Skip to content

meta: bump stylelint-config-recommended-scss from 12.0.0 to 13.0.0 #1994

meta: bump stylelint-config-recommended-scss from 12.0.0 to 13.0.0

meta: bump stylelint-config-recommended-scss from 12.0.0 to 13.0.0 #1994

Workflow file for this run

# Security Notes
# Only selected Actions are allowed within this repository. Please refer to (https://github.com/nodejs/nodejs.org/settings/actions)
# for the full list of available actions. If you want to add a new one, please reach out a maintainer with Admin permissions.
# REVIEWERS, please always double-check security practices before merging a PR that contains Workflow changes!!
# AUTHORS, please only use actions with explicit SHA references, and avoid using `@master` or `@main` references or `@version` tags.
name: Pull Request Checks
on:
pull_request_target:
branches:
- main
types:
- labeled
merge_group:
defaults:
run:
# This ensures that the working directory is the root of the repository
working-directory: ./
permissions:
contents: read
actions: read
# This permission is required by `peter-evans/create-or-update-comment`
# This permission is required by `MishaKav/jest-coverage-comment`
pull-requests: write
jobs:
# This Job removes the label after it got applied to ensure that we can easily apply again when needed
remove_pull_request_label:
if: |
github.event.action == 'labeled' &&
github.event.label.name == 'github_actions:pull-request'
name: Remove Pull Request Label
runs-on: ubuntu-latest
steps:
- name: Remove GitHub Actions Label
uses: actions-ecosystem/action-remove-labels@2ce5d41b4b6aa8503e285553f75ed56e0a40bae0
with:
labels: github_actions:pull-request
base:
# This Job ensures that these jobs run either on regular Pull Request Updates
# Or if the PR gets labeled with `github_actions:pull-request`
if: |
github.event.action != 'labeled' ||
(github.event.action == 'labeled' && github.event.label.name == 'github_actions:pull-request')
name: Base Tasks
runs-on: ubuntu-latest
outputs:
fetch_depth: ${{ steps.calculate_current_commits.outputs.fetch_depth }}
turbo_args: ${{ steps.turborepo_arguments.outputs.turbo_args }}
steps:
- name: Calculate Commits to Checkout
id: calculate_current_commits
# This calculates the amount of commits we should fetch during our shallow clone
# This calculates the amount of commits this PR produced diverged from the base branch + 1
# Which should include the "merge" commit reference
# In other words, the GitHub Action will always have the full history of the current PR
# We need all the commits of the PR so that `turbo --filter` works correctly
run: |
if [ "${{ github.event_name }}" == "pull_request_target" ]; then
echo "fetch_depth=$(( ${{ github.event.pull_request.commits }} + 1 ))" >> "$GITHUB_OUTPUT"
else
echo "fetch_depth=1" >> "$GITHUB_OUTPUT"
fi
- name: Provide Turborepo Arguments
id: turborepo_arguments
# `--filter` flag allows us to tell TurboRepo to only run a said command if there were any changes found in a given --filter range
# It verifies if any change was done to any of the including `glob` patterns described for a said command on `turbo.json`
# By default in this Workflow we use the `...[$TURBO_REF_FILTER]` as a value to the filter flag which tells Turborepo to look changes
# between the latest base branch commit and all the commits of this PR; That's why we use the `pull_request.base.sha` as a ref to the last
# commit on the base branch that this pull_request refers to.
# We also set the Turborepo Cache to the `.turbo` folder
# See https://turbo.build/repo/docs/reference/command-line-reference/run#--filter
# See https://turbo.build/repo/docs/reference/command-line-reference/run#--cache-dir
# See https://turbo.build/repo/docs/reference/command-line-reference/run#--force
run: |
if [ "${{ github.event_name }}" == "pull_request_target" ]; then
echo "turbo_args=--filter=\"[HEAD~${{ github.event.pull_request.commits }}...HEAD]\" --cache-dir=.turbo/cache" >> "$GITHUB_OUTPUT"
else
echo "turbo_args=--cache-dir=.turbo/cache" >> "$GITHUB_OUTPUT"
fi
lint:
# This Job ensures that these jobs run either on regular Pull Request Updates
# Or if the PR gets labeled with `github_actions:pull-request`
if: |
github.event.action != 'labeled' ||
(github.event.action == 'labeled' && github.event.label.name == 'github_actions:pull-request')
name: Lint
runs-on: ubuntu-latest
needs: [base]
steps:
- name: Git Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
with:
# Here we apply the Environment Variable created above on the "Calculate Commits to Checkout"
fetch-depth: ${{ needs.base.outputs.fetch_depth }}
- name: Restore Lint Cache
uses: actions/cache/restore@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
with:
path: |
.turbo/cache
node_modules/.cache
# We want to restore Turborepo Cache and ESlint and Prettier Cache
key: cache-lint-${{ hashFiles('package-lock.json') }}-
restore-keys: |
cache-lint-${{ hashFiles('package-lock.json') }}-
cache-lint-
- name: Set up Node.js
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d
with:
# We want to ensure that the Node.js version running here respects our supported versions
node-version-file: '.nvmrc'
cache: 'npm'
- name: Install NPM packages
# We want to avoid NPM from running the Audit Step and Funding messages on a CI environment
# We also use `npm i` instead of `npm ci` so that the node_modules/.cache folder doesn't get deleted
run: npm i --no-audit --no-fund --ignore-scripts --userconfig=/dev/null
- name: Run `turbo lint`
# We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user
# the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job
run: npx --package=turbo@latest -- turbo lint ${{ needs.base.outputs.turbo_args }}
- name: Run `turbo prettier`
# We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user
# the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job
run: npx --package=turbo@latest -- turbo prettier ${{ needs.base.outputs.turbo_args }}
- name: Run `tsc build`
# We want to check that all TypeScript checks are working as expected
run: npx --package=typescript@latest -- tsc --build .
- name: Save Lint Cache
# We don't need to upload a Lint Cache for Dependabot PRs and also when the GitHub Event is not a Pull Request
# i.e. if the Event is a Merge Queue Event
if: |
github.event_name == 'pull_request_target' &&
startsWith(github.event.pull_request.head.ref, 'dependabot/') == false
uses: actions/cache/save@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
with:
path: |
.turbo/cache
node_modules/.cache
key: cache-lint-${{ hashFiles('package-lock.json') }}-${{ hashFiles('.turbo/cache/**') }}
tests:
# This Job ensures that these jobs run either on regular Pull Request Updates
# Or if the PR gets labeled with `github_actions:pull-request`
if: |
github.event.action != 'labeled' ||
(github.event.action == 'labeled' && github.event.label.name == 'github_actions:pull-request')
name: Tests
runs-on: ubuntu-latest
needs: [base]
environment:
name: Storybook
url: ${{ steps.chromatic-deploy.outputs.storybookUrl }}
steps:
- name: Git Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
with:
# Here we apply the Environment Variable created above on the "Calculate Commits to Checkout"
fetch-depth: ${{ needs.base.outputs.fetch_depth }}
- name: Restore Tests Cache
uses: actions/cache/restore@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
with:
path: |
.turbo/cache
node_modules/.cache
# We want to restore Turborepo Cache and Storybook Cache
key: cache-tests-${{ hashFiles('package-lock.json') }}-
restore-keys: |
cache-tests-${{ hashFiles('package-lock.json') }}-
cache-tests-
- name: Set up Node.js
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d
with:
# We want to ensure that the Node.js version running here respects our supported versions
node-version-file: '.nvmrc'
cache: 'npm'
- name: Install NPM packages
# We want to avoid NPM from running the Audit Step and Funding messages on a CI environment
# We also use `npm i` instead of `npm ci` so that the node_modules/.cache folder doesn't get deleted
run: npm i --no-audit --no-fund --userconfig=/dev/null
- name: Run Unit Tests
# We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user
# the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job
run: npx --package=turbo@latest -- turbo test:unit ${{ needs.base.outputs.turbo_args }} -- --ci --coverage
- name: Build Storybook
# Assigns an ID to be reused on other steps
id: storybook_build
# Skips a few steps if not on a Pull Request (Merge Group) or it is a Dependabot PR
# i.e. if the Event is a Merge Queue Event
if: |
github.event_name == 'pull_request_target' &&
startsWith(github.event.pull_request.head.ref, 'dependabot/') == false
# We Build Storybook Locally and then upload it so it can be used on another Workflow
# We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user
# the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job
# We also always want to run the Storybok Build (Force) to ensure that Chromatic can upload the Build
run: npx --package=turbo@latest -- turbo storybook:build ${{ needs.base.outputs.turbo_args }} --force=true
- name: Start Visual Regression Tests (Chromatic)
# This assigns the Environment Deployment for Storybook
id: chromatic-deploy
# This prevents this step from running if "Storybook Build" got cancelled; Which gets cancelled if
# the curruent branch comes from Dependabot or the Event is not a Pull Request (i.e. Merge Queue Event)
if: steps.storybook_build.outcome == 'success'
uses: chromaui/action@v1
with:
projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}
storybookBuildDir: storybook-static
exitOnceUploaded: true
onlyChanged: true
- name: Jest Coverage Comment
# This prevents this step from running if "Storybook Build" got cancelled; Which gets cancelled if
# the curruent branch comes from Dependabot or the Event is not a Pull Request (i.e. Merge Queue Event)
if: steps.storybook_build.outcome == 'success'
# This comments the current Jest Coverage Report containing JUnit XML reports
# and a Code Coverage Summary
uses: MishaKav/jest-coverage-comment@41b5ca01d1250de84537448d248b8d18152cb277
with:
title: 'Unit Test Coverage Report'
junitxml-path: ./junit.xml
junitxml-title: Unit Test Report
- name: Save Tests Cache
# This prevents this step from running if "Storybook Build" got cancelled; Which gets cancelled if
# the curruent branch comes from Dependabot or the Event is not a Pull Request (i.e. Merge Queue Event)
if: steps.storybook_build.outcome == 'success'
uses: actions/cache/save@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
with:
path: |
.turbo/cache
node_modules/.cache
key: cache-tests-${{ hashFiles('package-lock.json') }}-${{ hashFiles('.turbo/cache/**') }}