Skip to content

Enable/Disable analytics based on user consent #8932

Enable/Disable analytics based on user consent

Enable/Disable analytics based on user consent #8932

Workflow file for this run

name: frontend
on:
push:
branches: [master]
pull_request:
branches: [master]
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
lint_build:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [20]
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: ${{ matrix.node-version }}
- run: npm ci
- run: npm run fmt-frontend-check
- run: npm run lint
- run: npm run build
test_coverage:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [20]
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
github.com:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
with:
node-version: ${{ matrix.node-version }}
- run: npm ci
- run: npm run test-frontend:coverage
env:
CI: true
- name: Upload coverage artifact
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
if-no-files-found: error
name: coverage
path: coverage/cobertura-coverage.xml
retention-days: 7
upload_coverage:
needs: test_coverage
runs-on: ubuntu-latest
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
api.codecov.io:443
cli.codecov.io:443
codecov.io:443
github.com:443
storage.googleapis.com:443
uploader.codecov.io:443
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Download coverage artifact
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: coverage
- name: Upload coverage report
uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
files: cobertura-coverage.xml
flags: frontend
name: Frontend
docker_build:
runs-on: ubuntu-latest
if: ${{ github.event.type }} == "PullRequest"
steps:
# See https://docs.stepsecurity.io/harden-runner/getting-started/ for instructions on
# configuring harden-runner and identifying allowed endpoints.
- name: Harden Runner
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
auth.docker.io:443
files.pythonhosted.org:443
github.com:443
production.cloudflare.docker.com:443
pypi.org:443
registry-1.docker.io:443
registry.npmjs.org:443
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Build frontend
run: |
deploy/scripts/build.py --components frontend
shell: bash
- name: Image digest
run: |
docker image inspect combine_frontend:latest -f '{{json .Id}}'
shell: bash