Merge pull request #34 from keycloakify/non_jwt_refresh_token #198
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
test_format: | |
runs-on: ubuntu-latest | |
if: ${{ !github.event.created && github.repository != 'garronej/ts-ci' }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
- uses: bahmutov/npm-install@v1 | |
- name: If this step fails run 'yarn format' then commit again. | |
run: yarn format:check | |
test: | |
runs-on: ${{ matrix.os }} | |
needs: test_format | |
strategy: | |
matrix: | |
node: [ '20' ] | |
os: [ ubuntu-latest ] | |
name: Test with Node v${{ matrix.node }} on ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node }} | |
- uses: bahmutov/npm-install@v1 | |
- run: yarn build | |
check_if_version_upgraded: | |
name: Check if version upgrade | |
# When someone forks the repo and opens a PR we want to enables the tests to be run (the previous jobs) | |
# but obviously only us should be allowed to release. | |
# In the following check we make sure that we own the branch this CI workflow is running on before continuing. | |
# Without this check, trying to release would fail anyway because only us have the correct secret.NPM_TOKEN but | |
# it's cleaner to stop the execution instead of letting the CI crash. | |
if: | | |
github.event_name == 'push' || | |
github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login | |
runs-on: ubuntu-latest | |
needs: test | |
outputs: | |
from_version: ${{ steps.step1.outputs.from_version }} | |
to_version: ${{ steps.step1.outputs.to_version }} | |
is_upgraded_version: ${{ steps.step1.outputs.is_upgraded_version }} | |
is_pre_release: ${{steps.step1.outputs.is_pre_release }} | |
steps: | |
- uses: garronej/[email protected] | |
id: step1 | |
with: | |
action_name: is_package_json_version_upgraded | |
branch: ${{ github.head_ref || github.ref }} | |
create_github_release: | |
runs-on: ubuntu-latest | |
# We create release only if the version in the package.json have been upgraded and this CI is running against the main branch. | |
# We allow branches with a PR open on main to publish pre-release (x.y.z-rc.u) but not actual releases. | |
if: | | |
needs.check_if_version_upgraded.outputs.is_upgraded_version == 'true' && | |
( | |
github.event_name == 'push' || | |
needs.check_if_version_upgraded.outputs.is_pre_release == 'true' | |
) | |
needs: | |
- check_if_version_upgraded | |
steps: | |
- uses: softprops/action-gh-release@v1 | |
with: | |
name: Release v${{ needs.check_if_version_upgraded.outputs.to_version }} | |
tag_name: v${{ needs.check_if_version_upgraded.outputs.to_version }} | |
target_commitish: ${{ github.head_ref || github.ref }} | |
generate_release_notes: true | |
draft: false | |
prerelease: ${{ needs.check_if_version_upgraded.outputs.is_pre_release == 'true' }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
publish_on_npm: | |
runs-on: ubuntu-latest | |
needs: | |
- create_github_release | |
- check_if_version_upgraded | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.ref }} | |
- uses: actions/setup-node@v3 | |
with: | |
registry-url: https://registry.npmjs.org/ | |
- uses: bahmutov/npm-install@v1 | |
- run: yarn build | |
- run: npx -y -p [email protected] enable_short_npm_import_path | |
env: | |
DRY_RUN: "0" | |
- uses: garronej/[email protected] | |
with: | |
action_name: remove_dark_mode_specific_images_from_readme | |
- name: Publishing on NPM | |
run: | | |
if [ "$(npm show . version)" = "$VERSION" ]; then | |
echo "This version is already published" | |
exit 0 | |
fi | |
if [ "$NODE_AUTH_TOKEN" = "" ]; then | |
echo "Can't publish on NPM, You must first create a secret called NPM_TOKEN that contains your NPM auth token. https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets" | |
false | |
fi | |
EXTRA_ARGS="" | |
if [ "$IS_PRE_RELEASE" = "true" ]; then | |
EXTRA_ARGS="--tag next" | |
fi | |
npm publish $EXTRA_ARGS | |
env: | |
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}} | |
VERSION: ${{ needs.check_if_version_upgraded.outputs.to_version }} | |
IS_PRE_RELEASE: ${{ needs.check_if_version_upgraded.outputs.is_pre_release }} |