-
Notifications
You must be signed in to change notification settings - Fork 135
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add npm builder workflow (#881)
* Add workflow for npm builder * update privacy-check * update * update * update * update * yaml lint * update * update * linter
- Loading branch information
1 parent
fad5583
commit c504038
Showing
4 changed files
with
454 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| name: "Checkout a repository for a Node project" | ||
| description: "Checkout and setup the environment for a Node project" | ||
| inputs: | ||
| repository: | ||
| description: "Repository name with owner." | ||
| required: false | ||
| # Same default as https://github.com/actions/checkout/blob/main/action.yml#L6. | ||
| default: ${{ github.repository }} | ||
| ref: | ||
| # Note: the logic is fairly involved https://github.com/actions/checkout/blob/main/src/ref-helper.ts, | ||
| # so we do not attempt to resolve it ourselves or provide a default value. We let the official `actions/checkout` | ||
| # do it for us. | ||
| description: "The branch, tag or SHA to checkout." | ||
| required: false | ||
| token: | ||
| description: "The token to use." | ||
| required: false | ||
| # Same default as https://github.com/actions/checkout/blob/main/action.yml#L24. | ||
| default: ${{ github.token }} | ||
| node-version: | ||
| description: "The Node version to use, as expected by https://github.com/actions/setup-node." | ||
| required: true | ||
|
|
||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| # Note: we could use a single block: | ||
| # `uses: actions/checkout | ||
| # with: | ||
| # ref: "${{ inputs.ref }}"` | ||
| # and it would work, because the ref field does not have a default | ||
| # value set https://github.com/actions/checkout/blob/main/action.yml#L7-L11. | ||
| # However, if this were to change in the future, we'd be setting an empty value | ||
| # when the developer has not defined it; and it would overwrite the default value | ||
| # set by the `actions/checkout`. Even if it is highly unlikely the `actions/checkout` team | ||
| # will set a default value in the future, we want to be sure it does not affect us if they do. | ||
| # This is why we use 2 blocks to call the `actions/checkout`: | ||
| # 1. if inputs.ref != '' | ||
| # 2. if inputs.ref == '' | ||
| - name: Checkout the repository with user ref | ||
| if: inputs.ref != '' | ||
| uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2 | ||
| with: | ||
| fetch-depth: 1 | ||
| persist-credentials: false | ||
| repository: "${{ inputs.repository }}" | ||
| ref: "${{ inputs.ref }}" | ||
| token: "${{ inputs.token }}" | ||
|
|
||
| - name: Checkout the repository with default ref | ||
| if: inputs.ref == '' | ||
| uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2 | ||
| with: | ||
| fetch-depth: 1 | ||
| persist-credentials: false | ||
| repository: "${{ inputs.repository }}" | ||
| token: "${{ inputs.token }}" | ||
|
|
||
| - name: Verify checkout | ||
| uses: slsa-framework/slsa-github-generator/.github/actions/verify-checkout@e3220805577deb9d193f64e519abcb3b50851df5 | ||
|
|
||
| - name: Set up Node environment | ||
| uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # tag=v3.4.1 | ||
| with: | ||
| node-version: "${{ inputs.node-version }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.