Skip to content

release

release #7

Workflow file for this run

name: release
on:
workflow_dispatch:
jobs:
check-author:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Check if user is in CODEOWNERS
id: check_user
run: |
CODEOWNERS_PATH="CODEOWNERS"
if [ ! -f "$CODEOWNERS_PATH" ]; then
echo "CODEOWNERS file not found."
exit 1
fi
# Extract GitHub usernames from CODEOWNERS file (assumes usernames, not emails or teams)
USERS=$(grep '@' $CODEOWNERS_PATH | sed -E 's/.*@([^ ]+).*/\1/' | tr '\n' ' ')
# Check if the actor is in the list of users
if [[ ! " $USERS " =~ " ${{ github.actor }} " ]]; then
echo "Error: Actor ${{ github.actor }} is not listed in CODEOWNERS."
exit 1
else
echo "Actor ${{ github.actor }} is listed in CODEOWNERS."
fi
# we can add an approval stage with the environment so it can only be run when accepted by two authorized users.
build:
needs: check-author
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
- uses: pnpm/action-setup@v3
with:
version: 9
- run: pnpm add -g pnpm
- name: 'Setup Node.js with pnpm cache'
uses: actions/setup-node@v4
with:
node-version: 20
cache: 'pnpm'
- run: pnpm install
- run: pnpm build
- name: 'Save build output'
uses: actions/cache/save@v4
with:
path: ${{ github.workspace }}
key: ${{ runner.os }}-build-${{ github.sha }}-${{ github.run_id }}
test:
needs: build
runs-on: ubuntu-latest
strategy:
matrix:
node-version: ['18.x', '20.x']
steps:
- uses: pnpm/action-setup@v3
with:
version: 9
- run: pnpm add -g pnpm
- name: 'Restore build output'
uses: actions/cache/restore@v4
with:
path: ${{ github.workspace }}
key: ${{ runner.os }}-build-${{ github.sha }}-${{ github.run_id }}
restore-keys: ${{ runner.os }}-build-${{ github.sha }}
fail-on-cache-miss: true
- name: 'Setup Node.js with pnpm cache'
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: 'pnpm'
- name: 'Run node'
run: pnpm test
- uses: actions/upload-artifact@v4
# we are only uploading the 20 coverage report so we do not have to merge them in the next step.
if: matrix.node-version == '20.x'
with:
name: coverage-artifacts
path: coverage/
report-coverage:
runs-on: ubuntu-latest
needs: [test]
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
- uses: actions/download-artifact@v4
with:
name: coverage-artifacts
path: coverage
- uses: codecov/codecov-action@v4
with:
fail_ci_if_error: true
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
lint:
needs: build
runs-on: ubuntu-latest
steps:
- uses: pnpm/action-setup@v3
with:
version: 9
- run: pnpm add -g pnpm
- name: 'Restore build output'
uses: actions/cache/restore@v4
with:
path: ${{ github.workspace }}
key: ${{ runner.os }}-build-${{ github.sha }}-${{ github.run_id }}
restore-keys: ${{ runner.os }}-build-${{ github.sha }}
fail-on-cache-miss: true
- name: 'Setup Node.js with pnpm cache'
uses: actions/setup-node@v4
with:
node-version: 20
cache: 'pnpm'
# we are not using the github action for biome, but the package.json script. this makes sure we are using the same versions.
- name: Run Biome
run: pnpm run biome:ci
publish:
# needs permissions to write tags to the repository
permissions:
contents: write
needs:
- build
- test
- lint
env:
NPM_TOKEN: ${{secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN }}
GH_TOKEN: ${{secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN }}
GH_USER: github-actions
GH_EMAIL: github-actions@github.com
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{secrets.GITHUB_TOKEN }}
- uses: pnpm/action-setup@v3
with:
version: 9
- run: pnpm add -g pnpm
- name: 'Setup Node.js with pnpm cache'
uses: actions/setup-node@v4
with:
node-version: 20
cache: 'pnpm'
- name: 'Restore build output'
uses: actions/cache/restore@v4
with:
path: ${{ github.workspace }}
key: ${{ runner.os }}-build-${{ github.sha }}-${{ github.run_id }}
restore-keys: ${{ runner.os }}-build-${{ github.sha }}
fail-on-cache-miss: true
- name: 'Setup git coordinates'
run: |
git remote set-url origin https://${{github.actor}}:${{secrets.TOKEN}}@github.com/${{ github.repository }}.git
git config user.name $GH_USER
git config user.email $GH_EMAIL
- name: 'Setup npm registry'
run: |
echo "@sd-jwt:registry=https://registry.npmjs.org/" > .npmrc
echo "registry=https://registry.npmjs.org/" >> .npmrc
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> .npmrc
npm whoami
- name: 'Publish latest version'
run: pnpm publish:latest
- name: 'Format generated files and commit changes'
run: |
pnpm format
git add .
git commit -m "chore: format generated files"
git push origin HEAD:main --tags