CI/CD Pipeline #96
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| permissions: {} | |
| on: | |
| schedule: | |
| # run every day at 7:00 AM UTC | |
| - cron: '0 7 * * *' | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| permissions: | |
| contents: read | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| node-version: [18.x, 20.x] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Generate SDK code from OpenAPI | |
| run: npx nx codegen sdk | |
| - name: Run linting | |
| run: npx nx run-many -t lint | |
| - name: Run formatting check | |
| run: npm run format:check | |
| - name: Run type checking | |
| run: npx nx run-many -t typecheck | |
| - name: Build packages | |
| run: npx nx run-many -t build | |
| - name: Run tests with coverage | |
| run: npx nx run-many -t test --coverage | |
| - name: Upload coverage to Codecov | |
| if: matrix.node-version == '20.x' | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| files: ./packages/sdk/coverage/lcov.info,./packages/cli/coverage/lcov.info | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| flags: unittests | |
| name: codecov-umbrella | |
| fail_ci_if_error: false | |
| - name: SonarQube Scan | |
| if: matrix.node-version == '20.x' | |
| uses: SonarSource/sonarqube-scan-action@v5 | |
| with: | |
| args: | | |
| -Dsonar.javascript.lcov.reportPaths=packages/sdk/coverage/lcov.info,packages/cli/coverage/lcov.info | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| build-docs: | |
| permissions: | |
| contents: write | |
| runs-on: ubuntu-latest | |
| needs: test | |
| if: github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Generate SDK code from OpenAPI | |
| run: npx nx codegen sdk | |
| - name: Build SDK package | |
| run: npx nx build sdk | |
| - name: Generate documentation | |
| run: npm run docs | |
| - name: Deploy to GitHub Pages | |
| uses: peaceiris/actions-gh-pages@v3 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| publish_dir: ./docs | |
| cname: aignostics-platform-sdk.github.io | |
| release: | |
| permissions: | |
| contents: write | |
| runs-on: ubuntu-latest | |
| needs: [test, build-docs] | |
| if: github.ref == 'refs/heads/main' | |
| environment: | |
| name: production | |
| url: https://github.com/aignostics/typescript-sdk/releases | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| cache: 'npm' | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: Generate SDK code from OpenAPI | |
| run: npx nx codegen sdk | |
| - name: Build all packages | |
| run: npx nx run-many -t build | |
| - name: Release SDK | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| working-directory: packages/sdk | |
| run: npx semantic-release | |
| - name: Release CLI | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| working-directory: packages/cli | |
| run: npx semantic-release | |
| codeql: | |
| if: (!contains(github.event.head_commit.message, 'skip:ci')) | |
| uses: ./.github/workflows/_codeql.yml | |
| permissions: | |
| actions: read | |
| contents: read | |
| packages: read | |
| security-events: write | |
| secrets: inherit |