Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 43 additions & 20 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ on:
- 'website/**'
- 'frameworks.json'
- 'config.json'
workflow_run: # zizmor: ignore[dangerous-triggers] internal pipeline step, only runs for main-branch runs of our own trusted workflow
workflow_run: # zizmor: ignore[dangerous-triggers] internal pipeline step, only runs for main-branch runs
workflows: ["🔄 Transform Results"]
types: [completed]
branches: [main]
Expand Down Expand Up @@ -48,23 +48,23 @@ jobs:
with:
node-version: '22'
cache: 'npm'

- name: Setup Python
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6
with:
python-version: '3.9'
cache: 'pip'
cache-dependency-path: scripts/requirements.txt

- name: Install dependencies and setup project
run: |
pip install -r scripts/requirements.txt
npm ci
python scripts/setup/main.py --skip-build

- name: Verify setup
run: python scripts/verify/check.py

- name: Cache setup for build jobs
uses: actions/cache/save@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6
with:
Expand All @@ -75,7 +75,7 @@ jobs:
apps/*/static
assets
key: setup-cache-${{ github.sha }}

- name: Determine frameworks to build
id: matrix
env:
Expand Down Expand Up @@ -112,11 +112,17 @@ jobs:
python-version: '3.9'
cache: 'pip'
cache-dependency-path: scripts/requirements.txt

- name: Install Python dependencies
run: pip install -r scripts/requirements.txt


- name: Setup Node.js
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: '22'

- name: Restore setup cache
id: setup-cache
uses: actions/cache/restore@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6
with:
path: |
Expand All @@ -126,8 +132,14 @@ jobs:
apps/*/static
assets
key: setup-cache-${{ github.sha }}
fail-on-cache-miss: true


# workflow_run runs get a read-only cache token, so rebuild on a miss
- name: Prepare environment (cache miss)
if: steps.setup-cache.outputs.cache-hit != 'true'
run: |
npm ci
python scripts/setup/main.py --skip-build

- name: Build ${{ matrix.framework }}
id: build-run
env:
Expand Down Expand Up @@ -171,7 +183,7 @@ jobs:

badge_url="https://img.shields.io/badge/Build-${status}-${color}?logo=rocket&logoColor=fff&labelColor=${label_color}"
curl -o "build-${FRAMEWORK}.svg" "$badge_url"

- name: Upload badge
if: always()
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
Expand All @@ -197,11 +209,17 @@ jobs:
python-version: '3.9'
cache: 'pip'
cache-dependency-path: scripts/requirements.txt

- name: Install Python dependencies
run: pip install -r scripts/requirements.txt


- name: Setup Node.js
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
with:
node-version: '22'

- name: Restore setup cache
id: setup-cache
uses: actions/cache/restore@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6
with:
path: |
Expand All @@ -211,13 +229,18 @@ jobs:
apps/*/static
assets
key: setup-cache-${{ github.sha }}
fail-on-cache-miss: true


- name: Prepare environment (cache miss)
if: steps.setup-cache.outputs.cache-hit != 'true'
run: |
npm ci
python scripts/setup/main.py --skip-build

- name: Build all frameworks and generate website
run: |
echo "Building all frameworks for comparison website..."
npm run build -- --static-site
npm run build -- --static-site

- name: Upload website artifacts
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
with:
Expand Down Expand Up @@ -285,7 +308,7 @@ jobs:

# Commit only if there are changes
git add -A

if git diff --staged --quiet; then
echo "ℹ️ No website changes to deploy"
else
Expand Down Expand Up @@ -329,10 +352,10 @@ jobs:
git fetch origin badges:badges 2>/dev/null || git checkout --orphan badges
git checkout badges 2>/dev/null || true
git pull origin badges 2>/dev/null || true

# Copy badges and commit
cp badges/*.svg . 2>/dev/null || echo "⚠️ No badge files found"

if git add ./*.svg && git diff --staged --quiet; then
echo "ℹ️ No badge changes to commit"
else
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -165,10 +165,10 @@ jobs:
persist-credentials: false

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4

- name: Build production image
uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7
uses: docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a # v7
with:
context: .
target: production
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,18 +29,18 @@ jobs:
persist-credentials: false

- name: 🐳 Set up Docker Buildx
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4
uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4

- name: 🔐 Login to Container Registry
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4
uses: docker/login-action@c99871dec2022cc055c062a10cc1a1310835ceb4 # v4
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: 🏷️ Extract Metadata
id: meta
uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6
uses: docker/metadata-action@dc802804100637a589fabce1cb79ff13a1411302 # v6
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
Expand All @@ -52,7 +52,7 @@ jobs:
type=raw,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/v') }}

- name: 🔨 Build and Push Docker Image
uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7
uses: docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a # v7
with:
context: .
target: production
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -312,7 +312,7 @@ jobs:
- name: Checkout with bot token
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
token: ${{ secrets.BOT_TOKEN }}
token: ${{ secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }}
fetch-depth: 0
persist-credentials: false

Expand All @@ -325,7 +325,7 @@ jobs:

- name: Commit badges
env:
TOKEN: ${{ secrets.BOT_TOKEN }}
TOKEN: ${{ secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }}
REPO: ${{ github.repository }}
run: |
git config user.name 'liss-bot'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -150,7 +150,7 @@ jobs:
previous_tag: ${{ steps.prev.outputs.tag }}
fail_on_unmatched_files: true
files: release-assets/*
token: ${{ secrets.BOT_TOKEN != '' && secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }}
token: ${{ secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }}

- name: 📋 Job summary
if: always()
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/tag.yml
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,7 @@ jobs:
if: env.IS_MANUAL == 'true' || steps.check_pr.outputs.needs_tag == 'true'
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7
with:
ref: ${{ github.event.pull_request.merge_commit_sha || github.ref }}
ref: ${{ github.event.pull_request.base.ref || github.ref }}
fetch-depth: 0
persist-credentials: false

Expand All @@ -143,7 +143,7 @@ jobs:
- name: 👤 Configure git identity and remote
if: env.IS_MANUAL == 'true' || steps.check_pr.outputs.needs_tag == 'true'
env:
TOKEN: ${{ secrets.BOT_TOKEN != '' && secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }}
TOKEN: ${{ secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }}
REPO: ${{ github.repository }}
run: |
set -euo pipefail
Expand Down
Loading