Merge remote-tracking branch 'origin/main' into feat/lean-form-field-…

…size-s
sbb-design-systems · May 23, 2024 · ed9fcb2 · ed9fcb2
2 parents 66ea6b8 + b4a2006
commit ed9fcb2
Show file tree

Hide file tree

Showing 128 changed files with 4,805 additions and 6,672 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug-report.yml b/.github/ISSUE_TEMPLATE/bug-report.yml
@@ -15,11 +15,11 @@ body:
     attributes:
       label: Preflight Checklist
       options:
-        - label: I have read the [Contributing Guidelines](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
+        - label: I have read the [Contributing Guidelines](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
           required: true
-        - label: I agree to follow the [Code of Conduct](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
+        - label: I agree to follow the [Code of Conduct](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
           required: true
-        - label: I have searched the [issue tracker](https://github.com/orgs/lyne-design-system/projects/4) for an issue that matches the one I want to file, without success.
+        - label: I have searched the [issue tracker](https://github.com/orgs/sbb-design-systems/projects/4) for an issue that matches the one I want to file, without success.
           required: true
   - type: markdown
     attributes:

diff --git a/.github/ISSUE_TEMPLATE/contributing-request.yml b/.github/ISSUE_TEMPLATE/contributing-request.yml
@@ -10,11 +10,11 @@ body:
     attributes:
       label: Preflight Checklist
       options:
-        - label: I have read the [Contributing Guidelines](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
+        - label: I have read the [Contributing Guidelines](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
           required: true
-        - label: I agree to follow the [Code of Conduct](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
+        - label: I agree to follow the [Code of Conduct](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
           required: true
-        - label: I have searched the [issue tracker](https://github.com/orgs/lyne-design-system/projects/4) for an issue that matches the one I want to file, without success.
+        - label: I have searched the [issue tracker](https://github.com/orgs/sbb-design-systems/projects/4) for an issue that matches the one I want to file, without success.
           required: true
   - type: markdown
     attributes:

diff --git a/.github/ISSUE_TEMPLATE/feature-request-or-enhancement.yml b/.github/ISSUE_TEMPLATE/feature-request-or-enhancement.yml
@@ -10,11 +10,11 @@ body:
     attributes:
       label: Preflight Checklist
       options:
-        - label: I have read the [Contributing Guidelines](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
+        - label: I have read the [Contributing Guidelines](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
           required: true
-        - label: I agree to follow the [Code of Conduct](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
+        - label: I agree to follow the [Code of Conduct](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
           required: true
-        - label: I have searched the [issue tracker](https://github.com/orgs/lyne-design-system/projects/4) for an issue that matches the one I want to file, without success.
+        - label: I have searched the [issue tracker](https://github.com/orgs/sbb-design-systems/projects/4) for an issue that matches the one I want to file, without success.
           required: true
   - type: markdown
     attributes:

diff --git a/.github/ISSUE_TEMPLATE/question.yml b/.github/ISSUE_TEMPLATE/question.yml
@@ -10,11 +10,11 @@ body:
     attributes:
       label: Preflight Checklist
       options:
-        - label: I have read the [Contributing Guidelines](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
+        - label: I have read the [Contributing Guidelines](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
           required: true
-        - label: I agree to follow the [Code of Conduct](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
+        - label: I agree to follow the [Code of Conduct](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
           required: true
-        - label: I have searched the [issue tracker](https://github.com/orgs/lyne-design-system/projects/4) for an issue that matches the one I want to file, without success.
+        - label: I have searched the [issue tracker](https://github.com/orgs/sbb-design-systems/projects/4) for an issue that matches the one I want to file, without success.
           required: true
   - type: markdown
     attributes:

diff --git a/.github/SECURITY.md b/.github/SECURITY.md
@@ -12,7 +12,7 @@ Let’s keep things simple –
 
 The _Lyne_ team takes all security concerns in _Lyne Design System_ seriously. Thank you for improving the security of _Lyne_. We appreciate your efforts, responsible disclosure your information and will make every effort to acknowledge your contributions.
 
-If you think you have identified a vulnerability or security related issue within _Lyne Design System_, please report it immediately to esta@sbb.ch. If you are not sure, don’t worry. Better safe than sorry – just send an email.
+If you think you have identified a vulnerability or security related issue within _Lyne Design System_, please report it immediately to 83057a22.sbb.ch@ch.teams.ms. If you are not sure, don’t worry. Better safe than sorry – just send an email.
 
 **Please do not:**
 

diff --git a/.github/default.conf b/.github/default.conf
@@ -2,6 +2,9 @@ tcp_nopush          on;
 tcp_nodelay         on;
 types_hash_max_size 2048;
 
+# Suppresses the nginx version in the Server header.
+server_tokens off;
+
 # Determine if it's a valid origin and set it in the $cors variable.
 map "$http_origin" $cors {
   default '';

diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -2,9 +2,9 @@
 
 <!-- Please ensure you've completed the following steps by replacing [ ] with [x]-->
 
-- [ ] I have read the [Contributing Guidelines](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
-- [ ] I agree to follow the [Code of Conduct](https://github.com/lyne-design-system/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
-- [ ] I have searched the [pull request tracker](https://github.com/lyne-design-system/lyne-components/pulls) for a Pull Request (PR) that matches the one I want to submit, without success.
+- [ ] I have read the [Contributing Guidelines](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CONTRIBUTING.md) for this project.
+- [ ] I agree to follow the [Code of Conduct](https://github.com/sbb-design-systems/lyne-components/blob/main/docs/CODE_OF_CONDUCT.md) that this project adheres to.
+- [ ] I have searched the [pull request tracker](https://github.com/sbb-design-systems/lyne-components/pulls) for a Pull Request (PR) that matches the one I want to submit, without success.
 
 ## Issue
 

diff --git a/.github/workflows/container-image-cleanup.yml b/.github/workflows/container-image-cleanup.yml
@@ -0,0 +1,68 @@
+name: Container Image Cleanup
+
+on:
+  workflow_dispatch: {}
+  schedule:
+    - cron: '0 3 * * *'
+
+permissions:
+  packages: write
+
+jobs:
+  container-image-cleanup:
+    runs-on: ubuntu-latest
+    env:
+      CLOSED_PR_RETENTION_DAYS: 5
+      PACKAGE_NAMES: storybook-preview,visual-regression
+    steps:
+      - uses: actions/github-script@v7
+        with:
+          script: |
+            const { owner, repo } = context.repo;
+            const pullRequests = await github.paginate(
+              github.rest.pulls.list.endpoint.merge({ owner, repo, state: 'all' })
+            );
+            const retentionPivot =
+              new Date(Date.now() - (+process.env.CLOSED_PR_RETENTION_DAYS * 24 * 60 * 60 * 1000));
+            const olderThanTwoWeeks = (date) => new Date(date) < retentionPivot;
+            const isExpiredPrTag = (version) => {
+              const prNumber = +version.metadata?.container?.tags
+                ?.find((t) => t.match(/(preview-pr|pr)(\d+)/))?.match(/(preview-pr|pr)(\d+)/)[2];
+              const pr = pullRequests.find((p) => p.number === prNumber);
+              return !!prNumber && pr?.state === 'closed' && olderThanTwoWeeks(pr.closed_at);
+            };
+
+            const packageNames = process.env.PACKAGE_NAMES.split(',').map((n) => n.trim());
+            let packageDeletionFailed = false;
+            for (const packageName of packageNames) {
+              const params = {
+                package_type: 'container',
+                package_name: `${repo}/${packageName}`,
+                username: owner
+              };
+              const { data: versions } = await github.rest.packages.getAllPackageVersionsForPackageOwnedByUser(params);
+              for (const version of versions.filter(isExpiredPrTag)) {
+                try {
+                  await github.rest.packages.deletePackageVersionForUser({ ...params, package_version_id: version.id });
+                  console.log(`Deleted ${version.name} (${version.metadata.container.tags.join(', ')})`);
+                } catch(e) {
+                  console.error(`Failed to delete ${version.name} (${version.metadata.container.tags.join(', ')})`);
+                  console.error(e);
+                  packageDeletionFailed = true;
+                }
+              }
+            }
+
+            if (packageDeletionFailed) {
+              throw new Error('A package deletion failed, please check the log.');
+            }
+      - uses: actions/delete-package-versions@v4
+        with:
+          package-name: lyne-components/storybook-preview
+          package-type: container
+          delete-only-untagged-versions: 'true'
+      - uses: actions/delete-package-versions@v4
+        with:
+          package-name: lyne-components/visual-regression
+          package-type: container
+          delete-only-untagged-versions: 'true'
diff --git a/.github/workflows/continuous-integration-secure.yml b/.github/workflows/continuous-integration-secure.yml
@@ -14,7 +14,7 @@ env:
   PR_NUMBER: ${{ github.event.workflow_run.pull_requests[0] != null && github.event.workflow_run.pull_requests[0].number || '' }}
   VISUAL_REQUIRED: 'pr: visual review required'
   VISUAL_APPROVED: 'pr: visual review approved'
-  DIFF_URL: https://lyne-visual-regression-diff-pr{}.app.sbb.ch
+  DIFF_URL: https://lyne-components-visual-regression-diff-pr{}.app.sbb.ch
 
 jobs:
   preview-image:
@@ -46,7 +46,7 @@ jobs:
         uses: actions/github-script@v7
         with:
           script: |
-            const environment = process.env.PR_NUMBER ? `preview-pr${process.env.PR_NUMBER}` : 'main';
+            const environment = process.env.PR_NUMBER ? `pr${process.env.PR_NUMBER}` : 'main';
             const payload = { owner: context.repo.owner, repo: context.repo.repo, environment };
             const { data: deployment } = await github.rest.repos.createDeployment({
               ...payload,
@@ -126,24 +126,40 @@ jobs:
           path: dist/screenshots/
           run-id: ${{ github.event.workflow_run.id }}
           github-token: ${{ secrets.GH_ACTIONS_ARTIFACT_DOWNLOAD }}
+      - name: Remove .keep file
+        run: rm dist/screenshots/.keep
 
-      - name: Build diff-app
-        run: yarn build:diff-app
+      - name: Build visual-regression-app
+        run: yarn build:visual-regression-app
 
       - name: Create check if changed
         uses: actions/github-script@v7
         id: screenshot-check
         with:
           script: |
             const { readdirSync, readFileSync } = await import('fs');
+            const diffUrl = process.env.DIFF_URL.replace('{}', process.env.PR_NUMBER);
+            const diffInfo = JSON.parse(readFileSync('dist/visual-regression-app/diff.json', 'utf8'));
+            const createCheck = async (success) => await github.rest.checks.create({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              name: 'Visual Regression',
+              head_sha: context.payload.workflow_run.head_sha,
+              details_url: diffUrl,
+              output: {
+                title: `Visual Regression ${success ? 'Success' : `Failed (${diffInfo.changedAmount + diffInfo.newAmount})`}`,
+                summary: diffUrl,
+                text: `Changes: ${diffInfo.changedAmount}\nNew: ${diffInfo.newAmount}`,
+              },
+              ...(success ? { status: 'completed', conclusion: 'success' } : { status: 'in_progress' }),
+            });
 
             // If we have no screenshots, we do not need to create a check or containers.
             if (!readdirSync('dist/screenshots').length) {
+              await createCheck(true);
               return 'empty';
             }
 
-            const diffUrl = process.env.DIFF_URL.replace('{}', process.env.PR_NUMBER);
-            const diffInfo = JSON.parse(readFileSync('dist/diff.json', 'utf8'));
             let previousDiffInfo = {};
             try {
               const response = await fetch(diffUrl + 'diff.json');
@@ -152,26 +168,10 @@ jobs:
               }
             } catch {}
 
-            // If the diff hash is the same as previously, we do not need to update the state or containers.
-            if (diffInfo.hash === previousDiffInfo.hash) {
-              return 'no-change';
-            }
+            await createCheck(false);
 
-            const { data: deployment } = await github.rest.checks.create(({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              name: 'Visual Regression Check',
-              head_sha: context.payload.workflow_run.head_sha,
-              status: 'in_progress',
-              details_url: diffUrl,
-              output: {
-                title: 'Visual Regression Check',
-                summary: diffUrl,
-                text: `Changes: ${diffInfo.changedAmount}\nNew: ${diffInfo.newAmount}`,
-              }
-            });
-
-            return 'changed';
+            // If the diff hash is the same as previously, we do not need to update the state or containers.
+            return diffInfo.hash === previousDiffInfo.hash ? 'no-change' : 'changed';
           result-encoding: string
 
       - name: Remove labels when no failed screenshots exist
@@ -184,7 +184,10 @@ jobs:
         if: steps.screenshot-check.outputs.result == 'changed'
         run: |
           echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin
-          docker build --tag $IMAGE_REPO_VISUAL_REGRESSION:pr$PR_NUMBER .
+          docker build \
+            --file tools/visual-regression-testing/Dockerfile \
+            --tag $IMAGE_REPO_VISUAL_REGRESSION:pr$PR_NUMBER \
+            .
           docker push $IMAGE_REPO_VISUAL_REGRESSION:pr$PR_NUMBER
 
           gh issue edit $PR_NUMBER --remove-label "$VISUAL_APPROVED"

diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml
@@ -7,6 +7,9 @@ concurrency:
 
 permissions: read-all
 
+env:
+  IMAGE_REPO_VISUAL_REGRESSION: ghcr.io/${{ github.repository }}/visual-regression
+
 jobs:
   lint:
     runs-on: ubuntu-latest
@@ -23,6 +26,7 @@ jobs:
 
   integrity:
     runs-on: ubuntu-latest
+    needs: lint
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
@@ -38,6 +42,7 @@ jobs:
 
   test:
     runs-on: ubuntu-latest
+    needs: lint
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
@@ -63,6 +68,7 @@ jobs:
 
   build:
     runs-on: ubuntu-latest
+    needs: lint
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
@@ -138,8 +144,6 @@ jobs:
           result-encoding: string
       - name: Create versioned storybook for chromatic
         run: STORYBOOK_COMPONENTS_VERSION=${{ steps.version.outputs.result }} yarn build:storybook
-        env:
-          CHROMATIC: true
       - name: Publish to Chromatic
         id: chromatic-publish
         uses: chromaui/action@v1
@@ -151,3 +155,71 @@ jobs:
           zip: true
           onlyChanged: true
           externals: '**/components/core/styles/**/*.scss'
+
+  visual-regression:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    needs: test
+    services:
+      visual-regression:
+        image: ghcr.io/${{ github.repository }}/visual-regression:baseline
+        ports:
+          - 8050:8080
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version-file: .nvmrc
+          cache: yarn
+      - run: yarn install --frozen-lockfile --non-interactive
+
+      - name: Install browser dependencies
+        run: yarn playwright install-deps
+      - name: Run visual regression tests
+        run: yarn test:visual-regression
+        env:
+          NODE_ENV: production
+      - name: Store visual regression output
+        uses: actions/upload-artifact@v4
+        with:
+          name: visual-regression-screenshots
+          path: dist/screenshots-artifact/
+
+  visual-regression-baseline:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    needs: lint
+    services:
+      visual-regression:
+        image: ghcr.io/${{ github.repository }}/visual-regression:baseline
+        ports:
+          - 8080:8050
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version-file: .nvmrc
+          cache: yarn
+      - run: yarn install --frozen-lockfile --non-interactive
+
+      - name: Install browser dependencies
+        run: yarn playwright install-deps
+      - name: Run visual regression baseline generation
+        run: yarn test:visual-regression --update-visual-baseline
+        env:
+          NODE_ENV: production
+      - name: Build visual-regression-app
+        run: yarn build:visual-regression-app
+
+      - name: Build and push visual regression baseline
+        run: |
+          echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin
+          docker build \
+            --file tools/visual-regression-testing/Dockerfile \
+            --tag $IMAGE_REPO_VISUAL_REGRESSION:baseline \
+            .
+          docker push $IMAGE_REPO_VISUAL_REGRESSION:baseline
+        env:
+          DOCKER_BUILDKIT: 1