Build

AP-449: avoid leaking env variables into build (#18) #389

Workflow file for this run

	name: Build
	on: [ push, pull_request, release, workflow_dispatch ]

	env:
	YARN_NPM_AUTH_TOKEN: ${{ secrets.NPM_GALC_UI_PUBLISH_TOKEN }}

	jobs:
	debug:
	runs-on: ubuntu-latest

	steps:
	- name: Dump GitHub context
	env:
	GITHUB_CONTEXT: ${{ toJson(github) }}
	run: echo "${GITHUB_CONTEXT}"

	build:
	runs-on: ubuntu-latest
	# We need to build in order to publish, but we don't want to build on other release events
	if: github.event_name != 'release' \|\| github.event.action == 'created'

	steps:
	- name: Check out repository
	uses: actions/checkout@v4

	# This is required to confirm that GHA will use the right version of Yarn
	- name: Enable Corepack
	run: corepack enable

	- name: Check yarn version
	run: \|
	if [ "`yarn --version`" != "`cat package.json \| jq .packageManager -r \| cut -c 6-`" ]; then
	echo "::warning file=package.json,title=YarnVersionMismatch::Yarn `yarn --version` does not match required version"
	else
	echo "::notice file=package.json,title=YarnVersionMatch::Yarn `yarn --version` matches required version"
	fi

	- name: Cache node modules
	uses: actions/cache@v4
	with:
	path: ~/node_modules
	key: cache-${{ hashFiles('**/yarn.lock') }}

	- name: Install dependencies
	run: yarn install

	- name: Check style
	run: yarn lint

	- name: Run tests w/coverage
	run: yarn coverage

	- name: Build
	run: yarn build

	- name: Upload distribution
	if: ${{ always() }}
	uses: actions/upload-artifact@v4
	with:
	name: dist
	path: dist/**

	- name: Upload artifacts
	if: ${{ always() }}
	uses: actions/upload-artifact@v4
	with:
	name: artifacts
	path: artifacts/**

	# TODO: stop hard-coding ref_name and package-name
	publish-snapshot:
	needs: build
	runs-on: ubuntu-latest
	if: github.ref_name == 'main' && (github.event_name == 'push' \|\| github.event_name == 'workflow_dispatch')

	steps:
	- name: Check out repository
	uses: actions/checkout@v4

	- name: Download distribution
	uses: actions/download-artifact@v4
	with:
	name: dist
	path: dist

	- name: Publish latest snapshot
	run: \|
	yarn version 0.0.0-"${GITHUB_SHA:0:7}" --immediate
	yarn npm publish --access public --tag snapshot

	publish-release:
	needs: build
	runs-on: ubuntu-latest
	if: github.event_name == 'release' && github.event.action == 'created'

	steps:
	- name: Check out repository
	uses: actions/checkout@v4

	- name: Download distribution
	uses: actions/download-artifact@v4
	with:
	name: dist
	path: dist

	- name: Publish release package
	# NOTE: Assumes tag in form x.y.z
	# TODO: figure out why ${{github.event.release.tag_name}} doesn't work
	run: \|
	yarn version "${{github.ref_name}}" --immediate
	yarn npm publish --access public --tag latest

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

AP-449: avoid leaking env variables into build (#18) #389

Workflow file

AP-449: avoid leaking env variables into build (#18) #389

Uh oh!

Workflow file for this run