-
Notifications
You must be signed in to change notification settings - Fork 12
133 lines (126 loc) · 5.41 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
---
name: CI & Release
# Workflow name based on selected inputs. Fallback to default Github naming when expression evaluates to empty string
run-name: >-
${{
inputs.release && inputs.test && format('Build {0} ➤ Test ➤ Publish to NPM', github.ref_name) ||
inputs.release && !inputs.test && format('Build {0} ➤ Skip Tests ➤ Publish to NPM', github.ref_name) ||
github.event_name == 'workflow_dispatch' && inputs.test && format('Build {0} ➤ Test', github.ref_name) ||
github.event_name == 'workflow_dispatch' && !inputs.test && format('Build {0} ➤ Skip Tests', github.ref_name) ||
''
}}
on:
# Build on pushes branches that have a PR (including drafts)
pull_request:
# Build on commits pushed to branches without a PR if it's in the allowlist
push:
branches: [main]
# https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow
workflow_dispatch:
inputs:
test:
description: Run tests
required: true
default: true
type: boolean
release:
description: Release new version
required: true
default: false
type: boolean
concurrency:
# On PRs builds will cancel if new pushes happen before the CI completes, as it defines `github.head_ref` and gives it the name of the branch the PR wants to merge into
# Otherwise `github.run_id` ensures that you can quickly merge a queue of PRs without causing tests to auto cancel on any of the commits pushed to main.
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read # for checkout
jobs:
build:
runs-on: ubuntu-latest
name: Lint & Build
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
cache: npm
node-version: lts/*
- run: npm ci
# Linting can be skipped
- run: npm run lint --if-present
if: github.event.inputs.test != 'false'
# But not the build script, as semantic-release will crash if this command fails so it makes sense to test it early
- run: npm run prepublishOnly --if-present
test:
needs: build
# The test matrix can be skipped, in case a new release needs to be fast-tracked and tests are already passing on main
if: github.event.inputs.test != 'false'
runs-on: ${{ matrix.os }}
name: Node.js ${{ matrix.node }} / ${{ matrix.os }}
strategy:
# A test failing on windows doesn't mean it'll fail on macos. It's useful to let all tests run to its completion to get the full picture
fail-fast: false
matrix:
# Run the testing suite on each major OS with the latest LTS release of Node.js
os: [macos-latest, ubuntu-latest, windows-latest]
node: [lts/*]
# It makes sense to also test the oldest, and latest, versions of Node.js, on ubuntu-only since it's the fastest CI runner
include:
- os: ubuntu-latest
# Test the oldest LTS release of Node that's still receiving bugfixes and security patches, versions older than that have reached End-of-Life
node: lts/-2
- os: ubuntu-latest
# Test the actively developed version that will become the latest LTS release next October
node: current
steps:
# It's only necessary to do this for windows, as mac and ubuntu are sane OS's that already use LF
- name: Set git to use LF
if: matrix.os == 'windows-latest'
run: |
git config --global core.autocrlf false
git config --global core.eol lf
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
cache: npm
node-version: ${{ matrix.node }}
- run: npm i
- run: npm test --if-present
release:
permissions:
contents: write # to be able to publish a GitHub release
issues: write # to be able to comment on released issues
pull-requests: write # to be able to comment on released pull requests
id-token: write # to enable use of OIDC for npm provenance
needs: [build, test]
# only run if opt-in during workflow_dispatch
if: always() && github.event.inputs.release == 'true' && needs.build.result != 'failure' && needs.test.result != 'failure' && needs.test.result != 'cancelled'
runs-on: ubuntu-latest
name: Semantic release
steps:
- uses: actions/checkout@v4
with:
# Need to fetch entire commit history to
# analyze every commit since last release
fetch-depth: 0
- uses: actions/setup-node@v4
with:
cache: npm
node-version: lts/*
- run: npm ci
# Branches that will release new versions are defined in .releaserc.json
- run: npx semantic-release
# Don't allow interrupting the release step if the job is cancelled, as it can lead to an inconsistent state
# e.g. git tags were pushed but it exited before `npm publish`
if: always()
env:
NPM_CONFIG_PROVENANCE: true
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}
# Re-run semantic release with rich logs if it failed to publish for easier debugging
- run: npx semantic-release --dry-run --debug
if: failure()
env:
NPM_CONFIG_PROVENANCE: true
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}