chore: npm-check-updates && yarn upgrade #96
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| pull_request: {} | |
| workflow_dispatch: {} | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| outputs: | |
| self_mutation_happened: ${{ steps.self_mutation.outputs.self_mutation_happened }} | |
| build_artifact: ${{ steps.artifact_upload_step.outputs.artifact-id }} | |
| env: | |
| CI: "true" | |
| PR_BUILD: "true" | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| - name: Install Lerna | |
| run: npm install -g lerna | |
| - name: Yarn Install | |
| run: |- | |
| set -euo pipefail | |
| yarn install --frozen-lockfile --network-timeout 1000000 | |
| - name: Git Secrets Scan | |
| run: /bin/bash ./git-secrets-scan.sh | |
| - name: Check Prerequisites | |
| run: /bin/bash ./scripts/check-build-prerequisites.sh | |
| - name: Check Yarn Lock Consistency | |
| run: node ./scripts/check-yarn-lock.js | |
| - name: Prepare Build | |
| run: /bin/bash scripts/generate-aggregate-tsconfig.sh > tsconfig.json | |
| - name: Build | |
| run: |- | |
| time npx lerna run build --no-bail --stream --no-progress --skip-nx-cache | |
| - name: Check API Compatibility | |
| run: /bin/bash scripts/check-api-compatibility.sh | |
| - name: Find Mutations | |
| id: self_mutation | |
| run: |- | |
| git add . | |
| git diff --staged --patch --exit-code > .repo.patch || echo "self_mutation_happened=true" >> $GITHUB_OUTPUT | |
| working-directory: ./ | |
| - name: Upload patch | |
| if: steps.self_mutation.outputs.self_mutation_happened | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: .repo.patch | |
| path: .repo.patch | |
| overwrite: true | |
| - name: Fail build on mutation | |
| if: steps.self_mutation.outputs.self_mutation_happened | |
| run: |- | |
| echo "::error::Files were changed during build (see build log). If this was triggered from a fork, you will need to update your branch." | |
| cat .repo.patch | |
| exit 1 | |
| - name: Bundle Build | |
| run: tar -cvf aws-cdk.tar . | |
| - name: Upload Build Artifact | |
| uses: actions/upload-artifact@v4 | |
| id: artifact_upload_step | |
| with: | |
| name: aws-cdk | |
| path: aws-cdk.tar | |
| retention-days: 5 | |
| rosetta: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get Build Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: aws-cdk | |
| # - name: Retrieve Rosetta Cache | |
| # run: |- | |
| # set -eu | |
| # cachedir=$HOME/.rosettacache | |
| # mkdir -p $cachedir | |
| # echo "🧳 Build cache enabled: ${rosetta_cache}" | |
| # if ! rosetta_cache | |
| - name: Run Rosetta | |
| run: |- | |
| tar -xf aws-cdk.tar | |
| set -eu | |
| ROSETTA=${ROSETTA:-npx jsii-rosetta} | |
| # rosetta_cache_file=$HOME/.buildcache/rosetta-cache.tabl.json | |
| #---------------------------------------------------------------------- | |
| echo "💎 Extracting code samples" >&2 | |
| time $ROSETTA extract --compile --verbose --compress-tablet # --cache ${rosetta_cache_file} | |
| # time $ROSETTA trim-cache ${rosetta_cache_file} | |
| test-aws-cdk-lib: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get Build Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: aws-cdk | |
| - name: Unpack Build Artifact | |
| run: tar -xf aws-cdk.tar | |
| - name: Run Tests | |
| run: |- | |
| cd packages/aws-cdk-lib | |
| yarn jest | |
| test-aws-cdk: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get Build Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: aws-cdk | |
| - name: Unpack Build Artifact | |
| run: tar -xf aws-cdk.tar | |
| - name: Run Tests | |
| run: |- | |
| cd packages/aws-cdk | |
| yarn jest | |
| self-mutation: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| if: always() && needs.build.outputs.self_mutation_happened && !(github.event.pull_request.head.repo.full_name != github.repository) | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.PROJEN_GITHUB_TOKEN }} | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| - name: Download patch | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: .repo.patch | |
| path: ${{ runner.temp }} | |
| - name: Apply patch | |
| run: '[ -s ${{ runner.temp }}/.repo.patch ] && git apply ${{ runner.temp }}/.repo.patch || echo "Empty patch. Skipping."' | |
| - name: Set git identity | |
| run: |- | |
| git config user.name "github-actions" | |
| git config user.email "[email protected]" | |
| - name: Push changes | |
| env: | |
| PULL_REQUEST_REF: ${{ github.event.pull_request.head.ref }} | |
| run: |- | |
| git add . | |
| git commit -s -m "chore: self mutation" | |
| git push origin HEAD:$PULL_REQUEST_REF |