Skip to content

Commit 794769c

Browse files
authored
[prod:ecologie:major] release(ecospheres): prod 20260120-1 #1033
release(ecospheres): prod 20260120-1
2 parents b40bc48 + 9279e13 commit 794769c

File tree

76 files changed

+16209
-16051
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

76 files changed

+16209
-16051
lines changed

.github/workflows/create-deploy-release.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,10 +7,10 @@ on:
77
site:
88
description: 'Site to deploy on preprod or prod'
99
required: true
10-
default: 'ecospheres'
10+
default: 'ecologie'
1111
type: choice
1212
options: # Can't use vars here because this is a workflow dispatch input
13-
- ecospheres
13+
- ecologie
1414
- meteo-france
1515
- logistique
1616
- defis
@@ -103,7 +103,7 @@ jobs:
103103
shell: bash
104104
run: |
105105
git clone --quiet --depth 1 -b ${{ env.REPO_CURRENT_BRANCH }} ${{ env.REPO_SSH_URL }}
106-
git clone --quiet --depth 1 $SCAFFOLD_REPO_SSH_URL ${{ env.SCAFFOLD_DIR }}
106+
git clone --quiet --depth 1 -b pnpm-ufk $SCAFFOLD_REPO_SSH_URL ${{ env.SCAFFOLD_DIR }}
107107
108108
- name: Parse commit message and set deployment variables
109109
if: (github.event_name == 'push' && startsWith(github.ref, 'refs/heads/') && startsWith(github.event.head_commit.message, '['))

.github/workflows/deploy-review-from-comment.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ jobs:
3838
- name: Get PR branch
3939
if: steps.parse.outputs.should_deploy == 'true'
4040
id: get_pr
41-
uses: actions/github-script@v7
41+
uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0
4242
with:
4343
github-token: ${{ secrets.GITHUB_TOKEN }}
4444
script: |
@@ -53,7 +53,7 @@ jobs:
5353
5454
- name: React to comment
5555
if: steps.parse.outputs.should_deploy == 'true'
56-
uses: peter-evans/create-or-update-comment@v4.0.0
56+
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
5757
with:
5858
token: ${{ secrets.GITHUB_TOKEN }}
5959
comment-id: ${{ github.event.comment.id }}
@@ -65,7 +65,7 @@ jobs:
6565
if: needs.check_comment.outputs.should_deploy == 'true'
6666
steps:
6767
- name: Trigger review app workflow
68-
uses: actions/github-script@v7
68+
uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0
6969
with:
7070
github-token: ${{ secrets.GITHUB_TOKEN }}
7171
script: |

.github/workflows/review-app.yml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ jobs:
4949
- name: Check if review app exists
5050
id: check_app
5151
continue-on-error: true
52-
uses: appleboy/ssh-action@v1.2.2
52+
uses: appleboy/ssh-action@823bd89e131d8d508129f9443cad5855e9ba96f0 # v1.2.4
5353
with:
5454
host: ${{ secrets.REVIEW_APP_SSH_HOST }}
5555
username: dokku
@@ -126,13 +126,13 @@ jobs:
126126
127127
- name: Cloning repo
128128
if: env.SHOULD_DEPLOY == 'true'
129-
uses: actions/checkout@v4
129+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
130130
with:
131131
fetch-depth: 0
132132

133133
- name: Start deployment
134134
if: env.SHOULD_DEPLOY == 'true'
135-
uses: chrnorm/deployment-action@v2
135+
uses: chrnorm/deployment-action@55729fcebec3d284f60f5bcabbd8376437d696b1 # v2.0.7
136136
id: deployment
137137
with:
138138
token: ${{ github.token }}
@@ -142,7 +142,7 @@ jobs:
142142

143143
- name: Create the review app
144144
if: env.SHOULD_CREATE == 'true'
145-
uses: dokku/github-action@master
145+
uses: dokku/github-action@823c08b33e974704528c7c7f3d3d8002426e7634 # v1.9.0
146146
with:
147147
command: review-apps:create
148148
git_remote_url: ${{ secrets.REVIEW_APP_SSH_URL }}
@@ -153,7 +153,7 @@ jobs:
153153

154154
- name: Set site id as build arg
155155
if: env.SHOULD_DEPLOY == 'true'
156-
uses: appleboy/ssh-action@v1.2.2
156+
uses: appleboy/ssh-action@823bd89e131d8d508129f9443cad5855e9ba96f0 # v1.2.4
157157
with:
158158
host: ${{ secrets.REVIEW_APP_SSH_HOST }}
159159
username: dokku
@@ -164,7 +164,7 @@ jobs:
164164
165165
- name: Push to dokku
166166
if: env.SHOULD_DEPLOY == 'true'
167-
uses: dokku/github-action@v1.0.0
167+
uses: dokku/github-action@823c08b33e974704528c7c7f3d3d8002426e7634 # v1.9.0
168168
with:
169169
git_remote_url: ${{ secrets.REVIEW_APP_SSH_URL }}
170170
review_app_name: deploy-preview-${{ env.PR_NUMBER }}--${{ env.SITE }}
@@ -174,7 +174,7 @@ jobs:
174174

175175
- name: Enable SSL with Let's Encrypt
176176
if: env.SHOULD_CREATE == 'true'
177-
uses: appleboy/ssh-action@v1.2.2
177+
uses: appleboy/ssh-action@823bd89e131d8d508129f9443cad5855e9ba96f0 # v1.2.4
178178
with:
179179
host: ${{ secrets.REVIEW_APP_SSH_HOST }}
180180
username: dokku
@@ -185,7 +185,7 @@ jobs:
185185
186186
- name: Destroy the review app
187187
if: github.event.action == 'closed' && env.SHOULD_DESTROY == 'true'
188-
uses: dokku/github-action@master
188+
uses: dokku/github-action@823c08b33e974704528c7c7f3d3d8002426e7634 # v1.9.0
189189
with:
190190
command: review-apps:destroy
191191
git_remote_url: ${{ secrets.REVIEW_APP_SSH_URL }}
@@ -194,7 +194,7 @@ jobs:
194194

195195
- name: Update deployment status
196196
if: env.SHOULD_DEPLOY == 'true'
197-
uses: chrnorm/deployment-status@v2
197+
uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
198198
with:
199199
token: ${{ github.token }}
200200
environment-url: https://deploy-preview-${{ env.PR_NUMBER }}--${{ env.SITE }}.sandbox.data.developpement-durable.gouv.fr

.github/workflows/robots.yml

Lines changed: 0 additions & 30 deletions
This file was deleted.

.github/workflows/tests.yml

Lines changed: 24 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -13,29 +13,33 @@ jobs:
1313
name: Lint and type check
1414
runs-on: ubuntu-latest
1515
steps:
16-
- uses: actions/checkout@v4
16+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
17+
- name: Install pnpm
18+
uses: pnpm/action-setup@9fd676a19091d4595eefd76e4bd31c97133911f1 # v4.2.0
1719
- name: Use Node.js
18-
uses: actions/setup-node@v3
20+
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
1921
with:
2022
node-version: 20.x
21-
cache: 'npm'
22-
- run: npm ci
23-
- run: npm run type-check
24-
- run: npm run lint
23+
cache: 'pnpm'
24+
- run: pnpm install
25+
- run: pnpm run type-check
26+
- run: pnpm run lint
2527

2628
unit-tests:
2729
name: Unit tests
2830
runs-on: ubuntu-latest
2931
steps:
30-
- uses: actions/checkout@v4
32+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
33+
- name: Install pnpm
34+
uses: pnpm/action-setup@9fd676a19091d4595eefd76e4bd31c97133911f1 # v4.2.0
3135
- name: Use Node.js
32-
uses: actions/setup-node@v3
36+
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
3337
with:
3438
node-version: 20.x
35-
cache: 'npm'
36-
- run: npm ci
37-
- run: npm run build --if-present
38-
- run: npm run test:single
39+
cache: 'pnpm'
40+
- run: pnpm install
41+
- run: pnpm run build
42+
- run: pnpm run test:single
3943

4044
e2e-tests:
4145
name: End-to-end Tests
@@ -53,12 +57,14 @@ jobs:
5357
culture
5458
]
5559
steps:
56-
- uses: actions/checkout@v4
60+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
61+
- name: Install pnpm
62+
uses: pnpm/action-setup@9fd676a19091d4595eefd76e4bd31c97133911f1 # v4.2.0
5763
- name: Use Node.js
58-
uses: actions/setup-node@v3
64+
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
5965
with:
6066
node-version: 20.x
61-
cache: 'npm'
62-
- run: npm ci
63-
- run: VITE_SITE_ID=${{ matrix.site_id }} npm run build --if-present -- --mode test
64-
- run: VITE_SITE_ID=${{ matrix.site_id }} npm run test:e2e:for_production_build
67+
cache: 'pnpm'
68+
- run: pnpm install
69+
- run: VITE_SITE_ID=${{ matrix.site_id }} pnpm run build -- --mode test
70+
- run: VITE_SITE_ID=${{ matrix.site_id }} pnpm run test:e2e:for_production_build

.husky/pre-commit

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
npx lint-staged
1+
pnpm exec lint-staged

.npmrc

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
# Cypress compatibility - disable pnpm's side effects cache
2+
side-effects-cache=false
3+
4+
# Don't fail on peer dependency warnings (common in Vue ecosystem)
5+
strict-peer-dependencies=false
6+
7+
# Use npm-like flat node_modules structure instead of pnpm's symlinks
8+
# Required for Vite optimizeDeps and TypeScript to work correctly
9+
node-linker=hoisted
10+
11+
# Security: Only install packages released at least 4 days ago
12+
# Protects against supply-chain attacks by giving community time to detect malicious releases
13+
minimum-release-age=5760
14+
15+
# Enforce pnpm usage - fail if npm or yarn is used
16+
engine-strict=true

Dockerfile

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,16 @@
11
FROM node:22 AS builder
22

3+
# Install pnpm
4+
RUN corepack enable && corepack prepare pnpm@latest-10 --activate
5+
36
WORKDIR /app
47

8+
# Copy package files first for better layer caching
9+
COPY package.json pnpm-lock.yaml .npmrc ./
10+
11+
RUN pnpm install
12+
13+
# Copy source files
514
COPY ./ /app
615

716
ENV NODE_OPTIONS=--openssl-legacy-provider
@@ -10,10 +19,9 @@ ARG VITE_SITE_ID
1019
# only set the environment variable if the build arg was provided
1120
ENV VITE_SITE_ID=${VITE_SITE_ID:-}
1221

13-
RUN npm ci
1422
RUN echo "$(date)" && \
1523
export $(cat /app/*.env | xargs) && \
16-
npm run build
24+
pnpm run build
1725

1826
FROM nginx:alpine-slim
1927

0 commit comments

Comments
 (0)