fix(deps): update dependency selenium-webdriver to v4.29.0 #91436
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: CI | |
| # yamllint disable rule:line-length | |
| # | |
| on: # yamllint disable-line rule:truthy | |
| merge_group: | |
| branches: | |
| # presubmit | |
| - main | |
| - renovate/** | |
| pull_request: | |
| branches: | |
| # presubmit | |
| - main | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| - edited # not in the default set, will run on rebase. | |
| push: | |
| branches: | |
| - main | |
| # manual triggering | |
| workflow_dispatch: | |
| env: | |
| BAZEL: ./sh/bin/bazel | |
| jobs: | |
| Presubmit: | |
| if: > | |
| github.event_name == 'pull_request' | |
| || github.event_name == 'merge_group' | |
| || github.event_name == 'workflow_dispatch' | |
| || (github.event_name == 'push' | |
| && startsWith(github.ref, 'refs/heads/renovate')) | |
| concurrency: | |
| # > The ref given is fully-formed, meaning that for branches the format | |
| # > is refs/heads/<branch_name>, | |
| # > for pull requests it is refs/pull/<pr_number>/merge, | |
| # > and for tags it is refs/tags/<tag_name>. For example, | |
| # > refs/heads/feature-branch-1. | |
| # | |
| # This should cancel a prior presubmit when a new change comes in. | |
| group: > | |
| ${{ github.workflow }}- | |
| ${{ github.job }}- | |
| ${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| # Performs all offline testing. | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Free Disk Space (Ubuntu) | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: false | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| # example copied from: | |
| # https://github.com/actions/cache/blob/04f198bf0b2a39f7230a4304bf07747a0bddf146/examples.md | |
| - name: Presubmit | |
| run: | | |
| ./.github/workflows/prepare_ci.sh && \ | |
| echo "::group::Presubmit prep" && \ | |
| $BAZEL build --config=ci --tool_tag=presubmit //ci:presubmit && \ | |
| echo "::endgroup::" && \ | |
| echo "::group::Presubmit" && \ | |
| $BAZEL run --config=ci --tool_tag=presubmit //ci:presubmit -- --skip-pulumi-deploy && \ | |
| echo "::endgroup::" | |
| env: | |
| BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }} | |
| Staging: | |
| permissions: | |
| id-token: write | |
| # Pulumi doesn't like it when multiple deploys are attempted at once. | |
| # This is also enforced at the pulumi layer, but i'm sure github actions | |
| # would make me pay while that thread waits to acquire the lock. | |
| concurrency: pulumi_staging | |
| # only bother with this when we reach the merge queue | |
| if: > | |
| github.event_name == 'merge_group' | |
| || github.event_name == 'workflow_dispatch' | |
| # Performs all offline testing. | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Free Disk Space (Ubuntu) | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| docker-images: true | |
| large-packages: false | |
| swap-storage: true | |
| # example copied from: | |
| # https://github.com/actions/cache/blob/04f198bf0b2a39f7230a4304bf07747a0bddf146/examples.md | |
| - name: Checkout main branch | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| ref: main | |
| - uses: 'google-github-actions/auth@v2' | |
| name: Acquire GCloud credentials for first deploy. | |
| id: auth | |
| with: | |
| project_id: 'extreme-cycling-441523-a9' | |
| workload_identity_provider: 'projects/845702659200/locations/global/workloadIdentityPools/github/providers/my-repo' | |
| service_account: [email protected] | |
| - name: Pulumi up from origin/main to staging | |
| # dirty used here so the state transition is main -> candidate | |
| # we test if the script exists so we don't fail as a result of it | |
| # not yet existing on main. | |
| run: | | |
| echo "::group::Presubmit prep" && \ | |
| test -f ./.github/workflows/prepare_ci.sh && \ | |
| ./.github/workflows/prepare_ci.sh && \ | |
| $BAZEL build --config=ci --tool_tag=staging //ci:presubmit && \ | |
| echo "::endgroup::" && \ | |
| echo "::group::Presubmit" && \ | |
| $BAZEL run --config=ci --tool_tag=staging //ci:presubmit -- --skip-bazel-tests --dirty \ | |
| --overwrite && \ | |
| echo "::endgroup::" | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_SECRET }} | |
| BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }} | |
| TWILIO_ACCOUNT_SID: ${{ secrets.TWILIO_ACCOUNT_SID }} | |
| TWILIO_API_KEY_SID: ${{ secrets.TWILIO_API_KEY_SID }} | |
| TWILIO_AUTH_TOKEN: ${{ secrets.TWILIO_AUTH_TOKEN }} | |
| # i guess if you exfil this secret you can also call me instead | |
| # of making a security report 🤣 | |
| PERSONAL_PHONE_NUMBER: ${{ secrets.PERSONAL_PHONE_NUMBER }} | |
| - name: Switch back to candidate branch | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| - uses: 'google-github-actions/auth@v2' | |
| name: Re-acquire GCloud credentials after checkout... | |
| id: auth2 | |
| with: | |
| project_id: 'extreme-cycling-441523-a9' | |
| workload_identity_provider: 'projects/845702659200/locations/global/workloadIdentityPools/github/providers/my-repo' | |
| service_account: [email protected] | |
| - name: Deploy candidate branch to Staging | |
| # we can run this dirty since the next run will --overwrite anyway | |
| run: | | |
| ./.github/workflows/prepare_ci.sh | |
| $BAZEL run --tool_tag=staging //ci:presubmit -- \ | |
| --skip-bazel-tests \ | |
| --dirty | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_SECRET }} | |
| BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }} | |
| TWILIO_ACCOUNT_SID: ${{ secrets.TWILIO_ACCOUNT_SID }} | |
| TWILIO_API_KEY_SID: ${{ secrets.TWILIO_API_KEY_SID }} | |
| TWILIO_AUTH_TOKEN: ${{ secrets.TWILIO_AUTH_TOKEN }} | |
| PERSONAL_PHONE_NUMBER: ${{ secrets.PERSONAL_PHONE_NUMBER }} | |
| Submit: | |
| permissions: | |
| id-token: write | |
| concurrency: pulumi_production | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| # Attempts to submit changes to production. | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Free Disk Space (Ubuntu) | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| docker-images: true | |
| swap-storage: true | |
| large-packages: false | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| - uses: 'google-github-actions/auth@v2' | |
| name: Acquire federated GCloud credentials... | |
| id: auth | |
| with: | |
| project_id: 'extreme-cycling-441523-a9' | |
| workload_identity_provider: 'projects/845702659200/locations/global/workloadIdentityPools/github/providers/my-repo' | |
| service_account: [email protected] | |
| - name: Submit | |
| # Use npx to try to generate only | |
| # $BAZEL generated node_modules | |
| run: | | |
| ./.github/workflows/prepare_ci.sh | |
| $BAZEL run --config=ci --tool_tag=submit //ci:submit | |
| env: | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_SECRET }} | |
| TWILIO_ACCOUNT_SID: ${{ secrets.TWILIO_ACCOUNT_SID }} | |
| TWILIO_API_KEY_SID: ${{ secrets.TWILIO_API_KEY_SID }} | |
| TWILIO_AUTH_TOKEN: ${{ secrets.TWILIO_AUTH_TOKEN }} | |
| # i guess if you exfil this secret you can also call me instead | |
| # of making a security report 🤣 | |
| PERSONAL_PHONE_NUMBER: ${{ secrets.PERSONAL_PHONE_NUMBER }} | |
| # Postsubmit: | |
| # runs-on: ubuntu-latest | |
| # if: github.event_name == 'push' | |
| # needs: Submit | |
| # steps: | |
| # - name: Free Disk Space (Ubuntu) | |
| # uses: jlumbroso/free-disk-space@main | |
| # with: | |
| # android: true | |
| # dotnet: true | |
| # haskell: true | |
| # docker-images: true | |
| # large-packages: false | |
| # swap-storage: true | |
| # - name: Checkout code | |
| # uses: actions/checkout@v4 | |
| # # example copied from: | |
| # # https://github.com/actions/cache/blob/04f198bf0b2a39f7230a4304bf07747a0bddf146/examples.md | |
| # - name: Postsubmit | |
| # run: | | |
| # ./.github/workflows/prepare_ci.sh | |
| # $BAZEL run //ci:postsubmit | |
| # env: | |
| # NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| # NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| # BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }} | |
| # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| # PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_SECRET }} |