Poc/pms health checks #14

Workflow file for this run

.github/workflows/health_checks.yml at 9f696b6

	name: health_checks

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main
	workflow_dispatch:

	jobs:
	install:
	strategy:
	matrix:
	# Windows install must happen on the same worker size as subsequent jobs.
	# Larger workers use different drive (C: instead of D:) to check out project and NPM installation
	# creates file system links that include drive letter.
	os: [ubuntu-latest, macos-latest, amplify-backend_windows-latest_8-core]
	runs-on: ${{ matrix.os }}
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/install_with_cache
	build:
	runs-on: ubuntu-latest
	needs:
	- install
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/build_with_cache
	test_with_coverage:
	needs:
	- build
	strategy:
	matrix:
	os: [ubuntu-latest, macos-latest, amplify-backend_windows-latest_8-core]
	runs-on: ${{ matrix.os }}
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_build_cache
	- run: npm run set-script-shell
	- run: npm run test:coverage:threshold
	test_scripts:
	needs:
	- build
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_build_cache
	- run: \|
	npm run set-script-shell
	npm run test:scripts
	test_with_baseline_dependencies:
	needs:
	- install
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_install_cache
	- name: Pin some dependencies to nearest patch and rebuild
	run: \|
	npx tsx scripts/set_baseline_dependency_versions.ts
	npm install
	# print out diff for auditing or troubleshooting
	git diff
	npm run build
	- name: Run unit and integration tests
	run: \|
	npm run set-script-shell
	npm run test
	check_api_changes:
	if: github.event_name == 'pull_request'
	needs:
	- build
	runs-on: ubuntu-latest
	timeout-minutes: 10
	steps:
	- name: Checkout pull request ref
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_build_cache
	- name: Publish packages locally
	timeout-minutes: 2
	run: \|
	npm run start:npm-proxy
	# keep git diff with version increment to make sure test projects resolve right version
	npm run publish:local -- --keepGitDiff
	- name: Checkout base branch
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	with:
	path: base-branch-content
	ref: ${{ github.event.pull_request.base.sha }}
	- name: Check API changes
	run: \|
	mkdir api-validation-projects
	npx tsx scripts/check_api_changes.ts base-branch-content api-validation-projects
	do_include_e2e:
	runs-on: ubuntu-latest
	permissions:
	# This is required so that the step can read the labels on the pull request
	pull-requests: read
	env:
	# The gh cli expects the token at this environment variable
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	outputs:
	run_e2e: ${{ steps.check.outputs.run_e2e }}
	steps:
	- name: Check event is push to main or pull request has run-e2e label
	id: check
	uses: ./.github/actions/tag_trigger_action
	with:
	tag-name: run-e2e
	test-name: run_e2e
	do_include_package_manager_tests:
	runs-on: ubuntu-latest
	permissions:
	# This is required so that the step can read the labels on the pull request
	pull-requests: read
	env:
	# The gh cli expects the token at this environment variable
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	outputs:
	run_package_manager_tests: ${{ steps.check.outputs.run_package_manager_tests }}
	steps:
	- name: Check event is push to main or pull request has run-e2e label
	id: check
	uses: ./.github/actions/tag_trigger_action
	with:
	tag-name: run-package-manager-tests
	test-name: run_package_manager_tests
	run_e2e_tests:
	if: needs.do_include_e2e.outputs.run_e2e == 'true'
	strategy:
	# will finish running other test matrices even if one fails
	fail-fast: false
	matrix:
	os:
	[
	amplify-backend_ubuntu-latest_4-core,
	macos-latest-xl,
	amplify-backend_windows-latest_8-core,
	]
	runs-on: ${{ matrix.os }}
	timeout-minutes: 25
	needs:
	- do_include_e2e
	- build
	permissions:
	# these permissions are required for the configure-aws-credentials action to get a JWT from GitHub
	id-token: write
	contents: read
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_build_cache
	- run: cd packages/cli && npm link
	- name: Configure test tooling credentials
	uses: ./.github/actions/setup_profile
	with:
	role-to-assume: ${{ secrets.E2E_TOOLING_ROLE_ARN }}
	aws-region: us-west-2
	profile-name: e2e-tooling
	- name: Configure test execution credentials
	uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # version 3.0.1
	with:
	role-to-assume: ${{ secrets.E2E_RUNNER_ROLE_ARN }}
	aws-region: us-west-2
	- name: Run E2E tests
	run: npm run e2e
	run_package_manager_tests_tests:
	if: needs.do_include_package_manager_tests.outputs.run_package_manager_tests == 'true'
	strategy:
	# will finish running other test matrices even if one fails
	fail-fast: false
	matrix:
	os: [ubuntu-latest, macos-latest, windows-latest]
	pkg-manager: [npm, yarn-classic, yarn-modern, pnpm]
	node-version: [20]
	exclude:
	- os: windows-latest
	pkg-manager: pnpm
	env:
	PACKAGE_MANAGER: ${{ matrix.pkg-manager }}
	runs-on: ${{ matrix.os }}
	timeout-minutes: 60
	needs:
	- build
	- do_include_package_manager_tests
	permissions:
	# these permissions are required for the configure-aws-credentials action to get a JWT from GitHub
	id-token: write
	contents: read
	steps:
	- name: Checkout aws-amplify/amplify-cli repo
	uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
	- name: Setup Node.js
	uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # version 3.8.1
	with:
	node-version: ${{ matrix.node-version }}
	- name: Restore Build Cache
	uses: ./.github/actions/restore_build_cache
	- name: Configure test tooling credentials
	uses: ./.github/actions/setup_profile
	with:
	role-to-assume: ${{ secrets.E2E_TOOLING_ROLE_ARN }}
	aws-region: us-west-2
	profile-name: e2e-tooling
	- name: Configure test execution credentials
	uses: aws-actions/configure-aws-credentials@04b98b3f9e85f563fb061be8751a0352327246b0 # version 3.0.1
	with:
	role-to-assume: ${{ secrets.E2E_RUNNER_ROLE_ARN }}
	aws-region: us-west-2
	- name: Run E2E flow tests with ${{ matrix.pkg-manager }}
	shell: bash
	run: \|
	PACKAGE_MANAGER=${{matrix.pkg-manager}} npm run test:dir packages/integration-tests/src/package_manager_sanity_checks.test.ts
	lint:
	runs-on: ubuntu-latest
	needs:
	- build
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_build_cache
	- run: npm run lint
	check_dependencies:
	runs-on: ubuntu-latest
	needs:
	- install
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_install_cache
	- run: npm run check:dependencies
	check_tsconfig_refs:
	runs-on: ubuntu-latest
	needs:
	- install
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_install_cache
	- run: npm run check:tsconfig-refs
	check_api_extract:
	runs-on: ubuntu-latest
	needs:
	- build
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_build_cache
	- run: npm run check:api
	docs_build_and_publish:
	runs-on: ubuntu-latest
	needs:
	- build
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_build_cache
	- run: npm run docs
	- if: ${{ github.event_name == 'push' && github.ref_name == 'main' }}
	uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # version 3.9.3
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	publish_dir: ./docs
	publish_branch: docs
	check_pr_size:
	if: github.event_name == 'pull_request'
	runs-on: ubuntu-latest
	needs:
	- install
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_install_cache
	- run: git fetch origin
	- run: npm run diff:check ${{ github.event.pull_request.base.sha }}
	check_pr_has_changeset:
	if: github.event_name == 'pull_request' && github.event.pull_request.user.login != 'github-actions[bot]'
	runs-on: ubuntu-latest
	needs:
	- install
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	with:
	# fetch full history so that changeset can properly compute divergence point
	fetch-depth: 0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_install_cache
	- name: Validate that PR has change set
	run: \|
	npx changeset status --since origin/main
	- name: Validate that change set has necessary dependency updates
	run: \|
	npx changeset version
	npm run check:dependencies
	check_package_versions:
	if: github.event_name == 'pull_request'
	runs-on: ubuntu-latest
	needs:
	- install
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_install_cache
	- run: npm run check:package-versions
	update_or_publish_versions:
	if: ${{ github.event_name == 'push' && github.ref_name == 'main' }}
	needs:
	- build
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	- uses: ./.github/actions/setup_node
	- uses: ./.github/actions/restore_build_cache
	- name: Create release pull request or publish to npm
	uses: changesets/action@f13b1baaa620fde937751f5d2c3572b9da32af23 # version 1.4.5
	with:
	publish: npm run publish
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
	codeql:
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write
	steps:
	- name: Checkout repository
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # version 3.6.0
	with:
	# Minimal depth 2 so we can checkout the commit before possible merge commit.
	fetch-depth: 2
	- name: Initialize CodeQL
	uses: github/codeql-action/init@e4262713b504983e61c7728f5452be240d9385a7 # version 2.14.3
	with:
	languages: javascript
	queries: +security-and-quality
	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@e4262713b504983e61c7728f5452be240d9385a7 # version 2.14.3
	with:
	category: /language:javascript

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Poc/pms health checks #14

Workflow file

Poc/pms health checks #14

Jobs

Run details

Workflow file for this run