edited workflow #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
push: | |
branches: | |
- main | |
env: | |
THIRD_PARTY_GIT_AUTHOR_EMAIL: [email protected] | |
THIRD_PARTY_GIT_AUTHOR_NAME: nr-opensource-bot | |
jobs: | |
job-test-unit: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Setup Node | |
uses: actions/setup-node@v2 | |
with: | |
node-version: 16 | |
- name: Cache node_modules | |
id: cache-node-modules | |
uses: actions/cache@v2 | |
env: | |
cache-name: node-modules | |
with: | |
path: ~/.npm | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-${{ env.cache-name }}- | |
- name: Install Dependencies | |
run: npm ci | |
- name: Lint | |
run: npm run lint | |
- name: Typescript Build | |
run: npm run build | |
- name: NCC Package | |
run: npm run package | |
- name: Test | |
run: npm run test | |
- name: Coverage | |
uses: codecov/codecov-action@v1 | |
job-test-system: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Cache Docker layers | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Docker Build | |
uses: docker/build-push-action@v2 | |
with: | |
tags: ${{ github.repository }}:latest | |
load: true | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
- name: Run Action (JSON) | |
id: repolinter-json | |
run: > | |
docker run -t | |
-v ${{ github.workspace }}:/github/workspace -w /github/workspace | |
-e INPUT_DIRECTORY=/github/workspace | |
-e INPUT_TOKEN=${{ github.token }} | |
-e INPUT_USERNAME=app/github-actions | |
-e INPUT_CONFIG_FILE=./.github/workflows/test-rulesets/repolinter-test.json | |
-e INPUT_REPOSITORY=${{ github.repository }} | |
-e INPUT_OUTPUT_TYPE=exit-code | |
-e INPUT_OUTPUT_NAME="[Repolinter] Open Source Policy Issues" | |
-e INPUT_LABEL_NAME=repolinter | |
-e INPUT_LABEL_COLOR=fbca04 | |
-e GITHUB_RUN_NUMBER=${{ github.run_number }} | |
-e GITHUB_ACTION=true | |
${{ github.repository }}:latest | |
- name: Verify Outputs | |
env: | |
DID_ERROR: ${{ steps.repolinter-json.outputs.errored }} | |
DID_PASS: ${{ steps.repolinter-json.outputs.passed }} | |
shell: bash | |
run: '[ "$DID_ERROR" = "false" ] && [ "$DID_PASS" = "true" ]' | |
- name: Run Action (YAML) | |
id: repolinter-yaml | |
run: > | |
docker run -t | |
-v ${{ github.workspace }}:/github/workspace -w /github/workspace | |
-e INPUT_DIRECTORY=/github/workspace | |
-e INPUT_TOKEN=${{ github.token }} | |
-e INPUT_USERNAME=app/github-actions | |
-e INPUT_CONFIG_FILE=./.github/workflows/test-rulesets/repolinter-test.yaml | |
-e INPUT_REPOSITORY=${{ github.repository }} | |
-e INPUT_OUTPUT_TYPE=exit-code | |
-e INPUT_OUTPUT_NAME="[Repolinter] Open Source Policy Issues" | |
-e INPUT_LABEL_NAME=repolinter | |
-e INPUT_LABEL_COLOR=fbca04 | |
-e GITHUB_RUN_NUMBER=${{ github.run_number }} | |
-e GITHUB_ACTION=true | |
${{ github.repository }}:latest | |
- name: Verify Outputs | |
env: | |
DID_ERROR: ${{ steps.repolinter-yaml.outputs.errored }} | |
DID_PASS: ${{ steps.repolinter-yaml.outputs.passed }} | |
shell: bash | |
run: '[ "$DID_ERROR" = "false" ] && [ "$DID_PASS" = "true" ]' | |
job-generate-third-party-notices: | |
runs-on: ubuntu-latest | |
needs: [job-test-unit, job-test-system] | |
steps: | |
# Checkout fetch-depth: 2 because there's a check to see if package.json | |
# was updated, and need at least 2 commits for the check to function properly | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 2 | |
- name: Setup Node.js | |
uses: actions/setup-node@v2 | |
with: | |
node-version: 16 | |
- name: Download Cached Deps | |
id: cache-node-modules | |
uses: actions/cache@v2 | |
env: | |
cache-name: node-modules | |
with: | |
path: ~/.npm | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-${{ env.cache-name }}- | |
- name: Install Dependencies | |
run: npm ci | |
- name: Install OSS CLI | |
run: | | |
sudo npm install -g @newrelic/newrelic-oss-cli | |
- name: Generate Third Party Notices | |
run: | | |
if [ ! -f "third_party_manifest.json" ]; then | |
echo "::error::third_party_manifest.json is missing. Must generate using the newrelic-oss-cli." | |
exit 1 | |
fi | |
# latest commit | |
LATEST_COMMIT=$(git rev-parse HEAD) | |
# latest commit where package.json was changed | |
LAST_CHANGED_COMMIT=$(git log -1 --format=format:%H --full-diff package.json) | |
if [ $LAST_CHANGED_COMMIT = $LATEST_COMMIT ]; then | |
git config user.email "${{ env.THIRD_PARTY_GIT_AUTHOR_EMAIL }}" | |
git config user.name "${{ env.THIRD_PARTY_GIT_AUTHOR_NAME }}" | |
oss third-party manifest | |
oss third-party notices | |
git add third_party_manifest.json | |
git add THIRD_PARTY_NOTICES.md | |
git commit -m 'chore: update third-party manifest and notices [skip ci]' | |
git push origin ${GITHUB_REF#/refs/heads/} | |
else | |
echo "No change in package.json, not regenerating third-party notices" | |
fi | |
job-generate-release: | |
runs-on: ubuntu-latest | |
needs: [job-test-unit, job-test-system, job-generate-third-party-notices] | |
steps: | |
# Checkout ref: main because previous job committed third_party_notices and | |
# we need to checkout main to pick up that commit | |
- name: Checkout repo | |
uses: actions/checkout@v3 | |
with: | |
ref: main | |
- name: Setup Node.js | |
uses: actions/setup-node@v2 | |
with: | |
node-version: 16 | |
- name: Download Cached Deps | |
id: cache-node-modules | |
uses: actions/cache@v2 | |
env: | |
cache-name: node-modules | |
with: | |
path: ~/.npm | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} | |
restore-keys: | | |
${{ runner.os }}-${{ env.cache-name }}- | |
- name: Install Dependencies | |
run: npm ci | |
- name: Build | |
run: npm run build | |
- name: Package | |
run: npm run package | |
- name: Semantic Release | |
id: semantic | |
uses: cycjimmy/semantic-release-action@v3 | |
with: | |
extra_plugins: | | |
@semantic-release/git | |
@semantic-release/changelog | |
@semantic-release/exec | |
env: | |
# Use nr-opensource-bot for authoring commits done by | |
# semantic-release (rather than using @semantic-release-bot) | |
GIT_AUTHOR_NAME: ${{ env.THIRD_PARTY_GIT_AUTHOR_NAME }} | |
GIT_AUTHOR_EMAIL: ${{ env.THIRD_PARTY_GIT_AUTHOR_EMAIL }} | |
GIT_COMMITTER_NAME: ${{ env.THIRD_PARTY_GIT_AUTHOR_NAME }} | |
GIT_COMMITTER_EMAIL: ${{ env.THIRD_PARTY_GIT_AUTHOR_EMAIL }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Cache Docker layers | |
if: steps.semantic.outputs.new_release_published == 'true' | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Set up Docker Buildx | |
if: steps.semantic.outputs.new_release_published == 'true' | |
uses: docker/setup-buildx-action@v1 | |
- name: Login to GitHub Container Registry | |
if: steps.semantic.outputs.new_release_published == 'true' | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Gather Docker Labels | |
if: steps.semantic.outputs.new_release_published == 'true' | |
id: docker_meta | |
uses: crazy-max/ghaction-docker-meta@v2 | |
with: | |
images: ghcr.io/${{ github.repository }} | |
- name: Build and Push to GitHub Container Registry | |
if: steps.semantic.outputs.new_release_published == 'true' | |
uses: docker/build-push-action@v2 | |
with: | |
context: . | |
push: true | |
labels: ${{ steps.docker_meta.outputs.labels }} | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
tags: >- | |
ghcr.io/${{ github.repository }}:latest, | |
ghcr.io/${{ github.repository }}:v${{ steps.semantic.outputs.new_release_major_version }}.${{ steps.semantic.outputs.new_release_minor_version }}, | |
ghcr.io/${{ github.repository }}:v${{ steps.semantic.outputs.new_release_major_version }}.${{ steps.semantic.outputs.new_release_minor_version }}.${{ steps.semantic.outputs.new_release_patch_version }} | |
- name: Update Major Version Tag | |
if: steps.semantic.outputs.new_release_published == 'true' | |
run: "git push https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git HEAD:refs/heads/v${{steps.semantic.outputs.new_release_major_version}}" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |