Skip to content

[Snyk] Security upgrade express from 4.18.1 to 4.21.2 #45

[Snyk] Security upgrade express from 4.18.1 to 4.21.2

[Snyk] Security upgrade express from 4.18.1 to 4.21.2 #45

Workflow file for this run

name: Node.js Tests
# **What it does**: Runs our tests.
# **Why we have it**: We want our tests to pass before merging code.
# **Who does it impact**: Docs engineering, open-source engineering contributors.
on:
workflow_dispatch:
merge_group:
pull_request:
permissions:
contents: read
pull-requests: read
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: true
env:
# Setting this will activate the jest tests that depend on actually
# sending real search queries to Elasticsearch
ELASTICSEARCH_URL: http://localhost:9200/
# Hopefully the name is clear enough. By enabling this, we're testing
# the future code.
ENABLE_SEARCH_RESULTS_PAGE: true
jobs:
figureOutMatrix:
if: github.repository == 'github/docs-internal' || github.repository == 'github/docs'
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.result }}
steps:
- uses: actions/github-script@98814c53be79b1d30f795b907e553d8679345975
id: set-matrix
with:
script: |
// We only want to run the 'translations' suite when we know
// we're on the private docs-internal repo because only that
// one has ability to clone the remote (private) translations
// repos.
const all = [
'content',
'graphql',
'meta',
'rendering',
'routing',
'unit',
'linting',
'rendering-fixtures',
];
if (context.payload.repository.full_name === 'github/docs-internal') {
all.push('translations');
}
return all;
test:
needs: figureOutMatrix
# Run on ubuntu-20.04-xl if the private repo or ubuntu-latest if the public repo
# See pull # 17442 in the private repo for context
runs-on: ${{ fromJSON('["ubuntu-latest", "ubuntu-20.04-xl"]')[github.repository == 'github/docs-internal'] }}
timeout-minutes: 60
strategy:
fail-fast: false
matrix:
test-group: ${{ fromJSON(needs.figureOutMatrix.outputs.matrix) }}
steps:
- name: Install a local Elasticsearch for testing
# For the sake of saving time, only run this step if the test-group
# is one that will run tests against an Elasticsearch on localhost.
if: ${{ matrix.test-group == 'content' || matrix.test-group == 'translations' }}
uses: getong/elasticsearch-action@95b501ab0c83dee0aac7c39b7cea3723bef14954
with:
# Make sure this matches production and `sync-search-pr.yml`
elasticsearch version: '7.11.1'
host port: 9200
container port: 9200
host node port: 9300
node port: 9300
discovery type: 'single-node'
# Each of these ifs needs to be repeated at each step to make sure the required check still runs
# Even if if doesn't do anything
- name: Check out repo
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
- uses: ./.github/actions/node-npm-setup
- uses: ./.github/actions/get-docs-early-access
if: ${{ github.repository == 'github/docs-internal' }}
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
- name: Check the test fixture data (if applicable)
if: ${{ matrix.test-group == 'rendering-fixtures' }}
run: ./script/copy-fixture-data.js --check
# This keeps our fixture content/data in check
- name: Check the test fixture content (if applicable)
if: ${{ matrix.test-group == 'rendering-fixtures' }}
env:
ROOT: tests/fixtures
run: |
# If either of these fail, it means our fixture content's internal
# links can and should be updated.
./script/update-internal-links.js --dry-run --check --strict --verbose \
tests/fixtures/content \
--exclude tests/fixtures/content/get-started/foo/typo-autotitling.md
./script/update-internal-links.js --dry-run --check --strict --verbose \
tests/fixtures/data
- name: Clone all translations
if: ${{ matrix.test-group == 'translations' }}
uses: ./.github/actions/clone-translations
with:
token: ${{ secrets.DOCUBOT_REPO_PAT }}
- name: Gather files changed
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR: ${{ github.event.pull_request.number }}
HEAD: ${{ github.event.pull_request.head.ref || github.event.merge_group.head_ref }}
run: |
# Find the file diff in the pull request or merge group
# If its a pull request, use the faster call to the GitHub API
# For push, workflow_dispatch, and merge_group, use git diff
if [ -n "$PR" ]
then
echo __ running gh pr diff __
DIFF=`gh pr diff $PR --name-only`
elif [ -n "$HEAD" ]
then
echo __ running git fetch main __
git fetch origin main --depth 1
echo __ running git diff __
DIFF=`git diff --name-only origin/main`
else
echo __ no head, empty diff __
DIFF=''
fi
# So we can inspect the output
echo __ DIFF found __
echo $DIFF
# So that becomes a string like `foo.js path/bar.md`
# Must to do this because the list of files can be HUGE. Especially
# in a repo-sync when there are lots of translation files involved.
echo __ format, write to get_diff_files.txt __
echo $DIFF | tr '\n' ' ' > get_diff_files.txt
- name: Cache nextjs build
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
with:
path: .next/cache
key: ${{ runner.os }}-nextjs-${{ hashFiles('package*.json') }}
- name: Run build script
run: npm run build
- name: Index fixtures into the local Elasticsearch
# For the sake of saving time, only run this step if the test-group
# is one that will run tests against an Elasticsearch on localhost.
if: ${{ matrix.test-group == 'content' || matrix.test-group == 'translations' }}
run: npm run index-test-fixtures
- name: Run tests
env:
DIFF_FILE: get_diff_files.txt
CHANGELOG_CACHE_FILE_PATH: tests/fixtures/changelog-feed.json
# By default, when `process.env.NODE_ENV === 'test'` it forces the
# tests run only in English. The exception is the
# `tests/translations/` suite which needs all languages to be set up.
ENABLED_LANGUAGES: ${{ matrix.test-group == 'translations' && 'all' || '' }}
ROOT: ${{ matrix.test-group == 'rendering-fixtures' && 'tests/fixtures' || ''}}
run: npm test -- tests/${{ matrix.test-group }}/