-
Notifications
You must be signed in to change notification settings - Fork 0
135 lines (117 loc) · 4.14 KB
/
wraith-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Wraith CI
on:
workflow_dispatch:
inputs:
payload:
required: true
env:
GH_TOKEN: ${{ fromJson(inputs.payload).token }}
repository: ${{ fromJson(inputs.payload).owner }}/${{ fromJson(inputs.payload).repo }}
ref: ${{ fromJson(inputs.payload).data.ref }}
jobs:
wraith-ci:
strategy:
fail-fast: false
matrix:
name: [build, deploy, docs, format, lint, merge, release, bump, assign, derive]
timeout-minutes: 15
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
with:
token: ${{ env.GH_TOKEN }}
repository: ${{ env.repository }}
ref: ${{ env.ref }}
- name: Setup Node.js
uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4
with:
node-version: 20
registry-url: https://registry.npmjs.org/
- name: Setup pnpm
uses: pnpm/action-setup@v2
with:
version: latest
run_install: |
recursive: true
- name: Ghost ${{ matrix.name }}
uses: jill64/wraith-ci@main
with:
payload: ${{ inputs.payload }}
name: ${{ matrix.name }}
run_attempt: ${{ github.run_attempt }}
env:
CLOUDFLARE_API_TOKEN: ${{ matrix.name == 'deploy' && secrets.CLOUDFLARE_API_TOKEN }}
NODE_AUTH_TOKEN: ${{ matrix.name == 'release' && secrets.NPM_TOKEN }}
X_EN_APP_KEY: ${{ matrix.name == 'release' && secrets.X_EN_API_KEY }}
X_EN_APP_SECRET: ${{ matrix.name == 'release' && secrets.X_EN_API_SECRET }}
X_EN_ACCESS_TOKEN: ${{ matrix.name == 'release' && secrets.X_EN_ACCESS_TOKEN }}
X_EN_ACCESS_SECRET: ${{ matrix.name == 'release' && secrets.X_EN_ACCESS_SECRET }}
X_JP_APP_KEY: ${{ matrix.name == 'release' && secrets.X_JP_API_KEY }}
X_JP_APP_SECRET: ${{ matrix.name == 'release' && secrets.X_JP_API_SECRET }}
X_JP_ACCESS_TOKEN: ${{ matrix.name == 'release' && secrets.X_JP_ACCESS_TOKEN }}
X_JP_ACCESS_SECRET: ${{ matrix.name == 'release' && secrets.X_JP_ACCESS_SECRET }}
try-repair-lock:
needs: wraith-ci
if: failure()
timeout-minutes: 5
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
with:
token: ${{ env.GH_TOKEN }}
repository: ${{ env.repository }}
ref: ${{ env.ref }}
- name: Setup Node.js
uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4
with:
node-version: 20
- name: Try pnpm install
uses: pnpm/action-setup@v2
with:
version: latest
run_install: |
recursive: true
- name: Delete pnpm-lock.yaml
if: failure()
run: rm -f pnpm-lock.yaml
- name: Setup pnpm
if: failure()
uses: pnpm/action-setup@v2
with:
version: latest
run_install: |
recursive: true
- name: Staging
if: failure()
run: git add pnpm-lock.yaml
- name: Push
if: failure()
run: |
if [ $(git diff --cached --name-only) ]; then
git config user.name wraith-ci[bot]
git config user.email wraith-ci[bot]@users.noreply.github.com
git commit -m "chore: repair pnpm-lock.yaml"
git pull --rebase
git push origin
fi
post-process:
needs: [try-repair-lock, wraith-ci]
if: always()
timeout-minutes: 5
runs-on: ubuntu-latest
steps:
- name: Close Check Run
run: |
gh api \
--method PATCH \
/repos/${{ env.repository }}/check-runs/${{ fromJson(inputs.payload).check_run_id }} \
--field status=completed \
--field conclusion=${{ needs.wraith-ci.result }}
- name: Revoke Installation Token
run: gh api --method DELETE /installation/token
- name: Revoke App Token
run: gh api --method DELETE /installation/token
env:
GH_TOKEN: ${{ fromJson(inputs.payload).app_token }}