DEV - Refactor release CI workflow #23
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Build and maybe release conda-store-ui" | |
on: | |
release: | |
types: [published] | |
push: | |
branches: [main] | |
tags: ["*"] | |
pull_request: | |
branches: | |
- main | |
workflow_dispatch: | |
env: | |
FORCE_COLOR: "1" | |
PACKAGE_FILE: "conda-store-ui.tgz" | |
permissions: | |
id-token: write | |
attestations: write | |
contents: read | |
jobs: | |
# always build and verify | |
build-application: | |
name: "Build conda-store-ui" | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Checkout repository 🛎" | |
uses: actions/checkout@v4 | |
- name: "Set up Node.js 🧶" | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
cache: "yarn" | |
- name: "Install dependencies 📦" | |
run: yarn | |
- name: "Lint code 🔍" | |
run: yarn eslint:check | |
- name: "Build application 🏗" | |
run: yarn run build | |
- name: "Build application artifacts 🏗" | |
# ensure we use the prod target to minimise assets | |
run: yarn run webpack:prod bundle | |
- name: "Generate package tarball 📦" | |
run: yarn pack --filename ${{ env.PACKAGE_FILE }} | |
- name: "Upload package tarball 📤" | |
uses: actions/upload-artifact@v4 | |
with: | |
name: conda-store-ui-package | |
path: ${{ env.PACKAGE_FILE }} | |
release-to-npm: | |
name: "Release conda-store-ui to NPM 📦" | |
runs-on: ubuntu-latest | |
needs: build-application | |
steps: | |
# Setup .npmrc file to publish to npm | |
- name: "Set up Node.js 🧶" | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
registry-url: "https://registry.npmjs.org" | |
scope: "@conda-store-ui" | |
- name: "Download build artefacts 📦" | |
uses: actions/download-artifact@v4 | |
with: | |
name: conda-store-ui-package | |
path: packages/ | |
- name: "Check downloaded artefacts 🔍" | |
run: ls -R packages/ | |
- name: "Attest Build Provenance ✨" | |
uses: actions/attest-build-provenance@v1 | |
with: | |
subject-path: packages/${{ env.PACKAGE_FILE }} | |
- name: "Set NPM scope" #(setup-node workaround https://github.com/actions/setup-node/issues/763) | |
env: | |
NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
run: | | |
npm config delete @conda-store-ui:registry --location project | |
npm config set @conda-store-ui:registry 'https://registry.npmjs.org' --location project | |
npm config set //registry.npmjs.org/:_authToken '${NPM_AUTH_TOKEN}' --location project | |
# we always do a dry run for the publish | |
- name: "Check publish (dry run) 📤" | |
run: | | |
echo "Publishing with tag ${{ env.GITHUB_REF_NAME }}" | |
npm publish --verbose --access public packages/${{ env.PACKAGE_FILE }} --dry-run | |
env: | |
NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: "Publish to npm 📤" | |
if: github.repository_owner == 'conda-incubator' && github.event_name == 'release' && startsWith(github.ref, 'refs/tags/') | |
run: | | |
echo "Publishing with tag ${{ env.GITHUB_REF_NAME }}" | |
npm publish --verbose --access public packages/${{ env.PACKAGE_FILE }} --dry-run | |
env: | |
NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} |