name: Nightly QA on: push: branches: [main] schedule: - cron: "0 3 * * *" workflow_dispatch: env: TARGET_URL: "https://testing.mintel.me" PROJECT_NAME: "mintel.me" jobs: # ──────────────────────────────────────────────────── # 1. Performance (Lighthouse) # ──────────────────────────────────────────────────── lighthouse: name: 🎭 Lighthouse runs-on: docker container: image: catthehacker/ubuntu:act-latest steps: - uses: actions/checkout@v4 - uses: pnpm/action-setup@v3 with: version: 10 - uses: actions/setup-node@v4 with: node-version: 20 - name: 🔐 Registry Auth run: | echo "Testing available secrets against git.infra.mintel.me Docker registry..." TOKENS="${{ secrets.GITHUB_TOKEN }} ${{ secrets.GITEA_PAT }} ${{ secrets.MINTEL_PRIVATE_TOKEN }} ${{ secrets.NPM_TOKEN }}" USERS="${{ github.repository_owner }} ${{ github.actor }} marcmintel mintel mmintel" for T_RAW in $TOKENS; do if [ -n "$T_RAW" ]; then T=$(echo "$T_RAW" | tr -d ' ' | tr -d '\n' | tr -d '\r') for U in $USERS; do if [ -n "$U" ]; then if echo "$T" | docker login git.infra.mintel.me -u "$U" --password-stdin > /dev/null 2>&1; then echo "✅ Successfully authenticated with a token." echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm/" > .npmrc echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${T}" >> .npmrc echo "always-auth=true" >> .npmrc break 2 fi fi done fi done - name: 📦 Cache node_modules uses: actions/cache@v4 id: cache-deps with: path: node_modules key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} - name: Install if: steps.cache-deps.outputs.cache-hit != 'true' run: | pnpm store prune pnpm install --no-frozen-lockfile - name: 🌐 Install Chrome & Dependencies run: | apt-get update && apt-get install -y libnss3 libnspr4 libatk1.0-0 libatk-bridge2.0-0 libcups2 libdrm2 libxkbcommon0 libxcomposite1 libxdamage1 libxext6 libxfixes3 libxrandr2 libgbm1 libasound2t64 libpango-1.0-0 libcairo2 npx puppeteer browsers install chrome - name: 🎭 Desktop continue-on-error: true env: NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }} GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }} PAGESPEED_LIMIT: 5 run: pnpm --filter @mintel/web run pagespeed:test -- --collect.settings.preset=desktop - name: 📱 Mobile continue-on-error: true env: NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }} GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }} PAGESPEED_LIMIT: 5 run: pnpm --filter @mintel/web run pagespeed:test -- --collect.settings.preset=mobile # ──────────────────────────────────────────────────── # 2. E2E & Links # ──────────────────────────────────────────────────── e2e: name: 📝 E2E & Links runs-on: docker container: image: catthehacker/ubuntu:act-latest steps: - uses: actions/checkout@v4 - uses: pnpm/action-setup@v3 with: version: 10 - uses: actions/setup-node@v4 with: node-version: 20 - name: 🔐 Registry Auth run: | echo "Testing available secrets against git.infra.mintel.me Docker registry..." TOKENS="${{ secrets.GITHUB_TOKEN }} ${{ secrets.GITEA_PAT }} ${{ secrets.MINTEL_PRIVATE_TOKEN }} ${{ secrets.NPM_TOKEN }}" USERS="${{ github.repository_owner }} ${{ github.actor }} marcmintel mintel mmintel" for T_RAW in $TOKENS; do if [ -n "$T_RAW" ]; then T=$(echo "$T_RAW" | tr -d ' ' | tr -d '\n' | tr -d '\r') for U in $USERS; do if [ -n "$U" ]; then if echo "$T" | docker login git.infra.mintel.me -u "$U" --password-stdin > /dev/null 2>&1; then echo "✅ Successfully authenticated with a token." echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm/" > .npmrc echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${T}" >> .npmrc echo "always-auth=true" >> .npmrc break 2 fi fi done fi done - name: 📦 Cache node_modules uses: actions/cache@v4 id: cache-deps with: path: node_modules key: pnpm-${{ hashFiles('pnpm-lock.yaml') }} - name: Install if: steps.cache-deps.outputs.cache-hit != 'true' run: | pnpm store prune pnpm install --no-frozen-lockfile - name: 🌐 Install Chrome & Dependencies run: | apt-get update && apt-get install -y libnss3 libnspr4 libatk1.0-0 libatk-bridge2.0-0 libcups2 libdrm2 libxkbcommon0 libxcomposite1 libxdamage1 libxext6 libxfixes3 libxrandr2 libgbm1 libasound2t64 libpango-1.0-0 libcairo2 npx puppeteer browsers install chrome - name: 📝 E2E Form Submission Test env: NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }} GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }} PUPPETEER_EXECUTABLE_PATH: /usr/bin/chromium run: pnpm --filter @mintel/web run check:forms - name: 🖼️ OG Images Check continue-on-error: true env: TEST_URL: ${{ env.TARGET_URL }} run: pnpm --filter @mintel/web run check:og - name: 🔗 Internal Links Test continue-on-error: true env: NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }} GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }} run: pnpm --filter @mintel/web run test:links || true # ──────────────────────────────────────────────────── # 3. Notification # ──────────────────────────────────────────────────── notify: name: 🔔 Notify needs: [lighthouse, e2e] if: always() runs-on: docker container: image: catthehacker/ubuntu:act-latest steps: - name: 🔔 Gotify shell: bash run: | LIGHTHOUSE="${{ needs.lighthouse.result }}" E2E="${{ needs.e2e.result }}" if [[ "$LIGHTHOUSE" != "success" || "$E2E" != "success" ]]; then PRIORITY=8 EMOJI="🚨" STATUS="Failed" else PRIORITY=2 EMOJI="✅" STATUS="Passed" fi TITLE="$EMOJI ${{ env.PROJECT_NAME }} QA $STATUS" MESSAGE="Lighthouse: $LIGHTHOUSE | E2E: $E2E ${{ env.TARGET_URL }}" curl -s -k -X POST "${{ secrets.GOTIFY_URL }}/message?token=${{ secrets.GOTIFY_TOKEN }}" \ -F "title=$TITLE" \ -F "message=$MESSAGE" \ -F "priority=$PRIORITY" || true