Feat: select disclosure for present (#153) #13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build-test-publish-on-push-cached | |
on: | |
workflow_dispatch: | |
pull_request: | |
branches: | |
- 'main' | |
- 'next' | |
- 'unstable' | |
push: | |
branches: | |
- 'main' | |
- 'next' | |
- 'unstable' | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
- uses: pnpm/action-setup@v3 | |
with: | |
version: 8 | |
- run: pnpm add -g pnpm | |
- name: 'Setup Node.js with pnpm cache' | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
cache: 'pnpm' | |
- run: pnpm install | |
- run: pnpm build | |
- name: 'Save build output' | |
uses: actions/cache/save@v4 | |
with: | |
path: ${{ github.workspace }} | |
key: ${{ runner.os }}-build-${{ github.sha }}-${{ github.run_id }} | |
test: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
node-version: ['16.x', '18.x', '20.x'] | |
steps: | |
- uses: pnpm/action-setup@v3 | |
with: | |
version: 8 | |
- run: pnpm add -g pnpm | |
- name: 'Restore build output' | |
uses: actions/cache/restore@v4 | |
with: | |
path: ${{ github.workspace }} | |
key: ${{ runner.os }}-build-${{ github.sha }}-${{ github.run_id }} | |
restore-keys: ${{ runner.os }}-build-${{ github.sha }} | |
fail-on-cache-miss: true | |
- name: 'Setup Node.js with pnpm cache' | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'pnpm' | |
- name: 'Run node' | |
run: pnpm test | |
- uses: actions/upload-artifact@v4 | |
# we are only uploading the 20 coverage report so we do not have to merge them in the next step. | |
if: matrix.node-version == '20.x' | |
with: | |
name: coverage-artifacts | |
path: coverage/ | |
report-coverage: | |
runs-on: ubuntu-latest | |
needs: [test] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
- uses: actions/download-artifact@v4 | |
with: | |
name: coverage-artifacts | |
path: coverage | |
- uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
fail_ci_if_error: true | |
lint: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- uses: pnpm/action-setup@v3 | |
with: | |
version: 8 | |
- run: pnpm add -g pnpm | |
- name: 'Restore build output' | |
uses: actions/cache/restore@v4 | |
with: | |
path: ${{ github.workspace }} | |
key: ${{ runner.os }}-build-${{ github.sha }}-${{ github.run_id }} | |
restore-keys: ${{ runner.os }}-build-${{ github.sha }} | |
fail-on-cache-miss: true | |
- name: 'Setup Node.js with pnpm cache' | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
cache: 'pnpm' | |
# we are not using the github action for biome, but the package.json script. this makes sure we are using the same versions. | |
- name: Run Biome | |
run: pnpm run biome:ci | |
# Only run this job when the push is on main, next or unstable | |
publish: | |
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/next' || github.ref == 'refs/heads/unstable') | |
# needs permissions to write tags to the repository | |
permissions: | |
contents: write | |
needs: | |
- build | |
- test | |
- lint | |
env: | |
NPM_TOKEN: ${{secrets.NPM_TOKEN }} | |
NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN }} | |
GH_TOKEN: ${{secrets.GITHUB_TOKEN }} | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN }} | |
GH_USER: github-actions | |
GH_EMAIL: [email protected] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
token: ${{secrets.GITHUB_TOKEN }} | |
- uses: pnpm/action-setup@v3 | |
with: | |
version: 8 | |
- run: pnpm add -g pnpm | |
- name: 'Setup Node.js with pnpm cache' | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
cache: 'pnpm' | |
- name: 'Restore build output' | |
uses: actions/cache/restore@v4 | |
with: | |
path: ${{ github.workspace }} | |
key: ${{ runner.os }}-build-${{ github.sha }}-${{ github.run_id }} | |
restore-keys: ${{ runner.os }}-build-${{ github.sha }} | |
fail-on-cache-miss: true | |
- name: 'Setup git coordinates' | |
run: | | |
git remote set-url origin https://${{github.actor}}:${{secrets.GITHUB_TOKEN}}@github.com/${{ github.repository }}.git | |
git config user.name $GH_USER | |
git config user.email $GH_EMAIL | |
- name: 'Setup npm registry' | |
run: | | |
echo "@sd-jwt:registry=https://registry.npmjs.org/" > .npmrc | |
echo "registry=https://registry.npmjs.org/" >> .npmrc | |
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> .npmrc | |
npm whoami | |
- name: 'Publish @latest when on main' | |
if: github.ref == 'refs/heads/main' | |
run: pnpm publish:latest | |
- name: 'Publish @next when on next' | |
if: github.ref == 'refs/heads/next' | |
run: pnpm publish:next | |
- name: 'Publish @unstable when on unstable branch' | |
if: github.ref == 'refs/heads/unstable' | |
run: pnpm publish:unstable |