chore(deps): bump sass-loader from 16.0.7 to 16.0.8 #2173
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Deploy Preview" | |
| on: | |
| pull_request_target: | |
| branches: [main] | |
| permissions: {} | |
| concurrency: | |
| group: deploy-preview-${{ github.event.number }} | |
| cancel-in-progress: true | |
| jobs: | |
| precheck: | |
| if: ${{ github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' }} | |
| name: Precheck | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| outputs: | |
| is-org-member-result: ${{ steps.is-org-member.outputs.is-org-member-result }} | |
| steps: | |
| - name: Check if actor is org member | |
| id: is-org-member | |
| run: | | |
| if [ "$ACTOR" = "dependabot[bot]" ]; then | |
| echo "is-org-member-result=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| status=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer $GH_TOKEN" \ | |
| "https://api.github.com/orgs/PaloAltoNetworks/members/${ACTOR}") | |
| if [ "$status" = "204" ]; then | |
| echo "is-org-member-result=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "is-org-member-result=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| env: | |
| GH_TOKEN: ${{ secrets.PAT }} | |
| ACTOR: ${{ github.actor }} | |
| analyze: | |
| if: github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && needs.precheck.outputs.is-org-member-result == 'true' | |
| name: Analyze | |
| needs: precheck | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| language: ["javascript"] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| persist-credentials: false | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 | |
| with: | |
| languages: ${{ matrix.language }} | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 | |
| analyze_unsafe: | |
| if: github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && needs.precheck.outputs.is-org-member-result == 'false' | |
| name: Analyze Unsafe | |
| needs: precheck | |
| runs-on: ubuntu-latest | |
| environment: default | |
| permissions: | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| language: ["javascript"] | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| persist-credentials: false | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 | |
| with: | |
| languages: ${{ matrix.language }} | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 | |
| build: | |
| name: Build | |
| needs: [analyze, analyze_unsafe] | |
| if: | | |
| github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && | |
| !failure() && !cancelled() && | |
| (success('analyze') || success('analyze_unsafe')) | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| persist-credentials: false | |
| - name: Setup node | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 | |
| with: | |
| node-version: "22" | |
| - name: Restore yarn cache | |
| uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: | | |
| node_modules | |
| */*/node_modules | |
| key: ${{ runner.os }}-${{ hashFiles('**/yarn.lock') }} | |
| - name: Install dependencies | |
| run: yarn --frozen-lockfile --prefer-offline --ignore-scripts | |
| - name: Build packages | |
| run: yarn build-packages | |
| - name: Build site | |
| run: yarn build-demo && zip -r build.zip demo/build | |
| - name: Check for tampered config | |
| run: git diff --exit-code -- firebase.json .firebaserc package.json yarn.lock 'demo/docusaurus.config.*' 'scripts/**' '.github/**' | |
| - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| with: | |
| name: build | |
| path: build.zip | |
| deploy: | |
| name: Deploy | |
| needs: build | |
| if: ${{ github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && !failure() && !cancelled() }} | |
| runs-on: ubuntu-latest | |
| environment: preview | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| checks: write | |
| id-token: write | |
| outputs: | |
| preview_url: ${{ steps.deploy_preview.outputs.details_url }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Setup node | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 | |
| with: | |
| node-version: "22" | |
| - name: Authenticate to Google Cloud | |
| id: auth | |
| uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0 | |
| with: | |
| workload_identity_provider: ${{ secrets.WIF_PROVIDER }} | |
| service_account: ${{ secrets.WIF_SERVICE_ACCOUNT }} | |
| export_environment_variables: false | |
| - name: Read GCP credentials | |
| id: creds | |
| run: | | |
| echo "::add-mask::$CREDS_FILE" | |
| echo "::add-mask::$GCP_PROJECT_NUMBER" | |
| creds=$(cat "$CREDS_FILE") | |
| echo "::add-mask::$creds" | |
| echo "sa_key=$creds" >> "$GITHUB_OUTPUT" | |
| env: | |
| CREDS_FILE: ${{ steps.auth.outputs.credentials_file_path }} | |
| GCP_PROJECT_NUMBER: ${{ secrets.GCP_PROJECT_NUMBER }} | |
| - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 | |
| with: | |
| name: build | |
| - name: Unzip build artifact | |
| run: unzip -n build.zip 'demo/build/*' | |
| - name: Deploy to Firebase | |
| id: deploy_preview | |
| uses: FirebaseExtended/action-hosting-deploy@e2eda2e106cfa35cdbcf4ac9ddaf6c4756df2c8c # v0.10.0 | |
| with: | |
| repoToken: "${{ secrets.GITHUB_TOKEN }}" | |
| firebaseServiceAccount: "${{ steps.creds.outputs.sa_key }}" | |
| projectId: ${{ secrets.FIREBASE_PROJECT_ID }} | |
| expires: 7d | |
| channelId: "pr${{ github.event.number }}" | |
| totalPreviewChannelLimit: 25 | |
| env: | |
| FIREBASE_CLI_PREVIEWS: hostingchannels | |
| FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true | |
| visual_diff: | |
| name: Visual Diff | |
| needs: deploy | |
| if: ${{ github.repository == 'PaloAltoNetworks/docusaurus-openapi-docs' && !failure() && !cancelled() }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| persist-credentials: false | |
| - name: Setup node | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 | |
| with: | |
| node-version: "22" | |
| - name: Restore yarn cache | |
| uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: | | |
| node_modules | |
| */*/node_modules | |
| key: ${{ runner.os }}-${{ hashFiles('**/yarn.lock') }} | |
| - name: Install dependencies | |
| run: yarn --frozen-lockfile --prefer-offline --ignore-scripts | |
| - name: Install Playwright | |
| run: npx playwright install --with-deps chromium | |
| - name: Get production sitemap hash | |
| id: sitemap-hash | |
| run: | | |
| hash=$(curl -fsSL https://docusaurus-openapi.tryingpan.dev/sitemap.xml | sha256sum | cut -d' ' -f1) | |
| echo "hash=$hash" >> "$GITHUB_OUTPUT" | |
| - name: Restore cached production screenshots | |
| uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 | |
| with: | |
| path: visual_diffs/prod | |
| # The capture script's content is part of the cache key so changes to | |
| # capture behavior (settle waits, scrollbar handling, etc.) bust the | |
| # cache automatically. Without this, cached prod screenshots taken | |
| # under an older algorithm would be compared against fresh previews | |
| # taken under a newer one, producing asymmetric phantom diffs. | |
| key: prod-screenshots-${{ hashFiles('scripts/sitemap-visual-diff.ts') }}-${{ steps.sitemap-hash.outputs.hash }} | |
| - name: Run visual diff | |
| run: yarn ts-node scripts/sitemap-visual-diff.ts --preview-url "$PREVIEW_URL" --summary-file visual_diffs/results.json --concurrency 4 --paths "/tests/" | |
| env: | |
| PREVIEW_URL: ${{ needs.deploy.outputs.preview_url }} | |
| - name: Generate report and summary | |
| run: yarn ts-node scripts/generate-visual-diff-report.ts visual_diffs/results.json visual_diffs/index.html | |
| - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 | |
| if: always() | |
| with: | |
| name: visual_diffs | |
| path: visual_diffs |