-
Notifications
You must be signed in to change notification settings - Fork 1
225 lines (195 loc) · 7.61 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
name: Release
on:
push:
branches:
- main
workflow_dispatch:
inputs:
publishCanary:
description: 'Publish a canary release'
required: false
default: '0'
permissions:
pull-requests: write
contents: write
jobs:
test:
name: Lint & Test
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: '18'
# @see https://www.voorhoede.nl/en/blog/super-fast-npm-install-on-github-actions/
- uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1
id: cache
with:
path: ./node_modules
key: ${{ runner.os }}-modules-${{ hashFiles('package-lock.json') }}
- name: Install packages
if: steps.cache.outputs.cache-hit != 'true'
run: npm ci
- name: Run postinstall
if: steps.cache.outputs.cache-hit == 'true'
run: npm run --if-present postinstall && npm rebuild && npm run prepare --if-present
- name: Lint
run: npm run lint
# Install playwright + deps with caching
# @see https://github.com/microsoft/playwright/issues/7249#issuecomment-1385567519
- name: Store Playwright's Version
run: |
PLAYWRIGHT_VERSION=$(npm ls playwright | grep ' playwright' | sed 's/.*@//')
echo "Playwright's Version: $PLAYWRIGHT_VERSION"
echo "PLAYWRIGHT_VERSION=$PLAYWRIGHT_VERSION" >> $GITHUB_ENV
- name: Cache Playwright Browsers for Playwright's Version
id: cache-playwright-browsers
uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1
with:
path: ~/.cache/ms-playwright
key: playwright-browsers-${{ env.PLAYWRIGHT_VERSION }}
- name: Setup Playwright
if: steps.cache-playwright-browsers.outputs.cache-hit != 'true'
run: npx playwright install --with-deps
- name: Test
run: sudo npx playwright install-deps && npm run test:ci
# - name: Publish Code Coverage
# uses: paambaati/codeclimate-action@4cace242c6e0a2dd554bbb3cc12c58047d8af3e5 # v5.0.0
# env:
# CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
# vrt:
# name: Visual Regression Test
# runs-on: macos-12
# steps:
# - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
# - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
# with:
# node-version: '18'
#
# # @see https://www.voorhoede.nl/en/blog/super-fast-npm-install-on-github-actions/
# - uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1
# id: cache
# with:
# path: ./node_modules
# key: ${{ runner.os }}-modules-${{ hashFiles('package-lock.json') }}
#
# - name: Install packages
# if: steps.cache.outputs.cache-hit != 'true'
# run: npm ci
#
# - name: Run postinstall
# if: steps.cache.outputs.cache-hit == 'true'
# run: npm run --if-present postinstall && npm rebuild && npm run prepare --if-present
#
# - name: Test
# run: npm run test:vrt
#
# - name: Archive visual diff results
# uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
# if: failure()
# with:
# name: visual-diffs
# path: screenshots
# retention-days: 7
release:
name: Release & Deploy
# Prevents changesets action from creating a PR on forks
if: github.repository == 'inventage/web-components'
runs-on: ubuntu-latest
# needs: [ test, vrt ]
needs: [ test ]
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: '18'
# @see https://www.voorhoede.nl/en/blog/super-fast-npm-install-on-github-actions/
- uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1
id: cache
with:
path: ./node_modules
key: ${{ runner.os }}-modules-${{ hashFiles('package-lock.json') }}
- name: Install packages
if: steps.cache.outputs.cache-hit != 'true'
run: npm ci
- name: Run postinstall
if: steps.cache.outputs.cache-hit == 'true'
run: npm run --if-present postinstall && npm rebuild && npm run prepare --if-present
- name: Create .npmrc
run: |
cat << EOF > "$HOME/.npmrc"
//registry.npmjs.org/:_authToken=$NPM_TOKEN
EOF
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Create Release Pull Request or Publish to npm
id: changesets
uses: changesets/action@aba318e9165b45b7948c60273e0b72fce0a64eb9 # v1.4.7
with:
publish: npm run release
version: npm run version
env:
# Use PAT due to https://github.com/orgs/community/discussions/25702
GITHUB_TOKEN: ${{ secrets.PAT_TOKEN }}
- name: Storybook Build
run: npm run storybook:build
- name: Upload Website Build
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: storybook-static
path: storybook-static
- name: Deploy to Github Pages
if: steps.changesets.outputs.published == 'true'
uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3.9.3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./storybook-static
allow_empty_commit: true
- name: Publishing canary releases to npm registry
if: steps.changesets.outputs.published != 'true' && github.event.inputs.publishCanary == '1'
run: |
git checkout $GITHUB_REF
npx changeset version --snapshot canary
node ./scripts/update-version-variables.mjs
npx changeset publish --tag canary
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
commit-build:
name: Commit Website Build
needs: release
# Prevents changesets action from creating a PR on forks
if: github.repository == 'inventage/web-components'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: Clone the repoitory
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: website-build
- name: Download website build
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
with:
name: storybook-static
path: storybook-static
- name: Commit and Push
run: |
if [ $(git status --porcelain=v1 2>/dev/null | wc -l) != "0" ] ; then
git config user.email "${GITHUB_ACTOR}"
git config user.name "${GITHUB_ACTOR}@users.noreply.github.com"
git add -f storybook-static
git commit -m "gh-actions deployed a new website build"
git push --force
fi