fix(deps): update dependency zone.js to ~0.16.0 (#24) #27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: write | |
| issues: write | |
| pull-requests: write | |
| packages: write | |
| attestations: write | |
| id-token: write | |
| jobs: | |
| release: | |
| name: Release and Docker Publish | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: latest | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: '22.x' | |
| cache: 'pnpm' | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Run linter | |
| run: pnpm lint | |
| - name: Run tests | |
| run: pnpm test | |
| # Step 1: Compute next version using semantic-release dry-run | |
| - name: Get next version | |
| id: get_version | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GIT_AUTHOR_NAME: github-actions[bot] | |
| GIT_AUTHOR_EMAIL: github-actions[bot]@users.noreply.github.com | |
| GIT_COMMITTER_NAME: github-actions[bot] | |
| GIT_COMMITTER_EMAIL: github-actions[bot]@users.noreply.github.com | |
| run: | | |
| # Run semantic-release in dry-run mode to get the next version | |
| npx semantic-release --dry-run > release-output.txt 2>&1 || true | |
| # Extract version from dry-run output | |
| VERSION=$(cat release-output.txt | grep -oP 'Published release \K[0-9]+\.[0-9]+\.[0-9]+' || echo "") | |
| if [ -z "$VERSION" ]; then | |
| echo "No new version to release" | |
| echo "new_release=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "Next version: $VERSION" | |
| echo "new_release=true" >> $GITHUB_OUTPUT | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| fi | |
| cat release-output.txt | |
| # Step 2: Set up Docker and build/push image (only if there's a new release) | |
| # Note: Build happens inside Docker, no need to build here | |
| - name: Set up Docker Buildx | |
| if: steps.get_version.outputs.new_release == 'true' | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Container Registry | |
| if: steps.get_version.outputs.new_release == 'true' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) | |
| if: steps.get_version.outputs.new_release == 'true' | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/amadeusitgroup/renovate-playground | |
| tags: | | |
| type=semver,pattern={{version}},value=${{ steps.get_version.outputs.version }} | |
| type=semver,pattern={{major}}.{{minor}},value=${{ steps.get_version.outputs.version }} | |
| type=semver,pattern={{major}},value=${{ steps.get_version.outputs.version }} | |
| type=raw,value=latest,enable=true | |
| labels: | | |
| org.opencontainers.image.title=Renovate Playground | |
| org.opencontainers.image.description=Renovate Playground Application | |
| org.opencontainers.image.vendor=AmadeusITGroup | |
| org.opencontainers.image.version=${{ steps.get_version.outputs.version }} | |
| org.opencontainers.image.revision=${{ github.sha }} | |
| - name: Build and push Docker image | |
| if: steps.get_version.outputs.new_release == 'true' | |
| id: build | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| platforms: linux/amd64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| BUILD_DATE=${{ github.event.repository.updated_at }} | |
| VCS_REF=${{ github.sha }} | |
| VERSION=${{ steps.get_version.outputs.version }} | |
| - name: Generate artifact attestation | |
| if: steps.get_version.outputs.new_release == 'true' | |
| uses: actions/attest-build-provenance@v1 | |
| with: | |
| subject-name: ghcr.io/amadeusitgroup/renovate-playground | |
| subject-digest: ${{ steps.build.outputs.digest }} | |
| push-to-registry: true | |
| # Step 3: Run semantic-release for real (creates tag, release, updates changelog) | |
| - name: Semantic Release | |
| if: steps.get_version.outputs.new_release == 'true' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GIT_AUTHOR_NAME: github-actions[bot] | |
| GIT_AUTHOR_EMAIL: github-actions[bot]@users.noreply.github.com | |
| GIT_COMMITTER_NAME: github-actions[bot] | |
| GIT_COMMITTER_EMAIL: github-actions[bot]@users.noreply.github.com | |
| run: npx semantic-release |