Add some requested sites (#96) #160
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
audit: | |
name: Audit dependencies | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- uses: ./.github/actions/setup-node | |
- name: Audit dependencies | |
run: npm audit --production --audit-level=high | |
static-analysis: | |
name: Static analysis | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: ./.github/actions/setup-node | |
- uses: ./.github/actions/install-dependencies | |
with: | |
node-auth-token: ${{ secrets.NODE_AUTH_TOKEN }} | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Linting JS/TS | |
run: npm run lint | |
- name: Type checking | |
run: npm run check-types | |
create-release: | |
name: Create release | |
needs: [static-analysis] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
# Default GITHUB_TOKEN has no permissions to push to locked branches, so we don't | |
# persist credentials and use the NODE_AUTH_TOKEN personal access token instead | |
persist-credentials: false | |
- uses: ./.github/actions/setup-node | |
with: | |
node-version: 20 | |
# Semantic release | |
- name: Semantic Release | |
uses: cycjimmy/semantic-release-action@v3 | |
with: | |
semantic_version: 19 | |
extra_plugins: | | |
@semantic-release/changelog | |
@semantic-release/git | |
branch: main | |
env: | |
# Use NODE_AUTH_TOKEN as GITHUB_TOKEN to allow pushing commits into locked "master" branch | |
GITHUB_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }} | |
NPM_TOKEN: ${{ secrets.NODE_AUTH_TOKEN }} |