.github/workflows/simorgh-misc-checks.yml from bbc/simorgh

.github/workflows/simorgh-misc-checks.yml
Summary

Maintainability

Test Coverage

Issues
name: Simorgh CI - Licences, Dependencies, Lint, Chromatic UI, NPM Audit
on:
  pull_request:
    branches:
      - '**'
  push:
    branches:
      - latest

permissions:
  statuses: write

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node-version: [18.x]
    env:
      CI: true

    steps:
      - uses: actions/checkout@v3
        with:
          fetch-depth: '0'

      - name: Use Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v3
        with:
          node-version: ${{ matrix.node-version }}

      - name: Cache Node Modules
        id: cache
        uses: actions/cache@v3
        with:
          path: |
            node_modules
            ws-nextjs-app/node_modules
          key: node-modules-${{ hashFiles('yarn.lock', 'ws-nextjs-app/yarn.lock') }}

      - name: Install Node Modules
        if: steps.cache.outputs.cache-hit != 'true'
        run: ./scripts/installNodeModules.sh

      - name: Chromatic UI Tests
        uses: chromaui/action@latest
        if: github.ref != 'refs/heads/latest' && github.event.pull_request.head.repo.full_name == 'bbc/simorgh' # Only run when not on latest or not a fork.
        with:
          token: ${{ secrets.SIMORGH_DEV_STORYBOOK_RELEASE }}
          projectToken: ${{ secrets.CHROMATIC_APP_CODE }}
          buildScriptName: 'build:storybook'
          exitOnceUploaded: true
          onlyChanged: true

      - name: Chromatic UI Tests - Latest
        uses: chromaui/action@latest
        if: github.ref == 'refs/heads/latest' # Only run on latest branch
        with:
          token: ${{ secrets.SIMORGH_DEV_STORYBOOK_RELEASE }}
          projectToken: ${{ secrets.CHROMATIC_APP_CODE }}
          buildScriptName: 'build:storybook'
          exitOnceUploaded: true
          onlyChanged: true
          autoAcceptChanges: true # Auto accept changes to accept a new baseline when merging to latest

      - name: Get Storybook Branch Permalink
        uses: actions/github-script@v6
        id: get-storybook-permalink
        with:
          script: |
            const storybookBranch = '${{ github.event.pull_request.head.ref }}'.toLowerCase().replaceAll(/[/.]/g, '-').trim('-').substring(0, 37);
            const storybookPermalink = `https://${storybookBranch}--5d28eb3fe163f6002046d6fa.chromatic.com`;
            core.setOutput('STORYBOOK_PERMALINK', storybookPermalink);

      - name: Publish Storybook Branch Permalink
        if: github.event.pull_request.head.repo.full_name == 'bbc/simorgh' # Only run when not on a fork
        run: |
          curl \
          -X POST \
          -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
          -H "Accept: application/vnd.github+json" \
          -H "X-GitHub-Api-Version: 2022-11-28" \
          https://api.github.com/repos/${{ github.repository }}/statuses/${{ github.event.pull_request.head.sha }} \
          -d '{
            "state": "success", 
            "context": "Storybook Permalink", 
            "description": "View the latest changes on Storybook for this PR",
            "target_url": "${{ steps.get-storybook-permalink.outputs.STORYBOOK_PERMALINK }}"
          }' \
          --fail

      - name: Duplicate Dependency Checker
        run: yarn test:dependencies

      - name: Linting
        run: yarn test:lint

      - name: NPM Audit
        run: yarn npm audit --all --severity low --no-deprecations