-
-
Notifications
You must be signed in to change notification settings - Fork 15
162 lines (141 loc) · 5.75 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
name: "Release"
on:
workflow_dispatch:
inputs:
release:
type: choice
description: "Version as:"
required: true
options:
- template
- application
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
GITHUB_EMAIL: ${{ secrets.GH_EMAIL }}
DOCKER_USER: ${{ secrets.DOCKER_USER }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
jobs:
release:
runs-on: ubuntu-latest
strategy:
matrix:
node: [ '20.18.0' ]
name: "Release"
steps:
- name: "⚙ Set up NodeJS v${{ matrix.node }}"
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- name: "✅ Checkout repository"
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: "💾 Restore Dependencies from cache"
uses: actions/cache@v4
with:
path: |
node_modules
*/*/node_modules
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: "🦉 GitGuardian scan"
uses: GitGuardian/ggshield-action@master
env:
GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }}
GITHUB_PUSH_BASE_SHA: ${{ github.event.base }}
GITHUB_PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }}
GITHUB_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }}
- name: "📦 Install packages"
run: yarn install
- name: "💅 Lint"
run: yarn lint
- name: "🔨 Build"
run: yarn build
- name: "👨💻 Run Test"
run: yarn test
env:
NODE_ENV: 'test'
- name: "📊 Publish Test Report"
uses: dorny/test-reporter@v1
if: success() || failure()
with:
name: "Test Report (${{ matrix.node }})"
path: './junit.xml'
reporter: jest-junit
- name: "📊 Upload coverage report to Codecov"
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: "📊 SonarCloud Scan"
uses: sonarsource/[email protected]
with:
args: >
-Dsonar.organization=${{ github.repository_owner }}
-Dsonar.projectKey=${{ github.repository_owner }}_${{ github.event.repository.name }}
-Dsonar.projectName=${{ github.repository_owner }}_${{ github.event.repository.name }}
-Dsonar.projectVersion=1.0
-Dsonar.sourceEncoding=UTF-8
-Dsonar.sources=./src
-Dsonar.exclusions=**/*.bin,node_modules/**,test/**,**/__test__/**,**/__mocks__/**,src/main.ts
-Dsonar.coverage.exclusions=node_modules/**,test/**,**/__test__/**,**/__mocks__/**,src/main.ts
-Dsonar.testExecutionReportPaths=test-report.xml
-Dsonar.javascript.lcov.reportPaths=./coverage/lcov.info
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
#- name: "🦠 Snyk to check for vulnerabilities"
# uses: snyk/actions/node@master
# env:
# SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: "🏷️ Create Release"
id: Release
run: |
git config --global user.name "GitHub CI/CD bot"
git config --global user.email "${GITHUB_EMAIL}"
if ${{github.event.inputs.release == 'template'}}; then
yarn release --packageFiles 'version.txt' --bumpFiles 'version.txt'
else
yarn release
fi
git push --follow-tags origin master
tag=$(git describe --tags $(git rev-list --tags --max-count=1))
echo "tag=$tag" >> $GITHUB_OUTPUT
- name: "📄 Create Changelog"
uses: Bullrich/generate-release-changelog@master
id: Changelog
env:
REPO: ${{ github.repository }}
- name: "🚀 Publish Release"
uses: actions/create-release@v1
with:
tag_name: "${{steps.Release.outputs.tag}}"
release_name: "${{steps.Release.outputs.tag}}"
body: |
${{ steps.Changelog.outputs.changelog }}
---
> 💬 All notable changes to this project will be documented in [Changelog](${{ github.event.repository.html_url }}/blob/master/CHANGELOG.md) file.
draft: false
prerelease: false
- name: "🔁 Rebase"
run: |
git remote set-url origin "https://github.com/${{ github.repository }}.git"
git config --global user.name "GitHub CI/CD bot"
git config --global user.email "${GITHUB_EMAIL}"
git config pull.rebase true
git fetch
git checkout develop
git pull
git merge --no-ff -m "ci(rebase): merge master" origin/master
git push -f
- name: "🐳 Docker"
run: |
docker login -u ${DOCKER_USER} -p ${DOCKER_PASSWORD}
docker build --build-arg NODE_VERSION=${{ matrix.node }}-alpine -t ${{ github.event.repository.name }} .
docker tag ${{ github.event.repository.name }} ${DOCKER_USER}/${{ github.event.repository.name }}:${{ github.sha }}
docker tag ${{ github.event.repository.name }} ${DOCKER_USER}/${{ github.event.repository.name }}:${{steps.Release.outputs.tag}}
docker tag ${{ github.event.repository.name }} ${DOCKER_USER}/${{ github.event.repository.name }}:latest
docker push ${DOCKER_USER}/${{ github.event.repository.name }}:${{ github.sha }}
docker push ${DOCKER_USER}/${{ github.event.repository.name }}:${{steps.Release.outputs.tag}}
docker push ${DOCKER_USER}/${{ github.event.repository.name }}:latest