-
Notifications
You must be signed in to change notification settings - Fork 8
93 lines (91 loc) · 3.09 KB
/
nightly.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
name: Nightly
on:
schedule:
- cron: "0 3 * * *"
workflow_dispatch: ~
permissions: read-all
jobs:
test:
name: Test against latest dependency versions (${{ matrix.name }})
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
- name: MacOS
os: macos-12
- name: Ubuntu
os: ubuntu-22.04
- name: Windows
os: windows-2022
steps:
- name: Harden runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
with:
disable-sudo: false
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
artifactcache.actions.githubusercontent.com:443
azure.archive.ubuntu.com:80
codecov.io:443
github.com:443
gitlab.com:443
nodejs.org:443
objects.githubusercontent.com:443
registry.npmjs.org:443
storage.googleapis.com:443
uploader.codecov.io:443
- name: Checkout repository
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
- name: Install Node.js
uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Bump runtime dependencies to latest compatible
run: |
npm update --omit dev --omit optional --omit peer
npm install
- name: Install csh
if: ${{ matrix.name == 'Ubuntu' }}
run: sudo apt-get --assume-yes install csh
- name: Install Zsh
if: ${{ matrix.name == 'Ubuntu' }}
run: sudo apt-get --assume-yes install zsh
- name: Run integration tests
run: npm run test:integration
- name: Run end-to-end tests
run: npm run test:e2e
tooling:
name: Tool update
runs-on: ubuntu-22.04
permissions:
contents: write # To push a commit
pull-requests: write # To open a Pull Request
steps:
- name: Harden runner
uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
github.com:443
objects.githubusercontent.com:443
- name: Create automation token
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # v2.1.0
id: automation-token
with:
app_id: ${{ secrets.AUTOMATION_APP_ID }}
private_key: ${{ secrets.AUTOMATION_APP_PRIVATE_KEY }}
- name: Update tooling
uses: ericcornelissen/tool-versions-update-action/pr@80dab8d99cefefdcfcc6ad4adbb6bc7a07c39e7f # v0.3.7
with:
labels: dependencies
max: 1
token: ${{ steps.automation-token.outputs.token }}