chore(deps): update sonarsource/sonarqube-scan-action action to v7 #2746
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - 'website/**' | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| paths-ignore: | |
| - 'website/**' | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| if: github.event.head_commit.author.name != 'github-actions[bot]' | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10 | |
| - uses: actions/setup-node@v6 | |
| with: | |
| node-version: '24' | |
| cache: 'pnpm' | |
| - name: Install dependencies | |
| run: pnpm install | |
| - run: pnpm run build | |
| - uses: actions/upload-artifact@v6 | |
| with: | |
| name: dist | |
| path: dist | |
| check_if_version_upgraded: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| if: | | |
| github.event_name == 'push' || | |
| github.event.pull_request.head.repo.owner.login == github.event.pull_request.base.repo.owner.login | |
| outputs: | |
| version: ${{ steps.version.outputs.prop }} | |
| is_version_changed: ${{ steps.check.outputs.exists == 'false' }} | |
| is_pre_release: ${{ contains(steps.version.outputs.prop, '-rc' ) }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - id: version | |
| uses: notiz-dev/github-action-json-property@release | |
| with: | |
| path: 'package.json' | |
| prop_path: 'version' | |
| ## we check if repo contains already this tag, if not version, has changed | |
| - uses: mukunku/tag-exists-action@v1.7.0 | |
| id: check | |
| with: | |
| tag: ${{ steps.version.outputs.prop }} | |
| docker: | |
| needs: check_if_version_upgraded | |
| if: | | |
| ((github.event_name == 'push' || needs.check_if_version_upgraded.outputs.is_pre_release == 'true') && | |
| needs.check_if_version_upgraded.outputs.is_version_changed == 'true') || github.event_name == 'workflow_dispatch' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - uses: actions/download-artifact@v7 | |
| with: | |
| name: dist | |
| path: dist | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| platforms: linux/amd64,linux/arm64 | |
| context: '.' | |
| push: true | |
| tags: | | |
| inseefr/stromae-dsfr:latest, | |
| inseefr/stromae-dsfr:${{ needs.check_if_version_upgraded.outputs.version }} | |
| file: Dockerfile | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: check_if_version_upgraded | |
| # We create release only if the version in the package.json have been upgraded and this CI is running against the main branch. | |
| # We allow branches with a PR open on main to publish pre-release (x.y.z-rc.u) but not actual releases. | |
| if: | | |
| ((github.event_name == 'push' || needs.check_if_version_upgraded.outputs.is_pre_release == 'true') && | |
| needs.check_if_version_upgraded.outputs.is_version_changed == 'true') || github.event_name == 'workflow_dispatch' | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.ref }} | |
| - uses: softprops/action-gh-release@v2.4.2 | |
| with: | |
| name: Release v${{ needs.check_if_version_upgraded.outputs.version }} | |
| tag_name: ${{ needs.check_if_version_upgraded.outputs.version }} | |
| target_commitish: ${{ github.head_ref || github.ref }} | |
| generate_release_notes: true | |
| draft: false | |
| prerelease: ${{ needs.check_if_version_upgraded.outputs.is_pre_release == 'true' }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |