Merge pull request #266 from andrewck24/dependabot/npm_and_yarn/story… #23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: read | |
| jobs: | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| outputs: | |
| new-release-published: ${{ steps.semantic-release.outputs.new-release-published }} | |
| new-release-version: ${{ steps.semantic-release.outputs.new-release-version }} | |
| permissions: | |
| contents: write # to be able to publish a GitHub release | |
| issues: write # to be able to comment on released issues | |
| pull-requests: write # to be able to comment on released pull requests | |
| id-token: write # to enable use of OIDC for npm provenance | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "lts/*" | |
| - name: Install dependencies | |
| run: npm clean-install | |
| - name: Verify the integrity of provenance attestations and registry signatures for installed dependencies | |
| run: npm audit signatures | |
| - name: Release | |
| id: semantic-release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: npx semantic-release | |
| sync-dev: | |
| name: Create PR to sync version to dev branch | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| needs: release | |
| if: needs.release.outputs.new-release-published == 'true' | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check for existing sync PR | |
| run: | | |
| existing_pr=$(gh pr list \ | |
| --base dev \ | |
| --head sync/version-${{ needs.release.outputs.new-release-version }} \ | |
| --json number --jq '.[0].number' || true) | |
| if [ "$existing_pr" != "null" ] && [ -n "$existing_pr" ]; then | |
| echo "PR already exists: #$existing_pr" | |
| exit 0 | |
| fi | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@v5 | |
| continue-on-error: true | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| branch: sync/version-${{ needs.release.outputs.new-release-version }} | |
| base: dev | |
| title: "chore: sync version ${{ needs.release.outputs.new-release-version }} to dev" | |
| body: | | |
| ## 🔄 Auto-sync from main branch | |
| **Release**: [`${{ needs.release.outputs.new-release-version }}`](https://github.com/${{ github.repository }}/releases/tag/v${{ needs.release.outputs.new-release-version }}) | |
| ### Changes include: | |
| - 📦 Updated package.json version | |
| - 📝 Updated CHANGELOG.md | |
| - 🏷️ Release commit and tags | |
| ### 🤖 Automated PR Checklist | |
| - [ ] No merge conflicts | |
| - [ ] Version number is correct | |
| - [ ] CHANGELOG.md is properly updated | |
| - [ ] Ready to merge | |
| --- | |
| _This PR was automatically created by the semantic-release workflow._ | |
| labels: | | |
| automated | |
| version-sync | |
| delete-branch: true |