moved token to be the app token #19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish package to GitHub Packages | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
env: | |
IMAGE_NAME: action | |
REGISTRY: ghcr.io | |
jobs: | |
test-image: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/[email protected] | |
- name: Check that the image builds | |
run: docker build . --file Dockerfile | |
validate-action: | |
runs-on: ubuntu-latest | |
if: github.event_name == 'pull_request' | |
steps: | |
- uses: actions/[email protected] | |
# This checks that .github/workflows/review-bot.yml is pointing towards the main branch | |
# as, during development, we change this to use the code from the test branch and | |
# we may forget to set it back to main | |
- name: Validate that action points to main branch | |
run: | | |
BRANCH=$(yq '.jobs.review-approvals.steps[2].uses' $FILE_NAME | cut -d "@" -f2) | |
# If the branch is not the main branch | |
if [ "$BRANCH" != "$GITHUB_BASE_REF" ]; then | |
echo "Action points to $BRANCH. It has to point to $GITHUB_BASE_REF instead!" | |
exit 1 | |
else | |
echo "Action is correctly pointing to $GITHUB_BASE_REF" | |
fi | |
env: | |
FILE_NAME: ".github/workflows/review-bot.yml" | |
compare-versions: | |
runs-on: ubuntu-latest | |
outputs: | |
version: ${{ steps.verification.outputs.VERSION }} | |
exists: ${{ steps.checkTag.outputs.exists }} | |
steps: | |
- uses: actions/[email protected] | |
- name: Extract package.json version | |
id: package_version | |
run: echo "VERSION=$(jq '.version' -r package.json)" >> $GITHUB_OUTPUT | |
# Compare that the versions contain the same name | |
- name: Compare versions | |
id: verification | |
uses: Bullrich/compare-version-on-action@main | |
with: | |
version: ${{ steps.package_version.outputs.VERSION }} | |
# Verifies if there is a tag with that version number | |
- uses: mukunku/[email protected] | |
if: steps.verification.outputs.VERSION | |
id: checkTag | |
with: | |
tag: v${{ steps.package_version.outputs.VERSION }} | |
publish: | |
if: github.event_name == 'push' && needs.compare-versions.outputs.exists == 'false' | |
needs: [test-image, compare-versions] | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
packages: write | |
steps: | |
- uses: actions/[email protected] | |
- name: Tag version and create release | |
run: gh release create $VERSION --generate-notes | |
env: | |
VERSION: v${{ needs.compare-versions.outputs.version }} | |
GH_TOKEN: ${{ github.token }} | |
- name: Log in to the Container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }} | |
tags: ${{ needs.compare-versions.outputs.version }} | |
- uses: actions/checkout@v3 | |
- name: Build and push Docker image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} |