name: "pull-request" on: workflow_call: inputs: dry-run-flag: description: 'enable dry-run on artifact push' required: false type: boolean default: true devel: description: 'devel' required: false type: boolean default: false cron-run: description: 'disables jobs which should not run when cron runs e2es' required: false type: boolean default: false pull_request: types: [opened, synchronize, reopened] branches: - develop - master - develop-patch* - master-patch* concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true env: BASE_REF: ${{ github.base_ref }} HEAD_REF: ${{ github.head_ref }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} GITHUB_BRANCH: ${{ github.ref_name }} GH_BUILD_DIR: ${{ github.workspace }} GH_COMMIT: ${{ github.sha }} BUILD_ID: ${{ github.run_id }} GH_RUN_NUMBER: ${{ github.run_attempt }} GH_BUILD_NUMBER: ${{ github.run_id }} JOB_ID: ${{ github.run_id }} PROXY_HOST_BPM: ${{ secrets.E2E_HOST }} E2E_IDENTITY_HOST_APA: ${{ secrets.E2E_IDENTITY_HOST_APA }} E2E_HOST_APA: ${{ secrets.E2E_HOST_APA }} E2E_HOST: ${{ secrets.E2E_HOST }} E2E_USERNAME: ${{ secrets.E2E_ADMIN_EMAIL_IDENTITY }} E2E_PASSWORD: ${{ secrets.E2E_PASSWORD }} E2E_ADMIN_EMAIL_IDENTITY: ${{ secrets.E2E_ADMIN_EMAIL_IDENTITY }} E2E_ADMIN_PASSWORD_IDENTITY: ${{ secrets.E2E_ADMIN_PASSWORD_IDENTITY }} USERNAME_ADF: ${{ secrets.E2E_ADMIN_EMAIL_IDENTITY }} PASSWORD_ADF: ${{ secrets.E2E_PASSWORD }} URL_HOST_ADF: "http://localhost:4200" IDENTITY_ADMIN_EMAIL: ${{ secrets.E2E_ADMIN_EMAIL_IDENTITY }} IDENTITY_ADMIN_PASSWORD: ${{ secrets.E2E_ADMIN_PASSWORD_IDENTITY }} AWS_S3_BUCKET_ACTIVITI_LICENSE: ${{ secrets.AWS_S3_BUCKET_ACTIVITI_LICENSE }} HOST_SSO: ${{ secrets.HOST_SSO }} LOG_LEVEL: "ERROR" E2E_LOG_LEVEL: "ERROR" E2E_MODELER_USERNAME: ${{ secrets.E2E_MODELER_USERNAME }} E2E_MODELER_PASSWORD: ${{ secrets.E2E_MODELER_PASSWORD }} EXTERNAL_ACS_HOST: ${{ secrets.EXTERNAL_ACS_HOST }} E2E_DEVOPS_USERNAME: ${{ secrets.E2E_DEVOPS_USERNAME }} E2E_DEVOPS_PASSWORD: ${{ secrets.E2E_DEVOPS_PASSWORD }} USERNAME_SUPER_ADMIN_ADF: ${{ secrets.USERNAME_SUPER_ADMIN_ADF }} PASSWORD_SUPER_ADMIN_ADF: ${{ secrets.PASSWORD_SUPER_ADMIN_ADF }} HR_USER: ${{ secrets.HR_USER }} HR_USER_PASSWORD: ${{ secrets.HR_USER_PASSWORD }} SMART_RUNNER_PATH: ".protractor-smartrunner" S3_DBP_PATH: ${{ secrets.S3_DBP_PATH }} S3_BUILD_BUCKET_SHORT_NAME: ${{ secrets.S3_BUILD_BUCKET_SHORT_NAME }} NODE_OPTIONS: "--max-old-space-size=5120" DOCKER_REPOSITORY_DOMAIN: ${{ secrets.DOCKER_REPOSITORY_DOMAIN }} DOCKER_REPOSITORY_USER: ${{ secrets.DOCKER_REPOSITORY_USER }} DOCKER_REPOSITORY_PASSWORD: ${{ secrets.DOCKER_REPOSITORY_PASSWORD }} DOCKER_REPOSITORY_STORYBOOK: "${{ secrets.DOCKER_REPOSITORY_DOMAIN }}/alfresco/storybook" DOCKER_REPOSITORY: "${{ secrets.DOCKER_REPOSITORY_DOMAIN }}/alfresco/demo-shell" REPO_OWNER: "Alfresco" REPO_NAME: "alfresco-ng2-components" DEMO_SHELL_DIR: "./dist/demo-shell" STORYBOOK_DIR: "./dist/storybook/stories" BUILT_LIBS_DIR: "./dist/libs" NODE_MODULES_DIR: "./node_modules" SMART_RUNNER_DIRECTORY: ".protractor-smartrunner" SAVE_SCREENSHOT: true REDIRECT_URI: / BROWSER_RUN: false MAXINSTANCES: 2 PLAYWRIGHT_WORKERS: 2 PLAYWRIGHT_STORYBOOK_E2E_HOST: http://localhost PLAYWRIGHT_STORYBOOK_E2E_PORT: 4400 PROXY_HOST_ECM: ${{ secrets.E2E_HOST }} jobs: pre-checks: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Ensure SHA pinned actions uses: zgosalvez/github-actions-ensure-sha-pinned-actions@b88cd0aad2c36a63e42c71f81cb1958fed95ac87 # v3.0.10 - name: Check package-lock.json version run: | if [[ $(jq '.lockfileVersion == 3' package-lock.json) == "true" ]] ; then echo "package-lock.json has a correct version" else echo "package-lock must be version 3" exit 1 fi check-if-pr-is-approved: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 - name: Get branch name uses: Alfresco/alfresco-build-tools/.github/actions/get-branch-name@a288b9efdaa50413573b2e130896d906478b8e50 # v5.31.0 - name: Save commit message uses: Alfresco/alfresco-build-tools/.github/actions/get-commit-message@a288b9efdaa50413573b2e130896d906478b8e50 # v5.31.0 - name: ci:force flag parser shell: bash run: | if [ "${{ github.event_name }}" == "schedule" ] || [ "${{ github.actor }}" == "dependabot[bot]" ]; then echo -e "\033[32mci:force check can be skipped\033[0m" skip_check="true" elif [[ "$COMMIT_MESSAGE" == *"[ci:force]"* ]]; then echo -e "\033[32m[ci:force] flag detected. No need for approval.\033[0m" skip_check="true" fi - name: Get PR number if: ${{ github.event_name != 'schedule' && github.event_name != 'workflow_dispatch' }} uses: kamatama41/get-pr-number-action@0bcaab5752c0b699149e74667c8ce2f764cbb7fa # v0.9.1 id: action with: github_token: ${{ secrets.GITHUB_TOKEN }} - name: show pr number shell: bash run: | echo "PR: ${{ steps.action.outputs.number }}" - name: check if pr is approved env: DEVEL_FLAG: ${{ inputs.devel }} GH_TOKEN: ${{ github.token }} skip_check: "false" run: | if [ "${{ github.event_name }}" == "schedule" ] || [ "${{ github.actor }}" == "dependabot[bot]" ]; then echo -e "\033[32mci:force check can be skipped\033[0m" skip_check="true" elif [[ "$COMMIT_MESSAGE" == *"[ci:force]"* ]]; then echo -e "\033[32m[ci:force] flag detected. No need for approval.\033[0m" skip_check="true" fi if [ "${{ github.actor }}" == "dependabot[bot]" ] || [ "${{ github.actor }}" == "alfresco-build" ]; then echo -e "\033[32mCommit by ${{ github.actor }}. No need for approval.\033[0m" skip_check="true" fi if [ "${{ github.event_name }}" == "schedule" ] || [ "${{ github.event_name }}" == "workflow_dispatch" ]; then echo -e "\033[32mSchedule event\033[0m" skip_check="true" fi if [[ "$DEVEL_FLAG" == "true" ]]; then echo -e "\033[32mDevel flag\033[0m" skip_check="true" fi if [ "$skip_check" == "false" ]; then echo "Checking PR approval" prNumber=${{ steps.action.outputs.number }} echo "PR: $prNumber" checkApproval=$(gh api /repos/$GITHUB_REPOSITORY/pulls/$prNumber/reviews | jq '.[] | select(.state == "APPROVED") | .user.login') if [[ $checkApproval ]]; then echo -e "\033[32mPR approved\033[0m" else echo -e "\033[31mPR NOT approved\033[0m" exit 1 fi fi setup: # long timeout required when cache has to be recreated timeout-minutes: 30 name: "Setup" runs-on: ubuntu-latest needs: [check-if-pr-is-approved, pre-checks] steps: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 # Fetch all history for all tags and branches - uses: ./.github/actions/setup - name: install run: | npm ci npx nx run js-api:bundle npx nx run cli:bundle npx nx run testing:bundle - run: npx nx print-affected $NX_CALCULATION_FLAGS - uses: ./.github/actions/upload-node-modules-and-artifacts unit-tests: timeout-minutes: 30 name: "Unit tests: ${{ matrix.unit-tests.name }}" runs-on: ubuntu-latest needs: [setup] strategy: fail-fast: false # max-parallel: 4 matrix: unit-tests: - name: js-api exclude: "core,insights,content-services,process-services,process-services-cloud,eslint-plugin-eslint-angular" - name: content-services exclude: "insights,core,extensions,process-services,process-services-cloud,eslint-plugin-eslint-angular,js-api" - name: core exclude: "insights,content-services,process-services,process-services-cloud,eslint-plugin-eslint-angular,js-api" - name: insights exclude: "core,extensions,content-services,process-services-cloud,process-services,eslint-plugin-eslint-angular,js-api" - name: process-services exclude: "core,extensions,content-services,process-services-cloud,insights,eslint-plugin-eslint-angular,js-api" - name: process-cloud exclude: "insights,core,extensions,content-services,process-services,eslint-plugin-eslint-angular,js-api" steps: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 # Fetch all history for all tags and branches - uses: ./.github/actions/setup - uses: ./.github/actions/download-node-modules-and-artifacts - name: Run unit tests run: | /usr/bin/xvfb-run --auto-servernum npx nx affected:test $NX_CALCULATION_FLAGS --exclude=${{ matrix.unit-tests.exclude }} lint: # long timeout required when cache has to be recreated timeout-minutes: 30 name: "Lint" runs-on: ubuntu-latest needs: [setup] steps: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 # Fetch all history for all tags and branches - uses: ./.github/actions/setup - uses: ./.github/actions/download-node-modules-and-artifacts - run: npx nx affected --target=lint $NX_CALCULATION_FLAGS build-libs: # long timeout required when cache has to be recreated timeout-minutes: 30 name: "Build libs" runs-on: ubuntu-latest needs: [setup] steps: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 # Fetch all history for all tags and branches - uses: ./.github/actions/setup - uses: ./.github/actions/download-node-modules-and-artifacts - run: npx nx affected:build $NX_CALCULATION_FLAGS --prod - run: npx nx build demoshell --configuration production - run: npx nx affected --target=build-storybook $NX_CALCULATION_FLAGS --configuration=ci --parallel=1 - uses: ./.github/actions/upload-node-modules-and-artifacts e2e-storybook: timeout-minutes: 20 name: "e2e: storybook" needs: [build-libs, lint, unit-tests] runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 # Fetch all history for all - uses: ./.github/actions/setup - uses: ./.github/actions/download-node-modules-and-artifacts - name: Process Cloud Storybook Playwright run: | npx playwright install chromium sudo sysctl -w fs.inotify.max_user_watches=524288 npx nx affected --target=e2e-playwright $NX_CALCULATION_FLAGS || exit 1 - uses: ./.github/actions/upload-node-modules-and-artifacts e2e: timeout-minutes: 90 name: "e2e: ${{ matrix.e2e-test.description }}" needs: [build-libs, lint, unit-tests] runs-on: ubuntu-latest strategy: fail-fast: false # max-parallel: 4 matrix: e2e-test: - description: "Core" test-id: "core" artifact-id: "core" folder: "core" provider: "ALL" auth: "OAUTH" check-cs-env: "true" check-ps-env: "true" deps: "testing" - description: "Content: Components" test-id: "content-services" artifact-id: "content-services-components" folder: "content-services/components" provider: "ECM" auth: "BASIC" check-cs-env: "true" deps: "testing" - description: "Content: Directives" test-id: "content-services" artifact-id: "content-services-directives" folder: "content-services/directives" provider: "ECM" auth: "BASIC" check-cs-env: "true" deps: "testing" - description: "Content: Document List" test-id: "content-services" artifact-id: "content-services-document-list" folder: "content-services/document-list" provider: "ECM" auth: "BASIC" check-cs-env: "true" deps: "testing" - description: "Content: Metadata" test-id: "content-services" artifact-id: "content-services-metadata" folder: "content-services/metadata" provider: "ECM" auth: "BASIC" check-cs-env: "true" deps: "testing" - description: "Content: Upload and Versioning" test-id: "content-services" artifact-id: "content-services-upload" folder: "content-services/upload" provider: "ECM" auth: "BASIC" check-cs-env: "true" deps: "testing" - description: "Search" test-id: "content-services" artifact-id: "content-services-search" folder: "search" provider: "ECM" auth: "BASIC" check-cs-env: "true" deps: "testing" - description: "Process: Form" test-id: "process-services" artifact-id: "process-services-form" folder: "process-services/form" provider: "BPM" auth: "OAUTH" check-ps-env: "true" check-external-cs-env: "true" deps: "testing" - description: "Process: Process" test-id: "process-services" artifact-id: "process-services-process" folder: "process-services/process" provider: "BPM" auth: "OAUTH" check-ps-env: "true" check-external-cs-env: "true" deps: "testing" - description: "Process: Tasks" test-id: "process-services" artifact-id: "process-services-tasks" folder: "process-services/tasks" provider: "BPM" auth: "OAUTH" check-ps-env: "true" check-external-cs-env: "true" deps: "testing" - description: "Process: Widget" test-id: "process-services" artifact-id: "process-services-widgets" folder: "process-services/widgets" provider: "BPM" auth: "OAUTH" check-ps-env: "true" check-external-cs-env: "true" deps: "testing" - description: "Process Cloud: Form" test-id: "process-services-cloud" artifact-id: "process-services-cloud-form-field" folder: "process-services-cloud/form-field" provider: "ALL" auth: "OAUTH" apa-proxy: true check-cs-env: "true" check-ps-cloud-env: "true" deps: "testing" - description: "Process Cloud: Process" test-id: "process-services-cloud" artifact-id: "process-services-cloud-process" folder: "process-services-cloud/process" provider: "ALL" auth: "OAUTH" apa-proxy: true check-cs-env: "true" check-ps-cloud-env: "true" deps: "testing" - description: "Process Cloud: Start Task" test-id: "process-services-cloud" artifact-id: "process-services-cloud-start-task" folder: "process-services-cloud/start-task" provider: "ALL" auth: "OAUTH" apa-proxy: true check-cs-env: "true" check-ps-cloud-env: "true" deps: "testing" - description: "Process Cloud: Tasks List" test-id: "process-services-cloud" artifact-id: "process-services-cloud-task-list" folder: "process-services-cloud/task-list" provider: "ALL" auth: "OAUTH" apa-proxy: true check-cs-env: "true" check-ps-cloud-env: "true" deps: "testing" steps: - name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 # Fetch all history for all - uses: ./.github/actions/setup with: enable-cache: "true" enable-node-modules-cache: "true" - uses: ./.github/actions/download-node-modules-and-artifacts - name: e2e uses: ./.github/actions/e2e with: e2e-test-id: ${{ matrix.e2e-test.test-id }} e2e-test-folder: ${{ matrix.e2e-test.folder }} e2e-artifact-id: ${{matrix.e2e-test.artifact-id}} e2e-test-provider: ${{ matrix.e2e-test.provider }} e2e-test-auth: ${{ matrix.e2e-test.auth }} check-cs-env: ${{ matrix.e2e-test.check-cs-env }} check-ps-env: ${{ matrix.e2e-test.check-ps-env }} check-ps-cloud-env: ${{ matrix.e2e-test.check-ps-cloud-env }} check-external-cs-env: ${{ matrix.e2e-test.check-external-cs-env }} apa-proxy: ${{ matrix.e2e-test.apa-proxy }} deps: ${{ matrix.e2e-test.deps }} PR-forbidden-labels: if: ${{ inputs.cron-run == '' || inputs.cron-run == 'false' }} runs-on: ubuntu-latest steps: - id: checkoutRepo name: Checkout repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 1 - name: PR contains forbidden labels id: pr-forbidden uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 with: script: | const issueHasLabels = require('./scripts/github/update/check-issue-has-label.js'); const checkLabels = ['next version ➡️', 'do not merge🙅🏻‍♂️']; const hasLabel = await issueHasLabels({github, context, checkLabels}) if(hasLabel) { core.setFailed('The PR contains a forbidden label! You are not allowed to merge until the label is there.'); } - name: Check value after run: | echo "result ${{ toJson(steps.pr-forbidden.*.result) }}" && echo "result ${{ steps.pr-forbidden.*.result }}" echo "result ${{ contains(toJson(steps.pr-forbidden.*.result), 'failure') }}" finalize: if: ${{ always() }} runs-on: ubuntu-latest name: Final Results needs: [check-if-pr-is-approved, pre-checks, setup, unit-tests, lint, build-libs, e2e, e2e-storybook] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: identify-slack-group id: groups if: ${{ github.event_name == 'schedule' }} uses: ./.github/actions/slack-group-area with: affected: ${{ steps.e2e-result.outputs.result }} - uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 name: Nofify QA failure if: ${{ github.event_name == 'schedule' && contains(needs.*.result, 'failure') }} env: SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} with: channel-id: 'C016SMNNL8L' #guild-channel slack-message: "🔴 Warning: The daily ADF cronjob failed\nWorkflow run : \nDetails: ${{ steps.e2e-result.outputs.result }}\nArea: ${{ steps.groups.outputs.groups}}" - name: workflow failure run: exit 1 if: ${{ contains(needs.*.result, 'failure') }} - name: workflow canceled run: exit 1 if: ${{ contains(needs.*.result, 'cancelled') }} - name: workflow success run: exit 0 if: ${{ contains(needs.*.result, 'success') }}