Update crypto library, CryptoJS CVE & deprecation #26883
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: βοΈ CI | |
on: | |
pull_request: | |
push: | |
branches: ['next', 'release/**'] | |
# Cancel in-progress runs of this workflow. | |
# See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-only-cancel-in-progress-jobs-or-runs-for-the-current-workflow. | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} | |
jobs: | |
only-doc-changes: | |
if: github.repository == 'redwoodjs/redwood' | |
name: π Only doc changes? | |
runs-on: ubuntu-latest | |
outputs: | |
only-doc-changes: ${{ steps.only-doc-changes.outputs.only-doc-changes }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Yarn install | |
working-directory: ./.github/actions/only_doc_changes | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: π Only doc changes? | |
id: only-doc-changes | |
uses: ./.github/actions/only_doc_changes | |
rsc-related-changes: | |
needs: check | |
if: github.repository == 'redwoodjs/redwood' | |
name: π RSC related changes? | |
runs-on: ubuntu-latest | |
outputs: | |
rsc-related-changes: ${{ steps.rsc-related-changes.outputs.rsc-related-changes }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Yarn install | |
working-directory: ./.github/actions/rsc_related_changes | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: π RSC related changes? | |
id: rsc-related-changes | |
uses: ./.github/actions/rsc_related_changes | |
ssr-related-changes: | |
needs: check | |
if: github.repository == 'redwoodjs/redwood' | |
name: π€οΈ SSR related changes? | |
runs-on: ubuntu-latest | |
outputs: | |
ssr-related-changes: ${{ steps.ssr-related-changes.outputs.ssr-related-changes }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Yarn install | |
working-directory: ./.github/actions/ssr_related_changes | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: π€οΈ SSR related changes? | |
id: ssr-related-changes | |
uses: ./.github/actions/ssr_related_changes | |
check: | |
needs: only-doc-changes | |
if: needs.only-doc-changes.outputs.only-doc-changes == 'false' | |
name: β Check constraints, dependencies, and package.json's | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Yarn install | |
working-directory: ./tasks/check | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: β Check constraints, dependencies, and package.json's | |
uses: ./tasks/check | |
check-docs: | |
needs: only-doc-changes | |
if: needs.only-doc-changes.outputs.only-doc-changes == 'true' | |
name: β Check constraints, dependencies, and package.json's | |
runs-on: ubuntu-latest | |
steps: | |
- run: echo "Only doc changes" | |
build-lint-test: | |
needs: check | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest] | |
fail-fast: true | |
name: π Build, lint, test / ${{ matrix.os }} / node 18 latest | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Remove the tsc problem matcher if not ubuntu-latest | |
if: matrix.os != 'ubuntu-latest' | |
run: echo "echo "::remove-matcher owner=tsc::"" | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Set up yarn cache | |
uses: ./.github/actions/set-up-yarn-cache | |
- name: π Yarn install | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: π¨ Build | |
run: yarn build | |
- name: π Lint | |
run: yarn lint | |
- name: Get number of CPU cores | |
if: always() | |
id: cpu-cores | |
uses: SimenB/github-actions-cpu-cores@v1 | |
- name: π§ͺ Test | |
run: yarn test-ci ${{ steps.cpu-cores.outputs.count }} | |
build-lint-test-docs: | |
needs: only-doc-changes | |
if: needs.only-doc-changes.outputs.only-doc-changes == 'true' | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest] | |
name: π Build, lint, test / ${{ matrix.os }} / node 18 latest | |
runs-on: ${{ matrix.os }} | |
steps: | |
- run: echo "Only doc changes" | |
tutorial-e2e: | |
needs: check | |
strategy: | |
matrix: | |
bundler: [vite, webpack] | |
name: π² Tutorial E2E / ${{ matrix.bundler }} / node 18 latest | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Set up yarn cache | |
uses: ./.github/actions/set-up-yarn-cache | |
- name: π Yarn install | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: π Create a temporary directory | |
id: createpath | |
run: | | |
project_path=$(mktemp -d -t redwood.XXXXXX) | |
echo "::set-output name=project_path::$project_path" | |
framework_path=$(pwd) | |
echo "::set-output name=framework_path::$framework_path" | |
- name: π² Create a Redwood App | |
run: | | |
./tasks/run-e2e ${{ steps.createpath.outputs.project_path }} \ | |
--no-start \ | |
--bundler ${{ matrix.bundler }} | |
env: | |
YARN_ENABLE_IMMUTABLE_INSTALLS: false | |
- name: π Git init in the Redwood App directory | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "Your Name" | |
git init --initial-branch main && git add . | |
git commit -a --message=init | |
working-directory: ${{ steps.createpath.outputs.project_path }} | |
- name: Start server in background | |
run: yarn rw dev --no-generate --fwd="--no-open" & | |
working-directory: ${{ steps.createpath.outputs.project_path }} | |
- name: π² Install Cypress | |
run: yarn run cypress install | |
- name: π² Run cypress | |
uses: cypress-io/github-action@v5 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
CYPRESS_RW_PATH: "${{ steps.createpath.outputs.project_path }}" | |
with: | |
# We've already installed dependencies. | |
install: false | |
env: true | |
browser: chrome | |
record: false | |
wait-on: 'http://[::1]:8910' | |
working-directory: ./tasks/e2e | |
spec: | | |
cypress/e2e/01-tutorial/*.cy.js | |
cypress/e2e/04-logger/*.cy.js | |
tutorial-e2e-docs: | |
needs: only-doc-changes | |
if: needs.only-doc-changes.outputs.only-doc-changes == 'true' | |
strategy: | |
matrix: | |
os: [ubuntu-latest] | |
name: π² Tutorial E2E / ${{ matrix.os }} / node 18 latest | |
runs-on: ${{ matrix.os }} | |
steps: | |
- run: echo "Only doc changes" | |
ssr-smoke-tests: | |
needs: ssr-related-changes | |
if: needs.ssr-related-changes.outputs.ssr-related-changes == 'true' | |
strategy: | |
matrix: | |
os: [ubuntu-latest] | |
# [ubuntu-latest, windows-latest] disabled, because windows misbehaving | |
# waiting for help from main-man Josh | |
name: π SSR Smoke tests / ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
env: | |
REDWOOD_CI: 1 | |
REDWOOD_VERBOSE_TELEMETRY: 1 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Set up yarn cache | |
uses: ./.github/actions/set-up-yarn-cache | |
- name: π Yarn install | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: π¨ Build | |
run: yarn build | |
- name: π² Set up test project | |
id: set-up-test-project | |
uses: ./.github/actions/set-up-test-project | |
with: | |
bundler: vite | |
canary: true | |
env: | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
YARN_ENABLE_IMMUTABLE_INSTALLS: false | |
- name: Run SSR codemods on test project | |
run: ./tasks/test-project/convert-to-ssr-fixture ${{ steps.set-up-test-project.outputs.test-project-path }} | |
env: | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: π Install playwright dependencies | |
run: npx playwright install --with-deps chromium | |
- name: Run SSR [DEV] smoke tests | |
working-directory: ./tasks/smoke-tests/streaming-ssr-dev | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: '${{ steps.set-up-test-project.outputs.test-project-path }}' | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: Build for production | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
run: yarn rw build --no-prerender | |
env: | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: Run SSR [PROD] smoke tests | |
working-directory: ./tasks/smoke-tests/streaming-ssr-prod | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: '${{ steps.set-up-test-project.outputs.test-project-path }}' | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
smoke-tests: | |
needs: check | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest] | |
bundler: [vite, webpack] | |
name: π Smoke tests / ${{ matrix.os }} / ${{ matrix.bundler }} / node 18 latest | |
runs-on: ${{ matrix.os }} | |
env: | |
REDWOOD_CI: 1 | |
REDWOOD_VERBOSE_TELEMETRY: 1 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Set up yarn cache | |
uses: ./.github/actions/set-up-yarn-cache | |
- name: π Yarn install | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: π¨ Build | |
run: yarn build | |
- name: π² Set up test project | |
id: set-up-test-project | |
uses: ./.github/actions/set-up-test-project | |
with: | |
bundler: ${{ matrix.bundler }} | |
env: | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
YARN_ENABLE_IMMUTABLE_INSTALLS: false | |
- name: π Install playwright dependencies | |
run: npx playwright install --with-deps chromium | |
- name: π§βπ» Run dev smoke tests | |
working-directory: ./tasks/smoke-tests/dev | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: '${{ steps.set-up-test-project.outputs.test-project-path }}' | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: π Run auth smoke tests | |
working-directory: ./tasks/smoke-tests/auth | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: Run `rw build --no-prerender` | |
run: | | |
yarn rw build --no-prerender | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run `rw prerender` | |
run: | | |
yarn rw prerender --verbose | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: π₯οΈ Run serve smoke tests | |
working-directory: tasks/smoke-tests/serve | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: π Run prerender smoke tests | |
working-directory: tasks/smoke-tests/prerender | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: π Run Storybook smoke tests | |
working-directory: tasks/smoke-tests/storybook | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: Run `rw info` | |
run: | | |
yarn rw info | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run `rw lint` | |
run: | | |
yarn rw lint ./api/src --fix | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "rw test api" | |
run: | | |
yarn rw test api --no-watch | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "rw test web" | |
run: | | |
yarn rw test web --no-watch | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "rw check" | |
run: | | |
yarn rw check | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "rw storybook" | |
run: | | |
yarn rw sb --smoke-test | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "rw exec" | |
run: | | |
yarn rw g script testScript && yarn rw exec testScript | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "prisma generate" | |
run: | | |
yarn rw prisma generate | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "rw data-migrate" | |
run: | | |
yarn rw dataMigrate up | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "data-migrate install" | |
run: | | |
yarn rw data-migrate install | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "prisma migrate" | |
run: | | |
yarn rw prisma migrate dev --name ci-test | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run `rw deploy --help` | |
run: yarn rw setup deploy --help && yarn rw deploy --help | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run `rw setup ui --help` | |
run: yarn rw setup --help && yarn rw setup ui --help | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "g page" | |
run: | | |
yarn rw g page ciTest | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "g sdl" | |
run: | | |
yarn rw g sdl userExample | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Run "rw type-check" | |
run: | | |
yarn rw type-check | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
- name: Throw Error | Run `rw g sdl <model>` | |
run: | | |
yarn rw g sdl DoesNotExist | |
working-directory: ${{ steps.set-up-test-project.outputs.test-project-path }} | |
continue-on-error: true | |
# We've disabled Replay for now but may add it back. When we do, | |
# we need to add this to all the smoke tests steps' env: | |
# | |
# ``` | |
# env: | |
# RECORD_REPLAY_METADATA_TEST_RUN_TITLE: π Smoke tests / ${{ matrix.os }} / node 18 latest | |
# RECORD_REPLAY_TEST_METRICS: 1 | |
# ``` | |
# | |
# - name: Upload Replays | |
# if: always() | |
# uses: replayio/[email protected] | |
# with: | |
# api-key: rwk_cZn4WLe8106j6tC5ygNQxDpxAwCLpFo5oLQftiRN7OP | |
smoke-tests-docs: | |
needs: only-doc-changes | |
if: needs.only-doc-changes.outputs.only-doc-changes == 'true' | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest] | |
name: π Smoke test / ${{ matrix.os }} / node 18 latest | |
runs-on: ${{ matrix.os }} | |
steps: | |
- run: echo "Only doc changes" | |
telemetry-check: | |
needs: check | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest] | |
fail-fast: true | |
name: π Telemetry check / ${{ matrix.os }} / node 18 latest | |
runs-on: ${{ matrix.os }} | |
env: | |
REDWOOD_REDIRECT_TELEMETRY: "http://127.0.0.1:48619" # Random port | |
steps: | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Set up yarn cache | |
uses: ./.github/actions/set-up-yarn-cache | |
- name: π Yarn install | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: π¨ Build | |
run: yarn build | |
- name: π’ Listen for telemetry (CRWA) | |
run: node ./.github/actions/telemetry_check/check.mjs --mode crwa | |
- name: π’ Listen for telemetry (CLI) | |
run: node ./.github/actions/telemetry_check/check.mjs --mode cli | |
env: | |
YARN_ENABLE_IMMUTABLE_INSTALLS: false | |
telemetry-check-docs: | |
needs: only-doc-changes | |
if: needs.only-doc-changes.outputs.only-doc-changes == 'true' | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest] | |
name: π Telemetry check / ${{ matrix.os }} / node 18 latest | |
runs-on: ${{ matrix.os }} | |
steps: | |
- run: echo "Only doc changes" | |
rsc-smoke-tests: | |
needs: rsc-related-changes | |
if: needs.rsc-related-changes.outputs.rsc-related-changes == 'true' | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest] | |
name: ππ RSC Smoke tests / ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
env: | |
REDWOOD_CI: 1 | |
REDWOOD_VERBOSE_TELEMETRY: 1 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: β¬’ Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: π Set up yarn cache | |
uses: ./.github/actions/set-up-yarn-cache | |
- name: π Yarn install | |
run: yarn install --inline-builds | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: π¨ Build | |
run: yarn build | |
- name: π² Set up RSC project | |
id: set-up-rsc-project | |
uses: ./.github/actions/set-up-rsc-project | |
env: | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
YARN_ENABLE_IMMUTABLE_INSTALLS: false | |
- name: π Install playwright dependencies | |
run: npx playwright install --with-deps chromium | |
- name: π Run RSC smoke tests | |
working-directory: tasks/smoke-tests/rsc | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: ${{ steps.set-up-rsc-project.outputs.rsc-project-path }} | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: π² Set up RSA smoke test | |
id: set-up-rsa-project | |
uses: ./.github/actions/set-up-rsa-project | |
env: | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
YARN_ENABLE_IMMUTABLE_INSTALLS: false | |
- name: π Run RSA smoke tests | |
working-directory: tasks/smoke-tests/rsa | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: ${{ steps.set-up-rsa-project.outputs.test-project-path }} | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
- name: π² Set up RSC external packages smoke test | |
id: set-up-rsc-external-packages-project | |
uses: ./.github/actions/set-up-rsc-external-packages-project | |
env: | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
YARN_ENABLE_IMMUTABLE_INSTALLS: false | |
- name: π Run RSC external packages smoke tests | |
working-directory: tasks/smoke-tests/rsc-external-packages | |
run: npx playwright test | |
env: | |
REDWOOD_TEST_PROJECT_PATH: ${{ steps.set-up-rsc-external-packages-project.outputs.test-project-path }} | |
REDWOOD_DISABLE_TELEMETRY: 1 | |
rsc-smoke-tests-mock: | |
needs: rsc-related-changes | |
if: needs.rsc-related-changes.outputs.rsc-related-changes != 'true' | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest] | |
name: ππ RSC Smoke tests / ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
steps: | |
- run: echo "RSC smoke tests mock" |