Skip to content

Release

Release #1821

Workflow file for this run

name: Release
# Secure execution of continuous integration jobs
# which are performed upon completion of the
# "Continuous Integration" workflow
# https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
on:
workflow_run:
workflows: ['Continuous Integration']
types: [completed]
branches: [master]
workflow_dispatch: {}
permissions:
packages: write
concurrency: release
jobs:
release:
runs-on: ubuntu-latest
if: >
(github.event.workflow_run.event == 'push' &&
github.event.workflow_run.conclusion == 'success' &&
github.event.workflow_run.head_sha == github.sha &&
(
startsWith(github.event.workflow_run.head_commit.message, 'docs') ||
startsWith(github.event.workflow_run.head_commit.message, 'feat') ||
startsWith(github.event.workflow_run.head_commit.message, 'fix') ||
startsWith(github.event.workflow_run.head_commit.message, 'refactor')
)) || github.event_name == 'workflow_dispatch'
env:
IMAGE_REPO: ghcr.io/${{ github.repository }}/storybook
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v1
with:
app_id: ${{ secrets.RELEASE_APP_ID }}
private_key: ${{ secrets.RELEASE_APP_PEM }}
- uses: actions/checkout@v3
with:
token: ${{ steps.generate_token.outputs.token }}
fetch-depth: 0
- uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
cache: 'yarn'
registry-url: 'https://registry.npmjs.org'
scope: sbb-esta
- run: yarn install --frozen-lockfile --non-interactive
- name: Run build
run: yarn build:chromatic-stories && yarn build
- name: Bundle stories
run: node ./ci/bundleStories.js
- name: 'Release: Set git user'
run: |
git config --global user.name 'github-actions'
git config --global user.email '[email protected]'
- name: 'Release: Create release with standard-version'
run: yarn standard-version
- name: 'Release: Read new version'
id: version
run: echo "value=$(jq --raw-output .version ./package.json)" >> $GITHUB_OUTPUT
- name: 'Release: Push release to repository'
run: git push --follow-tags origin master
- name: 'Release: Determine npm tag'
id: npm_tag
run: echo "npm_tag=$([[ "${{ steps.version.outputs.value }}" == *"-"* ]] && echo "next" || echo "latest")" >> $GITHUB_OUTPUT
- name: 'Release: Publish @sbb-esta/lyne-components'
run: yarn publish --tag ${{ steps.npm_tag.outputs.npm_tag }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: 'Release: Assign current dependency version'
uses: actions/github-script@v6
with:
script: |
const fs = require('fs');
const path = `${process.env.GITHUB_WORKSPACE}/react-library/package.json`;
const pkgJson = fs.readFileSync(path, 'utf8');
fs.writeFileSync(path, pkgJson.replace(/0.0.0-PLACEHOLDER/g, '${{ steps.version.outputs.value }}'), 'utf8');
- name: 'Release: Publish @sbb-esta/lyne-components-react'
run: yarn publish react-library --tag ${{ steps.npm_tag.outputs.npm_tag }}
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Create versioned storybook for chromatic
run: STORYBOOK_COMPONENTS_VERSION=${{ steps.version.outputs.value }} yarn build:storybook
# Send storybook to chromatic. These snapshots should be accepted as new
# baseline in storybook.
- name: Publish to Chromatic
uses: chromaui/action@v1
with:
projectToken: ${{ secrets.CHROMATIC_TOKEN }}
storybookBuildDir: storybook-static
autoAcceptChanges: true
exitZeroOnChanges: true
- name: Remove chromatic stories
run: cd src && git clean -f -X
- name: Create versioned storybook for image
run: STORYBOOK_COMPONENTS_VERSION=${{ steps.version.outputs.value }} yarn build:storybook
- name: Remove files with forbidden extensions
run: node ./ci/clean-storybook-files.js
- name: 'Container: Login to GitHub Container Repository'
run: echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io --username ${{ github.actor }} --password-stdin
- name: 'Container: Build image'
run: docker build -t $IMAGE_REPO:${{ steps.version.outputs.value }} -t $IMAGE_REPO:latest .
env:
DOCKER_BUILDKIT: 1
- name: 'Container: Publish image'
run: docker push $IMAGE_REPO:${{ steps.version.outputs.value }}
- name: 'Container: Publish image as latest'
run: docker push $IMAGE_REPO:latest