Skip to content

chore(deps): lock file maintenance (#867) #1950

chore(deps): lock file maintenance (#867)

chore(deps): lock file maintenance (#867) #1950

Workflow file for this run

name: build
on:
push:
branches:
- main
pull_request:
branches:
- main
env:
IMAGE_NAME: ghcr.io/renovatebot/renovate-approve-bot-bitbucket-cloud
concurrency:
group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
cancel-in-progress: true
jobs:
test:
runs-on: ubuntu-latest
permissions:
contents: read
timeout-minutes: 10
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 2
- name: Enable corepack
run: corepack enable npm
- name: Set up Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version-file: .nvmrc
cache: npm
- name: Enable corepack
run: corepack enable npm
- name: Install Node.js dependencies
run: npm ci
- name: Run tests
run: npm run jest --maxWorkers=2 --ci
lint:
runs-on: ubuntu-latest
permissions:
contents: read
timeout-minutes: 10
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 2
- name: Enable corepack
run: corepack enable npm
- name: Set up Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version-file: .nvmrc
cache: npm
- name: Enable corepack
run: corepack enable npm
- name: Install Node.js dependencies
run: npm ci
- name: Lint
run: npm run lint
codeql-analyze:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
timeout-minutes: 10
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 2
- name: Initialize CodeQL
uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
with:
languages: javascript
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
build:
needs: [codeql-analyze, lint, test]
runs-on: ubuntu-latest
permissions:
contents: write
issues: write
packages: write
pull-requests: write
timeout-minutes: 10
steps:
# full checkout for semantic-release
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Enable corepack
run: corepack enable npm
- name: Set up Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
with:
node-version-file: .nvmrc
cache: npm
- name: Enable corepack
run: corepack enable npm
- name: Install Node.js dependencies
run: npm ci
- name: Set up QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
- name: Login to GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build container images
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64
tags: ${{ env.IMAGE_NAME }}:latest
cache-from: type=gha
cache-to: type=gha,mode=max
- name: semantic-release
run: npx semantic-release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Push container images
if: ${{ env.IMAGE_TAG != '' }}
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
with:
platforms: linux/amd64,linux/arm/v7,linux/arm64
push: true
# IMAGE_TAG is set by @semantic-release/exec (see .releaserc file)
tags: |
${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
${{ env.IMAGE_NAME }}:latest
cache-from: type=gha
cache-to: type=gha,mode=max