Updated workflow to have permissions on job level. #2
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | ||
| workflow_call: | ||
| env: | ||
| NODE_VERSION: 16.20.0 | ||
| PYTHON_VERSION: 3.11.4 | ||
| defaults: | ||
| run: | ||
| shell: bash | ||
| jobs: | ||
| build-and-test: | ||
| name: ${{ matrix.os }} | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| os: [windows-2019, ubuntu-latest, macos-11] | ||
| runs-on: ${{ matrix.os }} | ||
| timeout-minutes: 60 | ||
| steps: | ||
| # Checkout the code. | ||
| - name: checkout | ||
| uses: actions/checkout@v4 | ||
| # Setup Node | ||
| - name: Setup Node.js ${{ env.NODE_VERSION }} | ||
| uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: ${{ env.NODE_VERSION }} | ||
| # Setup Python | ||
| - name: Setup Python ${{ env.PYTHON_VERSION }} | ||
| uses: actions/setup-python@v4 | ||
| with: | ||
| python-version: ${{ env.PYTHON_VERSION }} | ||
| # Build the code. | ||
| - name: Build | ||
| # We set a timeout here as a fix for the timeout issues which sometimes occur when connecting the the npm repo. | ||
| run: | | ||
| yarn --skip-integrity-check --network-timeout 100000 | ||
| yarn build | ||
| # Execute the tests. | ||
| - name: Run Unit Tests | ||
| run: yarn test | ||
| env: | ||
| # The test result file name can be controlled using the following environment variable. | ||
| JEST_JUNIT_OUTPUT_NAME: unit-test-results-${{ runner.os }}.xml | ||
| # Upload Unit Test Results (The different files for the OSes will end up in the same artifact). | ||
| - name: Upload Unit Test Results | ||
| if: always() | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: unit-test-tesults | ||
| # Include the unit-test-results folders (which is in the root of the workspace). | ||
| path: unit-test-results | ||
| retention-days: 30 | ||
| # Run PlayWright tests, only on Linux container. | ||
| - name: Install Playwright Browsers | ||
| if: runner.os == 'Linux' | ||
| run: yarn --cwd ./e2e-tests/ playwright install --with-deps | ||
| - name: Run Playwright tests | ||
| if: runner.os == 'Linux' | ||
| uses: coactions/setup-xvfb@v1 | ||
| with: | ||
| run: yarn --cwd ./e2e-tests/ test | ||
| - name: Upload PlayWrite test report | ||
| if: always() && runner.os == 'Linux' | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: allure-results | ||
| path: e2e-tests/allure-results/ | ||
| retention-days: 30 | ||
| # Run lint only on Linux (since it only makes sense to run it once, and linux is the fastest). | ||
| - name: Lint | ||
| if: always() && runner.os == 'Linux' | ||
| run: yarn lint | ||
| # Publish a test report using the unit test result files published in the previous step (which was executed per OS). | ||
| publish-unit-test-report: | ||
| name: Publish Unit Test Report | ||
| needs: build-and-test | ||
| runs-on: ubuntu-latest | ||
| if: always() | ||
| steps: | ||
| # Download the test results artifacts. | ||
| - name: Download Unit Test Results | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: unit-test-tesults | ||
| path: unit-test-tesults | ||
| # Publish Test Results | ||
| - name: Publish Unit Test Results | ||
| uses: EnricoMi/publish-unit-test-result-action@v2 | ||
| with: | ||
| check_name: Unit Test Results | ||
| files: | | ||
| unit-test-tesults/**/*.xml | ||
| # Publish a test report using the playwright result files published in the previous step (execute in Linux only). | ||
| publish-playwright-test-report: | ||
| name: Publish PlayWright Test Report | ||
| needs: build-and-test | ||
| permissions: | ||
| pages: write # to deploy to Pages | ||
| id-token: write # to verify the deployment originates from an appropriate source | ||
| # Deploy to the github-pages environment | ||
| environment: | ||
| name: github-pages | ||
| url: ${{ steps.deployment.outputs.page_url }} | ||
| runs-on: ubuntu-latest | ||
| if: always() | ||
| steps: | ||
| # Download the test results artifacts. | ||
| - name: Download Test Results | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: allure-results | ||
| path: allure-results | ||
| # Get the gh-pages history, so the next report can be generated with history. | ||
| - name: Get History | ||
| uses: actions/checkout@v2 | ||
| continue-on-error: true | ||
| with: | ||
| ref: gh-pages | ||
| path: gh-pages | ||
| # Generate the Allure Report | ||
| - name: Generate Allure Report | ||
| uses: simple-elf/allure-report-action@master | ||
| with: | ||
| # Where to find the allure results. | ||
| allure_results: allure-results | ||
| # Where to publish the history. | ||
| allure_history: allure-history | ||
| keep_reports: 100 | ||
| # Subfolder in the destination. | ||
| subfolder: allure | ||
| # Where to find the gh-pages history. | ||
| gh_pages: gh-pages | ||
| - name: Setup Pages | ||
| uses: actions/configure-pages@v3 | ||
| - name: Deploy to GitHub Pages | ||
| id: deployment | ||
| uses: actions/deploy-pages@v2 | ||
| github_token: ${{ secrets.GITHUB_TOKEN }} | ||
| publish_dir: allure-history | ||
