Skip to content

[MergeDups] Enable bypassing protection of protected words and senses #8923

[MergeDups] Enable bypassing protection of protected words and senses

[MergeDups] Enable bypassing protection of protected words and senses #8923

Workflow file for this run

name: frontend
on:
push:
branches: [master]
pull_request:
branches: [master]
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
lint_build:
runs-on: ubuntu-22.04
strategy:
matrix:
node-version: [20]
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: ${{ matrix.node-version }}
- run: npm ci
- run: npm run fmt-frontend-check
- run: npm run lint
- run: npm run build
test_coverage:
runs-on: ubuntu-22.04
strategy:
matrix:
node-version: [20]
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version: ${{ matrix.node-version }}
- run: npm ci
- name: Run tests and generate coverage
run: npm run test-frontend:coverage
env:
CI: true
- name: Upload coverage artifact
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
if-no-files-found: error
name: coverage
path: coverage/cobertura-coverage.xml
retention-days: 7
upload_coverage:
needs: test_coverage
runs-on: ubuntu-22.04
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
cli.codecov.io:443
github.com:443
ingest.codecov.io:443
storage.googleapis.com:443
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Download coverage artifact
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: coverage
- name: Upload coverage report
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
files: cobertura-coverage.xml
flags: frontend
name: Frontend
docker_build:
if: ${{ github.event.type }} == "PullRequest"
runs-on: ubuntu-22.04
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
auth.docker.io:443
files.pythonhosted.org:443
github.com:443
production.cloudflare.docker.com:443
pypi.org:443
registry-1.docker.io:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Build frontend
run: |
deploy/scripts/build.py --components frontend
shell: bash
- name: Image digest
run: |
docker image inspect combine_frontend:latest -f '{{json .Id}}'
shell: bash