Add view evaluations permission #1717
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node | |
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions | |
name: CI | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
workflow_dispatch: | |
inputs: | |
webapp_branch: | |
description: "Webapp branch to test against" | |
required: true | |
permissionapi_branch: | |
description: "Permissions api branch to test against" | |
required: true | |
# Change the below to get your PR CI to run tests against a specific branch | |
# Overrides the input, as inputs always have a default value | |
env: | |
WEBAPP_WORKFLOW_BRANCH: | |
PERMISSION_WORKFLOW_BRANCH: | |
jobs: | |
build-test-env: | |
name: Build test env | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
uses: ./.github/actions/install | |
- name: Run build | |
uses: ./.github/actions/build | |
push-package: | |
name: Push Release candidate package to allow devs to use to test | |
runs-on: ubuntu-latest | |
needs: build-test-env | |
permissions: | |
contents: write | |
pull-requests: write | |
outputs: | |
pkg_version: ${{ steps.publish_pkg.outputs.pkg_version }} | |
webapp_workflow_branch: ${{ steps.set_downstream_repo_branch.outputs.webapp_workflow_branch }} | |
permissionapi_workflow_branch: ${{ steps.set_downstream_repo_branch.outputs.permissionapi_workflow_branch }} | |
steps: | |
- name: Determine downstream repo branch to run tests against | |
id: set_downstream_repo_branch | |
run: | | |
# values of this step's output is used in step test-downstream-apps | |
# strategy/matrix doesn't permit access to env context. very lame... | |
if [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/main" ]]; then | |
echo "webapp_workflow_branch='main'" >> $GITHUB_OUTPUT | |
echo "permissionapi_workflow_branch='main'" >> $GITHUB_OUTPUT | |
elif [[ ${{ github.event_name }} == 'workflow_dispatch' ]]; then | |
echo "webapp_workflow_branch=${{inputs.webapp_branch}}" >> $GITHUB_OUTPUT | |
echo "permissionapi_workflow_branch=${{inputs.permissionapi_branch}}" >> $GITHUB_OUTPUT | |
else | |
echo "webapp_workflow_branch=${WEBAPP_WORKFLOW_BRANCH:-main}" >> $GITHUB_OUTPUT | |
echo "permissionapi_workflow_branch=${PERMISSION_WORKFLOW_BRANCH:-main}" >> $GITHUB_OUTPUT | |
fi | |
- name: Checkout ref of the event that triggered this workflow. (first time run) | |
uses: actions/checkout@v4 | |
- name: Checkout head of merge on re-run | |
uses: actions/checkout@v4 | |
if: github.event_name != 'push' && github.run_attempt > 1 | |
with: | |
ref: refs/pull/${{ github.event.number }}/merge | |
- name: Print out run attempt and pkg version | |
run: | | |
echo "Pkg version before bump - $(cat package.json | jq -r '.version')" | |
echo "run attempt ${{github.run_attempt}}" | |
- name: Restore build cache | |
uses: ./.github/actions/build | |
- name: Package and publish release candidate pkg | |
id: publish_pkg | |
uses: ./.github/actions/package_n_publish | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }} | |
- name: Posting pkg version in comment | |
uses: marocchino/sticky-pull-request-comment@v2 | |
with: | |
header: Pkg version | |
message: | | |
Code ${{ github.sha }} labeled version ${{ steps.publish_pkg.outputs.pkg_version }} | |
test-downstream-apps: | |
name: Run tests in ${{matrix.repo}} | |
if: (github.event_name == 'pull_request' && ( github.event.action == 'opened' || github.event.action == 'synchronize' )) | |
runs-on: ubuntu-latest | |
needs: push-package | |
permissions: | |
pull-requests: write | |
strategy: | |
max-parallel: 2 | |
fail-fast: false | |
matrix: | |
include: | |
- repo: "app.charmverse.io" | |
branch: "${{ needs.push-package.outputs.webapp_workflow_branch }}" | |
workflow_file: "test_new_core_pkg.yml" | |
workflow_payload: | | |
{ "core_pkg_version": "${{ needs.push-package.outputs.pkg_version }}" } | |
- repo: "permissions.charmverse.io" | |
branch: "${{ needs.push-package.outputs.permissionapi_workflow_branch }}" | |
workflow_file: "test_core_pkg.yml" | |
workflow_payload: | | |
{ "core_pkg_version": "${{ needs.push-package.outputs.pkg_version }}" } | |
steps: | |
- name: Trigger tests on repo ${{ matrix.repo }} | |
uses: convictional/[email protected] | |
with: | |
owner: charmverse | |
repo: ${{ matrix.repo }} | |
github_token: ${{ secrets.WORKFLOW_TRIGGER_PAT }} | |
github_user: charmed-bot | |
workflow_file_name: ${{ matrix.workflow_file }} | |
ref: ${{ matrix.branch }} | |
client_payload: ${{ matrix.workflow_payload }} | |
wait_interval: 10 | |
propagate_failure: true | |
trigger_workflow: true | |
wait_workflow: true | |
comment_downstream_url: ${{ github.event.pull_request.comments_url }} | |
tests: | |
name: Run Tests | |
runs-on: ubuntu-latest | |
needs: build-test-env | |
# Postgres setup copied from https://gist.github.com/2color/537f8ef13ecec80059abb007839a6878 | |
services: | |
postgres: | |
image: postgres | |
env: | |
POSTGRES_USER: postgres | |
POSTGRES_PASSWORD: postgres | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
ports: | |
# Maps tcp port 5432 on service container to the host | |
- 5432:5432 | |
strategy: | |
max-parallel: 5 | |
fail-fast: false | |
matrix: | |
include: | |
- test_name: "Basic tests" | |
test_command: "npm run test:ci" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Restore dependencies from cache | |
uses: ./.github/actions/install | |
- name: Setup test database | |
run: npx dotenv -e .env.test.local -- npm run prisma:reset | |
- name: Run ${{matrix.test_name}} | |
run: ${{matrix.test_command}} | |
trigger-pkg-upgrade: | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
name: Bump Core pkg in ${{ matrix.repo }} | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
needs: [push-package, tests] | |
strategy: | |
max-parallel: 2 | |
fail-fast: false | |
matrix: | |
include: | |
- repo: "app.charmverse.io" | |
core_pkg_version: "${{needs.push-package.outputs.pkg_version}}" | |
- repo: "permissions.charmverse.io" | |
core_pkg_version: "${{needs.push-package.outputs.pkg_version}}" | |
steps: | |
- name: Trigger Core pkg update and deploy on repo ${{ matrix.repo }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.CHARMED_BOT_PAT }} | |
run: | | |
set -e | |
echo "Processing ${{matrix.repo}} ${{secrets.CHARMED_BOT_PAT}}" | |
git clone --depth=1 https://[email protected]/charmverse/${{matrix.repo}}.git ~/${{matrix.repo}} | |
cd ~/${{matrix.repo}} | |
# Don't download deps, we don't need them | |
timeout=0 | |
until [ "$timeout" -gt 10 ]; do | |
# if npm install ran ok, break out of loop, else sleep then try again | |
npm install --save --package-lock-only "@charmverse/core@${{needs.push-package.outputs.pkg_version}}" && break; | |
echo "sleep 5 secs then retry install" && ((timeout+=1)) && sleep 5 | |
done | |
if [ "$timeout" -le 10 ]; then | |
git config user.name charmed-bot | |
git config user.email [email protected] | |
git add package-lock.json package.json | |
git commit -m "bump core to v${{needs.push-package.outputs.pkg_version}}" | |
git push | |
fi |