-
-
Notifications
You must be signed in to change notification settings - Fork 224
138 lines (114 loc) · 3.64 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: CI
on: workflow_call
permissions: {}
jobs:
lint:
name: Lint source files
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
persist-credentials: false
- name: Setup Node.js
uses: actions/setup-node@v3
with:
cache: npm
node-version-file: '.node-version'
- name: Install Dependencies
run: npm ci --ignore-scripts
- name: Lint ESLint
run: npm run lint
- name: Check Types
run: npm run check
- name: Lint Prettier
run: npm run prettier:check
- name: Spellcheck
run: npm run check:spelling
- name: Lint GitHub Actions
uses: docker://rhysd/actionlint:latest
with:
args: -color
checkForCommonlyIgnoredFiles:
name: Check for commonly ignored files
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
persist-credentials: false
- name: Check if commit contains files that should be ignored
run: |
git clone --depth 1 https://github.com/github/gitignore.git
rm gitignore/Global/ModelSim.gitignore
rm gitignore/Global/Images.gitignore
rm gitignore/Global/VirtualEnv.gitignore
cat gitignore/Node.gitignore gitignore/Global/*.gitignore > all.gitignore
IGNORED_FILES=$(git ls-files --cached --ignored --exclude-from=all.gitignore)
if [[ "$IGNORED_FILES" != "" ]]; then
echo -e "::error::Please remove these files:\n$IGNORED_FILES" | sed -z 's/\n/%0A/g'
exit 1
fi
checkPackageLock:
name: Check health of package-lock.json file
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
persist-credentials: false
- name: Setup Node.js
uses: actions/setup-node@v3
with:
cache: npm
node-version-file: '.node-version'
- name: Install Dependencies
run: npm ci --ignore-scripts
- name: Check that package-lock.json doesn't have conflicts
run: npm ls --depth 999
- name: Run npm install
run: npm install --ignore-scripts --force --package-lock-only --engine-strict --strict-peer-deps
- name: Check that package-lock.json is in sync with package.json
run: git diff --exit-code package-lock.json
codeql:
name: Run CodeQL security scan
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout
security-events: write # for codeql-action
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
persist-credentials: false
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: 'javascript, typescript'
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v2
buildRelease:
name: Build release
runs-on: ubuntu-latest
permissions:
contents: read # for actions/checkout
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
persist-credentials: false
- name: Setup Node.js
uses: actions/setup-node@v3
with:
cache: npm
node-version-file: '.node-version'
- name: Install Dependencies
run: npm ci --ignore-scripts
- name: Build release
run: npm run build