ci: add .github from alpha

Kong · Jan 4, 2024 · c3a21ad · c3a21ad
1 parent 982f399
commit c3a21ad
Show file tree

Hide file tree

Showing 9 changed files with 347 additions and 0 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1,15 @@
+# These owners will be the default owners for everything in
+# the repo. They will be requested for review whenever someone
+# opens a PR, unless a later match takes precedence.
+* @adamdehaven @jillztom @Kong/team-core-ui
+
+# Workflows & CI
+/.github/ @adamdehaven @jillztom
+/lefthook.yaml @adamdehaven @jillztom
+
+# ================================================
+# Renovate Bot approvals
+# Allow Kongponents BOT to approve dependency updates
+# These rules MUST remain at the bottom as the last entry
+package.json @kongponents-bot @Kong/team-core-ui @adamdehaven @jillztom
+yarn.lock @kongponents-bot @Kong/team-core-ui @adamdehaven @jillztom
diff --git a/.github/actions/setup-pnpm-with-dependencies/action.yaml b/.github/actions/setup-pnpm-with-dependencies/action.yaml
@@ -0,0 +1,61 @@
+name: Setup PNPM with Yarn Dependencies
+description: Reusable composition of setup-node, cache, and pnpm install actions
+inputs:
+  nodejs-version:
+    description: 'Version of NodeJS to use (ex: 18.18.2)'
+    default: '18.18.2'
+  force-install:
+    description: When 'true', pnpm install will be executed regardless of a cache hit
+    required: false
+    default: 'false'
+  frozen-lockfile:
+    description: When false, pnpm install will use the --no-frozen-lockfile flag
+    required: false
+    default: 'true'
+outputs:
+  cache-hit:
+    description: Whether or not there was a cache hit
+    value: ${{ steps.dependency-cache.outputs.cache-hit }}
+runs:
+  using: composite
+  steps:
+
+    - name: get Node version
+      id: node-version
+      shell: bash
+      run: |
+        voltaNodeVersion=$(cat package.json|jq -r ".volta.node")
+        if [[ $voltaNodeVersion == null ]]; then
+          voltaNodeVersion="${{ inputs.nodejs-version }}"
+        fi
+        voltaPnpmVersion=$(cat package.json|jq -r ".volta.pnpm")
+        if [[ $voltaPnpmVersion == null ]]; then
+          voltaPnpmVersion="8.10.5"
+        fi
+
+        echo "node-version=${voltaNodeVersion}">> $GITHUB_OUTPUT
+        echo "pnpm-version=${voltaPnpmVersion}">> $GITHUB_OUTPUT
+
+    - name: Setup Node
+      uses: actions/setup-node@v4
+      with:
+        node-version: ${{ steps.node-version.outputs.node-version }}
+
+    - name: Install PNPM
+      shell: bash
+      run: |
+        npm i -g pnpm@${{ steps.node-version.outputs.pnpm-version }}
+        pnpm --version
+
+
+    - name: Dependency Cache
+      id: dependency-cache
+      uses: actions/cache@v3
+      with:
+        path: '**/node_modules'
+        key: pnpm-${{ steps.node-version.outputs.pnpm-version }}-${{ steps.node-version.outputs.node-version }}-${{ runner.os }}-${{ hashFiles('**/pnpm-lock.yaml') }}
+
+    - name: Install Dependencies
+      if: ${{ inputs.force-install == 'true' || steps.dependency-cache.outputs.cache-hit != 'true' }}
+      shell: bash
+      run: pnpm i${{ inputs.frozen-lockfile == 'false' && ' --no-frozen-lockfile' || '' }}
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -0,0 +1,12 @@
+# Summary
+
+<!--
+  Be sure your Pull Request includes:
+
+  - JIRA ticket number in the title, and link in the summary
+  - An accurate summary of what is being added/edited/removed
+  - Tests (unit, component, regression)
+  - Updated documentation and commented code
+  - Link to Figma, if applicable
+  - Conventional Commits
+-->
diff --git a/.github/workflows/auto-approve.yaml b/.github/workflows/auto-approve.yaml
@@ -0,0 +1,20 @@
+---
+name: Renovate Bot dependency updates auto-merge
+
+permissions:
+  pull-requests: write
+  contents: write
+
+on: pull_request_target
+
+jobs:
+  renovate-autoapprove:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'renovate[bot]' }}
+    steps:
+      - name: Approve a PR
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          # Use the bot account PAT to allow auto-approve and merge the PRs
+          GITHUB_TOKEN: ${{ secrets.KONGPONENTS_BOT_PAT }}
diff --git a/.github/workflows/cleanup-preview-packages.yaml b/.github/workflows/cleanup-preview-packages.yaml
@@ -0,0 +1,34 @@
+name: Cleanup PR preview packages
+on:
+  workflow_dispatch:
+
+  schedule:
+    - cron: '0 2/6 * * 6,0'
+
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
+
+jobs:
+  cleanup:
+    name: Cleanup PR Previews
+    runs-on: ubuntu-latest
+    env:
+      NPM_TOKEN: ${{ secrets.NPM_TOKEN_PUBLIC_PUBLISH }}
+      GITHUB_TOKEN: ${{ secrets.KONGPONENTS_BOT_PAT }}
+
+    steps:
+      - name: Checkout Source Code
+        uses: actions/checkout@v4
+
+      - name: Prepare cleanup
+        id: prepare
+        run: |
+          echo "openPRs=$(gh pr list --state open --json number|jq  -cM 'map(.number|tostring)')" >> $GITHUB_OUTPUT
+          echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > .npmrc
+
+      - name: Cleanup PR preview
+        uses: Kong/public-shared-actions/pr-previews/cleanup@main
+        with:
+          package: "@kong/markdown"
+          openPRs: ${{ steps.prepare.outputs.openPRs }}
diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml
@@ -0,0 +1,21 @@
+name: Lint Commit Messages
+
+on:
+  pull_request:
+
+jobs:
+  commitlint:
+    if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      # See https://github.com/wagoid/commitlint-github-action/issues/560
+      - name: Remove tsconfig
+        run: rm tsconfig.json
+
+      - uses: wagoid/[email protected]
+        with:
+          configFile: commitlint.config.cjs
diff --git a/.github/workflows/pr-closed.yaml b/.github/workflows/pr-closed.yaml
@@ -0,0 +1,22 @@
+name: On closing PR
+on:
+  pull_request_target:
+    types:
+      - closed
+
+jobs:
+  remove-pr-preview-comment:
+    name: Remove PR preview comment from PR
+    runs-on: ubuntu-latest
+    env:
+      NPM_TOKEN: ${{ secrets.NPM_TOKEN_PUBLIC_PUBLISH }}
+    steps:
+      - name: Checkout Source Code
+        uses: actions/checkout@v4
+
+      - name: Remove preview consumption comment
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          header: pr_preview_consumption
+          delete: true
+          GITHUB_TOKEN: ${{ secrets.KONGPONENTS_BOT_PAT }}
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
@@ -0,0 +1,51 @@
+name: Publish
+
+on:
+  push:
+    branches:
+      - main
+      - alpha
+      - beta
+
+jobs:
+  run-tests:
+    name: Tests
+    uses: ./.github/workflows/test.yaml
+
+  publish:
+      name: Build and Publish
+      needs:
+        - run-tests
+      runs-on: ubuntu-latest
+      steps:
+        - name: Checkout
+          uses: actions/checkout@v4
+          with:
+            fetch-depth: 0
+            token: ${{ secrets.KONGPONENTS_BOT_PAT }}
+
+        - name: setup git
+          run: |
+            git config user.email "[email protected]"
+            git config user.name "Kong UI Bot"
+
+        - name: Create .npmrc
+          env:
+            NPM_TOKEN: ${{ secrets.NPM_TOKEN_PUBLIC_PUBLISH }}
+          # Reference the env variable NPM_TOKEN here, not the secret
+          run: echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > .npmrc
+
+        - name: Setup PNPM with Dependencies
+          uses: ./.github/actions/setup-pnpm-with-dependencies/
+
+        - name: Build
+          # Since we lint in the Tests job, we can just build here
+          run: pnpm run build
+
+        - name: Semantic Release
+          uses: cycjimmy/semantic-release-action@v3
+          env:
+            # Since branch protections are on (pushing commits) you need to use a bot PAT
+            GITHUB_TOKEN: ${{ secrets.KONGPONENTS_BOT_PAT }}
+            NPM_TOKEN: ${{ secrets.NPM_TOKEN_PUBLIC_PUBLISH }}
+
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -0,0 +1,111 @@
+name: Tests
+
+on:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - labeled
+    branches:
+      - main
+      - alpha
+      - beta
+
+  # Allow calling manually from GitHub
+  workflow_dispatch:
+
+  # Allow workflow to be called by another workflow
+  workflow_call:
+
+jobs:
+  test:
+    name: Run Tests
+    runs-on: ubuntu-latest
+    timeout-minutes: 20
+    steps:
+      - name: Remove preview consumption comment
+        if: github.event_name == 'pull_request'
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          header: pr_preview_consumption
+          delete: true
+          GITHUB_TOKEN: ${{ secrets.KONGPONENTS_BOT_PAT }}
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Setup PNPM with Dependencies
+        uses: ./.github/actions/setup-pnpm-with-dependencies/
+        with:
+          force-install: true
+
+      - name: Stylelint
+        run: pnpm run stylelint
+
+      - name: Lint
+        run: pnpm run lint
+
+      - name: Build
+        run: pnpm run build
+
+      - name: Test
+        run: pnpm run test
+
+      - name: Publish Package Preview
+        id: package-preview
+        # Do not run for `alpha` or `beta` branches
+        if: github.event_name == 'pull_request' && (github.actor != 'renovate[bot]' || contains(github.event.pull_request.labels.*.name, 'create preview package')) && !contains(github.head_ref || github.ref_name, 'alpha') && !contains(github.head_ref || github.ref_name, 'beta')
+        env:
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN_PUBLIC_PUBLISH }}
+        run: |
+          git config user.email "[email protected]"
+          git config user.name "Kong UI Bot"
+
+          preid="pr.${{ github.event.pull_request.number }}.$(git rev-parse --short ${{ github.event.pull_request.head.sha }})"
+          tag="pr-${{ github.event.pull_request.number }}"
+          echo "preid=${preid}"
+
+          echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > .npmrc
+
+          # Use yarn to bump the version for the prerelease
+          pnpm version prerelease --preid ${preid} --no-git-tag-version --yes --amend
+
+          package_version=$(jq -r ".version" package.json)
+          package=@kong/markdown@"${package_version}"
+
+          npm show "${package}" >/dev/null 2>&1 && npm_show_status=0 || npm_show_status=1
+          if [ $npm_show_status -eq 0 ]; then
+            echo "Package ${package} is already published. Skipping publishing."
+            exit 0
+          fi
+
+          npm_instructions=""
+
+          pkg=$(pnpm publish --no-git-checks --access public --report-summary --tag "${tag}" | grep "+ "| sed 's/+ //')
+
+          if [[ -z "${pkg}" ]]; then
+            echo "Error publishing package"
+            exit -1
+          fi
+
+          npm_instructions="@$(echo ${pkg}|cut -d'@' -f2)@${tag}"
+
+          echo "npm_instructions<<EOF" >> $GITHUB_OUTPUT
+          echo -e "$npm_instructions" >> $GITHUB_OUTPUT
+          echo "EOF" >> $GITHUB_OUTPUT
+
+      - name: Provide preview link info
+        if: ${{ steps.package-preview.outputs.npm_instructions != '' }}
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          header: pr_preview_consumption
+          message: |
+             ### Install the preview package from this PR
+
+             ```sh
+             ${{ steps.package-preview.outputs.npm_instructions }}
+             ```
+          GITHUB_TOKEN: ${{ secrets.KONGPONENTS_BOT_PAT }}