chore(deps): update website #1950
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI & Release | |
| on: | |
| # Build on pushes branches that have a PR (including drafts) | |
| pull_request: | |
| # Build on commits pushed to branches without a PR if it's in the allowlist | |
| push: | |
| branches: [current] | |
| # https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow | |
| # https://github.com/sanity-io/semantic-release-preset/actions/workflows/ci.yml | |
| workflow_dispatch: | |
| inputs: | |
| test: | |
| description: "Run tests" | |
| required: true | |
| default: true | |
| type: boolean | |
| release: | |
| description: "Publish new release" | |
| required: true | |
| default: false | |
| type: boolean | |
| concurrency: | |
| group: ${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read # for checkout | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: pnpm/action-setup@v4 | |
| - uses: actions/setup-node@v5 | |
| with: | |
| node-version: lts/* | |
| - run: pnpm install | |
| - run: pnpm lint | |
| - run: pnpm prepublishOnly | |
| test: | |
| needs: build | |
| if: github.event.inputs.test != 'false' | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [macos-latest, ubuntu-latest, windows-latest] | |
| node: [lts/*] | |
| include: | |
| - os: ubuntu-latest | |
| node: current | |
| steps: | |
| - name: Set git to use LF | |
| if: matrix.os == 'windows-latest' | |
| run: | | |
| git config --global core.autocrlf false | |
| git config --global core.eol lf | |
| - uses: actions/checkout@v5 | |
| - uses: pnpm/action-setup@v4 | |
| - uses: actions/setup-node@v5 | |
| with: | |
| node-version: ${{ matrix.node }} | |
| - run: pnpm install | |
| - run: pnpm test | |
| release: | |
| permissions: | |
| id-token: write # to enable use of OIDC for npm provenance | |
| needs: test | |
| if: always() && github.event.inputs.release == 'true' && needs.test.result != 'failure' && needs.test.result != 'cancelled' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/create-github-app-token@v2 | |
| id: app-token | |
| with: | |
| app-id: ${{ secrets.ECOSPARK_APP_ID }} | |
| private-key: ${{ secrets.ECOSPARK_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v5 | |
| with: | |
| # Need to fetch entire commit history to | |
| # analyze every commit since last release | |
| fetch-depth: 0 | |
| # Uses generated token to allow pushing commits back | |
| token: ${{ steps.app-token.outputs.token }} | |
| # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config | |
| persist-credentials: false | |
| - uses: pnpm/action-setup@v4 | |
| - uses: actions/setup-node@v5 | |
| with: | |
| node-version: lts/* | |
| - run: pnpm install | |
| - run: pnpm exec semantic-release | |
| # Don't allow interrupting the release step if the job is cancelled, as it can lead to an inconsistent state | |
| # e.g. git tags were pushed but it exited before `pnpm publish` | |
| if: always() | |
| env: | |
| NPM_CONFIG_PROVENANCE: true | |
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | |
| NPM_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }} |