Release #40
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # docs: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions | |
| name: Release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| newversion: | |
| # is param from `yarn version`. therefore the description should reference all the options from there | |
| description: 'one of: [<newversion> | major | minor | patch | premajor | preminor | prepatch | prerelease ]' | |
| required: true | |
| commitMessage: | |
| description: 'Release/commit message (%s will be replaced with the resulting version number)' | |
| default: '%s' | |
| required: true | |
| prerelease: | |
| description: "This is a pre-release" | |
| type: boolean | |
| default: false | |
| required: false | |
| permissions: {} | |
| env: | |
| REPORTS_DIR: CI_reports | |
| BUNDLES_DIR: bundles | |
| DIST_DIR: dist | |
| PACKED_DIR: CI_packed | |
| NODE_ACTIVE_LTS: "22" # https://nodejs.org/en/about/releases/ | |
| jobs: | |
| bump: | |
| name: bump and tag release | |
| concurrency: release-bump | |
| outputs: | |
| version: ${{ steps.bump.outputs.version }} | |
| version_plain: ${{ steps.bump.outputs.version_plain }} | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| permissions: | |
| contents: write # needed for git push | |
| steps: | |
| - name: Checkout | |
| # see https://github.com/actions/checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ needs.bump.outputs.version }} | |
| - name: Configure Git | |
| # needed for push back of changes | |
| run: | | |
| set -eux | |
| git config --local user.email "${GITHUB_ACTOR}@users.noreply.github.com" | |
| git config --local user.name "${GITHUB_ACTOR}" | |
| - name: Setup Node.js ${{ env.NODE_ACTIVE_LTS }} | |
| # see https://github.com/actions/setup-node | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: ${{ env.NODE_ACTIVE_LTS }} | |
| package-manager-cache: false | |
| # cache: 'yarn' | |
| - name: Setup yarn | |
| run: corepack enable yarn | |
| - name: Setup Node.js ${{ env.NODE_ACTIVE_LTS }} | |
| # see https://github.com/actions/setup-node | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: ${{ env.NODE_ACTIVE_LTS }} | |
| package-manager-cache: false | |
| ## ! no npm build at the moment | |
| - name: bump VERSION | |
| id: bump | |
| # `npm version` seams superior to `yarn version` ... | |
| run: | | |
| set -eux | |
| yarn version -i "$NPMV_NEWVERSION" | |
| VERSION_PLAIN="$(jq -r .version package.json)" | |
| echo "::debug::plain version = $VERSION_PLAIN" | |
| VERSION="v$VERSION_PLAIN" # with leading v | |
| echo "::debug::new version = $VERSION" | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| echo "version_plain=$VERSION_PLAIN" >> $GITHUB_OUTPUT | |
| env: | |
| YARNV_NEWVERSION: ${{ github.event.inputs.newversion }} | |
| - name: git commit & push back | |
| run: | | |
| set -eux | |
| GCOMMIT_MESSAGE="${COMMIT_MESSAGE//%s/$VERSION_PLAIN}" | |
| git add package.json yarn.lock | |
| git commit -s -m "$GCOMMIT_MESSAGE" | |
| git tag "$GTAG_NAME" | |
| git push --follow-tags | |
| env: | |
| COMMIT_MESSAGE: ${{ github.event.inputs.commitMessage }} | |
| GTAG_NAME: ${{ steps.bump.outputs.version }} | |
| VERSION_PLAIN: ${{ steps.bump.outputs.version_plain }} | |
| build: | |
| needs: [ "bump" ] | |
| name: build | |
| runs-on: 'ubuntu-latest' | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Checkout | |
| # see https://github.com/actions/checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ needs.bump.outputs.version }} | |
| - name: Setup Node.js ${{ env.NODE_ACTIVE_LTS }} | |
| # see https://github.com/actions/setup-node | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: ${{ env.NODE_ACTIVE_LTS }} | |
| package-manager-cache: false | |
| # cache: 'yarn' | |
| - name: Setup yarn | |
| run: corepack enable yarn | |
| - name: Setup subject | |
| run: yarn install --immutable | |
| - name: build | |
| run: yarn run build | |
| - name: artifact build result | |
| # see https://github.com/actions/upload-artifact | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: ${{ env.BUNDLES_DIR }} | |
| path: ${{ env.BUNDLES_DIR }} | |
| retention-days: 5 | |
| if-no-files-found: error | |
| - name: make dist | |
| run: yarn run make-dist | |
| - name: artifact build result | |
| # see https://github.com/actions/upload-artifact | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: ${{ env.DIST_DIR }} | |
| path: ${{ env.DIST_DIR }} | |
| retention-days: 5 | |
| if-no-files-found: error | |
| test-licenses: | |
| needs: [ 'bump', 'build' ] | |
| name: test licenses | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Checkout | |
| # see https://github.com/actions/checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ needs.bump.outputs.version }} | |
| - name: install tools | |
| run: pip install -r tools/test-3rd-party-licenses.requirements.txt | |
| - name: Setup Node.js ${{ env.NODE_ACTIVE_LTS }} | |
| # see https://github.com/actions/setup-node | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: ${{ env.NODE_ACTIVE_LTS }} | |
| package-manager-cache: false | |
| # cache: 'yarn' | |
| - name: Setup yarn | |
| run: corepack enable yarn | |
| - name: fetch build artifact | |
| # see https://github.com/actions/download-artifact | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: ${{ env.BUNDLES_DIR }} | |
| path: ${{ env.BUNDLES_DIR }} | |
| - name: Setup subject | |
| run: yarn install --immutable | |
| - name: make NOTICE and summary | |
| run: | | |
| mkdir -p _tmp | |
| yarn node tools/write-3rd-party-licenses.cjs _tmp/NOTICE _tmp/lsummary.json | |
| - name: artifact build result | |
| # see https://github.com/actions/upload-artifact | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: licenses-files | |
| path: | | |
| _tmp/NOTICE | |
| _tmp/lsummary.json | |
| retention-days: 5 | |
| if-no-files-found: error | |
| - name: test license compatibility | |
| run: tools/test-3rd-party-licenses.sh _tmp/lsummary.json | |
| test-node: | |
| needs: | |
| - 'bump' | |
| - 'build' | |
| name: test node | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout | |
| # see https://github.com/actions/checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ needs.bump.outputs.version }} | |
| - name: Setup Node.js ${{ env.NODE_ACTIVE_LTS }} | |
| # see https://github.com/actions/setup-node | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: ${{ env.NODE_ACTIVE_LTS }} | |
| package-manager-cache: false | |
| - name: Setup yarn | |
| run: corepack enable yarn | |
| - name: Setup subject | |
| run: yarn install --immutable | |
| - name: setup-tests | |
| run: yarn run setup-tests | |
| - name: fetch build artifact | |
| # see https://github.com/actions/download-artifact | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: ${{ env.BUNDLES_DIR }} | |
| path: ${{ env.BUNDLES_DIR }} | |
| - name: run tests | |
| run: yarn run test:node | |
| publish-registry: | |
| needs: | |
| - "build" | |
| - "test-licenses" | |
| - "test-node" | |
| name: publish NPMJS | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| permissions: | |
| id-token: write # Enables provenance signing via OIDC | |
| env: | |
| NPMJS_RELEASE_TAG: ${{ github.event.inputs.prerelease == 'true' && 'unstable-prerelease' || 'latest' }} | |
| steps: | |
| - name: fetch build artifact | |
| # see https://github.com/actions/download-artifact | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: ${{ env.DIST_DIR }} | |
| path: . | |
| - name: Setup Node.js ${{ env.NODE_ACTIVE_LTS }} | |
| # see https://github.com/actions/setup-node | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: ${{ env.NODE_ACTIVE_LTS }} | |
| package-manager-cache: false | |
| - name: Setup yarn | |
| run: corepack enable yarn | |
| - name: yarn install | |
| run: yarn install --no-immutable | |
| - name: Set NPM authentication | |
| run: yarn config set npmAuthToken "$NPM_AUTH_TOKEN" | |
| env: | |
| NPM_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| - name: publish to registry as "${{ env.NPMJS_RELEASE_TAG }}" | |
| run: > | |
| yarn npm publish | |
| --provenance | |
| --access public | |
| --tag "$NPMJS_RELEASE_TAG" | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| - name: pack release result | |
| run: | | |
| mkdir -p "$PACKED_DIR" | |
| yarn pack --out "$PACKED_DIR"/%s-%v.tgz | |
| - name: artifact release result | |
| # see https://github.com/actions/upload-artifact | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: ${{ env.PACKED_DIR }} | |
| path: ${{ env.PACKED_DIR }}/ | |
| if-no-files-found: error | |
| release-GH: | |
| needs: | |
| - "bump" | |
| - "build" | |
| - "publish-registry" | |
| name: publish GitHub | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| permissions: | |
| contents: write # create a release | |
| env: | |
| ASSETS_DIR: release_assets | |
| steps: | |
| - name: fetch packages | |
| # see https://github.com/actions/download-artifact | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: ${{ env.PACKED_DIR }} | |
| path: ${{ env.PACKED_DIR }} | |
| - name: fetch dist | |
| # see https://github.com/actions/download-artifact | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: ${{ env.DIST_DIR }} | |
| path: ${{ env.DIST_DIR }} | |
| - name: prepare assets | |
| run: | | |
| set -exu | |
| mkdir -p "$ASSETS_DIR" | |
| cp -t "$ASSETS_DIR" \ | |
| "$PACKED_DIR"/*.tgz \ | |
| "$DIST_DIR/yarn-plugin-cyclonedx.cjs" \ | |
| "$DIST_DIR/LICENSE" \ | |
| "$DIST_DIR/NOTICE" | |
| - name: Create Release | |
| id: release | |
| # see https://github.com/softprops/action-gh-release | |
| uses: softprops/action-gh-release@v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ needs.bump.outputs.version }} | |
| name: ${{ needs.bump.outputs.version_plain }} | |
| prerelease: ${{ github.event.inputs.prerelease }} | |
| files: '${{ env.ASSETS_DIR }}/*' | |
| # If a tag already has a GitHub release, the existing release will be updated with the release assets. |