-
Notifications
You must be signed in to change notification settings - Fork 46
129 lines (119 loc) · 3.78 KB
/
Copy pathci.yml
File metadata and controls
129 lines (119 loc) · 3.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: CI
on:
push:
branches:
- main
- staging
pull_request:
branches:
- main
- staging
workflow_dispatch:
jobs:
update-deps:
uses: SolidOS/solidos/.github/workflows/update-solidos-deps.yml@main
secrets: inherit
build:
needs: update-deps
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [22, 24]
steps:
- uses: actions/checkout@v6
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v6
with:
node-version: ${{ matrix.node-version }}
- run: npm ci
- run: npm test
- run: npm run build
- run: npm run doc
- name: Save build
if: matrix.node-version == 22
uses: actions/upload-artifact@v7
with:
name: build
path: |
.
!node_modules
retention-days: 1
gh-pages:
needs: build
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
steps:
- uses: actions/download-artifact@v8
with:
name: build
- uses: peaceiris/actions-gh-pages@v4
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: .
dependabot:
name: 'Dependabot'
needs: build # After the E2E and build jobs, if one of them fails, it won't merge the PR.
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' && github.event_name == 'pull_request'}} # Detect that the PR author is dependabot
permissions:
contents: write
pull-requests: write
steps:
- name: Enable auto-merge for Dependabot PRs
run: gh pr merge --auto --merge "$PR_URL" # Use Github CLI to merge automatically the PR
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
npm-publish-dev:
needs: build
uses: SolidOS/solidos/.github/workflows/publish-prerelease.yml@main
with:
node_version: 22
npm-publish-latest:
needs: [build]
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main'
permissions:
id-token: write # Required for OIDC
contents: read
steps:
- uses: actions/download-artifact@v8
with:
name: build
- uses: actions/setup-node@v6
with:
node-version: 20 # required for OIDC npm@latest
registry-url: 'https://registry.npmjs.org'
- name: Update npm to latest (required for OIDC)
run: npm install -g npm@latest
- name: Disable publish and install actions
run: 'sed -i -E "s/\"((pre|post)(publish|install))/\"ignore:\1/" package.json'
- name: Publish to npm
if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
run: npm publish --tag latest
github-release:
needs: [npm-publish-latest]
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
permissions:
contents: write
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Create GitHub release with generated notes
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
TAG="v$(node -p 'require("./package.json").version')"
if gh release view "$TAG" >/dev/null 2>&1; then
echo "Release $TAG already exists. Skipping."
exit 0
fi
if git ls-remote --exit-code --tags origin "refs/tags/$TAG" >/dev/null 2>&1; then
echo "Tag $TAG already exists on origin. Creating release from existing tag."
gh release create "$TAG" --verify-tag --generate-notes
else
echo "Creating tag and release $TAG from commit $GITHUB_SHA."
gh release create "$TAG" --target "$GITHUB_SHA" --generate-notes
fi