build(deps): bump the patches group across 3 directories with 30 upda… #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Run after merge to trunk | |
# Note that this relies on branch protection having: | |
# Require branches to be up to date before merging | |
on: | |
push: | |
branches: | |
# $default-branch | |
- master | |
- 'release-*' | |
- 'dev-*' | |
workflow_dispatch: | |
jobs: | |
build: | |
if: ${{ github.repository_owner == 'agoric' }} | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
node-version: ['18.x', '20.x'] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: 'true' | |
- uses: ./.github/actions/restore-node | |
with: | |
node-version: ${{ matrix.node-version}} | |
- name: notify on failure | |
if: failure() | |
uses: ./.github/actions/notify-status | |
with: | |
from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
dev-canary: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
# note: only use one node-version | |
node-version: ['18.x'] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ./.github/actions/restore-node | |
with: | |
node-version: ${{ matrix.node-version }} | |
# Adapted from https://johnny.sh/notes/publish-canary-lerna-cicd/ | |
- name: configure NPM token | |
run: | | |
echo "//registry.npmjs.org/:_authToken=${NPM_TOKEN}" > ~/.npmrc | |
env: | |
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
- name: check credentials | |
run: npm whoami | |
- name: publish to NPM tag | |
run: | | |
case $GITHUB_REF_NAME in | |
release-*) | |
# A pre-release. | |
TAG=${GITHUB_REF_NAME#release-}-dev | |
;; | |
dev-*) | |
# A pre-release while our release branch is straying from master | |
TAG=${GITHUB_REF_NAME#dev-}-dev | |
;; | |
master) | |
# A trunk dev release. | |
TAG=dev | |
;; | |
*) | |
# Some other dev release. | |
TAG=other-dev | |
;; | |
esac | |
# Prevent `lerna publish` from failing due to uncommitted changes. | |
git stash || true | |
# without concurrency until https://github.com/Agoric/agoric-sdk/issues/8091 | |
yarn lerna publish --concurrency 1 --conventional-prerelease --canary --exact \ | |
--dist-tag=$TAG --preid=$TAG-$(git rev-parse --short=7 HEAD) \ | |
--no-push --no-verify-access --yes | |
# restore any stashed changes for caching | |
git stash pop || true | |
- name: notify on failure | |
if: failure() | |
uses: ./.github/actions/notify-status | |
with: | |
from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
coverage: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
# note: only use one node-version | |
node-version: ['18.x'] | |
if: ${{github.event_name == 'push' }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ./.github/actions/restore-node | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: generate coverage for all tests | |
run: 'yarn test:c8-all || :' | |
- name: generate coverage/html reports | |
run: mkdir -p coverage/tmp && yarn c8 report --reporter=html-spa --reports-dir=coverage/html --temp-directory=coverage/tmp | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: coverage | |
path: coverage | |
- name: Find Netlify site ID | |
run: | | |
echo "NETLIFY_SITE_ID=$(cat COVERAGE_NETLIFY_SITE_ID)" >> $GITHUB_ENV | |
- uses: nwtgck/actions-netlify@v1.1 | |
with: | |
# Production deployment if a push or merged PR. | |
production-deploy: ${{ github.event_name == 'push' && github.ref_name == 'master' }} | |
publish-dir: coverage/html | |
# SECURITY: we don't want to hand out the Github token to this action. | |
# github-token: ${{ secrets.GITHUB_TOKEN }} | |
env: | |
NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }} | |
- name: notify on failure | |
if: failure() | |
uses: ./.github/actions/notify-status | |
with: | |
from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
benchmark: | |
needs: build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
# note: only use one node-version | |
node-version: ['18.x'] | |
if: ${{github.event_name == 'push'}} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ./.github/actions/restore-node | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: benchmark changes | |
env: | |
AUTOBENCH_METRICS_URL: ${{ secrets.AUTOBENCH_METRICS_URL }} | |
run: cd packages/swingset-runner && yarn ci:autobench | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: benchmarkstats.json | |
path: packages/swingset-runner/benchstats*.json | |
- name: notify on failure | |
if: failure() | |
uses: ./.github/actions/notify-status | |
with: | |
from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} | |
webhook: ${{ secrets.SLACK_WEBHOOK_URL }} |