fix(ci): secrets: inherit & set-output #1633
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| no_lint: | |
| description: Skip lint job | |
| type: boolean | |
| default: false | |
| no_release: | |
| description: Skip release job | |
| type: boolean | |
| default: false | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| jobs: | |
| lint: | |
| if: ${{ !contains(github.event.head_commit.message, 'no_lint') && !github.event.inputs.no_lint }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/cache@v4 | |
| with: | |
| key: pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: pnpm- | |
| path: | | |
| ~/.pnpm-store | |
| ~/.cache/pnpm | |
| **/node_modules | |
| - uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10 | |
| run_install: false | |
| - uses: oven-sh/setup-bun@v2 | |
| - run: pnpm install | |
| - if: github.event_name == 'push' | |
| run: | | |
| changes=$(git diff --name-only --diff-filter=d "${{ github.event.commits[0].id }}~1" "${{ github.event.commits[0].id }}") | |
| { | |
| echo 'changes<<eof_${{ github.run_id }}' | |
| echo "$changes" | |
| echo 'eof_${{ github.run_id }}' | |
| } >> $GITHUB_ENV | |
| - if: github.event_name == 'pull_request' | |
| run: | | |
| changes=$(git diff --name-only --diff-filter=d "${{ github.event.pull_request.base.sha }}" "${{ github.event.pull_request.head.sha }}") | |
| { | |
| echo 'changes<<eof_${{ github.run_id }}' | |
| echo "$changes" | |
| echo 'eof_${{ github.run_id }}' | |
| } >> $GITHUB_ENV | |
| - name: lint changed files | |
| if: env.changes != '' | |
| run: | | |
| pattern=$(echo "${{ env.changes }}" | tr '\n' '|' | sed 's/|$//') | |
| pnpm run lint-ci 2>&1 | grep -E "$pattern" || true | |
| exit ${PIPESTATUS[0]:-1} | |
| - name: lint files | |
| if: env.changes == '' | |
| continue-on-error: true | |
| run: pnpm run lint-ci | |
| bundle: | |
| runs-on: ubuntu-latest | |
| needs: lint | |
| if: needs.lint.result != 'failure' | |
| strategy: | |
| matrix: | |
| format: [yaml, json] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/cache@v4 | |
| with: | |
| key: pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: pnpm- | |
| path: | | |
| ~/.pnpm-store | |
| ~/.cache/pnpm | |
| **/node_modules | |
| - uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10 | |
| run_install: false | |
| - uses: oven-sh/setup-bun@v2 | |
| - run: pnpm install | |
| - run: pnpm bundle --ext ${{ matrix.format }} | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: openapi.${{ matrix.format }} | |
| path: dist/openapi.${{ matrix.format }} | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: bundle | |
| if: github.ref == 'refs/heads/main' && needs.bundle.result != 'failure' && !contains(github.event.head_commit.message, 'no_release') && !github.event.inputs.no_release | |
| outputs: | |
| version: ${{ steps.metadata.outputs.version }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/cache@v4 | |
| with: | |
| key: pnpm-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: pnpm- | |
| path: | | |
| ~/.pnpm-store | |
| ~/.cache/pnpm | |
| **/node_modules | |
| - uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10 | |
| run_install: false | |
| - uses: oven-sh/setup-bun@v2 | |
| - run: pnpm install | |
| - uses: actions/download-artifact@v5 | |
| with: | |
| path: dist | |
| merge-multiple: true | |
| - id: metadata | |
| run: | | |
| version=$(jq -r '.info.version' dist/openapi.json) | |
| version_sha=$( | |
| git rev-list -n 1 "v$version" 2>/dev/null \ | |
| || git rev-list -n 1 "release/$version" 2>/dev/null \ | |
| || echo "" | |
| ) | |
| if [ "$version_sha" == "" ]; then | |
| echo "prerelease=false" >> $GITHUB_ENV | |
| else | |
| echo "prerelease=true" >> $GITHUB_ENV | |
| version=$(pnpm semver $version -i)-nightly.$(git rev-list --count "$version_sha"..HEAD) | |
| fi | |
| echo "version=$version" >> $GITHUB_ENV | |
| echo "version=$version" >> $GITHUB_OUTPUT | |
| - name: create release | |
| if: env.prerelease == 'false' | |
| run: gh release create v${{ env.version }} dist/* --generate-notes | |
| - name: create release (nightly) | |
| if: env.prerelease == 'true' | |
| run: | | |
| jq --arg v "${{ env.version }}" '.info.version = $v' dist/openapi.json > dist/.openapi.json && mv dist/.openapi.json dist/openapi.json | |
| yq eval ".info.version = \"${{ env.version }}\"" -i dist/openapi.yaml | |
| gh release create v${{ env.version }} dist/* \ | |
| --generate-notes \ | |
| --prerelease | |
| release_dispatch: | |
| uses: ./.github/workflows/release_dispatch.yaml | |
| needs: release | |
| secrets: inherit | |
| with: | |
| version: ${{ needs.release.outputs.version }} |