Skip to content
Back to pull request #2917

ci: renovate bot name change [TDX-6747] #1399

Sign in to view logs

ci: renovate bot name change [TDX-6747]

ci: renovate bot name change [TDX-6747] #1399

Workflow file for this run

.github/workflows/publish.yaml at 12e2d91
name: Publish
on:
push:
branches:
- main
- alpha
- beta
pull_request:
types:
- opened
- synchronize
- reopened
- labeled
branches:
- main
- alpha
- beta
permissions:
id-token: write
contents: read
actions: read
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
get-changed-files:
name: Get Changed Files
uses: ./.github/workflows/get-changed-files.yaml
run-tests:
name: Tests
needs:
- get-changed-files
uses: ./.github/workflows/test.yaml
publish:
name: Build and Publish Kongponents
needs:
- get-changed-files
- run-tests
# Only run the publish action (including semantic-release) if files in the /src/ directory changed.
# Should only run if files in the `src/` directory were changed
if: needs.get-changed-files.outputs.component-files-changed == 'true' || needs.get-changed-files.outputs.package-json-pnpm-lock-files-changed == 'true'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
with:
egress-policy: audit
- name: Remove preview consumption comment
if: github.event_name == 'pull_request'
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405 # v2.9.4
with:
header: pr_preview_consumption
delete: true
GITHUB_TOKEN: ${{ secrets.KONGPONENTS_BOT_PAT }}
- name: Checkout
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
with:
token: ${{ secrets.KONGPONENTS_BOT_PAT }}
- name: Setup git
run: |
git config --global user.name 'kongponents-bot'
git config --global user.email '[email protected]'
- name: Setup PNPM with Dependencies
uses: ./.github/actions/setup-pnpm-with-dependencies/
- name: Download Build Artifacts
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
with:
name: kongponents-ci-build-output-artifact
- name: Publish Package Preview
id: package-preview
# Do not run for `alpha` or `beta` branches
if: github.event_name == 'pull_request' && (github.actor != 'renovate[bot]' || contains(github.event.pull_request.labels.*.name, 'create preview package'))
run: |
git config user.email "[email protected]"
git config user.name "Kong UI Bot"
preid="pr.${{ github.event.pull_request.number }}.$(git rev-parse --short ${{ github.event.pull_request.head.sha }})"
tag="pr-${{ github.event.pull_request.number }}"
echo "preid=${preid}"
# Use pnpm to bump the version for the prerelease
pnpm version prerelease --preid ${preid} --no-git-tag-version --yes --amend
package_version=$(jq -r ".version" package.json)
package=@kong/kongponents@"${package_version}"
npm show "${package}" >/dev/null 2>&1 && npm_show_status=0 || npm_show_status=1
if [ $npm_show_status -eq 0 ]; then
echo "Package ${package} is already published. Skipping publishing."
exit 0
fi
npm_instructions=""
pkg=$(pnpm publish --no-git-checks --access public --report-summary --tag "${tag}" | grep "+ "| sed 's/+ //')
if [[ -z "${pkg}" ]]; then
echo "Error publishing package"
exit -1
fi
npm_instructions="@$(echo ${pkg}|cut -d'@' -f2)@${tag}"
echo "npm_instructions<<EOF" >> $GITHUB_OUTPUT
echo -e "$npm_instructions" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
- name: Provide preview link info
if: ${{ steps.package-preview.outputs.npm_instructions != '' }}
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405 # v2.9.4
with:
header: pr_preview_consumption
message: |
## ***Preview*** package from this PR in consuming application
In consuming application project install preview version of kongponents generated by this PR:
```
${{ steps.package-preview.outputs.npm_instructions }}
```
GITHUB_TOKEN: ${{ secrets.KONGPONENTS_BOT_PAT }}
- name: Semantic Release
if: github.event_name == 'push'
id: semantic_release
uses: cycjimmy/semantic-release-action@16ca923e6ccbb50770c415a0ccd43709a8c5f7a4 # v4.2.2
env:
# Since branch protections are on (pushing commits) you need to use a bot PAT
GITHUB_TOKEN: ${{ secrets.KONGPONENTS_BOT_PAT }}
# as of now cycjimmy/semantic-release-action is not publishing to npmjs as
# trusted publishing is not yet supported, so we want to do a publish as separate step
- name: Publish to npm
if: github.event_name == 'push' && steps.semantic_release.outputs.new_release_published == 'true'
run: |
npm publish
no-tests-required:
name: No Component Tests needed
needs:
- get-changed-files
if: needs.get-changed-files.outputs.component-files-changed == 'false' && needs.get-changed-files.outputs.package-json-pnpm-lock-files-changed == 'false'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
with:
egress-policy: audit
- name: Skip component tests
run: echo "No files changed in the `src/`, `docs/`, or `cypress/` directories, so no tests are needed."
no-publish-required:
name: No Build and Publish needed
needs:
- get-changed-files
if: needs.get-changed-files.outputs.components-or-docs-or-cypress-files-changed == 'false' && needs.get-changed-files.outputs.package-json-pnpm-lock-files-changed == 'false'
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
with:
egress-policy: audit
- name: Skip new release
run: echo "No files changed in the `src/` directory, so no new release is required."