Test ➤ Publish to NPM #1007
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI & Release | |
| # Workflow name based on selected inputs. Fallback to default Github naming when expression evaluates to empty string | |
| run-name: >- | |
| ${{ | |
| inputs.release && 'Test ➤ Publish to NPM' || | |
| 'Test' | |
| }} | |
| on: | |
| # Build on pushes to release branches | |
| push: | |
| branches: [main] | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| release: | |
| description: "Publish new release" | |
| required: true | |
| default: false | |
| type: boolean | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read # for checkout | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| # We test on all of the maintained versions: https://nodejs.org/en/about/releases/ | |
| strategy: | |
| matrix: | |
| node-version: ["lts/-1", "lts/*", "current"] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| id: node | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Use Node.js ${{ steps.node.outputs.node-version }} | |
| run: npm install | |
| - run: npm run-script prettify-check | |
| - run: npm run test:generate | |
| - run: npm test | |
| env: | |
| CI: true | |
| - run: npm run build | |
| release: | |
| permissions: | |
| id-token: write # to enable use of OIDC for npm provenance | |
| name: Semantic release | |
| needs: build | |
| # only run if opt-in during workflow_dispatch | |
| if: github.event.inputs.release == 'true' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/create-github-app-token@v1 | |
| id: app-token | |
| with: | |
| app-id: ${{ secrets.ECOSPARK_APP_ID }} | |
| private-key: ${{ secrets.ECOSPARK_APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| # Need to fetch entire commit history to | |
| # analyze every commit since last release | |
| fetch-depth: 0 | |
| # Uses generated token to allow pushing commits back | |
| token: ${{ steps.app-token.outputs.token }} | |
| # Make sure the value of GITHUB_TOKEN will not be persisted in repo's config | |
| persist-credentials: false | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: lts/* | |
| cache: npm | |
| - run: npm ci | |
| - run: npx semantic-release | |
| # Don't allow interrupting the release step if the job is cancelled, as it can lead to an inconsistent state | |
| # e.g. git tags were pushed but it exited before `npm publish` | |
| if: always() | |
| env: | |
| NPM_CONFIG_PROVENANCE: true | |
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | |
| NPM_TOKEN: ${{ secrets.NPM_PUBLISH_TOKEN }} |