Skip to content

Always use the latest conda-store unless a version is provided (#448) #97

Always use the latest conda-store unless a version is provided (#448)

Always use the latest conda-store unless a version is provided (#448) #97

Workflow file for this run

name: "Build and maybe release conda-store-ui"
on:
release:
types: [published]
push:
branches: [main]
tags: ["*"]
pull_request:
branches:
- main
workflow_dispatch:
env:
FORCE_COLOR: "1"
PACKAGE_FILE: "conda-store-ui.tgz"
jobs:
# always build and verify
build-application:
name: "Build conda-store-ui"
runs-on: ubuntu-latest
steps:
- name: "Checkout repository 🛎"
uses: actions/checkout@v4
- name: "Set Yarn to correct version 📌"
run: corepack enable
# Setup .npmrc file to publish to npm
- name: "Set up Node.js 🧶"
uses: actions/setup-node@v4
with:
node-version: "22.x"
registry-url: "https://registry.npmjs.org"
scope: "@conda-store-ui"
cache: "yarn"
- name: "Install dependencies 📦"
run: yarn
- name: "Lint code 🔍"
run: yarn eslint:check
- name: "Build source code (library) 🏗"
run: yarn run build
- name: "Build source code (web app) 🏗"
# ensure we use the prod target to minimise assets
run: yarn run webpack:prod bundle
- name: "Generate package tarball 📦"
run: yarn pack --filename ${{ env.PACKAGE_FILE }}
- name: "Upload package tarball 📤"
uses: actions/upload-artifact@v4
with:
name: conda-store-ui-package
path: ${{ env.PACKAGE_FILE }}
verify-build:
name: "Verify conda-store-ui build"
runs-on: ubuntu-latest
needs: build-application
steps:
- name: "Checkout repository 🛎"
uses: actions/checkout@v4
- name: "Download build artefacts 📦"
uses: actions/download-artifact@v4
with:
name: conda-store-ui-package
# (setup-node workaround https://github.com/actions/setup-node/issues/763) otherwise the authentication fails for npmjs
- name: "Set npmjs scope"
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |
npm config delete @conda-store-ui:registry --location project
npm config set @conda-store-ui:registry 'https://registry.npmjs.org' --location project
npm config set //registry.npmjs.org/:_authToken '${NODE_AUTH_TOKEN}' --location project
- name: "Check publish (dry run) 📤"
run: |
echo "Publishing dry run..."
npm publish --verbose --access public ${{ env.PACKAGE_FILE }} --dry-run
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
release-to-npmjs:
name: "Release conda-store-ui to npmjs 📦"
runs-on: ubuntu-latest
needs:
- build-application
- verify-build
if: github.repository_owner == 'conda-incubator' && github.event_name == 'release' && startsWith(github.ref, 'refs/tags/')
# needed for attestations
permissions:
id-token: write
attestations: write
contents: read
steps:
- name: "Checkout repository 🛎"
uses: actions/checkout@v4
# Set registry in .npmrc and set up auth to read in from
# env.NODE_AUTH_TOKEN.
- name: "Set up Node.js 🧶"
uses: actions/setup-node@v4
with:
node-version: "20.x"
registry-url: "https://registry.npmjs.org"
scope: "@conda-store-ui"
- name: "Download build artefacts 📦"
uses: actions/download-artifact@v4
with:
name: conda-store-ui-package
# Create an attestation with GitHub to track build provenance
# More info: https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds
- name: "Attest Build Provenance ✨"
uses: actions/attest-build-provenance@v1
if: github.repository_owner == 'conda-incubator' && github.event_name == 'release' && startsWith(github.ref, 'refs/tags/')
with:
subject-path: ${{ env.PACKAGE_FILE }}
# (setup-node workaround https://github.com/actions/setup-node/issues/763) otherwise the authentication fails for npmjs
- name: "Set npmjs scope"
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |
npm config delete @conda-store-ui:registry --location project
npm config set @conda-store-ui:registry 'https://registry.npmjs.org' --location project
npm config set //registry.npmjs.org/:_authToken '${NODE_AUTH_TOKEN}' --location project
- name: "Check npmjs/conda-store-ui scope"
run: npm show
- name: "Publish to npm 📤"
run: |
npm publish --verbose --access public ${{ env.PACKAGE_FILE }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}