fix: use correct matcher in middleware.ts
#1690
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Security Notes | |
| # Only selected Actions are allowed within this repository. Please refer to (https://github.com/nodejs/nodejs.org/settings/actions) | |
| # for the full list of available actions. If you want to add a new one, please reach out a maintainer with Admin permissions. | |
| # REVIEWERS, please always double-check security practices before merging a PR that contains Workflow changes!! | |
| # AUTHORS, please only use actions with explicit SHA references, and avoid using `@master` or `@main` references or `@version` tags. | |
| name: Pull Request Checks | |
| on: | |
| pull_request: | |
| merge_group: | |
| defaults: | |
| run: | |
| # This ensures that the working directory is the root of the repository | |
| working-directory: ./ | |
| permissions: | |
| contents: read | |
| actions: read | |
| jobs: | |
| base: | |
| name: Base Tasks | |
| runs-on: ubuntu-latest | |
| outputs: | |
| fetch_depth: ${{ steps.calculate_current_commits.outputs.fetch_depth }} | |
| turbo_args: ${{ steps.turborepo_arguments.outputs.turbo_args }} | |
| steps: | |
| - name: Calculate Commits to Checkout | |
| id: calculate_current_commits | |
| # This calculates the amount of commits we should fetch during our shallow clone | |
| # This calculates the amount of commits this PR produced diverged from the base branch + 1 | |
| # Which should include the "merge" commit reference | |
| # In other words, the GitHub Action will always have the full history of the current PR | |
| # We need all the commits of the PR so that `turbo --filter` works correctly | |
| run: | | |
| if [ "${{ github.event_name }}" == "pull_request" ]; then | |
| echo "fetch_depth=$(( ${{ github.event.pull_request.commits }} + 1 ))" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "fetch_depth=1" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Provide Turborepo Arguments | |
| id: turborepo_arguments | |
| # `--filter` flag allows us to tell TurboRepo to only run a said command if there were any changes found in a given --filter range | |
| # It verifies if any change was done to any of the including `glob` patterns described for a said command on `turbo.json` | |
| # By default in this Workflow we use the `...[$TURBO_REF_FILTER]` as a value to the filter flag which tells Turborepo to look changes | |
| # between the latest base branch commit and all the commits of this PR; That's why we use the `pull_request.base.sha` as a ref to the last | |
| # commit on the base branch that this pull_request refers to. | |
| # We also set the Turborepo Cache to the `.turbo` folder | |
| # See https://turbo.build/repo/docs/reference/command-line-reference/run#--filter | |
| # See https://turbo.build/repo/docs/reference/command-line-reference/run#--cache-dir | |
| # See https://turbo.build/repo/docs/reference/command-line-reference/run#--force | |
| run: | | |
| if [ "${{ github.event_name }}" == "pull_request" ]; then | |
| echo "turbo_args=--filter=\"[HEAD~${{ github.event.pull_request.commits }}...HEAD]\" --cache-dir=.turbo/cache" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "turbo_args=--cache-dir=.turbo/cache" >> "$GITHUB_OUTPUT" | |
| fi | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| needs: [base] | |
| steps: | |
| - name: Git Checkout | |
| uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 | |
| with: | |
| # Here we apply the Environment Variable created above on the "Calculate Commits to Checkout" | |
| fetch-depth: ${{ needs.base.outputs.fetch_depth }} | |
| - name: Restore Lint Cache | |
| uses: actions/cache/restore@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 | |
| with: | |
| path: | | |
| .turbo/cache | |
| node_modules/.cache | |
| # We want to restore Turborepo Cache and ESlint and Prettier Cache | |
| key: cache-lint-${{ hashFiles('package-lock.json') }}- | |
| restore-keys: | | |
| cache-lint-${{ hashFiles('package-lock.json') }}- | |
| cache-lint- | |
| - name: Set up Node.js | |
| uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 | |
| with: | |
| # We want to ensure that the Node.js version running here respects our supported versions | |
| node-version-file: '.nvmrc' | |
| cache: 'npm' | |
| - name: Install NPM packages | |
| # We want to avoid NPM from running the Audit Step and Funding messages on a CI environment | |
| # We also use `npm i` instead of `npm ci` so that the node_modules/.cache folder doesn't get deleted | |
| run: npm i --no-audit --no-fund --ignore-scripts --userconfig=/dev/null | |
| - name: Run `turbo lint` | |
| # We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user | |
| # the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job | |
| run: npx --package=turbo@latest -- turbo lint ${{ needs.base.outputs.turbo_args }} | |
| - name: Run `turbo prettier` | |
| # We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user | |
| # the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job | |
| run: npx --package=turbo@latest -- turbo prettier ${{ needs.base.outputs.turbo_args }} | |
| - name: Save Lint Cache | |
| # We don't need to upload a Lint Cache for Dependabot PRs and also when the GitHub Event is not a Pull Request | |
| # i.e. if the Event is a Merge Queue Event | |
| if: startsWith(github.event.pull_request.head.ref, 'dependabot/') == false && github.event_name == 'pull_request' | |
| uses: actions/cache/save@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 | |
| with: | |
| path: | | |
| .turbo/cache | |
| node_modules/.cache | |
| key: cache-lint-${{ hashFiles('package-lock.json') }}-${{ hashFiles('.turbo/cache/**') }} | |
| tests: | |
| name: Tests | |
| runs-on: ubuntu-latest | |
| needs: [base] | |
| steps: | |
| - name: Git Checkout | |
| uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 | |
| with: | |
| # Here we apply the Environment Variable created above on the "Calculate Commits to Checkout" | |
| fetch-depth: ${{ needs.base.outputs.fetch_depth }} | |
| - name: Restore Tests Cache | |
| uses: actions/cache/restore@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 | |
| with: | |
| path: | | |
| .turbo/cache | |
| node_modules/.cache | |
| # We want to restore Turborepo Cache and Storybook Cache | |
| key: cache-tests-${{ hashFiles('package-lock.json') }}- | |
| restore-keys: | | |
| cache-tests-${{ hashFiles('package-lock.json') }}- | |
| cache-tests- | |
| - name: Set up Node.js | |
| uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 | |
| with: | |
| # We want to ensure that the Node.js version running here respects our supported versions | |
| node-version-file: '.nvmrc' | |
| cache: 'npm' | |
| - name: Install NPM packages | |
| # We want to avoid NPM from running the Audit Step and Funding messages on a CI environment | |
| # We also use `npm i` instead of `npm ci` so that the node_modules/.cache folder doesn't get deleted | |
| run: npm i --no-audit --no-fund --userconfig=/dev/null | |
| - name: Run Unit Tests | |
| # We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user | |
| # the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job | |
| run: npx --package=turbo@latest -- turbo test:unit ${{ needs.base.outputs.turbo_args }} -- --ci --coverage | |
| - name: Upload Coverage Report | |
| id: upload_coverage_report | |
| # We don't need coverage report for Dependabot PRs and also when the GitHub Event is not a Pull Request | |
| # i.e. if the Event is a Merge Queue Event | |
| if: startsWith(github.event.pull_request.head.ref, 'dependabot/') == false && github.event_name == 'pull_request' | |
| # We upload the Coverage Report so it can be used on another Workflow | |
| uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce | |
| with: | |
| name: coverage-report | |
| path: | | |
| coverage/ | |
| junit.xml | |
| - name: Build Storybook | |
| # This prevents this step from running if "Upload Coverage Report" got cancelled; Which gets cancelled if | |
| # the curruent branch comes from Dependabot or the Event is not a Pull Request (i.e. Merge Queue Event) | |
| if: steps.upload_coverage_report.outcome == 'success' | |
| # We Build Storybook Locally and then upload it so it can be used on another Workflow | |
| # We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user | |
| # the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job | |
| run: npx --package=turbo@latest -- turbo storybook:build ${{ needs.base.outputs.turbo_args }} | |
| - name: Upload Storybook Build | |
| # This prevents this step from running if "Build Storybook" got cancelled; Which gets cancelled if | |
| # the curruent branch comes from Dependabot or the Event is not a Pull Request (i.e. Merge Queue Event) | |
| if: steps.upload_coverage_report.outcome == 'success' | |
| # We upload the Storybook Build so it can be used on another Workflow | |
| uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce | |
| with: | |
| name: storybook-build | |
| path: storybook-static | |
| - name: Save Tests Cache | |
| # This prevents this step from running if "Upload Storybook Build" got cancelled; Which gets cancelled if | |
| # the curruent branch comes from Dependabot or the Event is not a Pull Request (i.e. Merge Queue Event) | |
| if: steps.upload_coverage_report.outcome == 'success' | |
| uses: actions/cache/save@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 | |
| with: | |
| path: | | |
| .turbo/cache | |
| node_modules/.cache | |
| key: cache-tests-${{ hashFiles('package-lock.json') }}-${{ hashFiles('.turbo/cache/**') }} |