Skip to content
Release

build(deps): bump actions/dependency-review-action from 2.5.1 to 3.1.0 #415

Sign in to view logs

build(deps): bump actions/dependency-review-action from 2.5.1 to 3.1.0

build(deps): bump actions/dependency-review-action from 2.5.1 to 3.1.0 #415

Workflow file for this run

.github/workflows/release.yml at d79e50e
name: Release
on:
push:
branches:
- main
workflow_dispatch:
inputs:
publishCanary:
description: 'Publish a canary release'
required: false
default: '0'
jobs:
test:
name: Lint & Test
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
with:
egress-policy: audit
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
- uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0
with:
node-version: '18'
# @see https://www.voorhoede.nl/en/blog/super-fast-npm-install-on-github-actions/
- uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
id: cache
with:
path: ./node_modules
key: ${{ runner.os }}-modules-${{ hashFiles('package-lock.json') }}
- name: Install packages
if: steps.cache.outputs.cache-hit != 'true'
run: npm ci
- name: Run postinstall
if: steps.cache.outputs.cache-hit == 'true'
run: npm run --if-present postinstall && npm rebuild && npm run prepare --if-present
- name: Lint
run: npm run lint
- name: Test
run: sudo npx playwright install-deps && npm run test:ci
- name: Publish Code Coverage
uses: paambaati/codeclimate-action@4cace242c6e0a2dd554bbb3cc12c58047d8af3e5 # v5.0.0
env:
CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
# vrt:
# name: Visual Regression Test
# runs-on: macos-12
# steps:
# - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
# - uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0
# with:
# node-version: '18'
#
# # @see https://www.voorhoede.nl/en/blog/super-fast-npm-install-on-github-actions/
# - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
# id: cache
# with:
# path: ./node_modules
# key: ${{ runner.os }}-modules-${{ hashFiles('package-lock.json') }}
#
# - name: Install packages
# if: steps.cache.outputs.cache-hit != 'true'
# run: npm ci
#
# - name: Run postinstall
# if: steps.cache.outputs.cache-hit == 'true'
# run: npm run --if-present postinstall && npm rebuild && npm run prepare --if-present
#
# - name: Test
# run: npm run test:vrt
#
# - name: Archive visual diff results
# uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
# if: failure()
# with:
# name: visual-diffs
# path: screenshots
# retention-days: 7
release:
name: Release & Deploy
# Prevents changesets action from creating a PR on forks
if: github.repository == 'inventage/web-components'
runs-on: ubuntu-latest
# needs: [ test, vrt ]
needs: [ test ]
steps:
- name: Harden Runner
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
with:
egress-policy: audit
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
- uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0
with:
node-version: '18'
# @see https://www.voorhoede.nl/en/blog/super-fast-npm-install-on-github-actions/
- uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
id: cache
with:
path: ./node_modules
key: ${{ runner.os }}-modules-${{ hashFiles('package-lock.json') }}
- name: Install packages
if: steps.cache.outputs.cache-hit != 'true'
run: npm ci
- name: Run postinstall
if: steps.cache.outputs.cache-hit == 'true'
run: npm run --if-present postinstall && npm rebuild && npm run prepare --if-present
- name: Create .npmrc
run: |
cat << EOF > "$HOME/.npmrc"
//registry.npmjs.org/:_authToken=$NPM_TOKEN
EOF
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Create Release Pull Request or Publish to npm
id: changesets
uses: changesets/action@f13b1baaa620fde937751f5d2c3572b9da32af23 # v1.4.5
with:
publish: npm run release
version: npm run version
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Storybook Build
run: npm run storybook:build
- name: Upload Website Build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: storybook-static
path: storybook-static
- name: Deploy to Github Pages
if: steps.changesets.outputs.published == 'true'
uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3.9.3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./storybook-static
allow_empty_commit: true
- name: Publishing canary releases to npm registry
if: steps.changesets.outputs.published != 'true' && github.event.inputs.publishCanary == '1'
run: |
git checkout $GITHUB_REF
npx changeset version --snapshot canary
node ./scripts/update-version-variables.mjs
npx changeset publish --tag canary
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
commit-build:
name: Commit Website Build
needs: release
# Prevents changesets action from creating a PR on forks
if: github.repository == 'inventage/web-components'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
with:
egress-policy: audit
- name: Clone the repoitory
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
with:
ref: website-build
- name: Download website build
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: storybook-static
path: storybook-static
- name: Commit and Push
run: |
if [ $(git status --porcelain=v1 2>/dev/null | wc -l) != "0" ] ; then
git config user.email "${GITHUB_ACTOR}"
git config user.name "${GITHUB_ACTOR}@users.noreply.github.com"
git add -f storybook-static
git commit -m "gh-actions deployed a new website build"
git push --force
fi