-
Notifications
You must be signed in to change notification settings - Fork 3.1k
232 lines (200 loc) · 8.61 KB
/
ci-pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
# Unique name for this workflow
name: CI on PR
# Definition when the workflow should run
on:
workflow_dispatch:
inputs:
prerelease:
description: 'Run on a prerelease org?'
required: false
type: boolean
pull_request:
types: [opened, edited, synchronize, reopened]
# Workflow environment variables
env:
# Is the PR base branch a prerelease branch
IS_PRERELEASE: ${{ startsWith(github.event.pull_request.base.ref, 'prerelease/') || inputs.prerelease }}
# Jobs to be executed
jobs:
# Dummy job used to skip CI run on automated PRs
skip-ci:
if: github.actor == 'trailheadapps-bot'
runs-on: trailheadapps-Ubuntu
steps:
- name: Noop
run: |
echo "Skipping CI run for automated PRs."
# Formatting and linting only runs on human-submitted PRs
format-lint-lwc-tests:
if: github.actor != 'trailheadapps-bot'
runs-on: trailheadapps-Ubuntu
steps:
# Checkout the source code
- name: 'Checkout source code'
uses: actions/checkout@v4
# Install Volta to enforce proper node and package manager versions
- name: 'Install Volta'
uses: volta-cli/action@v4
# Cache node_modules to speed up the process
- name: 'Restore node_modules cache'
id: cache-npm
uses: actions/cache@v4
with:
path: node_modules
key: npm-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
npm-${{ env.cache-name }}-
npm-
# Install npm dependencies for Prettier and Jest
- name: 'Install npm dependencies'
if: steps.cache-npm.outputs.cache-hit != 'true'
run: HUSKY=0 npm ci
# Prettier formatting
- name: 'Code formatting verification with Prettier'
run: npm run prettier:verify
# Lint LWC / Aura
- name: 'Lint Lightning Web Components / Aura Components'
run: npm run lint
# LWC unit tests
- name: 'Unit test Lightning Web Components'
run: npm run test:unit:coverage
# Upload code coverage data
- name: 'Upload code coverage for LWC to Codecov.io'
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: LWC
# Auto merge Dependabot PRs for:
# - patch updates on prod dependencies
# - minor updates on dev dependencies
dependabot-auto-merge:
# Only run for Dependabot PRs
if: github.actor == 'dependabot[bot]'
runs-on: trailheadapps-Ubuntu
needs: format-lint-lwc-tests
permissions:
pull-requests: write
contents: write
steps:
- name: 'Fetch Dependabot metadata'
id: dependabot
uses: dependabot/fetch-metadata@v2
- name: 'Check auto merge conditions'
id: auto-merge
if: |
(
steps.dependabot.outputs.update-type == 'version-update:semver-patch' &&
contains('direct:production,indirect:production', steps.dependabot.outputs.dependency-type)
) || (
contains('version-update:semver-minor,version-update:semver-patch', steps.dependabot.outputs.update-type) &&
contains('direct:development,indirect:development', steps.dependabot.outputs.dependency-type)
)
run: echo "::notice ::auto-merge conditions satisfied"
- name: 'Approve and merge PR'
if: steps.auto-merge.conclusion == 'success'
run: |
gh pr review --approve "$PR_URL"
gh pr merge --auto --rebase "$PR_URL"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_URL: ${{ github.event.pull_request.html_url }}
scratch-org-test:
runs-on: trailheadapps-Ubuntu
needs: format-lint-lwc-tests
if: github.actor != 'dependabot[bot]'
steps:
# Checkout the source code
- name: 'Checkout source code'
uses: actions/checkout@v4
# Run PMD scan
- name: 'Run PMD scan'
uses: pmd/[email protected]
id: pmd
with:
version: '6.55.0'
sourcePath: 'force-app'
rulesets: 'ruleset.xml'
# Check for PMD violations
- name: 'Check for PMD violations'
if: steps.pmd.outputs.violations != 0
run: exit 1
# Install Salesforce CLI
- name: 'Install Salesforce CLI'
run: |
npm install @salesforce/cli --location=global
nodeInstallPath=$(npm config get prefix)
echo "$nodeInstallPath/bin" >> $GITHUB_PATH
sf --version
# Store secret for dev hub
- name: 'Populate auth file with DEVHUB_SFDX_URL secret'
shell: bash
run: |
echo ${{ secrets.DEVHUB_SFDX_URL }} > ./DEVHUB_SFDX_URL.txt
secretFileSize=$(wc -c "./DEVHUB_SFDX_URL.txt" | awk '{print $1}')
if [ $secretFileSize == 1 ]; then
echo "Missing DEVHUB_SFDX_URL secret. Is this workflow running on a fork?";
exit 1;
fi
# Authenticate dev hub
- name: 'Authenticate Dev Hub'
run: sf org login sfdx-url -f ./DEVHUB_SFDX_URL.txt -a devhub -d
# Create prerelease scratch org
- name: 'Create prerelease scratch org'
if: ${{ env.IS_PRERELEASE }}
run: sf org create scratch -f config/project-scratch-def.json -a scratch-org -d -y 1 --release=preview
# Create scratch org
- name: 'Create scratch org'
if: ${{ !env.IS_PRERELEASE }}
run: sf org create scratch -f config/project-scratch-def.json -a scratch-org -d -y 1
# Deploy source to scratch org
- name: 'Push source to scratch org'
run: sf project deploy start
# Deploy source to scratch org
- name: 'Push source to scratch org'
run: sf project deploy start
# Assign permissionset
- name: 'Assign permissionset to default user'
run: sf org assign permset -n recipes
# Import sample data
- name: 'Import sample data'
run: sf data tree import -p ./data/data-plan.json
# Run Apex tests in scratch org
- name: 'Run Apex tests'
run: sf apex test run -c -r human -d ./tests/apex -w 20
# Upload code coverage data
- name: 'Upload code coverage for Apex to Codecov.io'
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: Apex
# Housekeeping
- name: 'Delete scratch org'
if: always()
run: sf org delete scratch -p -o scratch-org
trigger-packaging:
runs-on: trailheadapps-Ubuntu
needs: scratch-org-test
steps:
# Checkout the source code
- name: 'Checkout source code'
uses: actions/checkout@v4
# Check for package changes using git diff
- name: 'Check for package changes'
id: checkForChanges
run: |
git fetch origin $GITHUB_BASE_REF --depth=1
changedPaths=$( git diff-tree --name-only origin/$GITHUB_BASE_REF $GITHUB_SHA )
set +e
hasChanges='false'
if [ $(echo "$changedPaths" | grep -c '^force-app') == 1 ]; then
hasChanges='true'
fi
echo "hasChanges=$hasChanges" >> $GITHUB_OUTPUT
# Trigger packaging PR workflow
- name: 'Trigger packaging PR workflow if needed'
uses: peter-evans/repository-dispatch@v3
if: steps.checkForChanges.outputs.hasChanges == 'true'
with:
token: ${{ secrets.BOT_ACCESS_TOKEN }}
event-type: start-packaging-pr
client-payload: '{ "ref": "${{ github.ref }}", "sha": "${{ github.sha }}", "isPrelease": "${{ env.IS_PRERELEASE }}" }'