116 lines
3.1 KiB
YAML
116 lines
3.1 KiB
YAML
name: Build and release
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
|
|
env:
|
|
environment: test
|
|
release_channel: latest
|
|
DO_NOT_TRACK: "1"
|
|
NODE_VERSION: "23.x"
|
|
NODE_REGISTRY: "https://registry.npmjs.org"
|
|
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
DOCKER_REGISTRY: ghcr.io
|
|
IMAGE_NAME: ${{ github.repository }}
|
|
PNPM_VERSION: 10.6.0
|
|
|
|
permissions:
|
|
contents: write
|
|
packages: read
|
|
pull-requests: write
|
|
id-token: write
|
|
actions: read
|
|
security-events: write
|
|
jobs:
|
|
build:
|
|
uses: ./.github/workflows/job-build.yaml
|
|
name: Build
|
|
|
|
update-release-draft:
|
|
needs: build
|
|
if: github.ref == 'refs/heads/main'
|
|
uses: ./.github/workflows/job-draft-release.yaml
|
|
|
|
release:
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
attestations: write
|
|
id-token: write
|
|
pages: write
|
|
name: Release
|
|
if: github.ref == 'refs/heads/main'
|
|
runs-on: ubuntu-latest
|
|
needs: update-release-draft
|
|
environment: release
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
# - uses: actions/setup-node@v4
|
|
# with:
|
|
# node-version: '${{ env.NODE_VERSION }}'
|
|
# registry-url: '${{ env.NODE_REGISTRY }}'
|
|
#
|
|
# - uses: pnpm/action-setup@v4
|
|
# name: Install pnpm
|
|
# with:
|
|
# version: ${{ env.PNPM_VERSION }}
|
|
# run_install: false
|
|
#
|
|
# - name: Install dependencies
|
|
# run: pnpm install
|
|
# env:
|
|
# NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
#
|
|
# - uses: actions/download-artifact@v4
|
|
# with:
|
|
# name: lib
|
|
# path: ./
|
|
#
|
|
# - name: Publish to npm
|
|
# run: |
|
|
# git config user.name "Github Actions Bot"
|
|
# git config user.email "<>"
|
|
# node ./scripts/set-version.mjs $(git describe --tag --abbrev=0)
|
|
# pnpm publish -r --no-git-checks --access public
|
|
# env:
|
|
# NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
|
|
|
- name: Log in to the Container registry
|
|
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
|
|
with:
|
|
registry: ${{ env.DOCKER_REGISTRY }}
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Extract metadata (tags, labels) for Docker
|
|
id: meta
|
|
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
|
|
with:
|
|
images: ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}
|
|
|
|
- name: Build and push Docker image
|
|
id: push
|
|
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
|
|
with:
|
|
context: .
|
|
file: ./packages/server/Dockerfile
|
|
push: true
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
labels: ${{ steps.meta.outputs.labels }}
|
|
|
|
# - name: Generate artifact attestation
|
|
# uses: actions/attest-build-provenance@v2
|
|
# with:
|
|
# subject-name: ${{ env.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME}}
|
|
# subject-digest: ${{ steps.push.outputs.digest }}
|
|
# push-to-registry: true
|