name: Performance Tracking on: push: branches: - main permissions: contents: 'read' id-token: 'write' defaults: run: shell: bash jobs: list: timeout-minutes: 3 runs-on: ubuntu-latest outputs: workflows: ${{ steps.workflows.outputs.workflows }} steps: - name: Initialize environment uses: angular/dev-infra/github-actions/npm/checkout-and-setup-node@b14d0b01760280c36f6fcfdd31f120a465a56501 - name: Install node modules run: pnpm install --frozen-lockfile - id: workflows run: echo "workflows=$(pnpm --silent ng-dev perf workflows --list)" >> "$GITHUB_OUTPUT" workflow: timeout-minutes: 30 runs-on: ubuntu-latest needs: list strategy: matrix: workflow: ${{ fromJSON(needs.list.outputs.workflows) }} steps: - name: Initialize environment uses: angular/dev-infra/github-actions/npm/checkout-and-setup-node@b14d0b01760280c36f6fcfdd31f120a465a56501 - name: Setup Bazel uses: angular/dev-infra/github-actions/bazel/setup@b14d0b01760280c36f6fcfdd31f120a465a56501 - name: Install node modules run: pnpm install --frozen-lockfile # We utilize the google-github-actions/auth action to allow us to get an active credential using workflow # identity federation. This allows us to request short lived credentials on demand, rather than storing # credentials in secrets long term. More information can be found at: # https://docs.github.com/en/actions/security-for-github-actions/security-hardening-your-deployments/configuring-openid-connect-in-google-cloud-platform - uses: 'google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093' # v3 with: project_id: 'internal-200822' workload_identity_provider: 'projects/823469418460/locations/global/workloadIdentityPools/measurables-tracking/providers/angular' service_account: 'measures-uploader@internal-200822.iam.gserviceaccount.com' - run: pnpm ng-dev perf workflows --name ${{ matrix.workflow }} --commit-sha ${{github.sha}}