chore: setup nodesecure #51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
permissions: | |
actions: read | |
contents: read | |
env: | |
CI: true | |
DOTENV_PRIVATE_KEY_CI: ${{ secrets.DOTENV_PRIVATE_KEY_CI }} | |
POSTGRES_URL: postgres://dbuser:secret@localhost:5432 | |
POSTGRES_DB: cat_fostering_api_e2e | |
NX_CLOUD_DISTRIBUTED_EXECUTION: ${{ vars.NX_CLOUD_DISTRIBUTED_EXECUTION || 'true' }} | |
# ?NX_CI_EXECUTION_ID: 9682651267 | |
# E2E config | |
DEBUG:KRATOS_CLI: true | |
DEBUG:KETO_CLI: true | |
ORY_KRATOS_PUBLIC_URL: http://127.0.0.1:4433 | |
ORY_KETO_ADMIN_URL: http://127.0.0.1:4467 | |
ORY_KETO_PUBLIC_URL: http://127.0.0.1:4466 | |
API_HOST: 127.0.0.1 | |
API_PORT: 3000 | |
jobs: | |
main: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
# --require-explicit-completion because Nx agents might not receive tasks for more than 30 seconds when preparing the e2e test environment | |
# @see https://nx.dev/ci/troubleshooting/ci-execution-failed#the-nx-cloud-heartbeat-process-failed-to-report-its-status-in-time | |
- run: npx nx-cloud start-ci-run --distribute-on="3 linux-small-js" --require-explicit-completion --with-env-vars="DOTENV_PRIVATE_KEY_CI,POSTGRES_DB,POSTGRES_URL" | |
if: env.NX_CLOUD_DISTRIBUTED_EXECUTION == 'true' | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
cache: 'npm' | |
cache-dependency-path: | | |
**/package-lock.json | |
patches/*.patch | |
- run: npm ci | |
- uses: nrwl/nx-set-shas@v4 | |
with: | |
workflow-id: 'ci.yml' | |
- run: npx nx format:check | |
- run: npx nx affected -t lint test build | |
if: env.ACT != 'true' | |
- run: | | |
npm run ory:generate:kratos -- -e .env.ci | |
npm run ory:generate:keto -- -e .env.ci | |
- run: echo "DOCKER_API_TAG=$(echo $GITHUB_SHA | cut -c 1-6)" >> $GITHUB_ENV | |
- run: npx nx run cat-fostering-api:container --skip-nx-cache --no-agents --platforms=linux/amd64 --load=true --push=false --tags='ghcr.io/getlarge/cat-fostering/cat-fostering-api:${{ env.DOCKER_API_TAG }}' | |
# can't use --wait --wait-timeout N options since Keto and Kratos migrate containers will exit before the Keto and Kratos services are ready | |
- run: npx dotenvx run -- docker compose --profile ci -p cat-fostering up -d | |
env: | |
DOCKER_API_TAG: ${{ env.DOCKER_API_TAG }} | |
- run: sleep 10 | |
# Prepend any command with "nx-cloud record --" to record its logs to Nx Cloud | |
- run: | | |
npx nx-cloud record -- docker ps | |
npx nx-cloud record -- docker compose -p cat-fostering logs keto -n 500 | |
npx nx-cloud record -- docker compose -p cat-fostering logs kratos -n 500 | |
# to enable DTE for e2e tests splitting, use the following command instead and set stop-agents-after="e2e-ci" | |
# - name: Run distributed e2e tests | |
# run: | | |
# npm run pg:create:connection -- -e .env.ci | |
# docker compose -p cat-fostering restart api | |
# npx nx affected -t e2e-ci | |
# if: env.NX_CLOUD_DISTRIBUTED_EXECUTION == 'true' | |
- run: npx nx-cloud complete-ci-run | |
if: always() && env.NX_CLOUD_DISTRIBUTED_EXECUTION != 'false' | |
- name: Run e2e tests | |
run: npx nx affected -t e2e --no-agents | |
# if: ${{ env.NX_CLOUD_DISTRIBUTED_EXECUTION == 'false' }} | |
- if: failure() | |
run: | | |
npx nx-cloud record -- docker compose -p cat-fostering logs api -n 200 | |
npx nx-cloud record -- docker compose -p cat-fostering logs kratos -n 200 |