fix container build after Element move to nginx templates (#194) #566
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
schedule: # we want to verify the tests still run even when element updates something | |
- cron: '0 5 * * 1-5' | |
jobs: | |
build-js: | |
name: Build Javascript | |
runs-on: ubuntu-latest | |
if: ${{ ! github.event_name == 'schedule' }} | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: 'package.json' | |
cache: 'yarn' | |
registry-url: 'https://registry.npmjs.org' | |
- name: yarn install | |
run: yarn install --frozen-lockfile | |
- name: prettier:check | |
run: yarn prettier:check | |
- name: depcheck | |
run: yarn depcheck | |
- name: lint | |
run: yarn lint | |
- name: type checking and declarations | |
run: yarn tsc | |
- name: test | |
run: yarn test:all | |
- name: build | |
run: yarn build | |
build-py: | |
name: Build Python | |
runs-on: ubuntu-latest | |
if: ${{ ! github.event_name == 'schedule' }} | |
timeout-minutes: 15 | |
defaults: | |
run: | |
working-directory: ./packages/synapse-guest-module/ | |
env: | |
DOCKER_IMAGE: ghcr.io/nordeck/synapse-guest-module | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.11' | |
- run: python -m pip install tox | |
- name: lint | |
run: tox -e check_codestyle | |
- name: type checking and declarations | |
run: tox -e check_types | |
- name: test | |
run: tox -e py | |
- name: Login to ghcr.io | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Generate Docker metadata | |
id: meta | |
uses: docker/metadata-action@v5 | |
env: | |
DOCKER_METADATA_PR_HEAD_SHA: true | |
with: | |
images: ${{ env.DOCKER_IMAGE }} | |
labels: | | |
org.opencontainers.image.title=Synapse Guest Module | |
org.opencontainers.image.description=A synapse module to restrict the actions of guests | |
org.opencontainers.image.vendor=Nordeck IT + Consulting GmbH | |
tags: | | |
type=sha,prefix= | |
- name: Docker build and push | |
uses: docker/build-push-action@v6 | |
id: dockerBuild | |
with: | |
push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' || github.event_name == 'pull_request' && secrets.GH_APP_OS_APP_ID != '' }} | |
context: packages/synapse-guest-module | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
platforms: linux/amd64,linux/arm64,linux/s390x | |
sbom: true | |
provenance: true | |
run-changesets: | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} | |
timeout-minutes: 5 | |
needs: | |
- build-js | |
- build-py | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
# required for changesets | |
fetch-depth: '0' | |
# don't persist the credentials so the changesets action doesn't use the | |
# github actions token but the git token provided via environment variable | |
persist-credentials: false | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: 'package.json' | |
cache: 'yarn' | |
registry-url: 'https://registry.npmjs.org' | |
- name: yarn install | |
run: yarn install --frozen-lockfile | |
- name: yarn build | |
run: yarn build | |
- name: Generate GitHub token | |
id: generate_token | |
uses: tibdex/github-app-token@3beb63f4bd073e61482598c45c71c1019b59b73a # @v2.1.0 | |
with: | |
app_id: ${{ secrets.GH_APP_OS_APP_ID }} | |
private_key: ${{ secrets.GH_APP_OS_PRIVATE_KEY }} | |
- name: Create Release Pull Request or Publish Packages | |
uses: changesets/action@aba318e9165b45b7948c60273e0b72fce0a64eb9 # @v1.4.7 | |
with: | |
version: yarn run version | |
publish: yarn release | |
env: | |
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} | |
NODE_AUTH_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }} | |
e2e: | |
name: Run e2e tests | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: 'package.json' | |
cache: 'yarn' | |
registry-url: 'https://registry.npmjs.org' | |
- name: yarn install | |
run: yarn install --frozen-lockfile | |
- name: build | |
run: yarn e2e:build | |
- name: Install Playwright Browsers | |
run: npx playwright install --with-deps chromium | |
- name: Run Playwright tests | |
working-directory: ./e2e/ | |
run: DEBUG=testcontainers:pull,testcontainers:build yarn playwright test --project=chromium | |
- uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: playwright-report-chromium | |
path: e2e/playwright-report/ | |
retention-days: 7 |