rsk-cli/.github/workflows/main.yml at fcea88138033fd7fee60f07b2122b8ac2d7f0e8f · rsksmart/rsk-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Deploy library on NPM

on:
  release:
    types: [published]

# Declare default permissions as read only.
permissions: read-all

jobs:
  publish:
    permissions:
      id-token: write
      contents: read

    runs-on: ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: "Check file existence"
        id: check_files
        uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
        with:
          files: "package.json, README.md"

      - name: File exists
        if: steps.check_files.outputs.files_exists != 'true'
        # Only runs if all of the files exists
        run: exit 1

      - name: Get package.json package name and match with repository name
        run: |
          echo PACKAGE_NAME=$(cat package.json | jq -r .name | cut -f2 -d"\"" | cut -f2 -d"@") >> $GITHUB_OUTPUT
          echo PACKAGE_VERSION="refs/tags/v"$(cat package.json | jq -r .version) >> $GITHUB_OUTPUT
          echo PACKAGE_REPOSITORY=$(cat package.json | jq -r .repository.url | sed 's/\+https//') >> $GITHUB_OUTPUT
        id: get_package_info

      - name: Print outputs for debugging
        run: |
          echo "GitHub Repository: ${{ github.repository }}"
          echo "Package Name: ${{ steps.get_package_info.outputs.PACKAGE_NAME }}"
          echo "Github Tag: ${{ github.ref }}"
          echo "Package Version: ${{ steps.get_package_info.outputs.PACKAGE_VERSION }}"
          echo "GitHub Repository URL: ${{ github.repositoryUrl }}"
          echo "Package Repository: ${{ steps.get_package_info.outputs.PACKAGE_REPOSITORY }}"

      - name: Check if package_name matches with repository name
        if: github.repository != steps.get_package_info.outputs.PACKAGE_NAME
        # Fail if package name not properly configured
        run: exit 1

      - name: Check if package version matches with tag
        if: github.ref != steps.get_package_info.outputs.PACKAGE_VERSION
        # Fail if package version not properly setted
        run: exit 1

      - name: Check if package repository matches with repository
        if: github.repositoryUrl != steps.get_package_info.outputs.PACKAGE_REPOSITORY
        # Fail if package repository doesn't match with repository
        run: exit 1

      - name: Setup Node.js
        uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 #v6.0.0
        with:
          node-version: 20
          registry-url: https://registry.npmjs.org

      - name: Clean install dependencies
        run: |
          rm -rf dist
          npm ci

      - name: Update npm
        run: npm install -g npm@latest

      - name: Build
        run: npm run build

      - name: Pre upload validation
        id: pack
        run: |
          rm -f *.tgz
          PRE_UPLOAD_HASH=$(npm pack --dry-run 2>&1 | grep 'shasum:' | awk '{print $NF}')
          echo "PRE_UPLOAD_HASH=$PRE_UPLOAD_HASH" >> $GITHUB_OUTPUT
          echo "PRE_UPLOAD_HASH: $PRE_UPLOAD_HASH"

      - name: Check if version is already published
        run: |
          PACKAGE_NAME=$(cat package.json | jq -r .name)
          PACKAGE_VERSION=$(cat package.json | jq -r .version)

          if npm view $PACKAGE_NAME@$PACKAGE_VERSION > /dev/null 2>&1; then
            echo "Version $PACKAGE_VERSION of $PACKAGE_NAME is already published."
            exit 0
          fi

          echo "Version $PACKAGE_VERSION of $PACKAGE_NAME is not published. Proceeding with publishing..."

      - name: Upload package
        run: npm publish

      - name: Post upload validation
        id: unpack
        run: |
          # Get the package name and version
          PACKAGE_NAME=$(cat package.json | jq -r .name)
          PACKAGE_VERSION=$(cat package.json | jq -r .version)
          FULL_PACKAGE_NAME="${PACKAGE_NAME}@${PACKAGE_VERSION}"

          # Wait for package propagation
          echo "Waiting for package propagation..."
          sleep 15

          # Fetch the shasum from npm
          POST_UPLOAD_HASH=$(npm view $FULL_PACKAGE_NAME dist.shasum)
          echo "POST_UPLOAD_HASH=$POST_UPLOAD_HASH" >> $GITHUB_OUTPUT
          echo "POST_UPLOAD_HASH: $POST_UPLOAD_HASH"

      - name: Pre and Post Upload validation
        run: |
          echo "Comparing hashes..."
          echo "PRE_UPLOAD_HASH: '${{ steps.pack.outputs.PRE_UPLOAD_HASH }}'"
          echo "POST_UPLOAD_HASH: '${{ steps.unpack.outputs.POST_UPLOAD_HASH }}'"

          if [ "${{ steps.pack.outputs.PRE_UPLOAD_HASH }}" != "${{ steps.unpack.outputs.POST_UPLOAD_HASH }}" ]; then
            echo "Hash mismatch detected!"
            exit 1
          fi
          echo "Hashes match successfully!"