-
Notifications
You must be signed in to change notification settings - Fork 13
116 lines (108 loc) · 4.71 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: Release
# Secure execution of continuous integration jobs
# which are performed upon completion of the
# "Continuous Integration" workflow
# https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
on:
workflow_run:
workflows: ['Continuous Integration']
types: [completed]
branches: [master]
workflow_dispatch: {}
permissions:
packages: write
concurrency: release
jobs:
release:
runs-on: ubuntu-latest
if: >
(github.event.workflow_run.event == 'push' &&
github.event.workflow_run.conclusion == 'success' &&
github.event.workflow_run.head_sha == github.sha &&
(
startsWith(github.event.workflow_run.head_commit.message, 'docs') ||
startsWith(github.event.workflow_run.head_commit.message, 'feat') ||
startsWith(github.event.workflow_run.head_commit.message, 'fix') ||
startsWith(github.event.workflow_run.head_commit.message, 'refactor')
)) || github.event_name == 'workflow_dispatch'
env:
IMAGE_REPO: ghcr.io/${{ github.repository }}/storybook
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v1
with:
app_id: ${{ secrets.RELEASE_APP_ID }}
private_key: ${{ secrets.RELEASE_APP_PEM }}
- uses: actions/checkout@v3
with:
token: ${{ steps.generate_token.outputs.token }}
fetch-depth: 0
- uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'yarn'
registry-url: 'https://registry.npmjs.org'
scope: sbb-esta
- run: yarn install --frozen-lockfile --non-interactive
- name: Run build
run: yarn build:chromatic-stories && yarn build
- name: Bundle stories
run: node ./ci/bundleStories.js
- name: 'Release: Set git user'
run: |
git config --global user.name 'github-actions'
git config --global user.email '[email protected]'
- name: 'Release: Create release with standard-version'
run: yarn standard-version
- name: 'Release: Read new version'
id: version
run: echo "value=$(jq --raw-output .version ./package.json)" >> $GITHUB_OUTPUT
- name: 'Release: Push release to repository'
run: git push --follow-tags origin master
- name: 'Release: Determine npm tag'
id: npm_tag
run: echo "npm_tag=$([[ "${{ steps.version.outputs.value }}" == *"-"* ]] && echo "next" || echo "latest")" >> $GITHUB_OUTPUT
- name: 'Release: Publish @sbb-esta/lyne-components'
run: yarn publish --tag ${{ steps.npm_tag.outputs.npm_tag }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: 'Release: Assign current dependency version'
uses: actions/github-script@v6
with:
script: |
const fs = require('fs');
const path = `${process.env.GITHUB_WORKSPACE}/react-library/package.json`;
const pkgJson = fs.readFileSync(path, 'utf8');
fs.writeFileSync(path, pkgJson.replace(/0.0.0-PLACEHOLDER/g, '${{ steps.version.outputs.value }}'), 'utf8');
- name: 'Release: Publish @sbb-esta/lyne-components-react'
run: yarn publish react-library --tag ${{ steps.npm_tag.outputs.npm_tag }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Create versioned storybook for chromatic
run: STORYBOOK_COMPONENTS_VERSION=${{ steps.version.outputs.value }} yarn build:storybook
# Send storybook to chromatic. These snapshots should be accepted as new
# baseline in storybook.
- name: Publish to Chromatic
uses: chromaui/action@v1
with:
projectToken: ${{ secrets.CHROMATIC_TOKEN }}
storybookBuildDir: storybook-static
autoAcceptChanges: true
exitZeroOnChanges: true
- name: Remove chromatic stories
run: cd src && git clean -f -X
- name: Create versioned storybook for image
run: STORYBOOK_COMPONENTS_VERSION=${{ steps.version.outputs.value }} yarn build:storybook
- name: Remove files with forbidden extensions
run: node ./ci/clean-storybook-files.js
- name: 'Container: Login to GitHub Container Repository'
run: echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io --username ${{ github.actor }} --password-stdin
- name: 'Container: Build image'
run: docker build -t $IMAGE_REPO:${{ steps.version.outputs.value }} -t $IMAGE_REPO:latest .
env:
DOCKER_BUILDKIT: 1
- name: 'Container: Publish image'
run: docker push $IMAGE_REPO:${{ steps.version.outputs.value }}
- name: 'Container: Publish image as latest'
run: docker push $IMAGE_REPO:latest