-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathaction.yml
More file actions
132 lines (119 loc) · 5.5 KB
/
action.yml
File metadata and controls
132 lines (119 loc) · 5.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
---
name: Config NPM
description: GitHub Action to configure NPM build environment with build number, authentication, and default settings
inputs:
working-directory:
description: Relative path under github.workspace to execute the build in
default: .
artifactory-reader-role:
description: Suffix for the Artifactory reader role in Vault. Defaults to `private-reader` for private repositories, and `public-reader`
for public repositories.
default: ''
cache-npm:
description: Whether to cache NPM dependencies
default: 'true'
repox-url:
description: URL for Repox
default: https://repox.jfrog.io
repox-artifactory-url:
description: URL for Repox Artifactory API (overrides repox-url/artifactory if provided)
default: ''
host-actions-root:
description: Path to the actions folder on the host (used when called from another local action)
default: ''
outputs:
BUILD_NUMBER:
description: The current build number. Also set as environment variable BUILD_NUMBER.
value: ${{ steps.get_build_number.outputs.BUILD_NUMBER }}
current-version:
description: The project version set in package.json (before replacement). Also set as environment variable CURRENT_VERSION.
value: ${{ steps.set_version.outputs.current-version }}
project-version:
description: The project version with build number (after replacement). Also set as environment variable PROJECT_VERSION.
value: ${{ steps.set_version.outputs.project-version }}
runs:
using: composite
steps:
- id: setup
shell: bash
env:
ARTIFACTORY_READER_ROLE: ${{ inputs.artifactory-reader-role != '' && inputs.artifactory-reader-role ||
(github.event.repository.visibility == 'public' && 'public-reader' || 'private-reader') }}
run: |
echo "::group::Fix for using local actions"
echo "GITHUB_ACTION_PATH=$GITHUB_ACTION_PATH"
echo "github.action_path=${{ github.action_path }}"
ACTION_PATH_CONFIG_NPM="${{ github.action_path }}"
host_actions_root="${{ inputs.host-actions-root }}"
if [ -z "$host_actions_root" ]; then
host_actions_root="$(dirname "$ACTION_PATH_CONFIG_NPM")"
else
ACTION_PATH_CONFIG_NPM="$host_actions_root/config-npm"
fi
echo "ACTION_PATH_CONFIG_NPM=$ACTION_PATH_CONFIG_NPM"
echo "ACTION_PATH_CONFIG_NPM=$ACTION_PATH_CONFIG_NPM" >> "$GITHUB_ENV"
echo "host_actions_root=$host_actions_root" >> "$GITHUB_OUTPUT"
mkdir -p ".actions"
ln -sf "$host_actions_root/get-build-number" .actions/get-build-number
ln -sf "$host_actions_root/shared" .actions/shared
ls -la .actions/*
echo "::endgroup::"
echo "::group::Backup mise files to configure NPM without interference"
mise_backup=$(mktemp -d)
echo "MISE_BACKUP=$mise_backup" >> "$GITHUB_OUTPUT"
mv mise.* .mise.* mise/ .mise/ .tool-versions "$mise_backup/" 2>/dev/null || true
cp "$ACTION_PATH_CONFIG_NPM/mise.local.toml" mise.local.toml
echo "::endgroup::"
echo "ARTIFACTORY_READER_ROLE=${ARTIFACTORY_READER_ROLE}" >> "$GITHUB_ENV"
- uses: jdx/mise-action@6d1e696aa24c1aa1bcc1adea0212707c71ab78a8 # v3.6.1
with:
version: 2026.1.0
- uses: SonarSource/vault-action-wrapper@545e7cfbb5528e7009a1edcc83e073898d292627 # 3.2.0
id: secrets
with:
secrets: |
development/artifactory/token/{REPO_OWNER_NAME_DASH}-${{ env.ARTIFACTORY_READER_ROLE }} username | ARTIFACTORY_USERNAME;
development/artifactory/token/{REPO_OWNER_NAME_DASH}-${{ env.ARTIFACTORY_READER_ROLE }} access_token | ARTIFACTORY_ACCESS_TOKEN;
- name: Configure NPM authentication
shell: bash
env:
ARTIFACTORY_URL: ${{ inputs.repox-artifactory-url != '' && inputs.repox-artifactory-url ||
format('{0}/artifactory', inputs.repox-url) }}
ARTIFACTORY_ACCESS_TOKEN: ${{ fromJSON(steps.secrets.outputs.vault).ARTIFACTORY_ACCESS_TOKEN }}
run: |
$ACTION_PATH_CONFIG_NPM/npm_config.sh
echo "::group::Restore mise files"
rm mise.local.toml
mv "${{ steps.setup.outputs.MISE_BACKUP }}"/* "${{ steps.setup.outputs.MISE_BACKUP }}"/.* ./ 2>/dev/null || true
rmdir "${{ steps.setup.outputs.MISE_BACKUP }}"
echo "::endgroup::"
- name: Cache NPM dependencies
uses: SonarSource/gh-action_cache@v1.2.1
if: ${{ inputs.cache-npm == 'true' }}
with:
path: ~/.npm
key: npm-${{ runner.os }}-${{ github.workflow }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: npm-${{ runner.os }}-${{ github.workflow }}-
- name: Check for package.json
id: check_package_json
shell: bash
working-directory: ${{ inputs.working-directory }}
run: |
if [[ -f "package.json" ]]; then
echo "exists=true" >> "$GITHUB_OUTPUT"
else
echo "No package.json file. Skipping project version update."
echo "exists=false" >> "$GITHUB_OUTPUT"
fi
- uses: ./.actions/get-build-number
id: get_build_number
with:
host-actions-root: ${{ steps.setup.outputs.host_actions_root }}
- name: Update project version and set current-version and project-version variables
id: set_version
if: ${{ steps.check_package_json.outputs.exists == 'true' }}
shell: bash
env:
DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
working-directory: ${{ inputs.working-directory }}
run: $ACTION_PATH_CONFIG_NPM/npm_set_project_version.sh