DEV Community

loading...

A GitHub Action to Validate GraphQL Operations

Mandi Wise
JavaScript Developer πŸ‘©β€πŸ’» Machine Learning Enthusiast πŸ€– Author of Advanced GraphQL with Apollo & React πŸš€
・2 min read

My Workflow

The GraphQL Operation Validation Action allows you to validate the operations used in a client application against a GraphQL schema. The action uses static analysis and checks all of the operation documents in a specified directory in your project to ensure that the queries/mutations and their field selections can be safely executed against a given GraphQL schema.

You can see it in action (πŸ˜‰) in a workflow in this repository.

Submission Category:

  • DIY Deployments

Yaml File or Link to Code

The repository for this custom action may be found here:

GitHub logo mandiwise / graphql-operation-validation-action

A GitHub Action that validates all operations performed by a client application against a GraphQL schema.

GraphQL Operation Validation Action

This GitHub action allows you to validate the operations used in a client application against a GraphQL schema. The action will check all of the operation documents in a specified directory in your project to ensure that the queries/mutations and their field selections can be safely executed against a given GraphQL schema.

See this action in use here: mandiwise/graphql-operation-validation-demo

How Does It Work?

It may not be feasible to write and maintain tests for all of the GraphQL operations in a client application, so this action can provide a measure of assurance that they will be valid when executed. It works by sending an introspection query to a schema, searching a specified directory in your project for all GraphQL operation documents (either in .graphql or .js files), and validating those operations against the result of the introspection query.

Under the hood, this project uses GraphQL.js and…

A demo workflow file using this action in conjunction with actions/checkout could look like this:

name: Validate GraphQL Operations
on:
  pull_request:
  push:
    branches:
      - main
      - "releases/*"

jobs:
  operations:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2

      - name: Validate SWAPI operations
        uses: mandiwise/graphql-operation-validation-action@v1
        with:
          schema_location: ${{ github.workspace }}/swapi/schema.graphql
          base_dir: ${{ github.workspace }}/swapi
          excluded_paths: schema.graphql

      - name: Validate GitHub operations
        uses: mandiwise/graphql-operation-validation-action@v1
        with:
          schema_location: https://api.github.com/graphql
          base_dir: ${{ github.workspace }}/github
          token: ${{ secrets.ACCESS_TOKEN }}

The job in the workflow has three steps. In the first step, it checks out the repository. In the second step, it uses the custom action to check the GraphQL operations in the swapi directory of the repository against a local schema.graphql file (and excludes that schema.graphql file when searching for operation documents because an error would be thrown). In the final step, it uses the custom action again to check the operations in the repo's github directory against a remote schema and sends a token in an Authorization header with the request to the GitHub GraphQL API.

Additional Resources / Info

Be sure to check out the reference implementation for a working demo as well as my previous post that provides an in-depth explanation of what open-source tools I used to create the action.

Discussion (2)

Collapse
developerkaren profile image
Karen Efereyan

Congrats mandi. I have no sort of experience with github actions though.

Collapse
alfredy_bruno profile image
bruno_alfred

Congratulations!!!!πŸ‘πŸΎπŸ‘πŸΎ