURBO_TOKEN }} | |
node-version: 20 | |
- name: Require Changeset | |
if: ${{ !(github.event_name == 'merge_group') }} | |
run: if [[ "${{ github.event.pull_request.user.login }}" = "clerk-cookie" || "${{ github.event.pull_request.user.login }}" = "renovate[bot]" ]]; then echo 'Skipping' && exit 0; else npx changeset status --since=origin/main; fi | |
- name: Lint GitHub Actions Workflows | |
run: npx eslint .github | |
shell: bash | |
- name: Check Formatting | |
run: npm run format:check | |
- name: Build Packages | |
run: npx turbo build $TURBO_ARGS --only | |
- name: Check size using bundlewatch | |
run: npx turbo bundlewatch $TURBO_ARGS --only | |
env: | |
BUNDLEWATCH_GITHUB_TOKEN: ${{ secrets.BUNDLEWATCH_GITHUB_TOKEN }} | |
CI_REPO_OWNER: ${{ vars.REPO_OWNER }} | |
CI_REPO_NAME: ${{ vars.REPO_NAME }} | |
CI_COMMIT_SHA: ${{ github.event.pull_request.head.sha }} | |
CI_BRANCH: ${{ github.ref }} | |
CI_BRANCH_BASE: refs/heads/main | |
- name: Lint packages using publint | |
run: npx turbo lint:publint $TURBO_ARGS --only | |
- name: Lint types using attw | |
run: npx turbo lint:attw $TURBO_ARGS --only | |
- name: Run lint | |
run: npx turbo lint $TURBO_ARGS --only -- --quiet | |
- name: Upload Turbo Summary | |
uses: actions/upload-artifact@v3 | |
if: ${{ env.TURBO_SUMMARIZE == 'true' }} | |
continue-on-error: true | |
with: | |
name: turbo-summary-report-lint-${{ github.run_id }}-${{ github.run_attempt }} | |
path: .turbo/runs | |
retention-days: 5 | |
unit-tests: | |
name: Unit Tests | |
needs: formatting-linting | |
runs-on: ${{ vars.RUNNER_LARGE || 'ubuntu-latest-l' }} | |
timeout-minutes: ${{ vars.TIMEOUT_MINUTES_NORMAL && fromJSON(vars.TIMEOUT_MINUTES_NORMAL) || 10 }} | |
env: | |
TURBO_SUMMARIZE: false | |
strategy: | |
matrix: | |
node-version: [18, 20] | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
show-progress: false | |
- name: Setup | |
id: config | |
uses: ./.github/actions/init | |
with: | |
# Ensures that all builds are cached appropriately with a consistent run name `Unit Tests (18)`. | |
node-version: ${{ matrix.node-version }} | |
turbo-signature: ${{ secrets.TURBO_REMOTE_CACHE_SIGNATURE_KEY }} | |
turbo-summarize: ${{ env.TURBO_SUMMARIZE }} | |
turbo-team: ${{ vars.TURBO_TEAM }} | |
turbo-token: ${{ secrets.TURBO_TOKEN }} | |
- name: Run tests | |
run: | | |
if [ "${{ matrix.node-version }}" == "18" ]; then | |
echo "Running tests on Node 18 only for packages with LTS support." | |
npx turbo test $TURBO_ARGS --filter="@clerk/astro" --filter="@clerk/backend" --filter="@clerk/express" --filter="@clerk/nextjs" --filter="@clerk/clerk-react" --filter="@clerk/clerk-sdk-node" --filter="@clerk/shared" --filter="@clerk/remix" --filter="@clerk/tanstack-start" --filter="@clerk/elements" | |
else | |
echo "Running tests for all packages on Node 20." | |
npx turbo test $TURBO_ARGS | |
fi | |
env: | |
NODE_VERSION: ${{ matrix.node-version }} | |
- name: Upload Turbo Summary | |
uses: actions/upload-artifact@v4 | |
if: ${{ env.TURBO_SUMMARIZE == 'true' }} | |
continue-on-error: true | |
with: | |
name: turbo-summary-report-unit-${{ github.run_id }}-${{ github.run_attempt }}-node-${{ matrix.node-version }} | |
path: .turbo/runs | |
retention-days: 5 | |
integration-tests: | |
name: Integration Tests | |
needs: formatting-linting | |
runs-on: ${{ vars.RUNNER_LARGE || 'ubuntu-latest-l' }} | |
timeout-minutes: ${{ vars.TIMEOUT_MINUTES_LONG && fromJSON(vars.TIMEOUT_MINUTES_LONG) || 15 }} | |
strategy: | |
matrix: | |
test-name: ['generic', 'express', 'quickstart', 'ap-flows', 'elements', 'sessions', 'astro', 'expo-web', 'tanstack-start', 'tanstack-router'] | |
test-project: ['chrome'] | |
include: | |
- test-name: 'nextjs' | |
test-project: 'chrome' | |
next-version: '13' | |
- test-name: 'nextjs' | |
test-project: 'chrome' | |
next-version: '14' | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
show-progress: false | |
- name: Setup | |
id: config | |
uses: ./.github/actions/init | |
with: | |
turbo-signature: ${{ secrets.TURBO_REMOTE_CACHE_SIGNATURE_KEY }} | |
turbo-team: ${{ vars.TURBO_TEAM }} | |
turbo-token: ${{ secrets.TURBO_TOKEN }} | |
playwright-enabled: true | |
- name: Task Status | |
id: task-status | |
env: | |
E2E_APP_CLERK_JS_DIR: ${{runner.temp}} | |
E2E_CLERK_VERSION: 'latest' | |
E2E_NEXTJS_VERSION: ${{ matrix.next-version }} | |
E2E_PROJECT: ${{ matrix.test-project }} | |
INTEGRATION_INSTANCE_KEYS: ${{ secrets.INTEGRATION_INSTANCE_KEYS }} | |
run: | | |
AFFECTED=0 | |
(npx turbo-ignore --task=test:integration:${{ matrix.test-name }} --fallback=${{ github.base_ref || 'refs/heads/main' }}) || AFFECTED=1 | |
echo "affected=${AFFECTED}" | |
echo "affected=${AFFECTED}" >> $GITHUB_OUTPUT | |
- name: Verdaccio | |
if: ${{ steps.task-status.outputs.affected == '1' }} | |
uses: ./.github/actions/verdaccio | |
with: | |
publish-cmd: | | |
if [ "$(npm config get registry)" = "https://registry.npmjs.org/" ]; then echo 'Error: Using default registry' && exit 1; else npx turbo build $TURBO_ARGS --only && npx changeset publish --no-git-tag; fi | |
- name: Install @clerk/backend in /integration | |
if: ${{ steps.task-status.outputs.affected == '1' }} | |
working-directory: ./integration | |
run: npm init -y && npm install @clerk/backend | |
- name: Install @clerk/clerk-js in os temp | |
if: ${{ steps.task-status.outputs.affected == '1' }} | |
working-directory: ${{runner.temp}} | |
run: mkdir clerk-js && cd clerk-js && npm init -y && npm install @clerk/clerk-js | |
- name: Copy components @clerk/astro | |
if: ${{ matrix.test-name == 'astro' }} | |
run: cd packages/astro && npm run copy:components | |
- name: Write all ENV certificates to files in integration/certs | |
if: ${{ steps.task-status.outputs.affected == '1' }} | |
uses: actions/github-script@v7 | |
env: | |
INTEGRATION_CERTS: '${{secrets.INTEGRATION_CERTS}}' | |
INTEGRATION_ROOT_CA: '${{secrets.INTEGRATION_ROOT_CA}}' | |
with: | |
script: | | |
const fs = require('fs'); | |
const path = require('path'); | |
const rootCa = process.env.INTEGRATION_ROOT_CA; | |
console.log('rootCa', rootCa); | |
fs.writeFileSync(path.join(process.env.GITHUB_WORKSPACE, 'integration/certs', 'rootCA.pem'), rootCa); | |
const certs = JSON.parse(process.env.INTEGRATION_CERTS); | |
for (const [name, cert] of Object.entries(certs)) { | |
fs.writeFileSync(path.join(process.env.GITHUB_WORKSPACE, 'integration/certs', name), cert); | |
} | |
- name: LS certs | |
if: ${{ steps.task-status.outputs.affected == '1' }} | |
working-directory: ./integration/certs | |
run: ls -la && pwd | |
- name: Run Integration Tests | |
if: ${{ steps.task-status.outputs.affected == '1' }} | |
id: integration-tests | |
run: sudo --preserve-env npx turbo test:integration:${{ matrix.test-name }} $TURBO_ARGS --only -- --project=${{ matrix.test-project }} | |
env: | |
E2E_APP_CLERK_JS_DIR: ${{runner.temp}} | |
E2E_CLERK_VERSION: 'latest' | |
E2E_NEXTJS_VERSION: ${{ matrix.next-version }} | |
E2E_PROJECT: ${{ matrix.test-project }} | |
E2E_CLERK_ENCRYPTION_KEY: ${{ matrix.clerk-encryption-key }} | |
INTEGRATION_INSTANCE_KEYS: ${{ secrets.INTEGRATION_INSTANCE_KEYS }} | |
MAILSAC_API_KEY: ${{ secrets.MAILSAC_API_KEY }} | |
NODE_EXTRA_CA_CERTS: ${{ github.workspace }}/integration/certs/rootCA.pem | |
- name: Upload test-results | |
if: ${{ cancelled() || failure() }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: playwright-traces-${{ github.run_id }}-${{ github.run_attempt }}-${{ matrix.test-name }} | |
path: integration/test-results | |
retention-days: 1 |