feat: Turborepo remote caching for all CI steps #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main, develop] | |
| pull_request: | |
| branches: [main, develop] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| web: | |
| name: Web (lint + type-check + test + build) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: pnpm/action-setup@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| cache: pnpm | |
| - run: pnpm install --frozen-lockfile | |
| - name: Restore Next.js build cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: apps/web/.next/cache | |
| key: nextjs-${{ runner.os }}-${{ hashFiles('apps/web/**.[jt]s', 'apps/web/**.[jt]sx', 'pnpm-lock.yaml') }} | |
| restore-keys: nextjs-${{ runner.os }}- | |
| - name: lint (ESLint) | |
| run: pnpm lint | |
| working-directory: apps/web | |
| env: | |
| TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} | |
| TURBO_TEAM: ${{ secrets.TURBO_TEAM }} | |
| - name: format check (Prettier) | |
| run: pnpm prettier --check "**/*.{ts,tsx,md,json}" --ignore-path .gitignore | |
| - name: type-check | |
| run: pnpm type-check | |
| working-directory: apps/web | |
| env: | |
| TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} | |
| TURBO_TEAM: ${{ secrets.TURBO_TEAM }} | |
| - run: pnpm test | |
| working-directory: apps/web | |
| env: | |
| TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} | |
| TURBO_TEAM: ${{ secrets.TURBO_TEAM }} | |
| - run: pnpm build | |
| working-directory: apps/web | |
| env: | |
| NEXT_PUBLIC_SUPABASE_URL: ${{ secrets.NEXT_PUBLIC_SUPABASE_URL || 'https://placeholder.supabase.co' }} | |
| NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY || 'placeholder' }} | |
| NEXT_PUBLIC_STELLAR_NETWORK: testnet | |
| NEXT_PUBLIC_ENERGY_TOKEN_ID: placeholder | |
| NEXT_PUBLIC_AUDIT_REGISTRY_ID: placeholder | |
| NEXT_PUBLIC_COMMUNITY_GOVERNANCE_ID: placeholder | |
| SUPABASE_SERVICE_ROLE_KEY: placeholder | |
| MINTER_SECRET_KEY: SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA | |
| TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} | |
| TURBO_TEAM: ${{ secrets.TURBO_TEAM }} | |
| playwright-e2e: | |
| name: Playwright E2E | |
| runs-on: ubuntu-latest | |
| needs: web | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: pnpm/action-setup@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| cache: pnpm | |
| - run: pnpm install --frozen-lockfile | |
| - run: pnpm --filter @solarproof/web exec playwright install chromium | |
| - run: pnpm e2e | |
| env: | |
| NEXT_PUBLIC_SUPABASE_URL: ${{ secrets.NEXT_PUBLIC_SUPABASE_URL || 'https://placeholder.supabase.co' }} | |
| NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY || 'placeholder' }} | |
| NEXT_PUBLIC_STELLAR_NETWORK: testnet | |
| NEXT_PUBLIC_ENERGY_TOKEN_ID: placeholder | |
| NEXT_PUBLIC_AUDIT_REGISTRY_ID: placeholder | |
| NEXT_PUBLIC_COMMUNITY_GOVERNANCE_ID: placeholder | |
| - name: Upload Playwright artifacts | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: playwright-test-results | |
| path: apps/web/test-results | |
| openapi: | |
| name: OpenAPI spec validation | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| - name: Validate openapi.yaml | |
| run: npx --yes @redocly/cli@1 lint openapi.yaml --format=github-actions | |
| contracts: | |
| name: Contracts (fmt + clippy + test) | |
| runs-on: ubuntu-latest | |
| env: | |
| # Rotate accounts per run to avoid faucet rate limits | |
| CI_ADMIN_ADDRESS: ${{ vars.CI_ADMIN_ADDRESS || '' }} | |
| CI_MINTER_ADDRESS: ${{ vars.CI_MINTER_ADDRESS || '' }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust toolchain (pinned via rust-toolchain.toml) | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: "1.88.0" | |
| targets: wasm32-unknown-unknown | |
| components: rustfmt, clippy | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| workspaces: apps/contracts | |
| - name: fmt | |
| run: cargo fmt --all -- --check | |
| working-directory: apps/contracts | |
| env: | |
| TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} | |
| TURBO_TEAM: ${{ secrets.TURBO_TEAM }} | |
| - name: clippy | |
| run: cargo clippy --all-targets --all-features -- -D warnings | |
| working-directory: apps/contracts | |
| env: | |
| TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} | |
| TURBO_TEAM: ${{ secrets.TURBO_TEAM }} | |
| - name: test | |
| run: cargo test --all | |
| working-directory: apps/contracts | |
| env: | |
| TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }} | |
| TURBO_TEAM: ${{ secrets.TURBO_TEAM }} | |
| proptest: | |
| name: Property-based tests (proptest) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust toolchain (pinned via rust-toolchain.toml) | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: "1.88.0" | |
| targets: wasm32-unknown-unknown | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| workspaces: apps/contracts/proptest | |
| - name: Run proptest suite | |
| run: cargo test | |
| working-directory: apps/contracts/proptest | |
| fuzz: | |
| name: Fuzz (time-limited, corpus only) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Rust nightly (required by cargo-fuzz) | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: nightly | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| workspaces: apps/contracts/fuzz | |
| - name: Install cargo-fuzz | |
| run: cargo install cargo-fuzz --locked | |
| - name: fuzz_mint (30 s) | |
| run: cargo fuzz run fuzz_mint -- -max_total_time=30 corpus/fuzz_mint | |
| working-directory: apps/contracts/fuzz | |
| - name: fuzz_anchor (30 s) | |
| run: cargo fuzz run fuzz_anchor -- -max_total_time=30 corpus/fuzz_anchor | |
| working-directory: apps/contracts/fuzz | |
| - name: fuzz_vote (30 s) | |
| run: cargo fuzz run fuzz_vote -- -max_total_time=30 corpus/fuzz_vote | |
| working-directory: apps/contracts/fuzz |