-
Notifications
You must be signed in to change notification settings - Fork 5k
127 lines (108 loc) · 3.58 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
name: Main
on:
push:
branches:
- main
- master
pull_request:
types:
- opened
- reopened
- synchronize
merge_group:
jobs:
check-workflows:
name: Check workflows
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Download actionlint
id: download-actionlint
run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/7fdc9630cc360ea1a469eed64ac6d78caeda1234/scripts/download-actionlint.bash) 1.6.23
shell: bash
- name: Check workflow files
run: ${{ steps.download-actionlint.outputs.executable }} -color
shell: bash
test-lint-shellcheck:
name: Test lint shellcheck
uses: ./.github/workflows/test-lint-shellcheck.yml
test-lint:
name: Test lint
uses: ./.github/workflows/test-lint.yml
test-lint-changelog:
name: Test lint changelog
uses: ./.github/workflows/test-lint-changelog.yml
test-lint-lockfile:
name: Test lint lockfile
uses: ./.github/workflows/test-lint-lockfile.yml
test-deps-audit:
name: Test deps audit
uses: ./.github/workflows/test-deps-audit.yml
test-yarn-dedupe:
name: Test yarn dedupe
uses: ./.github/workflows/test-yarn-dedupe.yml
test-deps-depcheck:
name: Test deps depcheck
uses: ./.github/workflows/test-deps-depcheck.yml
validate-lavamoat-allow-scripts:
name: Validate lavamoat allow scripts
uses: ./.github/workflows/validate-lavamoat-allow-scripts.yml
validate-lavamoat-policy-build:
name: Validate lavamoat policy build
uses: ./.github/workflows/validate-lavamoat-policy-build.yml
validate-lavamoat-policy-webapp:
name: Validate lavamoat policy webapp
uses: ./.github/workflows/validate-lavamoat-policy-webapp.yml
run-tests:
name: Run tests
uses: ./.github/workflows/run-tests.yml
wait-for-circleci-workflow-status:
name: Wait for CircleCI workflow status
uses: ./.github/workflows/wait-for-circleci-workflow-status.yml
all-jobs-completed:
name: All jobs completed
runs-on: ubuntu-latest
needs:
- check-workflows
- test-lint-shellcheck
- test-lint
- test-lint-changelog
- test-lint-lockfile
- test-yarn-dedupe
- test-deps-depcheck
- validate-lavamoat-allow-scripts
- validate-lavamoat-policy-build
- validate-lavamoat-policy-webapp
- run-tests
- wait-for-circleci-workflow-status
outputs:
PASSED: ${{ steps.set-output.outputs.PASSED }}
steps:
- name: Set PASSED output
id: set-output
run: echo "PASSED=true" >> "$GITHUB_OUTPUT"
all-jobs-pass:
name: All jobs pass
if: ${{ always() }}
runs-on: ubuntu-latest
needs:
- all-jobs-completed
steps:
- name: Check that all jobs have passed
run: |
passed="${{ needs.all-jobs-completed.outputs.PASSED }}"
if [[ $passed != "true" ]]; then
exit 1
fi
log-merge-group-failure:
name: Log merge group failure
# Only run this job if the merge group event fails, skip on forks
if: ${{ github.event_name == 'merge_group' && failure() && !github.event.repository.fork }}
needs:
- all-jobs-pass
uses: metamask/github-tools/.github/workflows/log-merge-group-failure.yml@6bbad335a01fce1a9ec1eabd9515542c225d46c0
secrets:
GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
GOOGLE_SERVICE_ACCOUNT: ${{ secrets.GOOGLE_SERVICE_ACCOUNT }}
SPREADSHEET_ID: ${{ secrets.GOOGLE_MERGE_QUEUE_SPREADSHEET_ID }}
SHEET_NAME: ${{ secrets.GOOGLE_MERGE_QUEUE_SHEET_NAME }}