chore: publish automatically to NPM #7
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Workflow | |
| on: | |
| # Run on pushes to main.. | |
| push: | |
| branches: | |
| - main | |
| # ..and any pull request. | |
| pull_request: | |
| # Cancel any in progress run of the workflow for a given PR | |
| # This avoids building outdated code | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| check-for-sh: | |
| name: Check for .sh | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: "echo '*** Do not write .sh scripts! ***'; ! find . -type f -name '*.sh' | grep ." | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: 'package.json' | |
| check-latest: true | |
| - run: yarn | |
| - run: yarn typecheck | |
| - run: yarn format:check | |
| - run: yarn lint | |
| knip: | |
| name: Knip | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: 'package.json' | |
| check-latest: true | |
| - run: yarn | |
| - run: yarn knip | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: 'package.json' | |
| check-latest: true | |
| - run: yarn | |
| - run: yarn test:ci | |
| # - name: Upload Coverage Report | |
| # uses: actions/upload-artifact@v3 | |
| # with: | |
| # path: coverage/lcov-report | |
| # - name: 'Upload coverage to Codecov' | |
| # uses: codecov/codecov-action@v3 | |
| publish: | |
| name: Publish to NPM | |
| if: github.ref == 'refs/heads/main' | |
| needs: | |
| - check-for-sh | |
| - lint | |
| - knip | |
| - test | |
| runs-on: ubuntu-latest | |
| steps: | |
| # actions/checkout MUST come before auth | |
| - uses: actions/checkout@v4 | |
| - id: auth | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| # From valora-viem-hsm-test | |
| credentials_json: ${{ secrets.GOOGLE_SERVICE_ACCOUNT_KEY }} | |
| - id: google-secrets | |
| uses: google-github-actions/get-secretmanager-secrets@v2 | |
| with: | |
| secrets: |- | |
| NPM_TOKEN:valora-viem-hsm-test/NPM_TOKEN | |
| SLACK_WEBHOOK_URL:valora-viem-hsm-test/SLACK_ONCALL_WEBHOOK_URL | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: 'package.json' | |
| check-latest: true | |
| - run: yarn | |
| - run: yarn build | |
| - run: yarn release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| NPM_TOKEN: ${{ steps.google-secrets.outputs.NPM_TOKEN }} | |
| - uses: ravsamhq/notify-slack-action@v2 | |
| if: always() | |
| with: | |
| status: ${{ job.status }} | |
| notification_title: '{workflow} has {status_message}' | |
| message_format: '{emoji} *{workflow}* {status_message}. <{run_url}|View Run>' | |
| footer: 'Repo: <{repo_url}|{repo}>' | |
| notify_when: 'failure' | |
| # Tag @supporthero on failures, can change to any slack group id | |
| mention_groups: 'S0277QUM4KB' | |
| mention_groups_when: 'failure' | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ steps.google-secrets.outputs.SLACK_WEBHOOK_URL }} |