-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
8272d6d
commit d582eb8
Showing
2 changed files
with
57 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -8,9 +8,32 @@ on: | |
| concurrency: ${{ github.workflow }}-${{ github.ref }} | ||
|
|
||
| jobs: | ||
| check-package-version: | ||
| name: Check package version and detect an update | ||
| runs-on: ubuntu-20.04 | ||
| outputs: | ||
| committed-version: ${{ steps.check-package-version.outputs.committed-version }} | ||
| published-version: ${{ steps.check-package-version.outputs.published-version }} | ||
| is-new-version: ${{ steps.check-package-version.outputs.is-new-version }} | ||
| steps: | ||
| - name: Checkout the repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Check package version and detect an update | ||
| id: check-package-version | ||
| uses: PostHog/check-package-version@v2 | ||
|
Check warning Code scanning / CodeQL Unpinned tag for a non-immutable Action in workflow Medium
Unpinned 3rd party Action 'Release' step
Uses Step: check-package-version Error loading related location Loading |
||
| with: | ||
| # only supports one path - we'll cross that bridge when we come to it | ||
| path: 'packages/rrweb' | ||
|
|
||
| release: | ||
|
Check warning Code scanning / CodeQL Workflow does not contain permissions Medium
Actions Job or Workflow does not set permissions
|
||
| name: Release | ||
| name: Release (if new version) | ||
| runs-on: ubuntu-latest | ||
| needs: check-package-version | ||
| if: needs.check-package-version.outputs.is-new-version == 'true' | ||
| env: | ||
| COMMITTED_VERSION: ${{ needs.check-package-version.outputs.committed-version }} | ||
| PUBLISHED_VERSION: ${{ needs.check-package-version.outputs.published-version }} | ||
| steps: | ||
| - name: Checkout Repo | ||
| uses: actions/checkout@v4 | ||
|
|
@@ -27,28 +50,32 @@ jobs: | |
| - name: npm release | ||
| run: | | ||
| $GITHUB_WORKSPACE/scripts/npm-release.sh | ||
| # | ||
| # - name: Create GitHub release | ||
| # env: | ||
| # GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| # run: | | ||
| # # read from the first until the second header in the changelog file | ||
| # # this assumes the formatting of the file | ||
| # # and that this workflow is always running for the most recent entry in the file | ||
| # LAST_CHANGELOG_ENTRY=$(awk -v defText="see CHANGELOG.md" '/^## /{if (flag) exit; flag=1} flag && /^##$/{exit} flag; END{if (!flag) print defText}' CHANGELOG.md) | ||
| # # the action we used to use was archived, and made it really difficult to create a release with a body | ||
| # # because the LAST_CHANGELOG_ENTRY contains bash special characters so passing it between steps | ||
| # # was a pain. | ||
| # # we can use the github cli to create a release with a body | ||
| # # all as part of one step | ||
| # gh api \ | ||
| # --method POST \ | ||
| # -H "Accept: application/vnd.github+json" \ | ||
| # -H "X-GitHub-Api-Version: 2022-11-28" \ | ||
| # /repos/posthog/posthog-js/releases \ | ||
| # -f tag_name="v${{ env.COMMITTED_VERSION }}" \ | ||
| # -f target_commitish='main' \ | ||
| # -f name="${{ env.COMMITTED_VERSION }}" \ | ||
| # -f body="$LAST_CHANGELOG_ENTRY" \ | ||
| # -F draft=false \ | ||
| # -F prerelease=false \ | ||
| # -F generate_release_notes=false | ||
| # | ||
|
Check warning Code scanning / CodeQL Workflow does not contain permissions Medium
Actions Job or Workflow does not set permissions
|
||
| # - name: Create Release Pull Request or Publish to npm | ||
| # id: changesets | ||
| # uses: changesets/action@v1 | ||
| # with: | ||
| # publish: yarn run release | ||
| # env: | ||
| # NODE_OPTIONS: '--max-old-space-size=4096' | ||
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| # NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | ||
|
|
||
| # - name: Build Chrome Extension | ||
| # if: steps.changesets.outputs.published == 'true' | ||
| # run: NODE_OPTIONS='--max-old-space-size=4096' DISABLE_WORKER_INLINING=true yarn turbo run prepublish --filter=@rrweb/web-extension | ||
| ## | ||
| # - name: Publish Chrome Extension | ||
| # uses: mnao305/[email protected] | ||
| # if: steps.changesets.outputs.published == 'true' | ||
| # with: | ||
| # extension-id: 'pdaldeopoccdhlkabbkcjmecmmoninhe' | ||
| # file-path: ./packages/web-extension/dist/chrome.zip | ||
| # client-id: ${{ secrets.CWS_CLIENT_ID }} | ||
| # client-secret: ${{ secrets.CWS_CLIENT_SECRET }} | ||
| # refresh-token: ${{ secrets.CWS_REFRESH_TOKEN }} | ||
| # publish: true | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters