Merge pull request #93 from getlarge/feat-create-eslint-rules-library #252
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: NestJS Tools CI | |
on: | |
push: | |
paths-ignore: | |
- 'README.md' | |
- '**/package-lock.json' | |
branches: | |
- main | |
pull_request: | |
types: | |
- opened | |
- reopened | |
- synchronize | |
- ready_for_review | |
paths-ignore: | |
- 'README.md' | |
- '**/package-lock.json' | |
branches: | |
- main | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
NX_CLOUD_DISTRIBUTED_EXECUTION: false | |
NX_DISTRIBUTED_TASK_EXECUTION: false | |
CI: true | |
S3_BUCKET: ${{ vars.S3_BUCKET }} | |
S3_REGION: ${{ vars.S3_REGION }} | |
GC_BUCKET: ${{ vars.GC_BUCKET }} | |
GC_PROJECT_ID: ${{ vars.GC_PROJECT_ID }} | |
permissions: | |
contents: read | |
pull-requests: write | |
id-token: write | |
actions: read | |
jobs: | |
setup-and-test: | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'push' || !github.event.pull_request.draft }} | |
timeout-minutes: 10 | |
strategy: | |
matrix: | |
node-version: [18.x, 20.x] | |
services: | |
rabbitmq: | |
image: rabbitmq:3.13-management-alpine | |
options: >- | |
--health-cmd "rabbitmq-diagnostics status" | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
- 5672:5672 | |
redis: | |
image: redis:7.4-alpine | |
options: >- | |
--health-cmd "redis-cli ping" | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
- 6379:6379 | |
steps: | |
- name: Check out repository code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.head_ref }} | |
- name: configure AWS credentials | |
uses: mcblair/[email protected] | |
with: | |
role-arn: arn:aws:iam::555175933160:role/Github_Actions_S3 | |
profile-name: github-actions | |
region: ${{ env.S3_REGION }} | |
- name: configure Google Cloud credentials | |
uses: 'google-github-actions/auth@v2' | |
with: | |
project_id: ${{ env.GC_PROJECT_ID }} | |
workload_identity_provider: 'projects/686264090118/locations/global/workloadIdentityPools/github/providers/nestjs-tools' | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'npm' | |
- name: Derive appropriate SHAs for base and head for `nx affected` commands | |
id: set-sha | |
uses: nrwl/nx-set-shas@v4 | |
- name: Install dependencies | |
run: npm ci | |
- uses: 8BitJonny/[email protected] | |
id: current-pr | |
- if: steps.current-pr.outputs.number != 'null' && github.ref_name != 'main' | |
# This line is needed for nx affected to work when CI is running on a PR | |
run: git branch --track main origin/main | |
# Boot package has issues with @asyncapi monorepo | |
# - name: Scan dependencies with Audit CI | |
# run: npm run scan:deps | |
- run: npx nx format:check | |
- name: Run checks | |
env: | |
CI: true | |
# S3_ACCESS_KEY_ID: ${{ secrets.S3_ACCESS_KEY_ID }} | |
# S3_SECRET_ACCESS_KEY: ${{ secrets.S3_SECRET_ACCESS_KEY }} | |
AWS_PROFILE: github-actions | |
S3_BUCKET: ${{ env.S3_BUCKET }} | |
S3_REGION: ${{ env.S3_REGION }} | |
GC_BUCKET: ${{ env.GC_BUCKET }} | |
GC_PROJECT_ID: ${{ env.GC_PROJECT_ID }} | |
PREFIX: ${{ matrix.node-version }} | |
run: npx nx affected -t lint,test,build --parallel=2 | |
- name: Upload coverage | |
uses: actions/upload-artifact@v4 | |
with: | |
name: coverage-${{ matrix.node-version }} | |
path: ./coverage | |
retention-days: 2 | |
scan: | |
needs: setup-and-test | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
strategy: | |
matrix: | |
node-version: [20.x] | |
steps: | |
- name: Check out repository code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
- name: Use Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: Get current version | |
id: package-version | |
uses: martinbeentjes/npm-get-version-action@main | |
- name: Retrieve coverage | |
uses: actions/download-artifact@v4 | |
with: | |
name: coverage-${{ matrix.node-version }} | |
path: ./coverage | |
- name: SonarCloud Scan | |
uses: sonarsource/sonarcloud-github-action@master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
with: | |
args: > | |
-Dsonar.projectVersion=${{ steps.package-version.outputs.current-version }} |