mirror of
https://github.com/kremalicious/metamask-extension.git
synced 2024-12-22 17:33:23 +01:00
Validate LavaMoat config in parallel (#19589)
The LavaMoat policies and allow-scripts configuration are now validated in parallel. They are still only validated for release candidate branches and the `master` branch.
This commit is contained in:
parent
89cec5335f
commit
492038a312
@ -30,6 +30,12 @@ rc_branch_only: &rc_branch_only
|
||||
only:
|
||||
- /^Version-v(\d+)[.](\d+)[.](\d+)/
|
||||
|
||||
rc_or_master_branch_only: &rc_or_master_branch_only
|
||||
filters:
|
||||
branches:
|
||||
only:
|
||||
- /^Version-v(\d+)[.](\d+)[.](\d+)|master/
|
||||
|
||||
workflows:
|
||||
test_and_release:
|
||||
jobs:
|
||||
@ -50,11 +56,19 @@ workflows:
|
||||
- test-yarn-dedupe:
|
||||
requires:
|
||||
- prep-deps
|
||||
- validate-lavamoat-config:
|
||||
filters:
|
||||
branches:
|
||||
only:
|
||||
- /^Version-v(\d+)[.](\d+)[.](\d+)|master/
|
||||
- validate-lavamoat-allow-scripts:
|
||||
<<: *rc_or_master_branch_only
|
||||
requires:
|
||||
- prep-deps
|
||||
- validate-lavamoat-policy-build:
|
||||
<<: *rc_or_master_branch_only
|
||||
requires:
|
||||
- prep-deps
|
||||
- validate-lavamoat-policy-webapp:
|
||||
<<: *rc_or_master_branch_only
|
||||
matrix:
|
||||
parameters:
|
||||
build-type: [main, beta, flask, mmi, desktop]
|
||||
requires:
|
||||
- prep-deps
|
||||
- prep-build:
|
||||
@ -162,7 +176,9 @@ workflows:
|
||||
- prep-build-flask
|
||||
- all-tests-pass:
|
||||
requires:
|
||||
- validate-lavamoat-config
|
||||
- validate-lavamoat-allow-scripts
|
||||
- validate-lavamoat-policy-build
|
||||
- validate-lavamoat-policy-webapp
|
||||
- test-lint
|
||||
- test-lint-shellcheck
|
||||
- test-lint-lockfile
|
||||
@ -329,7 +345,7 @@ jobs:
|
||||
- node_modules
|
||||
- build-artifacts
|
||||
|
||||
validate-lavamoat-config:
|
||||
validate-lavamoat-allow-scripts:
|
||||
executor: node-browsers-medium-plus
|
||||
steps:
|
||||
- checkout
|
||||
@ -337,12 +353,39 @@ jobs:
|
||||
at: .
|
||||
- run:
|
||||
name: Validate allow-scripts config
|
||||
command: |
|
||||
.circleci/scripts/validate-allow-scripts.sh
|
||||
command: yarn allow-scripts auto
|
||||
- run:
|
||||
name: Validate LavaMoat policy
|
||||
command: |
|
||||
.circleci/scripts/validate-lavamoat-policy.sh
|
||||
name: Check working tree
|
||||
command: .circleci/scripts/check-working-tree.sh
|
||||
|
||||
validate-lavamoat-policy-build:
|
||||
executor: node-browsers-medium-plus
|
||||
steps:
|
||||
- checkout
|
||||
- attach_workspace:
|
||||
at: .
|
||||
- run:
|
||||
name: Validate LavaMoat build policy
|
||||
command: yarn lavamoat:build:auto
|
||||
- run:
|
||||
name: Check working tree
|
||||
command: .circleci/scripts/check-working-tree.sh
|
||||
|
||||
validate-lavamoat-policy-webapp:
|
||||
executor: node-browsers-medium-plus
|
||||
parameters:
|
||||
build-type:
|
||||
type: string
|
||||
steps:
|
||||
- checkout
|
||||
- attach_workspace:
|
||||
at: .
|
||||
- run:
|
||||
name: Validate LavaMoat << parameters.build-type >> policy
|
||||
command: yarn lavamoat:webapp:auto:ci '--build-types=<< parameters.build-type >>'
|
||||
- run:
|
||||
name: Check working tree
|
||||
command: .circleci/scripts/check-working-tree.sh
|
||||
|
||||
prep-build:
|
||||
executor: node-browsers-medium-plus
|
||||
|
11
.circleci/scripts/check-working-tree.sh
Executable file
11
.circleci/scripts/check-working-tree.sh
Executable file
@ -0,0 +1,11 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
set -u
|
||||
set -o pipefail
|
||||
|
||||
if ! git diff --exit-code
|
||||
then
|
||||
echo "Working tree dirty"
|
||||
exit 1
|
||||
fi
|
@ -1,15 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
set -u
|
||||
set -o pipefail
|
||||
|
||||
yarn allow-scripts auto
|
||||
|
||||
if git diff --exit-code
|
||||
then
|
||||
echo "allow-scripts configuration is up-to-date"
|
||||
else
|
||||
echo "allow-scripts configuration requires updates"
|
||||
exit 1
|
||||
fi
|
@ -1,15 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
set -u
|
||||
set -o pipefail
|
||||
|
||||
yarn lavamoat:auto:ci
|
||||
|
||||
if git diff --exit-code
|
||||
then
|
||||
echo "LavaMoat policy is up-to-date"
|
||||
else
|
||||
echo "LavaMoat policy requires updates"
|
||||
exit 1
|
||||
fi
|
@ -85,7 +85,6 @@
|
||||
"lavamoat:webapp:auto": "node ./development/generate-lavamoat-policies.js --devMode=true",
|
||||
"lavamoat:webapp:auto:ci": "node ./development/generate-lavamoat-policies.js --parallel=false",
|
||||
"lavamoat:auto": "yarn lavamoat:build:auto && yarn lavamoat:webapp:auto",
|
||||
"lavamoat:auto:ci": "yarn lavamoat:build:auto && yarn lavamoat:webapp:auto:ci",
|
||||
"ts-migration:dashboard:build": "ts-node development/ts-migration-dashboard/scripts/build-app.ts",
|
||||
"ts-migration:dashboard:deploy": "gh-pages --dist development/ts-migration-dashboard/build/final --remote ts-migration-dashboard",
|
||||
"ts-migration:dashboard:watch": "yarn ts-migration:dashboard:build --watch",
|
||||
|
Loading…
Reference in New Issue
Block a user