Merge pull request #813 from eisbuk/ignore-service-account_json #3683

Workflow file for this run

	name: OnPush
	"on":
	- push
	jobs:
	build_v18:
	name: Build and deploy to preview channel
	runs-on: ubuntu-latest
	timeout-minutes: 10
	steps:
	- uses: actions/checkout@v3
	with:
	submodules: recursive
	fetch-depth: 1
	- uses: actions/setup-node@v3
	with:
	node-version: "18"
	- name: Cache node modules and firebase emulators
	uses: actions/cache@v3
	with:
	path: \|
	~/.rush
	~/.pnpm-store
	common/temp
	**/node_modules
	~/.cache/firebase/emulators
	key: ${{ runner.os }}-modules-emulators-node18-v1-${{ hashFiles('**/pnpm-lock.yaml') }}
	- name: Add rush directory to PATH
	run: echo PATH=$PWD/common/scripts/:$PATH >> $GITHUB_ENV
	- name: Install and build packages
	run: rush update
	- name: Build packages
	run: rush build
	- name: Build app
	run: \|
	cd packages/client && NODE_OPTIONS="--max-old-space-size=8192" rushx build:prod \| tee build.output
	echo "BUILD_STATS<<EOF" >> $GITHUB_ENV
	#! Select all lines starting with 'dist/' from build.output (those are the lines reporting the build file sizes)
	#! And store for use in later steps
	cat build.output\|awk '/^dist\// {print}' >> $GITHUB_ENV
	echo "EOF" >> $GITHUB_ENV
	env:
	REACT_APP_FIREBASE_API_KEY: ${{ secrets.FIREBASE_API_KEY }}
	REACT_APP_FIREBASE_APP_ID: ${{ secrets.FIREBASE_APP_ID }}
	REACT_APP_DATABASE_URL: ${{ secrets.DATABASE_URL }}
	REACT_APP_FIREBASE_MESSAGING_SENDER_ID: ${{ secrets.FIREBASE_MESSAGING_SENDER_ID }}
	REACT_APP_FIREBASE_AUTH_DOMAIN: ${{ secrets.FIREBASE_AUTH_DOMAIN }}
	REACT_APP_FIREBASE_STORAGE_BUCKET: ${{ secrets.FIREBASE_STORAGE_BUCKET }}
	REACT_APP_FIREBASE_MEASUREMENT_ID: ${{ secrets.FIREBASE_MEASUREMENT_ID }}
	REACT_APP_SENTRY_DSN: ${{ secrets.SENTRY_IGORICE_DSN }}
	REACT_APP_SENTRY_ENVIRONMENT: staging
	REACT_APP_SENTRY_RELEASE: ${{ github.sha }}
	- name: Inject slug/short variables
	uses: rlespinasse/github-slug-action@v3.x
	- name: Check if secrets are available
	id: has_secret
	if: success() \|\| failure()
	run: '[ "${{ secrets.CYPRESS_KEY }}" != "" ] && echo HAS_SECRETS=true >> $GITHUB_OUTPUT \|\| echo HAS_SECRETS= >> $GITHUB_OUTPUT'
	- name: Create Sentry release
	uses: getsentry/action-release@v1
	if: steps.has_secret.outputs.HAS_SECRETS
	env:
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	SENTRY_ORG: eisbuk
	SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
	SENTRY_URL: ${{ secrets.SENTRY_URL }}
	with:
	environment: staging
	sourcemaps: ./packages/client/dist/assets
	- name: Deploy preview channel
	id: deploy
	if: steps.has_secret.outputs.HAS_SECRETS
	run: \|
	set -e
	#! Deploy the preview to firebase hosting, passing the current git branch to be used for the name
	#! of the preview channel
	firebase --project eisbuk hosting:channel:deploy ${GITHUB_REF_SLUG_URL:-dev} --token ${{ secrets.FIREBASE_SERVICE_ACCOUNT_EISBUK }} \| tee deploy.output
	#! To pass the info to a later task, use the $GITHUB_ENV file
	#! This horrible contraption converts lines like
	#! ✔ hosting:channel: Channel URL (igorice): https://igorice--dev-n0jjvnkh.web.app [expires 2022-03-29 13:10:04] [version a47ca837c7966792]
	#! ✔ hosting:channel: Channel URL (eisbuk): https://eisbuk--dev-xjkubzx5.web.app [expires 2022-03-29 13:10:04] [version 6638d82269ac0062]
	#! to a form like this:
	#! igorice=https://igorice--dev-n0jjvnkh.web.app
	#! eisbuk=https://eisbuk--dev-xjkubzx5.web.app
	#! suitable to be included in the $GITHUB_ENV file
	cat deploy.output \| grep 'Channel URL' \| grep 'hosting:channel:.https://'\|sed -e "s/\x1b\[[0-9;]m//g;s\|.(\|\|;s\|)[^h]\|=\|;s/.\[.*//" >> $GITHUB_ENV
	#! documented here: https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
	- name: Populate job summary with URLs
	run: \|
	echo Preview channels deployed: >> $GITHUB_STEP_SUMMARY
	echo $igoriceteam >> $GITHUB_STEP_SUMMARY
	echo $eisbuk >> $GITHUB_STEP_SUMMARY
	test_v18:
	name: Run tests
	runs-on: ubuntu-latest
	timeout-minutes: 10
	steps:
	- uses: actions/checkout@v3
	with:
	submodules: recursive
	fetch-depth: 1
	- uses: actions/setup-node@v3
	with:
	node-version: "18"
	- name: Cache node modules and firebase emulators
	uses: actions/cache@v3
	with:
	path: \|
	~/.rush
	~/.pnpm-store
	common/temp
	**/node_modules
	~/.cache/firebase/emulators
	key: ${{ runner.os }}-modules-emulators-node18-v1-${{ hashFiles('**/pnpm-lock.yaml') }}
	- name: Add rush directory to PATH
	run: echo PATH=$PWD/common/scripts/:$PATH >> $GITHUB_ENV
	- name: Install and build packages
	run: rush update
	- name: Build packages
	run: rush build
	- name: Run tests
	run: cd packages/client && rushx test:emulators:ci
	- name: Check if secrets are available
	id: has_secret
	if: success() \|\| failure()
	run: '[ "${{ secrets.CYPRESS_KEY }}" != "" ] && echo HAS_SECRETS=true >> $GITHUB_OUTPUT \|\| echo HAS_SECRETS= >> $GITHUB_OUTPUT'
	- name: Test Report
	uses: dorny/test-reporter@v1
	if: steps.has_secret.outputs.HAS_SECRETS && (success() \|\| failure())
	with:
	name: Vitest report
	path: packages/client/junit.xml
	reporter: java-junit
	- name: Coveralls
	uses: coverallsapp/github-action@master
	if: steps.has_secret.outputs.HAS_SECRETS
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	path-to-lcov: packages/client/coverage/lcov.info
	base-path: packages/client/
	flag-name: run-jest
	parallel: true
	- name: Create file with gcloud cretentials
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo "${{ secrets.GCLOUD_JSON_BASE64 }}" \| base64 -d > .gcloud.json
	- name: Set destination of test results
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo "RESULTS_DESTINATION=$(date +%Y-%m-%d)/${{ github.run_id }}" >> $GITHUB_OUTPUT
	id: results-destination
	- name: Install rclone
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: \|
	curl https://rclone.org/install.sh \| sudo bash
	mkdir -p ~/.config/rclone
	echo "${RCLONE_CONF}" > ~/.config/rclone/rclone.conf
	env:
	RCLONE_CONF: \|
	[gcloud]
	type = google cloud storage
	service_account_file = ${{ github.workspace }}/.gcloud.json
	object_acl = publicRead
	bucket_acl = publicRead
	bucket_policy_only = true
	- name: Copy test results to gcloud
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: \|
	rclone copy packages/client/coverage gcloud:cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/coverage --log-level INFO
	- name: Print gcloud url to view test results
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: \|
	echo Check out coverage results at https://storage.googleapis.com/cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/coverage/lcov-report/index.html
	run-lint:
	name: Lint source
	runs-on: ubuntu-latest
	timeout-minutes: 10
	steps:
	- uses: actions/checkout@v3
	with:
	submodules: recursive
	fetch-depth: 1
	- uses: actions/setup-node@v3
	with:
	node-version: "18"
	- name: Cache node modules and firebase emulators
	uses: actions/cache@v3
	with:
	path: \|
	~/.rush
	~/.pnpm-store
	common/temp
	**/node_modules
	~/.cache/firebase/emulators
	key: ${{ runner.os }}-modules-emulators-node18-v1-${{ hashFiles('**/pnpm-lock.yaml') }}
	- name: Add rush directory to PATH
	run: echo PATH=$PWD/common/scripts/:$PATH >> $GITHUB_ENV
	- name: Install and build packages
	run: rush update
	- name: Build packages
	run: rush build
	- name: Lint all the packages
	run: rush lint:strict
	- name: Typecheck all the packages
	run: rush typecheck
	cypress-run:
	name: Cypress browser tests
	runs-on: ubuntu-20.04
	steps:
	- uses: actions/checkout@v3
	with:
	submodules: recursive
	fetch-depth: 1
	- uses: actions/setup-node@v3
	with:
	node-version: "18"
	- name: Cache node modules, firebase emulators and cypress
	uses: actions/cache@v3
	with:
	path: \|
	~/.rush
	~/.pnpm-store
	common/temp
	**/node_modules
	~/.cache/firebase/emulators
	~/.cache/Cypress
	key: ${{ runner.os }}-modules-emulators-cypress-node18-v1-${{ hashFiles('/pnpm-lock.yaml', '/package.json', 'common/config/rush/repo-state.json') }}
	- name: Add rush directory to PATH
	run: echo PATH=$PWD/common/scripts/:$PATH >> $GITHUB_ENV
	- name: Install and build packages
	run: rush update
	- name: Build packages
	run: rush build
	- name: Build app
	run: cd packages/client && NODE_OPTIONS="--max-old-space-size=8192" rushx build:test
	- name: Cypress run
	uses: cypress-io/github-action@v5
	with:
	start: emulators-start
	browser: chrome
	install: false
	working-directory: packages/e2e
	wait-on: http://127.0.0.1:8080, http://127.0.0.1:5000
	record: ${{ secrets.CYPRESS_KEY != 0 }}
	config-file: cypress-ci.config.ts
	env:
	CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_KEY }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: Check if secrets are available
	id: has_secret
	if: success() \|\| failure()
	run: '[ "${{ secrets.CYPRESS_KEY }}" != "" ] && echo HAS_SECRETS=true >> $GITHUB_OUTPUT \|\| echo HAS_SECRETS= >> $GITHUB_OUTPUT'
	- name: Coveralls
	uses: coverallsapp/github-action@master
	if: steps.has_secret.outputs.HAS_SECRETS
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	path-to-lcov: packages/e2e/coverage/lcov.info
	base-path: packages/e2e
	flag-name: run-cypress
	parallel: true
	- name: Create file with gcloud cretentials
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo "${{ secrets.GCLOUD_JSON_BASE64 }}" \| base64 -d > .gcloud.json
	- name: Set destination of test results
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo "RESULTS_DESTINATION=$(date +%Y-%m-%d)/${{ github.run_id }}" >> $GITHUB_OUTPUT
	id: results-destination
	- name: Install rclone
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: \|
	curl https://rclone.org/install.sh \| sudo bash
	mkdir -p ~/.config/rclone
	echo "${RCLONE_CONF}" > ~/.config/rclone/rclone.conf
	env:
	RCLONE_CONF: \|
	[gcloud]
	type = google cloud storage
	service_account_file = ${{ github.workspace }}/.gcloud.json
	object_acl = publicRead
	bucket_acl = publicRead
	bucket_policy_only = true
	- name: Copy test results to gcloud
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: \|
	rclone copy packages/e2e/reports/html/ gcloud:cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/ --log-level INFO
	rclone copy packages/e2e/coverage/ gcloud:cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/coverage-cypress --log-level INFO
	- name: Print gcloud url to view test results
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: \|
	mkdir result_tabs
	echo Check out test results at https://storage.googleapis.com/cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/index.html
	echo Check out coverage result: https://storage.googleapis.com/cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/coverage-cypress/index.html
	echo "[Check out test results](https://storage.googleapis.com/cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/index.html)" > result_tabs/cypress.md
	echo "[Check out coverage result](https://storage.googleapis.com/cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/coverage-cypress/lcov-report/index.html)" >> result_tabs/cypress.md
	finish:
	name: Coveralls finish
	needs:
	- cypress-run
	- test_v18
	runs-on: ubuntu-latest
	steps:
	- name: Check if secrets are available
	id: has_secret
	if: success() \|\| failure()
	run: '[ "${{ secrets.CYPRESS_KEY }}" != "" ] && echo HAS_SECRETS=true >> $GITHUB_OUTPUT \|\| echo HAS_SECRETS= >> $GITHUB_OUTPUT'
	- name: Finalize Coveralls
	uses: coverallsapp/github-action@master
	if: steps.has_secret.outputs.HAS_SECRETS
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	parallel-finished: true
	rush_check:
	name: Check dependency versions
	runs-on: ubuntu-latest
	timeout-minutes: 10
	steps:
	- uses: actions/checkout@v3
	with:
	submodules: recursive
	fetch-depth: 1
	- uses: actions/setup-node@v3
	with:
	node-version: "18"
	- name: Cache node modules and firebase emulators
	uses: actions/cache@v3
	with:
	path: \|
	~/.rush
	~/.pnpm-store
	common/temp
	**/node_modules
	~/.cache/firebase/emulators
	key: ${{ runner.os }}-modules-emulators-node18-v1-${{ hashFiles('**/pnpm-lock.yaml') }}
	- name: Add rush directory to PATH
	run: echo PATH=$PWD/common/scripts/:$PATH >> $GITHUB_ENV
	- name: Install and build packages
	run: rush update
	- name: Check dependency consistency
	run: ./.github/check-rush.sh
	client_storybook:
	name: Build storybook for client
	runs-on: ubuntu-latest
	timeout-minutes: 10
	steps:
	- uses: actions/checkout@v3
	with:
	submodules: recursive
	fetch-depth: 0
	- uses: actions/setup-node@v3
	with:
	node-version: "18"
	- name: Cache node modules and firebase emulators
	uses: actions/cache@v3
	with:
	path: \|
	~/.rush
	~/.pnpm-store
	common/temp
	**/node_modules
	~/.cache/firebase/emulators
	key: ${{ runner.os }}-modules-emulators-node18-v1-${{ hashFiles('**/pnpm-lock.yaml') }}
	- name: Add rush directory to PATH
	run: echo PATH=$PWD/common/scripts/:$PATH >> $GITHUB_ENV
	- name: Install and build packages
	run: rush update
	- name: Build packages
	run: rush build
	- name: Check if secrets are available
	id: has_secret
	if: success() \|\| failure()
	run: '[ "${{ secrets.CYPRESS_KEY }}" != "" ] && echo HAS_SECRETS=true >> $GITHUB_OUTPUT \|\| echo HAS_SECRETS= >> $GITHUB_OUTPUT'
	- name: Build client storybook
	run: cd packages/client && rushx build-storybook
	- name: Publish storybook
	run: echo Publishing storybook to ${{ github.sha }}
	- name: Create file with gcloud cretentials
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo "${{ secrets.GCLOUD_JSON_BASE64 }}" \| base64 -d > .gcloud.json
	- name: Set destination of test results
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo "RESULTS_DESTINATION=$(date +%Y-%m-%d)/${{ github.run_id }}" >> $GITHUB_OUTPUT
	id: results-destination
	- name: Install rclone
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: \|
	curl https://rclone.org/install.sh \| sudo bash
	mkdir -p ~/.config/rclone
	echo "${RCLONE_CONF}" > ~/.config/rclone/rclone.conf
	env:
	RCLONE_CONF: \|
	[gcloud]
	type = google cloud storage
	service_account_file = ${{ github.workspace }}/.gcloud.json
	object_acl = publicRead
	bucket_acl = publicRead
	bucket_policy_only = true
	- name: Copy test results to gcloud
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: rclone copy packages/client/storybook-static gcloud:cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/storybook-client --log-level INFO
	- name: Print gcloud url to view test results
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo Check out client storybook at https://storage.googleapis.com/cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/storybook-client/index.html >> $GITHUB_STEP_SUMMARY
	ui_storybook:
	name: Build storybook for ui
	runs-on: ubuntu-latest
	timeout-minutes: 10
	steps:
	- uses: actions/checkout@v3
	with:
	submodules: recursive
	fetch-depth: 0
	- uses: actions/setup-node@v3
	with:
	node-version: "18"
	- name: Cache node modules and firebase emulators
	uses: actions/cache@v3
	with:
	path: \|
	~/.rush
	~/.pnpm-store
	common/temp
	**/node_modules
	~/.cache/firebase/emulators
	key: ${{ runner.os }}-modules-emulators-node18-v1-${{ hashFiles('**/pnpm-lock.yaml') }}
	- name: Add rush directory to PATH
	run: echo PATH=$PWD/common/scripts/:$PATH >> $GITHUB_ENV
	- name: Install and build packages
	run: rush update
	- name: Build packages
	run: rush build
	- name: Check if secrets are available
	id: has_secret
	if: success() \|\| failure()
	run: '[ "${{ secrets.CYPRESS_KEY }}" != "" ] && echo HAS_SECRETS=true >> $GITHUB_OUTPUT \|\| echo HAS_SECRETS= >> $GITHUB_OUTPUT'
	- name: Build ui storybook
	run: cd packages/ui && rushx build-storybook
	- name: Publish storybook
	run: echo Publishing storybook to ${{ github.sha }}
	- name: Create file with gcloud cretentials
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo "${{ secrets.GCLOUD_JSON_BASE64 }}" \| base64 -d > .gcloud.json
	- name: Set destination of test results
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo "RESULTS_DESTINATION=$(date +%Y-%m-%d)/${{ github.run_id }}" >> $GITHUB_OUTPUT
	id: results-destination
	- name: Install rclone
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: \|
	curl https://rclone.org/install.sh \| sudo bash
	mkdir -p ~/.config/rclone
	echo "${RCLONE_CONF}" > ~/.config/rclone/rclone.conf
	env:
	RCLONE_CONF: \|
	[gcloud]
	type = google cloud storage
	service_account_file = ${{ github.workspace }}/.gcloud.json
	object_acl = publicRead
	bucket_acl = publicRead
	bucket_policy_only = true
	- name: Copy test results to gcloud
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: rclone copy packages/ui/storybook-static gcloud:cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/storybook-ui --log-level INFO
	- name: Print gcloud url to view test results
	if: (success() \|\| failure()) && steps.has_secret.outputs.HAS_SECRETS
	run: echo Check out ui storybook at https://storage.googleapis.com/cypress-logs-bucket/${{ steps.results-destination.outputs.RESULTS_DESTINATION }}/storybook-ui/index.html >> $GITHUB_STEP_SUMMARY

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #813 from eisbuk/ignore-service-account_json #3683

Workflow file

Merge pull request #813 from eisbuk/ignore-service-account_json #3683

Jobs

Run details

Workflow file for this run