ignore more errors #50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| env: | |
| CONTAINER_REGISTRY_URL: ${{ vars.CONTAINER_REGISTRY_URL }} | |
| APP_NAME: ${{ vars.APP_NAME }} | |
| jobs: | |
| # ============================================ | |
| # JOB 1: Build - generates artifacts once | |
| # ============================================ | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| - name: Use Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| cache: 'pnpm' | |
| - name: Install datagouv-components dependencies | |
| working-directory: ./datagouv-components | |
| run: pnpm install | |
| - name: Build datagouv-components CSS | |
| working-directory: ./datagouv-components | |
| run: pnpm run css | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: Build application | |
| run: NUXT_APP_COMMIT_ID=$(git rev-parse --short HEAD) pnpm run build | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build-output | |
| path: .output | |
| retention-days: 1 | |
| if-no-files-found: error | |
| include-hidden-files: true | |
| # ============================================ | |
| # JOB 2: Quality - lint + typecheck (runs in parallel with build) | |
| # ============================================ | |
| quality: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| - name: Use Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| cache: 'pnpm' | |
| - name: Install cdata dependencies | |
| run: pnpm install | |
| - name: Run lint | |
| run: pnpm run lint | |
| - name: Run typecheck | |
| run: pnpm run typecheck | |
| - name: Install datagouv-components dependencies | |
| working-directory: ./datagouv-components | |
| run: pnpm install | |
| - name: Run datagouv-components typecheck | |
| working-directory: ./datagouv-components | |
| run: pnpm run typecheck | |
| - name: Run datagouv-components lint | |
| working-directory: ./datagouv-components | |
| run: pnpm run lint | |
| # ============================================ | |
| # JOB 3: E2E Tests (runs in parallel with quality) | |
| # ============================================ | |
| e2e: | |
| needs: build | |
| timeout-minutes: 30 | |
| runs-on: ubuntu-latest | |
| container: | |
| image: mcr.microsoft.com/playwright:v1.57.0-noble | |
| options: --user 1001 | |
| services: | |
| mongodb: | |
| image: mongo:6.0.4 | |
| ports: | |
| - 27017:27017 | |
| redis: | |
| image: redis | |
| ports: | |
| - 6379:6379 | |
| steps: | |
| - name: Checkout cdata | |
| uses: actions/checkout@v4 | |
| - name: Download build artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: build-output | |
| path: .output | |
| - name: Checkout udata | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: opendatateam/udata | |
| path: udata | |
| ref: main | |
| - name: Set up uv | |
| uses: astral-sh/setup-uv@v6 | |
| with: | |
| python-version: "3.11" | |
| working-directory: udata | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| cache: "pnpm" | |
| cache-dependency-path: pnpm-lock.yaml | |
| - name: Install Node.js dependencies for cdata | |
| run: pnpm install | |
| - name: Install Python dependencies for udata | |
| working-directory: udata | |
| run: | | |
| uv sync --frozen | |
| - name: Configure udata | |
| working-directory: udata | |
| run: | | |
| cat << 'EOF' > udata.cfg | |
| from udata.settings import Defaults | |
| DEBUG = True | |
| TESTING = True | |
| SECRET_KEY = 'test-secret-key-for-ci' | |
| SEND_MAIL = False | |
| SERVER_NAME = 'localhost:7000' | |
| CDATA_BASE_URL="http://localhost:3000" | |
| CACHE_TYPE = 'null' | |
| DEFAULT_LANGUAGE = 'fr' | |
| SCHEMA_CATALOG_URL='https://schema.data.gouv.fr/schemas/schemas.json' | |
| URLS_ALLOW_PRIVATE = True | |
| URLS_ALLOW_LOCAL = True | |
| URLS_ALLOWED_TLDS = Defaults.URLS_ALLOWED_TLDS | set(['local']) | |
| PLUGINS = [] | |
| FS_ROOT = 'fs' | |
| SESSION_COOKIE_SECURE = False | |
| SECURITY_EMAIL_VALIDATOR_ARGS = { | |
| "check_deliverability": False | |
| } | |
| MONGODB_HOST = 'mongodb://mongodb:27017/udata' | |
| CELERY_BROKER_URL = 'redis://redis:6379' | |
| CELERY_RESULT_BACKEND = 'redis://redis:6379' | |
| EOF | |
| - name: Initialize udata | |
| working-directory: udata | |
| run: | | |
| # Create fs directory | |
| mkdir -p fs | |
| # Initialize udata | |
| uv run udata init | |
| uv run udata licenses | |
| uv run udata spatial load | |
| uv run udata import-fixtures | |
| uv run udata user create --first-name "Admin" --last-name "User" --email "[email protected]" --password "@1337Password42" --admin | |
| uv run udata user create --first-name "Normal" --last-name "User" --email "[email protected]" --password "@1337Password42" | |
| uv run inv i18nc | |
| # Start udata server in background | |
| uv run inv serve --port=7000 > udata.log 2>&1 & | |
| # Wait for udata to be ready | |
| timeout 90 bash -c 'until curl -f http://localhost:7000/api/1/site/; do sleep 2; done' | |
| echo "udata server is ready" | |
| - name: Start cdata server | |
| env: | |
| NUXT_PUBLIC_API_BASE: http://localhost:7000 | |
| NUXT_PUBLIC_HOMEPAGE_HERO_IMAGES: "hero_15.png" | |
| run: | | |
| # Start cdata server in background using pre-built artifacts | |
| PORT=3000 node .output/server/index.mjs > cdata.log 2>&1 & | |
| # Wait for cdata to be ready | |
| timeout 90 bash -c 'until curl -f http://localhost:3000; do sleep 2; done' | |
| echo "cdata server is ready" | |
| - name: Run E2E tests | |
| env: | |
| BASE_URL: http://localhost:3000 | |
| NUXT_PUBLIC_API_BASE: http://localhost:7000 | |
| CI: true | |
| run: pnpm run test:e2e | |
| - name: Kill udata server | |
| if: always() | |
| working-directory: udata | |
| run: | | |
| # Kill udata server to release the lock so that post setup-uv can prune the cache | |
| pkill -f "uv run inv serve" || true | |
| - name: Show server logs | |
| if: always() | |
| run: | | |
| echo "=== UDATA SERVER LOGS ===" | |
| cat udata/udata.log || echo "No udata logs found" | |
| echo "" | |
| echo "=== CDATA SERVER LOGS ===" | |
| cat cdata.log || echo "No cdata logs found" | |
| - name: Upload screenshots | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: playwright-screenshots | |
| path: tests/**/*-snapshots | |
| retention-days: 7 | |
| - name: Upload Playwright report | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: playwright-report | |
| path: playwright-report/ | |
| retention-days: 7 | |
| # ============================================ | |
| # JOB 4: Docker - build & push Docker image (all branches, not PRs) | |
| # ============================================ | |
| docker: | |
| needs: [quality, e2e] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| outputs: | |
| image-tag: ${{ steps.meta.outputs.tags }} | |
| version: ${{ steps.version.outputs.short }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download build artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: build-output | |
| path: .output | |
| - name: Set version | |
| id: version | |
| run: | | |
| echo "short=${GITHUB_SHA:0:7}" >> $GITHUB_OUTPUT | |
| echo "long=$GITHUB_SHA" >> $GITHUB_OUTPUT | |
| - name: Log in to GitLab Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.CONTAINER_REGISTRY_URL }} | |
| username: oauth2 | |
| password: ${{ secrets.GITLAB_API_TOKEN }} | |
| - name: Extract metadata for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.CONTAINER_REGISTRY_URL }}/${{ env.APP_NAME }} | |
| tags: | | |
| type=sha,format=short,prefix= | |
| type=sha,format=long,prefix= | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| # ============================================ | |
| # JOB 5: Sentry - upload source maps (runs in parallel with publish) | |
| # ============================================ | |
| sentry: | |
| needs: [quality, e2e] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download build artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: build-output | |
| path: .output | |
| - name: Set version | |
| id: version | |
| run: | | |
| echo "short=${GITHUB_SHA:0:7}" >> $GITHUB_OUTPUT | |
| - name: Create Sentry release | |
| uses: getsentry/action-release@v3 | |
| env: | |
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
| SENTRY_ORG: ${{ secrets.SENTRY_ORG }} | |
| SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} | |
| SENTRY_URL: ${{ secrets.SENTRY_URL }} | |
| with: | |
| sourcemaps: '.output/public/_nuxt' | |
| url_prefix: '~/_nuxt' | |
| environment: ${{ github.ref_name }} | |
| version: ${{ steps.version.outputs.short }} | |
| ignore_missing: true |