-
Notifications
You must be signed in to change notification settings - Fork 46
147 lines (144 loc) · 4.64 KB
/
deploy-main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
name: deploy-main
on:
push:
branches: ["main"]
env:
CI: 1
TURBO_TELEMETRY_DISABLED: 1
GITHUB_BASE_REF: ${{ github.base_ref }}
GITHUB_HEAD_REF: ${{ github.head_ref }}
GITHUB_REF: ${{ github.ref }}
NPM_CONFIG_PROVENANCE: true
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
target: wasm32-unknown-unknown
cache: false
- uses: actions/setup-node@v4
with:
node-version: "22"
- name: Install
run: |
npm install -g corepack@latest
corepack enable && corepack prepare
corepack pnpm config set store-dir .pnpm-store
corepack pnpm install --frozen-lockfile
- name: build
run: |
corepack pnpm turbo --filter !@lynx-js/web-tests build --summarize
- name: Save Turbo Result
uses: actions/upload-artifact@v4
with:
name: main-${{ github.sha }}
path: .turbo
if-no-files-found: error
retention-days: 1
overwrite: true
include-hidden-files: true
# We make a build here to make sure cache works for pull requests
# See: https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/caching-dependencies-to-speed-up-workflows#restrictions-for-accessing-a-cache
build-all:
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: true
uses: ./.github/workflows/workflow-build.yml
secrets: inherit
with:
runs-on: lynx-ubuntu-24.04-xlarge
publish:
needs: build
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: false
environment: main branch
permissions:
contents: write
pull-requests: write
statuses: read
# `id-token: write` is required for npm provenance
# See: https://docs.npmjs.com/generating-provenance-statements#publishing-packages-with-provenance-via-github-actions
id-token: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-node@v4
with:
node-version: "22"
registry-url: "https://registry.npmjs.org"
- name: Install
run: |
npm install -g corepack@latest
corepack enable && corepack prepare
corepack pnpm config set store-dir .pnpm-store
corepack pnpm install --frozen-lockfile
- name: Download Turbo Cache
uses: actions/download-artifact@v4
timeout-minutes: 5
with:
name: main-${{ github.sha }}
path: .turbo
- name: build
run: |
corepack pnpm turbo --filter !@lynx-js/web-tests build --summarize
- name: Get current date
id: date
run: echo "::set-output name=date::$(date -u +'%Y-%m-%d %H:%M:%S')"
- name: attempt to release
uses: changesets/action@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
with:
publish: pnpm changeset publish
title: "chore: Release ${{ steps.date.outputs.date }}"
canary-publish:
needs: build
runs-on: ubuntu-latest
environment: main branch
permissions:
contents: read
pull-requests: read
statuses: read
# `id-token: write` is required for npm provenance
# See: https://docs.npmjs.com/generating-provenance-statements#publishing-packages-with-provenance-via-github-actions
id-token: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-node@v4
with:
node-version: "22"
registry-url: "https://registry.npmjs.org"
- name: Install
run: |
npm install -g corepack@latest
corepack enable && corepack prepare
corepack pnpm config set store-dir .pnpm-store
corepack pnpm install --frozen-lockfile
- name: Download Turbo Cache
uses: actions/download-artifact@v4
timeout-minutes: 5
with:
name: main-${{ github.sha }}
path: .turbo
- name: build
run: |
corepack pnpm turbo --filter !@lynx-js/web-tests build --summarize
- name: version canary packages
run: |
pnpm changeset version --snapshot canary
node packages/tools/canary-release/snapshot.js
- name: publish canary packages
run: |
pnpm --recursive publish --no-git-checks --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}