Lock file maintenance #1632
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: [push] | |
jobs: | |
# | |
# dependencies job | |
# | |
dependencies: | |
name: Dependencies | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Node.js and NPM | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .nvmrc | |
cache: npm | |
always-auth: true | |
registry-url: https://registry.npmjs.org | |
- name: Install dependencies with NPM | |
run: npm ci | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.BUILD_USER_TOKEN || github.token }} | |
- name: Archive node_modules | |
run: tar --use-compress-program "zstd -T0 --long=31 -1" -cf node_modules.tar.zstd -P node_modules | |
- name: Persisting node_modules artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: node_modules.tar.zstd | |
path: node_modules.tar.zstd | |
retention-days: 2 | |
# | |
# lint job | |
# | |
lint: | |
runs-on: ubuntu-latest | |
needs: [dependencies] | |
steps: | |
# Setup | |
- uses: actions/checkout@v4 | |
with: | |
token: ${{ secrets.BUILD_USER_TOKEN || github.token }} # allows commit of any fixes to trigger a new workflow run | |
- uses: actions/checkout@v4 | |
- name: Setup Node.js and NPM | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .nvmrc | |
- name: Restore node_modules artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: node_modules.tar.zstd | |
- name: Unarchive node_modules | |
run: tar --use-compress-program "zstd -d --long=31" -xf node_modules.tar.zstd | |
# Commit Signing | |
- name: Import build user's GPG key | |
env: | |
GPG_KEY: ${{ secrets.BUILD_USER_GPG_KEY }} | |
GPG_KEY_PASSPHRASE: ${{ secrets.BUILD_USER_GPG_KEY_PASSPHRASE }} | |
if: env.GPG_KEY != null && env.GPG_KEY_PASSPHRASE != null | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
gpg_private_key: ${{ env.GPG_KEY }} | |
passphrase: ${{ env.GPG_KEY_PASSPHRASE }} | |
git_user_signingkey: true | |
git_commit_gpgsign: true | |
# Lint | |
- name: Run linters | |
uses: wearerequired/lint-action@v2 | |
with: | |
prettier: true | |
eslint: true | |
eslint_args: "--ext '.ts,.js' --ignore-path '.gitignore' --ignore-pattern '.github/*'" | |
continue_on_error: false | |
auto_fix: ${{ secrets.BUILD_USER_TOKEN && 'true' || 'false' }} | |
git_name: equabot | |
git_email: [email protected] | |
# | |
# build job | |
# | |
build: | |
runs-on: ubuntu-latest | |
needs: [dependencies] | |
steps: | |
# Setup | |
- uses: actions/checkout@v4 | |
- name: Setup Node.js and NPM | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .nvmrc | |
- name: Restore node_modules artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: node_modules.tar.zstd | |
- name: Unarchive node_modules | |
run: tar --use-compress-program "zstd -d --long=31" -xf node_modules.tar.zstd | |
# Build | |
- name: Build application | |
run: npm run build | |
env: | |
CI: true | |
- name: Check build worked correctly | |
run: | | |
if [ ! -f ./dist/index.js ]; then | |
echo "Something went wrong: no ./dist/index.js file was built!" | |
exit 1 | |
else | |
echo "Build appears to be successful: ./dist/index.js was created" | |
fi | |
# | |
# test job | |
# | |
test: | |
runs-on: ubuntu-latest | |
needs: [dependencies] | |
steps: | |
# Setup | |
- uses: actions/checkout@v4 | |
- name: Setup Node.js and NPM | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .nvmrc | |
- name: Restore node_modules artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: node_modules.tar.zstd | |
- name: Unarchive node_modules | |
run: tar --use-compress-program "zstd -d --long=31" -xf node_modules.tar.zstd | |
# Tests | |
- name: Run project tests | |
run: npm run test | |
env: | |
CI: true |