Skip to content

Merge pull request #1190 from securityscorecard/next #4001

Merge pull request #1190 from securityscorecard/next

Merge pull request #1190 from securityscorecard/next #4001

Workflow file for this run

name: CD
on:
push:
jobs:
unit-tests:
name: '🛟 Run unit tests'
runs-on: ubuntu-latest
strategy:
matrix:
node: ['18','20','22.4.1']
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-${{ matrix.node }}-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Run Unit Tests
run: yarn test
types:
name: '🪪 Check typings'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: '22.4.1'
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Run Types Check
run: yarn types
visual-tests:
name: '🖼 Run visual tests'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: '22.4.1'
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Cache storybook build
id: storybook-build-cache
uses: actions/cache@v4
with:
path: storybook-static
key: storybook-tests-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json', 'src/**', '!.storybook/image-snapshots/**' ,'.storybook/**') }}
- name: Build Storybook
if: steps.storybook-build-cache.outputs.cache-hit != 'true'
run: yarn storybook:build
- name: Run Visual Regressions
run: yarn test:storybook:visual:ci
- name: Tar artifacts
if: failure()
run: tar -cvf visual-test-reports.tar .storybook/image-snapshots
- name: Archive visual artifacts
if: failure()
uses: actions/upload-artifact@v4
with:
name: visual-test-reports
path: visual-test-reports.tar
a11y-tests:
name: '♿ Check basic a11y tests'
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
shard: ['1','2','3','4']
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: '22.4.1'
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Install Playwright Browsers
run: npx playwright install chromium --with-deps
- name: Cache storybook build
id: storybook-build-cache
uses: actions/cache@v4
with:
path: storybook-static
key: storybook-tests-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json', 'src/**', '!.storybook/image-snapshots/**' ,'.storybook/**') }}
- name: Build Storybook
if: steps.storybook-build-cache.outputs.cache-hit != 'true'
run: yarn storybook:build
- name: Run A11y tests
id: 'a11yTests'
run: yarn test:a11y:ci
continue-on-error: true
env:
SHARD: ${{matrix.shard}}
MAX_SHARDS: '4'
- run: echo "OK"
if: job.steps.a11yTests.status == failure()
lint:
name: '🧹 Run lint'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: '22.4.1'
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Run Lint
run: yarn lint
lint-css:
name: '🎨 Lint CSS'
runs-on: ubuntu-latest
strategy:
matrix:
type: ['css', 'css-jsx']
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: '22.4.1'
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Run Lint
run: yarn lint:${{matrix.type}}
build:
name: '🧰 Build package'
runs-on: ubuntu-latest
strategy:
matrix:
node: ['18','20','22.4.1']
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-${{ matrix.node }}-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Cache build
id: library-build-cache
uses: actions/cache@v4
with:
path: build
key: build-node-${{ matrix.node }}-${{ hashFiles('**/yarn.lock', '**/package.json', '**/rollup.config.js', 'src/**') }}
- name: Build Step
run: yarn build
- uses: actions/upload-artifact@v4
with:
name: bundle-stats-${{ matrix.node }}
path: stats
get-next-version:
name: '📟 Get next released version'
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/beta') && !contains(github.event.head_commit.message, 'chore(release):')
continue-on-error: true
needs: [unit-tests, visual-tests, types, lint, lint-css, build]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22.4.1'
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Run Semantic Release
run: yarn semantic-release --dry-run
id: get-next-version
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_CONFIG_REGISTRY: https://registry.npmjs.org:8443/
- name: Show release
run: |
echo The new version will be released: ${{steps.get-next-version.outputs.new-release-published}}
echo Number of the new vesion will be: ${{steps.get-next-version.outputs.new-release-version}}
outputs:
new-release-published: ${{ steps.get-next-version.outputs.new-release-published }}
new-release-version: ${{ steps.get-next-version.outputs.new-release-version }}
status: ${{ job.status }}
build-and-publish:
name: '🚀 Publish new version'
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/beta') && !contains(github.event.head_commit.message, 'chore(release):')
needs: get-next-version
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: '22.4.1'
registry-url: 'https://registry.npmjs.org'
scope: '@securityscorecard'
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Cache build
id: library-build-cache
uses: actions/cache@v4
with:
path: build
key: build-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json', '**/rollup.config.js', 'src/**') }}
- name: Build Step
if: steps.library-build-cache.outputs.cache-hit != 'true'
run: yarn build
- name: Run Semantic Release
run: yarn semantic-release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_CONFIG_REGISTRY: https://registry.npmjs.org:8443/
build-docs:
name: '📒 Build documentation'
if: needs.get-next-version.outputs.new-release-published == 'true' && needs.get-next-version.outputs.status == 'success'
needs: [get-next-version, build-and-publish]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: main
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22.4.1'
- name: Cache yarn files
uses: actions/cache@v4
id: cache
with:
path: |
.yarn/install-state.gz
node_modules
key: node-modules-node-22.4.1-${{ hashFiles('**/yarn.lock', '**/package.json') }}
- name: Install Packages
if: steps.cache.outputs.cache-hit != 'true'
run: yarn install --immutable
- name: Cache storybook build
id: storybook-build-cache
uses: actions/cache@v4
with:
path: docs-build
key: storybook-docs-${{ needs.get-next-version.outputs.new-release-version }}-${{ hashFiles('**/yarn.lock', '**/package.json', 'src/**', '!.storybook/image-snapshots/**' ,'.storybook/**') }}
- name: Build Storybook
if: steps.storybook-build-cache.outputs.cache-hit != 'true'
env:
DOCS: true
run: yarn storybook:build -o ./docs-build/${{ needs.get-next-version.outputs.new-release-version }}
- name: Generate redirect index
if: github.ref == 'refs/heads/main'
env:
VERSION: ${{ needs.get-next-version.outputs.new-release-version }}
run: |
yarn node ./scripts/generate-index.js
- name: Upload Storybook artifact
uses: actions/upload-artifact@v4
with:
name: storybook
path: ./docs-build
retention-days: 1
deploy-docs:
name: '📤 Deploy documentation'
needs: [get-next-version, build-docs]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: gh-pages
- name: Download Storybook artifact
uses: actions/download-artifact@v4
with:
name: storybook
- name: Commit storybook
run: |
git config --global user.name "Continuous Integration"
git config --global user.email "[email protected]"
git add -A
git commit -m "Publish docs for ${{ needs.get-next-version.outputs.new-release-version }}"
git push