Merge branch 'main' into actions/flutter

Author: Yani-Maassen

.github/workflows/k8s-preview.yml

@@ -23,6 +23,11 @@ jobs:
         uses: wisemen-digital/devops-ga-changed-paths-filter@main
         with:
           filter-file: .github/k8s-rollout-filters.yaml
+      - name: Ensure access to private repositories
+        shell: bash
+        run: |
+          AUTH="x-access-token:${{ secrets.K8S_MODULES_SECRET }}"
+          git config --global url."https://${AUTH}@github.com/".insteadOf "git@github.com:"
       - name: Generate diffs
         id: preview
         run: |

.github/workflows/k8s-workflow-rollout-to-azure.yml

@@ -20,6 +20,9 @@ on:
       AZURE_CREDENTIALS:
         description: Json string for login with an Azure service principal
         required: true
+      K8S_MODULES_SECRET:
+        description: Token to access github modules repositories
+        required: true
 
 jobs:
   generate-matrix:
@@ -51,5 +54,6 @@ jobs:
           vendor: azure
           cluster-id: ${{ vars.K8S_CLUSTER_ID }}
           config-path: ${{ matrix.deployment.path }}
+          github-access-token: ${{ secrets.K8S_MODULES_SECRET }}
           azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
           azure-resource-group: ${{ vars.AZURE_RESOURCE_GROUP }}

.github/workflows/k8s-workflow-rollout-to-digitalocean.yml

@@ -19,6 +19,9 @@ on:
       DIGITALOCEAN_API_TOKEN:
         description: DigitalOcean API token
         required: true
+      K8S_MODULES_SECRET:
+        description: Token to access github modules repositories
+        required: true
 
 jobs:
   generate-matrix:
@@ -50,4 +53,5 @@ jobs:
           vendor: digitalocean
           cluster-id: ${{ vars.K8S_CLUSTER_ID }}
           config-path: ${{ matrix.deployment.path }}
+          github-access-token: ${{ secrets.K8S_MODULES_SECRET }}
           digitalocean-api-token: ${{ secrets.DIGITALOCEAN_API_TOKEN }}

.github/workflows/k8s-workflow-rollout-to-scaleway.yml

@@ -19,6 +19,9 @@ on:
         required: true
         type: string
     secrets:
+      K8S_MODULES_SECRET:
+        description: Token to access github modules repositories
+        required: true
       SCALEWAY_ACCESS_KEY:
         description: Scaleway API key ID
         required: true
@@ -56,6 +59,7 @@ jobs:
           vendor: scaleway
           cluster-id: ${{ vars.K8S_CLUSTER_ID }}
           config-path: ${{ matrix.deployment.path }}
+          github-access-token: ${{ secrets.K8S_MODULES_SECRET }}
           scaleway-organization-id: ${{ vars.SCALEWAY_ORGANIZATION_ID }}
           scaleway-project-id: ${{ vars.SCALEWAY_PROJECT_ID }}
           scaleway-region: ${{ vars.SCALEWAY_REGION }}

.github/workflows/laravel-build-and-test.yml

@@ -72,6 +72,7 @@ jobs:
         with:
           name: app-build
           path: dist.tar.gz
+          retention-days: 7
   test:
     name: Test Application
     needs: build

.github/workflows/lint-infra.yml

@@ -63,21 +63,40 @@ jobs:
   xml-lint:
     name: Lint XML
     runs-on: ubuntu-latest
+    container: alpine:latest
     steps:
       - name: Checkout
         uses: actions/checkout@v4
       - name: Install xmllint
         if: ${{ hashFiles('s3/**/*.xml') != '' }}
-        run: sudo apt-get -qq install -y libxml2-utils
-      - name: Configure XML reporter
-        if: ${{ hashFiles('s3/**/*.xml') != '' }}
-        uses: korelstar/xmllint-problem-matcher@v1
+        run: apk add --no-cache libxml2-utils
       - name: Validate S3 CORS configurations
         if: ${{ hashFiles('s3/**/cors.xml') != '' }}
         run: |
+          echo '${{ env.aws-xmllint-matcher-json }}' > "aws-xmllint-matcher.json"
           echo '${{ env.aws-xsd }}' > "aws.xsd"
+          
+          echo '::add-matcher::aws-xmllint-matcher.json'
           find s3 -name "cors.xml" -print0 | xargs -0 xmllint --schema aws.xsd --noout
+          echo '::remove-matcher owner=aws-xmllint::'
         env:
+          aws-xmllint-matcher-json: >-
+            {
+              "problemMatcher": [
+                {
+                  "owner": "aws-xmllint",
+                  "pattern": [
+                    {
+                      "regexp": "^(.+):(\\d+):\\s+(.+)\\s+:\\s+(.+)$",
+                      "file": 1,
+                      "line": 2,
+                      "code": 3,
+                      "message": 4
+                    }
+                  ]
+                }
+              ]
+            }
           aws-xsd: >-
             <?xml version="1.0" encoding="UTF-8"?>
             <xsd:schema

.github/workflows/node-build-and-test.yml

@@ -115,6 +115,7 @@ jobs:
           path: |
             dist
             _build
+          retention-days: 3
   prep-test:
     name: Prepare Test Services
     runs-on: ubuntu-latest
@@ -123,7 +124,6 @@ jobs:
       nats-image: ${{ steps.data.outputs.nats-image }}
       redis-image: ${{ steps.data.outputs.redis-image }}
       typesense-image: ${{ steps.data.outputs.typesense-image }}
-      typesense-health: ${{ steps.data.outputs.typesense-health }}
     steps:
       - name: Prepare Test Services
         id: data
@@ -145,9 +145,6 @@ jobs:
           fi
           if [ "${{ inputs.test-typesense-enabled }}" == "true" ]; then
             echo "typesense-image=${{ inputs.test-typesense-image }}" >> "$GITHUB_OUTPUT"
-            echo "typesense-health=apt-get update && \
-              apt-get install -y curl && \
-              curl http://127.0.0.1:8108/health" >> "$GITHUB_OUTPUT"
           else
             echo "typesense-image=" >> "$GITHUB_OUTPUT"
           fi
@@ -203,7 +200,7 @@ jobs:
           TYPESENSE_DATA_DIR: '/home'
           TYPESENSE_API_KEY: 'api_key'
         options: >-
-          --health-cmd "${{ needs.prep-test.outputs.typesense-health }}"
+          --health-cmd="bash -c 'exec 3<>/dev/tcp/localhost/8108 && printf \"GET /health HTTP/1.1\r\nConnection: close\r\n\r\n\" >&3 && head -n1 <&3 | grep 200 && exec 3>&-'"
           --health-interval 10s
           --health-timeout 10s
           --health-retries 5

.github/workflows/node-jest-build-and-test.yml

@@ -115,6 +115,7 @@ jobs:
           path: |
             dist
             _build
+          retention-days: 3
   prep-test:
     name: Prepare Test Services
     runs-on: ubuntu-latest
@@ -123,7 +124,6 @@ jobs:
       nats-image: ${{ steps.data.outputs.nats-image }}
       redis-image: ${{ steps.data.outputs.redis-image }}
       typesense-image: ${{ steps.data.outputs.typesense-image }}
-      typesense-health: ${{ steps.data.outputs.typesense-health }}
     steps:
       - name: Prepare Test Services
         id: data
@@ -145,9 +145,6 @@ jobs:
           fi
           if [ "${{ inputs.test-typesense-enabled }}" == "true" ]; then
             echo "typesense-image=${{ inputs.test-typesense-image }}" >> "$GITHUB_OUTPUT"
-            echo "typesense-health=apt-get update && \
-              apt-get install -y curl && \
-              curl http://127.0.0.1:8108/health" >> "$GITHUB_OUTPUT"
           else
             echo "typesense-image=" >> "$GITHUB_OUTPUT"
           fi
@@ -203,7 +200,7 @@ jobs:
           TYPESENSE_DATA_DIR: '/home'
           TYPESENSE_API_KEY: 'api_key'
         options: >-
-          --health-cmd "${{ needs.prep-test.outputs.typesense-health }}"
+          --health-cmd="bash -c 'exec 3<>/dev/tcp/localhost/8108 && printf \"GET /health HTTP/1.1\r\nConnection: close\r\n\r\n\" >&3 && head -n1 <&3 | grep 200 && exec 3>&-'"
           --health-interval 10s
           --health-timeout 10s
           --health-retries 5

.github/workflows/nuxt-build-and-test.yml

@@ -71,6 +71,7 @@ jobs:
           name: app-build
           include-hidden-files: true
           path: ${{ inputs.build-output-path }}
+          retention-days: 3
 
   # Then test
   test:

.github/workflows/web-build-and-test.yml

@@ -94,6 +94,7 @@ jobs:
           name: app-build
           path: |
             dist
+          retention-days: 3
       - name: Prep. Playwright if needed
         id: prep-playwright
         run: |