-
Notifications
You must be signed in to change notification settings - Fork 27
280 lines (256 loc) · 8.71 KB
/
ci.yml
File metadata and controls
280 lines (256 loc) · 8.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
name: CI
on:
workflow_dispatch:
pull_request:
push:
branches:
- main
tags:
- '*'
schedule:
- cron: '0 8 * * *'
jobs:
lockfile:
name: Lockfile guard
runs-on: ubuntu-latest
if: github.event_name == 'pull_request' || github.event_name == 'push'
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Ensure yarn.lock matches dependency changes
env:
BASE_SHA: ${{ github.event.pull_request.base.sha || github.event.before }}
HEAD_SHA: ${{ github.sha }}
run: |
set -euo pipefail
base="${BASE_SHA:-}"
head="${HEAD_SHA:-}"
if [ -z "$base" ] || [ "$base" = "0000000000000000000000000000000000000000" ]; then
echo "No base sha available; skipping lockfile guard."
exit 0
fi
node <<'NODE'
const { execSync } = require('node:child_process')
const base = process.env.BASE_SHA
const head = process.env.HEAD_SHA
const depKeys = [
'dependencies',
'devDependencies',
'peerDependencies',
'optionalDependencies',
]
const diffNames = execSync(`git diff --name-only ${base} ${head}`, {
encoding: 'utf8',
})
.trim()
.split('\n')
.filter(Boolean)
const packageFiles = diffNames.filter((file) => {
if (!file.endsWith('package.json')) {
return false
}
return !file.startsWith('docs/fingerprint/')
})
const lockfileChanged = diffNames.includes('yarn.lock')
if (packageFiles.length === 0) {
process.exit(0)
}
const hasDependencyChanges = packageFiles.some((file) => {
let before = {}
let after = {}
try {
before = JSON.parse(execSync(`git show ${base}:${file}`, { encoding: 'utf8' }))
} catch {
return true
}
try {
after = JSON.parse(execSync(`git show ${head}:${file}`, { encoding: 'utf8' }))
} catch {
return true
}
return depKeys.some((key) => {
const lhs = before[key] ?? {}
const rhs = after[key] ?? {}
return JSON.stringify(lhs) !== JSON.stringify(rhs)
})
})
if (hasDependencyChanges && !lockfileChanged) {
console.error('yarn.lock must be updated when dependency ranges change in package.json.')
process.exit(1)
}
NODE
pack:
name: Build package
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 22
- run: corepack yarn
- run: corepack yarn run pack
- uses: actions/upload-artifact@v7
with:
name: package
path: '*.tgz'
verify:
name: Verify (fast)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 24
- run: corepack yarn
- run: corepack yarn verify
verify-full:
name: Verify (full)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 24
- run: corepack yarn
- run: corepack yarn verify:full
release-dry-run:
name: Release dry run
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- uses: actions/setup-node@v6
with:
node-version: 22
registry-url: https://registry.npmjs.org
- run: npm install -g npm@11.5.1
- run: corepack yarn
- run: corepack yarn tsc:utils
- run: corepack yarn tsc:zod
- run: corepack yarn tsc:node
- run: corepack yarn changeset:version:release
- run: corepack yarn release:pack:dry-run
unit:
name: Unit tests (Node ${{ matrix.node }})
runs-on: ubuntu-latest
strategy:
matrix:
node:
- 20
- 22
- 24
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: ${{ matrix.node }}
- run: corepack yarn
# Root unit tests execute TypeScript scripts via Node's strip-types support.
# Keep those on Node 24+; Node 20/22 only run @transloadit/node unit tests.
- run: corepack yarn test:unit
if: matrix.node == 24
- run: corepack yarn workspace @transloadit/node test:unit
if: matrix.node != 24
- name: Upload coverage reports artifact
if: matrix.node == 24
uses: actions/upload-artifact@v7
with:
name: coverage-reports
path: packages/node/coverage/
e2e:
name: E2E tests
# Run on push/schedule/dispatch, or on PRs only if from same repo (not forks)
# This protects secrets from being exposed to fork PRs
if: >
github.event_name != 'pull_request' ||
github.event.pull_request.head.repo.full_name == github.repository
runs-on: ubuntu-latest
env:
NODE_OPTIONS: --trace-deprecation --trace-warnings
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 24
- run: corepack yarn
- name: Download cloudflared
run: |
curl -fsSL --retry 5 --retry-all-errors --retry-delay 2 -o cloudflared-linux-amd64 https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64
chmod +x cloudflared-linux-amd64
# can be used for debugging:
# - name: Setup tmate session
# uses: mxschmitt/action-tmate@v3
- run: corepack yarn test
env:
CLOUDFLARED_PATH: ${{ github.workspace }}/cloudflared-linux-amd64
DEBUG: 'transloadit:*'
TRANSLOADIT_KEY: ${{ secrets.TRANSLOADIT_KEY }}
TRANSLOADIT_SECRET: ${{ secrets.TRANSLOADIT_SECRET }}
- name: Run MCP server e2e tests
run: corepack yarn workspace @transloadit/mcp-server test:e2e
- name: Run notify-url-relay real e2e test
run: corepack yarn workspace @transloadit/notify-url-relay test:real
env:
TRANSLOADIT_KEY: ${{ secrets.TRANSLOADIT_KEY }}
TRANSLOADIT_SECRET: ${{ secrets.TRANSLOADIT_SECRET }}
TRANSLOADIT_ENDPOINT: ${{ secrets.TRANSLOADIT_ENDPOINT }}
- name: Generate the badge from the json-summary
run: node --experimental-strip-types packages/node/test/generate-coverage-badge.ts packages/node/coverage/coverage-summary.json
- name: Move HTML report and badge to the correct location
run: |
mv packages/node/coverage/lcov-report static-build
mv coverage-badge.svg static-build/
# *** BEGIN PUBLISH STATIC SITE STEPS ***
# Use the standard checkout action to check out the destination repo to a separate directory
# See https://github.com/mifi/github-action-push-static
- uses: actions/checkout@v6
with:
ssh-key: ${{ secrets.COVERAGE_REPO_SSH_PRIVATE_KEY }}
repository: transloadit/node-sdk-coverage
path: static-files-destination
# Push coverage data
- run: |
git config --global user.name github-actions
git config --global user.email github-actions@github.com
# Remove existing files:
rm -rf static-files-destination/*
# Replace with new files:
cp -a static-build/* static-files-destination/
cd static-files-destination
git add .
# git diff-index: to avoid doing the git commit failing if there are no changes to be commit
git diff-index --quiet HEAD || git commit --message 'Static file updates'
git push
coverage:
name: Upload coverage
needs: unit
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/checkout@v6
- uses: actions/download-artifact@v8
with:
name: coverage-reports
path: coverage
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v6
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./coverage/lcov.info
flags: unittests
name: node-sdk
fail_ci_if_error: true
slack-on-failure:
name: Slack notification
needs: [e2e]
if: ${{ failure() && github.ref == 'refs/heads/main' }}
runs-on: ubuntu-latest
steps:
- uses: 8398a7/action-slack@v3
with:
status: failure
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}