.github/workflows/pull-request.yml
name: Pull Request
on:
pull_request:
types: [ready_for_review, synchronize, reopened, opened]
env:
BOT_NAME: va-vfs-bot
PR_NUMBER: ${{ github.event.number }}
jobs:
fetch-unit-tests-allow-list:
name: Fetch Unit Test Stability Allow List
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Configure AWS credentials
uses: ./.github/workflows/configure-aws-credentials
with:
aws_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: us-gov-west-1
- name: Get va-vsp-bot token
uses: ./.github/workflows/inject-secrets
with:
ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN
env_variable_name: VA_VSP_BOT_GITHUB_TOKEN
- name: Init Dashboard Data Repo
uses: ./.github/workflows/init-data-repo
- name: Set Up BigQuery Creds
uses: ./.github/workflows/configure-bigquery
- name: Fetch Unit Test Stability Allow List
run: yarn get-allow-list
working-directory: qa-standards-dashboard-data
env:
TEST_TYPE: unit_test
- name: Archive Unit Test Stability Allow List
if: ${{ always() }}
uses: ./.github/workflows/upload-artifact
with:
name: unit-test-allow-list
path: qa-standards-dashboard-data/unit_test_allow_list.json
check-cross-app-imports:
name: Check Cross App Imports
needs: [fetch-unit-tests-allow-list]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Install dependencies
uses: ./.github/workflows/install
timeout-minutes: 30
with:
key: ${{ hashFiles('yarn.lock') }}
yarn_cache_folder: .cache/yarn
path: |
.cache/yarn
node_modules
- name: Download Unit Test Stability Allow List
uses: ./.github/workflows/download-artifact
with:
name: unit-test-allow-list
path: .
- name: Check for cross app imports in allowlist apps
run: yarn check-app-imports --check-allowlist --fail-on-cross-app-import
env:
TEST_TYPE: unit_test
eslint-disable-check:
name: ESLint Disable Check
runs-on: ubuntu-latest
if: ${{ github.event.pull_request.draft == false }}
steps:
- name: Checkout
uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Get Node version
id: get-node-version
run: echo NODE_VERSION=$(cat .nvmrc) >> $GITHUB_OUTPUT
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: ${{ steps.get-node-version.outputs.NODE_VERSION }}
- name: Configure AWS credentials
uses: ./.github/workflows/configure-aws-credentials
with:
aws_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: us-gov-west-1
- name: Get bot token from Parameter Store
uses: ./.github/workflows/inject-secrets
with:
ssm_parameter: /devops/VA_VFS_BOT_GITHUB_TOKEN
env_variable_name: GITHUB_TOKEN
- name: Install dependencies
uses: ./.github/workflows/install
timeout-minutes: 30
with:
key: ${{ hashFiles('yarn.lock') }}
yarn_cache_folder: .cache/yarn
path: |
.cache/yarn
node_modules
- name: Run PR check script
run: yarn pr-check
env:
CODE_PATTERN: (/* eslint-disable)|(// eslint-disable)
LINE_COMMENT: ESLint disabled here
OVERALL_REVIEW_COMMENT: >
# ESLint is disabled
`vets-website` uses ESLint to help enforce code quality. In most
situations we would like ESLint to remain enabled.
## What you can do
See if the code can be refactored to avoid disabling ESLint, or wait for
a VSP review.
icon-check:
name: Icon Check
runs-on: ubuntu-latest
if: ${{ github.event.pull_request.draft == false }}
steps:
- name: Checkout
uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Get Node version
id: get-node-version
run: echo NODE_VERSION=$(cat .nvmrc) >> $GITHUB_OUTPUT
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: ${{ steps.get-node-version.outputs.NODE_VERSION }}
- name: Configure AWS credentials
uses: ./.github/workflows/configure-aws-credentials
with:
aws_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: us-gov-west-1
- name: Get bot token from Parameter Store
uses: ./.github/workflows/inject-secrets
with:
ssm_parameter: /devops/VA_VFS_BOT_GITHUB_TOKEN
env_variable_name: GITHUB_TOKEN
- name: Install dependencies
uses: ./.github/workflows/install
timeout-minutes: 30
with:
key: ${{ hashFiles('yarn.lock') }}
yarn_cache_folder: .cache/yarn
path: |
.cache/yarn
node_modules
- name: Run PR check script
run: yarn pr-check
env:
CODE_PATTERN: (<i )|(<i$)|(<va-icon)
LINE_COMMENT: icon found
OVERALL_REVIEW_COMMENT: >
# Icon found
Icons can be decorative, but sometimes they are used to convey meaning.
If there are any semantics associated with an icon, those semantics
should also be conveyed to a screen reader.
## What you can do
Review the markup and see if the icon provides information that isn't
represented textually, or wait for a VSP review.
## Note:
Font Awesome is deprecated. Please use va-icon instead. For more information, visit the migration documentation: [Migrate from font awesome to va-icon](https://design.va.gov/about/developers/using-web-components#how-to-migrate-from-font-awesome-to-va-icon)
sentry-check:
name: Sentry Check
runs-on: ubuntu-latest
if: ${{ github.event.pull_request.draft == false }}
steps:
- name: Checkout
uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017
- name: Get Node version
id: get-node-version
run: echo NODE_VERSION=$(cat .nvmrc) >> $GITHUB_OUTPUT
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: ${{ steps.get-node-version.outputs.NODE_VERSION }}
- name: Configure AWS credentials
uses: ./.github/workflows/configure-aws-credentials
with:
aws_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws_region: us-gov-west-1
- name: Get bot token from Parameter Store
uses: ./.github/workflows/inject-secrets
with:
ssm_parameter: /devops/VA_VFS_BOT_GITHUB_TOKEN
env_variable_name: GITHUB_TOKEN
- name: Install dependencies
uses: ./.github/workflows/install
timeout-minutes: 30
with:
key: ${{ hashFiles('yarn.lock') }}
yarn_cache_folder: .cache/yarn
path: |
.cache/yarn
node_modules
- name: Run PR check script
run: yarn pr-check
env:
CODE_PATTERN: Sentry\.
LINE_COMMENT: Sentry found
OVERALL_REVIEW_COMMENT: >
# Sentry call found
Sentry captures a lot of data, and we want to make sure that we only
keep information that will be useful for troubleshooting issues. This
means that PII should not be recorded.
## What you can do
Review your call to Sentry and see if you can reasonably reduce any
information that is included, or wait for a VSP review.
linting:
name: Linting (Files Changed)
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@cd7d8d697e10461458bc61a30d094dc601a8b017
with:
fetch-depth: 0
- name: Get Node version
id: get-node-version
run: echo NODE_VERSION=$(cat .nvmrc) >> $GITHUB_OUTPUT
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: ${{ steps.get-node-version.outputs.NODE_VERSION }}
- name: Install dependencies
uses: ./.github/workflows/install
timeout-minutes: 30
with:
key: ${{ hashFiles('yarn.lock') }}
yarn_cache_folder: .cache/yarn
path: |
.cache/yarn
node_modules
- name: Get changed files
id: get-files-changed
continue-on-error: true
uses: ./.github/workflows/get-changed-apps
with:
delimiter: ','
output-type: 'entry_name, url'
- name: Filter files
id: get-lint-files
run: node ./script/github-actions/filter-files-changed.js
env:
CHANGED_FILE_PATHS: ${{ steps.get-files-changed.outputs.changed_files }}
- name: Annotate ESLint results for all files if eslint config has been modified
if: contains(steps.get-files-changed.outputs.files, '.eslintrc.js')
run: yarn run eslint --ext .js --ext .jsx --no-error-on-unmatched-pattern --format ./script/github-actions/eslint-annotation-format.js .
- name: Annotate ESLint results for modified files
run: yarn run eslint -c ./.eslintrc.changed.js --ext .js --ext .jsx --no-error-on-unmatched-pattern --format ./script/github-actions/eslint-annotation-format.js ${{ steps.get-lint-files.outputs.JSFILES }}
- name: Run Stylelint
if: ${{ always() && steps.get-lint-files.outputs.SCSSFILES != '' }}
run: yarn run stylelint verbose --output-file stylelint-report.json --formatter json ${{ steps.get-lint-files.outputs.SCSSFILES }}
- name: Annotate Stylelint results
if: ${{ always() }}
run: node ./script/github-actions/stylelint-annotation-format.js