chore(deps): pin dependencies #821
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deployment | |
| on: | |
| push: | |
| branches-ignore: | |
| - renovate/** | |
| - release-please-** | |
| pull_request: | |
| branches-ignore: | |
| - release-please-** | |
| jobs: | |
| release-please: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'push' && github.repository == 'DIRACGrid/diracx-web' && github.ref_name == 'main' }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| outputs: | |
| release_created: ${{ steps.release.outputs.release_created }} | |
| tag_name: ${{ steps.release.outputs.tag_name }} | |
| steps: | |
| - uses: googleapis/release-please-action@5c625bfb5d1ff62eadeeb3772007f7f66fdcf071 # v4 | |
| id: release | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| target-branch: ${{ github.ref_name }} | |
| config-file: release-please-config.json | |
| manifest-file: .release-please-manifest.json | |
| # Library is built and deployed to NPM | |
| # ------------------------------------ | |
| build-deploy-library-package: | |
| runs-on: ubuntu-latest | |
| needs: release-please | |
| if: ${{ github.event_name == 'push' && github.repository == 'DIRACGrid/diracx-web' && needs.release-please.outputs.release_created == 'true' }} | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 | |
| with: | |
| node-version: 'lts/*' | |
| registry-url: 'https://registry.npmjs.org' | |
| - name: Install dependencies | |
| run: npm ci | |
| # Release Please has already incremented versions and published tags, so we just | |
| # need to publish all unpublished versions to NPM here | |
| - name: Publish to NPM | |
| env: | |
| NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} | |
| run: | | |
| TAG_NAME="${{ needs.release-please.outputs.tag_name }}" | |
| if [[ "$TAG_NAME" == *-* ]]; then | |
| npm --workspace packages/diracx-web-components publish --tag latest | |
| else | |
| npm --workspace packages/diracx-web-components publish | |
| fi | |
| # Storybook is built and deployed to GitHub Pages | |
| # ----------------------------------------------- | |
| build-storybook-docs: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| pages: write | |
| if: ${{ github.event_name != 'push' || github.repository == 'DIRACGrid/diracx-web' }} | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6 | |
| with: | |
| node-version: 'lts/*' | |
| cache: 'npm' | |
| - name: Build documentation | |
| run: npm ci && npm --prefix packages/diracx-web-components run build-doc | |
| - name: Upload artifact | |
| uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4 | |
| with: | |
| path: packages/diracx-web-components/storybook-static | |
| deploy-storybook-docs: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| pages: write | |
| needs: [build-storybook-docs, release-please] | |
| if: needs.release-please.outputs.release_created == 'true' | |
| steps: | |
| - id: deploy | |
| name: Deploy to GitHub Pages | |
| uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4 | |
| with: | |
| token: ${{ github.token }} | |
| # diracx-web is built and deployed to GitHub Container Registry | |
| # ------------------------------------------------------------- | |
| build-deploy-diracx-web-dev-image: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name != 'push' || github.repository == 'DIRACGrid/diracx-web' }} | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| - name: Login to GitHub container registry | |
| uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build Docker image (dev) | |
| uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7 | |
| with: | |
| context: . | |
| push: ${{ github.event_name == 'push' && github.repository == 'DIRACGrid/diracx-web' && github.ref_name == 'main' }} | |
| tags: ghcr.io/diracgrid/diracx-web/static:dev | |
| platforms: linux/amd64,linux/arm64 | |
| build-deploy-diracx-web-release-image: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'push' && github.repository == 'DIRACGrid/diracx-web' }} | |
| needs: release-please | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 | |
| - name: Login to GitHub container registry | |
| uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build Docker image | |
| if: ${{ needs.release-please.outputs.release_created == 'true' }} | |
| uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7 | |
| with: | |
| context: . | |
| push: true | |
| tags: ghcr.io/diracgrid/diracx-web/static:${{ needs.release-please.outputs.tag_name }} | |
| platforms: linux/amd64,linux/arm64 | |
| # Helm charts are updated in diracx-charts | |
| # ----------------------------------------- | |
| update-charts: | |
| name: Update Helm charts | |
| needs: | |
| - release-please | |
| - build-deploy-diracx-web-release-image | |
| runs-on: ubuntu-latest | |
| if: ${{ needs.release-please.outputs.release_created == 'true' }} | |
| steps: | |
| - name: Checkout diracx-web (for update script) | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| path: diracx-web | |
| sparse-checkout: .github/workflows | |
| - name: Checkout diracx-charts | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| repository: DIRACGrid/diracx-charts | |
| token: ${{ secrets.CHARTS_UPDATE_TOKEN }} | |
| path: diracx-charts | |
| - name: Configure Git | |
| run: | | |
| cd diracx-charts | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| - name: Update chart versions | |
| run: | | |
| python diracx-web/.github/workflows/update_chart_version.py \ | |
| --charts-dir diracx-charts \ | |
| --web-version "${{ needs.release-please.outputs.tag_name }}" | |
| - name: Install pre-commit | |
| run: pip install pre-commit | |
| - name: Run pre-commit to update README | |
| run: | | |
| cd diracx-charts | |
| pre-commit run --all-files || true | |
| - name: Install pixi | |
| uses: prefix-dev/setup-pixi@1b2de7f3351f171c8b4dfeb558c639cb58ed4ec0 # v0.9.5 | |
| - name: Commit and push changes | |
| if: success() | |
| run: | | |
| cd diracx-charts | |
| # Update the diagram to reflect the updated version number | |
| pixi run generate-diagram | |
| git add -A | |
| if ! git diff --cached --quiet; then | |
| git commit -m "chore: bump diracx-web to ${{ needs.release-please.outputs.tag_name }}" | |
| git push origin master | |
| else | |
| echo "No changes to commit" | |
| fi |