averello/firefox-accounts-mirror
1
0
Fork 0
mirror of https://github.com/mozilla/fxa.git synced 2025-12-13 20:36:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
c006d418f7f6442ef579d7bc14f7aa98ffb18aab
firefox-accounts-mirror/.circleci/config.yml
julianpoyourow c006d418f7 chore(deps): update nx to 21 
Because:

- Nx is on 19 currently and we want to support the new Nx caching
  features

This commit:

- Updates Nx from 19 to 21
- Bumps eslint to 8 across all packages and disables some rules that we
  do not respect
- Some resources needed to be bumped since many of the build steps have been cached, but when run without cache they consume more RAM than available
- Several version numbers have been consolidated across packages, but not necessarily upgraded outside of Nx itself.

Closes FXA-10981
2025-06-03 22:56:35 +00:00

1287 lines
41 KiB
YAML
Raw Blame History

version: 2.1
parameters:
enable_test_pull_request:
type: boolean
default: true
enable_production_smoke_tests:
type: boolean
default: false
enable_stage_smoke_tests:
type: boolean
default: false
enable_deploy_packages:
type: boolean
default: true
enable_deploy_ci_images:
type: boolean
default: true
enable_deploy_story_book:
type: boolean
default: true
enable_test_and_deploy_tag:
type: boolean
default: true
enable_nightly:
type: boolean
default: true
force-deploy-fxa-ci-images:
type: boolean
default: false
accounts-domain:
type: string
default: ''
payments-domain:
type: string
default: ''
accounts-api-domain:
type: string
default: ''
relier-domain:
type: string
default: ''
untrusted-relier-domain:
type: string
default: ''
orbs:
browser-tools: circleci/browser-tools@1.2.3
gcp-cli: circleci/gcp-cli@3.3.0
executors:
# Default node executor with low resources. Useful for running quick / small tasks
tiny-executor:
resource_class: small
docker:
- image: cimg/node:22.15.1
environment:
HUSKY_SKIP_INSTALL: 1
# For creating docker builds
docker-build-executor:
parameters:
resource_class:
type: string
default: medium+
image:
type: string
default: cimg/node:22.15.1
resource_class: << parameters.resource_class >>
docker:
- image: << parameters.image >>
environment:
DOCKER_BUILDKIT: 1
BUILDKIT_PROGRESS: plain
# Note, the global cache is enabled, because otherwise two caches are created, one in .yarn/berry and one in .yarn/cache.
# Turning this on results in a single cache - .yarn/berry
YARN_ENABLE_GLOBAL_CACHE: true
# Enabling hard links saves about 1.2 GB of space in the image.
YARN_NM_MODE: hardlinks-global
HUSKY_SKIP_INSTALL: 1
# Contains prebuilt image with low install overhead. Perfect for the first build
# step, and the saving the initial a workspace state.
build-executor:
docker:
- image: mozilla/fxa-circleci:ci-builder-v5
environment:
NODE_ENV: development
FIRESTORE_EMULATOR_HOST: localhost:9090
CUSTOMS_SERVER_URL: none
HUSKY_SKIP_INSTALL: 1
# Contains minimal image for running common jobs like linting or unit tests.
# This image requires a restored workspace state.
default-executor:
parameters:
resource_class:
type: string
default: medium
resource_class: << parameters.resource_class >>
docker:
- image: mozilla/fxa-circleci:ci-test-runner-v5
environment:
NODE_ENV: development
FIRESTORE_EMULATOR_HOST: localhost:9090
CUSTOMS_SERVER_URL: none
HUSKY_SKIP_INSTALL: 1
# A minimal image for anything job needs infrastructure. Perfect for integration tests.
# This image requires a restored workspace state.
fullstack-executor:
parameters:
resource_class:
type: string
default: large
resource_class: << parameters.resource_class >>
docker:
- image: mozilla/fxa-circleci:ci-test-runner-v5
- image: cimg/mysql:8.0
command: --default-authentication-plugin=mysql_native_password
- image: jdlk7/firestore-emulator
- image: redis
- image: ghcr.io/aertje/cloud-tasks-emulator:1.2.0
command: -queue "projects/test/locations/test/queues/delete-accounts-queue"
environment:
NODE_ENV: development
FIRESTORE_EMULATOR_HOST: localhost:9090
CUSTOMS_SERVER_URL: none
HUSKY_SKIP_INSTALL: 1
AUTH_CLOUDTASKS_USE_LOCAL_EMULATOR: true
# For anything that needs a full stack to run and needs browsers available for
# ui test automation. This image requires a restored workspace state.
functional-test-executor:
parameters:
resource_class:
type: string
default: xlarge
resource_class: << parameters.resource_class >>
docker:
- image: mozilla/fxa-circleci:ci-functional-test-runner-v5
- image: redis
- image: pafortin/goaws
- image: cimg/mysql:8.0
command: --default-authentication-plugin=mysql_native_password
- image: jdlk7/firestore-emulator
- image: ghcr.io/aertje/cloud-tasks-emulator:1.2.0
command: -queue "projects/test/locations/test/queues/delete-accounts-queue"
environment:
NODE_ENV: development
FXA_EMAIL_ENV: development
FXA_EMAIL_LOG_LEVEL: debug
RUST_BACKTRACE: 1
AUTH_FIRESTORE_EMULATOR_HOST: localhost:9090
# Needed for sub plat playwright tests
SUBSCRIPTIONS_PAYPAL_ENABLED: true
PAYPAL_SANDBOX: true
FXA_MX_RECORD_EXCLUSIONS: restmail.dev.lcip.org
# Needed for react conversion playwright tests
ROLLOUT_GENERALIZED_REACT_APP: 1
REACT_CONVERSION_EMAIL_FIRST_ROUTES: true
REACT_CONVERSION_SIMPLE_ROUTES: true
REACT_CONVERSION_RESET_PASSWORD_ROUTES: true
REACT_CONVERSION_OAUTH_ROUTES: true
REACT_CONVERSION_SIGNIN_ROUTES: true
REACT_CONVERSION_SIGNUP_ROUTES: true
REACT_CONVERSION_PAIR_ROUTES: true
REACT_CONVERSION_POST_VERIFY_OTHER_ROUTES: true
REACT_CONVERSION_POST_VERIFY_CAD_VIA_QR_ROUTES: true
# Recovery phone feature flags
FEATURE_FLAGS_ADDING_2FA_BACKUP_PHONE: true
FEATURE_FLAGS_USING_2FA_BACKUP_PHONE: true
GEODB_LOCATION_OVERRIDE: '{"location": {"countryCode": "US", "postalCode": "85001"}}'
RECOVERY_PHONE__ENABLED: true
# use test mode except for smoke tests
RECOVERY_PHONE__TWILIO__CREDENTIAL_MODE: 'test'
CUSTOMS_SERVER_URL: none
HUSKY_SKIP_INSTALL: 1
AUTH_CLOUDTASKS_USE_LOCAL_EMULATOR: true
RATE_LIMIT__RULES: ""
# Contains a pre-installed fxa stack and browsers for doing ui test
# automation. Perfect for running smoke tests against remote targets.
smoke-test-executor:
parameters:
resource_class:
type: string
default: xlarge
resource_class: << parameters.resource_class >>
docker:
- image: mozilla/fxa-circleci:ci-functional-test-runner-v5
environment:
NODE_ENV: development
CUSTOMS_SERVER_URL: none
HUSKY_SKIP_INSTALL: 1
# use apiKeys mode and real numbers for smoke tests
RECOVERY_PHONE__TWILIO__CREDENTIAL_MODE: 'apiKeys'
commands:
git-clone:
# Note: Cloning this way allows us to run a git fetch & checkout later on download the road. This type of
# clone operation will result in a .git/config with no user attached that is using
# https://github.com/mozilla/fxa for the remote origin.
# The --depth argument is used to drastically cut down the initial download size. The size
# of the git folder is also much smaller, which ultimately results in smaller docker images.
steps:
- run:
name: git clone
command: |
git clone https://github.com/mozilla/fxa . --depth=1
git fetch https://github.com/mozilla/fxa << pipeline.git.revision >> --depth=2
git checkout << pipeline.git.revision >>
git-checkout:
# Note: Since we use a pre-populated base image that has a .git folder already present (see
# comment above), running a fetch and checkout saves a considerable amount of time when compared
# to a circleci `- checkout` command.
steps:
- run:
name: Checkout Branch
command: |
set +x
# If the PR is coming from a fork, add it as a remote, so the commit can be checked out.
if [[ "$CIRCLE_PR_USERNAME" != "" && "$CIRCLE_PR_REPONAME" != "" ]]; then
echo "Adding remote https://github.com/$CIRCLE_PR_USERNAME/$CIRCLE_PR_REPONAME"
git fetch https://github.com/$CIRCLE_PR_USERNAME/$CIRCLE_PR_REPONAME << pipeline.git.revision >> --depth=1
else
git fetch https://github.com/mozilla/fxa << pipeline.git.revision >> --depth=1
fi
git reset --hard
git checkout << pipeline.git.revision >>
commitsBehind=$(git rev-list --left-only --count main...HEAD);
if [[ $((commitsBehind)) > 0 ]]; then
if [[ $((commitsBehind)) == 1 ]]; then commits="commit"; else commits="commits"; fi;
echo -e '\n\n'
echo '=============================================================================='
echo "WARNING! Your branch is $commitsBehind $commits behind master!"
echo '------------------------------------------------------------------------------'
echo 'Please consider rebasing. By not rebasing you always run the risk of'
echo 'introducing a breaking change into main!'
echo '=============================================================================='
echo -e '\n\n'
fi
provision:
# Note: We no longer cache in step. As long as packages used in the branch aren't that different
# from the packages used in main, which is generally the case, we shouldn't see large install
# times, since the base image will have pre cached.
steps:
- run:
name: Base Install
command: |
./_scripts/l10n/clone.sh
./.circleci/base-install.sh
./_scripts/create-version-json.sh
- store_artifacts:
path: ./packages/version.json
- store_artifacts:
path: ./configs/gql
cache-save-yarn:
steps:
- save_cache:
key: fxa-yarn-002-{{ checksum "yarn.lock" }}
paths:
- /home/circleci/.yarn
- /home/circleci/project/.yarn
cache-restore-yarn:
steps:
# Note, this matches keys im a prefixed manner. ie It will try match
# the first key which is the exact key. If this fails it'll fallback
# to a recent entry that starts with fxa-yarn-002
- restore_cache:
keys:
- fxa-yarn-002-{{ checksum "yarn.lock" }}
- fxa-yarn-002-
wait-for-infrastructure:
steps:
- run:
name: Wait for MySQL DB
command: ./_scripts/check-mysql.sh
- run:
name: Run DB migrations
command: node ./packages/db-migrations/bin/patcher.mjs;
- run:
name: Wait for firestore
command: ./_scripts/check-url.sh localhost:9090;
wait-for-customs:
steps:
- run:
name: Wait for Customs
command: yarn workspace fxa-customs-server start
lint:
parameters:
nx_run:
type: string
default: run-many
steps:
- run:
name: Linting
command: npx nx << parameters.nx_run >> --parallel=1 -t lint
compile:
parameters:
nx_run:
type: string
default: run-many
steps:
- run:
name: Pre building shared libraries
command: NODE_OPTIONS="--max-old-space-size=7168" npx nx run-many -t build --projects=tag:scope:shared:lib --parallel=2 --verbose
environment:
NODE_ENV: test
- run:
name: Compiling TypeScript
command: NODE_OPTIONS="--max-old-space-size=7168" npx nx << parameters.nx_run >> --parallel=1 -t compile
environment:
NODE_ENV: test
run-playwright-tests:
parameters:
project:
type: string
steps:
- run:
name: Running Playwright tests
# Supports 'Re-run failed tests only'. See this for more info: https://circleci.com/docs/rerun-failed-tests-only/
command: |
if [[ "<< parameters.project >>" == "production" ]]; then
GREP="--grep=\"severity-1\""
elif [[ "<< parameters.project >>" == "stage" ]]; then
GREP="--grep=\"severity-(1|2)\""
else
GREP=""
fi
echo "targeting project << parameters.project >> $GREP"
npx nx build fxa-auth-client
cd packages/functional-tests/tests
TEST_FILES=$(circleci tests glob "./**/*.spec.ts")
cd ..
echo $TEST_FILES | circleci tests run \
--command="xargs yarn playwright test --project=<< parameters.project >> $GREP" \
--verbose \
--split-by=timings \
--timings-type=classname
environment:
NODE_OPTIONS: --dns-result-order=ipv4first
ACCOUNTS_DOMAIN: << pipeline.parameters.accounts-domain >>
PAYMENTS_DOMAIN: << pipeline.parameters.payments-domain >>
ACCOUNTS_API_DOMAIN: << pipeline.parameters.accounts-api-domain >>
RELIER_DOMAIN: << pipeline.parameters.relier-domain >>
UNTRUSTED_RELIER_DOMAIN: << pipeline.parameters.untrusted-relier-domain >>
store-artifacts:
steps:
- run:
name: Ensure directories
command: mkdir -p artifacts/tests && mkdir -p ~/.pm2/logs && mkdir -p ~/screenshots
when: always
- store_artifacts:
path: artifacts
when: always
- store_artifacts:
path: ~/screenshots
when: always
- store_artifacts:
path: ~/.pm2/logs
when: always
- store_test_results:
path: artifacts/tests
when: always
build:
steps:
- run:
name: Build
command: NODE_OPTIONS="--max-old-space-size=7168" npx nx run-many -t build --parallel=2 --all --verbose
environment:
NODE_ENV: test
save-init-workspace:
steps:
- persist_to_workspace:
root: /home/circleci/project
paths:
- external
- node_modules
- packages/**/node_modules
- packages/version.json
save-build-workspace:
steps:
- persist_to_workspace:
name: Save Build Workspace
root: /home/circleci/project
paths:
- .nx/cache
- packages/**/dist
- packages/**/public
- packages/**/src/styles
- packages/**/styles
- packages/**/vendor
- packages/**/var
- packages/**/locales
- packages/**/emails/css
- configs/gql/allowlist
restore-workspace:
steps:
- attach_workspace:
at: /home/circleci/project
fail-fast:
steps:
- run: sleep 10
- run:
name: Fail Fast
when: on_fail
command: echo "DISABLE"
# command: |
# echo "Canceling workflow as a step resulted in failure"
# node .circleci/cancel-jobs.mjs;
rebuild-check:
parameters:
force-deploy:
type: boolean
# If there are no changes on the lock file, we can skip the rebuild and exit early.
steps:
- run:
name: Check if rebuild is needed
command: |
# If the lockfile has changed, we need a rebuild
if [[ "<< parameters.force-deploy >>" == "true" ]]; then
echo "Pipeline parameter force-deploy-fxa-ci-images set to true. Rebuilding docker images for CI.";
elif [[ -n $(git diff HEAD~1 HEAD -- yarn.lock) ]]; then
echo "Yarn lock has changes. Rebuilding docker images for CI!";
else
echo "No changes on yarn.lock. Skipping CI image rebuild.";
circleci-agent step halt
fi
install-test-browsers:
# Install browsers for content server testing. Once content server tests are complete, this can be removed.
steps:
- browser-tools/install-firefox:
version: 102.4.0esr
- browser-tools/install-geckodriver:
version: v0.32.0
build-ci-image:
# Creates a docker image from the CI multistage build file.
parameters:
target:
type: string
steps:
- run:
name: Build << parameters.target >>
command: |
cd ..
docker build . \
-f ./project/_dev/docker/ci/Dockerfile \
--target << parameters.target >> \
-t mozilla/fxa-circleci:ci-<< parameters.target >>-v5
create-fxa-ci-images:
# Build CI images. Images are built on top of each other. Each is optimized for a specific task.
steps:
- run:
name: Prep yarn install
command: cd .. && mkdir -p .yarn
- build-ci-image:
target: test-runner
- build-ci-image:
target: builder
- run:
name: Prep browser install
command: |
cd ..
mkdir -p install
cp -r /usr/local/bin/firefox* install/.
cp -r /usr/local/bin/gecko* install/.
- build-ci-image:
target: functional-test-runner
# Push images at the same time. Since these images are related, push them
# in unison. Doing these operations in parallel cuts down on how expensive this
# step is.
- run:
name: Push CI Images and Extract Yarn Cache
command: |
docker login -u $DOCKER_USER_fxa_circleci -p $DOCKER_PASS_fxa_circleci
.circleci/docker-copy-cache.sh mozilla/fxa-circleci:ci-builder-v5
docker push mozilla/fxa-circleci:ci-test-runner-v5
docker push mozilla/fxa-circleci:ci-functional-test-runner-v5
docker push mozilla/fxa-circleci:ci-builder-v5
wait
upload_to_gcs:
# Uploads test artifacts to ETE GCS for test metric reporting and monitoring
parameters:
source:
type: string
default: artifacts/tests
destination:
type: string
# The destination can be defaulted since result reporting is the only use case atm
# If/When we have coverage metrics this value should be 'gs://ecosystem-test-eng-metrics/fxa/coverage'
default: gs://ecosystem-test-eng-metrics/fxa/junit
extension:
type: enum
enum: ['xml', 'json']
# The extension can be defaulted since result reporting is the only use case atm
# If/When we have coverage metrics this value should be 'json'
default: xml
workflow:
type: string
test_suite:
type: string
steps:
- run:
name: Upload << parameters.source >> << parameters.extension >> Files to GCS
when: always # Ensure the step runs even if previous steps, like test runs, fail
command: |
ALLOWED_WORKFLOWS=("nightly" "test_and_deploy_tag" "stage_smoke_tests" "production_smoke_tests")
if [[ ! " ${ALLOWED_WORKFLOWS[@]} " =~ " << parameters.workflow >> " ]]; then
echo "Skipping artifact upload. Uploads not supported on << parameters.workflow >>."
exit 0
fi
FILES=$(find "<< parameters.source >>" -type f -name "*.<< parameters.extension >>")
if [ -z "$FILES" ]; then
echo "No << parameters.extension >> files found in << parameters.source >>/"
exit 1
fi
# In order to be consumed by the ETE Test Metric Pipeline, files need to follow a strict naming convention:
# {job_number}__{utc_epoch_datetime}__{repository}__{workflow}__{test_suite}__results{-index}.xml
EPOCH_TIME=$(date +%s)
PREFIX="${CIRCLE_BUILD_NUM}__${EPOCH_TIME}__fxa__<< parameters.workflow >>__<< parameters.test_suite >>"
for file in $FILES; do
basefile=$(basename "$file")
gsutil cp "$file" "<< parameters.destination >>/${PREFIX}__$basefile"
done
jobs:
create-fxa-image:
executor: docker-build-executor
steps:
- checkout
- cache-restore-yarn
- provision
- setup_remote_docker:
docker_layer_caching: true
- run:
name: Build docker images
command: ./.circleci/docker-build-fxa.sh << pipeline.id >>
no_output_timeout: 1h
deploy-fxa-image:
executor: docker-build-executor
steps:
- checkout
- setup_remote_docker:
docker_layer_caching: true
- run:
name: Push to docker hub
command: ./.circleci/docker-deploy-fxa.sh << pipeline.id >>
- store-artifacts
# This deploys docker images that are useful for CI testing. Think of this image as
# the last known good build state of fxa. The images are designed to come to help spin
# up jobs as quickly as possible.
deploy-fxa-ci-images:
parameters:
executor:
type: executor
force-deploy:
type: boolean
executor: << parameters.executor >>
steps:
# Run with layer caching to speed up builds
- setup_remote_docker:
docker_layer_caching: true
- git-clone
- rebuild-check:
force-deploy: << parameters.force-deploy >>
- install-test-browsers
- cache-restore-yarn
- create-fxa-ci-images
- cache-save-yarn
# The initial step for many pipelines, this step installs packages and does a build on
# the code. It then stores the resulting state into a CircleCI workspace for later
# use.
init:
executor: build-executor
resource_class: large
steps:
- git-checkout
- provision
- save-init-workspace
build:
executor: default-executor
resource_class: xlarge
steps:
- git-checkout
- restore-workspace
- build
- save-build-workspace
# Runs linter on packages that have changes.
lint:
parameters:
nx_run:
type: string
default: run-many
executor: default-executor
resource_class: small
steps:
- git-checkout
- restore-workspace
- lint:
nx_run: << parameters.nx_run >>
compile:
parameters:
nx_run:
type: string
default: run-many
executor: default-executor
resource_class: large
steps:
- git-checkout
- restore-workspace
- compile:
nx_run: << parameters.nx_run >>
# Runs unit tests in parallel across packages with changes.
unit-test:
parameters:
nx_run:
type: string
default: run-many
workflow:
type: string
executor: default-executor
resource_class: large
steps:
- git-checkout
- restore-workspace
- gcp-cli/setup
- run:
name: Build shared libs
command: NODE_OPTIONS="--max-old-space-size=7168" npx nx run-many -t build --projects=tag:scope:shared:lib --parallel=2
- run:
name: Run unit tests
command: NODE_OPTIONS="--max-old-space-size=7168" npx nx << parameters.nx_run >> --parallel=2 -t test-unit
environment:
NODE_ENV: test
- store-artifacts
- upload_to_gcs:
workflow: << parameters.workflow >>
test_suite: unit
# Runs integration tests suites across packages with changes. Integration tests can take
# longer to run, so this job supports splitting.
integration-test:
parameters:
target:
type: string
default: -t test-integration
projects:
type: string
default: --all
parallel:
type: string
default: --parallel=1
nx_run:
type: string
default: run-many
resource_class:
type: string
default: large
start_customs:
type: boolean
default: false
test_suite:
type: string
workflow:
type: string
executor: fullstack-executor
resource_class: << parameters.resource_class >>
steps:
- git-checkout
- restore-workspace
- gcp-cli/setup
- wait-for-infrastructure
- run:
name: Start customs
command: |
if [[ "<< parameters.start_customs >>" == "true" ]]; then
NODE_ENV=dev yarn workspace fxa-customs-server start
fi;
- run:
name: Gen keys
command: |
NODE_ENV=dev npx nx gen-keys fxa-auth-server
- run:
name: Run API Integration Tests
command: |
NODE_OPTIONS="--max-old-space-size=7168" npx nx << parameters.nx_run >> << parameters.parallel >> << parameters.target >> << parameters.projects >>
environment:
NODE_ENV: test
no_output_timeout: 20m
- store-artifacts
- upload_to_gcs:
workflow: << parameters.workflow >>
test_suite: << parameters.test_suite >>
# Deprecated - use workflows in conjunction with smoke-tests job instead!
# This job is manually triggered for now. see .circleci/README.md
production-smoke-tests:
executor: smoke-test-executor
steps:
- git-checkout
- provision
- run-playwright-tests:
project: production
- store-artifacts
smoke-tests:
parameters:
parallelism:
type: integer
default: 8 # this should correspond with the resource-class defined in the executor
project:
type: string
default: production
workflow:
type: string
executor: smoke-test-executor
parallelism: << parameters.parallelism >>
steps:
- git-checkout
- gcp-cli/setup
- provision
- run-playwright-tests:
project: << parameters.project >>
- store-artifacts
- upload_to_gcs:
workflow: << parameters.workflow >>
test_suite: e2e
# Runs functional tests using playwright. These tests support splitting
# and parallel execution.
playwright-functional-tests:
parameters:
parallelism:
type: integer
default: 8 # this should correspond with the resource-class defined in the executor
workflow:
type: string
executor: functional-test-executor
parallelism: << parameters.parallelism >>
steps:
- git-checkout
- restore-workspace
- gcp-cli/setup
- run:
name: Add localhost
command: |
sudo tee -a /etc/hosts \<<<'127.0.0.1 localhost'
sudo cat /etc/hosts
- wait-for-infrastructure
- run:
name: Start services for playwright tests
command: ./packages/functional-tests/scripts/start-services.sh
environment:
NODE_ENV: test
no_output_timeout: 20m
- run-playwright-tests:
project: local
- store-artifacts
- upload_to_gcs:
workflow: << parameters.workflow >>
test_suite: e2e
build-and-deploy-storybooks:
executor: default-executor
resource_class: xlarge
steps:
- git-checkout
- restore-workspace
- run:
name: Build Storybooks
command: |
npx nx run-many -t build-storybook
- run:
name: Publish Storybooks
command: |
STORYBOOKS_USE_YARN_WORKSPACES=false STORYBOOKS_SKIP_BUILD=true LOG_LEVEL=TRACE npx github:mozilla-fxa/storybook-gcp-publisher
update-yarn-cache:
executor: default-executor
resource_class: medium+
steps:
- git-checkout
- run:
name: Base Install
command: ./.circleci/base-install.sh
- cache-save-yarn
# A nice way to finalize a workflow.
on-complete:
parameters:
stage:
type: string
job_type:
type: string
executor: tiny-executor
steps:
- run:
name: 'Stage completed'
command: echo "<< parameters.stage >> completed!"
workflows:
test_pull_request:
# This workflow is executed whenever a pull request is issued. It will also
# run on PR drafts.
when: << pipeline.parameters.enable_test_pull_request >>
jobs:
- init:
name: Init (PR)
filters:
branches:
ignore: /main/
tags:
ignore: /.*/
- build:
name: Build (PR)
requires:
- Init (PR)
- lint:
name: Lint (PR)
nx_run: affected --base=main --head=$CIRCLE_SHA1
requires:
- Init (PR)
post-steps:
- fail-fast
- compile:
name: Compile (PR)
nx_run: affected --base=main --head=$CIRCLE_SHA1
requires:
- Init (PR)
post-steps:
- fail-fast
- unit-test:
name: Unit Test (PR)
nx_run: affected --base=main --head=$CIRCLE_SHA1
workflow: test_pull_request
requires:
- Build (PR)
post-steps:
- fail-fast
- integration-test:
name: Integration Test - Frontends (PR)
resource_class: xlarge
nx_run: affected --base=main --head=$CIRCLE_SHA1
projects: --exclude '*,!tag:scope:frontend'
test_suite: frontends-integration
workflow: test_pull_request
requires:
- Build (PR)
- integration-test:
name: Integration Test - Servers (PR)
nx_run: affected --base=main --head=$CIRCLE_SHA1
projects: --exclude '*,!tag:scope:server'
test_suite: servers-integration
workflow: test_pull_request
requires:
- Build (PR)
- integration-test:
name: Integration Test - Servers - Auth (PR)
nx_run: affected --base=main --head=$CIRCLE_SHA1
projects: --exclude '*,!tag:scope:server:auth'
start_customs: true
test_suite: servers-auth-integration
workflow: test_pull_request
requires:
- Build (PR)
- integration-test:
name: Integration Test - Servers - Auth V2 (PR)
nx_run: affected --base=main --head=$CIRCLE_SHA1
projects: --exclude '*,!tag:scope:server:auth'
start_customs: true
target: -t test-integration-v2
test_suite: servers-auth-v2-integration
workflow: test_pull_request
requires:
- Build (PR)
- integration-test:
name: Integration Test - Libraries (PR)
nx_run: affected --base=main --head=$CIRCLE_SHA1
projects: --exclude '*,!tag:scope:shared:*'
test_suite: libraries-integration
workflow: test_pull_request
requires:
- Build (PR)
- playwright-functional-tests:
name: Firefox Functional Tests - Playwright (PR)
workflow: test_pull_request
requires:
- Build (PR)
- build-and-deploy-storybooks:
name: Deploy Storybooks (PR)
requires:
- Build (PR)
- on-complete:
name: Tests Complete (PR)
stage: Tests
job_type: build
requires:
- Lint (PR)
- Compile (PR)
- Unit Test (PR)
- Integration Test - Frontends (PR)
- Integration Test - Servers (PR)
- Integration Test - Servers - Auth (PR)
- Integration Test - Servers - Auth V2 (PR)
- Integration Test - Libraries (PR)
- Firefox Functional Tests - Playwright (PR)
- Deploy Storybooks (PR)
# Triggered remotely. See .circleci/README.md
production_smoke_tests:
when: << pipeline.parameters.enable_production_smoke_tests >>
jobs:
# Note that we removed content server tests as it runs on Stage only
- smoke-tests:
name: Smoke Test Production - Playwright
workflow: production_smoke_tests
project: production
filters:
branches:
only: /.*/
tags:
only: /.*/
# Triggered remotely. See .circleci/README.md
stage_smoke_tests:
when: << pipeline.parameters.enable_stage_smoke_tests >>
jobs:
- smoke-tests:
name: Smoke Test Stage - Playwright
workflow: stage_smoke_tests
project: stage
filters:
branches:
only: /.*/
tags:
only: /.*/
deploy_fxa_image:
# This workflow can be triggered after a PR lands on main. It requires approval.
# The same operation will eventually run nightly. The same operation will run nightly.
when: << pipeline.parameters.enable_deploy_packages >>
jobs:
# Builds the monorepo for a production / stage deploy
- request-deploy-image:
name: Request Deploy FxA Image
type: approval
filters:
branches:
only:
- main
- /^feature.*/
- /^dockerpush.*/
tags:
ignore: /.*/
- create-fxa-image:
name: Create FxA Image (requested)
requires:
- Request Deploy FxA Image
- deploy-fxa-image:
name: Deploy FxA Image (requested)
requires:
- Create FxA Image (requested)
deploy_ci_images:
# This workflow is triggered after a PR lands on main. The workflow will
# short circuit if incoming PR doesn't modify any npm packages. The same
# operation will run nightly.
when: << pipeline.parameters.enable_deploy_ci_images >>
jobs:
- deploy-fxa-ci-images:
name: Deploy CI Images
executor:
name: docker-build-executor
image: cimg/node:22.15.1-browsers
filters:
branches:
only:
- main
- update-ci-image
tags:
ignore: /.*/
force-deploy: << pipeline.parameters.force-deploy-fxa-ci-images >>
deploy_story_book:
# This workflow is triggered after a PR lands on main. It requires approval.
# The same operation will eventually run nightly.
when: << pipeline.parameters.enable_deploy_story_book >>
jobs:
- request-build-and-deploy-storybooks:
name: Request Deploy Storybooks
type: approval
filters:
branches:
only: main
tags:
ignore: /.*/
- build-and-deploy-storybooks:
name: Deploy Storybooks
requires:
- Request Deploy Storybooks
test_and_deploy_tag:
# This workflow is used for building docker containers that are then deployed to
# live infrastructure.
when: << pipeline.parameters.enable_test_and_deploy_tag >>
jobs:
- init:
name: Init
filters:
branches:
ignore: /.*/
tags:
only: /.*/
- build:
name: Build
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Init
- lint:
name: Lint
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Init
- compile:
name: Compile
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Init
- unit-test:
name: Unit Test
workflow: test_and_deploy_tag
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Build
- integration-test:
name: Integration Test - Frontends
resource_class: xlarge
projects: --exclude '*,!tag:scope:frontend'
test_suite: frontends-integration
workflow: test_and_deploy_tag
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Build
- integration-test:
name: Integration Test - Servers
projects: --exclude '*,!tag:scope:server'
test_suite: servers-integration
workflow: test_and_deploy_tag
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Build
- integration-test:
name: Integration Test - Servers - Auth
projects: --exclude '*,!tag:scope:server:auth'
start_customs: true
test_suite: servers-auth-integration
workflow: test_and_deploy_tag
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Build
- integration-test:
name: Integration Test - Servers - Auth V2
projects: --exclude '*,!tag:scope:server:auth'
start_customs: true
target: -t test-integration-v2
test_suite: servers-auth-v2-integration
workflow: test_and_deploy_tag
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Build
- integration-test:
name: Integration Test - Libraries
projects: --exclude '*,!tag:scope:shared:*'
test_suite: libraries-integration
workflow: test_and_deploy_tag
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Build
- playwright-functional-tests:
name: Functional Tests - Playwright
workflow: test_and_deploy_tag
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Build
- create-fxa-image:
name: Create FxA Image
filters:
branches:
ignore: /.*/
tags:
only: /.*/
requires:
- Build
nightly:
# This work flow runs a full build, test suite, and deployment of docker images nightly
when: << pipeline.parameters.enable_nightly >>
triggers:
- schedule:
cron: '0 0 * * *'
filters:
branches:
only: main
jobs:
- init:
name: Init (nightly)
filters:
branches:
only: main
tags:
ignore: /.*/
- build:
name: Build (nightly)
filters:
branches:
only: main
tags:
ignore: /.*/
requires:
- Init (nightly)
- lint:
name: Lint (nightly)
requires:
- Init (nightly)
- compile:
name: Compile (nightly)
requires:
- Init (nightly)
- unit-test:
name: Unit Test (nightly)
workflow: nightly
requires:
- Build (nightly)
- integration-test:
name: Integration Test - Frontends (nightly)
resource_class: xlarge
projects: --exclude '*,!tag:scope:frontend'
test_suite: frontends-integration
workflow: nightly
requires:
- Build (nightly)
- integration-test:
name: Integration Test - Servers (nightly)
projects: --exclude '*,!tag:scope:server'
test_suite: servers-integration
workflow: nightly
requires:
- Build (nightly)
- integration-test:
name: Integration Test - Servers - Auth (nightly)
projects: --exclude '*,!tag:scope:server:auth'
start_customs: true
test_suite: servers-auth-integration
workflow: nightly
requires:
- Build (nightly)
- integration-test:
name: Integration Test - Servers - Auth V2 (nightly)
projects: --exclude '*,!tag:scope:server:auth'
start_customs: true
target: -t test-integration-v2
test_suite: servers-auth-v2-integration
workflow: nightly
requires:
- Build (nightly)
- integration-test:
name: Integration Test - Libraries (nightly)
projects: --exclude '*,!tag:scope:shared:*'
test_suite: libraries-integration
workflow: nightly
requires:
- Build (nightly)
- playwright-functional-tests:
name: Firefox Functional Tests - Playwright (nightly)
workflow: nightly
requires:
- Build (nightly)
- on-complete:
name: Tests Complete (nightly)
stage: Tests (nightly)
job_type: build
requires:
- Lint (nightly)
- Compile (nightly)
- Unit Test (nightly)
- Integration Test - Frontends (nightly)
- Integration Test - Servers (nightly)
- Integration Test - Servers - Auth (nightly)
- Integration Test - Servers - Auth V2 (nightly)
- Integration Test - Libraries (nightly)
- Firefox Functional Tests - Playwright (nightly)
- build-and-deploy-storybooks:
name: Deploy Storybooks (nightly)
requires:
- Tests Complete (nightly)
- create-fxa-image:
name: Create FxA Image (nightly)
requires:
- Tests Complete (nightly)
- deploy-fxa-image:
name: Deploy FxA Image (nightly)
requires:
- Create FxA Image (nightly)
- deploy-fxa-ci-images:
name: Deploy CI Images (nightly)
executor:
name: docker-build-executor
image: cimg/node:22.15.1-browsers
# Note, setting force-deploy as true will result in rebuilding the images regardless
# of whether or not there are package modifications.
force-deploy: true
requires:
- Tests Complete (nightly)
Reference in New Issue View Git Blame Copy Permalink