ci(dependabot): configure groups #439
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: push | |
| name: Push | |
| env: | |
| NX_BRANCH: ${{ github.ref_name }} | |
| NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} | |
| NX_RUN_GROUP: ${{ github.run_id }}-${{ github.run_attempt }} | |
| SAM_CLI_TELEMETRY: 0 | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: 'npm' | |
| - uses: nrwl/nx-set-shas@v3 | |
| - run: npm ci | |
| - run: npx nx run-many --target=build --parallel=4 | |
| diff: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: 'npm' | |
| - uses: nrwl/nx-set-shas@v3 | |
| - run: npm ci | |
| # by making this job depend on the build job, the following line should be | |
| # 100% cache hits; The nx cache seems to be much easier to use than the | |
| # GitHub artifact action. | |
| - run: npx nx run-many --target=build --parallel=4 | |
| - run: ./scripts/diff-lint | |
| lint: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: 'npm' | |
| - uses: nrwl/nx-set-shas@v3 | |
| - run: npm ci | |
| # by making this job depend on the build job, the following line should be | |
| # 100% cache hits; The nx cache seems to be much easier to use than the | |
| # GitHub artifact action. | |
| - run: npx nx run-many --target=build --parallel=4 | |
| - run: npx nx workspace-lint | |
| - run: npx nx format:check | |
| - run: npm run lint | |
| env: | |
| ESLINT_FORMAT_OPTIONS: | | |
| --format json-with-metadata --output-file reports/style/eslint.json | |
| TSC_OPTIONS: '| tee reports/style/tsc.log' | |
| - uses: check-run-reporter/[email protected] | |
| if: ${{ always() }} | |
| with: | |
| token: ${{ secrets.CHECK_RUN_REPORTER_TOKEN }} | |
| label: ESLint | |
| report: 'reports/style/eslint.json' | |
| - uses: check-run-reporter/[email protected] | |
| if: ${{ always() }} | |
| with: | |
| token: ${{ secrets.CHECK_RUN_REPORTER_TOKEN }} | |
| label: TSC | |
| report: 'reports/style/tsc.log' | |
| release: | |
| needs: | |
| - build | |
| - diff | |
| - lint | |
| - test-integration | |
| - test-unit | |
| runs-on: ubuntu-latest | |
| # This job gets exponentially slower based on the number of packages that | |
| # need to be release, so 60 is not unreasonable. | |
| timeout-minutes: 60 | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: 'npm' | |
| - uses: nrwl/nx-set-shas@v3 | |
| - run: npm ci | |
| # by making this job depend on the build job, the following line should be | |
| # 100% cache hits; The nx cache seems to be much easier to use than the | |
| # GitHub artifact action. | |
| - run: npx nx run-many --target=build --parallel=4 | |
| - run: | | |
| npm config set workspaces-update false | |
| npx multi-semantic-release \ | |
| --deps.release=inherit \ | |
| --ignore-private-packages | |
| env: | |
| GIT_AUTHOR_EMAIL: | |
| ${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com | |
| GIT_COMMITTER_EMAIL: | |
| ${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com | |
| GIT_AUTHOR_NAME: ${{ github.actor }} | |
| GIT_COMMITTER_NAME: ${{ github.actor }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| test-integration: | |
| needs: build | |
| permissions: | |
| id-token: write | |
| contents: read | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| # There should be one node for each example, but at time of writing, | |
| # two of the examples are disabled due to issues with localstack. | |
| nodeCount: [5] | |
| nodeIndex: [0, 1, 2, 3, 4] | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - name: Configure AWS credentials from Test account | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: 'npm' | |
| - uses: nrwl/nx-set-shas@v3 | |
| - run: npm ci | |
| # by making this job depend on the build job, the following line should be | |
| # 100% cache hits; The nx cache seems to be much easier to use than the | |
| # GitHub artifact action. | |
| - run: npx nx run-many --target=build --parallel=4 | |
| - uses: check-run-reporter/[email protected] | |
| id: split | |
| with: | |
| token: ${{ secrets.CHECK_RUN_REPORTER_TOKEN }} | |
| label: Unit Tests | |
| nodeCount: ${{ matrix.nodeCount }} | |
| nodeIndex: ${{ matrix.nodeIndex }} | |
| tests: 'examples/**/*.test.ts' | |
| # Deploy all the stacks. Assuming we tuned the matrix correctly, this | |
| # _should_ be one stack per job, but we treat it as a list just in case. | |
| - run: | | |
| PATH=$PATH:$(pwd)/node_modules/.bin ./scripts/crr-sam deploy ${{ steps.split.outputs.tests }} | |
| id: deploy | |
| - run: npm test -- ${{ steps.split.outputs.tests }} | |
| env: | |
| # We set RETAIN=true so that the cleanup script can take remove the | |
| # stack rather than doing it inside the jest lifecycle. | |
| RETAIN: true | |
| TEST_ENV: aws | |
| # The script keeps track of each stack it deployed so we only attempt to | |
| # cleanup stacks that actually exist. | |
| - run: ./scripts/crr-sam destroy ${{ steps.deploy.outputs.deployed }} | |
| if: ${{ always() }} | |
| - uses: check-run-reporter/[email protected] | |
| if: ${{ always() }} | |
| with: | |
| token: ${{ secrets.CHECK_RUN_REPORTER_TOKEN }} | |
| label: Examples | |
| nodeCount: ${{ matrix.nodeCount }} | |
| nodeIndex: ${{ matrix.nodeIndex }} | |
| report: 'reports/junit/**/*.xml' | |
| - name: Upload coverage reports to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| directory: 'reports/coverage' | |
| test-unit: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: 'npm' | |
| - uses: nrwl/nx-set-shas@v3 | |
| - run: npm ci | |
| # by making this job depend on the build job, the following line should be | |
| # 100% cache hits; The nx cache seems to be much easier to use than the | |
| # GitHub artifact action. | |
| - run: npx nx run-many --target=build --parallel=4 | |
| - run: npm test -- --selectProjects 'Unit Tests' | |
| - uses: check-run-reporter/[email protected] | |
| if: ${{ always() }} | |
| with: | |
| token: ${{ secrets.CHECK_RUN_REPORTER_TOKEN }} | |
| label: Unit Tests | |
| report: 'reports/junit/**/*.xml' | |
| - name: Upload coverage reports to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| directory: 'reports/coverage' |