diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 5af5272cb..2748b5ffb 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -5,20 +5,20 @@ on: # yamllint disable-line rule:truthy push: branches: - main - pull_request_target: + pull_request: types: - opened - synchronize merge_group: env: - node_version: 18 + node_version: 23 jobs: typecheck: # Can run untrusted code so disable all permissions. permissions: {} - name: type check code base + name: Type Check Code Base runs-on: ubuntu-latest steps: # This pattern is reused a couple of times. @@ -48,13 +48,13 @@ jobs: - run: npm ci --cache .npm --prefer-offline - - name: compile typescript + - name: Type Check run: npm run typecheck lint: # Can run untrusted code so disable all permissions. permissions: {} - name: lint code base + name: Lint Code Base runs-on: ubuntu-latest steps: - name: Checkout Branch @@ -65,7 +65,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 1 - - name: install node + - name: Install Node uses: actions/setup-node@v4 with: node-version: ${{ env.node_version }} @@ -80,13 +80,14 @@ jobs: ${{ runner.OS }}- - run: npm ci --cache .npm --prefer-offline - - name: run lints + + - name: Run Lints run: npm run lint:ci test: # Can run untrusted code so disable all permissions. permissions: {} - name: test code base + name: Test Code Base runs-on: ubuntu-latest continue-on-error: true steps: @@ -98,7 +99,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 1 - - name: install node + - name: Install Node uses: actions/setup-node@v4 with: node-version: ${{ env.node_version }} @@ -114,7 +115,7 @@ jobs: - run: npm ci --cache .npm --prefer-offline - - name: execute tests + - name: Execute Tests run: npm test -- --run --reporter github-actions --reporter=./.github/workflows/testsReporter.ts - name: Upload Main Test Results @@ -131,9 +132,146 @@ jobs: name: pr-test-results path: test-results/vitest-report.json + checkCanMergeToMaintenance: + # Can run untrusted code so disable all permissions. + permissions: {} + name: Check Merge to Maintenance + if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || github.event.pull_request + outputs: + should_skip: ${{ steps.should_skip.outputs.should_skip }} + runs-on: ubuntu-latest + steps: + - uses: 8BitJonny/gh-get-current-pr@3.0.0 + if: github.event.pull_request == null + id: PR + + # Sets should_skip if this change wasn't made through a PR or if the PR is labeled as breaking. + - name: Check if should skip + id: should_skip + if: contains(github.event.pull_request.labels.*.name, 'breaking') || steps.PR.outputs.pr_found == 'false' || contains(steps.PR.outputs.pr_labels.*.name, 'breaking') + run: | + echo "Skipping the rest of the job because this change wasn't made through a PR or the PR is labeled as breaking." + echo "${{ toJSON(fromJSON(steps.PR.outputs.pr)) }}" + echo "should_skip=true" >> "$GITHUB_OUTPUT" + + - name: Get fetch depth + id: fetch_depth + if: steps.should_skip.outputs.should_skip != 'true' + env: + GITHUB_EVENT_COMMITS: ${{ toJSON(github.event.commits) }} + run: | + if [[ $GITHUB_EVENT_COMMITS == "null" ]]; then + # There simply isn't enough information to do anything but completely unshallow the repo. + echo "fetch_depth=0" >> "$GITHUB_OUTPUT" + exit 0 + fi + + commitCount=$(jq length <<< "$GITHUB_EVENT_COMMITS") + + echo "fetch_depth=$(( commitCount + 1 ))" >> "$GITHUB_OUTPUT" + + - uses: actions/checkout@v4 + if: steps.should_skip.outputs.should_skip != 'true' + with: + ref: ${{ github.head_ref || github.ref }} + fetch-depth: ${{ steps.fetch_depth.outputs.fetch_depth }} + + - name: Check for merge conflicts + if: steps.should_skip.outputs.should_skip != 'true' + run: | + git remote add upstream https://github.com/${{ github.repository }} + git fetch --no-tags upstream main maintenance + + # This is its own command so that if the current branch is `maintenance` it'll be overridden. + # If it wasn't, instead it could cause failure. + git checkout -B maintenance upstream/maintenance + + baseRef="${{github.head_ref}}" + before="" + + if [[ $baseRef != "" ]]; then + echo "BASE REF IS $baseRef" + + before=$(git merge-base upstream/main "$baseRef") + + echo "BEFORE IS $before" + else + before="${{ github.event.before }}" + fi + + git cherry-pick --allow-empty --no-commit -m 1 "$before".."${{ github.sha }}" || ( + echo "Merge conflicts detected with the maintenance branch!" && exit 1 + ) + + - name: Install Node + if: steps.should_skip.outputs.should_skip != 'true' + uses: actions/setup-node@v4 + with: + node-version: ${{ env.node_version }} + + - name: Cache Node.js modules + if: steps.should_skip.outputs.should_skip != 'true' + uses: actions/cache@v4 + with: + path: .npm + key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.OS }}-node- + ${{ runner.OS }}- + + - if: steps.should_skip.outputs.should_skip != 'true' + run: npm ci --cache .npm --prefer-offline + + - name: Run Lints on maintenance + if: steps.should_skip.outputs.should_skip != 'true' + run: npm run lint:ci + + - name: Type Check maintenance + if: steps.should_skip.outputs.should_skip != 'true' + run: npm run typecheck + + mergeToMaintenance: + name: Merge To Maintenance + needs: [checkCanMergeToMaintenance] + if: needs.checkCanMergeToMaintenance.outputs.should_skip != 'true' + runs-on: ubuntu-latest + steps: + - name: Get fetch depth + id: fetch_depth + env: + GITHUB_EVENT_COMMITS: ${{ toJSON(github.event.commits) }} + run: | + commitCount=$(jq length <<< "$GITHUB_EVENT_COMMITS") + echo "fetch_depth=$(( commitCount + 1 ))" >> "$GITHUB_OUTPUT" + + - uses: actions/checkout@v4 + with: + fetch-depth: ${{ steps.fetch_depth.outputs.fetch_depth }} + + - name: Cherry pick commits onto maintenance + run: | + git fetch origin maintenance:maintenance + + git switch maintenance + + # Commit using the GitHub Actions bot user. + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + + # Pick the freshly added commits onto the maintenance branch. + git cherry-pick --allow-empty -m 1 "${{ github.event.before }}".."${{ github.event.after }}" || ( + echo "Merge conflicts detected with maintenance branch! This can only happen if checkCanMergeToMaintenance is written incorrectly or someone pushed in between!" && exit 1 + ) + + - name: Push changes + uses: ad-m/github-push-action@master + with: + branch: maintenance + github_token: ${{ secrets.GITHUB_TOKEN }} + reportTestResults: - name: report test results - needs: ["test"] + name: Report Test Results + needs: [test] runs-on: ubuntu-latest if: github.event_name == 'pull_request_target' || (github.event_name == 'push' && github.event.pull_request != null) steps: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5a2ad093d..184a44543 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,7 +6,7 @@ on: # yamllint disable-line rule:truthy types: [created] env: - node_version: 18 + node_version: 23 jobs: verify: