fix(monorepo): Resolved issue with tokens passed to CodeQL action #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Build and Release" | |
on: | |
workflow_dispatch: | |
inputs: | |
tag: | |
description: override release tag | |
required: false | |
push: | |
branches: | |
- "main" | |
- "next" | |
- "alpha" | |
- "beta" | |
env: | |
CI: true | |
NX_VERBOSE_LOGGING: true | |
STORM_WORKER: stormie-bot | |
STORM_REPOSITORY: github.repositoryUrl | |
STORM_WORKSPACE_ROOT: ${{ github.workspace }} | |
NX_BASE: ${{ github.base_ref }} | |
NX_HEAD: ${{ github.head_ref }} | |
GITHUB_ACTOR: ${{ github.actor }} | |
GITHUB_TOKEN: ${{ github.token }} | |
NPM_TOKEN: ${{ secrets.STORMIE_NPM_TOKEN }} | |
jobs: | |
build-and-release: | |
if: github.repository == 'storm-software/acidic' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/next' || github.ref == 'refs/heads/alpha' || github.ref == 'refs/heads/beta') | |
name: "Build & Release" | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
token: ${{ secrets.STORMIE_GITHUB_TOKEN }} | |
- name: Setup workspace | |
uses: ./.github/actions/setup-workspace | |
- name: Configure git | |
run: | | |
git config user.name "${{ env.STORM_WORKER }}" | |
git config user.email "${{ env.STORM_WORKER }}@users.noreply.github.com" | |
git config lfs.allowincompletepush true | |
npm config set //registry.npmjs.org/:_authToken=$NPM_TOKEN | |
- name: Get appropriate base and head commits for `nx affected` commands | |
uses: nrwl/nx-set-shas@v4 | |
with: | |
main-branch-name: "main" | |
- name: Set appropriate base and head commits for `nx affected` commands | |
run: | | |
echo "BASE: ${{ env.NX_BASE }}" | |
echo "HEAD: ${{ env.NX_HEAD }}" | |
- name: Build repository packages | |
run: pnpm build:all | |
- name: Run Linters | |
run: pnpm lint | |
- name: Run Formatters | |
run: pnpm nx format | |
- name: Build repository packages | |
run: pnpm build:all | |
#- name: Run Tests | |
# uses: nick-fields/retry@v2.8.3 | |
# with: | |
# command: npx nx affected -t test --parallel=3 --configuration=ci --base=${{ github.event.before }} | |
# timeout_minutes: 10 | |
# max_attempts: 3 | |
#- name: Upload coverage to Codecov | |
# uses: codecov/codecov-action@v3 | |
- name: Release Library Version Updates | |
run: pnpm release --base=${{ env.NX_BASE }} --head=${{ env.NX_HEAD }} | |
env: | |
GITHUB_ACTOR: ${{ env.GITHUB_ACTOR }} | |
GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }} | |
GH_TOKEN: ${{ env.GITHUB_TOKEN }} | |
NPM_TOKEN: ${{ env.NPM_TOKEN }} | |
NPM_AUTH_TOKEN: ${{ env.NPM_TOKEN }} | |
NODE_AUTH_TOKEN: ${{ env.NPM_TOKEN }} | |
TAG: ${{ inputs.tag }} |