Merge branch 'main' into web-release-tooling

json-schema-org · Aug 16, 2024 · c5c6821 · c5c6821
2 parents cd00318 + 6a544fa
commit c5c6821
Show file tree

Hide file tree

Showing 177 changed files with 14,489 additions and 3,844 deletions.
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -3,6 +3,7 @@ module.exports = {
     es2021: true,
     node: true,
     browser: true,
+    "cypress/globals": true
   },
   settings: {
     react: {
@@ -16,6 +17,7 @@ module.exports = {
     'plugin:react-hooks/recommended',
     'plugin:@next/next/recommended',
     'plugin:prettier/recommended',
+    'plugin:cypress/recommended',
   ],
   parser: '@typescript-eslint/parser',
   parserOptions: {
@@ -25,14 +27,14 @@ module.exports = {
     ecmaVersion: 12,
     sourceType: 'module',
   },
-  plugins: ['react', '@typescript-eslint', 'prettier'],
+  plugins: ['react', '@typescript-eslint', 'prettier', 'cypress'],
   rules: {
     'array-bracket-spacing': ['error', 'never'],
     'object-curly-spacing': ['error', 'always'],
 
     'react/jsx-curly-spacing': ['error', { when: 'never', children: true }],
     indent: ['error', 2, { SwitchCase: 1 }],
-    'linebreak-style': ['error', 'unix'],
+    'linebreak-style': ['error', process.platform === 'win32' ? 'windows' : 'unix'],
     quotes: ['error', 'single'],
 
     'jsx-quotes': ['error', 'prefer-single'],

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,30 @@
+# configuration file for Dependabot 
+version: 2
+updates:
+    # Configuration for yarn package ecosystem
+  - package-ecosystem: "npm"  
+
+    # Directory containing the package manifests (e.g. yarn.lock)
+    directory: "/" 
+
+    # Schedule for dependency updates
+    schedule:
+      interval: "weekly"  
+
+    # Customize commit messages for dependency updates
+    commit-message:
+      prefix: "chore(deps):"  
+
+    # Configuration for GitHub Actions dependencies
+  - package-ecosystem: "github-actions" 
+
+    # Workflow files stored in the default location of `.github/workflows`. (You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.)
+    directory: "/" 
+
+    # Schedule for dependency updates
+    schedule:
+      interval: "weekly"
+
+    # Customize commit messages for dependency updates
+    commit-message:
+      prefix: "chore(deps):" 
diff --git a/.github/workflows/README.md b/.github/workflows/README.md
@@ -0,0 +1,60 @@
+## JSON Schema Website CI/CD Workflow Guidelines
+
+### Overview
+
+This document outlines the guidelines for contributing to and maintaining GitHub Actions workflows in the JSON Schema Website project. Adherence to these guidelines ensures consistency, efficiency, and ease of maintenance across our CI/CD processes.
+
+### General Principles
+
+- **Change Management**: Modifications to files in this directory are closely monitored. Changes will trigger unauthorized file changes workflow during pull request checks. Only make changes when explicitly advised by a project contributor or maintainer.
+- **Documentation and Naming**: Use descriptive, self-explanatory names for workflows, jobs, and steps. Include clear comments within workflow files to explain complex configurations.
+
+### YAML Workflow File Structure
+
+Our YAML files are organized based on specific roles and event triggers. When creating or modifying workflows, ensure that:
+- The file roles described below are strictly maintained.
+- Job sequences within workflows are preserved using [GitHub Action job dependencies](https://docs.github.com/en/actions/using-workflows/using-jobs-in-a-workflow#defining-prerequisite-jobs).
+
+### File Categorization
+
+Organize workflow files based on their primary event trigger:
+
+- **Issue Workflows**: 
+  - [Issue Workflow](./issue.yml): Handles issue-related events such as opening, closing, or labeling issues.
+
+- **Pull Request Workflows**:
+  - [CI Workflow](./ci.yml): Runs for all contributors on pull requests, performing code-quality checks, unauthorized file changes detection, and build processes.
+  - [PR Interaction Workflow](./pull-request-target.yml): Contains workflows specifically for first-time contributors, such as welcome messages.
+
+### Exceptions to File Categorization
+
+Separate files may be created for workflows that:
+
+- Require unique `cron` schedules for periodic execution.
+  Examples:
+  - [Link Checker](./link-checker.yml): Periodically checks for broken links in the repository.
+  - [Mark stale issues and pull requests](./stale-issues-prs.yml): Automatically labels and closes stale issues and PRs.
+  - [Dependabot](../dependabot.yml): Keeps dependencies up-to-date.
+
+- Need specific `paths` triggers, activating only when files in particular directories are modified.
+  Example:
+  - [New Implementation Commenter](./new-implementation.yml): Adds comments when new implementation files are added.
+
+- Only work correctly if they have a dedicated file.
+  Examples:
+  - [Preview Deployment](./preview-deployment.yml): Deploys preview environments for pull requests.
+  - [Production Deployment](./production-deployment.yml): Handles production deployments.
+  - [CodeQL Code Scanning](./codeql.yml): Performs code security analysis.
+  - [Check PR Dependencies](./pr-dependencies.yml): Enforces dependencies between PRs based on opening comments.
+
+### Workflow Maintenance
+
+To ensure the efficiency and reliability of our workflows, follow these maintenance guidelines:
+
+- **Regular Review**: Review and update workflows at least quarterly to incorporate new features or best practices.
+- **Dependency Updates**: Keep workflow dependencies up-to-date by reviewing and applying Dependabot suggestions promptly.
+- **Documentation**: Update workflow documentation immediately after any changes or modifications to keep it current.
+- **Performance Monitoring**: Regularly check workflow run times and optimize where possible to reduce GitHub Actions usage.
+- **Security Checks**: Ensure that workflows using secrets or accessing sensitive data are properly secured and follow least privilege principles.
+
+These guidelines aim to maintain the integrity and efficiency of our CI/CD processes. Always consult with the team before making significant changes to any workflow.
diff --git a/.github/workflows/build-preview.yml b/.github/workflows/build-preview.yml
@@ -0,0 +1,67 @@
+name: Build Preview Deployment
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+
+# cancel in-progress runs on new commits to same PR (github.event.number)
+concurrency:
+    group: ${{ github.workflow }}-${{ github.event.number || github.sha }}
+    cancel-in-progress: true
+
+jobs:
+  build-preview:
+    runs-on: ubuntu-latest
+    name: Build Preview Site and Upload Build Artifact
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+            submodules: 'recursive'
+
+      - name: Corepack enable
+        run: corepack enable
+
+      - name: Get yarn cache directory path
+        id: yarn-cache-dir-path
+        run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
+
+      - name: Cache Node dependencies
+        uses: actions/cache@v4
+        id: yarn-cache
+        with:
+          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+              ${{ runner.os }}-yarn-
+      
+      - name: Cache Next Build
+        uses: actions/cache@v4
+        with:
+          path: |
+              ${{ steps.yarn-cache-dir-path.outputs.dir }}
+              ${{ github.workspace }}/.next/cache
+          key: ${{ runner.os }}-nextjs-${{ hashFiles('**/yarn.lock') }}-${{ hashFiles('**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx') }}
+          restore-keys: |
+              ${{ runner.os }}-nextjs-${{ hashFiles('**/yarn.lock') }}-
+          
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+         node-version: 20
+
+      - name: Install dependencies
+        run: yarn install --immutable
+
+      - name: Build Site
+        run: yarn run build
+        env:
+          NEXT_PUBLIC_ALGOLIA_APP_ID: ${{ vars.NEXT_PUBLIC_ALGOLIA_APP_ID }}
+          NEXT_PUBLIC_ALGOLIA_API_KEY: ${{ vars.NEXT_PUBLIC_ALGOLIA_API_KEY }}
+
+      # Uploads the build directory as a workflow artifact
+      - name: Upload build artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: preview-build
+          path: out
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,120 @@
+name: CI
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+  push:
+    branches:
+      - main
+
+env:
+  CODECOV_UNIQUE_NAME: CODECOV_UNIQUE_NAME-${{ github.run_id }}-${{ github.run_number }}
+
+jobs:
+  code-quality-checks:
+    name: Code Quality Checks
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Corepack enable 
+        run: corepack enable
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'yarn'
+
+      - name: Install dependencies
+        run: yarn install --immutable
+
+      - name: Linting and Formatting checks
+        run: yarn run lint
+
+      - name: Type checking
+        run: yarn run typecheck
+
+  testing-and-coverage:
+    name: Testing and Coverage
+    needs: [code-quality-checks]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - name: Corepack enable
+        run: corepack enable
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'yarn'
+
+      - name: Install dependencies
+        run: yarn install --immutable
+
+      - name: Run development server
+        run: yarn run dev &
+
+      - name: Run tests and generate coverage report
+        run: yarn run test:coverage:all
+
+      - name: Upload coverage report to Codecov
+        uses: codecov/[email protected]
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          name: ${{ env.CODECOV_UNIQUE_NAME }}
+          verbose: true
+          fail_ci_if_error: true
+
+  check-unauthorized-file-changes:
+    name: Check Unauthorized File Changes
+    if: ${{github.actor != 'dependabot[bot]'}} && ${{github.event_name == 'pull_request'}}
+    runs-on: ubuntu-latest
+    steps: 
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Get Changed Unauthorized files
+        id: changed-unauth-files
+        uses: tj-actions/changed-files@v44
+        with:
+          files: |
+            .github/**
+            .husky/**
+            .env.example
+            package.json
+            tsconfig.json
+            next.config.js
+            next-sitemap.config.js
+            next-env.d.ts
+            tailwind.config.js
+            postcss.config.js
+            yarn.lock
+            Dockerfile
+            CODEOWNERS
+            LICENSE
+            .gitignore
+            .gitmodules
+            .gitattributes
+            .eslintrc.js
+            .eslintignore
+            .zshrc
+            .prettierrc
+            .prettierignore
+            .dockerignore
+            makefile
+            
+      - name: List all changed unauthorized files
+        if: steps.changed-unauth-files.outputs.any_changed == 'true' || steps.changed-unauth-files.outputs.any_deleted == 'true'
+        env: 
+          CHANGED_UNAUTH_FILES: ${{ steps.changed-unauth-files.outputs.all_changed_files }}
+        run: |
+          for file in ${CHANGED_UNAUTH_FILES}; do
+            echo "$file is unauthorized to change/delete"
+          done
+          exit 1
diff --git a/.github/workflows/deploy-preview.yml b/.github/workflows/deploy-preview.yml
@@ -0,0 +1,38 @@
+name: Upload Preview Deployment
+on:
+  workflow_run:
+    workflows: ['Build Preview Deployment']
+    types:
+      - completed
+
+permissions:
+  actions: read
+  deployments: write
+  contents: read
+  pull-requests: write
+
+jobs:
+  deploy-preview:
+    runs-on: ubuntu-latest
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    name: Deploy Preview to Cloudflare Pages
+    steps:
+      # Downloads the build directory from the previous workflow
+      - name: Download build artifact
+        uses: actions/download-artifact@v4
+        id: preview-build-artifact
+        with:
+          name: preview-build
+          path: build
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          run-id: ${{ github.event.workflow_run.id }}
+
+      - name: Deploy to Cloudflare Pages
+        uses: AdrianGonz97/refined-cf-pages-action@v1
+        with:
+          apiToken: ${{ secrets.CF_API_TOKEN }}
+          accountId: ${{ secrets.CF_ACCOUNT_ID }}
+          githubToken: ${{ secrets.GITHUB_TOKEN }}
+          projectName: ${{ vars.CF_PROJECT_NAME }}
+          directory: ${{ steps.preview-build-artifact.outputs.download-path }}
+          deploymentName: Preview