Skip to content

Test and Build

Test and Build #1000

name: Test and Build
on:
push:
branches:
- main
tags:
- 'v*.*.*'
pull_request:
workflow_dispatch:
schedule:
- cron: "0 0 * * *"
jobs:
test-and-build:
name: Test and Build
strategy:
matrix:
# https://github.com/actions/virtual-environments#available-environments
os: [ubuntu-latest, windows-2019, macos-latest]
fail-fast: false
# The type of runner that the job will run on
runs-on: ${{ matrix.os }}
env:
SEGMENT_KEY: ${{ secrets.SEGMENT_KEY_PROD }}
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Install Deps Ubuntu
if: ${{ runner.os == 'Linux' }}
run: sudo apt-get update -y && sudo apt-get -y install libkrb5-dev libsecret-1-dev net-tools libstdc++6 gnome-keyring
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup Node.js Environment
uses: actions/setup-node@v3
with:
# Version Spec of the version to use. Examples: 12.x, 10.15.1, >=10.15.0
node-version: 16.x
- name: Run node-gyp bug workaround script
run: |
curl -sSfLO https://raw.githubusercontent.com/mongodb-js/compass/42e6142ae08be6fec944b80ff6289e6bcd11badf/.evergreen/node-gyp-bug-workaround.sh && bash node-gyp-bug-workaround.sh
- name: Install npm
run: npm install -g [email protected]
- name: Install Dependencies
shell: bash
run: |
npm ci --omit=optional
- name: Run Checks
run: npm run check
# the glob here just fails
if: ${{ runner.os != 'Windows' }}
shell: bash
- name: Run Tests
run: |
npm run test
shell: bash
- name: Prepare build for release
shell: bash
if: startsWith(github.ref, 'refs/tags/')
run: |
export "RELEASE_TAG=${GITHUB_REF#refs/*/}"
export "RELEASE_VERSION=${RELEASE_TAG:1}"
echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_ENV
echo "RELEASE_VERSION=${RELEASE_VERSION}" >> $GITHUB_ENV
echo "See full release notes at: https://github.com/mongodb-js/vscode/releases/tag/${RELEASE_TAG}" > CHANGELOG.md
npx json -I -f package.json -e "this.version='${RELEASE_VERSION}'"
npx json -I -f package-lock.json -e "this.version='${RELEASE_VERSION}'"
- name: Build .vsix
env:
NODE_OPTIONS: "--require ./scripts/no-npm-list-fail.js"
run: npx vsce package --githubBranch main
shell: bash
- name: Check .vsix filesize
run: npm run check-vsix-size
shell: bash
- name: Upload artifacts
uses: actions/upload-artifact@v2
with:
name: VSIX built on ${{ runner.os }}
path: "*.vsix"
- name: Run Snyk Test
if: runner.os == 'Linux'
shell: bash
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
run: |
npm run snyk-test > /dev/null 2>&1
- name: Create Jira Tickets
if: >
runner.os == 'Linux' &&
(
github.event_name == 'push' && github.ref == 'refs/heads/main' ||
github.event_name == 'workflow_dispatch' ||
github.event_name == 'schedule'
)
shell: bash
env:
JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
JIRA_BASE_URL: "https://jira.mongodb.org"
JIRA_PROJECT: "VSCODE"
JIRA_VULNERABILITY_BUILD_INFO: "- [GitHub Run|https://github.com/mongodb-js/vscode/actions/runs/${{github.run_id}}/jobs/${{github.job}}]"
run: |
npm run create-vulnerability-tickets > /dev/null
- name: Generate Vulnerability Report (Fail on >= High)
if: runner.os == 'Linux'
continue-on-error: ${{ github.event_name == 'pull_request' }}
shell: bash
run: |
# The standard output is suppressed since Github Actions logs are
# available for everyone with read access to the repo, which is everyone that is
# logged in for public repos.
# This command is only here to fail on failures for `main` and tags.
npm run generate-vulnerability-report > /dev/null
- name: Create Draft Release
run: |
echo Creating draft release for: "${RELEASE_TAG}"
gh release create "${RELEASE_TAG}" \
--title "v${RELEASE_VERSION}" \
--notes "Edit the release notes before publishing." \
--target main \
--draft \
*.vsix
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: ${{ startsWith(github.ref, 'refs/tags/') && runner.os == 'Linux' }}