Skip to content

Commit

Permalink
feat(practs): bump practs and resolve audit
Browse files Browse the repository at this point in the history
  • Loading branch information
uladkasach committed Jul 27, 2024
1 parent 0eb0306 commit e1e7844
Show file tree
Hide file tree
Showing 26 changed files with 4,007 additions and 5,618 deletions.
4 changes: 3 additions & 1 deletion .eslintrc.js
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,8 @@ module.exports = {
sourceType: 'module', // Allows for the use of imports
},
rules: {
'@typescript-eslint/explicit-function-return-type': 'off', // this can be figured out implicitly, and that is better
'@typescript-eslint/explicit-module-boundary-types': 'warn', // makes code-reviews easier + code quality better by explicitly defining outputs of exported functions+classes
'@typescript-eslint/explicit-function-return-type': 'off', // prefer '@typescript-eslint/explicit-module-boundary-types' since it only requires the check on exported functions+classes
'sort-imports': 'off',
'import/prefer-default-export': 'off', // default export = bad
'import/no-default-export': 'error', // require named exports - they make it easier to refactor, enforce consistency, and increase constraints
Expand Down Expand Up @@ -42,5 +43,6 @@ module.exports = {
'@typescript-eslint/lines-between-class-members': 'off',
'no-return-await': 'off', // this does not help anything and actually leads to bugs if we subsequently wrap the return in a try catch without remembering to _then_ add await
'@typescript-eslint/return-await': 'off',
'@typescript-eslint/no-unsafe-declaration-merging': 'off', // dobjs are built off of this
},
};
2 changes: 2 additions & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# exclude package-lock from git diff; https://stackoverflow.com/a/72834452/3068233
package-lock.json -diff
46 changes: 46 additions & 0 deletions .github/workflows/.install.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
name: .install

on:
workflow_call:
outputs:
node-modules-cache-key:
description: a max(stable) cache key to the node modules of this commit's dependencies
value: ${{ jobs.npm.outputs.node-modules-cache-key }}

jobs:
npm:
runs-on: ubuntu-20.04
outputs:
node-modules-cache-key: ${{ steps.cache.outputs.cache-primary-key }}
steps:
- name: checkout
uses: actions/checkout@v3

- name: set node-version
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'

- name: node-modules deps hash
id: deps-hash
run: |
PACKAGE_DEPS_HASH=$(jq '.packages' package-lock.json | jq 'del(."".version)' | md5sum | awk '{print $1}');
echo "PACKAGE_DEPS_HASH=$PACKAGE_DEPS_HASH"
echo "package-deps-hash=$PACKAGE_DEPS_HASH" >> "$GITHUB_OUTPUT"
- name: node-modules cache get
uses: actions/cache/restore@v3
id: cache
with:
path: ./node_modules
key: ${{ runner.os }}-node-${{ steps.deps-hash.outputs.package-deps-hash }}

- name: node-modules cache miss install
if: steps.cache.outputs.cache-hit != 'true'
run: npm ci --ignore-scripts --prefer-offline --no-audit

- name: node-modules cache set
if: steps.cache.outputs.cache-hit != 'true'
uses: actions/cache/save@v3
with:
path: ./node_modules
key: ${{ steps.cache.outputs.cache-primary-key }}
24 changes: 19 additions & 5 deletions .github/workflows/.publish-npm.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,23 +8,37 @@ on:
description: required credentials to authenticate with the aws account under which to publish

jobs:
install:
uses: ./.github/workflows/.install.yml

publish:
runs-on: ubuntu-20.04
needs: [install]
steps:
- name: checkout
uses: actions/checkout@v3

- name: set node version
- name: set node-version
uses: actions/setup-node@v3
with:
registry-url: 'https://registry.npmjs.org/'
node-version-file: '.nvmrc'
cache: 'npm'

- name: install
run: npm ci
- name: node-modules cache get
uses: actions/cache/restore@v3
id: cache
with:
path: ./node_modules
key: ${{ needs.install.outputs.node-modules-cache-key }}

- name: node-modules cache miss install
if: steps.cache.outputs.cache-hit != 'true'
run: npm ci --ignore-scripts --prefer-offline --no-audit

- name: build
run: npm run build

- name: publish
run: npm publish
run: npm publish --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.npm-auth-token }}
116 changes: 46 additions & 70 deletions .github/workflows/.test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,158 +20,135 @@ on:
description: required credentials to authenticate with aws the aws account against which to run the tests

jobs:
# install the dependencies
install:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v3

- name: set node version
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'

- name: install
run: npm ci --ignore-scripts

- name: cache node modules
uses: actions/cache@v2
with:
path: node_modules
key: ${{ runner.os }}-node-${{ github.sha }}
uses: ./.github/workflows/.install.yml

# run tests in parallel
test-commits:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
needs: [install]
steps:
- name: checkout
uses: actions/checkout@v3
with:
fetch-depth: 0 # we need all commits to test:commits

- name: set node version
- name: set node-version
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'

- name: grab node_modules from cache
uses: actions/cache@v2
- name: get node-modules from cache
uses: actions/cache/restore@v3
with:
path: node_modules
key: ${{ runner.os }}-node-${{ github.sha }}
path: ./node_modules
key: ${{ needs.install.outputs.node-modules-cache-key }}

- name: test:commits
run: npm run test:commits

test-types:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
needs: [install]
steps:
- name: checkout
uses: actions/checkout@v3

- name: set node version
- name: set node-version
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'

- name: grab node_modules from cache
uses: actions/cache@v2
- name: get node-modules from cache
uses: actions/cache/restore@v3
with:
path: node_modules
key: ${{ runner.os }}-node-${{ github.sha }}
path: ./node_modules
key: ${{ needs.install.outputs.node-modules-cache-key }}

- name: test:types
run: npm run test:types

test-format:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
needs: [install]
steps:
- name: checkout
uses: actions/checkout@v3

- name: set node version
- name: set node-version
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'

- name: grab node_modules from cache
uses: actions/cache@v2
- name: get node-modules from cache
uses: actions/cache/restore@v3
with:
path: node_modules
key: ${{ runner.os }}-node-${{ github.sha }}
path: ./node_modules
key: ${{ needs.install.outputs.node-modules-cache-key }}

- name: test:format
run: npm run test:format

test-lint:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
needs: [install]
steps:
- name: checkout
uses: actions/checkout@v3

- name: set node version
- name: set node-version
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'

- name: grab node_modules from cache
uses: actions/cache@v2
- name: get node-modules from cache
uses: actions/cache/restore@v3
with:
path: node_modules
key: ${{ runner.os }}-node-${{ github.sha }}
path: ./node_modules
key: ${{ needs.install.outputs.node-modules-cache-key }}

- name: test:lint
run: npm run test:lint

test-unit:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
needs: [install]
steps:
- name: checkout
uses: actions/checkout@v3

- name: set node version
- name: set node-version
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'

- name: grab node_modules from cache
uses: actions/cache@v2
- name: get node-modules from cache
uses: actions/cache/restore@v3
with:
path: node_modules
key: ${{ runner.os }}-node-${{ github.sha }}
path: ./node_modules
key: ${{ needs.install.outputs.node-modules-cache-key }}

- name: test:unit
run: npm run test:unit
run: THOROUGH=true npm run test:unit

test-integration:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
needs: [install]
steps:
- name: checkout
uses: actions/checkout@v3

- name: set node version
- name: set node-version
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'

- name: grab node_modules from cache
uses: actions/cache@v2
- name: get node-modules from cache
uses: actions/cache/restore@v3
with:
path: node_modules
key: ${{ runner.os }}-node-${{ github.sha }}
path: ./node_modules
key: ${{ needs.install.outputs.node-modules-cache-key }}

- name: configure aws credentials
if: "${{ inputs.aws-account-id != '' }}"
Expand All @@ -193,26 +170,25 @@ jobs:
run: npm run provision:integration-test-db --if-present

- name: test:integration
run: npm run test:integration
run: THOROUGH=true npm run test:integration

test-acceptance-locally:
runs-on: ubuntu-latest
runs-on: ubuntu-20.04
needs: [install]
steps:
- name: checkout
uses: actions/checkout@v3

- name: set node version
- name: set node-version
uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'npm'

- name: grab node_modules from cache
uses: actions/cache@v2
- name: get node-modules from cache
uses: actions/cache/restore@v3
with:
path: node_modules
key: ${{ runner.os }}-node-${{ github.sha }}
path: ./node_modules
key: ${{ needs.install.outputs.node-modules-cache-key }}

- name: configure aws credentials
if: "${{ inputs.aws-account-id != '' }}"
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@ on:
tags:
- v*

concurrency:
group: ${{ github.workflow }}-${{ github.ref }} # per [workflow] x [branch, tag]
cancel-in-progress: true # cancel workflows for non-latest commits

jobs:
test:
uses: ./.github/workflows/.test.yml
Expand Down
26 changes: 26 additions & 0 deletions .github/workflows/review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: review

on:
pull_request:
types:
- opened
- edited
- synchronize

permissions:
pull-requests: read

jobs:
pullreq-title:
runs-on: ubuntu-latest
steps:
- name: test:pullreq:title
uses: amannn/action-semantic-pull-request@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
# https://github.com/commitizen/conventional-commit-types
types: |
fix
feat
chore
4 changes: 4 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ on:
tags-ignore:
- v* # exclude tags, since deploy workflow triggers on tags, and calls the test workflow inside of it already

concurrency:
group: ${{ github.workflow }}-${{ github.ref }} # per [workflow] x [branch, tag]
cancel-in-progress: true # cancel workflows for non-latest commits

jobs:
suite:
uses: ./.github/workflows/.test.yml
Loading

0 comments on commit e1e7844

Please sign in to comment.