-
Notifications
You must be signed in to change notification settings - Fork 1
183 lines (154 loc) · 7.05 KB
/
check.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
name: Check
on:
push:
branches:
- main
pull_request:
workflow_dispatch:
permissions: {}
defaults:
run:
shell: bash
jobs:
check:
runs-on: ubuntu-24.04
timeout-minutes: 15
permissions:
contents: read # for checkout
actions: read # for actions-timeline
steps:
- name: actions-timeline
# skip if the workflow is called from another workflow
if: contains(github.workflow_ref, '/check.yml')
# cspell:ignore kesin
uses: Kesin11/actions-timeline@3046833d9aacfd7745c5264b7f3af851c3e2a619 # v2.2.1
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0 # fetch all history for commitlint
- name: Setup bun
uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.1
- name: Setup Node.js
# Install to use the latest version of Node.js when shebang is specified
# ref: https://bun.sh/docs/cli/run#bun
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version-file: package.json
- name: Install Dependencies
run: bun install --frozen-lockfile
env:
HUSKY: 0
- name: Get Included Files of tsconfig.src.json
id: get-tsconfig-files
# check if lint-staged should be run
if: >-
(github.event_name == 'push' && github.event.before != '0000000000000000000000000000000000000000') ||
github.event_name == 'pull_request'
run: |
files=$(bun run tsc --project tsconfig.src.json --showConfig | jq --raw-output "([\"tsconfig.src.json\"] + .files) | join(\",\")")
echo "files=$files" >> "$GITHUB_OUTPUT"
- name: Check Changed Files
id: changed-files
# outputs will be empty strings if the step is skipped
if: steps.get-tsconfig-files.outputs.files != ''
uses: tj-actions/changed-files@bab30c2299617f6615ec02a68b9a40d10bd21366 # v45.0.5
with:
files: ${{ steps.get-tsconfig-files.outputs.files }}
files_separator: ","
- name: Restore Build Cache
id: restore-build-cache
if: steps.changed-files.outputs.any_changed != 'false'
uses: actions/cache/restore@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: .next/cache
key: nextjs-${{ runner.os }}-${{ hashFiles('**/bun.lockb') }}-${{ hashFiles('src', 'public', 'next.config.js', 'tsconfig.src.json') }}
# restore the prior cache if lockfile is not changed
restore-keys: nextjs-${{ runner.os }}-${{ hashFiles('**/bun.lockb') }}-
- name: Do Nothing
# step to check all above steps are successful
id: do-nothing
run: ":"
- name: "commitlint (push: initial commit)"
id: commitlint-push-initial
# commit hash will be 000... if it doesn't exist
if: github.event_name == 'push' && github.event.before == '0000000000000000000000000000000000000000'
run: bun run commitlint --verbose --to ${{ github.event.after }}
- name: commitlint (push)
id: commitlint-push
if: github.event_name == 'push' && steps.commitlint-push-initial.outcome == 'skipped'
run: bun run commitlint --verbose --from ${{ github.event.before }} --to ${{ github.event.after }}
- name: commitlint (pull_request)
id: commitlint-pr
if: github.event_name == 'pull_request'
run: |
bun run commitlint --verbose --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }}
- name: commitlint (last commit)
if: >-
${{
steps.commitlint-push-initial.outcome == 'skipped' &&
steps.commitlint-push.outcome == 'skipped' && steps.commitlint-pr.outcome == 'skipped'
}}
run: bun run commitlint --verbose --from ${{ github.sha }}~1 --to ${{ github.sha }}
- name: Check (push)
id: check-push
# continue even if the previous step fails
# do not use continue-on-error because it will result in a successful job
# commit hash will be 000... if it doesn't exist
if: >-
${{
!cancelled() && steps.do-nothing.outcome == 'success' &&
github.event_name == 'push' && github.event.before != '0000000000000000000000000000000000000000'
}}
run: bun run lint-staged --diff=origin/${{ github.ref_name }}^...origin/${{ github.ref_name }}
- name: Check (pull_request)
id: check-pr
if: ${{ !cancelled() && steps.do-nothing.outcome == 'success' && github.event_name == 'pull_request' }}
env:
# use an intermediate variable to avoid injection attacks
# ref: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#good-practices-for-mitigating-script-injection-attacks
HEAD_REF: ${{ github.head_ref }}
run: bun run lint-staged --diff=origin/${{ github.base_ref }}...origin/"$HEAD_REF"
- name: Build
id: build
if: >-
${{
!cancelled() && steps.do-nothing.outcome == 'success' &&
steps.check-push.outcome == 'skipped' && steps.check-pr.outcome == 'skipped'
}}
# generate type definitions (e.g. next-env.d.ts)
run: bun run next build
- name: Save Build Cache
# cache is not saved if tasks except for build fail in check-push or check-pr, but there is no way to check it
if: >-
${{
!cancelled() && steps.restore-build-cache.outcome == 'success' && steps.restore-build-cache.outputs.cache-hit != 'true' &&
(steps.check-push.outcome == 'success' || steps.check-pr.outcome == 'success' || steps.build.outcome == 'success')
}}
uses: actions/cache/save@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: .next/cache
key: ${{ steps.restore-build-cache.outputs.cache-primary-key }}
- name: ignore-sync
if: ${{ !cancelled() && steps.build.outcome == 'success' }}
# run ignore-sync to check if the ignore files are up to date
run: bun run ignore-sync
- name: Biome
if: ${{ !cancelled() && steps.build.outcome == 'success' }}
run: bun run biome ci --error-on-warnings
- name: tsc (source)
if: ${{ !cancelled() && steps.build.outcome == 'success' }}
run: bun run tsc --project tsconfig.src.json --incremental false
- name: tsc (other)
if: ${{ !cancelled() && steps.build.outcome == 'success' }}
run: bun run tsc --project tsconfig.base.json --incremental false
- name: cspell
if: ${{ !cancelled() && steps.build.outcome == 'success' }}
run: bun run cspell "**/*"
- name: knip
if: ${{ !cancelled() && steps.build.outcome == 'success' }}
run: bun run knip
- name: Check No Files are Changes
if: ${{ !cancelled() && steps.do-nothing.outcome == 'success' }}
run: |
git add .
git diff --staged --exit-code