Release #2405
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| schedule: | |
| - cron: "00 21 * * *" | |
| repository_dispatch: | |
| types: manual_release | |
| workflow_dispatch: | |
| permissions: | |
| id-token: write # Requis pour OIDC / npm trusted publishing | |
| contents: write | |
| jobs: | |
| release: | |
| name: Release | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Get GitHub App Token | |
| id: token | |
| uses: SocialGouv/token-bureau@main | |
| with: | |
| token-bureau-url: https://token-bureau.fabrique.social.gouv.fr | |
| audience: socialgouv | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: 24.x | |
| registry-url: https://registry.npmjs.org | |
| - name: Update npm (required for npm trusted publishing) | |
| run: npm install -g npm@latest | |
| - name: Get yarn cache directory path | |
| id: init | |
| shell: bash | |
| run: | | |
| echo "yarn_cache=$(yarn cache dir)" >> "$GITHUB_OUTPUT" | |
| echo "Node $(node --version)" | |
| echo "Yarn $(yarn --version)" | |
| echo "Npm $(npm --version)" | |
| - uses: actions/checkout@v4 | |
| - name: Cache Yarn packages | |
| id: yarn_cache_packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ steps.init.outputs.yarn_cache }} | |
| key: ${{ runner.os }}-yarn_cache-${{ hashFiles('**/yarn.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-yarn_cache- | |
| - name: Installing | |
| run: yarn --frozen-lockfile --link-duplicates --prefer-offline | |
| - name: Build | |
| run: yarn build | |
| - name: Start | |
| env: | |
| TOKEN_MT: ${{ secrets.TOKEN_MT }} | |
| DATAFILLER_URL: ${{ secrets.DATAFILLER_URL }} | |
| run: yarn start | |
| - name: Check Refs | |
| run: yarn checkRefs | |
| - name: Check for 403 errors | |
| id: check_403 | |
| run: | | |
| if [ -f "./forbidden-urls.json" ]; then | |
| echo "has_403=true" >> "$GITHUB_OUTPUT" | |
| FORBIDDEN_CONTENT=$(cat ./forbidden-urls.json) | |
| FORBIDDEN_CONTENT="${FORBIDDEN_CONTENT//'%'/'%25'}" | |
| FORBIDDEN_CONTENT="${FORBIDDEN_CONTENT//$'\n'/'%0A'}" | |
| FORBIDDEN_CONTENT="${FORBIDDEN_CONTENT//$'\r'/'%0D'}" | |
| echo "forbidden_urls=$FORBIDDEN_CONTENT" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "has_403=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Get metadata | |
| id: metadata | |
| shell: bash | |
| run: | | |
| echo "data_status=$(git status -s ./data)" >> "$GITHUB_OUTPUT" | |
| echo "now=$(date +"%Y%m%d_%H%M")" >> "$GITHUB_OUTPUT" | |
| - name: Print metadata | |
| run: | | |
| echo "Data status ${{ steps.metadata.outputs.now }}" | |
| echo "${{ steps.metadata.outputs.data_status }}" | |
| - name: Check JSON | |
| run: | | |
| for filename in ./data/*\.json; do | |
| node "$filename" > /dev/null || { | |
| echo "Error: Invalid JSON in $filename" | |
| exit 1 | |
| } | |
| done | |
| - uses: EndBug/add-and-commit@v7 | |
| if: ${{ steps.metadata.outputs.data_status }} | |
| env: | |
| HUSKY_SKIP_HOOKS: "true" | |
| GITHUB_TOKEN: ${{ steps.token.outputs.token }} | |
| with: | |
| author_name: ${{ secrets.SOCIALGROOVYBOT_NAME }} | |
| author_email: ${{ secrets.SOCIALGROOVYBOT_EMAIL }} | |
| message: "feat(data): ${{ steps.metadata.outputs.now }} update" | |
| add: "data" | |
| - name: Semantic Release | |
| uses: cycjimmy/semantic-release-action@ba330626c4750c19d8299de843f05c7aa5574f62 | |
| with: | |
| semantic_version: 25.0.1 | |
| extra_plugins: | | |
| @semantic-release/changelog@6.0.3 | |
| @semantic-release/exec@7.1.0 | |
| @semantic-release/git@10.0.1 | |
| env: | |
| GIT_AUTHOR_EMAIL: ${{ secrets.SOCIALGROOVYBOT_EMAIL }} | |
| GIT_AUTHOR_NAME: ${{ secrets.SOCIALGROOVYBOT_NAME }} | |
| GIT_COMMITTER_EMAIL: ${{ secrets.SOCIALGROOVYBOT_EMAIL }} | |
| GIT_COMMITTER_NAME: ${{ secrets.SOCIALGROOVYBOT_NAME }} | |
| GITHUB_TOKEN: ${{ steps.token.outputs.token }} | |
| - uses: mattermost/action-mattermost-notify@master | |
| if: steps.check_403.outputs.has_403 == 'true' | |
| with: | |
| MATTERMOST_WEBHOOK_URL: ${{ secrets.MATTERMOST_WEBHOOK_URL }} | |
| TEXT: | | |
| ⚠️ **Avertissement** : Certaines pages ont retourné une erreur 403 (Forbidden) lors du scraping et ont été ignorées. | |
| ```json | |
| ${{ steps.check_403.outputs.forbidden_urls }} | |
| ``` | |
| Le processus de mise à jour a continué normalement. | |
| [Les logs complets sont disponibles ici](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) | |
| - uses: mattermost/action-mattermost-notify@master | |
| if: failure() | |
| with: | |
| MATTERMOST_WEBHOOK_URL: ${{ secrets.MATTERMOST_WEBHOOK_URL }} | |
| TEXT: | | |
| ❌ La mise à jour du dépôt fiches-travail-data a échoué. | |
| [Les logs sont disponibles ici](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) |