-
Notifications
You must be signed in to change notification settings - Fork 1
151 lines (146 loc) · 5.26 KB
/
code-analysis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
name: 'Code Analysis'
on:
pull_request:
types:
- opened
- synchronize
push:
branches:
- develop
permissions:
id-token: write
contents: read
actions: read
checks: write
statuses: write
jobs:
lint:
name: Lint
runs-on: ubuntu-24.04
steps:
- name: Load secrets from 1Password
uses: 1password/load-secrets-action@v2.0.0
id: secrets
with:
export-env: false
env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN_RO }}
#
APP_ID: 'op://GitHub.Actions/GitHub/corva-bot/APP_ID'
PRIVATE_KEY: 'op://GitHub.Actions/GitHub/corva-bot/PRIVATE_KEY'
- name: Checkout sources
uses: actions/checkout@v4.1.7
with:
ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
- name: Setup Environment
uses: ./.github/actions/setup-environment
with:
build: "false"
- name: Cache ESLint
uses: actions/cache@v4.0.2
with:
path: .eslintcache
key: ${{ runner.os }}-eslint-${{ hashFiles('./yarn.lock') }}-${{ hashFiles('./.eslint*') }}
- name: Lint
run: npm run lint
- name: Generate GitHub token
uses: actions/create-github-app-token@v1.10.4
if: ${{ success() || failure() }}
id: token
with:
app-id: ${{ steps.secrets.outputs.APP_ID }}
private-key: ${{ steps.secrets.outputs.PRIVATE_KEY }}
- name: Add PR status check
uses: ouzi-dev/commit-status-updater@v2.0.2
if: ${{ success() || failure() }}
with:
token: ${{ steps.token.outputs.token }}
name: 'Lint'
status: ${{ job.status }}
url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
description: ${{ job.status == 'success' && 'Linted successfully' || 'Linted with errors. Check PR annotations' }}
format:
name: Format
runs-on: ubuntu-24.04
steps:
- name: Load secrets from 1Password
uses: 1password/load-secrets-action@v2.0.0
id: secrets
with:
export-env: false
env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN_RO }}
#
APP_ID: 'op://GitHub.Actions/GitHub/corva-bot/APP_ID'
PRIVATE_KEY: 'op://GitHub.Actions/GitHub/corva-bot/PRIVATE_KEY'
- name: Checkout sources
uses: actions/checkout@v4.1.7
with:
ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
- name: Setup Environment
uses: ./.github/actions/setup-environment
with:
build: "false"
- name: Format
run: npm run format-check
- name: Generate GitHub token
uses: actions/create-github-app-token@v1.10.4
if: ${{ success() || failure() }}
id: token
with:
app-id: ${{ steps.secrets.outputs.APP_ID }}
private-key: ${{ steps.secrets.outputs.PRIVATE_KEY }}
- name: Add PR status check
uses: ouzi-dev/commit-status-updater@v2.0.2
if: ${{ success() || failure() }}
with:
token: ${{ steps.token.outputs.token }}
name: 'Format'
status: ${{ job.status }}
url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
description: ${{ job.status == 'success' && 'Code is properly formatted' || 'Code is not properly formatted. Check PR annotations' }}
test:
name: Unit Test
runs-on: ubuntu-24.04
steps:
- name: Load secrets from 1Password
uses: 1password/load-secrets-action@v2.0.0
id: secrets
with:
export-env: false
env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN_RO }}
#
APP_ID: 'op://GitHub.Actions/GitHub/corva-bot/APP_ID'
PRIVATE_KEY: 'op://GitHub.Actions/GitHub/corva-bot/PRIVATE_KEY'
- name: Checkout sources
uses: actions/checkout@v4.1.7
with:
ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
- name: Setup Environment
uses: ./.github/actions/setup-environment
with:
build: "false"
- name: Cache Jest
uses: actions/cache@v4.0.2
with:
path: ./node_modules/.cache/jest
key: ${{ runner.os }}-jest-${{ hashFiles('./yarn.lock') }}
- name: Test
run: npm run test
- name: Generate GitHub token
uses: actions/create-github-app-token@v1.10.4
if: ${{ success() || failure() }}
id: token
with:
app-id: ${{ steps.secrets.outputs.APP_ID }}
private-key: ${{ steps.secrets.outputs.PRIVATE_KEY }}
- name: Add PR status check
uses: ouzi-dev/commit-status-updater@v2.0.2
if: ${{ success() || failure() }}
with:
token: ${{ steps.token.outputs.token }}
name: 'Unit Test'
status: ${{ job.status }}
url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
description: ${{ job.status == 'success' && 'Unit tests ran successfully' || 'Unit tests ran with errors. Check PR annotations' }}