feat: Netlify, Next, Unkey Starter #555
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request_target: | |
| concurrency: CI | |
| env: | |
| DATABASE_BRANCH_NAME: pr-${{ github.event.number }}-${{ github.actor }} | |
| PLANETSCALE_SERVICE_TOKEN_ID: ${{ secrets.PLANETSCALE_SERVICE_TOKEN_ID }} | |
| PLANETSCALE_SERVICE_TOKEN: ${{ secrets.PLANETSCALE_SERVICE_TOKEN }} | |
| jobs: | |
| authorize: | |
| environment: | |
| ${{ github.event_name == 'pull_request_target' && | |
| github.event.pull_request.head.repo.full_name != github.repository && | |
| 'external' || 'internal' }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - run: true | |
| test_agent: | |
| needs: authorize | |
| name: Unit Test Agent | |
| runs-on: ubuntu-latest | |
| services: | |
| mysql: | |
| image: mysql:latest | |
| env: | |
| MYSQL_ALLOW_EMPTY_PASSWORD: yes | |
| MYSQL_DATABASE: unkey | |
| ports: | |
| - 3306:3306 | |
| options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| - name: Load Schema into MySQL | |
| run: mysql -h 127.0.0.1 --port 3306 -uroot unkey < ./apps/agent/pkg/database/schema.sql | |
| - name: Setup Go | |
| uses: actions/setup-go@v2 | |
| with: | |
| go-version: ^1.20.0 | |
| - name: Set up gotestfmt | |
| run: go install github.com/gotesttools/gotestfmt/v2/cmd/gotestfmt@latest | |
| - name: Install dependencies | |
| run: go mod download | |
| working-directory: apps/agent | |
| - name: Test | |
| run: go test -p 4 -v -json -shuffle=on --race ./... | gotestfmt | |
| working-directory: apps/agent | |
| env: | |
| DATABASE_DSN: root@tcp(localhost:3306)/unkey | |
| test_api_worker: | |
| needs: authorize | |
| name: Unit Test API | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| - name: Setup pscale | |
| uses: planetscale/setup-pscale-action@v1 | |
| with: | |
| version: latest | |
| - name: Create a branch | |
| run: pscale branch create unkey $DATABASE_BRANCH_NAME --from=main --org=unkey --wait | |
| - name: Create a password | |
| id: database_password | |
| run: | | |
| res=$(pscale password create unkey $DATABASE_BRANCH_NAME password-name --role=admin --ttl=900 --debug --org=unkey --format=json) | |
| # Extract secrets | |
| database_host=$(echo $res | jq -r '.access_host_url') | |
| database_username=$(echo $res | jq -r '.username') | |
| database_password=$(echo $res | jq -r '.plain_text') | |
| # Mask secrets | |
| echo "::add-mask::$database_host" | |
| echo "::add-mask::$database_username" | |
| echo "::add-mask::$database_password" | |
| # Set outputs | |
| echo "DATABASE_HOST=$database_host" >> "$GITHUB_ENV" | |
| echo "DATABASE_USERNAME=$database_username" >> "$GITHUB_ENV" | |
| echo "DATABASE_PASSWORD=$database_password" >> "$GITHUB_ENV" | |
| - uses: pnpm/action-setup@v2 | |
| with: | |
| version: latest | |
| - name: Get pnpm store directory | |
| shell: bash | |
| run: | | |
| echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV | |
| - uses: actions/cache@v3 | |
| name: Setup pnpm cache | |
| with: | |
| path: ${{ env.STORE_PATH }} | |
| key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm-store- | |
| - name: Install dependencies | |
| run: | | |
| pnpm install | |
| npm i -g bun | |
| - name: Load Schema into MySQL | |
| run: pnpm drizzle-kit push:mysql | |
| working-directory: internal/db | |
| env: | |
| DRIZZLE_DATABASE_URL: 'mysql://${{env.DATABASE_USERNAME }}:${{env.DATABASE_PASSWORD }}@${{env.DATABASE_HOST}}/unkey?ssl={"rejectUnauthorized":true}' | |
| - name: Test | |
| run: bun test src/routes --coverage | |
| working-directory: apps/api | |
| env: | |
| UNKEY_ROOT_KEY: "not-empty" # this is not requried for these tests, but it is required for the env validation, I should fix this | |
| - name: Delete planetscale branch | |
| if: always() | |
| run: | | |
| pscale branch delete unkey $DATABASE_BRANCH_NAME --force --org=unkey | |
| lint: | |
| needs: authorize | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| - name: Setup Node | |
| uses: actions/setup-node@v2 | |
| with: | |
| node-version: lts/* | |
| - uses: pnpm/action-setup@v2 | |
| with: | |
| version: latest | |
| run_install: false | |
| - name: Get pnpm store directory | |
| id: pnpm-cache | |
| shell: bash | |
| run: | | |
| echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT | |
| - uses: actions/cache@v3 | |
| name: Setup pnpm cache | |
| with: | |
| path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} | |
| key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm-store- | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: Format | |
| run: pnpm biome ci . | |
| test_nuxt: | |
| needs: authorize | |
| name: Test Nuxt | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| - run: corepack enable | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: 18 | |
| cache: "pnpm" | |
| - name: 📦 Install dependencies | |
| run: pnpm install | |
| - name: 🧪 Test project | |
| run: pnpm turbo test --filter=@unkey/nuxt | |
| env: | |
| NUXT_TEST_KEY: ${{secrets.NUXT_TEST_KEY}} | |
| tinybird: | |
| needs: authorize | |
| name: Tinybird CI | |
| concurrency: tinybird | |
| uses: tinybirdco/ci/.github/workflows/ci.yml@v1.1.8 | |
| with: | |
| data_project_dir: ./internal/tinybird | |
| secrets: | |
| admin_token: ${{ secrets.TINYBIRD_ADMIN_TOKEN }} # set admin token associated to an account in GitHub secrets | |
| tb_host: https://api.tinybird.co | |
| build_packages: | |
| needs: authorize | |
| strategy: | |
| matrix: | |
| package: ["@unkey/api", "@unkey/nextjs", "@unkey/hono", "@unkey/nuxt"] | |
| name: Build ${{matrix.package}} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha || github.ref }} | |
| - name: Setup Node | |
| uses: actions/setup-node@v2 | |
| with: | |
| node-version: lts/* | |
| - uses: pnpm/action-setup@v2 | |
| with: | |
| version: latest | |
| run_install: false | |
| - name: Get pnpm store directory | |
| id: pnpm-cache | |
| shell: bash | |
| run: | | |
| echo "STORE_PATH=$(pnpm store path)" >> $GITHUB_OUTPUT | |
| - uses: actions/cache@v3 | |
| name: Setup pnpm cache | |
| with: | |
| path: ${{ steps.pnpm-cache.outputs.STORE_PATH }} | |
| key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm-store- | |
| - name: Install | |
| run: pnpm install | |
| - name: Build packages | |
| run: pnpm turbo run build --filter=${{matrix.package}} |