From 28148fe9a44d95cd3a2488ff44858a74f0356f75 Mon Sep 17 00:00:00 2001 From: rory Date: Mon, 20 Nov 2023 11:52:02 -0700 Subject: [PATCH 1/2] Use relative paths for our own actions --- .github/workflows/cherryPick.yml | 8 +++---- .github/workflows/createDeployChecklist.yml | 2 +- .github/workflows/createNewVersion.yml | 6 ++--- .github/workflows/deploy.yml | 8 +++---- .github/workflows/deployExpensifyHelp.yml | 2 +- .github/workflows/e2ePerformanceTests.yml | 16 +++++++------- .github/workflows/finishReleaseCycle.yml | 20 ++++++++--------- .github/workflows/lint.yml | 2 +- .github/workflows/lockDeploys.yml | 4 ++-- .github/workflows/platformDeploy.yml | 18 +++++++-------- .github/workflows/preDeploy.yml | 22 +++++++++++-------- .../workflows/reassurePerformanceTests.yml | 4 ++-- .github/workflows/reviewerChecklist.yml | 4 +++- .github/workflows/test.yml | 6 ++--- .github/workflows/testBuild.yml | 18 +++++++-------- .github/workflows/typecheck.yml | 2 +- .github/workflows/validateDocsRoutes.yml | 2 +- .github/workflows/validateGithubActions.yml | 2 +- .github/workflows/verifyPodfile.yml | 4 +++- .github/workflows/verifySignedCommits.yml | 4 +++- 20 files changed, 82 insertions(+), 72 deletions(-) diff --git a/.github/workflows/cherryPick.yml b/.github/workflows/cherryPick.yml index 92480a94ba53..dd2c92e95568 100644 --- a/.github/workflows/cherryPick.yml +++ b/.github/workflows/cherryPick.yml @@ -27,7 +27,7 @@ jobs: createNewVersion: needs: validateActor if: ${{ fromJSON(needs.validateActor.outputs.IS_DEPLOYER) }} - uses: Expensify/App/.github/workflows/createNewVersion.yml@main + uses: ./.github/workflows/createNewVersion.yml secrets: inherit cherryPick: @@ -42,7 +42,7 @@ jobs: - name: Set up git for OSBotify id: setupGitForOSBotify - uses: Expensify/App/.github/actions/composite/setupGitForOSBotifyApp@8c19d6da4a3d7ce3b15c9cd89a802187d208ecab + uses: ./.github/actions/composite/setupGitForOSBotifyApp with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} @@ -50,7 +50,7 @@ jobs: - name: Get previous app version id: getPreviousVersion - uses: Expensify/App/.github/actions/javascript/getPreviousVersion@main + uses: ./.github/actions/javascript/getPreviousVersion with: SEMVER_LEVEL: "PATCH" @@ -67,7 +67,7 @@ jobs: - name: Get merge commit for pull request to CP id: getCPMergeCommit - uses: Expensify/App/.github/actions/javascript/getPullRequestDetails@main + uses: ./.github/actions/javascript/getPullRequestDetails with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} USER: ${{ github.actor }} diff --git a/.github/workflows/createDeployChecklist.yml b/.github/workflows/createDeployChecklist.yml index 0287265155e7..dde65f5a1503 100644 --- a/.github/workflows/createDeployChecklist.yml +++ b/.github/workflows/createDeployChecklist.yml @@ -16,7 +16,7 @@ jobs: - name: Set up git for OSBotify id: setupGitForOSBotify - uses: Expensify/App/.github/actions/composite/setupGitForOSBotifyApp@8c19d6da4a3d7ce3b15c9cd89a802187d208ecab + uses: ./.github/actions/composite/setupGitForOSBotifyApp with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} diff --git a/.github/workflows/createNewVersion.yml b/.github/workflows/createNewVersion.yml index 812ec200bd88..5f7f95e102e3 100644 --- a/.github/workflows/createNewVersion.yml +++ b/.github/workflows/createNewVersion.yml @@ -76,7 +76,7 @@ jobs: token: ${{ secrets.OS_BOTIFY_COMMIT_TOKEN }} - name: Setup git for OSBotify - uses: Expensify/App/.github/actions/composite/setupGitForOSBotifyApp@8c19d6da4a3d7ce3b15c9cd89a802187d208ecab + uses: ./.github/actions/composite/setupGitForOSBotifyApp id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} @@ -85,7 +85,7 @@ jobs: - name: Generate version id: bumpVersion - uses: Expensify/App/.github/actions/javascript/bumpVersion@main + uses: ./.github/actions/javascript/bumpVersion with: GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} SEMVER_LEVEL: ${{ inputs.SEMVER_LEVEL }} @@ -105,6 +105,6 @@ jobs: - name: Announce failed workflow in Slack if: ${{ failure() }} - uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main + uses: ./.github/actions/composite/announceFailedWorkflowInSlack with: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 6b32ac2e2616..f6deaae963e4 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -15,7 +15,7 @@ jobs: ref: staging token: ${{ secrets.OS_BOTIFY_TOKEN }} - - uses: Expensify/App/.github/actions/composite/setupGitForOSBotifyApp@8c19d6da4a3d7ce3b15c9cd89a802187d208ecab + - uses: ./.github/actions/composite/setupGitForOSBotifyApp id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} @@ -38,7 +38,7 @@ jobs: ref: production token: ${{ secrets.OS_BOTIFY_TOKEN }} - - uses: Expensify/App/.github/actions/composite/setupGitForOSBotifyApp@8c19d6da4a3d7ce3b15c9cd89a802187d208ecab + - uses: ./.github/actions/composite/setupGitForOSBotifyApp id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} @@ -50,7 +50,7 @@ jobs: - name: Get Release Pull Request List id: getReleasePRList - uses: Expensify/App/.github/actions/javascript/getDeployPullRequestList@main + uses: ./.github/actions/javascript/getDeployPullRequestList with: TAG: ${{ env.PRODUCTION_VERSION }} GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} @@ -58,7 +58,7 @@ jobs: - name: Generate Release Body id: getReleaseBody - uses: Expensify/App/.github/actions/javascript/getReleaseBody@main + uses: ./.github/actions/javascript/getReleaseBody with: PR_LIST: ${{ steps.getReleasePRList.outputs.PR_LIST }} diff --git a/.github/workflows/deployExpensifyHelp.yml b/.github/workflows/deployExpensifyHelp.yml index 7b9b7479f496..82cd62c5e832 100644 --- a/.github/workflows/deployExpensifyHelp.yml +++ b/.github/workflows/deployExpensifyHelp.yml @@ -32,7 +32,7 @@ jobs: uses: actions/checkout@v4 - name: Setup NodeJS - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Create docs routes file run: ./.github/scripts/createDocsRoutes.sh diff --git a/.github/workflows/e2ePerformanceTests.yml b/.github/workflows/e2ePerformanceTests.yml index 318198981097..016fe89ccfce 100644 --- a/.github/workflows/e2ePerformanceTests.yml +++ b/.github/workflows/e2ePerformanceTests.yml @@ -49,7 +49,7 @@ jobs: - name: Checkout latest main commit (TODO temporary until new version is released) run: git switch --detach main - - uses: Expensify/App/.github/actions/composite/setupNode@main + - uses: ./.github/actions/composite/setupNode - uses: ruby/setup-ruby@a05e47355e80e57b9a67566a813648fa67d92011 with: @@ -64,7 +64,7 @@ jobs: - name: Build APK run: npm run android-build-e2e shell: bash - + - name: Upload APK uses: actions/upload-artifact@65d862660abb392b8c4a3d1195a2108db131dd05 with: @@ -82,7 +82,7 @@ jobs: - name: Get pull request details id: getPullRequestDetails - uses: Expensify/App/.github/actions/javascript/getPullRequestDetails@main + uses: ./.github/actions/javascript/getPullRequestDetails with: GITHUB_TOKEN: ${{ github.token }} PULL_REQUEST_NUMBER: ${{ inputs.PR_NUMBER }} @@ -136,13 +136,13 @@ jobs: with: ruby-version: "2.7" bundler-cache: true - + - uses: gradle/gradle-build-action@3fbe033aaae657f011f88f29be9e65ed26bd29ef - + - name: Build APK run: npm run android-build-e2edelta shell: bash - + - name: Upload APK uses: actions/upload-artifact@65d862660abb392b8c4a3d1195a2108db131dd05 with: @@ -157,7 +157,7 @@ jobs: - uses: actions/checkout@v4 - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Make zip directory for everything to send to AWS Device Farm run: mkdir zip @@ -190,7 +190,7 @@ jobs: run: zip -qr App.zip ./zip - name: Configure AWS Credentials - uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main + uses: ./.github/actions/composite/configureAwsCredentials with: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/finishReleaseCycle.yml b/.github/workflows/finishReleaseCycle.yml index 6c3f3dfd7603..7fb5feaf6084 100644 --- a/.github/workflows/finishReleaseCycle.yml +++ b/.github/workflows/finishReleaseCycle.yml @@ -18,7 +18,7 @@ jobs: ref: main token: ${{ secrets.OS_BOTIFY_TOKEN }} - - uses: Expensify/App/.github/actions/composite/setupGitForOSBotifyApp@8c19d6da4a3d7ce3b15c9cd89a802187d208ecab + - uses: ./.github/actions/composite/setupGitForOSBotifyApp id: setupGitForOSBotify with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} @@ -38,7 +38,7 @@ jobs: - name: Reopen and comment on issue (not a team member) if: ${{ !fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }} - uses: Expensify/App/.github/actions/javascript/reopenIssueWithComment@main + uses: ./.github/actions/javascript/reopenIssueWithComment with: GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} ISSUE_NUMBER: ${{ github.event.issue.number }} @@ -49,14 +49,14 @@ jobs: - name: Check for any deploy blockers if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) }} id: checkDeployBlockers - uses: Expensify/App/.github/actions/javascript/checkDeployBlockers@main + uses: ./.github/actions/javascript/checkDeployBlockers with: GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} ISSUE_NUMBER: ${{ github.event.issue.number }} - name: Reopen and comment on issue (has blockers) if: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS || 'false') }} - uses: Expensify/App/.github/actions/javascript/reopenIssueWithComment@main + uses: ./.github/actions/javascript/reopenIssueWithComment with: GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }} ISSUE_NUMBER: ${{ github.event.issue.number }} @@ -66,7 +66,7 @@ jobs: - name: Announce failed workflow in Slack if: ${{ failure() }} - uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main + uses: ./.github/actions/composite/announceFailedWorkflowInSlack with: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} @@ -84,7 +84,7 @@ jobs: - name: Setup Git for OSBotify id: setupGitForOSBotify - uses: Expensify/App/.github/actions/composite/setupGitForOSBotifyApp@8c19d6da4a3d7ce3b15c9cd89a802187d208ecab + uses: ./.github/actions/composite/setupGitForOSBotifyApp with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} @@ -100,7 +100,7 @@ jobs: - name: Announce failed workflow in Slack if: ${{ failure() }} - uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main + uses: ./.github/actions/composite/announceFailedWorkflowInSlack with: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} @@ -108,7 +108,7 @@ jobs: createNewPatchVersion: needs: validate if: ${{ fromJSON(needs.validate.outputs.isValid) }} - uses: Expensify/App/.github/workflows/createNewVersion.yml@main + uses: ./.github/workflows/createNewVersion.yml secrets: inherit with: SEMVER_LEVEL: PATCH @@ -125,7 +125,7 @@ jobs: token: ${{ secrets.OS_BOTIFY_TOKEN }} - name: Setup Git for OSBotify - uses: Expensify/App/.github/actions/composite/setupGitForOSBotifyApp@8c19d6da4a3d7ce3b15c9cd89a802187d208ecab + uses: ./.github/actions/composite/setupGitForOSBotifyApp with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} @@ -141,6 +141,6 @@ jobs: - name: Announce failed workflow in Slack if: ${{ failure() }} - uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main + uses: ./.github/actions/composite/announceFailedWorkflowInSlack with: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 22a60992e7c7..33c850823413 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -16,7 +16,7 @@ jobs: uses: actions/checkout@v4 - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Lint JavaScript and Typescript with ESLint run: npm run lint diff --git a/.github/workflows/lockDeploys.yml b/.github/workflows/lockDeploys.yml index 6a2812a4f92a..d73f982a47cb 100644 --- a/.github/workflows/lockDeploys.yml +++ b/.github/workflows/lockDeploys.yml @@ -16,7 +16,7 @@ jobs: token: ${{ secrets.OS_BOTIFY_TOKEN }} - name: Wait for staging deploys to finish - uses: Expensify/App/.github/actions/javascript/awaitStagingDeploys@main + uses: ./.github/actions/javascript/awaitStagingDeploys with: GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} @@ -30,6 +30,6 @@ jobs: - name: Announce failed workflow if: ${{ failure() }} - uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main + uses: ./.github/actions/composite/announceFailedWorkflowInSlack with: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/platformDeploy.yml b/.github/workflows/platformDeploy.yml index 7cf6523ce908..291bd80816b9 100644 --- a/.github/workflows/platformDeploy.yml +++ b/.github/workflows/platformDeploy.yml @@ -54,7 +54,7 @@ jobs: run: ./scripts/setup-mapbox-sdk.sh ${{ secrets.MAPBOX_SDK_DOWNLOAD_TOKEN }} - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Setup Ruby uses: ruby/setup-ruby@a05e47355e80e57b9a67566a813648fa67d92011 @@ -135,7 +135,7 @@ jobs: uses: actions/checkout@v4 - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Decrypt Developer ID Certificate run: cd desktop && gpg --quiet --batch --yes --decrypt --passphrase="$DEVELOPER_ID_SECRET_PASSPHRASE" --output developer_id.p12 developer_id.p12.gpg @@ -177,7 +177,7 @@ jobs: run: ./scripts/setup-mapbox-sdk.sh ${{ secrets.MAPBOX_SDK_DOWNLOAD_TOKEN }} - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Setup Ruby uses: ruby/setup-ruby@a05e47355e80e57b9a67566a813648fa67d92011 @@ -286,13 +286,13 @@ jobs: uses: actions/checkout@v4 - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Setup Cloudflare CLI run: pip3 install cloudflare - name: Configure AWS Credentials - uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main + uses: ./.github/actions/composite/configureAwsCredentials with: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} @@ -342,7 +342,7 @@ jobs: needs: [android, desktop, iOS, web] steps: - name: Post Slack message on failure - uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main + uses: ./.github/actions/composite/announceFailedWorkflowInSlack with: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} @@ -417,21 +417,21 @@ jobs: uses: actions/checkout@v4 - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Set version run: echo "VERSION=$(npm run print-version --silent)" >> "$GITHUB_ENV" - name: Get Release Pull Request List id: getReleasePRList - uses: Expensify/App/.github/actions/javascript/getDeployPullRequestList@main + uses: ./.github/actions/javascript/getDeployPullRequestList with: TAG: ${{ env.VERSION }} GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} IS_PRODUCTION_DEPLOY: ${{ fromJSON(env.SHOULD_DEPLOY_PRODUCTION) }} - name: Comment on issues - uses: Expensify/App/.github/actions/javascript/markPullRequestsAsDeployed@main + uses: ./.github/actions/javascript/markPullRequestsAsDeployed with: PR_LIST: ${{ steps.getReleasePRList.outputs.PR_LIST }} IS_PRODUCTION_DEPLOY: ${{ fromJSON(env.SHOULD_DEPLOY_PRODUCTION) }} diff --git a/.github/workflows/preDeploy.yml b/.github/workflows/preDeploy.yml index 54fd1a830b8b..8f9512062e9d 100644 --- a/.github/workflows/preDeploy.yml +++ b/.github/workflows/preDeploy.yml @@ -7,13 +7,13 @@ on: jobs: typecheck: - uses: Expensify/App/.github/workflows/typecheck.yml@main + uses: ./.github/workflows/typecheck.yml lint: - uses: Expensify/App/.github/workflows/lint.yml@main + uses: ./.github/workflows/lint.yml test: - uses: Expensify/App/.github/workflows/test.yml@main + uses: ./.github/workflows/test.yml confirmPassingBuild: runs-on: ubuntu-latest @@ -21,9 +21,11 @@ jobs: if: ${{ always() }} steps: + - uses: actions/checkout@v4 + - name: Announce failed workflow in Slack if: ${{ needs.typecheck.result == 'failure' || needs.lint.result == 'failure' || needs.test.result == 'failure' }} - uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main + uses: ./.github/actions/composite/announceFailedWorkflowInSlack with: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} @@ -39,6 +41,8 @@ jobs: SHOULD_DEPLOY: ${{ fromJSON(steps.shouldDeploy.outputs.SHOULD_DEPLOY) }} steps: + - uses: actions/checkout@v4 + - name: Get merged pull request id: getMergedPullRequest uses: actions-ecosystem/action-get-merged-pull-request@59afe90821bb0b555082ce8ff1e36b03f91553d9 @@ -47,7 +51,7 @@ jobs: - name: Check if StagingDeployCash is locked id: isStagingDeployLocked - uses: Expensify/App/.github/actions/javascript/isStagingDeployLocked@main + uses: ./.github/actions/javascript/isStagingDeployLocked with: GITHUB_TOKEN: ${{ github.token }} @@ -71,7 +75,7 @@ jobs: createNewVersion: needs: chooseDeployActions if: ${{ fromJSON(needs.chooseDeployActions.outputs.SHOULD_DEPLOY) }} - uses: Expensify/App/.github/workflows/createNewVersion.yml@main + uses: ./.github/workflows/createNewVersion.yml secrets: inherit updateStaging: @@ -92,7 +96,7 @@ jobs: token: ${{ secrets.OS_BOTIFY_TOKEN }} - name: Setup Git for OSBotify - uses: Expensify/App/.github/actions/composite/setupGitForOSBotifyApp@8c19d6da4a3d7ce3b15c9cd89a802187d208ecab + uses: ./.github/actions/composite/setupGitForOSBotifyApp with: GPG_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} OS_BOTIFY_APP_ID: ${{ secrets.OS_BOTIFY_APP_ID }} @@ -108,14 +112,14 @@ jobs: - name: Announce failed workflow in Slack if: ${{ failure() }} - uses: Expensify/App/.github/actions/composite/announceFailedWorkflowInSlack@main + uses: ./.github/actions/composite/announceFailedWorkflowInSlack with: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} e2ePerformanceTests: needs: [chooseDeployActions] if: ${{ needs.chooseDeployActions.outputs.SHOULD_DEPLOY }} - uses: Expensify/App/.github/workflows/e2ePerformanceTests.yml@main + uses: ./.github/workflows/e2ePerformanceTests.yml secrets: inherit with: PR_NUMBER: ${{ needs.chooseDeployActions.outputs.MERGED_PR }} diff --git a/.github/workflows/reassurePerformanceTests.yml b/.github/workflows/reassurePerformanceTests.yml index 4aaa6fb2ce8c..a58745b742ad 100644 --- a/.github/workflows/reassurePerformanceTests.yml +++ b/.github/workflows/reassurePerformanceTests.yml @@ -15,7 +15,7 @@ jobs: uses: actions/checkout@v4 - name: Setup NodeJS - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Run performance testing script shell: bash @@ -38,7 +38,7 @@ jobs: - name: Validate output.json id: validateReassureOutput - uses: Expensify/App/.github/actions/javascript/validateReassureOutput@main + uses: ./.github/actions/javascript/validateReassureOutput with: DURATION_DEVIATION_PERCENTAGE: 20 COUNT_DEVIATION: 0 diff --git a/.github/workflows/reviewerChecklist.yml b/.github/workflows/reviewerChecklist.yml index e86e08375269..19aeab8a1be7 100644 --- a/.github/workflows/reviewerChecklist.yml +++ b/.github/workflows/reviewerChecklist.yml @@ -9,7 +9,9 @@ jobs: runs-on: ubuntu-latest if: github.actor != 'OSBotify' && github.actor != 'imgbot[bot]' steps: + - uses: actions/checkout@v4 + - name: reviewerChecklist.js - uses: Expensify/App/.github/actions/javascript/reviewerChecklist@main + uses: ./.github/actions/javascript/reviewerChecklist with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9c2e9486150b..6540a0fdd583 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@v4 - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Get number of CPU cores id: cpu-cores @@ -46,7 +46,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: Expensify/App/.github/actions/composite/setupNode@main + - uses: ./.github/actions/composite/setupNode - name: Storybook run run: npm run storybook -- --smoke-test --ci @@ -60,7 +60,7 @@ jobs: uses: actions/checkout@v4 - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Test CI git logic run: tests/unit/CIGitLogicTest.sh diff --git a/.github/workflows/testBuild.yml b/.github/workflows/testBuild.yml index 4725ca6c86ce..6f222398d04b 100644 --- a/.github/workflows/testBuild.yml +++ b/.github/workflows/testBuild.yml @@ -82,7 +82,7 @@ jobs: echo "PULL_REQUEST_NUMBER=$PULL_REQUEST_NUMBER" >> .env.adhoc - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Setup Ruby uses: ruby/setup-ruby@a05e47355e80e57b9a67566a813648fa67d92011 @@ -101,7 +101,7 @@ jobs: LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} - name: Configure AWS Credentials - uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main + uses: ./.github/actions/composite/configureAwsCredentials with: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} @@ -149,7 +149,7 @@ jobs: echo "PULL_REQUEST_NUMBER=$PULL_REQUEST_NUMBER" >> .env.adhoc - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Setup XCode run: sudo xcode-select -switch /Applications/Xcode_14.2.app @@ -191,7 +191,7 @@ jobs: LARGE_SECRET_PASSPHRASE: ${{ secrets.LARGE_SECRET_PASSPHRASE }} - name: Configure AWS Credentials - uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main + uses: ./.github/actions/composite/configureAwsCredentials with: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} @@ -230,7 +230,7 @@ jobs: echo "PULL_REQUEST_NUMBER=$PULL_REQUEST_NUMBER" >> .env.adhoc - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Decrypt Developer ID Certificate run: cd desktop && gpg --quiet --batch --yes --decrypt --passphrase="$DEVELOPER_ID_SECRET_PASSPHRASE" --output developer_id.p12 developer_id.p12.gpg @@ -238,7 +238,7 @@ jobs: DEVELOPER_ID_SECRET_PASSPHRASE: ${{ secrets.DEVELOPER_ID_SECRET_PASSPHRASE }} - name: Configure AWS Credentials - uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main + uses: ./.github/actions/composite/configureAwsCredentials with: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} @@ -273,10 +273,10 @@ jobs: echo "PULL_REQUEST_NUMBER=$PULL_REQUEST_NUMBER" >> .env.adhoc - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode - name: Configure AWS Credentials - uses: Expensify/App/.github/actions/composite/configureAwsCredentials@main + uses: ./.github/actions/composite/configureAwsCredentials with: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} @@ -343,7 +343,7 @@ jobs: - name: Publish links to apps for download if: ${{ fromJSON(needs.validateActor.outputs.READY_TO_BUILD) }} - uses: Expensify/App/.github/actions/javascript/postTestBuildComment@main + uses: ./.github/actions/javascript/postTestBuildComment with: PR_NUMBER: ${{ env.PULL_REQUEST_NUMBER }} GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} diff --git a/.github/workflows/typecheck.yml b/.github/workflows/typecheck.yml index c09db594e243..1f80908b02b5 100644 --- a/.github/workflows/typecheck.yml +++ b/.github/workflows/typecheck.yml @@ -14,7 +14,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: Expensify/App/.github/actions/composite/setupNode@main + - uses: ./.github/actions/composite/setupNode - name: Type check with TypeScript run: npm run typecheck diff --git a/.github/workflows/validateDocsRoutes.yml b/.github/workflows/validateDocsRoutes.yml index 702c48fbc068..ceeca1ad39f1 100644 --- a/.github/workflows/validateDocsRoutes.yml +++ b/.github/workflows/validateDocsRoutes.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: Expensify/App/.github/actions/composite/setupNode@main + - uses: ./.github/actions/composite/setupNode # Verify that no new hubs were created without adding their metadata to _routes.yml - name: Validate Docs Routes File diff --git a/.github/workflows/validateGithubActions.yml b/.github/workflows/validateGithubActions.yml index c493e26bc514..700f0b68100e 100644 --- a/.github/workflows/validateGithubActions.yml +++ b/.github/workflows/validateGithubActions.yml @@ -15,7 +15,7 @@ jobs: uses: actions/checkout@v4 - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode # Rebuild all the actions on this branch and check for a diff. Fail if there is one, # because that would be a sign that the PR author did not rebuild the Github Actions diff --git a/.github/workflows/verifyPodfile.yml b/.github/workflows/verifyPodfile.yml index 08f9c3a5223b..04cd8d62461b 100644 --- a/.github/workflows/verifyPodfile.yml +++ b/.github/workflows/verifyPodfile.yml @@ -16,7 +16,9 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + - name: Setup Node - uses: Expensify/App/.github/actions/composite/setupNode@main + uses: ./.github/actions/composite/setupNode + - name: Verify podfile run: ./.github/scripts/verifyPodfile.sh diff --git a/.github/workflows/verifySignedCommits.yml b/.github/workflows/verifySignedCommits.yml index ee1b0c4c78da..9134dcd63a7a 100644 --- a/.github/workflows/verifySignedCommits.yml +++ b/.github/workflows/verifySignedCommits.yml @@ -9,7 +9,9 @@ jobs: verifySignedCommits: runs-on: ubuntu-latest steps: + - uses: actions/checkout@v4 + - name: Verify signed commits - uses: Expensify/App/.github/actions/javascript/verifySignedCommits@main + uses: ./.github/actions/javascript/verifySignedCommits with: GITHUB_TOKEN: ${{ github.token }} From 68569648f5b69de335c67b72d95513a0b33774f6 Mon Sep 17 00:00:00 2001 From: rory Date: Mon, 20 Nov 2023 11:55:44 -0700 Subject: [PATCH 2/2] Use guidelines in README --- .github/workflows/README.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/README.md b/.github/workflows/README.md index d4340e5a55f7..d940d99d9cde 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -139,12 +139,11 @@ In order to bundle actions with their dependencies into a single Node.js executa - When calling your GitHub Action from one of our workflows, you must: - First call `@actions/checkout`. - - Use the absolute path of the action in GitHub, including the repo name, path, and branch ref, like so: + - Use the relative path of the action in GitHub from the root of this repo, like so: ```yaml - name: Generate Version - uses: Expensify/App/.github/actions/javascript/bumpVersion@main + uses: ./.github/actions/javascript/bumpVersion ``` - Do not try to use a relative path. -- Confusingly, paths in action metadata files (`action.yml`) _must_ use relative paths. + - You can't use any dynamic values or environment variables in a `uses` statement - In general, it is a best practice to minimize any side-effects of each action. Using atomic ("dumb") actions that have a clear and simple purpose will promote reuse and make it easier to understand the workflows that use them.