11name : CI
22
33on :
4- push :
5- branches :
6- - ' master'
74 pull_request :
85 branches :
96 - ' *'
@@ -12,176 +9,59 @@ concurrency:
129 group : ${{ github.workflow }}-${{ github.ref }}
1310 cancel-in-progress : true
1411
15- jobs :
16- set-environment :
17- runs-on : ubuntu-latest
18- permissions :
19- contents : read
20- outputs :
21- environment : ${{ steps.set-environment.outputs.environment }}
22- steps :
23- - name : Set Environment
24- id : set-environment
25- uses : actions/github-script@v7
26- with :
27- script : |
28- const isPush = context.eventName === 'push'
29- const isMain = context.ref === 'refs/heads/master'
30-
31- let environment = 'preview'
32-
33- if (isPush && isMain) {
34- environment = 'production'
35- }
36-
37- console.log(`Environment resolved to "${environment}".`)
38- core.setOutput('environment', environment)
12+ permissions :
13+ contents : read
3914
40- checks :
15+ jobs :
16+ commitlint :
17+ name : commitlint
4118 runs-on : ubuntu-latest
42- permissions :
43- contents : read
44- needs : [set-environment]
45- strategy :
46- fail-fast : false
47- matrix :
48- include :
49- - name : Run tests
50- command : test
51- - name : Lint code
52- command : check:lint
53- - name : Check types
54- command : check:types
55- - name : Check formatting
56- command : check:format
5719 steps :
5820 - name : Checkout code
59- uses : actions/checkout@v4
60-
61- - name : Install pnpm
62- uses : pnpm/action-setup@v4
63-
64- - name : Set up Node
65- uses : actions/setup-node@v4
21+ uses : actions/checkout@v6
6622 with :
67- node-version : ' lts/*'
68- cache : ' pnpm'
69-
70- - name : Install dependencies
71- run : |
72- pnpm install --frozen-lockfile
73-
74- name : ${{ matrix.name }}
75- run : |
76- pnpm run ${{ matrix.command }}
77-
78- build :
79- needs : [set-environment, checks]
80- permissions :
81- contents : read
82- runs-on : ubuntu-latest
83- if : ${{ needs.set-environment.outputs.environment == 'production' }}
84- environment :
85- name : ${{ needs.set-environment.outputs.environment }}
86- outputs :
87- artifact-name : ${{ steps.set-artifact-name.outputs.artifact-name }}
88- build-output-pathname : ${{ steps.set-build-output-pathname.outputs.build-output-pathname }}
89- steps :
90- - name : Checkout code
91- uses : actions/checkout@v4
23+ fetch-depth : 0
9224
9325 - name : Install pnpm
94- uses : pnpm/action-setup@v4
26+ uses : pnpm/action-setup@v6
9527
9628 - name : Set up Node
9729 uses : actions/setup-node@v6
9830 with :
99- node-version : ' lts/*'
100- cache : ' pnpm'
31+ node-version : ' 26'
10132
10233 - name : Install dependencies
103- run : |
104- pnpm install --frozen-lockfile
105-
106- name : Set artifact name
107- id : set-artifact-name
108- uses : actions/github-script@v7
109- with :
110- script : |
111- const shortSha = context.sha.substring(0, 7)
112- const artifactName = `build-${shortSha}`
34+ run : pnpm install --frozen-lockfile
11335
114- core.setOutput('artifact-name', artifactName)
36+ - name : Lint commit messages
37+ run : pnpm dlx commitlint --from ${{ github.event.pull_request.base.sha }} --to ${{ github.event.pull_request.head.sha }} --verbose
11538
116- name : Build
117- run : |
118- pnpm run build
119-
120- name : Set build output pathname
121- id : set-build-output-pathname
122- uses : actions/github-script@v7
123- with :
124- script : |
125- const buildOutputPathname = 'dist'
126- core.setOutput('build-output-pathname', buildOutputPathname)
127-
128- name : Upload artifact
129- uses : actions/upload-artifact@v4
130- with :
131- name : ${{ steps.set-artifact-name.outputs.artifact-name }}
132- path : ${{ github.workspace }}/${{ steps.set-build-output-pathname.outputs.build-output-pathname }}/
133-
134- release :
135- needs : [set-environment, checks, build]
39+ changeset :
40+ name : changeset
13641 runs-on : ubuntu-latest
137- if : ${{ needs.set-environment.outputs.environment == 'production' }}
138- environment :
139- name : ${{ needs.set-environment.outputs.environment }}
140- permissions :
141- id-token : write # To enable use of OIDC for npm provenance.
142- contents : write # To be able to publish a GitHub release.
143- issues : write # To be able to comment on released issues.
144- pull-requests : write # To be able to comment on released pull requests.
42+ if : github.actor != 'dependabot[bot]'
14543 steps :
14644 - name : Checkout code
147- uses : actions/checkout@v4
45+ uses : actions/checkout@v6
14846 with :
14947 fetch-depth : 0
150- ssh-key : ' ${{ secrets.DEPLOY_KEY }}'
15148
15249 - name : Install pnpm
153- uses : pnpm/action-setup@v4
50+ uses : pnpm/action-setup@v6
15451
15552 - name : Set up Node
15653 uses : actions/setup-node@v6
15754 with :
158- node-version : ' lts/*'
159- cache : ' pnpm'
55+ node-version : ' 26'
16056
16157 - name : Install dependencies
162- run : |
163- pnpm install --frozen-lockfile
164-
165- name : Download build artifacts
166- uses : actions/download-artifact@v4
167- with :
168- name : ${{ needs.build.outputs.artifact-name }}
169- path : ${{ github.workspace }}/${{ needs.build.outputs.build-output-pathname }}
58+ run : pnpm install --frozen-lockfile
17059
171- - name : Update npm
172- run : |
173- npm install --global npm@latest
60+ - name : Fetch base branch
61+ run : git fetch origin ${{ github.event.pull_request.base.ref }} --depth=1
17462
175- name : Verify npm package signatures
176- run : |
177- npm audit signatures
63+ - name : Verify changeset exists
64+ run : pnpm exec changeset status --since=origin/${{ github.event.pull_request.base.ref }}
17865
179- name : Create a release
180- env :
181- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
182- GIT_AUTHOR_NAME : ' github-actions[bot]'
183- GIT_COMMITTER_NAME : ' github-actions[bot]'
184- GIT_AUTHOR_EMAIL : ' 41898282+github-actions[bot]@users.noreply.github.com'
185- GIT_COMMITTER_EMAIL : ' 41898282+github-actions[bot]@users.noreply.github.com'
186- run : |
187- pnpm exec -- semantic-release --repository-url "git@github.com:${{ github.repository }}.git"
66+ checks :
67+ uses : ./.github/workflows/_checks.yaml
0 commit comments