wiki
/
weseek__growi
Mirror von https://github.com/weseek/growi


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459
							name: Reusable build and test app for production

on:
  workflow_call:
    inputs:
      node-version:
        required: true
        type: string
      skip-e2e-test:
        type: boolean
    secrets:
      SLACK_WEBHOOK_URL:
        required: true
  workflow_dispatch:
    inputs:
      node-version:
        required: true
        type: string
        default: 24.x
      skip-e2e-test:
        type: boolean
        default: false
    secrets:
      SLACK_WEBHOOK_URL:
        required: true

jobs:

  build-prod:
    runs-on: ubuntu-latest

    outputs:
      PROD_FILES: ${{ steps.archive-prod-files.outputs.file }}

    steps:
    - uses: actions/checkout@v4

    - uses: pnpm/action-setup@v6

    - uses: actions/setup-node@v6
      with:
        node-version: ${{ inputs.node-version }}
        cache: 'pnpm'

    - name: Install turbo
      run: |
        pnpm add turbo --global

    - name: Install dependencies
      run: |
        pnpm install --frozen-lockfile

    - name: Build
      working-directory: ./apps/app
      run: |
        turbo run build --env-mode=loose
      env:
        ANALYZE: 1

    - name: Assemble production artifacts
      run: bash apps/app/bin/assemble-prod.sh

    - name: Check for broken symlinks in .next/node_modules
      run: bash apps/app/bin/check-next-symlinks.sh

    - name: Archive production files
      id: archive-prod-files
      run: |
        tar -zcf production.tar.gz --exclude ./apps/app/.next/cache \
          package.json \
          node_modules \
          tsconfig.base.json \
          apps/app/.next \
          apps/app/config \
          apps/app/dist \
          apps/app/prisma \
          apps/app/public \
          apps/app/resource \
          apps/app/tmp \
          apps/app/.env.production* \
          apps/app/node_modules \
          apps/app/next.config.js \
          apps/app/package.json \
          apps/app/tsconfig.json
        echo "file=production.tar.gz" >> $GITHUB_OUTPUT

    - name: Upload production files as artifact
      uses: actions/upload-artifact@v4
      with:
        name: Production Files (node${{ inputs.node-version }})
        path: ${{ steps.archive-prod-files.outputs.file }}

    - name: Upload report as artifact
      uses: actions/upload-artifact@v4
      with:
        name: Bundle Analyzing Report (node${{ inputs.node-version }})
        path: |
          apps/app/.next/analyze

    - name: Slack Notification
      uses: weseek/ghaction-slack-notification@master
      if: failure()
      with:
        type: ${{ job.status }}
        job_name: '*Node CI for growi - build-prod (${{ inputs.node-version }})*'
        channel: '#ci'
        isCompactMode: true
        url: ${{ secrets.SLACK_WEBHOOK_URL }}


  launch-prod:
    needs: [build-prod]
    runs-on: ubuntu-latest

    # The extracted production tarball does not include pnpm-workspace.yaml or
    # packages/*, so pnpm v11's pre-run dep status check would trigger a
    # `pnpm install` that fails to resolve `workspace:^` references. Skip it.
    env:
      pnpm_config_verify_deps_before_run: "false"

    strategy:
      matrix:
        mongodb-version: ['6.0', '8.0']

    services:
      mongodb:
        image: mongo:${{ matrix.mongodb-version }}
        ports:
        - 27017/tcp

    steps:
    - uses: actions/setup-node@v6
      with:
        node-version: ${{ inputs.node-version }}

    - name: Download production files artifact
      uses: actions/download-artifact@v4
      with:
        name: Production Files (node${{ inputs.node-version }})

    - name: Extract production files
      run: |
        tar -xf ${{ needs.build-prod.outputs.PROD_FILES }}

    # Run after extraction so pnpm/action-setup@v6 can read packageManager from package.json
    - uses: pnpm/action-setup@v6

    - name: Start Elasticsearch with plugins
      uses: elastic/elastic-github-actions/elasticsearch@master
      with:
        stack-version: 9.3.3
        plugins: |
          analysis-kuromoji
          analysis-icu
        security-enabled: false

    - name: Wait for Elasticsearch to be ready
      run: |
        curl \
          --no-progress-meter \
          -X GET \
          --retry 60 \
          --retry-delay 1 \
          --retry-connrefused \
          http://localhost:9200/_cluster/health?wait_for_status=green

    - name: pnpm run server:ci
      working-directory: ./apps/app
      run: |
        cp config/ci/.env.local.for-ci .env.production.local
        pnpm run server:ci
      env:
        MONGO_URI: mongodb://localhost:${{ job.services.mongodb.ports['27017'] }}/growi
        ELASTICSEARCH_URI: http://localhost:9200/growi

    - name: Slack Notification
      uses: weseek/ghaction-slack-notification@master
      if: failure()
      with:
        type: ${{ job.status }}
        job_name: '*Node CI for growi - build-prod (${{ inputs.node-version }})*'
        channel: '#ci'
        isCompactMode: true
        url: ${{ secrets.SLACK_WEBHOOK_URL }}


  prime-playwright-cache:
    if: |
      github.event_name == 'workflow_dispatch' ||
      (!inputs.skip-e2e-test && startsWith(github.head_ref, 'mergify/merge-queue/'))

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v4

    - uses: pnpm/action-setup@v6

    - uses: actions/setup-node@v6
      with:
        node-version: ${{ inputs.node-version }}
        cache: 'pnpm'

    - name: Install dependencies
      run: |
        pnpm install --frozen-lockfile

    - name: Cache Playwright browsers
      id: playwright-cache
      uses: actions/cache@v4
      with:
        path: ~/.cache/ms-playwright
        key: playwright-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml') }}

    - name: Install Playwright browsers
      if: steps.playwright-cache.outputs.cache-hit != 'true'
      run: |
        pnpm playwright install


  run-playwright:
    needs: [build-prod, prime-playwright-cache]

    if: |
      github.event_name == 'workflow_dispatch' ||
      (!inputs.skip-e2e-test && startsWith(github.head_ref, 'mergify/merge-queue/'))

    runs-on: ubuntu-latest

    # Playwright spawns `pnpm run server` inside the extracted prod dir via
    # GROWI_WEBSERVER_COMMAND. That dir lacks pnpm-workspace.yaml and packages/*,
    # so pnpm v11's pre-run dep status check would fail. Skip it.
    env:
      pnpm_config_verify_deps_before_run: "false"

    strategy:
      fail-fast: false
      matrix:
        browser: [chromium, firefox, webkit]
        shard: [1/2, 2/2]
        mongodb-version: ['6.0', '8.0']

    services:
      mongodb:
        image: mongo:${{ matrix.mongodb-version }}
        ports:
        - 27017/tcp

    steps:
    - uses: actions/checkout@v4

    - uses: pnpm/action-setup@v6

    - uses: actions/setup-node@v6
      with:
        node-version: ${{ inputs.node-version }}
        cache: 'pnpm'

    - name: Install dependencies
      run: |
        pnpm install --frozen-lockfile

    # Browsers are pre-populated by `prime-playwright-cache`. Always a cache hit;
    # restore-keys provides a partial fallback if the keyed cache was evicted.
    - name: Restore Playwright browser cache
      uses: actions/cache/restore@v4
      with:
        path: ~/.cache/ms-playwright
        key: playwright-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml') }}
        restore-keys: |
          playwright-${{ runner.os }}-

    # `--with-deps` installs apt system libraries and re-downloads any browser
    # that wasn't in the restored cache. With a primed cache, this only runs apt.
    - name: Install Playwright system deps and any missing browsers
      run: |
        pnpm playwright install --with-deps

    - name: Start Elasticsearch with plugins
      uses: elastic/elastic-github-actions/elasticsearch@master
      with:
        stack-version: 9.3.3
        plugins: |
          analysis-kuromoji
          analysis-icu
        security-enabled: false

    - name: Wait for Elasticsearch to be ready
      run: |
        curl \
          --no-progress-meter \
          -X GET \
          --retry 60 \
          --retry-delay 1 \
          --retry-connrefused \
          http://localhost:9200/_cluster/health?wait_for_status=green

    - name: Download production files artifact
      uses: actions/download-artifact@v4
      with:
        name: Production Files (node${{ inputs.node-version }})

    - name: Extract production files to isolated directory
      run: |
        mkdir -p /tmp/growi-prod
        tar -xf ${{ needs.build-prod.outputs.PROD_FILES }} -C /tmp/growi-prod

    - name: Copy dotenv file for ci
      run: |
        cat apps/app/config/ci/.env.local.for-ci >> /tmp/growi-prod/apps/app/.env.production.local

    # The installer suite is not sharded, so run it once per mongodb-version
    # (shard 1/2 only) rather than redundantly in every chromium shard job.
    - name: Playwright Run (--project=chromium/installer)
      if: ${{ matrix.browser == 'chromium' && matrix.shard == '1/2' }}
      working-directory: ./apps/app
      run: |
        pnpm playwright test --project=chromium/installer
      env:
        DEBUG: pw:api
        GROWI_WEBSERVER_COMMAND: 'cd /tmp/growi-prod/apps/app && pnpm run server'
        MONGO_URI: mongodb://localhost:${{ job.services.mongodb.ports['27017'] }}/growi-playwright-installer
        ELASTICSEARCH_URI: http://localhost:9200/growi

    # Each `playwright test` run clears blob-report/ when it writes its report
    # (the blob reporter empties its output dir), so move this run's blob out to a
    # staging dir before the next run wipes it. Prefixing the mongodb-version keeps
    # filenames unique once report-playwright flattens every artifact together.
    - name: Stash installer blob report
      if: ${{ always() && matrix.browser == 'chromium' && matrix.shard == '1/2' }}
      run: |
        mkdir -p apps/app/all-blobs
        for f in apps/app/blob-report/*.zip; do
          [ -e "$f" ] || continue
          mv "$f" "apps/app/all-blobs/mongo${{ matrix.mongodb-version }}-$(basename "$f")"
        done

    - name: Copy dotenv file for automatic installation
      run: |
        cat apps/app/config/ci/.env.local.for-auto-install >> /tmp/growi-prod/apps/app/.env.production.local

    - name: Playwright Run
      working-directory: ./apps/app
      run: |
        pnpm playwright test --project=${{ matrix.browser }} --shard=${{ matrix.shard }}
      env:
        DEBUG: pw:api
        GROWI_WEBSERVER_COMMAND: 'cd /tmp/growi-prod/apps/app && pnpm run server'
        MONGO_URI: mongodb://localhost:${{ job.services.mongodb.ports['27017'] }}/growi-playwright
        ELASTICSEARCH_URI: http://localhost:9200/growi

    - name: Stash main blob report
      if: always()
      run: |
        mkdir -p apps/app/all-blobs
        for f in apps/app/blob-report/*.zip; do
          [ -e "$f" ] || continue
          mv "$f" "apps/app/all-blobs/mongo${{ matrix.mongodb-version }}-$(basename "$f")"
        done

    - name: Copy dotenv file for automatic installation with allowing guest mode
      run: |
        cat apps/app/config/ci/.env.local.for-auto-install-with-allowing-guest >> /tmp/growi-prod/apps/app/.env.production.local

    - name: Playwright Run (--project=${browser}/guest-mode)
      working-directory: ./apps/app
      run: |
        pnpm playwright test --project=${{ matrix.browser }}/guest-mode --shard=${{ matrix.shard }}
      env:
        DEBUG: pw:api
        GROWI_WEBSERVER_COMMAND: 'cd /tmp/growi-prod/apps/app && pnpm run server'
        MONGO_URI: mongodb://localhost:${{ job.services.mongodb.ports['27017'] }}/growi-playwright-guest-mode
        ELASTICSEARCH_URI: http://localhost:9200/growi

    - name: Stash guest-mode blob report
      if: always()
      run: |
        mkdir -p apps/app/all-blobs
        for f in apps/app/blob-report/*.zip; do
          [ -e "$f" ] || continue
          mv "$f" "apps/app/all-blobs/mongo${{ matrix.mongodb-version }}-$(basename "$f")"
        done

    - name: Generate shard ID
      id: shard-id
      if: always()
      run: |
        SHARD_ID=$(echo "${{ matrix.shard }}" | tr '/' '-')
        echo "shard_id=${SHARD_ID}" >> $GITHUB_OUTPUT

    - name: Upload test results
      uses: actions/upload-artifact@v4
      if: always()
      with:
        name: blob-report-${{ matrix.browser }}-mongo${{ matrix.mongodb-version }}-${{ steps.shard-id.outputs.shard_id }}
        path: ./apps/app/all-blobs
        retention-days: 30

    - name: Slack Notification
      uses: weseek/ghaction-slack-notification@master
      if: failure()
      with:
        type: ${{ job.status }}
        job_name: '*Node CI for growi - run-playwright (${{ matrix.browser }}, MongoDB ${{ matrix.mongodb-version }})*'
        channel: '#ci'
        isCompactMode: true
        url: ${{ secrets.SLACK_WEBHOOK_URL }}


  report-playwright:
    needs: [run-playwright]

    if: always() && needs.run-playwright.result != 'skipped'

    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v4

    - uses: pnpm/action-setup@v6

    - uses: actions/setup-node@v6
      with:
        node-version: ${{ inputs.node-version }}
        cache: 'pnpm'

    - name: Install dependencies
      run: |
        pnpm install --frozen-lockfile

    - name: Download blob reports
      uses: actions/download-artifact@v4
      with:
        pattern: blob-report-*
        path: all-blob-reports
        merge-multiple: true

    - name: Merge into HTML Report
      run: |
        mkdir -p playwright-report
        if [ -z "$(ls all-blob-reports/*.zip all-blob-reports/*.blob 2>/dev/null || true)" ]; then
          echo "<html><body><h1>No test results available</h1><p>This could be because tests were skipped or all artifacts were not available.</p></body></html>" > playwright-report/index.html
        else
          pnpm playwright merge-reports --reporter html all-blob-reports
        fi

    - name: Upload HTML report
      uses: actions/upload-artifact@v4
      with:
        name: html-report
        path: playwright-report
        retention-days: 30

    - name: Fail if any playwright shard did not succeed
      if: needs.run-playwright.result != 'success'
      run: |
        echo "run-playwright aggregate result: ${{ needs.run-playwright.result }}"
        echo "One or more Playwright shards failed or were cancelled. See html-report artifact for details."
        exit 1