ci: 👷 handle app preview #3071
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - reopened | |
| - synchronize | |
| - ready_for_review | |
| branches: | |
| - "**" | |
| workflow_dispatch: | |
| env: | |
| NODE_VERSION: "20.15.1" | |
| PNPM_VERSION: "9.5.0" | |
| REGISTRY: "ghcr.io" | |
| NAMESPACE: "${{ github.repository }}" | |
| MULTI_ARCH: false | |
| USE_QEMU: false | |
| jobs: | |
| path-filter: | |
| runs-on: ubuntu-latest | |
| if: ${{ !github.event.pull_request.draft }} | |
| outputs: | |
| apps: ${{ steps.filter.outputs.apps }} | |
| steps: | |
| - name: Checks-out repository | |
| uses: actions/checkout@v4 | |
| - name: Check updated files paths | |
| uses: dorny/paths-filter@v3 | |
| id: filter | |
| with: | |
| filters: | | |
| apps: | |
| - 'apps/**' | |
| - 'packages/**' | |
| - 'plugins/**' | |
| - '.github/workflows/**' | |
| expose-vars: | |
| runs-on: ubuntu-latest | |
| if: ${{ !github.event.pull_request.draft }} | |
| outputs: | |
| NODE_VERSION: ${{ env.NODE_VERSION }} | |
| PNPM_VERSION: ${{ env.PNPM_VERSION }} | |
| REGISTRY: ${{ env.REGISTRY }} | |
| NAMESPACE: ${{ env.NAMESPACE }} | |
| MULTI_ARCH: ${{ env.MULTI_ARCH }} | |
| USE_QEMU: ${{ env.USE_QEMU }} | |
| steps: | |
| - name: Exposing env vars | |
| run: echo "Exposing env vars" | |
| lint: | |
| uses: ./.github/workflows/lint.yml | |
| needs: | |
| - expose-vars | |
| with: | |
| NODE_VERSION: ${{ needs.expose-vars.outputs.NODE_VERSION }} | |
| PNPM_VERSION: ${{ needs.expose-vars.outputs.PNPM_VERSION }} | |
| unit-tests: | |
| uses: ./.github/workflows/tests-unit.yml | |
| needs: | |
| - expose-vars | |
| with: | |
| NODE_VERSION: ${{ needs.expose-vars.outputs.NODE_VERSION }} | |
| PNPM_VERSION: ${{ needs.expose-vars.outputs.PNPM_VERSION }} | |
| secrets: | |
| SONAR_HOST_URL: "${{ secrets.SONAR_HOST_URL }}" | |
| SONAR_TOKEN: "${{ secrets.SONAR_TOKEN }}" | |
| SONAR_PROJECT_KEY: "${{ secrets.SONAR_PROJECT_KEY }}" | |
| component-tests: | |
| uses: ./.github/workflows/tests-component.yml | |
| if: ${{ needs.path-filter.outputs.apps == 'true' }} | |
| needs: | |
| - path-filter | |
| - expose-vars | |
| with: | |
| NODE_VERSION: ${{ needs.expose-vars.outputs.NODE_VERSION }} | |
| PNPM_VERSION: ${{ needs.expose-vars.outputs.PNPM_VERSION }} | |
| BROWSERS: "${{ github.base_ref == 'main' && 'chrome,firefox' || 'firefox' }}" | |
| build: | |
| uses: ./.github/workflows/build.yml | |
| needs: | |
| - expose-vars | |
| with: | |
| REGISTRY: ${{ needs.expose-vars.outputs.REGISTRY }} | |
| NAMESPACE: ${{ needs.expose-vars.outputs.NAMESPACE }} | |
| TAG: pr-${{ github.event.pull_request.number || github.event.number }} | |
| MULTI_ARCH: ${{ needs.expose-vars.outputs.MULTI_ARCH == 'true' }} | |
| USE_QEMU: ${{ needs.expose-vars.outputs.USE_QEMU == 'true' }} | |
| e2e-tests: | |
| uses: ./.github/workflows/tests-e2e.yml | |
| if: ${{ needs.path-filter.outputs.apps == 'true' }} | |
| needs: | |
| - path-filter | |
| - expose-vars | |
| - build | |
| with: | |
| NODE_VERSION: ${{ needs.expose-vars.outputs.NODE_VERSION }} | |
| PNPM_VERSION: ${{ needs.expose-vars.outputs.PNPM_VERSION }} | |
| TAG: pr-${{ github.event.pull_request.number || github.event.number }} | |
| BROWSERS: "${{ github.base_ref == 'main' && 'chrome,firefox' || 'firefox' }}" | |
| deploy-tests: | |
| uses: ./.github/workflows/tests-deploy.yml | |
| if: ${{ needs.path-filter.outputs.apps != 'true' || (!github.event.pull_request.draft && github.base_ref == 'main') }} | |
| needs: | |
| - path-filter | |
| - expose-vars | |
| - build | |
| with: | |
| TAG: pr-${{ github.event.pull_request.number || github.event.number }} | |
| scan-vuln: | |
| uses: ./.github/workflows/scan.yml | |
| if: ${{ !github.event.pull_request.draft && github.base_ref == 'main' }} | |
| needs: | |
| - expose-vars | |
| - build | |
| with: | |
| REGISTRY: ${{ needs.expose-vars.outputs.REGISTRY }} | |
| NAMESPACE: ${{ needs.expose-vars.outputs.NAMESPACE }} | |
| TAG: pr-${{ github.event.pull_request.number || github.event.number }} | |
| # Workaround for required status check in protection branches (see. https://github.com/orgs/community/discussions/13690) | |
| all-jobs-passed: | |
| name: Check jobs status | |
| runs-on: ubuntu-latest | |
| if: ${{ always() }} | |
| needs: | |
| - path-filter | |
| - expose-vars | |
| - lint | |
| - unit-tests | |
| - component-tests | |
| - build | |
| - e2e-tests | |
| - deploy-tests | |
| - scan-vuln | |
| steps: | |
| - name: Check status of all required jobs | |
| run: |- | |
| NEEDS_CONTEXT='${{ toJson(needs) }}' | |
| JOB_IDS=$(echo "$NEEDS_CONTEXT" | jq -r 'keys[]') | |
| for JOB_ID in $JOB_IDS; do | |
| RESULT=$(echo "$NEEDS_CONTEXT" | jq -r ".[\"$JOB_ID\"].result") | |
| echo "$JOB_ID job result: $RESULT" | |
| if [[ $RESULT != "success" && $RESULT != "skipped" ]]; then | |
| echo "***" | |
| echo "Error: The $JOB_ID job did not pass." | |
| exit 1 | |
| fi | |
| done | |
| echo "All jobs passed or were skipped." |