156 build performance improvement pnpm or bun #274
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Node.js CI | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| env: | |
| MAX_HIGH: 0 | |
| MAX_CRITICAL: 0 | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| # These versions match Upsun support | |
| # Node.js: https://docs.upsun.com/languages/nodejs.html#supported-versions | |
| node-version: [18.x, 20.x] | |
| # Python: https://docs.upsun.com/languages/python.html#supported-versions | |
| python-version: ['3.8', '3.9', '3.10', '3.11', '3.12'] | |
| steps: | |
| ################################################################################################ | |
| # A. Setup workflow. | |
| - name: "1. Retrieve local files." | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: "2. Set up Node.js." | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: "3. Python." | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| cache: 'pip' | |
| ################################################################################################ | |
| # B. Prettify, lint, and test repo. | |
| - name: "4. Preparing" | |
| run: | | |
| echo "::notice::Running react-scripts tests." | |
| export CI=true | |
| npm install cross-env bun -g | |
| bun install | |
| - name: "5. Verifying backend code is pretty" | |
| run: | | |
| bun run prettier:backend | |
| - name: "6. Verifying frontend code is pretty" | |
| run: | | |
| bun run prettier:frontend | |
| - name: "7. Linting frontend" | |
| run: bun run lint:frontend | |
| - name: "8. Run Frontend tests" | |
| run: bun run test:frontend | |
| - name: "9. Run Backend linting" | |
| run: | | |
| bun run lint:backend | |
| ################################################################################################ | |
| # C. Ensure no vulnerabilities. | |
| - name: "10. Test: there should be no Python vulnerabilities." | |
| run: | | |
| echo "::notice::Checking for vulnerabilities in backend Python app dependencies." | |
| bun run test:backend | |
| - name: "11. Test: there should be no HIGH Node.js vulnerabilities." | |
| run: | | |
| echo "::notice::Checking for high vulnerabilities in frontend Node.js app dependencies." | |
| cd frontend | |
| export CI=true | |
| HIGH_VULN_ALLOWED=${{ env.MAX_HIGH }} | |
| HIGH_VULN=$(npm audit --json | jq '.metadata.vulnerabilities.high') | |
| if [ "$HIGH_VULN" -gt "$HIGH_VULN_ALLOWED" ]; then | |
| echo "::error::NPM HIGH vulnerabilities exceed allowed budget." | |
| npm audit | |
| exit 1 | |
| else | |
| echo "::notice::No HIGH vulnerabilities found on frontend app." | |
| fi | |
| - name: "12. Test: there should be no CRITICAL Node.js vulnerabilities." | |
| run: | | |
| echo "::notice::Checking for critical vulnerabilities in frontend Node.js app dependencies." | |
| cd frontend | |
| export CI=true | |
| CRITICAL_VULN_ALLOWED=${{ env.MAX_CRITICAL }} | |
| CRITICAL_VULN=$(npm audit --json | jq '.metadata.vulnerabilities.high') | |
| if [ "$CRITICAL_VULN" -gt "$CRITICAL_VULN_ALLOWED" ]; then | |
| echo "::error::NPM CRITICAL vulnerabilities exceed allowed budget." | |
| npm audit | |
| exit 1 | |
| else | |
| echo "::notice::No CRITICAL vulnerabilities found on frontend app." | |
| fi |