From b58099a924a0ad2aa1ce6ec4101b87ee8f47dd84 Mon Sep 17 00:00:00 2001 From: Dima Shevtsov <12731225+dshevtsov@users.noreply.github.com> Date: Tue, 20 Aug 2024 18:20:39 -0500 Subject: [PATCH] Refactor GitHub Actions workflows (#150) --- .github/super-linter.env | 7 +- .github/workflows/github-pages.yml | 21 +-- .github/workflows/index.yml | 17 +-- .github/workflows/publish.yml | 17 +-- .github/workflows/stage.yml | 17 +-- .github/workflows/test-pull-request.yml | 177 +++++++++++++----------- 6 files changed, 116 insertions(+), 140 deletions(-) diff --git a/.github/super-linter.env b/.github/super-linter.env index feebdd4..3802413 100644 --- a/.github/super-linter.env +++ b/.github/super-linter.env @@ -1,6 +1,7 @@ IGNORE_GITIGNORED_FILES=true -VALIDATE_GITLEAKS=true -VALIDATE_MARKDOWN=true MARKDOWN_CONFIG_FILE=.markdownlint.yml -VALIDATE_YAML=true +VALIDATE_ALL_CODEBASE=false +VALIDATE_GITHUB_ACTIONS=true VALIDATE_JSON=true +VALIDATE_MARKDOWN=true +VALIDATE_YAML=true diff --git a/.github/workflows/github-pages.yml b/.github/workflows/github-pages.yml index 8d62494..051a76a 100644 --- a/.github/workflows/github-pages.yml +++ b/.github/workflows/github-pages.yml @@ -1,28 +1,21 @@ --- name: Github Pages on: workflow_dispatch +permissions: {} jobs: build-and-deploy: runs-on: ubuntu-latest + permissions: + actions: read + contents: write steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup Node v16 - uses: actions/setup-node@v3 + - uses: actions/checkout@v4 + - name: Use Setup Node and Install Dependencies Action + uses: commerce-docs/devsite-install-action@main with: node-version-file: '.nvmrc' - cache: 'yarn' cache-dependency-path: 'yarn.lock' - - name: Enable Corepack for Yarn - run: corepack enable - - - name: Install Dependencies - run: yarn install - env: - YARN_ENABLE_IMMUTABLE_INSTALLS: false - - name: Build site run: yarn build env: diff --git a/.github/workflows/index.yml b/.github/workflows/index.yml index 46d4ea8..381892b 100644 --- a/.github/workflows/index.yml +++ b/.github/workflows/index.yml @@ -16,24 +16,13 @@ jobs: build-and-index: runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup Node v16 - uses: actions/setup-node@v3 + - uses: actions/checkout@v4 + - name: Use Setup Node and Install Dependencies Action + uses: commerce-docs/devsite-install-action@main with: node-version-file: '.nvmrc' - cache: 'yarn' cache-dependency-path: 'yarn.lock' - - name: Enable Corepack for Yarn - run: corepack enable - - - name: Install Dependencies - run: yarn install - env: - YARN_ENABLE_IMMUTABLE_INSTALLS: false - - name: Build site run: yarn build diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 1bd9bb9..845c867 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -55,24 +55,13 @@ jobs: needs: [set-state, pre-build] runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup Node v16 - uses: actions/setup-node@v3 + - uses: actions/checkout@v4 + - name: Use Setup Node and Install Dependencies Action + uses: commerce-docs/devsite-install-action@main with: node-version-file: '.nvmrc' - cache: 'yarn' cache-dependency-path: 'yarn.lock' - - name: Enable Corepack for Yarn - run: corepack enable - - - name: Install Dependencies - run: yarn install - env: - YARN_ENABLE_IMMUTABLE_INSTALLS: false - - name: Gatsby Cache uses: actions/cache@v3.3.2 with: diff --git a/.github/workflows/stage.yml b/.github/workflows/stage.yml index 726cf48..06551e3 100644 --- a/.github/workflows/stage.yml +++ b/.github/workflows/stage.yml @@ -66,24 +66,13 @@ needs: [set-state, pre-build] runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup Node v16 - uses: actions/setup-node@v3 + - uses: actions/checkout@v4 + - name: Use Setup Node and Install Dependencies Action + uses: commerce-docs/devsite-install-action@main with: node-version-file: '.nvmrc' - cache: 'yarn' cache-dependency-path: 'yarn.lock' - - name: Enable Corepack for Yarn - run: corepack enable - - - name: Install Dependencies - run: yarn install - env: - YARN_ENABLE_IMMUTABLE_INSTALLS: false - - name: Gatsby Cache uses: actions/cache@v3.3.2 with: diff --git a/.github/workflows/test-pull-request.yml b/.github/workflows/test-pull-request.yml index 6fbb7b4..4b5d2f3 100644 --- a/.github/workflows/test-pull-request.yml +++ b/.github/workflows/test-pull-request.yml @@ -1,85 +1,100 @@ --- -########################### -########################### -## Pull request testing ## -########################### -########################### -name: Latest Pull Request + ########################### + ########################### + ## Pull request testing ## + ########################### + ########################### + name: Validate pull request + + # Documentation: + # - Workflow: https://help.github.com/en/articles/workflow-syntax-for-github-actions + # - SuperLinter: https://github.com/github/super-linter + # - Link validation: https://github.com/remarkjs/remark-validate-links + + ###################################################### + # Start the job on a pull request to the main branch # + ###################################################### + on: pull_request -# Documentation: -# - Workflow: https://help.github.com/en/articles/workflow-syntax-for-github-actions -# - SuperLinter: https://github.com/github/super-linter -# - Link validation: https://github.com/remarkjs/remark-validate-links + ################################################# + # Disable all permissions on the workflow level # + ################################################# + permissions: {} + + ############### + # Set the Job # + ############### + jobs: + lint: + # Set the agent to run on + runs-on: ubuntu-latest + + ############################################ + # Grant status permission for MULTI_STATUS # + ############################################ + permissions: + contents: read + statuses: write + + ################## + # Load all steps # + ################## + steps: + ########################## + # Checkout the code base # + ########################## + - name: Checkout Code + uses: actions/checkout@v4 + with: + # Full git history is needed to get a proper list of changed files + # within `super-linter` + fetch-depth: 0 + - name: Load super-linter configuration + run: cat .github/super-linter.env >> "$GITHUB_ENV" + + ################################ + # Run Linters against code base # + ################################ + - name: Lint Code Base + # + # Use full version number to avoid cases when a next + # released version is buggy + # About slim image: https://github.com/github/super-linter#slim-image + uses: super-linter/super-linter/slim@v7.0.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + DEFAULT_BRANCH: main -###################################################### -# Start the job on a pull request to the main branch # -###################################################### -on: pull_request + test: + runs-on: ubuntu-latest + needs: lint + permissions: + contents: read + statuses: write + steps: + - uses: actions/checkout@v4 + - name: Use Setup Node and Install Dependencies Action + uses: commerce-docs/devsite-install-action@main + with: + node-version-file: '.nvmrc' + cache-dependency-path: 'yarn.lock' + + - name: Check links + run: yarn test -############### -# Set the Job # -############### -jobs: - validate: - # Set the agent to run on - runs-on: ubuntu-latest - - ############################################ - # Grant status permission for MULTI_STATUS # - ############################################ - permissions: - contents: read - packages: read - statuses: write - - ################## - # Load all steps # - ################## - steps: - ########################## - # Checkout the code base # - ########################## - - name: Checkout Code - uses: actions/checkout@v4 - with: - # Full git history is needed to get a proper list of changed files - # within `super-linter` - fetch-depth: 0 - - run: cat ".github/super-linter.env" >> "$GITHUB_ENV" - - ################################ - # Run Linters against code base # - ################################ - - name: Lint Code Base - # - # Use full version number to avoid cases when a next - # released version is buggy - # About slim image: https://github.com/github/super-linter#slim-image - uses: super-linter/super-linter/slim@v5.7.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - DEFAULT_BRANCH: main - VALIDATE_ALL_CODEBASE: false - VALIDATE_GITHUB_ACTIONS: true - - - name: Setup Node - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - cache: 'yarn' - cache-dependency-path: 'yarn.lock' - - - name: Enable Corepack for Yarn - run: corepack enable - - - name: Install Dependencies - run: yarn install - env: - YARN_ENABLE_IMMUTABLE_INSTALLS: false - - - name: Check links - run: yarn test - - - name: Build site - if: ${{ success() }} - run: yarn build + build: + runs-on: ubuntu-latest + needs: test + permissions: + contents: read + statuses: write + steps: + - uses: actions/checkout@v4 + - name: Use Setup Node and Install Dependencies Action + uses: commerce-docs/devsite-install-action@main + with: + node-version-file: '.nvmrc' + cache-dependency-path: 'yarn.lock' + + - name: Build site + run: yarn build