Skip to content

build(deps): bump cross-spawn in the npm_and_yarn group (#89) #88

build(deps): bump cross-spawn in the npm_and_yarn group (#89)

build(deps): bump cross-spawn in the npm_and_yarn group (#89) #88

Workflow file for this run

name: release
on:
push:
branches:
- main
paths-ignore:
- .github/**/*.md
workflow_dispatch: {}
jobs:
release:
runs-on: ubuntu-22.04
permissions:
contents: write
outputs:
latest_commit: ${{ steps.git_remote.outputs.latest_commit }}
tag_exists: ${{ steps.check_tag_exists.outputs.exists }}
env:
CI: "true"
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
fetch-depth: 0
token: ${{ secrets.PROJEN_GITHUB_TOKEN }}
- name: Set git identity
run: |-
git config user.name "github-actions"
git config user.email "github-actions@github.com"
- name: Setup pnpm
uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2
- name: Setup Node.js
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b
with:
node-version: lts/*
- name: Install dependencies
run: pnpm i --frozen-lockfile
- name: release
run: npx projen release
- name: Check if version has already been tagged
id: check_tag_exists
run: |-
TAG=$(cat dist/dist/releasetag.txt)
([ ! -z "$TAG" ] && git ls-remote -q --exit-code --tags origin $TAG && (echo "exists=true" >> $GITHUB_OUTPUT)) || (echo "exists=false" >> $GITHUB_OUTPUT)
cat $GITHUB_OUTPUT
- name: Check for new commits
id: git_remote
run: |-
echo "latest_commit=$(git ls-remote origin -h ${{ github.ref }} | cut -f1)" >> $GITHUB_OUTPUT
cat $GITHUB_OUTPUT
- name: Backup artifact permissions
if: ${{ steps.git_remote.outputs.latest_commit == github.sha }}
run: cd dist && getfacl -R . > permissions-backup.acl
continue-on-error: true
- name: Upload artifact
if: ${{ steps.git_remote.outputs.latest_commit == github.sha }}
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874
with:
name: build-artifact
path: dist
overwrite: true
release_github:
name: Publish to GitHub Releases
needs:
- release
- release_npm
runs-on: ubuntu-22.04
permissions:
contents: write
if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha
steps:
- uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b
with:
node-version: lts/*
- name: Download build artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Prepare Repository
run: mv dist .repo
- name: Collect GitHub Metadata
run: mv .repo/dist dist
- name: Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_REPOSITORY: ${{ github.repository }}
GITHUB_REF: ${{ github.sha }}
run: errout=$(mktemp); gh release create $(cat dist/releasetag.txt) -R $GITHUB_REPOSITORY -F dist/changelog.md -t $(cat dist/releasetag.txt) --target $GITHUB_REF 2> $errout && true; exitcode=$?; if [
$exitcode -ne 0 ] && ! grep -q "Release.tag_name already exists" $errout; then cat $errout; exit $exitcode; fi
release_npm:
name: Publish to npm
needs: release
runs-on: ubuntu-22.04
permissions:
id-token: write
contents: read
if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha
steps:
- uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b
with:
node-version: lts/*
- name: Download build artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: build-artifact
path: dist
- name: Restore build artifact permissions
run: cd dist && setfacl --restore=permissions-backup.acl
continue-on-error: true
- name: Setup pnpm
uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2
with:
version: 9.9.0
- name: Prepare Repository
run: mv dist .repo
- name: Install Dependencies
run: cd .repo && pnpm i --frozen-lockfile
- name: Create js artifact
run: cd .repo && npx projen package:js
- name: Collect js Artifact
run: mv .repo/dist dist
- name: Release
env:
NPM_DIST_TAG: latest
NPM_REGISTRY: registry.npmjs.org
NPM_CONFIG_PROVENANCE: "true"
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: npx -p publib@latest publib-npm