feat: update to track latest spec changes #500
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "PR checks" | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
jobs: | |
check_pr: | |
name: "PR checks" | |
runs-on: ubuntu-latest | |
if: "!contains(github.event.head_commit.message, 'skip release') && !contains(github.event.head_commit.message, 'skip ci')" | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Check commits for leaks | |
uses: gitleaks/gitleaks-action@v2 | |
if: ${{ github.event_name == 'push' }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.CUSTOM_GITHUB_PERSONAL_TOKEN }} | |
- name: setup pnpm | |
uses: pnpm/action-setup@v4 | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 'lts/*' | |
cache: 'pnpm' | |
registry-url: 'https://registry.npmjs.org' | |
- name: Install dependencies | |
run: pnpm install | |
- name: Check lock file for untrusted packages | |
run: pnpm dlx lockfile-lint --path package-lock.json --allowed-hosts npm --validate-https | |
- name: Generate OpenAPI bindings and build package | |
run: | | |
pnpm run generate | |
pnpm run build | |
- name: Check package for packaging errors | |
run: pnpm dlx publint run | |
- name: Check for uncommitted changes | |
# NOTE: Do not run this step for Dependabot PRs, because `pnpm run generate` might generate newer bindings (in case Neon's OpenAPI spec has had updates) | |
# which in turn will flag a "found changed files after build" error, which turns CI red. | |
if: ${{ !contains(github.event.pull_request.labels.*.name, 'dependencies') }} | |
# NOTE: Ensure no changes, but ignore node_modules dir since dev/fresh ci deps installed. | |
run: | | |
git diff --exit-code --stat -- . ':!node_modules' ':!dist' \ | |
|| (echo "##[error] found changed files after build. please 'pnpm run generate && pnpm run build'" \ | |
"and commit all changes" \ | |
&& exit 1) |