Bump github/codeql-action from 2 to 3 #175
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will run tests using node and then publish a package to the npm registry when a release is created | |
# For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages | |
name: Node.js Package | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
- master | |
jobs: | |
test: | |
runs-on: ubuntu-latest | |
steps: | |
# Clone ether/etherpad-lite to ../etherpad-lite so that ep_etherpad-lite | |
# can be "installed" in this plugin's node_modules. The checkout v2 action | |
# doesn't support cloning outside of $GITHUB_WORKSPACE (see | |
# https://github.com/actions/checkout/issues/197), so the repo is first | |
# cloned to etherpad-lite then moved to ../etherpad-lite. To avoid | |
# conflicts with this plugin's clone, etherpad-lite must be cloned and | |
# moved out before this plugin's repo is cloned to $GITHUB_WORKSPACE. | |
- | |
uses: actions/checkout@v4 | |
with: | |
repository: ether/etherpad-lite | |
path: etherpad-lite | |
- | |
run: mv etherpad-lite .. | |
# etherpad-lite has been moved outside of $GITHUB_WORKSPACE, so it is now | |
# safe to clone this plugin's repo to $GITHUB_WORKSPACE. | |
- | |
uses: actions/checkout@v4 | |
# This is necessary for actions/setup-node because '..' can't be used in | |
# cache-dependency-path. | |
- | |
name: Create ep_etherpad-lite symlink | |
run: | | |
mkdir -p node_modules | |
ln -s ../../etherpad-lite/src node_modules/ep_etherpad-lite | |
- | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 20 | |
cache: 'npm' | |
cache-dependency-path: | | |
node_modules/ep_etherpad-lite/package-lock.json | |
node_modules/ep_etherpad-lite/bin/doc/package-lock.json | |
package-lock.json | |
- run: npm install npm@6.14.18 -g | |
name: Install legacy npm for correct dependency resolution | |
# All of ep_etherpad-lite's devDependencies are installed because the | |
# plugin might do `require('ep_etherpad-lite/node_modules/${devDep}')`. | |
# Eventually it would be nice to create an ESLint plugin that prohibits | |
# Etherpad plugins from piggybacking off of ep_etherpad-lite's | |
# devDependencies. If we had that, we could change this line to only | |
# install production dependencies. | |
- | |
run: cd ../etherpad-lite/src && npm ci | |
- | |
run: npm ci | |
# This runs some sanity checks and creates a symlink at | |
# node_modules/ep_etherpad-lite that points to ../../etherpad-lite/src. | |
# This step must be done after `npm ci` installs the plugin's dependencies | |
# because npm "helpfully" cleans up such symlinks. :( Installing | |
# ep_etherpad-lite in the plugin's node_modules prevents lint errors and | |
# unit test failures if the plugin does `require('ep_etherpad-lite/foo')`. | |
- | |
run: npm install --no-save ep_etherpad-lite@file:../etherpad-lite/src | |
- | |
run: npm test | |
- | |
run: npm run lint | |
publish-npm: | |
if: github.event_name == 'push' | |
needs: test | |
runs-on: ubuntu-latest | |
steps: | |
- | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 20 | |
registry-url: https://registry.npmjs.org/ | |
cache: 'npm' | |
- run: npm install npm@6.14.18 -g | |
name: Install legacy npm for correct dependency resolution | |
- | |
name: Bump version (patch) | |
run: | | |
LATEST_TAG=$(git describe --tags --abbrev=0) || exit 1 | |
NEW_COMMITS=$(git rev-list --count "${LATEST_TAG}"..) || exit 1 | |
[ "${NEW_COMMITS}" -gt 0 ] || exit 0 | |
git config user.name 'github-actions[bot]' | |
git config user.email '41898282+github-actions[bot]@users.noreply.github.com' | |
npm ci | |
npm version patch | |
git push --follow-tags | |
# This is required if the package has a prepare script that uses something | |
# in dependencies or devDependencies. | |
- | |
run: npm ci | |
# `npm publish` must come after `git push` otherwise there is a race | |
# condition: If two PRs are merged back-to-back then master/main will be | |
# updated with the commits from the second PR before the first PR's | |
# workflow has a chance to push the commit generated by `npm version | |
# patch`. This causes the first PR's `git push` step to fail after the | |
# package has already been published, which in turn will cause all future | |
# workflow runs to fail because they will all attempt to use the same | |
# already-used version number. By running `npm publish` after `git push`, | |
# back-to-back merges will cause the first merge's workflow to fail but | |
# the second's will succeed. | |
- | |
run: npm publish | |
env: | |
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} | |
- | |
name: Add package to etherpad organization | |
run: npm access grant read-write etherpad:developers | |
env: | |
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} |