Skip to content

UIIN-3124 cautiously evaluate subpermissions (#2667) #8220

UIIN-3124 cautiously evaluate subpermissions (#2667)

UIIN-3124 cautiously evaluate subpermissions (#2667) #8220

Workflow file for this run

# This workflow will do a clean install of node dependencies, build the source code,
# run unit tests, perform a Sonarqube scan, and publish NPM artifacts from master/main.
# For more information see:
# https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
# Common FOLIO configurable environment variables to set:
# - YARN_TEST_OPTIONS (options to pass to 'yarn test')
# - SQ_ROOT_DIR (root SQ directory to scan relative to top-level directory)
# - PUBLISH_MOD_DESCRIPTOR (boolean 'true' or 'false')
# - COMPILE_TRANSLATION_FILES (boolean 'true' or 'false')
name: buildNPM Snapshot
on: [push, pull_request]
jobs:
github-actions-ci:
env:
YARN_TEST_OPTIONS: ''
SQ_ROOT_DIR: './src'
COMPILE_TRANSLATION_FILES: 'true'
PUBLISH_MOD_DESCRIPTOR: 'true'
FOLIO_NPM_REGISTRY: 'https://repository.folio.org/repository/npm-folioci/'
FOLIO_NPM_REGISTRY_AUTH: '//repository.folio.org/repository/npm-folioci/'
FOLIO_MD_REGISTRY: 'https://folio-registry.dev.folio.org'
NODEJS_VERSION: '18'
JEST_JUNIT_OUTPUT_DIR: 'artifacts/jest-junit'
JEST_COVERAGE_REPORT_DIR: 'artifacts/coverage-jest/lcov-report/'
BIGTEST_JUNIT_OUTPUT_DIR: 'artifacts/runTest'
BIGTEST_COVERAGE_REPORT_DIR: 'artifacts/coverage/lcov-report/'
SQ_LCOV_REPORT: 'artifacts/coverage-jest/lcov.info'
SQ_EXCLUSIONS: '**/platform/alias-service.js,**/docs/**,**/node_modules/**,**/examples/**,**/artifacts/**,**/ci/**,Jenkinsfile,**/LICENSE,**/*.css,**/*.md,**/*.json,**/tests/**,**/stories/*.js,**/test/**,**/.stories.js,**/resources/bigtest/interactors/**,**/resources/bigtest/network/**,**/*-test.js,**/*.test.js,**/*-spec.js,**/karma.conf.js,**/jest.config.js'
runs-on: ubuntu-latest
steps:
- uses: folio-org/checkout@v2
with:
fetch-depth: 0
- name: Setup kernel for react native, increase watchers
run: echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
- name: Use Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODEJS_VERSION }}
check-latest: true
always-auth: true
- name: Set yarn config
run: yarn config set @folio:registry $FOLIO_NPM_REGISTRY
- name: Set FOLIO NPM snapshot version
run: |
git clone https://github.com/folio-org/folio-tools.git
npm --no-git-tag-version version `folio-tools/github-actions-scripts/folioci_npmver.sh`
rm -rf folio-tools
env:
JOB_ID: ${{ github.run_number }}
- name: Run yarn install
run: yarn install --ignore-scripts
- name: Run yarn list
run: yarn list --pattern @folio
- name: Run yarn lint
run: yarn lint
continue-on-error: true
- name: Get number of CPU cores
id: cpu-cores
uses: SimenB/github-actions-cpu-cores@v1
- name: Run yarn test
run: xvfb-run --server-args="-screen 0 1024x768x24" yarn test $YARN_TEST_OPTIONS --max-workers ${{ steps.cpu-cores.outputs.count }}
- name: Run yarn formatjs-compile
if: ${{ env.COMPILE_TRANSLATION_FILES == 'true' }}
run: yarn formatjs-compile
- name: Generate FOLIO module descriptor
if: ${{ env.PUBLISH_MOD_DESCRIPTOR == 'true' }}
run: yarn build-mod-descriptor
- name: Print FOLIO module descriptor
if: ${{ env.PUBLISH_MOD_DESCRIPTOR == 'true' }}
run: cat module-descriptor.json
- name: Publish Jest unit test results
uses: docker://ghcr.io/enricomi/publish-unit-test-result-action:v1
if: always()
with:
github_token: ${{ github.token }}
files: "${{ env.JEST_JUNIT_OUTPUT_DIR }}/*.xml"
check_name: Jest Unit Test Results
comment_mode: update last
comment_title: Jest Unit Test Statistics
- name: Publish Jest coverage report
uses: actions/upload-artifact@v4
if: always()
with:
name: jest-coverage-report
path: ${{ env.JEST_COVERAGE_REPORT_DIR }}
retention-days: 30
- name: Publish yarn.lock
uses: actions/upload-artifact@v4
if: failure()
with:
name: yarn.lock
path: yarn.lock
retention-days: 5
- name: Set default branch as env variable
run: echo "DEFAULT_BRANCH=${{ github.event.repository.default_branch }}" >> $GITHUB_ENV
- name: Fetch branches for SonarCloud
run: git fetch --no-tags ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} +refs/heads/${{ env.DEFAULT_BRANCH }}:refs/remotes/origin/${{ env.DEFAULT_BRANCH }}
- name: Run SonarCloud scan
uses: sonarsource/sonarcloud-github-action@master
with:
args: >
-Dsonar.organization=folio-org
-Dsonar.projectKey=org.folio:${{ github.event.repository.name }}
-Dsonar.projectName=${{ github.event.repository.name }}
-Dsonar.sources=${{ env.SQ_ROOT_DIR }}
-Dsonar.language=js
-Dsonar.javascript.lcov.reportPaths=${{ env.SQ_LCOV_REPORT }}
-Dsonar.exclusions=${{ env.SQ_EXCLUSIONS }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Set up NPM environment for publishing
if: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODEJS_VERSION }}
check-latest: true
always-auth: true
- name: Set _auth in .npmrc
if: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
run: |
npm config set @folio:registry $FOLIO_NPM_REGISTRY
npm config set $FOLIO_NPM_REGISTRY_AUTH:_auth $NODE_AUTH_TOKEN
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Exclude some CI-generated artifacts in package
if: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
run: |
echo "artifacts" >> .npmignore
echo ".github" >> .npmignore
echo ".scannerwork" >> .npmignore
cat .npmignore
- name: Publish NPM
if: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Read module descriptor
if: ${{ env.PUBLISH_MOD_DESCRIPTOR == 'true' && github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
id: moduleDescriptor
uses: juliangruber/read-file-action@v1
with:
path: ./module-descriptor.json
- name: Publish module descriptor
if: ${{ env.PUBLISH_MOD_DESCRIPTOR == 'true' && github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
id: modDescriptorPost
uses: fjogeleit/http-request-action@master
with:
url: ${{ env.FOLIO_MD_REGISTRY }}/_/proxy/modules
method: 'POST'
contentType: 'application/json; charset=utf-8'
customHeaders: '{ "Accept": "application/json; charset=utf-8" }'
data: ${{ steps.moduleDescriptor.outputs.content }}
username: ${{ secrets.FOLIO_REGISTRY_USERNAME }}
password: ${{ secrets.FOLIO_REGISTRY_PASSWORD }}