deps(github-actions): DSW-000: Bump github/codeql-action from 3.27.5 to 3.28.0 in /.github/workflows #11224
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
pull_request: | |
types: [ opened, synchronize, reopened, "ready_for_review" ] | |
paths-ignore: | |
- "apps/examples/**" | |
- ".husky/**" | |
- ".idea/**" | |
- "stories/**" | |
- ".vscode/**" | |
- "README.md" | |
- "CONTRIBUTING.md" | |
- "CHANGELOG.md" | |
- "LICENSE" | |
push: | |
branches: | |
- main | |
concurrency: | |
group: CI-${{ github.ref }} | |
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
env: | |
PERCY_TOKEN_PIE_DOCS: ${{ secrets.PERCY_TOKEN_PIE_DOCS }} | |
PERCY_TOKEN_PIE_ASSISTIVE_TEXT: ${{ secrets.PERCY_TOKEN_PIE_ASSISTIVE_TEXT }} | |
PERCY_TOKEN_PIE_BUTTON: ${{ secrets.PERCY_TOKEN_PIE_BUTTON }} | |
PERCY_TOKEN_PIE_CARD: ${{ secrets.PERCY_TOKEN_PIE_CARD }} | |
PERCY_TOKEN_PIE_CHECKBOX: ${{ secrets.PERCY_TOKEN_PIE_CHECKBOX }} | |
PERCY_TOKEN_PIE_CHECKBOX_GROUP: ${{ secrets.PERCY_TOKEN_PIE_CHECKBOX_GROUP }} | |
PERCY_TOKEN_PIE_CHIP: ${{ secrets.PERCY_TOKEN_PIE_CHIP }} | |
PERCY_TOKEN_PIE_COOKIE_BANNER: ${{ secrets.PERCY_TOKEN_PIE_COOKIE_BANNER }} | |
PERCY_TOKEN_PIE_DIVIDER: ${{ secrets.PERCY_TOKEN_PIE_DIVIDER }} | |
PERCY_TOKEN_PIE_FORM_LABEL: ${{ secrets.PERCY_TOKEN_PIE_FORM_LABEL }} | |
PERCY_TOKEN_PIE_ICON_BUTTON: ${{ secrets.PERCY_TOKEN_PIE_ICON_BUTTON }} | |
PERCY_TOKEN_PIE_ICONS_WEBC: ${{ secrets.PERCY_TOKEN_PIE_ICONS_WEBC }} | |
PERCY_TOKEN_PIE_LINK: ${{ secrets.PERCY_TOKEN_PIE_LINK }} | |
PERCY_TOKEN_PIE_LOTTIE_PLAYER: ${{ secrets.PERCY_TOKEN_PIE_LOTTIE_PLAYER }} | |
PERCY_TOKEN_PIE_MODAL: ${{ secrets.PERCY_TOKEN_PIE_MODAL }} | |
PERCY_TOKEN_PIE_NOTIFICATION: ${{ secrets.PERCY_TOKEN_PIE_NOTIFICATION }} | |
PERCY_TOKEN_PIE_RADIO: ${{ secrets.PERCY_TOKEN_PIE_RADIO }} | |
PERCY_TOKEN_PIE_RADIO_GROUP: ${{ secrets.PERCY_TOKEN_PIE_RADIO_GROUP }} | |
PERCY_TOKEN_PIE_SPINNER: ${{ secrets.PERCY_TOKEN_PIE_SPINNER }} | |
PERCY_TOKEN_PIE_SWITCH: ${{ secrets.PERCY_TOKEN_PIE_SWITCH }} | |
PERCY_TOKEN_PIE_TAG: ${{ secrets.PERCY_TOKEN_PIE_TAG }} | |
PERCY_TOKEN_PIE_TEXT_INPUT: ${{ secrets.PERCY_TOKEN_PIE_TEXT_INPUT }} | |
PERCY_TOKEN_PIE_TEXTAREA: ${{ secrets.PERCY_TOKEN_PIE_TEXTAREA }} | |
PERCY_TOKEN_PIE_TOAST: ${{ secrets.PERCY_TOKEN_PIE_TOAST }} | |
TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} | |
PERCY_DO_NOT_CAPTURE_RESPONSIVE_ASSETS: true | |
PERCY_PAGE_LOAD_TIMEOUT: ${{ vars.PERCY_PAGE_LOAD_TIMEOUT }} | |
PERCY_NETWORK_IDLE_WAIT_TIMEOUT: ${{ vars.PERCY_NETWORK_IDLE_WAIT_TIMEOUT }} | |
PERCY_TOKEN_PIE_TOAST_PROVIDER: ${{ secrets.PERCY_TOKEN_PIE_TOAST_PROVIDER }} | |
PERCY_TOKEN_PIE_THUMBNAIL: ${{ secrets.PERCY_TOKEN_PIE_THUMBNAIL }} | |
jobs: | |
check-change-type: | |
name: Get change type | |
runs-on: ubuntu-latest | |
outputs: | |
pie-docs-change: ${{ steps.docs-check.outputs.docs-change }} | |
web-components-change: ${{ steps.component-check.outputs.web-components-change }} | |
storybook-change: ${{ steps.storybook-check.outputs.storybook-change }} | |
steps: | |
# Checkout the Repo | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
fetch-depth: 0 | |
# Setup Repo | |
- name: Setup Repo | |
uses: ./.github/actions/setup-repo | |
with: | |
node-version: 20 | |
os: ubuntu-latest | |
- name: Verify if pie-docs has changes | |
id: docs-check | |
run: | | |
DOCS_CHANGE=$(npx -y turbo run build --filter='pie-docs[origin/main]' --dry=json | jq '.packages | length > 0') | |
echo "Change Detected: $DOCS_CHANGE" | |
echo "docs-change=$DOCS_CHANGE" >> $GITHUB_OUTPUT | |
- name: Verify if web components have changes | |
id: component-check | |
run: | | |
COMPONENT_CHANGE=$(npx -y turbo run build --filter='{./packages/components/*}...[origin/main]' --dry=json | jq '.packages | length > 0') | |
echo "Change Detected: $COMPONENT_CHANGE" | |
echo "web-components-change=$COMPONENT_CHANGE" >> $GITHUB_OUTPUT | |
- name: Verify if storybook has changes | |
id: storybook-check | |
run: | | |
STORYBOOK_CHANGE=$(npx -y turbo run build --filter='pie-storybook[origin/main]' --dry=json | jq '.packages | length > 0') | |
echo "Change Detected: $STORYBOOK_CHANGE" | |
echo "storybook-change=$STORYBOOK_CHANGE" >> $GITHUB_OUTPUT | |
lint-styles: | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout the Repo | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
# Setup Repo | |
- name: Setup Repo | |
uses: ./.github/actions/setup-repo | |
with: | |
node-version: 20 | |
os: ubuntu-latest | |
# Lint Styles | |
- name: Lint Styles | |
uses: ./.github/actions/run-script | |
with: | |
script-name: "lint:style" | |
concurrency: 10 | |
lint-js: | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout the Repo | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
# Setup Repo | |
- name: Setup Repo | |
uses: ./.github/actions/setup-repo | |
with: | |
node-version: 20 | |
os: ubuntu-latest | |
# Lint JS | |
- name: Lint JavaScript | |
uses: ./.github/actions/run-script | |
with: | |
script-name: "lint:scripts" | |
build-windows-node-20: | |
uses: ./.github/workflows/install-build.yml | |
with: | |
os: windows-latest | |
node-version: 20 | |
secrets: inherit | |
build-ubuntu-node-18: | |
uses: ./.github/workflows/install-build.yml | |
with: | |
os: ubuntu-latest | |
node-version: 18 | |
secrets: inherit | |
build-ubuntu-node-20: | |
uses: ./.github/workflows/install-build.yml | |
needs: [ 'lint-js', 'lint-styles', 'check-change-type' ] | |
with: | |
os: ubuntu-latest | |
node-version: 20 | |
analyse-component-bundles: true | |
secrets: inherit | |
unit-tests: | |
needs: 'build-ubuntu-node-20' | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout the Repo | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
# Setup Repo | |
- name: Setup Repo | |
uses: ./.github/actions/setup-repo | |
with: | |
node-version: 20 | |
os: ubuntu-latest | |
# Restore Packages from Cache | |
- name: Build Packages | |
uses: ./.github/actions/run-script | |
with: | |
script-name: "build" | |
# Run Unit Tests | |
- name: Unit Tests | |
uses: ./.github/actions/run-script | |
with: | |
script-name: "test:ci" | |
deploy-storybook: | |
needs: unit-tests | |
if: (needs.check-change-type.outputs.web-components-change == 'true' || needs.check-change-type.outputs.storybook-change == 'true') || github.ref == 'refs/heads/main' | |
uses: ./.github/workflows/amplify-deploy.yml | |
with: | |
os: ubuntu-latest | |
node-version: 20 | |
amplify-app-id: d17ja0ul7nrdy0 | |
package-name: 'pie-storybook' | |
package-dist-directory: ./apps/pie-storybook/dist | |
bucket-name-preview: 'pie-storybook-preview' | |
bucket-name-main: 'pie-storybook' | |
sub-domain-suffix: 'storybook' | |
secrets: inherit | |
# Workflow task that deploys an instance of storybook used for test suites to run against | |
deploy-storybook-testing: | |
needs: unit-tests | |
if: (needs.check-change-type.outputs.web-components-change == 'true' || needs.check-change-type.outputs.storybook-change == 'true') || github.ref == 'refs/heads/main' | |
uses: ./.github/workflows/amplify-deploy.yml | |
with: | |
os: ubuntu-latest | |
node-version: 20 | |
amplify-app-id: d3eyargno6okyn | |
package-name: 'pie-storybook' | |
package-dist-directory: ./apps/pie-storybook/dist | |
bucket-name-preview: 'pie-storybook-preview' | |
bucket-name-main: 'pie-storybook' | |
destination-dir: 'testing' | |
build-script: 'build:testing' | |
sub-domain-suffix: 'storybook-testing' | |
secrets: inherit | |
# TODO: DSW-1151 - Move this into a reusable action so it's not duplicated | |
browser-tests-components: | |
needs: [ build-ubuntu-node-20, deploy-storybook ] | |
if: needs.check-change-type.outputs.web-components-change == 'true' || github.ref == 'refs/heads/main' | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout the Repo | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
fetch-depth: 0 | |
# Setup Repo | |
- name: Setup Repo | |
uses: ./.github/actions/setup-repo | |
with: | |
node-version: 20 | |
os: ubuntu-latest | |
# Setup Playwright | |
- name: Setup Playwright | |
uses: ./.github/actions/setup-playwright | |
# Run System / a11y Tests | |
- name: Run All System / Component / a11y Tests | |
uses: ./.github/actions/run-script | |
with: | |
script-name: "test:browsers:ci --filter='./packages/components/*'" | |
- name: Upload Playwright Report | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
if: always() | |
with: | |
name: lit-browsers-report | |
path: lit-browsers-report/ | |
retention-days: 7 | |
# Run Visual Tests | |
- name: Run All Visual Tests | |
uses: ./.github/actions/run-script | |
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
with: | |
script-name: "test:visual:ci --filter='{./packages/components/*}[HEAD^1]'" | |
concurrency: 1 | |
- name: Run Changed Package Visual Tests | |
uses: ./.github/actions/run-script | |
if: (github.event_name == 'pull_request' && github.event.pull_request.draft == false) && github.ref != 'refs/heads/main' | |
with: | |
script-name: "test:visual:ci --filter='{./packages/components/*}...[origin/main]'" | |
concurrency: 1 | |
- name: Upload Playwright Report | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
if: always() | |
with: | |
name: lit-visual-report | |
path: lit-visual-report/ | |
retention-days: 7 | |
env: | |
STORYBOOK_AMPLIFY_ID: d17ja0ul7nrdy0 | |
PR_NUMBER: ${{ github.event.number }} | |
deploy-docs: | |
needs: unit-tests | |
uses: ./.github/workflows/amplify-deploy.yml | |
if: needs.check-change-type.outputs.pie-docs-change == 'true' || github.ref == 'refs/heads/main' | |
with: | |
os: ubuntu-latest | |
node-version: 20 | |
amplify-app-id: dvskdcoepjoyf | |
package-name: 'pie-docs' | |
package-dist-directory: ./apps/pie-docs/dist | |
bucket-name-preview: 'pie-docs-preview' | |
bucket-name-main: 'pie-docs' | |
sub-domain-suffix: 'docs' | |
secrets: inherit | |
browser-tests-docs: | |
needs: deploy-docs | |
runs-on: ubuntu-latest | |
steps: | |
# Checkout the Repo | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
fetch-depth: 0 | |
# Setup Repo | |
- name: Setup Repo | |
uses: ./.github/actions/setup-repo | |
with: | |
node-version: 20 | |
os: ubuntu-latest | |
# Setup Playwright | |
- name: Setup Playwright | |
uses: ./.github/actions/setup-playwright | |
# Run System / a11y Tests | |
- name: Run All System / a11y Tests | |
uses: ./.github/actions/run-script | |
with: | |
script-name: "test:browsers:ci --filter=pie-docs" | |
- name: Upload Playwright Report | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
if: always() | |
with: | |
name: browsers-report | |
path: browsers-report/ | |
retention-days: 7 | |
# Run Visual Tests | |
- name: Run All Visual Tests | |
uses: ./.github/actions/run-script | |
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
with: | |
script-name: "test:visual:ci --filter=pie-docs[HEAD^1]" | |
concurrency: 1 | |
- name: Run Changed Package Visual Tests | |
uses: ./.github/actions/run-script | |
if: (github.event_name == 'pull_request' && github.event.pull_request.draft == false) && github.ref != 'refs/heads/main' | |
with: | |
script-name: "test:visual:ci --filter=pie-docs" | |
concurrency: 1 | |
- name: Upload Playwright Report | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
if: always() | |
with: | |
name: visual-report | |
path: visual-report/ | |
retention-days: 7 | |
env: | |
DOCS_AMPLIFY_ID: dvskdcoepjoyf | |
PR_NUMBER: ${{ github.event.number }} | |
release: | |
needs: [ 'unit-tests', 'lint-js' ] | |
if: github.event_name != 'pull_request' | |
uses: ./.github/workflows/changeset-release.yml | |
with: | |
os: ubuntu-latest | |
node-version: 20 | |
secrets: inherit | |
check-all-jobs: | |
if: always() | |
needs: | |
- lint-styles | |
- lint-js | |
- build-ubuntu-node-18 | |
- build-windows-node-20 | |
- build-ubuntu-node-20 | |
- unit-tests | |
- browser-tests-components | |
- deploy-docs | |
- deploy-storybook | |
- browser-tests-docs | |
runs-on: ubuntu-latest | |
steps: | |
- name: Verify if the required jobs succeeded | |
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2 | |
with: | |
# "allowed-skips" lists jobs that are optional but should not fail | |
allowed-skips: browser-tests-components, deploy-docs, deploy-storybook, browser-tests-docs | |
jobs: ${{ toJSON(needs) }} |