atproto/.github/workflows/repo.yaml

name: Repository CI

on:
  pull_request:
    branches:
      - '*'

concurrency:
  group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}'
  cancel-in-progress: true

jobs:
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: pnpm/action-setup@v4
      - uses: actions/setup-node@v6
        with:
          cache: pnpm
          node-version-file: '.nvmrc'
      - run: pnpm install --frozen-lockfile
        env:
          PUPPETEER_SKIP_DOWNLOAD: true

      - run: pnpm build
      - uses: actions/upload-artifact@v4
        with:
          name: dist
          retention-days: 2
          path: |
            packages/*/dist
            packages/*/*/dist
            packages/lex/*/src/lexicons
            packages/lex/*/tests/lexicons
            packages/oauth/oauth-client-browser-example/src/lexicons
            packages/oauth/*/src/locales/*/messages.ts
            packages/api/src/moderation/const/labels.ts
            packages/bsky/src/lexicons
            packages/pds/src/lexicons
            packages/sync/src/lexicons

  changeset:
    name: Changeset
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0 # needed for git diff against base branch
      - uses: pnpm/action-setup@v4
      - uses: actions/setup-node@v6
        with:
          cache: pnpm
          node-version-file: '.nvmrc'
      - run: pnpm install --frozen-lockfile
        env:
          PUPPETEER_SKIP_DOWNLOAD: true
      - run: pnpm changeset status --since=origin/${{ github.base_ref }}

  test:
    name: Test
    needs: build
    runs-on: ubuntu-22.04
    # Puppeteer does not work in recent Ubuntu versions without a workaround due
    # to sandboxing issues. Using "ubuntu-latest" results in the following
    # error:
    #
    # No usable sandbox! If you are running on Ubuntu 23.10+ or another Linux
    # distro that has disabled unprivileged user namespaces with AppArmor, see
    # https://chromium.googlesource.com/chromium/src/+/main/docs/security/apparmor-userns-restrictions.md.
    # Otherwise see
    # https://chromium.googlesource.com/chromium/src/+/main/docs/linux/suid_sandbox_development.md
    # for more information on developing with the (older) SUID sandbox. If you
    # want to live dangerously and need an immediate workaround, you can try
    # using --no-sandbox.
    strategy:
      fail-fast: false
      matrix:
        shard: [1/8, 2/8, 3/8, 4/8, 5/8, 6/8, 7/8, 8/8]
    steps:
      - uses: actions/checkout@v4
      - uses: pnpm/action-setup@v4
      - uses: actions/setup-node@v6
        with:
          cache: pnpm
          node-version-file: '.nvmrc'
      - run: echo "CURRENT_MONTH=$(date +'%Y-%m')" >> $GITHUB_ENV
      - uses: actions/cache@v4
        name: Cache Puppeteer browser binaries
        with:
          path: ~/.cache/puppeteer
          key: ${{ env.CURRENT_MONTH }}-${{ runner.os }}-${{ runner.arch }}
      - run: pnpm install --frozen-lockfile
      - uses: actions/download-artifact@v4
        with:
          name: dist
          path: packages
      - run: pnpm test:withFlags --maxWorkers=1 --shard=${{ matrix.shard }} --passWithNoTests

  verify:
    name: Verify
    needs: build
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: pnpm/action-setup@v4
      - uses: actions/setup-node@v6
        with:
          cache: pnpm
          node-version-file: '.nvmrc'
      - run: pnpm install --frozen-lockfile
        env:
          PUPPETEER_SKIP_DOWNLOAD: true
      - uses: actions/download-artifact@v4
        with:
          name: dist
          path: packages
      - run: pnpm verify