Skip to content

feat!: update dependencies #56

feat!: update dependencies

feat!: update dependencies #56

Workflow file for this run

---
name: CI & Release
# Workflow name based on selected inputs. Fallback to default Github naming when expression evaluates to empty string
run-name: >-
${{
inputs.release && inputs.test && 'Build ➤ Test ➤ Publish to NPM' ||
inputs.release && !inputs.test && 'Build ➤ Skip Tests ➤ Publish to NPM' ||
github.event_name == 'workflow_dispatch' && inputs.test && 'Build ➤ Test' ||
github.event_name == 'workflow_dispatch' && !inputs.test && 'Build ➤ Skip Tests' ||
''
}}
on:
# Build on pushes branches that have a PR (including drafts)
pull_request:
# Build on commits pushed to branches without a PR if it's in the allowlist
push:
branches: [main]
# https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow
workflow_dispatch:
inputs:
test:
description: Run tests
required: true
default: true
type: boolean
release:
description: Release new version
required: true
default: false
type: boolean
concurrency:
# On PRs builds will cancel if new pushes happen before the CI completes, as it defines `github.head_ref` and gives it the name of the branch the PR wants to merge into
# Otherwise `github.run_id` ensures that you can quickly merge a queue of PRs without causing tests to auto cancel on any of the commits pushed to main.
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read # for checkout
jobs:
build:
runs-on: ubuntu-latest
name: Lint & Build
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
cache: npm
node-version: lts/*
- run: npm ci
# Linting can be skipped
- run: npm run lint --if-present
if: github.event.inputs.test != 'false'
# But not the build script, as semantic-release will crash if this command fails so it makes sense to test it early
- run: npm run prepublishOnly --if-present
test:
needs: build
# The test matrix can be skipped, in case a new release needs to be fast-tracked and tests are already passing on main
if: github.event.inputs.test != 'false'
runs-on: ${{ matrix.os }}
name: Node.js ${{ matrix.node }} / ${{ matrix.os }}
strategy:
# A test failing on windows doesn't mean it'll fail on macos. It's useful to let all tests run to its completion to get the full picture
fail-fast: false
matrix:
# Run the testing suite on each major OS with the latest LTS release of Node.js
os: [macos-latest, ubuntu-latest, windows-latest]
node: [lts/*]
# It makes sense to also test the oldest, and latest, versions of Node.js, on ubuntu-only since it's the fastest CI runner
include:
- os: ubuntu-latest
# Test the oldest LTS release of Node that's still receiving bugfixes and security patches, versions older than that have reached End-of-Life
node: lts/-1
- os: ubuntu-latest
# Test the actively developed version that will become the latest LTS release next October
node: current
steps:
# It's only necessary to do this for windows, as mac and ubuntu are sane OS's that already use LF
- name: Set git to use LF
if: matrix.os == 'windows-latest'
run: |
git config --global core.autocrlf false
git config --global core.eol lf
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
cache: npm
node-version: ${{ matrix.node }}
- run: npm install
- run: npm test --if-present
release:
permissions:
id-token: write # to enable use of OIDC for npm provenance
needs: [build, test]
# only run if opt-in during workflow_dispatch
if: always() && github.event.inputs.release == 'true' && needs.build.result != 'failure' && needs.test.result != 'failure' && needs.test.result != 'cancelled'
runs-on: ubuntu-latest
name: Semantic release
steps:
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
- uses: actions/checkout@v4
with:
# Need to fetch entire commit history to
# analyze every commit since last release
fetch-depth: 0
# Uses generated token to allow pushing commits back when strict branch rules are used
token: ${{ steps.app-token.outputs.token }}
# Make sure the value of GITHUB_TOKEN will not be persisted in repo's config
persist-credentials: false
- uses: actions/setup-node@v4
with:
cache: npm
node-version: lts/*
- run: npm clean-install
- run: npm audit signatures
# Branches that will release new versions are defined in .releaserc.json
- run: npx semantic-release
# Don't allow interrupting the release step if the job is cancelled, as it can lead to an inconsistent state
# e.g. git tags were pushed but it exited before `npm publish`
if: always()
env:
NPM_CONFIG_PROVENANCE: true
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
NPM_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }}