Merge pull request #390 from ForgeRock/renovate/typescript-eslint-mon… #271
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| NX_CLOUD_ENCRYPTION_KEY: ${{ secrets.NX_CLOUD_ENCRYPTION_KEY }} | |
| NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} | |
| NX_CLOUD_DISTRIBUTED_EXECUTION: true | |
| PNPM_CACHE_FOLDER: .pnpm-store | |
| NPM_ACCESS_TOKEN: ${{ secrets.NPM_ACCESS_TOKEN }} | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| CI: true | |
| jobs: | |
| publish-or-pr: | |
| permissions: | |
| contents: write # to create release (changesets/action) | |
| issues: write # to post issue comments (changesets/action) | |
| pull-requests: write # to create pull request (changesets/action) | |
| id-token: write # give id token write for provenance | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GH_TOKEN }} | |
| - uses: pnpm/action-setup@v4 | |
| with: | |
| run_install: false | |
| - uses: actions/setup-node@v4 | |
| id: cache | |
| with: | |
| node-version-file: '.node-version' | |
| cache: 'pnpm' | |
| - run: pnpm install --frozen-lockfile | |
| # This line enables distribution | |
| # The "--stop-agents-after" is optional, but allows idle agents to shut down once the "e2e-ci" targets have been requested | |
| - run: pnpm dlx nx-cloud start-ci-run --distribute-on=".nx/workflows/dynamic-changesets.yml" --stop-agents-after="e2e-ci" --with-env-vars="CODECOV_TOKEN" | |
| - name: Cache Playwright browsers | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/ms-playwright | |
| key: ${{ runner.os }}-playwright-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-playwright- | |
| - run: pnpm exec playwright install | |
| - uses: nrwl/nx-set-shas@v4 | |
| - name: setup pnpm config | |
| run: pnpm config set store-dir $PNPM_CACHE_FOLDER | |
| - run: pnpm exec nx affected -t build lint test e2e-ci | |
| - uses: actions/upload-artifact@v4 | |
| if: ${{ !cancelled() }} | |
| with: | |
| name: playwright-report | |
| path: | | |
| ./**/.playwright/** | |
| retention-days: 30 | |
| - run: git status | |
| - name: publish | |
| uses: changesets/action@v1 | |
| id: changesets | |
| with: | |
| publish: pnpm ci:release | |
| version: pnpm ci:version | |
| title: Release PR | |
| branch: main | |
| commit: 'chore: version-packages' | |
| setupGitUser: true | |
| env: | |
| # See https://github.com/changesets/action/issues/147 | |
| HOME: ${{ github.workspace }} | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| NPM_CONFIG_PROVENANCE: 'true' | |
| NPM_TOKEN: ${{ secrets.NPM_ACCESS_TOKEN }} | |
| - name: Send GitHub Action data to a Slack workflow | |
| if: steps.changesets.outputs.published == 'true' | |
| uses: slackapi/slack-github-action@v2.1.1 | |
| with: | |
| payload-delimiter: '_' | |
| webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| webhook-type: webhook-trigger | |
| payload: steps.changesets.outputs.publishedPackages | |
| - uses: codecov/codecov-action@v5 | |
| with: | |
| files: ./packages/**/coverage/*.xml | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| - name: Ensure builds run | |
| run: pnpm nx run-many -t build | |
| env: | |
| NX_CLOUD_DISTRIBUTED_EXECUTION: false | |
| - name: Build docs | |
| run: pnpm generate-docs | |
| - name: Publish api docs | |
| if: steps.changesets.outputs.published == 'true' | |
| uses: JamesIves/github-pages-deploy-action@v4.7.3 | |
| with: | |
| folder: docs | |
| commit-message: 'chore: release-api-docs' | |
| - name: Publish api docs [beta] | |
| if: steps.changesets.outputs.published == 'false' | |
| id: latest-deploy | |
| uses: JamesIves/github-pages-deploy-action@v4.7.3 | |
| with: | |
| folder: docs | |
| commit-message: 'chore: release-api-docs-beta' | |
| target-folder: 'beta' # we push to beta folder when we are updating "main" | |
| # Calculate and save baseline bundle sizes | |
| - name: Calculate baseline bundle sizes | |
| run: | | |
| chmod +x ./scripts/bundle-sizes.sh | |
| # Don't use any previous baseline for main branch - always create fresh | |
| rm -f previous_sizes.json | |
| echo "📊 Calculating fresh baseline bundle sizes for main branch" | |
| ./scripts/bundle-sizes.sh | |
| echo "✅ Baseline bundle sizes calculated" | |
| cat previous_sizes.json | |
| # Save baseline for PR comparisons | |
| - name: Upload baseline bundle sizes | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: bundle-size-baseline | |
| path: previous_sizes.json | |
| retention-days: 30 # Keep baseline for 30 days |