build(deps-dev): Bump eslint-plugin-jsdoc from 43.0.7 to 46.3.0 #682
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Continuous Integration | |
# | |
# References: | |
# | |
# - https://dbdocs.io/docs/ci-integration | |
# - https://docs.github.com/actions/automating-builds-and-tests/building-and-testing-nodejs | |
# - https://docs.github.com/actions/learn-github-actions/contexts | |
# - https://docs.github.com/actions/learn-github-actions/expressions | |
# - https://docs.github.com/actions/using-containerized-services/about-service-containers | |
# - https://docs.github.com/actions/using-jobs/using-a-matrix-for-your-jobs | |
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#pull_request | |
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#push | |
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch | |
# - https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions | |
# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request | |
# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#push | |
# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#workflow_dispatch | |
# - https://github.com/GitGuardian/ggshield-action | |
# - https://github.com/actions/cache | |
# - https://github.com/actions/cache/discussions/650 | |
# - https://github.com/actions/checkout | |
# - https://github.com/actions/setup-node | |
# - https://github.com/actions/setup-node/blob/main/docs/advanced-usage.md#yarn2-configuration | |
# - https://github.com/actions/upload-artifact | |
# - https://github.com/andstor/file-existence-action | |
# - https://github.com/codecov/codecov-action | |
# - https://github.com/docker/build-push-action | |
# - https://github.com/docker/login-action | |
# - https://github.com/docker/metadata-action | |
# - https://github.com/hmarr/debug-action | |
# - https://github.com/opencontainers/image-spec/blob/main/annotations.md | |
# - https://github.com/tj-actions/changed-files | |
# - https://yarnpkg.com/cli/pack | |
--- | |
name: ci | |
on: | |
pull_request: | |
push: | |
branches: | |
- feat/** | |
- hotfix/** | |
- main | |
- release/** | |
workflow_dispatch: | |
permissions: | |
contents: read | |
packages: write | |
env: | |
CACHE_PATH: node_modules | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
HUSKY: 0 | |
REF: ${{ github.head_ref || github.ref }} | |
REF_NAME: ${{ github.head_ref || github.ref_name }} | |
SHA: ${{ github.event.pull_request.head.sha || github.sha }} | |
concurrency: | |
cancel-in-progress: true | |
group: ${{ github.workflow }}-${{ github.ref }} | |
jobs: | |
preflight: | |
if: | | |
github.event.head_commit.author.name != 'dependabot[bot]' | |
&& github.event.head_commit.author.username != 'flexdevelopment' | |
&& !startsWith(github.event.head_commit.message, 'release:') | |
runs-on: ubuntu-latest | |
outputs: | |
container-image-url: ${{ steps.container-image-url.outputs.result }} | |
edge: ${{ steps.container-edge-check.outputs.modified_files != '' }} | |
version: ${{ steps.version.outputs.result }} | |
steps: | |
- id: debug | |
name: Print environment variables and event payload | |
uses: hmarr/debug-action@v2.1.0 | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.6.0 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: yarn | |
name: Install dependencies | |
run: yarn ${{ github.actor == 'dependabot[bot]' && '--no-immutable' || '--immutable' }} | |
- id: cache | |
name: Cache dependencies | |
uses: actions/cache@v3.3.1 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: version | |
name: Get project version | |
run: echo "result=$(jq .version package.json -r)" >>$GITHUB_OUTPUT | |
- id: container-image-url | |
name: Get container image URL | |
run: | | |
echo "result=${{ format('{0}/{1}/pkgs/container/{2}', github.server_url, github.repository, github.event.repository.name) }}" >>$GITHUB_OUTPUT | |
- id: container-edge-check | |
name: ghcr.io/${{ github.repository }}:edge check | |
if: github.event_name != 'workflow_dispatch' | |
uses: tj-actions/changed-files@v35.8.0 | |
with: | |
files: | | |
.yarn/** | |
.yarnrc.yml | |
Dockerfile | |
build.config.ts | |
package.json | |
src/** | |
tsconfig.build.json | |
tsconfig.json | |
yarn.lock | |
since_last_remote_commit: true | |
- id: print-container-edge-check | |
name: Print ghcr.io/${{ github.repository }}:edge check | |
run: | | |
echo edge: ${{ steps.container-edge-check.outputs.modified_files != '' }} | |
echo '${{ toJSON(steps.container-edge-check.outputs) }}' | |
commitlint: | |
needs: preflight | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.6.0 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.1 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: lint | |
name: Check commitlint status | |
if: github.run_number != '1' | |
run: yarn commitlint --from $SHA~${{ github.event.pull_request.commits || 1 }} --to $SHA | |
gitguardian: | |
needs: commitlint | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: scan | |
name: Scan commits for secrets and policy breaches | |
uses: GitGuardian/ggshield-action@master | |
with: | |
args: --all-policies --show-secrets --verbose | |
env: | |
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }} | |
GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }} | |
GITHUB_PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }} | |
GITHUB_PUSH_BASE_SHA: ${{ github.event.base }} | |
GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }} | |
format: | |
needs: | |
- commitlint | |
- gitguardian | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.6.0 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.1 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: format | |
name: Check code formatting | |
run: yarn check:format | |
lint: | |
needs: | |
- commitlint | |
- gitguardian | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.6.0 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.1 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: lint | |
name: Check lint status | |
run: yarn check:lint | |
spelling: | |
needs: | |
- commitlint | |
- gitguardian | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.6.0 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.1 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: spelling | |
name: Check spelling | |
run: yarn check:spelling | |
typescript: | |
needs: | |
- commitlint | |
- gitguardian | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: test-files-check | |
name: Check for typecheck files | |
uses: andstor/file-existence-action@v2.0.0 | |
with: | |
files: '**/__tests__/*.spec-d.ts' | |
- id: node | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Setup Node.js | |
uses: actions/setup-node@v3.6.0 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.1 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: typecheck | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Run typecheck | |
run: yarn typecheck | |
test: | |
needs: | |
- commitlint | |
- gitguardian | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
node-version: | |
- 20 | |
- 19 | |
- 18 | |
- 16 | |
env: | |
APP_ENV: ci | |
DB_HOSTNAME: localhost | |
DB_NAME: ci | |
DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
DB_PORT: 27017 | |
DB_USERNAME: ${{ secrets.DB_USERNAME }} | |
NODE_ENV: test | |
URL: ${{ secrets.URL }} | |
services: | |
mongo: | |
image: mongo:6.0.5-jammy | |
env: | |
MONGO_INITDB_DATABASE: ci | |
MONGO_INITDB_ROOT_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
MONGO_INITDB_ROOT_USERNAME: ${{ secrets.DB_USERNAME }} | |
options: >- | |
--health-cmd "mongosh ci --eval='quit(db.runCommand({ ping: 1 }).ok ? 0 : 1)'" | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
- 27017:27017 | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: test-files-check | |
name: Check for test files | |
uses: andstor/file-existence-action@v2.0.0 | |
with: | |
files: '**/__tests__/*.spec.+(ts|tsx)' | |
- id: node | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Setup Node.js v${{ matrix.node-version }} | |
uses: actions/setup-node@v3.6.0 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version: ${{ matrix.node-version }} | |
- id: cache | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.1 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: test | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
name: Run tests | |
run: yarn test:cov --segfault-retry=3 | |
- id: codecov | |
name: Upload coverage report to Codecov | |
if: steps.test-files-check.outputs.files_exists == 'true' | |
uses: codecov/codecov-action@v3.1.2 | |
with: | |
env_vars: GITHUB_JOB,GITHUB_REF,GITHUB_REF_TYPE,GITHUB_RUN_ID,GITHUB_SHA,GITHUB_WORKSPACE | |
fail_ci_if_error: true | |
file: ./coverage/lcov.info | |
flags: ${{ format('node{0}', matrix.node-version) }} | |
override_branch: ${{ env.REF }} | |
override_build: ${{ github.run_id }} | |
override_commit: ${{ env.SHA }} | |
token: ${{ secrets.CODECOV_TOKEN }} | |
verbose: true | |
env: | |
GITHUB_JOB: ${{ github.job }} | |
GITHUB_REF: ${{ github.ref }} | |
GITHUB_REF_TYPE: ${{ github.ref_type }} | |
GITHUB_RUN_ID: ${{ github.run_id }} | |
GITHUB_SHA: ${{ env.SHA }} | |
GITHUB_WORKSPACE: ${{ github.workspace }} | |
build: | |
needs: | |
- commitlint | |
- gitguardian | |
- preflight | |
runs-on: ubuntu-latest | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF_NAME }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
persist-credentials: false | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.6.0 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.1 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: pack | |
name: Pack project | |
run: yarn pack -o %s-%v.tgz | |
- id: archive | |
name: Archive production artifacts | |
uses: actions/upload-artifact@v3.1.2 | |
with: | |
name: | | |
${{ format('@{0}-{1}-{2}', github.repository_owner, github.event.repository.name, needs.preflight.outputs.version) }} | |
path: '*.tgz' | |
ghcr: | |
needs: | |
- build | |
- commitlint | |
- format | |
- gitguardian | |
- lint | |
- preflight | |
- spelling | |
- test | |
- typescript | |
if: | | |
github.actor != 'dependabot[bot]' | |
&& github.actor != 'flexdevelopment' | |
&& needs.preflight.outputs.edge != 'false' | |
runs-on: ubuntu-latest | |
environment: | |
name: container | |
url: ${{ needs.preflight.outputs.container-image-url }} | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
ref: ${{ env.REF }} | |
- id: login | |
name: Login to GitHub Container Registry | |
uses: docker/login-action@v2.1.0 | |
with: | |
password: ${{ secrets.GITHUB_TOKEN }} | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
- id: image-licenses | |
name: Get container image licenses | |
run: echo "result=$(jq .license package.json -r)" >>$GITHUB_OUTPUT | |
- id: metadata | |
name: Extract container image metadata | |
uses: docker/metadata-action@v4.4.0 | |
env: | |
DOCKER_METADATA_PR_HEAD_SHA: ${{ github.event_name == 'pull_request' }} | |
SOURCE: ${{ format('{0}/{1}', github.server_url, github.repository) }} | |
VERSION: ${{ format('{0}+{1}', needs.preflight.outputs.version, env.SHA) }} | |
with: | |
flavor: latest=false | |
images: ghcr.io/${{ github.repository }} | |
labels: | | |
org.opencontainers.image.authors=@unicornware | |
org.opencontainers.image.licenses=${{ steps.image-licenses.outputs.result }} | |
org.opencontainers.image.title=${{ format('@{0}', github.repository) }} | |
org.opencontainers.image.revision=${{ env.SHA }} | |
org.opencontainers.image.source=${{ env.SOURCE }} | |
org.opencontainers.image.url=${{ needs.preflight.outputs.container-image-url }} | |
org.opencontainers.image.vendor=${{ github.repository_owner }} | |
org.opencontainers.image.version=${{ env.VERSION }} | |
tags: | | |
type=raw,value=edge | |
type=raw,value=${{ env.VERSION }} | |
type=ref,event=${{ github.event_name == 'pull_request' && 'pr' || 'branch' }} | |
type=semver,pattern={{raw}},value=${{ env.VERSION }} | |
type=sha,prefix= | |
type=sha,prefix=,format=long | |
- id: build-push | |
name: Build and push container image | |
uses: docker/build-push-action@v4.0.0 | |
with: | |
context: . | |
file: ./Dockerfile | |
labels: ${{ steps.metadata.outputs.labels }} | |
push: true | |
secrets: | | |
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} | |
tags: ${{ steps.metadata.outputs.tags }} | |
target: production | |
dbdocs: | |
needs: | |
- build | |
- commitlint | |
- format | |
- ghcr | |
- gitguardian | |
- lint | |
- spelling | |
- test | |
- typescript | |
if: github.actor != 'dependabot[bot]' && github.actor != 'flexdevelopment' | |
runs-on: ubuntu-latest | |
environment: | |
name: dbdocs | |
url: https://dbdocs.io/unicornware/${{ github.event.repository.name }} | |
steps: | |
- id: checkout | |
name: Checkout ${{ env.REF }} | |
uses: actions/checkout@v3.5.2 | |
with: | |
ref: ${{ env.REF }} | |
- id: node | |
name: Setup Node.js | |
uses: actions/setup-node@v3.6.0 | |
with: | |
cache: yarn | |
cache-dependency-path: yarn.lock | |
node-version-file: .nvmrc | |
- id: cache | |
name: Restore dependencies cache | |
uses: actions/cache@v3.3.1 | |
with: | |
key: ${{ runner.os }}-${{ github.run_id }} | |
path: ${{ env.CACHE_PATH }} | |
- id: build | |
name: Update dbdocs project | |
run: yarn build:dbdocs | |
env: | |
DBDOCS_TOKEN: ${{ secrets.DBDOCS_TOKEN }} | |
- id: archive | |
name: Archive database schema file | |
uses: actions/upload-artifact@v3.1.2 | |
with: | |
name: DATABASE.dbml | |
path: ./DATABASE.dbml |