Main CI #12729
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Main CI | |
concurrency: | |
group: ci-${{ github.ref }}-main | |
cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
permissions: | |
contents: read | |
on: | |
push: | |
branches: | |
- main | |
- 'release/*' | |
pull_request: | |
branches: | |
- main | |
- 'release/*' | |
merge_group: | |
types: [checks_requested] | |
env: | |
YARN_ENABLE_HARDENED_MODE: 0 | |
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} | |
jobs: | |
# Check the integrity of yarn lock | |
yarn_lock_check: | |
runs-on: ubuntu-latest | |
env: | |
NX_SKIP_NX_CACHE: true | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: ./tools/github-actions/setup | |
env: | |
YARN_ENABLE_HARDENED_MODE: 1 | |
build: | |
runs-on: ubuntu-latest | |
needs: [yarn_lock_check] | |
env: | |
NX_SKIP_NX_CACHE: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/heads/release') }} | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: ./tools/github-actions/setup | |
- uses: ./.github/actions/setup-java | |
with: | |
install-jdk: 'true' | |
- run: yarn build:swagger-gen | |
- run: yarn build | |
- uses: ./tools/github-actions/upload-build-output | |
version: | |
permissions: | |
# Needed to publish release on GitHub | |
contents: write | |
runs-on: ubuntu-latest | |
needs: [yarn_lock_check] | |
outputs: | |
nextVersionTag: ${{ steps.newVersion.outputs.nextVersionTag }} | |
isPreRelease: ${{ contains( steps.newVersion.outputs.nextVersionTag, '-' ) || github.event_name == 'pull_request' || github.event_name == 'merge_group'}} | |
steps: | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 | |
with: | |
node-version: 20 | |
- name: New Version | |
if: github.event_name != 'merge_group' | |
id: newVersion | |
uses: ./tools/github-actions/new-version | |
with: | |
defaultBranch: main | |
defaultBranchPrereleaseName: prerelease | |
releaseBranchRegExp: 'release\/(0|[1-9]\d*)\.(0|[1-9]\d*)(\.0-(?:next|prerelease|rc))?$' | |
- name: Create release | |
if: github.event_name != 'pull_request' && github.event_name != 'merge_group' | |
uses: ./tools/github-actions/release | |
with: | |
version: ${{ steps.newVersion.outputs.nextVersionTag }} | |
target: ${{ github.ref_name }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
checks: | |
uses: ./.github/workflows/code-check.yml | |
secrets: | |
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
needs: [yarn_lock_check] | |
with: | |
affected: ${{ github.event_name == 'pull_request' }} | |
skipNxCache: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/heads/release') }} | |
it-tests: | |
uses: ./.github/workflows/it-tests.yml | |
secrets: | |
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
needs: [yarn_lock_check, build] | |
with: | |
skipNxCache: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/heads/release') }} | |
e2e-tests: | |
uses: ./.github/workflows/e2e-tests.yml | |
secrets: | |
NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} | |
needs: [yarn_lock_check, build] | |
with: | |
skipNxCache: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/heads/release') }} | |
publish-packages: | |
uses: ./.github/workflows/publish.yml | |
if: ${{ github.event_name != 'pull_request' && github.event_name != 'merge_group' }} | |
permissions: | |
contents: read | |
# Needed to publish with provenance | |
id-token: write | |
secrets: inherit | |
needs: [yarn_lock_check, version, build, checks, it-tests] | |
with: | |
version: ${{ needs.version.outputs.nextVersionTag }} | |
prerelease: ${{ needs.version.outputs.isPreRelease == 'true' }} | |
isPullRequest: false | |
skipNxCache: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/heads/release') }} | |
documentation-main: | |
secrets: inherit | |
needs: [yarn_lock_check, version, build, checks] | |
if: ${{ github.event_name != 'pull_request' && github.event_name != 'merge_group' && github.ref_name == 'main' }} | |
uses: ./.github/workflows/documentation.yml | |
with: | |
version: ${{ needs.version.outputs.nextVersionTag }} | |
documentation-pr: | |
secrets: inherit | |
needs: [yarn_lock_check, version] | |
if: ${{ (github.event_name == 'pull_request' && github.base_ref == 'main') || github.event_name == 'merge_group' }} | |
uses: ./.github/workflows/documentation.yml | |
with: | |
version: ${{ needs.version.outputs.nextVersionTag }} | |
shouldDeploy: false |