From b6042bc7e3437724d2f246c9bf866785d9d96594 Mon Sep 17 00:00:00 2001 From: Olivia Guyot Date: Wed, 10 Jan 2024 21:39:31 +0100 Subject: [PATCH] wip test publish --- .github/workflows/artifacts.yml | 155 ------------------------- .github/workflows/backport.yml | 18 --- .github/workflows/checks.yml | 170 ++++------------------------ .github/workflows/cleanup.yml | 46 -------- .github/workflows/deploy.yml | 107 ----------------- .github/workflows/snyk-security.yml | 51 --------- .github/workflows/webcomponents.yml | 65 ----------- 7 files changed, 21 insertions(+), 591 deletions(-) delete mode 100644 .github/workflows/artifacts.yml delete mode 100644 .github/workflows/backport.yml delete mode 100644 .github/workflows/cleanup.yml delete mode 100644 .github/workflows/deploy.yml delete mode 100644 .github/workflows/snyk-security.yml delete mode 100644 .github/workflows/webcomponents.yml diff --git a/.github/workflows/artifacts.yml b/.github/workflows/artifacts.yml deleted file mode 100644 index 5e4a64b6e0..0000000000 --- a/.github/workflows/artifacts.yml +++ /dev/null @@ -1,155 +0,0 @@ -name: Artifacts -run-name: ๐Ÿ“ฆ Generate artifacts for ${{ github.event_name == 'issue_comment' && 'PR' || (github.event_name == 'release' && '๐Ÿท' || '๐ŸŒฑ') }} ${{github.event_name == 'issue_comment' && github.event.issue.number || github.ref_name}} - -# This workflow runs whenever the "build affected docker images" checkbox is checked (for PR) -# and also whenever a commit is pushed on main or a tag is pushed -on: - push: - branches: - - main - release: - types: [published] - issue_comment: - types: - - edited - -concurrency: - group: artifacts-${{ github.ref }} - cancel-in-progress: true - -env: - NODE_VERSION: 18.16.1 - # a list of apps to build and publish on releases - APP_NAMES: datafeeder,datahub,metadata-editor - -jobs: - checks: - if: github.event_name != 'issue_comment' || github.event.issue.pull_request - name: Check whether a deploy was requested on a PR - runs-on: ubuntu-latest - outputs: - shouldRun: ${{ github.event_name != 'issue_comment' || (contains(github.event.changes.body.from, '- [ ] ๐Ÿ“ฆ Build and push affected docker images') && contains(github.event.comment.body, '- [x] ๐Ÿ“ฆ Build and push affected docker images')) || '' }} - ref: ${{ github.event_name == 'issue_comment' && steps.comment-branch.outputs.head_ref || '' }} - - steps: - - uses: xt0rted/pull-request-comment-branch@v1 - if: github.event_name == 'issue_comment' - id: comment-branch - - build-archive-docker: - needs: checks - if: github.event_name != 'issue_comment' || needs.checks.outputs.shouldRun - name: Build and upload docker images and archives - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - ref: ${{ needs.checks.outputs.ref }} # use the PR head ref if applicable; otherwise keep default behaviour - persist-credentials: false - fetch-depth: 0 - - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: 'npm' - - - name: Derive appropriate SHAs for base and head for `nx affected` commands - uses: nrwl/nx-set-shas@v2 - with: - main-branch-name: 'main' - - - name: Install dependencies - run: npm ci - - - name: Build all applications and produce archives - if: github.event_name == 'release' - run: | - npx nx run-many --projects=${{ env.APP_NAMES }} --target=build - tools/make-archive.sh ${{env.APP_NAMES}} - - - name: Upload archives to release - if: github.event_name == 'release' - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: dist/archives/* - file_glob: true - tag: ${{ github.ref }} - overwrite: true - - - name: Build docker images for all apps - if: github.event_name == 'release' - run: npx nx run-many --projects=${{ env.APP_NAMES }} --target=docker-build - - - name: Build docker images for affected apps - if: github.event_name != 'release' - # FIXME: excluding data-platform until it has a remote registry to be pushed - run: npx nx affected --target=docker-build --exclude=data-platform - - - name: Build docker images for tools - working-directory: tools - run: npm run pipelines:docker-build - - - name: Tag all docker images on main also as latest - if: github.event_name == 'push' # only happens when pushing on the main branch - run: docker image ls --format 'docker tag {{.Repository}}:{{.Tag}} {{.Repository}}:latest' --filter=reference='geonetwork/*' | bash - - - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - - name: Push all docker images - # list all docker images, keep only the ones in the geonetwork org, and call docker push for each of them - run: | - docker image ls --format '{{.Repository}}:{{.Tag}}' --filter=reference='geonetwork/*' | \ - xargs -r -L1 docker push $1 - - build-npm-package: - if: github.event_name != 'issue_comment' - name: Build and publish NPM package - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - ref: ${{ needs.checks.outputs.ref }} # use the PR head ref if applicable; otherwise keep default behaviour - persist-credentials: false - fetch-depth: 0 - - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: 'npm' - registry-url: 'https://registry.npmjs.org' - - - name: Install dependencies - run: npm ci - - - name: Adjust package version according to branch & commit - working-directory: package - run: npm version $(../tools/print-dev-version.sh) --no-git-tag-version - - - name: Build NPM package - working-directory: package - run: node generate-package.js - - - name: Publish NPM package with @dev tag - if: github.event_name != 'release' - working-directory: package/dist - run: npm publish --tag dev - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - - - name: Publish NPM package - if: github.event_name == 'release' - working-directory: package/dist - run: npm publish --tag latest - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml deleted file mode 100644 index d9b51843a6..0000000000 --- a/.github/workflows/backport.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: Backport - -on: - pull_request: - types: - - closed - - labeled - -jobs: - backport: - runs-on: ubuntu-22.04 - name: Backport - timeout-minutes: 5 - - steps: - - uses: camptocamp/backport-action@master - with: - token: ${{ secrets.BACKPORT_BOT_TOKEN }} diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 4ebeaa5ed0..a79e9f8b3f 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -21,173 +21,45 @@ concurrency: cancel-in-progress: ${{ github.ref_name != 'main' }} jobs: - format-lint-test: - if: github.event.pull_request.draft == false - name: Format check, lint, unit tests - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - persist-credentials: false - fetch-depth: 0 - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: 'npm' - - name: Derive appropriate SHAs for base and head for `nx affected` commands - uses: nrwl/nx-set-shas@v2 - with: - main-branch-name: 'main' - - run: npm ci - - run: npx nx format:check - - run: npx nx affected -t lint --parallel=3 - - run: npx nx affected -t test --parallel=3 --configuration=ci --ci --codeCoverage --coverageReporters=lcov - - - name: Coveralls - uses: coverallsapp/github-action@v2 - with: - allow-empty: true - - # - name: Archive Code Coverage Results (on main) - # if: github.event_name != 'pull_request' - # uses: actions/upload-artifact@v2 - # with: - # name: code-coverage-report - # path: ./coverage/**/coverage-summary.json - # if-no-files-found: error - # - # - name: Create Code Coverage Badge (on PR) - # if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' - # uses: dkhunt27/nx-code-coverage@v1 - # with: - # github-token: ${{ secrets.GITHUB_TOKEN }} - # coverage-folder: ./coverage - # coverage-base-folder: ./coverage-base - # gist-token: ${{ secrets.COVERAGE_GIST_TOKEN }} - # gist-id: c759fcfd4e71c8853beedbe1785fc081 - # color: green - # named-logo: jest - # no-coverage-ran: false - - build-affected: - if: github.event.pull_request.draft == false - name: Attempt to build affected apps - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - persist-credentials: false - fetch-depth: 0 - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: 'npm' - - name: Derive appropriate SHAs for base and head for `nx affected` commands - uses: nrwl/nx-set-shas@v2 - with: - main-branch-name: 'main' - - run: npm ci - - run: npx nx affected -t build --parallel=3 - - affected-recap: - if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' - name: Print affected libs and apps - runs-on: ubuntu-latest - - steps: - - name: Checkout branch - uses: actions/checkout@v3 - with: - persist-credentials: false - fetch-depth: 0 - - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: 'npm' - - - name: Derive appropriate SHAs for base and head for `nx affected` commands - uses: nrwl/nx-set-shas@v3 - - - name: Install dependencies - run: npm ci - - - name: Compute affected projects - run: | - echo "AFFECTED_LIBS=$(npx nx print-affected --type=lib --select=projects | awk 'BEGIN {RS = ", "; ORS = ", "} \ - { print "`"$1"`" }')" >> $GITHUB_ENV - - - name: Compute affected apps - run: | - echo "AFFECTED_APPS=$(npx nx print-affected --type=app --select=projects | awk 'BEGIN {RS = ", "; ORS = ", "} \ - { print "`"$1"`" }')" >> $GITHUB_ENV - - - name: add PR comment - uses: thollander/actions-comment-pull-request@v2 - with: - message: 'Affected libs: ${{ env.AFFECTED_LIBS }} - - Affected apps: ${{ env.AFFECTED_APPS }} - - - [ ] ๐Ÿš€ Build and deploy storybook and demo on GitHub Pages - - - [ ] ๐Ÿ“ฆ Build and push affected docker images' - comment_tag: build-options - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - cypress-run: - name: End-to-end tests - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: 'npm' - - - name: Create pipeline docker image - run: cd tools && docker build . -f pipelines/Dockerfile -t geonetwork/geonetwork-ui-tools-pipelines:latest - - - name: Build the backend - run: sudo docker-compose -f support-services/docker-compose.yml up -d init - - - name: Install dependencies - run: | - npm ci - - - name: Run tests - run: npx nx run-many --target=e2e - build-npm-package: if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' - name: Attempt to build the NPM package + name: Build and publish NPM package runs-on: ubuntu-latest steps: - - name: Checkout branch + - name: Checkout uses: actions/checkout@v3 with: persist-credentials: false - fetch-depth: 0 - name: Use Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v3 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' + registry-url: 'https://registry.npmjs.org' - name: Install dependencies run: npm ci + - name: Adjust package version according to branch & commit + working-directory: package + run: npm version $(../tools/print-dev-version.sh) --no-git-tag-version + - name: Build NPM package working-directory: package run: node generate-package.js + + - name: Publish NPM package with @dev tag + if: github.event_name != 'release' + working-directory: package/dist + run: npm publish --tag dev + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + - name: Publish NPM package + if: github.event_name == 'release' + working-directory: package/dist + run: npm publish --tag latest + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/cleanup.yml b/.github/workflows/cleanup.yml deleted file mode 100644 index c11079c823..0000000000 --- a/.github/workflows/cleanup.yml +++ /dev/null @@ -1,46 +0,0 @@ -name: Cleanup -run-name: ๐Ÿงน Cleanup operations for ๐ŸŒฑ ${{github.event.ref}} - -env: - # a list of apps to build and publish on releases - APP_NAMES: datafeeder,datahub,metadata-editor - -on: - delete: - branches: - - '*' - -jobs: - docker-cleanup: - name: Delete docker images on Dockerhub - runs-on: ubuntu-latest - - steps: - - name: generate Dockerhub auth - id: docker-auth - run: | - BASE_64_TOKEN=$(echo '{"username":"${{ secrets.DOCKER_HUB_USERNAME }}","password":"${{ secrets.DOCKER_HUB_PASSWORD }}","auth":"","email":"geonetworkbot@geonetwork-opensource.org"}' | base64) - echo ::add-mask::${BASE_64_TOKEN} - echo ::set-output name=DOCKER_AUTH::${BASE_64_TOKEN} - - - name: delete docker images for the given applications and branch - # first list apps separated by line breaks - # then for each do a curl call on Dockerhub API to delete the image - run: | - echo "${{ env.APP_NAMES }}" | awk -vRS=',' '{print $1}' | \ - xargs -I{} curl -X DELETE "https://hub.docker.com/v2/repositories/geonetwork/geonetwork-ui-{}/${{ github.event.ref }}/" -H "X-Registry-Auth: ${{steps.docker-auth.outputs.DOCKER_AUTH}}" - - storybook-cleanup: - name: Delete storybook files on Github Pages - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Remove directory ${{github.event.ref}} - run: | - git config --global user.name "github-actions[bot]" - git config --global user.email "github-actions[bot]@users.noreply.github.com" - touch .empty - npx gh-pages --dist . --src .empty --remove "${{github.event.ref}}" --no-history --repo "https://${GITHUB_ACTOR}:${{secrets.GITHUB_TOKEN}}@github.com/${GITHUB_REPOSITORY}.git" diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index 7320553d00..0000000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,107 +0,0 @@ -name: Deploy -run-name: ๐Ÿš€ Deploy to GitHub Pages for ${{ github.event_name == 'issue_comment' && 'PR' || '๐ŸŒฑ' }} ${{github.event_name == 'issue_comment' && github.event.issue.number || github.ref_name}} - -env: - NODE_VERSION: 18.16.1 - -# This workflow runs whenever the "deploy affected apps" checkbox is checked (for PR) -# or on every push to main -on: - push: - branches: - - main - issue_comment: - types: - - edited - -concurrency: - group: deploy-${{ github.ref }} - cancel-in-progress: true - -jobs: - checks: - if: github.event_name != 'issue_comment' || github.event.issue.pull_request - name: Check whether a deploy was requested on a PR - runs-on: ubuntu-latest - outputs: - shouldRun: ${{ github.event_name != 'issue_comment' || (contains(github.event.changes.body.from, '- [ ] ๐Ÿš€ Build and deploy storybook and demo on GitHub Pages') && contains(github.event.comment.body, '- [x] ๐Ÿš€ Build and deploy storybook and demo on GitHub Pages')) || '' }} - ref: ${{ github.event_name == 'issue_comment' && steps.comment-branch.outputs.head_ref || '' }} - - steps: - - uses: xt0rted/pull-request-comment-branch@v1 - if: github.event_name == 'issue_comment' - id: comment-branch - - gh-pages: - needs: checks - if: github.event_name != 'issue_comment' || needs.checks.outputs.shouldRun - name: Deploy Storybook to GitHub Pages - runs-on: ubuntu-latest - env: - BRANCH_NAME: ${{needs.checks.outputs.ref || 'main'}} - - steps: - - name: Dump GitHub event - env: - GITHUB_CONTEXT: ${{ toJson(github.event) }} - run: echo "$GITHUB_CONTEXT" - - - name: Checkout - uses: actions/checkout@v2 - with: - ref: ${{ needs.checks.outputs.ref }} - - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: 'npm' - - - name: add initial comment - uses: thollander/actions-comment-pull-request@v2 - if: github.event_name == 'issue_comment' - with: - message: 'GitHub Pages links: - - - ๐Ÿšง building in progress... ๐Ÿšง' - comment_tag: github-links - pr_number: ${{ github.event.issue.number }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Install - run: npm ci - - - name: Build storybook - run: npm run build:storybook - - - name: Build demo & web components - run: npm run build:demo - - - name: Build docs - run: npm run docs:build -- --base=/geonetwork-ui/${{env.BRANCH_NAME}}/docs/ && mkdir -p dist/docs && mv docs/.vitepress/dist/* dist/docs - - # FIXME: restore a system for testing web components but faster/lighter than storybook - # - name: Build storybook for web components - # run: npm run build:storybook-wc - - - name: Deploy to directory ${{ env.BRANCH_NAME }} - run: | - git config --global user.name "github-actions[bot]" - git config --global user.email "github-actions[bot]@users.noreply.github.com" - npx gh-pages --dist dist/ --dest ${{env.BRANCH_NAME}} --remove "${{env.BRANCH_NAME}}/**" --no-history --repo "https://${GITHUB_ACTOR}:${{secrets.GITHUB_TOKEN}}@github.com/${GITHUB_REPOSITORY}.git" - - - name: update PR comment - uses: thollander/actions-comment-pull-request@v2 - if: github.event_name == 'issue_comment' - with: - message: 'GitHub Pages links: - - * (Documentation)[https://geonetwork.github.io/geonetwork-ui/${{env.BRANCH_NAME}}/docs/] - - * (Demo & web components)[https://geonetwork.github.io/geonetwork-ui/${{env.BRANCH_NAME}}/demo/] - - * (UI components storybook)[https://geonetwork.github.io/geonetwork-ui/${{env.BRANCH_NAME}}/storybook/demo/]' - comment_tag: github-links - pr_number: ${{ github.event.issue.number }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml deleted file mode 100644 index e114be3fed..0000000000 --- a/.github/workflows/snyk-security.yml +++ /dev/null @@ -1,51 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -# A sample workflow which sets up Snyk to analyze the full Snyk platform (Snyk Open Source, Snyk Code, -# Snyk Container and Snyk Infrastructure as Code) -# The setup installs the Snyk CLI - for more details on the possible commands -# check https://docs.snyk.io/snyk-cli/cli-reference -# The results of Snyk Code are then uploaded to GitHub Security Code Scanning -# -# In order to use the Snyk Action you will need to have a Snyk API token. -# More details in https://github.com/snyk/actions#getting-your-snyk-token -# or you can signup for free at https://snyk.io/login -# -# For more examples, including how to limit scans to only high-severity issues -# and fail PR checks, see https://github.com/snyk/actions/ - -name: Snyk Security -run-name: ๐Ÿบ Run Snyk on ${{ github.event_name == 'pull_request' && 'PR' || '๐ŸŒฑ' }} ${{ github.event_name == 'pull_request' && github.event.number || github.ref_name }} - -on: - push: - branches: ['main'] - pull_request: - types: [opened, synchronize, ready_for_review] - -permissions: - contents: read - -jobs: - security: - permissions: - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/upload-sarif to upload SARIF results - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Run Snyk to check for vulnerabilities - uses: snyk/actions/node@master - continue-on-error: true # To make sure that SARIF upload gets called - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - with: - args: --sarif-file-output=snyk.sarif - - - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: snyk.sarif diff --git a/.github/workflows/webcomponents.yml b/.github/workflows/webcomponents.yml deleted file mode 100644 index e090eb78bb..0000000000 --- a/.github/workflows/webcomponents.yml +++ /dev/null @@ -1,65 +0,0 @@ -name: Web Components -run-name: ๐Ÿงฉ Build Web Components for ${{ github.event_name == 'issue_comment' && 'PR' || (github.event_name == 'release' && '๐Ÿท' || '๐ŸŒฑ') }} ${{github.event_name == 'issue_comment' && github.event.issue.number || github.ref_name}} - -# This workflow runs whenever a commit is pushed on main or a release is published -on: - push: - branches: - - main - tags: - - 'v*.*.*' - release: - types: [published] - -concurrency: - group: webcomponents-${{ github.ref }} - cancel-in-progress: true - -env: - NODE_VERSION: 18.16.1 - PUBLISH_BRANCH: wc-dist - -jobs: - build-publish-script: - name: Build and publish the Web Components - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - ref: ${{ needs.checks.outputs.ref }} - persist-credentials: false - fetch-depth: 0 - - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v3 - with: - node-version: ${{ env.NODE_VERSION }} - cache: 'npm' - - - name: Install dependencies - run: npm ci - - - name: Build webcomponents script - run: | - mkdir wc-dist - npm run build:demo - mv dist/demo/webcomponents/gn-wc.js wc-dist - - - name: Upload archives to release - if: github.event_name == 'release' - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: wc-dist/gn-wc.js - tag: ${{ github.ref }} - overwrite: true - - - name: Publish web component to ${{ env.PUBLISH_BRANCH }}-${{ github.ref_name }} branch - uses: peaceiris/actions-gh-pages@v3 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - force_orphan: true - publish_dir: ./wc-dist - publish_branch: ${{ env.PUBLISH_BRANCH }}-${{ github.ref_name }}