Merge pull request #546 from ForgeRock/fix-protect-package-versioning #60
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - develop | |
| env: | |
| NX_CLOUD_ENCRYPTION_KEY: ${{ secrets.NX_CLOUD_ENCRYPTION_KEY }} | |
| NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} | |
| NX_CLOUD_DISTRIBUTED_EXECUTION: true | |
| PNPM_CACHE_FOLDER: .pnpm-store | |
| NPM_ACCESS_TOKEN: ${{ secrets.NPM_ACCESS_TOKEN }} | |
| HUSKY: 0 | |
| jobs: | |
| publish-or-pr: | |
| permissions: | |
| contents: write # to create release (changesets/action) | |
| issues: write # to post issue comments (changesets/action) | |
| pull-requests: write # to create pull request (changesets/action) | |
| id-token: write # give id token write for provenance | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: pnpm/action-setup@v4 | |
| with: | |
| run_install: false | |
| - uses: actions/setup-node@v4 | |
| id: cache | |
| with: | |
| node-version: '20.10.0' | |
| cache: 'pnpm' | |
| - run: pnpm install --frozen-lockfile | |
| # This line enables distribution | |
| # The "--stop-agents-after" is optional, but allows idle agents to shut down once the "e2e-ci" targets have been requested | |
| - run: pnpm dlx nx-cloud start-ci-run --distribute-on="5 linux-medium-js" --stop-agents-after="e2e-ci" --verbose | |
| - run: pnpm exec playwright install | |
| - uses: nrwl/nx-set-shas@v4 | |
| with: | |
| main-branch-name: master | |
| - name: setup pnpm config | |
| run: pnpm config set store-dir $PNPM_CACHE_FOLDER | |
| - run: pnpm exec nx affected -t build lint test e2e-ci --verbose | |
| - uses: actions/upload-artifact@v4 | |
| if: ${{ !cancelled() }} | |
| with: | |
| name: playwright-report | |
| path: | | |
| ./dist/.playwright/** | |
| ./dist/** | |
| retention-days: 30 | |
| # make sure we have a build. | |
| - run: pnpm exec nx run-many -t build | |
| env: | |
| NX_CLOUD_DISTRIBUTED_EXECUTION: false | |
| - run: git status | |
| - name: publish | |
| uses: changesets/action@v1 | |
| id: changesets | |
| with: | |
| publish: pnpm ci:release | |
| version: pnpm ci:version | |
| title: Release PR | |
| branch: master | |
| commit: 'chore: version-packages' | |
| setupGitUser: true | |
| env: | |
| # See https://github.com/changesets/action/issues/147 | |
| HOME: ${{ github.workspace }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: 'true' | |
| NPM_TOKEN: ${{ secrets.NPM_ACCESS_TOKEN }} | |
| - name: rebase develop with main on publish | |
| if: ${{ steps.changesets.outputs.published == 'true' }} | |
| run: | | |
| git restore . | |
| git checkout master | |
| git fetch --all | |
| git pull origin master | |
| git checkout develop | |
| git restore . | |
| git rebase master | |
| git push -f | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: true | |
| - uses: codecov/codecov-action@v5 | |
| with: | |
| files: ./packages/**/coverage/*.xml | |
| token: ${{ secrets.CODECOV_TOKEN }} |