Skip to content

[pull] main from nodejs:main #47

[pull] main from nodejs:main

[pull] main from nodejs:main #47

Workflow file for this run

# Security Notes
# This workflow uses `pull_request_target`, so will run against all PRs automatically (without approval), be careful with allowing any user-provided code to be run here
# Only selected Actions are allowed within this repository. Please refer to (https://github.com/nodejs/nodejs.org/settings/actions)
# for the full list of available actions. If you want to add a new one, please reach out a maintainer with Admin permissions.
# REVIEWERS, please always double-check security practices before merging a PR that contains Workflow changes!!
# AUTHORS, please only use actions with explicit SHA references, and avoid using `@master` or `@main` references or `@version` tags.
# MERGE QUEUE NOTE: This Workflow does not run on `merge_group` trigger, as this Workflow is not required for Merge Queue's
name: Lighthouse
on:
pull_request_target:
branches:
- main
types:
- labeled
defaults:
run:
# This ensures that the working directory is the root of the repository
working-directory: ./
permissions:
contents: read
actions: read
# This permission is required by `thollander/actions-comment-pull-request`
pull-requests: write
jobs:
lighthouse-ci:
# We want to skip our lighthouse analysis on Dependabot PRs
if: |
startsWith(github.event.pull_request.head.ref, 'dependabot/') == false &&
github.event.label.name == 'github_actions:pull-request'
name: Lighthouse Report
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
with:
egress-policy: audit
- name: Git Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
# Provides the Pull Request commit SHA or the GitHub merge group ref
ref: ${{ github.event.pull_request.head.sha || github.ref }}
- name: Add Comment to PR
# Signal that a lighthouse run is about to start
uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0
with:
message: |
Running Lighthouse audit...
# Used later to edit the existing comment
comment_tag: 'lighthouse_audit'
- name: Capture Vercel Preview
uses: patrickedqvist/wait-for-vercel-preview@06c79330064b0e6ef7a2574603b62d3c98789125 # v1.3.2
id: vercel_preview_url
with:
token: ${{ secrets.GITHUB_TOKEN }}
# timeout after 5 minutes
max_timeout: 300
# check every 10 seconds
check_interval: 10
- name: Audit Preview URL with Lighthouse
# Conduct the lighthouse audit
id: lighthouse_audit
uses: treosh/lighthouse-ci-action@1b0e7c33270fbba31a18a0fbb1de7cc5256b6d39 # v11.4.0
with:
# Defines the settings and assertions to audit
configPath: './.lighthouserc.json'
# These URLS capture critical pages / site functionality.
urls: |
${{ steps.vercel_preview_url.outputs.url }}/en
${{ steps.vercel_preview_url.outputs.url }}/en/about
${{ steps.vercel_preview_url.outputs.url }}/en/about/previous-releases
${{ steps.vercel_preview_url.outputs.url }}/en/download
${{ steps.vercel_preview_url.outputs.url }}/en/blog
uploadArtifacts: true # save results as a action artifacts
temporaryPublicStorage: true # upload lighthouse report to the temporary storage
- name: Format Lighthouse Score
# Transform the audit results into a single, friendlier output
id: format_lighthouse_score
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
env:
# using env as input to our script
# see https://github.com/actions/github-script#use-env-as-input
LIGHTHOUSE_RESULT: ${{ steps.lighthouse_audit.outputs.manifest }}
LIGHTHOUSE_LINKS: ${{ steps.lighthouse_audit.outputs.links }}
VERCEL_PREVIEW_URL: ${{ steps.vercel_preview_url.outputs.url }}
with:
# Run as a separate file so we do not have to inline all of our formatting logic.
# See https://github.com/actions/github-script#run-a-separate-file for more info.
script: |
const { formatLighthouseResults } = await import('${{github.workspace}}/apps/site/scripts/lighthouse/index.mjs')
await formatLighthouseResults({core})
- name: Add Comment to PR
# Replace the previous message with our formatted lighthouse results
uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0
with:
# Reference the previously created comment
comment_tag: 'lighthouse_audit'
message: |
${{ steps.format_lighthouse_score.outputs.comment }}