Skip to content
This repository has been archived by the owner on Sep 30, 2024. It is now read-only.

Merge branch 'segmentio:main' into main #31

Merge branch 'segmentio:main' into main

Merge branch 'segmentio:main' into main #31

Workflow file for this run

name: CI
on:
push:
branches:
- main
pull_request:
jobs:
test:
name: Unit tests
runs-on: ubuntu-20.04
timeout-minutes: 30
strategy:
matrix:
node-version: [18.x]
steps:
# See nx recipe: https://nx.dev/recipes/ci/monorepo-ci-github-actions
- uses: actions/checkout@v3
with:
persist-credentials: false
fetch-depth: 0 # nx recipe
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
registry-url: 'https://registry.npmjs.org'
cache: yarn
- name: Use Github Personal Access Token
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/
- uses: nrwl/nx-set-shas@v3 # nx recipe
- name: Install Dependencies
run: yarn install --frozen-lockfile
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Build (Affected)
run: NODE_ENV=production yarn nx affected -t build --parallel=3 # nx recipe
- name: Test (Affected)
run: yarn nx affected -t test --parallel=3 # nx recipe
lint:
name: Lint
runs-on: ubuntu-20.04
timeout-minutes: 20
strategy:
matrix:
node-version: [18.x]
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
fetch-depth: 0 # nx recipe
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
registry-url: 'https://registry.npmjs.org'
cache: yarn
- name: Use Github Personal Access Token
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/
- uses: nrwl/nx-set-shas@v3 # nx recipe
- name: Install Dependencies
run: yarn install --frozen-lockfile
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Build # TODO: This monorepo should be refactored so packages can be linted invidually. "affected" will not work ATM.
run: NODE_ENV=production yarn build # nx recipe
- name: Lint
env:
NODE_OPTIONS: '--max-old-space-size=4096'
run: yarn lint
validate:
name: Validate
runs-on: ubuntu-20.04
timeout-minutes: 20
strategy:
matrix:
node-version: [18.x]
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
fetch-depth: 0 # nx recipe
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
registry-url: 'https://registry.npmjs.org'
cache: yarn
- name: Use Github Personal Access Token
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/
- uses: nrwl/nx-set-shas@v3 # nx recipe
- name: Install Dependencies
run: yarn install --frozen-lockfile
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Assert yarn.lock is up-to-date
run: bash scripts/assert-lockfile-updated.sh
- name: Build # TODO: This monorepo should be refactored so packages can be linted invidually. "affected" will not work ATM.
run: NODE_ENV=production yarn build # nx recipe
- name: Validate Definitions
run: yarn validate
- name: Destination Subscription Size
run: |
if $(lerna changed | grep -q destination-subscriptions); then
yarn subscriptions size
fi
- name: Assert generated types are up-to-date
run: bash scripts/assert-types-updated.sh
browser-destination-bundle-qa:
name: Browser Destination Bundle QA
# env: # Disable saucelabs - we blew through our quota.
# SAUCE_USERNAME: ${{secrets.SAUCE_USERNAME}}
# SAUCE_ACCESS_KEY: ${{secrets.SAUCE_ACCESS_KEY}}
runs-on: ubuntu-20.04
timeout-minutes: 20
strategy:
matrix:
node-version: [18.x]
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
registry-url: 'https://registry.npmjs.org'
cache: yarn
- name: Use Github Personal Access Token
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/
- name: Install Dependencies
run: yarn install --frozen-lockfile
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Build
run: NODE_ENV=production yarn build:browser-bundles
# - name: Run Saucelabs Tests
# working-directory: packages/browser-destinations-integration-tests
# shell: bash
# run: |
# yarn start-destination-server &
# yarn test:sauce
browser-tests-core:
name: 'Browser tests: actions-core'
runs-on: ubuntu-20.04
timeout-minutes: 10
strategy:
matrix:
node-version: [18.x]
steps:
- uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
registry-url: 'https://registry.npmjs.org'
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Use Github Personal Access Token
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/
- name: Install Dependencies
run: yarn install --frozen-lockfile
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Install Browser Dependencies
run: npx playwright install-deps
- name: Build
run: NODE_ENV=production yarn lerna run build --scope=@segment/actions-core --include-dependencies --stream
- name: Browser Test
run: yarn test-browser
snyk:
name: Snyk
runs-on: ubuntu-20.04
timeout-minutes: 5
strategy:
matrix:
node-version: [18.x]
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
registry-url: https://registry.npmjs.org
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Use Github Personal Access Token
run: git config --global url."https://${{ secrets.GH_PAT }}@github.com/".insteadOf ssh://[email protected]/
- name: Install Dependencies
run: yarn install --frozen-lockfile
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/node@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --severity-threshold=high --fail-on=upgradable --all-projects --policy-path=.snyk