chore: update flake.nix with GCP service account sa-notifier #350
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'CI' | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - canary | |
| - main | |
| jobs: | |
| build-audit-test: | |
| name: Build & Test all packages on ${{ matrix.os }}, Node ${{ matrix.node }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: true | |
| max-parallel: 1 | |
| matrix: | |
| os: [ubuntu-latest] | |
| # Test all packages using the following Node.js versions: | |
| # 1. Active LTS | |
| # 2. Current (i.e. the latest Node.js version available) | |
| # https://nodejs.org/en/about/releases/ | |
| # https://github.com/actions/setup-node?tab=readme-ov-file#supported-version-syntax | |
| node: ['lts/iron', 'current'] | |
| # It seems Cloud Build complains with HTTP 429 if I trigger too many builds | |
| # Quota exceeded for quota metric 'Build and Operation Get requests' | |
| steps: | |
| - name: ποΈ Check out repo | |
| uses: actions/checkout@v4 | |
| - name: βοΈ Set up Node.js ${{ matrix.node }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node }} | |
| - name: βοΈ Install dependencies | |
| run: npm ci | |
| - name: π‘οΈ Audit dependencies (audit-level high) | |
| # https://docs.npmjs.com/cli/v8/commands/npm-audit#audit-level | |
| run: npm audit --audit-level high | |
| - name: π‘οΈ Audit dependencies (audit-level moderate) | |
| continue-on-error: true | |
| run: npm audit --audit-level moderate | |
| - name: π¦ Build all libraries | |
| run: npm run build:libs | |
| - name: π Test @jackdbd/checks | |
| run: npm run test:ci -w packages/checks | |
| - name: π Test @jackdbd/cloud-scheduler-utils | |
| env: | |
| SA_NOTIFIER: ${{ secrets.SA_NOTIFIER }} | |
| run: npm run test:ci -w packages/cloud-scheduler-utils | |
| - name: π Test @jackdbd/cloud-tasks-utils | |
| run: npm run test:ci -w packages/cloud-tasks-utils | |
| - name: π Test @jackdbd/content-security-policy | |
| run: npm run test:ci -w packages/content-security-policy | |
| - name: π Test @jackdbd/firestore-utils | |
| env: | |
| SA_FIRESTORE_USER_TEST: ${{ secrets.SA_FIRESTORE_USER_TEST }} | |
| SA_FIRESTORE_VIEWER_TEST: ${{ secrets.SA_FIRESTORE_VIEWER_TEST }} | |
| run: npm run test:ci -w packages/firestore-utils | |
| - name: π Test @jackdbd/notifications | |
| env: | |
| TELEGRAM: ${{ secrets.TELEGRAM }} | |
| run: npm run test:ci -w packages/notifications | |
| - name: π Test @jackdbd/plausible-client | |
| env: | |
| PLAUSIBLE: ${{ secrets.PLAUSIBLE }} | |
| run: npm run test:ci -w packages/plausible-client | |
| - name: π Test @jackdbd/schemas | |
| run: npm run test:ci -w packages/schemas | |
| - name: π Test @jackdbd/secret-manager-utils | |
| env: | |
| SA_SECRET_MANAGER_ADMIN_TEST: ${{ secrets.SA_SECRET_MANAGER_ADMIN_TEST }} | |
| run: npm run test:ci -w packages/secret-manager-utils | |
| - name: π Test @jackdbd/send-telegram-message | |
| env: | |
| TELEGRAM: ${{ secrets.TELEGRAM }} | |
| run: npm run test:ci -w packages/send-telegram-message | |
| - name: π Test @jackdbd/sqlite-utils | |
| run: npm run test:ci -w packages/sqlite-utils | |
| - name: π Test @jackdbd/stripe-utils | |
| run: npm run test:ci -w packages/stripe-utils | |
| - name: π Test @jackdbd/tags-logger | |
| run: npm run test:ci -w packages/tags-logger | |
| - name: π Test @jackdbd/telegram-text-messages | |
| run: npm run test:ci -w packages/telegram-text-messages | |
| - name: π Test @jackdbd/utils | |
| run: npm run test:ci -w packages/utils | |
| - name: β¬οΈ Upload test coverage to Codecov | |
| # https://github.com/marketplace/actions/codecov | |
| uses: codecov/codecov-action@v3 | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| with: | |
| fail_ci_if_error: true | |
| verbose: true |