Skip to content

Commit

Permalink
ci: updated workflows
Browse files Browse the repository at this point in the history
  • Loading branch information
ahmadnassri committed Aug 2, 2023
1 parent bac8e4a commit 5836268
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 310 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/pull_request_target.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,5 @@ permissions: read-all

jobs:
main:
uses: ahmadnassri/actions/.github/workflows/pull-request-target-template.yml@master
uses: ahmadnassri/actions/.github/workflows/pull-request-target.yml@master
secrets: inherit
317 changes: 8 additions & 309 deletions .github/workflows/push.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,321 +2,20 @@
# Note: this file originates in template-node-lib #
# ----------------------------------------------- #

name: push

on:
- push
- workflow_dispatch

name: push

concurrency:
group: ${{ github.ref }}-${{ github.workflow }}

permissions:
contents: write
packages: write
pull-requests: write

env:
NODE_ENV: test
permissions: read-all

jobs:
metadata:
runs-on: ubuntu-latest

outputs:
image-name: ${{ steps.image.outputs.name }}
dockerfile: ${{ steps.dockerfile.outputs.exists }}
repository_is_template: ${{ steps.metadata.outputs.repository_is_template }}
repository_default_branch: ${{ steps.metadata.outputs.repository_default_branch }}

steps:
- uses: actions/checkout@v3.5.3

- id: metadata
uses: ahmadnassri/action-metadata@v2.1.2

- id: dockerfile
run: echo "exists=$([[ -f "${{ github.workspace }}/Dockerfile" ]] && echo true || echo false)" >> "$GITHUB_OUTPUT"

- id: image
run: echo "name=$(basename "${GITHUB_REPOSITORY/node-//}")" >> "$GITHUB_OUTPUT"

commit-lint:
timeout-minutes: 5

runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3.5.3

- uses: ahmadnassri/action-commit-lint@v2.1.15
with:
config: .github/linters/.commit-lint.yml

mega-linter:
timeout-minutes: 5

runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3.5.3

- uses: oxsecurity/megalinter/flavors/javascript@v7.2.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
MEGALINTER_CONFIG: .github/linters/.mega-linter.yml
GITHUB_COMMENT_REPORTER: true
GITHUB_STATUS_REPORTER: true

- uses: actions/upload-artifact@v3.1.2
if: ${{ success() }} || ${{ failure() }}
with:
name: mega-linter-reports
path: |
megalinter-reports
mega-linter.log
npm-audit:
timeout-minutes: 5

runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3.5.3

- uses: ahmadnassri/action-dotenv@v1.0.2

- uses: actions/setup-node@v3.7.0
with:
node-version: latest

- run: npm audit
env:
NPM_CONFIG_AUDIT_LEVEL: ${{ env.NPM_CONFIG_AUDIT_LEVEL || 'critical' }}

test-strategy:
timeout-minutes: 5

runs-on: ubuntu-latest

outputs:
matrix: ${{ steps.parse.outputs.matrix }}

steps:
- uses: actions/checkout@v3.5.3
- id: parse
run: echo "matrix=$(jq -c . < .github/test-matrix.json)" >> "$GITHUB_OUTPUT"

test:
needs:
- npm-audit
- test-strategy

timeout-minutes: 5

name: ${{ matrix.name || format('node v{0} @ {1}', matrix.node-version, matrix.os) || 'test-step' }}

strategy:
matrix: ${{ fromJSON(needs.test-strategy.outputs.matrix) }}

runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v3.5.3
with:
submodules: true

- uses: ahmadnassri/action-dotenv@v1.0.2

- uses: actions/setup-node@v3.7.0
with:
node-version: ${{ matrix.node-version }}
cache: npm

- uses: ahmadnassri/action-github-registry-npm-proxy@v4.0.3
with:
token: ${{ secrets.GITHUB_TOKEN }}

- run: npm ci
- run: npm run test:ci

release:
needs:
- test
- metadata
- commit-lint
- mega-linter

# only runs on main branch for non template repos
if: |
needs.metadata.outputs.repository_is_template == 'false' &&
needs.metadata.outputs.repository_default_branch == github.ref_name
timeout-minutes: 20

runs-on: ubuntu-latest

main:
uses: ahmadnassri/actions/.github/workflows/push-javascript.yml@master
secrets: inherit
permissions:
contents: write
statuses: write
packages: write

outputs:
published: ${{ steps.release.outputs.published }}
version: ${{ steps.release.outputs.release-version }}
version-major: ${{ steps.release.outputs.release-version-major }}
version-minor: ${{ steps.release.outputs.release-version-minor }}

steps:
- uses: actions/checkout@v3.5.3
with:
submodules: true

- uses: actions/setup-node@v3.7.0
with:
cache: npm

- run: npm ci

- id: release
uses: ahmadnassri/action-semantic-release@v2.2.3
with:
config: ${{ github.workspace }}/.semantic.json
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

mirror:
needs: release

timeout-minutes: 5

runs-on: ubuntu-latest

permissions:
packages: write

if: ${{ needs.release.outputs.published == 'true' }}

steps:
- uses: actions/checkout@v3.5.3
with:
submodules: true

- uses: actions/setup-node@v3.7.0
with:
registry-url: https://npm.pkg.github.com
node-version: latest

- name: publish to github registry
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
jq '.name = "@'"${GITHUB_REPOSITORY/node-/}"'"' package.json > /tmp/package.json; mv /tmp/package.json .
npm version --no-git-tag-version "v${{ needs.release.outputs.version }}"
npm publish
publish-strategy:
needs:
- metadata

timeout-minutes: 5

# only runs on main branch for non template repos
if: |
needs.metadata.outputs.repository_is_template == 'false' &&
needs.metadata.outputs.repository_default_branch == github.ref_name
runs-on: ubuntu-latest

outputs:
matrix: ${{ steps.parse.outputs.matrix }}

steps:
- uses: actions/checkout@v3.5.3
- id: parse
run: echo "matrix=$(jq -c . < .github/publish-matrix.json)" >> "$GITHUB_OUTPUT"

publish-docker:
needs:
- release
- metadata
- publish-strategy

timeout-minutes: 5

if: |
needs.release.outputs.published == 'true' &&
needs.metadata.outputs.dockerfile == 'true'
name: ${{ format('publish to {0}', matrix.registry) || 'publish-step' }}

strategy:
matrix: ${{ fromJSON(needs.publish-strategy.outputs.matrix) }}

runs-on: ubuntu-latest

permissions:
packages: write

steps:
- uses: actions/checkout@v3.5.3
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2

# login to docker hub
- uses: docker/login-action@v2
with:
username: ${{ github.repository_owner }}
password: ${{ secrets.DOCKER_TOKEN }}

# login to github container registry
- uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- id: meta
run: |
echo "name=${{ github.repository_owner }}/$(basename "${GITHUB_REPOSITORY/node-//}")" >> "$GITHUB_OUTPUT"
# publish
- uses: docker/build-push-action@v4
with:
push: true
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: linux/amd64,linux/arm64,linux/arm/v7
tags: |
${{ matrix.registry }}/${{ github.repository_owner }}/${{ needs.metadata.outputs.image-name }}:latest
${{ matrix.registry }}/${{ github.repository_owner }}/${{ needs.metadata.outputs.image-name }}:${{ needs.release.outputs.version-major }}
${{ matrix.registry }}/${{ github.repository_owner }}/${{ needs.metadata.outputs.image-name }}:${{ needs.release.outputs.version }}
labels: |
org.opencontainers.image.title=${{ needs.metadata.outputs.image-name }}
org.opencontainers.image.url=${{ github.event.repository.html_url }}
org.opencontainers.image.version=${{ needs.release.outputs.version }}
org.opencontainers.image.source=${{ github.event.repository.html_url }}
org.opencontainers.image.revision=${{ github.sha }}
template-sync:
timeout-minutes: 5

needs:
- metadata
- test
- commit-lint
- mega-linter

# only runs on main branch for template repos
if: |
needs.metadata.outputs.repository_is_template == 'true' &&
needs.metadata.outputs.repository_default_branch == github.ref_name
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3.5.3

- uses: ahmadnassri/action-template-repository-sync@v2.4.6
with:
github-token: ${{ secrets.GH_TOKEN }}
pull-requests: write

0 comments on commit 5836268

Please sign in to comment.