-
Notifications
You must be signed in to change notification settings - Fork 105
78 lines (72 loc) · 2.19 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
name: v4.x releases
on:
push:
branches:
# Pushes to the branch below will test the release workflow without
# publishing version on npm or generating new git tags
- v4.x-test
tags:
- 'v4.[0-9]+.[0-9]+'
- 'v4.[0-9]+.[0-9]+-alpha.[0-9]+'
- 'v4.[0-9]+.[0-9]+-beta.[0-9]+'
jobs:
install:
name: Install
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Cache node_modules
id: cacheModules
uses: actions/cache@v4
with:
path: ~/.npm # cache where "npm install" uses before going out to the network
key: ${{ runner.os }}-node-${{ hashFiles('**/package.json') }}
- name: Install dependencies
if: steps.cacheModules.outputs.cache-hit != 'true'
run: npm install
debug:
name: Debug
runs-on: ubuntu-latest
steps:
- uses: hmarr/debug-action@v3
checks:
name: Check
needs: [install]
uses: ./.github/workflows/checks.yml
with:
ref: ${{ github.sha }}
# The security job can't run on pull requests opened from forks because
# Github doesn't pass down the SNYK_TOKEN environment variable.
security:
name: Check Security
needs: [install]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v4
with:
path: ~/.npm # cache where "npm install" uses before going out to the network
key: ${{ runner.os }}-node-${{ hashFiles('**/package.json') }}
- run: npm install --prefer-offline
- run: make secure
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
publish:
name: Publish to NPM registry
runs-on: ubuntu-latest
needs: [checks, security]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
# Setup .npmrc file to publish to npm
registry-url: 'https://registry.npmjs.org'
- uses: actions/cache@v4
with:
path: ~/.npm # this is cache where npm installs from before going out to the network
key: ${{ runner.os }}-node-${{ hashFiles('**/package.json') }}
- run: npm install --prefer-offline
- run: make publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}