ci: consolidate and streamline workflows #3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pull Request | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| types: | |
| - opened | |
| - reopened | |
| - synchronize | |
| - closed | |
| - ready_for_review | |
| permissions: | |
| contents: read | |
| # Prevent concurrent builds for the same PR | |
| concurrency: | |
| group: pr-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| # Run code quality checks | |
| code-checks: | |
| name: Check Code Quality | |
| runs-on: ubuntu-latest | |
| if: github.event.action != 'closed' && github.actor != 'dependabot[bot]' && github.event.pull_request.draft == false | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Setup dependencies | |
| uses: ./.github/actions/setup-and-build | |
| with: | |
| build: 'false' | |
| - name: Check formatting | |
| run: npm run format:check | |
| - name: Check linting | |
| run: npm run lint | |
| - name: Audit dependencies | |
| run: npm audit | |
| continue-on-error: true | |
| - name: Check types | |
| run: npm run typecheck | |
| - name: Check circular dependencies | |
| run: npx madge --circular . --extensions ts,js,jsx,tsx | |
| # Check markdown links | |
| markdown-link-check: | |
| name: Check Documentation Links | |
| runs-on: ubuntu-latest | |
| if: github.event.action != 'closed' && github.actor != 'dependabot[bot]' && github.event.pull_request.draft == false | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: ./.github/actions/setup-and-build | |
| with: | |
| build: 'false' | |
| setup: 'false' | |
| checkout: 'true' | |
| - name: Check Markdown links (.md) | |
| uses: tcort/github-action-markdown-link-check@a800ad5f1c35bf61987946fd31c15726a1c9f2ba # v1.1.0 | |
| with: | |
| file-extension: '.md' | |
| use-quiet-mode: 'yes' | |
| config-file: '.github/workflows/markdown.links.config.json' | |
| - name: Check Markdown links (.mdx) | |
| uses: tcort/github-action-markdown-link-check@a800ad5f1c35bf61987946fd31c15726a1c9f2ba # v1.1.0 | |
| with: | |
| file-extension: '.mdx' | |
| use-quiet-mode: 'yes' | |
| config-file: '.github/workflows/markdown.links.config.json' | |
| # Build and test deployment | |
| build-test: | |
| name: Build and Test | |
| if: | | |
| always() && | |
| github.event.action != 'closed' && | |
| github.event.pull_request.draft == false && | |
| (needs.code-checks.result == 'success' || needs.code-checks.result == 'skipped') | |
| needs: [code-checks] # Only build after checks pass (or are skipped for Dependabot) | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Setup and build | |
| uses: ./.github/actions/setup-and-build | |
| with: | |
| base-url: ${{ github.actor != 'dependabot[bot]' && format('/pr-preview/pr-{0}', github.event.number) || '' }} | |
| - name: Upload build artifacts | |
| if: github.actor != 'dependabot[bot]' | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: build-artifacts | |
| path: ./build/ | |
| retention-days: 1 | |
| # Deploy preview only for non-Dependabot PRs from the main repo (not forks) | |
| deploy-preview: | |
| name: Deploy Preview | |
| needs: build-test | |
| runs-on: ubuntu-latest | |
| if: | | |
| github.event.action != 'closed' && | |
| github.actor != 'dependabot[bot]' && | |
| github.event.pull_request.draft == false && | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| permissions: | |
| contents: write # Required for pr-preview-action to push to gh-pages | |
| pull-requests: write # Required for PR comments | |
| steps: | |
| - name: Checkout repository | |
| uses: ./.github/actions/setup-and-build | |
| with: | |
| build: 'false' | |
| setup: 'false' | |
| checkout: 'true' | |
| - name: Download build artifacts | |
| uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 | |
| with: | |
| name: build-artifacts | |
| path: ./build/ | |
| - name: Deploy preview | |
| uses: rossjrw/pr-preview-action@9f77b1d057b494e662c50b8ca40ecc63f21e0887 # v1.6.2 | |
| id: preview-step | |
| with: | |
| source-dir: ./build/ | |
| preview-branch: gh-pages | |
| umbrella-dir: pr-preview | |
| action: deploy | |
| - name: Publish preview link | |
| if: steps['preview-step'].outputs['deployment-action'] == 'deploy' | |
| run: | | |
| url="${{ steps['preview-step'].outputs['preview-url'] }}" | |
| echo "Preview visible at ${url}" >> "$GITHUB_STEP_SUMMARY" | |
| echo "[Open preview](${url})" >> "$GITHUB_STEP_SUMMARY" | |
| # Clean up preview on PR close (only for PRs from the main repo) | |
| cleanup-preview: | |
| name: Cleanup Preview | |
| runs-on: ubuntu-latest | |
| if: | | |
| github.event.action == 'closed' && | |
| github.actor != 'dependabot[bot]' && | |
| github.event.pull_request.draft == false && | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout repository | |
| uses: ./.github/actions/setup-and-build | |
| with: | |
| build: 'false' | |
| setup: 'false' | |
| checkout: 'true' | |
| - name: Remove preview | |
| uses: rossjrw/pr-preview-action@9f77b1d057b494e662c50b8ca40ecc63f21e0887 # v1.6.2 | |
| with: | |
| preview-branch: gh-pages | |
| umbrella-dir: pr-preview | |
| action: remove |