build(deps-dev): bump @nx/workspace from 20.8.0 to 21.6.3 #10579
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "pull-request" | |
| on: | |
| workflow_call: | |
| inputs: | |
| dry-run-flag: | |
| description: 'enable dry-run on artifact push' | |
| required: false | |
| type: boolean | |
| default: true | |
| devel: | |
| description: 'devel' | |
| required: false | |
| type: boolean | |
| default: false | |
| cron-run: | |
| description: 'disables jobs which should not run when cron runs e2es' | |
| required: false | |
| type: boolean | |
| default: false | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| branches: | |
| - develop | |
| - master | |
| - develop-patch* | |
| - master-patch* | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| BASE_REF: ${{ github.base_ref }} | |
| HEAD_REF: ${{ github.head_ref }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| GITHUB_BRANCH: ${{ github.ref_name }} | |
| GH_BUILD_DIR: ${{ github.workspace }} | |
| GH_COMMIT: ${{ github.sha }} | |
| BUILD_ID: ${{ github.run_id }} | |
| GH_RUN_NUMBER: ${{ github.run_attempt }} | |
| GH_BUILD_NUMBER: ${{ github.run_id }} | |
| JOB_ID: ${{ github.run_id }} | |
| LOG_LEVEL: "ERROR" | |
| S3_BUILD_BUCKET_SHORT_NAME: ${{ secrets.S3_BUILD_BUCKET_SHORT_NAME }} | |
| NODE_OPTIONS: "--max-old-space-size=5120" | |
| DOCKER_REPOSITORY_DOMAIN: ${{ secrets.DOCKER_REPOSITORY_DOMAIN }} | |
| DOCKER_REPOSITORY_USER: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_REPOSITORY_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| REPO_OWNER: "Alfresco" | |
| REPO_NAME: "alfresco-ng2-components" | |
| BUILT_LIBS_DIR: "./dist/libs" | |
| NODE_MODULES_DIR: "./node_modules" | |
| REDIRECT_URI: / | |
| jobs: | |
| pre-checks: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - name: Ensure SHA pinned actions | |
| uses: zgosalvez/github-actions-ensure-sha-pinned-actions@fc87bb5b5a97953d987372e74478de634726b3e5 # v3.0.25 | |
| - name: Check package-lock.json version | |
| run: | | |
| if [[ $(jq '.lockfileVersion == 3' package-lock.json) == "true" ]] ; then | |
| echo "package-lock.json has a correct version" | |
| else | |
| echo "package-lock must be version 3" | |
| exit 1 | |
| fi | |
| check-if-pr-is-approved: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get branch name | |
| uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@62d25370db3ca229de518fab5b32ec014a061101 # v8.33.1 | |
| - name: Save commit message | |
| uses: Alfresco/alfresco-build-tools/.github/actions/get-commit-message@62d25370db3ca229de518fab5b32ec014a061101 # v8.33.1 | |
| - name: ci:force flag parser | |
| shell: bash | |
| run: | | |
| if [ "${{ github.event_name }}" == "schedule" ] || [ "${{ github.actor }}" == "dependabot[bot]" ]; then | |
| echo -e "\033[32mci:force check can be skipped\033[0m" | |
| skip_check="true" | |
| elif [[ "$COMMIT_MESSAGE" == *"[ci:force]"* ]]; then | |
| echo -e "\033[32m[ci:force] flag detected. No need for approval.\033[0m" | |
| skip_check="true" | |
| fi | |
| - name: Get PR number | |
| if: ${{ github.event_name != 'schedule' && github.event_name != 'workflow_dispatch' }} | |
| uses: kamatama41/get-pr-number-action@0bcaab5752c0b699149e74667c8ce2f764cbb7fa # v0.9.1 | |
| id: action | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: show pr number | |
| shell: bash | |
| run: | | |
| echo "PR: ${{ steps.action.outputs.number }}" | |
| - name: check if pr is approved | |
| env: | |
| DEVEL_FLAG: ${{ inputs.devel }} | |
| GH_TOKEN: ${{ github.token }} | |
| skip_check: "false" | |
| run: | | |
| if [ "${{ github.event_name }}" == "schedule" ] || [ "${{ github.actor }}" == "dependabot[bot]" ]; then | |
| echo -e "\033[32mci:force check can be skipped\033[0m" | |
| skip_check="true" | |
| elif [[ "$COMMIT_MESSAGE" == *"[ci:force]"* ]]; then | |
| echo -e "\033[32m[ci:force] flag detected. No need for approval.\033[0m" | |
| skip_check="true" | |
| fi | |
| if [ "${{ github.actor }}" == "dependabot[bot]" ] || [ "${{ github.actor }}" == "alfresco-build" ]; then | |
| echo -e "\033[32mCommit by ${{ github.actor }}. No need for approval.\033[0m" | |
| skip_check="true" | |
| fi | |
| if [ "${{ github.event_name }}" == "schedule" ] || [ "${{ github.event_name }}" == "workflow_dispatch" ]; then | |
| echo -e "\033[32mSchedule event\033[0m" | |
| skip_check="true" | |
| fi | |
| if [[ "$DEVEL_FLAG" == "true" ]]; then | |
| echo -e "\033[32mDevel flag\033[0m" | |
| skip_check="true" | |
| fi | |
| if [ "$skip_check" == "false" ]; then | |
| echo "Checking PR approval" | |
| prNumber=${{ steps.action.outputs.number }} | |
| echo "PR: $prNumber" | |
| checkApproval=$(gh api /repos/$GITHUB_REPOSITORY/pulls/$prNumber/reviews | jq '.[] | select(.state == "APPROVED") | .user.login') | |
| if [[ $checkApproval ]]; then | |
| echo -e "\033[32mPR approved\033[0m" | |
| else | |
| echo -e "\033[31mPR NOT approved\033[0m" | |
| exit 1 | |
| fi | |
| fi | |
| setup: | |
| # long timeout required when cache has to be recreated | |
| timeout-minutes: 30 | |
| name: "Setup" | |
| runs-on: ubuntu-latest | |
| needs: [check-if-pr-is-approved, pre-checks] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 # Fetch all history for all tags and branches | |
| - uses: ./.github/actions/setup | |
| - name: install | |
| run: | | |
| npm ci | |
| npm run bundle:js-api | |
| npm run bundle:cli | |
| - uses: ./.github/actions/upload-node-modules-and-artifacts | |
| unit-tests: | |
| timeout-minutes: 30 | |
| name: "Unit tests: ${{ matrix.unit-tests.name }}" | |
| runs-on: ubuntu-latest | |
| needs: [setup] | |
| strategy: | |
| fail-fast: false | |
| # max-parallel: 4 | |
| matrix: | |
| unit-tests: | |
| - name: js-api | |
| exclude: "core,insights,content-services,process-services,process-services-cloud,eslint-plugin-eslint-angular" | |
| - name: content-services | |
| exclude: "insights,core,extensions,process-services,process-services-cloud,eslint-plugin-eslint-angular,js-api" | |
| - name: core | |
| exclude: "insights,content-services,process-services,process-services-cloud,eslint-plugin-eslint-angular,js-api" | |
| - name: insights | |
| exclude: "core,extensions,content-services,process-services-cloud,process-services,eslint-plugin-eslint-angular,js-api" | |
| - name: process-services | |
| exclude: "core,extensions,content-services,process-services-cloud,insights,eslint-plugin-eslint-angular,js-api" | |
| - name: process-services-cloud | |
| exclude: "insights,core,extensions,content-services,process-services$,eslint-plugin-eslint-angular,js-api" | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 # Fetch all history for all tags and branches | |
| - uses: ./.github/actions/setup | |
| - uses: ./.github/actions/download-node-modules-and-artifacts | |
| - name: Run unit tests | |
| run: | | |
| /usr/bin/xvfb-run --auto-servernum npm run test:affected -- $NX_CALCULATION_FLAGS --exclude=${{ matrix.unit-tests.exclude }} | |
| lint: | |
| # long timeout required when cache has to be recreated | |
| timeout-minutes: 30 | |
| name: "Lint" | |
| runs-on: ubuntu-latest | |
| needs: [setup] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 # Fetch all history for all tags and branches | |
| - uses: ./.github/actions/setup | |
| - uses: ./.github/actions/download-node-modules-and-artifacts | |
| - run: npm run lint:affected -- $NX_CALCULATION_FLAGS | |
| build-libs: | |
| # long timeout required when cache has to be recreated | |
| timeout-minutes: 30 | |
| name: "Build libs" | |
| runs-on: ubuntu-latest | |
| needs: [setup] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 # Fetch all history for all tags and branches | |
| - uses: ./.github/actions/setup | |
| - uses: ./.github/actions/download-node-modules-and-artifacts | |
| - run: NX_REJECT_UNKNOWN_LOCAL_CACHE=0 npm run build:affected -- $NX_CALCULATION_FLAGS --prod | |
| - uses: ./.github/actions/upload-node-modules-and-artifacts | |
| PR-forbidden-labels: | |
| if: ${{ inputs.cron-run == '' || inputs.cron-run == 'false' }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - id: checkoutRepo | |
| name: Checkout repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 1 | |
| - name: PR contains forbidden labels | |
| id: pr-forbidden | |
| uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 | |
| with: | |
| script: | | |
| const issueHasLabels = require('./scripts/github/update/check-issue-has-label.js'); | |
| const checkLabels = ['next version ➡️', 'do not merge🙅🏻♂️']; | |
| const hasLabel = await issueHasLabels({github, context, checkLabels}) | |
| if(hasLabel) { | |
| core.setFailed('The PR contains a forbidden label! You are not allowed to merge until the label is there.'); | |
| } | |
| - name: Check value after | |
| run: | | |
| echo "result ${{ toJson(steps.pr-forbidden.*.result) }}" && echo "result ${{ steps.pr-forbidden.*.result }}" | |
| echo "result ${{ contains(toJson(steps.pr-forbidden.*.result), 'failure') }}" | |
| finalize: | |
| if: ${{ always() }} | |
| runs-on: ubuntu-latest | |
| name: Final Results | |
| needs: [check-if-pr-is-approved, pre-checks, setup, unit-tests, lint, build-libs] | |
| steps: | |
| - name: Check job execution status | |
| if: >- | |
| ${{ | |
| contains(needs.*.result, 'failure') | |
| || contains(needs.*.result, 'cancelled') | |
| }} | |
| run: exit 1 |