Skip to content

Commit

Permalink
Use matrix for npm run check:* commands in CI (#1792)
Browse files Browse the repository at this point in the history 
Reduce duplication and the overall size of the CI configuration by using
the fact that all `check:*` commands are more or less identical and can
thus perfectly be used in a matricized CI job.

This also folds the lockfile and manifest checks (`package.json` and
`package-lock.json` in CI) into the main `checks.yml` workflow to
further simplify things (the previous setup was chosen to reduce wasting
CI cycles on checking these when the files didn't change, but the
simplicity of the approach here seems better to me atm).
  • Loading branch information
@ericcornelissen
ericcornelissen authored Dec 1, 2024
1 parent 1ba6991 commit 5f28096
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 338 deletions.
278 changes: 21 additions & 257 deletions .github/workflows/checks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,24 @@ on:
permissions: read-all

jobs:
ci:
name: CI
check:
name: ${{ matrix.what }}
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
what:
- ci
- dependencies
- formatting
- js
- json
- licenses
- lockfile
- manifest
- md
- sh
- yml
steps:
- name: Harden runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
Expand All @@ -32,6 +47,7 @@ jobs:
persist-credentials: false
- name: Install tooling
uses: asdf-vm/actions/install@4f8f7939dd917fc656bb7c3575969a5988c28364 # v3.0.0
if: ${{ matrix.what == 'ci' || matrix.what == 'sh' }}
- name: Install Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
Expand All @@ -40,7 +56,9 @@ jobs:
- name: Install dependencies
run: npm clean-install
- name: Check
run: npm run check:ci
run: npm run "check:${WHAT}"
env:
WHAT: ${{ matrix.what }}
codeql:
name: CodeQL
runs-on: ubuntu-24.04
Expand Down Expand Up @@ -71,196 +89,6 @@ jobs:
languages: javascript
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9
deps:
name: Dependencies
runs-on: ubuntu-24.04
steps:
- name: Harden runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
artifactcache.actions.githubusercontent.com:443
github.com:443
gitlab.com:443
nodejs.org:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
persist-credentials: false
- name: Install Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Check dependencies
if: ${{ failure() || success() }}
run: npm run check:dependencies
- name: Check runtime dependency versions
if: ${{ failure() || success() }}
run: node script/check-runtime-deps.js
format:
name: Formatting
runs-on: ubuntu-24.04
steps:
- name: Harden runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
artifactcache.actions.githubusercontent.com:443
github.com:443
gitlab.com:443
nodejs.org:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
persist-credentials: false
- name: Install Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Check formatting
run: npm run check:formatting
js:
name: JavaScript
runs-on: ubuntu-24.04
steps:
- name: Harden runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
artifactcache.actions.githubusercontent.com:443
github.com:443
gitlab.com:443
nodejs.org:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
persist-credentials: false
- name: Install Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Check
run: npm run check:js
json:
name: JSON
runs-on: ubuntu-24.04
steps:
- name: Harden runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
artifactcache.actions.githubusercontent.com:443
github.com:443
gitlab.com:443
nodejs.org:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
persist-credentials: false
- name: Install Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Check
run: npm run check:json
licenses:
name: Licenses
runs-on: ubuntu-24.04
steps:
- name: Harden runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
artifactcache.actions.githubusercontent.com:443
github.com:443
gitlab.com:443
nodejs.org:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
persist-credentials: false
- name: Install Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Check licenses
run: npm run check:licenses
md:
name: MarkDown
runs-on: ubuntu-24.04
steps:
- name: Harden runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
artifactcache.actions.githubusercontent.com:443
github.com:443
gitlab.com:443
nodejs.org:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
persist-credentials: false
- name: Install Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Check
run: npm run check:md
odgen:
name: ODGen
runs-on: ubuntu-24.04
Expand Down Expand Up @@ -325,39 +153,6 @@ jobs:
npm pack
- name: Verify checksum
run: shasum --check checksums.txt --strict
shell:
name: Shell scripts
runs-on: ubuntu-24.04
steps:
- name: Harden runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
artifactcache.actions.githubusercontent.com:443
github.com:443
gitlab.com:443
nodejs.org:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
persist-credentials: false
- name: Install tooling
uses: asdf-vm/actions/install@4f8f7939dd917fc656bb7c3575969a5988c28364 # v3.0.0
- name: Install Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Check
run: npm run check:sh
test-breakage:
name: Breakage
runs-on: ubuntu-24.04
Expand Down Expand Up @@ -700,34 +495,3 @@ jobs:
run: npm clean-install
- name: Transpile to CommonJS
run: npm run transpile
yaml:
name: YAML
runs-on: ubuntu-24.04
steps:
- name: Harden runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
actions-results-receiver-production.githubapp.com:443
api.github.com:443
artifactcache.actions.githubusercontent.com:443
github.com:443
gitlab.com:443
nodejs.org:443
objects.githubusercontent.com:443
registry.npmjs.org:443
- name: Checkout repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
persist-credentials: false
- name: Install Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
cache: npm
node-version-file: .nvmrc
- name: Install dependencies
run: npm clean-install
- name: Check
run: npm run check:yml
80 changes: 0 additions & 80 deletions .github/workflows/config-npm.yml
View file

This file was deleted.

Loading

0 comments on commit 5f28096

Please sign in to comment.