Skip to content

Bump actions/cache from 3.3.1 to 4.2.0 #7019

Bump actions/cache from 3.3.1 to 4.2.0

Bump actions/cache from 3.3.1 to 4.2.0 #7019

Workflow file for this run

name: Manual Review
on:
pull_request:
types: [ready_for_review, synchronize, reopened, opened]
env:
BOT_NAME: va-vfs-bot
PR_NUMBER: ${{ github.event.number }}
jobs:
eslint-check:
name: ESLint Check
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Get Node version
id: get-node-version
run: echo NODE_VERSION=$(cat .nvmrc) >> $GITHUB_OUTPUT
- name: Setup Node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version: ${{ steps.get-node-version.outputs.NODE_VERSION }}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-gov-west-1
- name: Get bot token from Parameter Store
uses: department-of-veterans-affairs/action-inject-ssm-secrets@d8e6de3bde4dd728c9d732baef58b3c854b8c4bb # latest
with:
ssm_parameter: /devops/VA_VFS_BOT_GITHUB_TOKEN
env_variable_name: GITHUB_TOKEN
- name: Cache dependencies
id: cache-dependencies
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: |
~/.cache/yarn
node_modules
key: ${{ steps.get-node-version.outputs.NODE_VERSION }}-${{ hashFiles('yarn.lock') }}
- name: Install dependencies
run: yarn install --frozen-lockfile --prefer-offline
env:
YARN_CACHE_FOLDER: ~/.cache/yarn
- name: Run PR check script
run: yarn pr-check
env:
CODE_PATTERN: (/* eslint-disable)|(// eslint-disable)
LINE_COMMENT: ESLint disabled here
OVERALL_REVIEW_COMMENT: >
# ESLint is disabled
`vets-website` uses ESLint to help enforce code quality. In most
situations we would like ESLint to remain enabled.
## What you can do
See if the code can be refactored to avoid disabling ESLint, or wait for
a VSP review.
icon-check:
name: Icon Check
runs-on: ubuntu-latest
if: github.event.pull_request.draft == false
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Get Node version
id: get-node-version
run: echo NODE_VERSION=$(cat .nvmrc) >> $GITHUB_OUTPUT
- name: Setup Node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version: ${{ steps.get-node-version.outputs.NODE_VERSION }}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-gov-west-1
- name: Get bot token from Parameter Store
uses: department-of-veterans-affairs/action-inject-ssm-secrets@d8e6de3bde4dd728c9d732baef58b3c854b8c4bb # latest
with:
ssm_parameter: /devops/VA_VFS_BOT_GITHUB_TOKEN
env_variable_name: GITHUB_TOKEN
- name: Cache dependencies
id: cache-dependencies
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: |
~/.cache/yarn
node_modules
key: ${{ steps.get-node-version.outputs.NODE_VERSION }}-${{ hashFiles('yarn.lock') }}
- name: Install dependencies
run: yarn install --frozen-lockfile --prefer-offline
env:
YARN_CACHE_FOLDER: ~/.cache/yarn
- name: Run PR check script
run: yarn pr-check
env:
CODE_PATTERN: (<i )|(<i$)|(<va-icon)
LINE_COMMENT: icon found
OVERALL_REVIEW_COMMENT: >
# Icon found
Icons can be decorative, but sometimes they are used to convey meaning.
If there are any semantics associated with an icon, those semantics
should also be conveyed to a screen reader.
## What you can do
Review the markup and see if the icon provides information that isn't
represented textually, or wait for a VSP review.
## Note:
Font Awesome is deprecated. Please use va-icon instead. For more information, visit the migration documentation: [Migrate from font awesome to va-icon](https://design.va.gov/about/developers/using-web-components#how-to-migrate-from-font-awesome-to-va-icon)
sentry-check:
name: Sentry Check
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Get Node version
id: get-node-version
run: echo NODE_VERSION=$(cat .nvmrc) >> $GITHUB_OUTPUT
- name: Setup Node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version: ${{ steps.get-node-version.outputs.NODE_VERSION }}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-gov-west-1
- name: Get bot token from Parameter Store
uses: department-of-veterans-affairs/action-inject-ssm-secrets@d8e6de3bde4dd728c9d732baef58b3c854b8c4bb # latest
with:
ssm_parameter: /devops/VA_VFS_BOT_GITHUB_TOKEN
env_variable_name: GITHUB_TOKEN
- name: Cache dependencies
id: cache-dependencies
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: |
~/.cache/yarn
node_modules
key: ${{ steps.get-node-version.outputs.NODE_VERSION }}-${{ hashFiles('yarn.lock') }}
- name: Install dependencies
run: yarn install --frozen-lockfile --prefer-offline
env:
YARN_CACHE_FOLDER: ~/.cache/yarn
- name: Run PR check script
run: yarn pr-check
env:
CODE_PATTERN: Sentry\.
LINE_COMMENT: Sentry found
OVERALL_REVIEW_COMMENT: >
# Sentry call found
Sentry captures a lot of data, and we want to make sure that we only
keep information that will be useful for troubleshooting issues. This
means that PII should not be recorded.
## What you can do
Review your call to Sentry and see if you can reasonably reduce any
information that is included, or wait for a VSP review.