mirror of
https://github.com/github/codeql-action.git
synced 2026-01-01 20:20:07 +08:00
ceea66834a
Refactor the PR checks workflow into two workflows: PR checks and Runner checks. This does not change the actual check jobs that are run. It also does not change the expected check names (which rely only on the job name, not the workflow name). This makes it easier to inspect workflow run summaries in the UI and to separately retry subsets of failed jobs in case of flakiness. In future we will clean up the Runner checks, since this is a deprecated component.
100 lines
3.0 KiB
YAML
100 lines
3.0 KiB
YAML
name: PR Checks
|
|
|
|
on:
|
|
push:
|
|
branches: [main, releases/v1, releases/v2]
|
|
pull_request:
|
|
# Run checks on reopened draft PRs to support triggering PR checks on draft PRs that were opened
|
|
# by other workflows.
|
|
types: [opened, synchronize, reopened, ready_for_review]
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
check-js:
|
|
name: Check JS
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 45
|
|
|
|
strategy:
|
|
fail-fast: true
|
|
matrix:
|
|
node-types-version: [12.12, current]
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Lint
|
|
run: npm run-script lint
|
|
|
|
- name: Update version of @types/node
|
|
if: matrix.node-types-version != 'current'
|
|
env:
|
|
NODE_TYPES_VERSION: ${{ matrix.node-types-version }}
|
|
run: |
|
|
# Export `NODE_TYPES_VERSION` so it's available to jq
|
|
export NODE_TYPES_VERSION="${NODE_TYPES_VERSION}"
|
|
contents=$(jq '.devDependencies."@types/node" = env.NODE_TYPES_VERSION' package.json)
|
|
echo "${contents}" > package.json
|
|
# Usually we run `npm install` on macOS to ensure that we pick up macOS-only dependencies.
|
|
# However we're not checking in the updated lockfile here, so it's fine to run
|
|
# `npm install` on Linux.
|
|
npm install
|
|
|
|
if [ ! -z "$(git status --porcelain)" ]; then
|
|
git config --global user.email "github-actions@github.com"
|
|
git config --global user.name "github-actions[bot]"
|
|
# The period in `git add --all .` ensures that we stage deleted files too.
|
|
git add --all .
|
|
git commit -m "Use @types/node=${NODE_TYPES_VERSION}"
|
|
fi
|
|
|
|
- name: Check generated JS
|
|
run: .github/workflows/script/check-js.sh
|
|
|
|
check-node-modules:
|
|
name: Check modules up to date
|
|
runs-on: macos-latest
|
|
timeout-minutes: 45
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: Check node modules up to date
|
|
run: .github/workflows/script/check-node-modules.sh
|
|
|
|
verify-pr-checks:
|
|
name: Verify PR checks up to date
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 45
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v3
|
|
with:
|
|
python-version: 3.8
|
|
- name: Install dependencies
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install ruamel.yaml
|
|
- name: Verify PR checks up to date
|
|
run: .github/workflows/script/verify-pr-checks.sh
|
|
|
|
npm-test:
|
|
name: Unit Test
|
|
needs: [check-js, check-node-modules]
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest, macos-latest, windows-latest]
|
|
runs-on: ${{ matrix.os }}
|
|
timeout-minutes: 45
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: npm test
|
|
run: |
|
|
# Run any commands referenced in package.json using Bash, otherwise
|
|
# we won't be able to find them on Windows.
|
|
npm config set script-shell bash
|
|
npm test
|