Skip to content

feat: adding secrets remove handler #87

feat: adding secrets remove handler

feat: adding secrets remove handler #87

Workflow file for this run

name: CI / Merge
on:
push:
branches:
- staging
- feature*
jobs:
check-lint:
name: "Check / Lint"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run linting
run: |
npm install
npm run lint
npm run lint-shell
check-build:
name: "Check / Build"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run build
run: |
npm install
npm run build --verbose
check-matrix:
name: "Check / Matrix"
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- id: set-matrix
run: |
files=$(find tests/* -maxdepth 0 -type d | sed 's/.*/"&"/' | paste -sd, -)
files=$files,$(find tests/* -maxdepth 0 -type f | grep -e "/*.test.ts" | sed 's/.*/"&"/' | paste -sd, -)
if [ -z "$files" ]; then
echo "matrix={\"shard\":[]}" >> $GITHUB_OUTPUT
else
echo "matrix={\"shard\":[$files]}" >> $GITHUB_OUTPUT
fi
check-test:
name: "Check / Test"
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix: ${{fromJson(needs.check-matrix.outputs.matrix)}}
needs: check-matrix
steps:
- uses: actions/checkout@v4
- name: Set artifact name
run: echo "SLUG=$(echo ${{ matrix.shard }} | sed 's/[/.]/-/g')" >> $GITHUB_ENV
- name: Run tests
run: |
npm install
npm run test -- \
--coverageReporters json \
--coverage \
"${{ matrix.shard }}"
mv tmp/coverage/coverage-final.json "tmp/coverage/${{ env.SLUG }}.json"
- uses: actions/upload-artifact@v4
with:
name: coverage-artifacts-${{ env.SLUG }}
path: tmp/coverage/
check-coverage:
name: "Check / Coverage"
runs-on: ubuntu-latest
needs: check-test
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
pattern: coverage-artifacts-*
path: tmp/coverage/
merge-multiple: true
- name: Merge coverage results
run: npx nyc merge tmp/coverage/ tmp/coverage/cobertura-coverage.json
- uses: actions/upload-artifact@v4
with:
name: cobertura-coverage
path: tmp/coverage/cobertura-coverage.json
build-pull:
name: "Build / Pull Request"
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/staging'
steps:
- uses: actions/checkout@v4
- name: Create pull request
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
run: |
gh pr create \
--head staging \
--base master \
--title "ci: merge staging to master" \
--body "This is an automatic PR generated by the CI/CD pipeline. This will be automatically fast-forward merged if successful." \
--assignee "@me" \
--no-maintainer-edit || true
printf "Pipeline Attempt on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \
| gh pr comment staging \
--body-file - \
--repo "$GITHUB_REPOSITORY"
integration-merge:
name: "Integration / Merge"
runs-on: ubuntu-latest
concurrency:
group: integration-merge
cancel-in-progress: true
needs:
- check-lint
- check-build
- check-test
- build-pull
if: github.ref == 'refs/heads/staging'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GH_TOKEN }}
- name: Merge into master
env:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
GIT_AUTHOR_EMAIL: ${{ secrets.GIT_AUTHOR_EMAIL }}
GIT_AUTHOR_NAME: ${{ secrets.GIT_AUTHOR_NAME }}
GIT_COMMITTER_EMAIL: ${{ secrets.GIT_COMMITTER_EMAIL }}
GIT_COMMITTER_NAME: ${{ secrets.GIT_COMMITTER_NAME }}
run: |
printf "Pipeline Succeeded on $GITHUB_RUN_ID for $GITHUB_SHA\n\n$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" \
| gh pr comment staging \
--body-file - \
--repo "$GITHUB_REPOSITORY"
git checkout master
git merge --ff-only "$GITHUB_SHA"
git push origin master