Skip to content

fix(admin-server): auto prolong auth cookie #2814

fix(admin-server): auto prolong auth cookie

fix(admin-server): auto prolong auth cookie #2814

Workflow file for this run

name: CI
on:
push:
branches: ['main', 'v1.2', 'v1.3']
tags: ['**']
pull_request:
workflow_dispatch:
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: '1'
jobs:
test:
runs-on: ubuntu-latest
strategy:
matrix:
include:
- job_name: eslint
run_script: yarn run eslint:lint
- job_name: build
run_script: yarn run build
- job_name: test
run_script: yarn run test
- job_name: api-exporter
run_script: |
yarn run ts:build
yarn run ae:test
- job_name: lint-imports
run_script: yarn tsx ./scripts/lint/module-import-linter.ts
- job_name: dedupe
run_script: yarn dedupe --check
container: node:16-alpine
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Get yarn cache directory path
run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
id: yarn-cache-dir-path
- name: Install GNU tar
run: apk add --no-cache tar
- name: Set up yarn cache
uses: actions/cache@v3
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install yarn deps
run: |
yarn --version
yarn install --immutable
- name: Run ${{ matrix.job_name }}
run: ${{ matrix.run_script }}
playwright:
needs: [ test ]
runs-on: ubuntu-latest
container: mcr.microsoft.com/playwright:v1.32.3-focal
services:
postgres:
image: postgres:13-alpine
env:
POSTGRES_PASSWORD: 'contember'
POSTGRES_USER: 'contember'
POSTGRES_DB: 'contember'
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
contember-engine:
image: contember/engine:1.2.0
env:
NODE_ENV: 'development'
CONTEMBER_PORT: '4000'
CONTEMBER_ROOT_EMAIL: 'superadmin@localhost'
CONTEMBER_ROOT_PASSWORD: 'superadmin@localhost'
CONTEMBER_ROOT_TOKEN: '0000000000000000000000000000000000000000'
CONTEMBER_LOGIN_TOKEN: '1111111111111111111111111111111111111111'
CONTEMBER_ENCRYPTION_KEY: '0000000000000000000000000000000000000000000000000000000000000000'
DEFAULT_DB_HOST: 'postgres'
DEFAULT_DB_PORT: '5432'
DEFAULT_DB_USER: 'contember'
DEFAULT_DB_PASSWORD: 'contember'
TENANT_DB_NAME: 'contember'
DEFAULT_S3_ENDPOINT: 'http://minio:9000'
DEFAULT_S3_PROVIDER: 'minio'
DEFAULT_S3_REGION: ''
DEFAULT_S3_BUCKET: 'contember'
DEFAULT_S3_PREFIX: 'data'
DEFAULT_S3_KEY: 'contember'
DEFAULT_S3_SECRET: 'contember'
minio:
image: bitnami/minio
env:
MINIO_ROOT_USER: 'contember'
MINIO_ROOT_PASSWORD: 'contember'
MINIO_DEFAULT_BUCKETS: 'contember:download'
env:
VITE_CONTEMBER_ADMIN_API_BASE_URL: 'http://contember-engine:4000'
VITE_CONTEMBER_ADMIN_SESSION_TOKEN: '0000000000000000000000000000000000000000'
HOME: '/root'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
- name: Set up yarn cache
uses: actions/cache@v3
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Install yarn deps
run: |
yarn --version
yarn install --immutable
- name: Prepare for playwright tests
run: |
yarn run admin:pw:build
- name: Run playwright tests
run: yarn run admin:pw:test --forbid-only
- uses: jakejarvis/s3-sync-action@master
if: always()
with:
args: --acl public-read
env:
AWS_S3_BUCKET: 'contember-admin'
AWS_ACCESS_KEY_ID: ${{ secrets.PLAYWRIGHT_S3_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.PLAYWRIGHT_S3_SECRET }}
AWS_S3_ENDPOINT: 'https://fra1.digitaloceanspaces.com'
SOURCE_DIR: 'packages/admin/tests/playwright/report'
DEST_DIR: ${{ github.sha }}
- uses: phulsechinmay/[email protected]
if: always() && github.event_name == 'pull_request'
with:
message: '[Playwright Test Report](https://contember-admin.fra1.digitaloceanspaces.com/${{ github.sha }}/index.html)'
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
publish-npm:
if: github.event_name == 'push' && github.ref_type == 'tag'
needs: [test, playwright]
runs-on: ubuntu-latest
container: node:16-alpine
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
- name: Install GNU tar
run: apk add --no-cache tar
- name: Set up yarn cache
uses: actions/cache@v3
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Extract version from tag
run: echo "PACKAGE_VERSION=${GITHUB_REF:11}" >> $GITHUB_ENV
- name: Install yarn deps
run: |
yarn --version
yarn install --immutable
- name: Build
run: yarn run build
- name: Publish
run: |
yarn config set npmAuthToken "$NPM_TOKEN"
yarn workspaces foreach -t version "${GITHUB_REF:11}"
yarn workspaces foreach -pt --no-private npm publish --access public
publish-docker:
if: (github.event_name == 'push' && github.ref_type == 'tag') || github.event_name == 'workflow_dispatch'
needs: [test, playwright]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: docker/setup-qemu-action@v1
- uses: docker/setup-buildx-action@v1
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Release Tag
if: github.event_name == 'push' && github.ref_type == 'tag'
run: 'echo "TAG=${GITHUB_REF:11}" >> $GITHUB_ENV'
- name: Canary Tag
if: github.event_name == 'workflow_dispatch'
run: 'echo "TAG=canary-${GITHUB_SHA:0:10}" >> $GITHUB_ENV'
- name: Build & Publish Docker Image
env:
DOCKER_USER: ${{ secrets.DOCKER_USER }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
run: |
docker login --username "$DOCKER_USER" --password "$DOCKER_PASSWORD"
docker buildx build \
--platform linux/amd64,linux/arm64 \
--file ee/admin-server/Dockerfile \
--cache-from type=registry,ref=ghcr.io/contember/admin \
--cache-to type=registry,ref=ghcr.io/contember/admin,mode=max \
--tag "contember/admin:$TAG" \
--push \
.