-
Notifications
You must be signed in to change notification settings - Fork 6.3k
156 lines (138 loc) · 7.25 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
# Security Notes
# Only selected Actions are allowed within this repository. Please refer to (https://github.com/nodejs/nodejs.org/settings/actions)
# for the full list of available actions. If you want to add a new one, please reach out a maintainer with Admin permissions.
# REVIEWERS, please always double-check security practices before merging a PR that contains Workflow changes!!
# AUTHORS, please only use actions with explicit SHA references, and avoid using `@master` or `@main` references or `@version` tags.
name: Build Checks
on:
push:
branches:
- main
pull_request_target:
branches:
- main
types:
- labeled
merge_group:
defaults:
run:
# This ensures that the working directory is the root of the repository
working-directory: ./
permissions:
contents: read
actions: read
jobs:
base:
# This Job should run either on `merge_groups` or `push` events
# or `pull_request_target` event with a `labeled` action with a label named `github_actions:pull-request`
if: |
(github.event_name == 'push' || github.event_name == 'merge_group') ||
(github.event_name == 'pull_request_target' &&
github.event.label.name == 'github_actions:pull-request')
name: Base Tasks
runs-on: ubuntu-latest
outputs:
turbo_args: ${{ steps.turborepo_arguments.outputs.turbo_args }}
steps:
- name: Provide Turborepo Arguments
id: turborepo_arguments
# We also set the Turborepo Cache to the `.turbo` folder
# See https://turbo.build/repo/docs/reference/command-line-reference/run#--cache-dir
# See https://turbo.build/repo/docs/reference/command-line-reference/run#--force
run: echo "turbo_args=--force=true --cache-dir=.turbo/cache" >> "$GITHUB_OUTPUT"
build:
# This Job should run either on `merge_groups` or `push` events
# or `pull_request_target` event with a `labeled` action with a label named `github_actions:pull-request`
if: |
(github.event_name == 'push' || github.event_name == 'merge_group') ||
(github.event_name == 'pull_request_target' &&
github.event.label.name == 'github_actions:pull-request')
name: Build on ${{ matrix.os }}
runs-on: ${{ matrix.os }}
needs: [base]
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
steps:
- name: Use GNU tar instead BSD tar
# This ensures that we use GNU `tar` which is more efficient for extracting caches's
if: matrix.os == 'windows-latest'
shell: cmd
run: echo C:\Program Files\Git\usr\bin>>"%GITHUB_PATH%"
- name: Git Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
with:
# We only need to fetch the last commit from the head_ref
# since we're not using the `--filter` operation from turborepo
# We don't use the `--filter` as we always want to force builds regardless of having changes or not
# this ensures that our bundle analysis script always runs and that we always ensure next.js is building
# regardless of having code changes or not
fetch-depth: 1
- name: Restore Build Cache
uses: actions/cache/restore@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
with:
path: |
.turbo/cache
.next/cache
node_modules/.cache
# We want to restore cache from local .npm caches, .next/cache and node_modules/.cache
# As this should reduce build times, and the overall time for installing packages or running operations
key: cache-build-${{ hashFiles('package-lock.json') }}-
restore-keys: |
cache-build-${{ hashFiles('package-lock.json') }}-
cache-build-
- name: Set up Node.js
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d
with:
# We want to ensure that the Node.js version running here respects our supported versions
node-version-file: '.nvmrc'
cache: 'npm'
- name: Install NPM packages
# We want to avoid NPM from running the Audit Step and Funding messages on a CI environment
# We also use `npm i` instead of `npm ci` so that the node_modules/.cache folder doesn't get deleted
# We also use `--omit=dev` to avoid installing devDependencies as we don't need them during the build step
run: npm i --no-audit --no-fund --userconfig=/dev/null --omit=dev
- name: Build Next.js (ISR)
# We want a ISR build on CI to ensure that regular Next.js builds work as expected.
# We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user
# the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job
run: npx --package=turbo@latest -- turbo build ${{ needs.base.outputs.turbo_args }}
env:
# We want to ensure we have enough RAM allocated to the Node.js process
# this should be a last resort in case by any chances the build memory gets too high
# but in general this should never happen
NODE_OPTIONS: '--max_old_space_size=4096'
- name: Build Next.js (Static)
# Skips a few steps if not on a Pull Request (Merge Group) or it is a Dependabot PR
# i.e. if the Event is a Merge Queue Event
# We also don't need to run a Static Build on a Crowdin PR
if: |
github.event_name == 'pull_request_target' &&
startsWith(github.event.pull_request.head.ref, 'dependabot/') == false &&
github.event.pull_request.head.ref != 'chore/crowdin'
# We want a Static Buid on CI to ensure that the Static Exports are working as expected
# This build will use the existing cache created on the previous build above (ISR)
# We want to enforce that the actual `turbo@latest` package is used instead of a possible hijack from the user
# the `${{ needs.base.outputs.turbo_args }}` is a string substitution happening from the base job
run: npx --package=turbo@latest -- turbo deploy ${{ needs.base.outputs.turbo_args }}
env:
# We want to ensure we have enough RAM allocated to the Node.js process
# this should be a last resort in case by any chances the build memory gets too high
# but in general this should never happen
NODE_OPTIONS: '--max_old_space_size=4096'
- name: Save Build Cache
# We want to store the Build Cache within Pull Requests or during pushes against the `main` branch
if: |
github.event_name == 'push' || github.event_name == 'pull_request_target'
uses: actions/cache/save@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
with:
path: |
.turbo/cache
.next/cache
node_modules/.cache
# Most of sibling Pull Requests will use the cache key based on the package-lock.json
# We do also add a hashFiles for `.next/cache` as GitHub Actions only allows
# One cache with same key to exist, so to ensure we always have a cache from the latest build
# We add the hashFiles of `.next/cache` to the cache key of the Cache Entry
key: cache-build-${{ hashFiles('package-lock.json') }}-${{ hashFiles('.next/cache/**') }}