Voorkom Gala DDOS met standaard groepentab list ipv pasfoto's #2060
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [master] | |
pull_request: | |
branches: [master] | |
workflow_dispatch: | |
jobs: | |
build: | |
name: Build JavaScript | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Enable Corepack | |
run: corepack enable | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: '20.x' | |
cache: yarn | |
- uses: actions/cache/restore@v4 | |
name: Restore build dependencies cache | |
with: | |
path: .yarn/.cache/webpack | |
key: build-${{ hashFiles('**/webpack.config.js') }}-${{ hashFiles('**/yarn.lock') }} | |
restore-keys: |- | |
build-${{ hashFiles('**/webpack.config.js') }}-${{ hashFiles('**/yarn.lock') }} | |
build-${{ hashFiles('**/webpack.config.js') }}- | |
- name: Yarn install | |
run: yarn install --immutable | |
- name: 🔧 Run yarn build | |
run: yarn run production | |
- name: 📤 Upload dist | |
uses: actions/upload-artifact@v3 | |
with: | |
name: js | |
path: htdocs/dist | |
- uses: actions/cache/save@v4 | |
name: Save build dependencies cache | |
with: | |
path: .yarn/.cache/webpack | |
key: build-${{ hashFiles('**/webpack.config.js') }}-${{ hashFiles('**/yarn.lock') }} | |
restore-keys: |- | |
build-${{ hashFiles('**/webpack.config.js') }}-${{ hashFiles('**/yarn.lock') }} | |
build-${{ hashFiles('**/webpack.config.js') }}- | |
test: | |
name: Voer tests uit | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: 💤 Shutdown Ubuntu MySQL (SUDO) | |
run: sudo service mysql stop # Shutdown the Default MySQL, "sudo" is necessary, please not remove it | |
- uses: getong/mariadb-action@v1.1 | |
with: | |
mariadb version: '10.3' | |
mysql root password: '' | |
- uses: actions/checkout@v3 | |
- name: 🗃 Cache Composer packages | |
id: composer-cache | |
uses: actions/cache@v3 | |
with: | |
path: vendor | |
key: ${{ runner.os }}-composer-dev-${{ hashFiles('**/composer.lock', '**/composer.json') }} | |
restore-keys: | | |
${{ runner.os }}-composer-dev- | |
- name: 🗃 Cache phpunit installatie | |
id: phpunit-cache | |
uses: actions/cache@v3 | |
with: | |
path: bin/.phpunit | |
key: ${{ runner.os }}-phpunit-dev-${{ hashFiles('**/composer.lock', '**/composer.json') }} | |
restore-keys: | | |
${{ runner.os }}-phpunit-dev- | |
- name: Setup PHP | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: 8.2 | |
tools: composer:v2 | |
extensions: pdo_mysql | |
- name: Install Composer packages | |
if: steps.composer-cache.outputs.cache-hit != 'true' | |
run: composer install | |
- name: 📥 Download JS | |
uses: actions/download-artifact@v3 | |
with: | |
name: js | |
path: htdocs/dist | |
- name: 💽 Setup database | |
run: | | |
php bin/console doctrine:database:create -n | |
php bin/console doctrine:migrations:migrate -n | |
php bin/console doctrine:fixtures:load -n | |
- name: Valideer schema | |
run: php bin/console doctrine:schema:validate | |
- name: Dump schema SQL fouten | |
if: ${{ failure() }} | |
run: php bin/console doctrine:schema:update --dump-sql | |
- name: 🧪 Run PhpUnit | |
env: | |
PANTHER_CHROME_ARGUMENTS: '--disable-dev-shm-usage --window-size=1400,1024 --force-prefers-reduced-motion' | |
PANTHER_CHROME_DRIVER_BINARY: '/usr/bin/chromedriver' | |
PANTHER_NO_SANDBOX: '1' | |
run: php bin/phpunit | |
- name: 📤 Upload screenshot van fout | |
if: ${{ failure() }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: screenshot | |
path: screenshot | |
deploy: | |
name: Push naar productie | |
runs-on: ubuntu-latest | |
needs: build | |
# Deze workflow gebruikt een geheime token: PRODUCTIE_KEY en kan niet van een fork gerund worden. | |
if: github.repository == 'csrdelft/csrdelft.nl' && github.ref == 'refs/heads/master' | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: true | |
path: main | |
- name: 🗃 Cache Composer packages | |
id: composer-cache | |
uses: actions/cache@v3 | |
with: | |
path: main/vendor | |
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock', '**/composer.json') }} | |
restore-keys: | | |
${{ runner.os }}-composer- | |
- name: Setup PHP | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: 8.2 | |
tools: composer:v2 | |
extensions: pdo_mysql | |
- name: Install Composer packages | |
working-directory: main | |
if: steps.composer-cache.outputs.cache-hit != 'true' | |
run: composer install --no-dev --optimize-autoloader | |
- name: 📥 Pull productie | |
uses: actions/checkout@v3 | |
with: | |
path: productie | |
repository: csrdelft/productie | |
token: ${{ secrets.PRODUCTIE_KEY }} | |
- name: Prepareer productie repo | |
working-directory: productie | |
run: | | |
rm -r * | |
rsync --archive --exclude-from=../main/bin/ci/rsync-exclude.txt ../main/ ./ | |
mv bin/ci/.gitignore.prod .gitignore | |
- name: 📥 Download JS | |
uses: actions/download-artifact@v3 | |
with: | |
name: js | |
path: productie/htdocs/dist | |
- name: 📩 Push naar productie | |
if: github.ref == 'refs/heads/master' # dubbel check | |
working-directory: productie | |
run: | | |
git config user.name "PubCie" | |
git config user.email "pubcie@csrdelft.nl" | |
git add -A | |
git diff-index --quiet HEAD || git commit -m "Stek deploy $GITHUB_RUN_NUMBER van csrdelft/csrdelft.nl@$GITHUB_SHA" | |
git push --force --quiet --set-upstream origin master | |
translation: | |
name: Controleer vertalingen | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: 🗃 Cache Composer packages | |
id: composer-cache | |
uses: actions/cache@v3 | |
with: | |
path: vendor | |
key: ${{ runner.os }}-composer-dev-${{ hashFiles('**/composer.lock', '**/composer.json') }} | |
restore-keys: | | |
${{ runner.os }}-composer-dev- | |
- name: Setup PHP | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: 8.2 | |
tools: composer:v2 | |
extensions: pdo_mysql | |
- name: Install Composer packages | |
if: steps.composer-cache.outputs.cache-hit != 'true' | |
run: php -v && composer install | |
- name: Check translations | |
run: | | |
php bin/console translation:extract en --force --domain=messages | |
git diff --exit-code |