Change Casing of Risk Profile Parameters (#191) #45
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| on: | |
| push: | |
| tags: | |
| - "*" | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| name: Test | |
| uses: ./.github/workflows/test.yml | |
| with: | |
| suite: default | |
| secrets: | |
| ORCHESTRATE_API_KEY: ${{ secrets.ORCHESTRATE_API_KEY }} | |
| ORCHESTRATE_IDENTITY_API_KEY: ${{ secrets.ORCHESTRATE_IDENTITY_API_KEY }} | |
| ORCHESTRATE_IDENTITY_METRICS_KEY: ${{ secrets.ORCHESTRATE_IDENTITY_METRICS_KEY }} | |
| ORCHESTRATE_IDENTITY_URL: ${{ secrets.ORCHESTRATE_IDENTITY_URL }} | |
| version: | |
| name: Version | |
| outputs: | |
| version: ${{ steps.version.outputs.version }} | |
| target: ${{ steps.version.outputs.target }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get Version | |
| id: version | |
| working-directory: typescript | |
| shell: pwsh | |
| run: | | |
| if ("${{ github.ref_type }}" -eq "tag") { | |
| $version = "${{ github.ref }}" -replace "refs/tags/(.*)", '$1' | |
| $target = "prod" | |
| } else { | |
| $version = git describe --tags --abbrev=0 | Select-Object -First 1 | |
| $versionSuffix = "dev" + "${{ github.run_number }}" | |
| $version = $version, $versionSuffix -join "-" | |
| $target = "dev" | |
| } | |
| "version=$version" >> $Env:GITHUB_OUTPUT | |
| "target=$target" >> $Env:GITHUB_OUTPUT | |
| "Building version ``$version``" >> $Env:GITHUB_STEP_SUMMARY | |
| typescript: | |
| name: Typescript | |
| needs: | |
| - test | |
| - version | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 | |
| with: | |
| node-version: 20 | |
| - name: Install dependencies | |
| working-directory: typescript | |
| run: npm install | |
| - name: Build | |
| working-directory: typescript | |
| run: npm run build | |
| - name: Set Version | |
| working-directory: typescript | |
| run: npm version ${{ needs.version.outputs.version }} | |
| - name: Deploy Proget | |
| working-directory: typescript | |
| if: needs.version.outputs.target == 'dev' | |
| run: | | |
| npm config set @careevolution:registry=https://proget.careevolution.com/npm/npm/ | |
| npm config set //proget.careevolution.com/npm/npm/:_authToken ${{ secrets.PROGET_TOKEN }} | |
| npm publish | |
| echo "Published `${{ needs.version.outputs.version }}` to internal NPM." >> $GITHUB_STEP_SUMMARY | |
| - name: Deploy NPM | |
| if: needs.version.outputs.target == 'prod' | |
| working-directory: typescript | |
| run: | | |
| npm config set //registry.npmjs.org/:_authToken ${{ secrets.NPM_TOKEN }} | |
| npm publish --access public | |
| echo "Published `${{ needs.version.outputs.version }}` to NPM." >> $GITHUB_STEP_SUMMARY | |
| python: | |
| name: Python | |
| permissions: | |
| id-token: write | |
| contents: read | |
| needs: | |
| - test | |
| - version | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Install Python | |
| id: setup-python | |
| uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 | |
| with: | |
| python-version: "3.9" | |
| - name: Install Poetry | |
| run: | | |
| curl -sSL https://install.python-poetry.org | python - | |
| echo "$HOME/.poetry/bin" >> $GITHUB_PATH | |
| - name: Copy README | |
| run: cp ./README.md python/README.md | |
| - name: Install Dependencies | |
| working-directory: python | |
| run: poetry install --no-interaction --only "main" | |
| - name: Assign Version | |
| working-directory: python | |
| run: poetry version ${{ needs.version.outputs.version }} | |
| - name: Configure Pypi Tokens | |
| shell: pwsh | |
| run: | | |
| $pypis = @( | |
| @{ Name = "testpypi"; Url = "https://test.pypi.org" } | |
| ) | |
| if ("${{ needs.version.outputs.target }}" -eq "prod") { | |
| $pypis += @{ Name = "pypi"; Url = "https://upload.pypi.org" } | |
| } | |
| $pypis | ForEach-Object { | |
| $pypiName = $_.Name | |
| $pypiUrl = $_.Url | |
| $githubToken = Invoke-RestMethod ` | |
| -Uri "${Env:ACTIONS_ID_TOKEN_REQUEST_URL}&audience=$pypiName" ` | |
| -Headers @{"Authorization" = "Bearer ${Env:ACTIONS_ID_TOKEN_REQUEST_TOKEN}"} | | |
| Select-Object -ExpandProperty value | |
| Write-Host "::add-mask::$githubToken" | |
| $pypiToken = Invoke-RestMethod ` | |
| -Method Post ` | |
| -Uri "$pypiUrl/_/oidc/github/mint-token" ` | |
| -Body (@{ token = $githubToken } | ConvertTo-Json -Compress) | | |
| Select-Object -ExpandProperty token | |
| Write-Host "::add-mask::$pypiToken" | |
| poetry config repositories.$pypiName "$pypiUrl/legacy/" | |
| poetry config pypi-token.$pypiName $pypiToken | |
| } | |
| - name: Publish Test Pypi | |
| shell: pwsh | |
| working-directory: python | |
| if: needs.version.outputs.target == 'dev' | |
| run: | | |
| poetry publish --build --no-interaction -r testpypi | |
| $version = poetry version | |
| Write-Host "Published ``$version`` to test PyPI." >> $Env:GITHUB_STEP_SUMMARY | |
| - name: Publish Pypi | |
| shell: pwsh | |
| if: needs.version.outputs.target == 'prod' | |
| working-directory: python | |
| run: | | |
| poetry publish --build --no-interaction -r pypi | |
| $version = poetry version | |
| Write-Host "Published ``$version`` to Pypi." >> $Env:GITHUB_STEP_SUMMARY |