Skip to content

fix: adding resolutions for path-to-regexp to fix dependabot issue #5650

fix: adding resolutions for path-to-regexp to fix dependabot issue

fix: adding resolutions for path-to-regexp to fix dependabot issue #5650

# Description: This workflow runs test suite against PRs that are not from forks.
#
# Triggered by:
# (1) Opening a pull request
# (2) On every commit to the PR
# (3) Adding run-tests label to the PR
name: Test / Internal PRs
concurrency:
group: test-internal-prs-${{ github.event.pull_request.id }}
cancel-in-progress: true
on:
pull_request:
branches: [main, hotfix]
types: [opened, synchronize, labeled]
jobs:
setup:
runs-on: ubuntu-latest
# We run tests only if
# (1) this pr is not from a fork, and
# (2) it's either 'opened' or 'synchronize' action or 'labeled' action with 'run-tests' label.
if: |
github.event.pull_request.head.repo.full_name == github.repository && (
github.event.action == 'opened' ||
github.event.action == 'synchronize' ||
(github.event.action == 'labeled' && github.event.label.name == 'run-tests')
)
permissions:
pull-requests: write # used to remove label
statuses: write # This is required for running set-status actions
steps:
- name: Remove run-tests label, if applicable
if: github.event.label.name == 'run-tests'
env:
ISSUE_NUMBER: ${{ github.event.pull_request.number }}
REPO_OWNER: ${{ github.repository_owner }}
REPO_NAME: ${{ github.event.repository.name }}
LABEL_NAME: 'run-tests'
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 https://github.com/actions/github-script/commit/60a0d83039c74a4aee543508d2ffcb1c3799cdea
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const { ISSUE_NUMBER, REPO_OWNER, REPO_NAME, LABEL_NAME } = process.env
github.rest.issues.removeLabel({ owner: REPO_OWNER, repo: REPO_NAME, issue_number: ISSUE_NUMBER, name: LABEL_NAME })
- name: Checkout Repository
uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Set status to commit sha
uses: ./.github/actions/set-status
with:
sha: ${{ github.event.pull_request.head.sha }}
state: 'pending'
context: 'Run PR checks'
description: 'PR checks are now running'
# URL below is a link to the current workflow run to allow users to see the status of the workflow.
target-url: https://github.com/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/actions/runs/${{ github.run_id }}
dependency-review:
runs-on: ubuntu-latest
needs: setup
steps:
- name: 'Checkout Repository'
uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017
- name: 'Dependency Review'
uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # https://github.com/actions/dependency-review-action/commit/[HASH]
with:
config-file: '.github/dependency-review/config.yml'
codeql:
needs: setup
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write # to write security event to the PR
strategy:
fail-fast: false
matrix:
language: [javascript]
steps:
- name: Checkout
uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Initialize CodeQL
uses: github/codeql-action/init@423a04bb2cb7cd2643007122588f1387778f14d0 # v3.24.9 https://github.com/github/codeql-action/commit/423a04bb2cb7cd2643007122588f1387778f14d0
with:
languages: ${{ matrix.language }}
config-file: ./.github/codeql/codeql-config.yml
queries: +security-and-quality
- name: Autobuild
uses: github/codeql-action/autobuild@423a04bb2cb7cd2643007122588f1387778f14d0 # v3.24.9 https://github.com/github/codeql-action/commit/423a04bb2cb7cd2643007122588f1387778f14d0
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@423a04bb2cb7cd2643007122588f1387778f14d0 # v3.24.9 https://github.com/github/codeql-action/commit/423a04bb2cb7cd2643007122588f1387778f14d0
with:
category: '/language:${{ matrix.language }}'
setup-cache:
needs: setup
uses: ./.github/workflows/reusable-setup-cache.yml
with:
commit: ${{ github.event.pull_request.head.sha }}
repository: ${{ github.repository }}
unit:
uses: ./.github/workflows/reusable-unit.yml
needs: setup-cache
with:
commit: ${{ github.event.pull_request.head.sha }}
repository: ${{ github.repository }}
e2e:
uses: ./.github/workflows/reusable-e2e.yml
needs: unit
with:
commit: ${{ github.event.pull_request.head.sha }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
permissions:
id-token: write # This is required for requesting the JWT
secrets:
AUTH_E2E_ROLE_ARN: ${{ secrets.AUTH_E2E_ROLE_ARN }}
DATASTORE_E2E_ROLE_ARN: ${{ secrets.DATASTORE_E2E_ROLE_ARN }}
GEO_E2E_ROLE_ARN: ${{ secrets.GEO_E2E_ROLE_ARN }}
STORAGE_E2E_ROLE_ARN: ${{ secrets.STORAGE_E2E_ROLE_ARN }}
LIVENESS_E2E_ROLE_ARN: ${{ secrets.LIVENESS_E2E_ROLE_ARN }}
IN_APP_MESSAGING_E2E_ROLE_ARN: ${{ secrets.IN_APP_MESSAGING_E2E_ROLE_ARN }}
AI_E2E_ROLE_ARN: ${{ secrets.AI_E2E_ROLE_ARN }}
DOMAIN: ${{ secrets.DOMAIN }}
PHONE_NUMBER: ${{ secrets.PHONE_NUMBER }}
USERNAME: ${{ secrets.USERNAME }}
NEW_PASSWORD: ${{ secrets.NEW_PASSWORD }}
VALID_PASSWORD: ${{ secrets.VALID_PASSWORD }}
SITE_URL: ${{ secrets.SITE_URL }}
DOCSEARCH_DOCS_APP_ID: ${{ secrets.DOCSEARCH_DOCS_APP_ID }}
DOCSEARCH_DOCS_API_KEY: ${{ secrets.DOCSEARCH_DOCS_API_KEY }}
DOCSEARCH_DOCS_INDEX_NAME: ${{ secrets.DOCSEARCH_DOCS_INDEX_NAME }}
update-success-status:
if: ${{ success() }}
needs: [setup, e2e, codeql, dependency-review]
runs-on: ubuntu-latest
permissions:
statuses: write # This is required for running set-status actions
steps:
- uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Update status when tests are successful
uses: ./.github/actions/set-status
with:
sha: ${{ github.event.pull_request.head.sha }}
state: 'success'
context: 'Run PR checks'
description: 'PR checks have finished running'
target-url: https://github.com/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/actions/runs/${{ github.run_id }}
update-failure-status:
if: ${{ failure() }}
needs: [setup, e2e, codeql, dependency-review]
runs-on: ubuntu-latest
permissions:
statuses: write # This is required for running set-status actions
steps:
- uses: actions/checkout@b80ff79f1755d06ba70441c368a6fe801f5f3a62 # v4.1.3 https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Update status when tests are not successful
uses: ./.github/actions/set-status
with:
sha: ${{ github.event.pull_request.head.sha }}
state: 'failure'
context: 'Run PR checks'
description: 'PR checks have failed'
target-url: https://github.com/${{ github.event.repository.owner.login }}/${{ github.event.repository.name }}/actions/runs/${{ github.run_id }}