-
Notifications
You must be signed in to change notification settings - Fork 7
120 lines (104 loc) · 3.3 KB
/
test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
name: Tests
on:
push:
branches:
- "**"
tags-ignore:
- "v*"
pull_request:
branches:
- main
permissions:
contents: read
jobs:
go-test:
name: Go Tests
permissions:
id-token: write
contents: read
uses: harryzcy/github-actions/.github/workflows/go.yml@main
with:
working-directory: bff
jest-test:
name: Jest Tests
runs-on: ubuntu-24.04
strategy:
matrix:
node-version: [20.x, 22.x]
permissions:
id-token: write
defaults:
run:
working-directory: web
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
cli.codecov.io:443
codecov.io:443
github.com:443
registry.npmjs.org:443
storage.googleapis.com:443
uploader.codecov.io:443
objects.githubusercontent.com:443
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Node
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: ${{ matrix.node-version }}
- name: Install dependencies
run: npm ci
- name: Run tests
run: npm test
- name: Upload coverage to Codecov
uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7
with:
use_oidc: true
docker:
name: Docker Build
runs-on: ubuntu-24.04
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
auth.docker.io:443
github.com:443
production.cloudflare.docker.com:443
proxy.golang.org:443
registry-1.docker.io:443
registry.npmjs.org:443
storage.googleapis.com:443
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
- name: Get build variables
run: |
# shellcheck disable=SC2129
echo "BUILD_COMMIT=$(git rev-parse --short "$GITHUB_SHA")" >> "$GITHUB_ENV"
echo "BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")" >> "$GITHUB_ENV"
echo "BUILD_VERSION=$(git describe --tags --always)" >> "$GITHUB_ENV"
- name: Check build variables
run: |
echo "$BUILD_COMMIT"
echo "$BUILD_DATE"
echo "$BUILD_VERSION"
- name: Build docker image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
context: .
build-args: |
BUILD_DATE=${{ env.BUILD_DATE }}
BUILD_COMMIT=${{ env.BUILD_COMMIT }}
BUILD_VERSION=${{ env.BUILD_VERSION }}
platforms: linux/amd64,linux/arm64/v8
push: false