Merge pull request #539 from emibcn/dependabot/npm_and_yarn/nanoid-3.3.8 #1047
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node | |
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions | |
name: Test | |
on: | |
push: | |
branches: [ main ] | |
paths-ignore: | |
# Can we use '**.md' ? | |
- 'README.md' | |
- 'SECURITY.md' | |
- 'CONTRIBUTING.md' | |
- 'CODE_OF_CONDUCT.md' | |
- 'LICENSE' | |
- '.gitignore' | |
- 'example/*' | |
pull_request: | |
branches: [ main ] | |
jobs: | |
check-secrets: | |
runs-on: ubuntu-latest | |
outputs: | |
github-token: ${{ steps.github-token.outputs.defined }} | |
github-token-push: ${{ steps.github-token-permissions.outputs.push }} | |
deepsource-token: ${{ steps.deepsource-token.outputs.defined }} | |
steps: | |
- id: github-token | |
name: Test GitHub token existence | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
if [ "${GITHUB_TOKEN}" != "" ] | |
then | |
echo "Found GitHub token" | |
echo "defined=true" >> "${GITHUB_OUTPUT}" | |
fi | |
- id: github-token-permissions | |
name: Test GitHub token permissions | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
echo "Get available permissions from GitHub API" | |
# https://stackoverflow.com/a/70588035/2928168 | |
PERMISSIONS="$( | |
curl -sS \ | |
-H "Authorization: token ${GITHUB_TOKEN}" \ | |
-H "Accept: application/vnd.github.v3+json" \ | |
"https://api.github.com/repos/${GITHUB_REPOSITORY}/collaborators/${GITHUB_ACTOR}/permission" \ | |
| jq --raw-output '.user.permissions' | |
)" | |
echo "Permissions:" | |
echo "${PERMISSIONS}" | sed -e 's/^/ - /g' | |
for KEY in $(echo "${PERMISSIONS}" | jq --raw-output '. | keys[]') | |
do | |
VALUE="$(echo "${PERMISSIONS}" | jq --raw-output ".${KEY}" )" | |
echo "Found token with ${VALUE} permission for ${KEY} in repo" | |
echo "${KEY}=${VALUE}" >> "${GITHUB_OUTPUT}" | |
done | |
- id: deepsource-token | |
name: Test Deepsource token existence | |
env: | |
DEEPSOURCE_DSN: ${{ secrets.DEEPSOURCE_DSN }} | |
run: | | |
if [ "${DEEPSOURCE_DSN}" != '' ] | |
then | |
echo "Found DeepSource token" | |
echo "defined=true" >> "${GITHUB_OUTPUT}" | |
fi | |
test: | |
needs: [check-secrets] | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
node-version: [18.x] | |
# Map a step output to a job output | |
outputs: | |
coverage: ${{ steps.coverage.outputs.coverage }} | |
coverage-rounded-display: ${{ steps.coverage.outputs.coverage-rounded-display }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/[email protected] | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Manage cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
node_modules | |
key: ${{ runner.OS }}-build-${{ hashFiles('**/yarn.lock') }}-${{ hashFiles('.github/workflows/*.yml') }} | |
restore-keys: | | |
${{ runner.OS }}-build-${{ hashFiles('**/yarn.lock') }} | |
${{ runner.OS }}-build | |
- name: yarn install and test | |
working-directory: ./ | |
run: | | |
yarn --immutable | |
yarn test | |
# Ensure we can build | |
yarn build | |
# Coverage badges will be updated on any branch | |
# and saved into a dedicated one | |
- name: Check test coverage | |
uses: johanvanhelden/gha-clover-test-coverage-check@v1 | |
id: coverage | |
with: | |
percentage: 50 | |
exit: 0 | |
rounded-precision: 2 | |
filename: "coverage/clover.xml" | |
- name: yarn test for DeepSource | |
working-directory: ./ | |
if: ${{ needs.check-secrets.outputs.deepsource-token == 'true' }} | |
run: | | |
# Disabled exit until we reach at least 50% coverage | |
yarn test:unit:cobertura | |
- name: Report test coverage to DeepSource | |
uses: deepsourcelabs/test-coverage-action@master | |
if: ${{ needs.check-secrets.outputs.deepsource-token == 'true' }} | |
with: | |
key: javascript | |
coverage-file: coverage/cobertura-coverage.xml | |
dsn: ${{ secrets.DEEPSOURCE_DSN }} | |
badge: | |
# Only generate and publish if these conditions are met: | |
# - The test step ended successfully | |
# - One of these is met: | |
# - This is a pull request event and the pull actor is the same as the repo owner | |
# - This is a push event and the push event is on branch 'main' | |
needs: [test,check-secrets] | |
if: ${{ needs.check-secrets.outputs.github-token-push == 'true' && (github.event_name == 'pull_request' || github.ref == 'refs/heads/main') }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Extract branch name | |
shell: bash | |
run: | | |
TMP_PULL_HEAD_REF="${{ github.head_ref }}" | |
TMP_GITHUB_REF="${GITHUB_REF#refs/heads/}" | |
EXPORT_VALUE="" | |
if [ "${TMP_PULL_HEAD_REF}" != "" ] | |
then | |
EXPORT_VALUE="${TMP_PULL_HEAD_REF}" | |
else | |
EXPORT_VALUE="${TMP_GITHUB_REF}" | |
fi | |
echo "branch=${EXPORT_VALUE}" >> "${GITHUB_OUTPUT}" | |
id: extract_branch | |
- uses: actions/checkout@v4 | |
with: | |
ref: badges | |
path: badges | |
# Use the output from the `coverage` step | |
- name: Generate the badge SVG image | |
uses: emibcn/badge-action@v2 | |
id: badge | |
with: | |
label: 'Coverage' | |
status: ${{ needs.test.outputs.coverage-rounded-display }} | |
color: ${{ | |
needs.test.outputs.coverage > 90 && 'green' || | |
needs.test.outputs.coverage > 80 && 'yellow,green' || | |
needs.test.outputs.coverage > 70 && 'yellow' || | |
needs.test.outputs.coverage > 60 && 'orange,yellow' || | |
needs.test.outputs.coverage > 50 && 'orange' || | |
needs.test.outputs.coverage > 40 && 'red,orange' || | |
needs.test.outputs.coverage > 30 && 'red,red,orange' || | |
needs.test.outputs.coverage > 20 && 'red,red,red,orange' || | |
'red' }} | |
path: badges/test-coverage.svg | |
- name: Commit badge | |
env: | |
BRANCH: ${{ steps.extract_branch.outputs.branch }} | |
FILE: 'test-coverage.svg' | |
working-directory: ./badges | |
run: | | |
git config --local user.email "[email protected]" | |
git config --local user.name "GitHub Action" | |
mkdir -p "${BRANCH}" | |
mv "${FILE}" "${BRANCH}" | |
git add "${BRANCH}/${FILE}" | |
# Will give error if badge did not changed | |
git commit -m "Add/Update badge" || true | |
- name: Push badge commit | |
uses: ad-m/github-push-action@master | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
branch: badges | |
directory: badges |