|
1 | | -name: Analyze Bundle (Comment) |
| 1 | +name: Analyze Bundle |
2 | 2 |
|
3 | 3 | on: |
4 | | - workflow_run: |
5 | | - workflows: ['Analyze Bundle'] |
6 | | - types: |
7 | | - - completed |
| 4 | + pull_request: |
| 5 | + push: |
| 6 | + branches: |
| 7 | + - main # change this if your default branch is named differently |
| 8 | + workflow_dispatch: |
8 | 9 |
|
9 | 10 | permissions: |
10 | 11 | contents: read |
11 | 12 | issues: write |
12 | 13 | pull-requests: write |
13 | 14 |
|
14 | 15 | jobs: |
15 | | - comment: |
| 16 | + event_type: |
16 | 17 | runs-on: ubuntu-latest |
17 | 18 | steps: |
18 | | - - name: Download Event Type |
19 | | - uses: dawidd6/action-download-artifact@v3 |
| 19 | + - uses: actions/checkout@v3 |
| 20 | + |
| 21 | + - name: Save Event Type |
| 22 | + run: echo ${{ github.event_name }} > ./event_type |
| 23 | + |
| 24 | + - name: Upload Event Type |
| 25 | + uses: actions/upload-artifact@v4 |
20 | 26 | with: |
21 | | - workflow: analyze.yml |
22 | | - run_id: ${{ github.event.workflow_run.id }} |
| 27 | + path: ./event_type |
23 | 28 | name: event_type |
24 | | - path: event_type |
25 | 29 |
|
26 | | - - name: get type |
27 | | - id: get-type |
28 | | - run: | |
29 | | - event_type=$(cat event_type/event_type) |
30 | | - echo "event-type=$event_type" >> $GITHUB_OUTPUT |
| 30 | + analyze: |
| 31 | + runs-on: ubuntu-latest |
| 32 | + steps: |
| 33 | + - uses: actions/checkout@v4 |
| 34 | + |
| 35 | + - name: Set up node |
| 36 | + uses: actions/setup-node@v4 |
| 37 | + with: |
| 38 | + node-version: '20.x' |
| 39 | + cache: yarn |
| 40 | + cache-dependency-path: yarn.lock |
| 41 | + |
| 42 | + - name: Restore cached node_modules |
| 43 | + uses: actions/cache@v4 |
| 44 | + with: |
| 45 | + path: '**/node_modules' |
| 46 | + key: node_modules-${{ runner.arch }}-${{ runner.os }}-${{ hashFiles('yarn.lock') }} |
| 47 | + |
| 48 | + - name: Install deps |
| 49 | + run: yarn install --frozen-lockfile |
| 50 | + |
| 51 | + - name: Restore next build |
| 52 | + uses: actions/cache@v4 |
| 53 | + id: restore-build-cache |
| 54 | + env: |
| 55 | + cache-name: cache-next-build |
| 56 | + with: |
| 57 | + path: .next/cache |
| 58 | + # change this if you prefer a more strict cache |
| 59 | + key: ${{ runner.os }}-build-${{ env.cache-name }} |
| 60 | + |
| 61 | + - name: Build next.js app |
| 62 | + # change this if your site requires a custom build command |
| 63 | + run: ./node_modules/.bin/next build |
| 64 | + |
| 65 | + # Here's the first place where next-bundle-analysis' own script is used |
| 66 | + # This step pulls the raw bundle stats for the current bundle |
| 67 | + - name: Analyze bundle |
| 68 | + run: npx -p nextjs-bundle-analysis@0.5.0 report |
| 69 | + |
| 70 | + - name: Upload bundle |
| 71 | + uses: actions/upload-artifact@v4 |
| 72 | + with: |
| 73 | + path: .next/analyze/__bundle_analysis.json |
| 74 | + name: bundle_analysis.json |
31 | 75 |
|
32 | 76 | - name: Download base branch bundle stats |
33 | | - if: github.event.workflow_run.conclusion == 'success' && steps.get-type.outputs.event-type == 'pull_request' |
34 | 77 | uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e |
| 78 | + if: success() && github.event.number |
35 | 79 | with: |
36 | 80 | workflow: analyze.yml |
37 | | - run_id: ${{ github.event.workflow_run.id }} |
| 81 | + branch: ${{ github.event.pull_request.base.ref || 'main' }} |
| 82 | + name: bundle_analysis.json |
| 83 | + path: .next/analyze/base/bundle |
| 84 | + |
| 85 | + # And here's the second place - this runs after we have both the current and |
| 86 | + # base branch bundle stats, and will compare them to determine what changed. |
| 87 | + # There are two configurable arguments that come from package.json: |
| 88 | + # |
| 89 | + # - budget: optional, set a budget (bytes) against which size changes are measured |
| 90 | + # it's set to 350kb here by default, as informed by the following piece: |
| 91 | + # https://infrequently.org/2021/03/the-performance-inequality-gap/ |
| 92 | + # |
| 93 | + # - red-status-percentage: sets the percent size increase where you get a red |
| 94 | + # status indicator, defaults to 20% |
| 95 | + # |
| 96 | + # Either of these arguments can be changed or removed by editing the `nextBundleAnalysis` |
| 97 | + # entry in your package.json file. |
| 98 | + - name: Compare with base branch bundle |
| 99 | + if: success() |
| 100 | + run: ls -laR .next/analyze/base && npx -p nextjs-bundle-analysis compare |
| 101 | + |
| 102 | + - name: Upload analysis comment |
| 103 | + uses: actions/upload-artifact@v4 |
| 104 | + with: |
38 | 105 | name: analysis_comment.txt |
39 | | - path: analysis_comment.txt |
| 106 | + path: .next/analyze/__bundle_analysis_comment.txt |
40 | 107 |
|
41 | | - - name: Download PR number |
42 | | - if: github.event.workflow_run.conclusion == 'success' && steps.get-type.outputs.event-type == 'pull_request' |
43 | | - uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e |
| 108 | + number: |
| 109 | + runs-on: ubuntu-latest |
| 110 | + needs: analyze |
| 111 | + if: github.event_name == 'pull_request' |
| 112 | + steps: |
| 113 | + - uses: actions/checkout@v3 |
| 114 | + |
| 115 | + - name: Save PR number |
| 116 | + run: echo ${{ github.event.number }} > ./pr_number |
| 117 | + |
| 118 | + - name: Upload PR number |
| 119 | + uses: actions/upload-artifact@v4 |
44 | 120 | with: |
45 | | - workflow: analyze.yml |
46 | | - run_id: ${{ github.event.workflow_run.id }} |
47 | 121 | name: pr_number |
48 | | - path: pr_number |
49 | | - |
50 | | - - name: Get comment body |
51 | | - id: get-comment-body |
52 | | - if: success() && github.event.workflow_run.conclusion == 'success' && steps.get-type.outputs.event-type == 'pull_request' |
53 | | - run: | |
54 | | - echo 'body<<EOF' >> $GITHUB_OUTPUT |
55 | | - echo '' >> $GITHUB_OUTPUT |
56 | | - echo '## Size changes' >> $GITHUB_OUTPUT |
57 | | - echo '' >> $GITHUB_OUTPUT |
58 | | - echo '<details>' >> $GITHUB_OUTPUT |
59 | | - echo '' >> $GITHUB_OUTPUT |
60 | | - cat analysis_comment.txt/__bundle_analysis_comment.txt >> $GITHUB_OUTPUT |
61 | | - echo '' >> $GITHUB_OUTPUT |
62 | | - echo '</details>' >> $GITHUB_OUTPUT |
63 | | - echo '' >> $GITHUB_OUTPUT |
64 | | - echo 'EOF' >> $GITHUB_OUTPUT |
65 | | - pr_number=$(cat pr_number/pr_number) |
66 | | - echo "pr-number=$pr_number" >> $GITHUB_OUTPUT |
67 | | -
|
68 | | - - name: Comment |
69 | | - uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 |
70 | | - with: |
71 | | - header: next-bundle-analysis |
72 | | - number: ${{ steps.get-comment-body.outputs.pr-number }} |
73 | | - message: ${{ steps.get-comment-body.outputs.body }} |
| 122 | + path: ./pr_number |
| 123 | + |
| 124 | + # The actual commenting happens in the other action, matching the guidance in |
| 125 | + # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ |
0 commit comments