chore: fix dependabot alerts #667
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests | |
name: Build | |
on: | |
push: | |
branches: [ "main" ] | |
pull_request: | |
branches: [ "main" ] | |
release: | |
types: | |
- published | |
permissions: | |
contents: write | |
jobs: | |
build-and-test: | |
name: Build zui | |
env: | |
CI: "" | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
node-version: [20.x] | |
# See supported Node.js release schedule at https://nodejs.org/en/about/releases/ | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 2 | |
- name: Set up Node.js ${{ matrix.node-version }} | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'npm' | |
- name: Install dependencies | |
run: npm install | |
- name: Build app | |
run: npm run build | |
- name: Package app | |
run: tar -czvf /tmp/zui.tgz ./build | |
- name: Publish artifacts on releases | |
if: github.event_name == 'release' && github.event.action == 'published' | |
uses: svenstaro/upload-release-action@v2 | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: /tmp/zui.tgz | |
tag: ${{ github.ref }} | |
overwrite: true | |
- name: Generate commit sha | |
if: github.ref_name == 'main' | |
uses: benjlevesque/[email protected] | |
# This creates and environment variable SHA containing the short commit ID | |
- name: Create new tag for builds on main branch | |
if: github.ref_name == 'main' | |
uses: mathieudutour/[email protected] | |
with: | |
custom_tag: commit-${{ env.SHA }} | |
tag_prefix: "" | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Publish artifact for builds on main branch | |
if: github.ref_name == 'main' | |
uses: svenstaro/upload-release-action@v2 | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: /tmp/zui.tgz | |
tag: commit-${{ env.SHA }} | |
prerelease: true # Mark as prerelease and avoid triggering another workflow for the new tag | |
overwrite: true |