build(deps-dev): Bump lint-staged from 13.2.3 to 15.0.2 #986
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Continuous Integration | |
# | |
# References: | |
# | |
# - https://docs.github.com/actions/learn-github-actions/contexts | |
# - https://docs.github.com/actions/learn-github-actions/expressions | |
# - https://docs.github.com/actions/using-jobs/using-a-matrix-for-your-jobs | |
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#pull_request | |
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#push | |
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch | |
# - https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions | |
# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request | |
# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#push | |
# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_dispatch | |
# - https://github.com/GitGuardian/ggshield-action | |
# - https://github.com/actions/cache | |
# - https://github.com/actions/cache/discussions/650 | |
# - https://github.com/actions/checkout | |
# - https://github.com/actions/setup-node | |
# - https://github.com/actions/setup-node/blob/main/docs/advanced-usage.md#yarn2-configuration | |
# - https://github.com/actions/upload-artifact | |
# - https://github.com/andstor/file-existence-action | |
# - https://github.com/codecov/codecov-action | |
# - https://github.com/hmarr/debug-action | |
# - https://yarnpkg.com/cli/pack | |
--- | |
name: ci | |
on: | |
pull_request: | |
push: | |
branches: | |
- feat/** | |
- hotfix/** | |
- main | |
- release/** | |
workflow_dispatch: | |
permissions: | |
contents: read | |
packages: read | |
env: | |
CACHE_PATH: node_modules | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
HUSKY: 0 | |
REF: ${{ github.head_ref || github.ref }} | |
REF_NAME: ${{ github.head_ref || github.ref_name }} | |
SHA: ${{ github.event.pull_request.head.sha || github.sha }} | |
concurrency: | |
cancel-in-progress: true | |
group: ${{ github.workflow }}-${{ github.ref }} | |
jobs: | |
preflight: | |
if: | | |
github.event.head_commit.author.name != 'dependabot[bot]' | |
&& github.event.head_commit.author.username != 'flexdevelopment' | |
&& !startsWith(github.event.head_commit.message, 'release:') | |
runs-on: ubuntu-latest | |
outputs: | |
version: ${{ steps.version.outputs.result }} | |
version-typescript: ${{ steps.version-typescript.outputs.result }} | |
steps: | |
- id: debug | |
name: Print environment variables and event payload | |
uses: hmarr/debug-action@v2.1.0 | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v4.1.1 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.8.1 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: yarn | |
name: Install dependencies | |
run: yarn ${{ github.actor == 'dependabot[bot]' && '--no-immutable' || '--immutable' }} | |
- id: cache | |
name: Cache dependencies | |
uses: actions/cache@v3.3.2 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: version | |
name: Get package version | |
run: echo "result=$(jq .version package.json -r)" >>$GITHUB_OUTPUT | |
- id: version-typescript | |
name: Get TypeScript version | |
run: echo "result=$(jq .devDependencies.typescript package.json -r)" >>$GITHUB_OUTPUT | |
commitlint: | |
needs: preflight | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v4.1.1 | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.8.1 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.2 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: lint | |
name: Check commitlint status | |
if: github.run_number != '1' | |
run: yarn commitlint --from $SHA~${{ github.event.pull_request.commits || 1 }} --to $SHA | |
gitguardian: | |
needs: commitlint | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v4.1.1 | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: scan | |
name: Scan commits for secrets and policy breaches | |
uses: GitGuardian/ggshield-action@master | |
with: | |
args: --all-policies --show-secrets --verbose | |
env: | |
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }} | |
GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} | |
GITHUB_PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }} | |
GITHUB_PUSH_BASE_SHA: ${{ github.event.base }} | |
GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }} | |
format: | |
needs: | |
- commitlint | |
- gitguardian | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v4.1.1 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.8.1 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.2 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: format | |
name: Check code formatting | |
run: yarn check:format | |
lint: | |
needs: | |
- commitlint | |
- gitguardian | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v4.1.1 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.8.1 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.2 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: lint | |
name: Check lint status | |
run: yarn check:lint | |
spelling: | |
needs: | |
- commitlint | |
- gitguardian | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v4.1.1 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.8.1 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.2 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: spelling | |
name: Check spelling | |
run: yarn check:spelling | |
typescript: | |
needs: | |
- commitlint | |
- gitguardian | |
- preflight | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
typescript-version: | |
- ${{ needs.preflight.outputs.version-typescript }} | |
- latest | |
- 5.0.4 | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v4.1.1 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: test-files-check | |
name: Check for typecheck files | |
uses: andstor/file-existence-action@v2.0.0 | |
with: | |
files: '**/__tests__/*.spec-d.ts' | |
- id: node | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Setup Node.js | |
uses: actions/setup-node@v3.8.1 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.2 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: typescript | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Install typescript@${{ matrix.typescript-version }} | |
run: yarn add -D typescript@${{ matrix.typescript-version }} | |
- id: print-typescript-version | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Print TypeScript version | |
run: jq .devDependencies.typescript package.json -r | |
- id: typecheck | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Run typecheck | |
run: yarn typecheck | |
test: | |
needs: | |
- commitlint | |
- gitguardian | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
node-version: | |
- 20 | |
- 19 | |
- 18 | |
- 16 | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v4.1.1 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: test-files-check | |
name: Check for test files | |
uses: andstor/file-existence-action@v2.0.0 | |
with: | |
files: '**/__tests__/*.spec.+(ts|tsx)' | |
- id: node | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Setup Node.js v${{ matrix.node-version }} | |
uses: actions/setup-node@v3.8.1 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version: ${{ matrix.node-version }} | |
- id: cache | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.2 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: test | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Run tests | |
run: yarn test:cov --segfault-retry=3 | |
- id: codecov | |
name: Upload coverage report to Codecov | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
uses: codecov/codecov-action@v3.1.4 | |
with: | |
env_vars: GITHUB_JOB,GITHUB_REF,GITHUB_REF_TYPE,GITHUB_RUN_ID,GITHUB_SHA,GITHUB_WORKSPACE | |
fail_ci_if_error: true | |
file: ./coverage/lcov.info | |
flags: ${{ format('node{0}', matrix.node-version) }} | |
override_branch: ${{ env.REF }} | |
override_build: ${{ github.run_id }} | |
override_commit: ${{ env.SHA }} | |
token: ${{ secrets.CODECOV_TOKEN }} | |
verbose: true | |
env: | |
GITHUB_JOB: ${{ github.job }} | |
GITHUB_REF: ${{ github.ref }} | |
GITHUB_REF_TYPE: ${{ github.ref_type }} | |
GITHUB_RUN_ID: ${{ github.run_id }} | |
GITHUB_SHA: ${{ env.SHA }} | |
GITHUB_WORKSPACE: ${{ github.workspace }} | |
build: | |
needs: | |
- commitlint | |
- gitguardian | |
- preflight | |
runs-on: ubuntu-latest | |
env: | |
TARFILE: | | |
${{ startsWith(github.head_ref || github.ref_name, 'release/') && format('@{0}-{1}-{2}.tgz', github.repository_owner, github.event.repository.name, needs.preflight.outputs.version) || format('@{0}-{1}-{2}+{3}.tgz', github.repository_owner, github.event.repository.name, needs.preflight.outputs.version, github.event.pull_request.head.sha || github.sha) }} | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v4.1.1 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.8.1 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.2 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: local-binaries | |
name: Add local binaries to $PATH | |
run: echo "$GITHUB_WORKSPACE/$CACHE_PATH/.bin" >> $GITHUB_PATH | |
- id: pack | |
name: Pack project | |
run: yarn pack -o ${{ env.TARFILE }} | |
- id: typecheck | |
name: Run typecheck | |
run: yarn check:types:build | |
- id: attw | |
name: Analyze types distribution | |
run: attw ${{ env.TARFILE }} | |
- id: pkg-size-report | |
name: Package size report | |
run: yarn pkg-size | |
- id: archive | |
name: Archive production artifacts | |
uses: actions/upload-artifact@v3.1.3 | |
with: | |
name: ${{ env.TARFILE }} | |
path: ${{ env.TARFILE }} |