-
Notifications
You must be signed in to change notification settings - Fork 0
144 lines (137 loc) · 4.15 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: CI & Release
on:
pull_request:
push:
branches: [main]
tags:
- v*
concurrency:
# On PRs builds will cancel if new pushes happen before the CI completes, as it defines `github.head_ref` and gives it the name of the branch the PR wants to merge into
# Otherwise `github.run_id` ensures that you can quickly merge a queue of PRs without causing tests to auto cancel on any of the commits pushed to main.
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read # for checkout
jobs:
lint:
runs-on: ubuntu-latest
name: Lint
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .tool-versions
id: versions
uses: marocchino/tool-versions-action@v1
- name: Install pnpm
uses: pnpm/action-setup@v2
with:
version: ${{ steps.versions.outputs.pnpm }}
- name: Install node
uses: actions/setup-node@v3
with:
cache: pnpm
node-version: ${{ steps.versions.outputs.nodejs }}
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Lint
run: pnpm run lint
- name: Build
run: pnpm run prepublishOnly
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: dist
path: dist/
test:
runs-on: ubuntu-latest
name: Test
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .tool-versions
id: versions
uses: marocchino/tool-versions-action@v1
- name: Install pnpm
uses: pnpm/action-setup@v2
with:
version: ${{ steps.versions.outputs.pnpm }}
- name: Install node
uses: actions/setup-node@v3
with:
cache: pnpm
node-version: ${{ steps.versions.outputs.nodejs }}
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Run tests
run: pnpm test
build:
runs-on: ubuntu-latest
name: Build
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .tool-versions
id: versions
uses: marocchino/tool-versions-action@v1
- name: Install pnpm
uses: pnpm/action-setup@v2
with:
version: ${{ steps.versions.outputs.pnpm }}
- name: Install node
uses: actions/setup-node@v3
with:
cache: pnpm
node-version: ${{ steps.versions.outputs.nodejs }}
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Build
run: pnpm run prepublishOnly
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: dist
path: dist/
publish:
needs:
- lint
- test
- build
permissions:
contents: write
issues: write
pull-requests: write
id-token: write
runs-on: ubuntu-latest
name: Publish
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .tool-versions
id: versions
uses: marocchino/tool-versions-action@v1
- name: Install pnpm
uses: pnpm/action-setup@v2
with:
version: ${{ steps.versions.outputs.pnpm }}
- name: Install node
uses: actions/setup-node@v3
with:
cache: pnpm
node-version: ${{ steps.versions.outputs.nodejs }}
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
name: dist
path: dist/
- name: Audit code
run: pnpm audit signatures
- name: Authenticate to npm
run: pnpm config set '//registry.npmjs.org/:_authToken' '${{ secrets.NPM_TOKEN}}'
- name: Publish package (dry run)
run: pnpm publish --dry-run --ignore-scripts --no-git-checks
if: ${{ !startsWith(github.ref, 'refs/tags/v') }}
- name: Publish package
run: pnpm publish --ignore-scripts --no-git-checks
if: ${{ startsWith(github.ref, 'refs/tags/v') }}