Skip to content

Commit

Permalink
fix: add provenance
Browse files Browse the repository at this point in the history
  • Loading branch information
stipsan committed Aug 23, 2023
1 parent 99c2059 commit 27ff7a8
Show file tree
Hide file tree
Showing 3 changed files with 80 additions and 8 deletions.
41 changes: 41 additions & 0 deletions .github/workflows/format-if-needed.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
---
name: Auto format

on:
push:
branches: [main]

concurrency:
group: ${{ github.workflow }}
cancel-in-progress: true

permissions:
contents: read # for checkout

jobs:
run:
name: Can the code be formatted? 🤔
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: lts/*
- run: corepack enable && pnpm --version
- run: pnpm install --ignore-scripts
- run: pnpm format
- run: git restore .github/workflows
- uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 # v1
id: generate-token
with:
app_id: ${{ secrets.ECOSCRIPT_APP_ID }}
private_key: ${{ secrets.ECOSCRIPT_APP_PRIVATE_KEY }}
- uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5
with:
author: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
body: I ran `pnpm format` 🧑‍💻
branch: actions/format
commit-message: 'chore(format): 🤖 ✨'
labels: 🤖 bot
title: 'chore(format): 🤖 ✨'
token: ${{ steps.generate-token.outputs.token }}
44 changes: 37 additions & 7 deletions .github/workflows/test.yml → .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,18 +8,39 @@ on:
- beta
- main

concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true

permissions:
contents: read # for checkout

jobs:
build:
runs-on: ubuntu-latest
name: Lint & Build
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: lts/*
- run: corepack enable && pnpm --version
- run: pnpm install
- run: pnpm type-check
- run: pnpm lint
- run: pnpm build

test:
runs-on: ${{ matrix.platform }}
name: Node.js ${{ matrix.node-version }} / ${{ matrix.platform }}
strategy:
fail-fast: false
matrix:
platform: [ubuntu-latest]
node-version: [lts/*, current]
platform: [macos-latest, ubuntu-latest, windows-latest]
node-version: [lts/*]
include:
- platform: macos-latest
node-version: lts/*
- platform: ubuntu-latest
node-version: current
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
Expand All @@ -28,11 +49,15 @@ jobs:
- run: corepack enable && pnpm --version
- run: pnpm install
- run: pnpm test
- run: pnpm lint

release:
permissions:
contents: write # to be able to publish a GitHub release
issues: write # to be able to comment on released issues
pull-requests: write # to be able to comment on released pull requests
id-token: write # to enable use of OIDC for npm provenance
name: 'Semantic release'
needs: test
needs: [build, test]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Expand All @@ -53,8 +78,13 @@ jobs:
# Build docs
- run: npm run docs:build
# Deploy docs
- uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 # v1
id: generate-token
with:
app_id: ${{ secrets.ECOSCRIPT_APP_ID }}
private_key: ${{ secrets.ECOSCRIPT_APP_PRIVATE_KEY }}
- uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3
if: ${{ github.ref == 'refs/heads/main' }}
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.generate-token.outputs.token }}
publish_dir: ./docs
3 changes: 2 additions & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,7 @@
"node": "^14.13.1 || >=16.0.0"
},
"publishConfig": {
"access": "public"
"access": "public",
"provenance": true
}
}

0 comments on commit 27ff7a8

Please sign in to comment.