Skip to content

fix(vuln): bump version of libraries that depend on parse-url to fix … #500

fix(vuln): bump version of libraries that depend on parse-url to fix …

fix(vuln): bump version of libraries that depend on parse-url to fix … #500

Workflow file for this run

name: CI
on: [push]
jobs:
sanity-checks:
permissions:
contents: read
name: Sanity Checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '20.9.0'
- uses: actions/cache@v3
with:
path: |
~/.npm
**/node_modules
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- run: npm ci --ignore-scripts
- run: npm run lint
- run: npm test -- --ci --coverage
release:
permissions:
contents: write
needs: sanity-checks
runs-on: ubuntu-latest
if: >
github.ref == 'refs/heads/master'
&& !contains(toJSON(github.event.commits.*.message), '[skip-ci]')
&& !contains(toJSON(github.event.commits.*.message), 'chore(deps-dev)')
env:
DOCKER_REGISTRY_URL: registry.hub.docker.com
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '20.9.0'
- uses: actions/cache@v3
with:
path: |
~/.npm
**/node_modules
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- run: npm ci --ignore-scripts
- name: Configure git user
run: |
git config user.email '[email protected]'
git config user.name 'GitHub Action'
- name: Update versions and changelog
run: npx commit-and-tag-version
- name: Set VERSION env var
run: |
version=`node -p "require('./package.json').version"`
echo "VERSION=$version" >> $GITHUB_ENV
- name: Login to docker registry
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
run: docker login -u $DOCKER_USERNAME -p $DOCKER_TOKEN $DOCKER_REGISTRY_URL
- name: Build image
run: |
docker build -t $DOCKER_REGISTRY_URL/wagoid/commitlint-github-action:$VERSION .
- name: Push to docker registry
run: |
docker push $DOCKER_REGISTRY_URL/wagoid/commitlint-github-action:$VERSION
- run: git push --atomic --follow-tags origin master
- name: Create a git tag for the major version
run: |
major=`echo $VERSION | sed -E 's/([0-9]+)(.+)/\1/'`
version_name="v$major"
tag_heading="This version points to the latest version available (v$VERSION)."
tag_body="This is necessary because currently Github Actions don't apply any semantic versioning matching when downloading versions."
git tag -fa "$version_name" -m "$version_name" -m "$tag_heading" -m "$tag_body"
git push -f origin "$version_name"