-
-
Notifications
You must be signed in to change notification settings - Fork 209
190 lines (158 loc) · 8.32 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
name: CI
on:
push:
branches: [main]
pull_request:
branches: [main, 'next-major-release/**']
concurrency:
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
cancel-in-progress: true
env:
NX_BRANCH: ${{ github.event.pull_request.number || github.ref_name }}
NX_VERBOSE_LOGGING: false
NX_CLOUD_DEBUG_URLS: false
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }}
jobs:
primary:
name: Primary
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install node and npm based on the volta config in our package.json
uses: volta-cli/action@v4
- name: Get yarn cache directory path and node version for cache key and NX_CI_EXECUTION_ENV
id: yarn-cache-dir-path
run: |
echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
echo "node_version=$(node --version)" >> $GITHUB_OUTPUT
# Added the - at the end to function as a separator to improve readability in the PR comment from the Nx cloud app
echo "NX_CI_EXECUTION_ENV=Node $(node --version) -" >> $GITHUB_ENV
- name: Start Nx Cloud CI Run
run: npx nx-cloud start-ci-run --distributes-on="6 custom-linux-medium-plus-js" --stop-agents-after="e2e-suite"
- uses: actions/cache@v4
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-node-${{ steps.yarn-cache-dir-path.outputs.node_version }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-node-${{ steps.yarn-cache-dir-path.outputs.node_version }}-yarn-
- name: Install dependencies (skipping postinstall)
# We use --ignore-scripts to skip automatic postinstall and give us more control over distributing build tasks
run: |
yarn --ignore-engines --frozen-lockfile --prefer-offline --ignore-scripts
yarn check-clean-workspace-after-install
- name: Run parallel distributed tasks for build, typecheck, check-rule-docs, check-rule-lists, lint and test targets
uses: jameshenry/parallel-bash-commands@v1
with:
# Note that the typecheck target *also* typechecks tests and tools,
# whereas the build only checks src files
cmd1: npx nx run-many -t build,typecheck,check-rule-docs,lint,check-rule-lists
cmd2: npx nx run-many -t test --codeCoverage
cmd3: npx nx-cloud record -- yarn format-check
# Run distributed e2e test suites with independent local registries (max 1 per agent via parallel=1)
- name: Run e2e test suites
run: npx nx run-many -t e2e-suite --parallel 1
- name: Publish code coverage report
uses: codecov/codecov-action@v4
with:
files: coverage/packages/**/lcov.info
flags: unittest
name: codecov
token: ${{ secrets.CODECOV_TOKEN }}
- name: Stop all running agents for this CI run
# It's important that we always run this step, otherwise in the case of any failures in preceding non-Nx steps, the agents will keep running and waste billable minutes
if: ${{ always() }}
run: yarn nx-cloud stop-all-agents
unit_tests_on_other_node_versions:
name: Unit tests on other supported Node versions
runs-on: ubuntu-latest
strategy:
matrix:
# Additionally supported node versions taken from:
# https://gist.github.com/LayZeeDK/c822cc812f75bb07b7c55d07ba2719b3
node: ['^18.13.0']
steps:
- uses: actions/checkout@v4
- uses: volta-cli/action@v4
with:
# The Node.js version to configure
node-version: ${{ matrix.node }}
- name: Get yarn cache directory path and node version for cache key and NX_CI_EXECUTION_ENV
id: yarn-cache-dir-path
run: |
echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
echo "node_version=$(node --version)" >> $GITHUB_OUTPUT
# Added the - at the end to function as a separator to improve readability in the PR comment from the Nx cloud app
# NOTE: We are intentionally not using matrix.node here because that does not contain the full semver value
echo "NX_CI_EXECUTION_ENV=Node $(node --version) -" >> $GITHUB_ENV
- uses: actions/cache@v4
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-node-${{ steps.yarn-cache-dir-path.outputs.node_version }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-node-${{ steps.yarn-cache-dir-path.outputs.node_version }}-yarn-
- name: Install dependencies (skipping postinstall)
# We use --ignore-scripts to skip automatic postinstall and give us more control to distribute tasks
run: |
yarn --ignore-engines --frozen-lockfile --prefer-offline --ignore-scripts
- name: Run build targets on Node ${{ matrix.node }} (not distributable)
env:
# We cannot distribute these because the agents are set up to run the primary node version, not this alternative we are testing
NX_CLOUD_DISTRIBUTED_EXECUTION: false
run: yarn build
- name: Run test targets on Node ${{ matrix.node }} (not distributable)
env:
# We cannot distribute these because the agents are set up to run the primary node version, not this alternative we are testing
NX_CLOUD_DISTRIBUTED_EXECUTION: false
run: yarn test
- run: yarn nx-cloud complete-ci-run
# It's important that we always run this step, otherwise in the case of any failures in preceding non-Nx steps, the agents will keep running and waste billable minutes
if: ${{ always() }}
publish_canary_version:
name: Publish the latest code as a canary version
runs-on: ubuntu-latest
permissions:
id-token: write # needed for provenance data generation
needs: [primary]
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # we need the tags to be available
- name: Install node and npm based on the volta config in our package.json
uses: volta-cli/action@v4
- name: Get yarn cache directory path and node version for cache key
id: yarn-cache-dir-path
run: |
echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
echo "node_version=$(node --version)" >> $GITHUB_OUTPUT
- name: Apply version resolved by volta to standard Node action make authenticated npm publish easier
uses: actions/setup-node@v4
with:
node-version: ${{ steps.yarn-cache-dir-path.outputs.node_version }}
registry-url: https://registry.npmjs.org/
- uses: actions/cache@v4
id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-node-${{ steps.yarn-cache-dir-path.outputs.node_version }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-node-${{ steps.yarn-cache-dir-path.outputs.node_version }}-yarn-
- name: Install dependencies (skipping postinstall)
# We use --ignore-scripts to skip automatic postinstall and give us more control to distribute tasks
run: |
yarn --ignore-engines --frozen-lockfile --prefer-offline --ignore-scripts
- name: Run build ahead of publishing
# We cannot distribute this because the agents have already been stopped by this point
# but it should not matter because this should be a full cloud cache hit
run: NX_CLOUD_DISTRIBUTED_EXECUTION=false yarn build
- name: Figure out and apply the next canary version
run: yarn tsx ./tools/scripts/apply-canary-version.ts
- name: Publish all packages to npm with the canary tag
# NOTE: this needs to be npx, rather than yarn, to make sure the authenticated npm registry is used
run: npx nx release publish --tag canary
env:
NX_CLOUD_DISTRIBUTED_EXECUTION: false
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_CONFIG_PROVENANCE: true