chore(deps): bump actions/cache from 3.4.3 to 5.0.4 #2037
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Deploy Preview" | |
| on: | |
| pull_request_target: | |
| branches: [main] | |
| jobs: | |
| precheck: | |
| if: ${{ github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' }} | |
| name: Precheck | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| outputs: | |
| is-org-member-result: ${{ steps.is-org-member.outputs.is-org-member-result }} | |
| steps: | |
| - name: Check if actor is org member | |
| id: is-org-member | |
| run: | | |
| if [ "${{ github.actor }}" = "dependabot[bot]" ]; then | |
| echo "is-org-member-result=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| status=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer $GH_TOKEN" \ | |
| https://api.github.com/orgs/PaloAltoNetworks/members/${{ github.actor }}) | |
| if [ "$status" = "204" ]; then | |
| echo "is-org-member-result=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "is-org-member-result=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| env: | |
| GH_TOKEN: ${{ secrets.PAT }} | |
| analyze: | |
| if: github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && needs.precheck.outputs.is-org-member-result == 'true' | |
| name: Analyze | |
| needs: precheck | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| language: ["javascript"] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3 | |
| with: | |
| languages: ${{ matrix.language }} | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3 | |
| analyze_unsafe: | |
| if: github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && needs.precheck.outputs.is-org-member-result == 'false' | |
| name: Analyze Unsafe | |
| needs: precheck | |
| runs-on: ubuntu-latest | |
| environment: default | |
| permissions: | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| language: ["javascript"] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3 | |
| with: | |
| languages: ${{ matrix.language }} | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3 | |
| build: | |
| name: Build | |
| needs: [analyze, analyze_unsafe] | |
| if: | | |
| github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && | |
| !failure() && !cancelled() && | |
| (success('analyze') || success('analyze_unsafe')) | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Setup node | |
| uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4 | |
| with: | |
| node-version: "22" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn --frozen-lockfile --prefer-offline --ignore-scripts | |
| - name: Build packages | |
| run: yarn build-packages | |
| - name: Build site | |
| run: yarn build-demo && zip -r build.zip demo/build | |
| - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 | |
| with: | |
| name: build | |
| path: build.zip | |
| deploy: | |
| name: Deploy | |
| needs: build | |
| if: ${{ github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && !failure() && !cancelled() }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| checks: write | |
| id-token: write | |
| outputs: | |
| preview_url: ${{ steps.deploy_preview.outputs.details_url }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| - name: Setup node | |
| uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4 | |
| with: | |
| node-version: "22" | |
| cache: "yarn" | |
| - name: Authenticate to Google Cloud | |
| id: auth | |
| uses: google-github-actions/auth@b7593ed2efd1c1617e1b0254da33b86225adb2a5 | |
| with: | |
| workload_identity_provider: ${{ secrets.WIF_PROVIDER }} | |
| service_account: ${{ secrets.WIF_SERVICE_ACCOUNT }} | |
| - name: Read GCP credentials | |
| id: creds | |
| run: | | |
| creds=$(cat "${{ steps.auth.outputs.credentials_file_path }}") | |
| echo "::add-mask::$creds" | |
| echo "sa_key=$creds" >> "$GITHUB_OUTPUT" | |
| - uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4 | |
| with: | |
| name: build | |
| - name: Unzip build artifact | |
| run: unzip build.zip | |
| - name: Deploy to Firebase | |
| id: deploy_preview | |
| uses: FirebaseExtended/action-hosting-deploy@e2eda2e106cfa35cdbcf4ac9ddaf6c4756df2c8c # v0.10.0 | |
| with: | |
| repoToken: "${{ secrets.GITHUB_TOKEN }}" | |
| firebaseServiceAccount: "${{ steps.creds.outputs.sa_key }}" | |
| projectId: pandev | |
| expires: 7d | |
| channelId: "pr${{ github.event.number }}" | |
| totalPreviewChannelLimit: 25 | |
| env: | |
| FIREBASE_CLI_PREVIEWS: hostingchannels | |
| visual_diff: | |
| name: Visual Diff | |
| needs: deploy | |
| if: ${{ github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && !failure() && !cancelled() }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Setup node | |
| uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4 | |
| with: | |
| node-version: "22" | |
| cache: "yarn" | |
| - name: Install dependencies | |
| run: yarn --frozen-lockfile --prefer-offline --ignore-scripts | |
| - name: Install Playwright | |
| run: npx playwright install --with-deps chromium | |
| - name: Get production sitemap hash | |
| id: sitemap-hash | |
| run: | | |
| hash=$(curl -fsSL https://docusaurus-openapi.tryingpan.dev/sitemap.xml | sha256sum | cut -d' ' -f1) | |
| echo "hash=$hash" >> "$GITHUB_OUTPUT" | |
| - name: Restore cached production screenshots | |
| uses: actions/cache@v5.0.4 | |
| with: | |
| path: visual_diffs/prod | |
| key: prod-screenshots-${{ steps.sitemap-hash.outputs.hash }} | |
| restore-keys: | | |
| prod-screenshots- | |
| - name: Run visual diff | |
| run: yarn ts-node scripts/sitemap-visual-diff.ts --preview-url ${{ needs.deploy.outputs.preview_url }} --summary-file visual_diffs/results.json --concurrency 4 --paths "/tests/" | |
| - name: Generate report and summary | |
| run: yarn ts-node scripts/generate-visual-diff-report.ts visual_diffs/results.json visual_diffs/index.html | |
| - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 | |
| if: always() | |
| with: | |
| name: visual_diffs | |
| path: visual_diffs |