diff --git a/.gitea/workflows/qa.yml b/.gitea/workflows/qa.yml index ec895d7..8f53e77 100644 --- a/.gitea/workflows/qa.yml +++ b/.gitea/workflows/qa.yml @@ -13,7 +13,50 @@ env: jobs: # ──────────────────────────────────────────────────── - # 1. Performance (Lighthouse) + # 1. Static Checks (OG Images, Links) + # ──────────────────────────────────────────────────── + static: + name: 🔍 Static Analysis + runs-on: docker + container: + image: catthehacker/ubuntu:act-latest + steps: + - uses: actions/checkout@v4 + - uses: pnpm/action-setup@v3 + with: + version: 10 + - uses: actions/setup-node@v4 + with: + node-version: 20 + - name: 🔐 Registry Auth + run: | + echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc + echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc + - name: 📦 Cache node_modules + uses: actions/cache@v4 + id: cache-deps + with: + path: node_modules + key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} + - name: Install + if: steps.cache-deps.outputs.cache-hit != 'true' + run: | + pnpm store prune + pnpm install --no-frozen-lockfile + - name: 🖼️ OG Images + continue-on-error: true + env: + TEST_URL: ${{ env.TARGET_URL }} + GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }} + run: pnpm --filter @mintel/web run check:og + - name: 🔗 Lychee Link Check + uses: lycheeverse/lychee-action@v2 + with: + args: --accept 200,204,429 --timeout 15 --insecure --exclude "file://*" --exclude "https://logs.infra.*" --exclude "https://git.infra.*" --exclude "https://mintel.me/*" . + fail: true + + # ──────────────────────────────────────────────────── + # 2. Performance (Lighthouse) # ──────────────────────────────────────────────────── lighthouse: name: 🎭 Lighthouse @@ -30,26 +73,8 @@ jobs: node-version: 20 - name: 🔐 Registry Auth run: | - echo "Testing available secrets against git.infra.mintel.me Docker registry..." - TOKENS="${{ secrets.GITHUB_TOKEN }} ${{ secrets.GITEA_PAT }} ${{ secrets.MINTEL_PRIVATE_TOKEN }} ${{ secrets.NPM_TOKEN }}" - USERS="${{ github.repository_owner }} ${{ github.actor }} marcmintel mintel mmintel" - - for T_RAW in $TOKENS; do - if [ -n "$T_RAW" ]; then - T=$(echo "$T_RAW" | tr -d ' ' | tr -d '\n' | tr -d '\r') - for U in $USERS; do - if [ -n "$U" ]; then - if echo "$T" | docker login git.infra.mintel.me -u "$U" --password-stdin > /dev/null 2>&1; then - echo "✅ Successfully authenticated with a token." - echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm/" > .npmrc - echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${T}" >> .npmrc - echo "always-auth=true" >> .npmrc - break 2 - fi - fi - done - fi - done + echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc + echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc - name: 📦 Cache node_modules uses: actions/cache@v4 id: cache-deps @@ -81,10 +106,10 @@ jobs: run: pnpm --filter @mintel/web run pagespeed:test -- --collect.settings.preset=mobile # ──────────────────────────────────────────────────── - # 2. E2E & Links + # 3. E2E (Forms, Smoke) # ──────────────────────────────────────────────────── e2e: - name: 📝 E2E & Links + name: 📝 E2E runs-on: docker container: image: catthehacker/ubuntu:act-latest @@ -98,26 +123,8 @@ jobs: node-version: 20 - name: 🔐 Registry Auth run: | - echo "Testing available secrets against git.infra.mintel.me Docker registry..." - TOKENS="${{ secrets.GITHUB_TOKEN }} ${{ secrets.GITEA_PAT }} ${{ secrets.MINTEL_PRIVATE_TOKEN }} ${{ secrets.NPM_TOKEN }}" - USERS="${{ github.repository_owner }} ${{ github.actor }} marcmintel mintel mmintel" - - for T_RAW in $TOKENS; do - if [ -n "$T_RAW" ]; then - T=$(echo "$T_RAW" | tr -d ' ' | tr -d '\n' | tr -d '\r') - for U in $USERS; do - if [ -n "$U" ]; then - if echo "$T" | docker login git.infra.mintel.me -u "$U" --password-stdin > /dev/null 2>&1; then - echo "✅ Successfully authenticated with a token." - echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm/" > .npmrc - echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${T}" >> .npmrc - echo "always-auth=true" >> .npmrc - break 2 - fi - fi - done - fi - done + echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc + echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc - name: 📦 Cache node_modules uses: actions/cache@v4 id: cache-deps @@ -139,24 +146,13 @@ jobs: GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }} PUPPETEER_EXECUTABLE_PATH: /usr/bin/chromium run: pnpm --filter @mintel/web run check:forms - - name: 🖼️ OG Images Check - continue-on-error: true - env: - TEST_URL: ${{ env.TARGET_URL }} - run: pnpm --filter @mintel/web run check:og - - name: 🔗 Internal Links Test - continue-on-error: true - env: - NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }} - GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }} - run: pnpm --filter @mintel/web run test:links || true # ──────────────────────────────────────────────────── - # 3. Notification + # 4. Notification # ──────────────────────────────────────────────────── notify: name: 🔔 Notify - needs: [lighthouse, e2e] + needs: [static, lighthouse, e2e] if: always() runs-on: docker container: @@ -165,10 +161,11 @@ jobs: - name: 🔔 Gotify shell: bash run: | + STATIC="${{ needs.static.result }}" LIGHTHOUSE="${{ needs.lighthouse.result }}" E2E="${{ needs.e2e.result }}" - if [[ "$LIGHTHOUSE" != "success" || "$E2E" != "success" ]]; then + if [[ "$STATIC" != "success" || "$LIGHTHOUSE" != "success" || "$E2E" != "success" ]]; then PRIORITY=8 EMOJI="🚨" STATUS="Failed" @@ -179,7 +176,7 @@ jobs: fi TITLE="$EMOJI ${{ env.PROJECT_NAME }} QA $STATUS" - MESSAGE="Lighthouse: $LIGHTHOUSE | E2E: $E2E + MESSAGE="Static: $STATIC | Lighthouse: $LIGHTHOUSE | E2E: $E2E ${{ env.TARGET_URL }}" curl -s -k -X POST "${{ secrets.GOTIFY_URL }}/message?token=${{ secrets.GOTIFY_TOKEN }}" \