Skip to content

TSP-412 Minor improvements #209

TSP-412 Minor improvements

TSP-412 Minor improvements #209

Workflow file for this run

name: Pull Request
on:
pull_request:
types:
- opened
- reopened
- synchronize
- closed
push:
tags:
- "*"
jobs:
style:
name: style
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Tool Versions
run: npx prettier --version
- name: Checkout
uses: actions/checkout@v4
- name: run prettier
run: npx prettier --list-different
lint:
name: lint
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Tool Versions
run: npx eslint --version
- name: Checkout
uses: actions/checkout@v4
- name: Install dependencies
run: |
echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > .npmrc
npm install
- name: Run eslint
run: 'npx eslint --rule "{ prettier/prettier: off }" src'
sbom:
name: Generate CycloneDX
# Temporarily skip this step because the cyclonedx package is has a vulnerability
# https://github.com/CycloneDX/cyclonedx-node-npm/issues/1224
if: false
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Tools
run: |
echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > .npmrc
npm ci --devDependencies
- name: Generate NPM BOM
run: npx @cyclonedx/cyclonedx-npm --output-format JSON --package-lock-only --output-reproducible --output-file npm.cdx.json
- name: Upload Results
uses: actions/upload-artifact@v4
with:
name: software-bom
path: |
**/*.cdx.json
test:
name: test
runs-on: ubuntu-latest
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Tool Versions
run: npx prettier --version
- name: Checkout
uses: actions/checkout@v4
- name: Install dependencies
run: |
echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > .npmrc
npm install
- name: Run Tests with Coverage
run: npx nyc --nycrc-path=.nycrc.json npm run test-ci
- name: Generate Coverage Reports
run: npx nyc report --reporter=cobertura --reporter=text
compile:
name: Build and Package
strategy:
matrix:
include:
- runner: ubuntu-latest
triple: x86_64-unknown-linux-gnu
vscode-platform: linux-x64
os: linux
arch: x64
- runner: windows-latest
triple: x86_64-pc-windows-msvc
vscode-platform: win32-x64
os: win32
arch: x64
- runner: macos-latest
triple: aarch64-apple-darwin
vscode-platform: darwin-arm64
os: darwin
arch: arm64
runs-on: ${{matrix.runner}}
steps:
- name: Tool Versions
run: |
npm --version
- name: Checkout
uses: actions/checkout@v4
- name: Install dependencies
run: |
echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > .npmrc
npm install
- name: Build
run: npm run compile
- name: npm Package
run: |
npx vsce package --target ${{matrix.vscode-platform}}
- name: Upload Artifacts
uses: actions/upload-artifact@v4
with:
name: package-${{matrix.vscode-platform}}
path: "*.vsix"
scan:
name: AV Scan
runs-on: ubuntu-latest
strategy:
matrix:
include:
- runner: ubuntu-latest
triple: x86_64-unknown-linux-gnu
vscode-platform: linux-x64
os: linux
arch: x64
- runner: windows-latest
triple: x86_64-pc-windows-msvc
vscode-platform: win32-x64
os: win32
arch: x64
- runner: macos-latest
triple: aarch64-apple-darwin
vscode-platform: darwin-arm64
os: darwin
arch: arm64
needs:
- compile
container:
image: ghcr.io/tektronix/tsp-toolkit-build:latest
credentials:
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
steps:
- name: Get Artifacts
uses: actions/download-artifact@v4
with:
name: package-${{matrix.vscode-platform}}
path: extension
- name: Update ClamAV
run: freshclam
- name: Tool Versions
run: |
clamscan -V
- name: Run ClamAV
run: clamscan -v extension/*.vsix
publish:
name: Publish
runs-on: ubuntu-latest
permissions:
contents: write
checks: write
pull-requests: read
packages: read
needs:
- compile
- test
#- sbom
- lint
- style
if: ${{ (endsWith(github.base_ref, 'main') && (contains(github.head_ref, 'release/')) && github.event.pull_request.merged ) }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
- name: Get Artifacts
uses: actions/download-artifact@v4
with:
pattern: package-*
merge-multiple: true
path: extension
- name: Publish to VSCode Marketplace
run: |
echo "//npm.pkg.github.com/:_authToken=${{ secrets.GITHUB_TOKEN }}" > .npmrc
# install vsce
npm install --devDependencies
for f in extension/*.vsix; do
npx vsce publish --packagePath "$f"
done
env:
VSCE_PAT: ${{secrets.VSCE_PAT}}
release:
name: Release
runs-on: ubuntu-latest
permissions:
contents: write
checks: write
pull-requests: read
needs:
- compile
- test
#- sbom
- lint
- style
if: ${{ (endsWith(github.base_ref, 'main') && (contains(github.head_ref, 'release/')) || github.event.pull_request.merged ) }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true
- name: Get RC Version
id: lasttag
run: |
COMMIT="${{github.sha}}"
if ${{contains(github.head_ref, 'release/')}}; then
V="${{github.head_ref}}"
V="${V#release/}"
else
V="$(npm pkg get version)"
echo "Extracted Version: $V"
V="$(echo v"$V" | sed 's/\"//g')"
echo "Cleaned up Version: $V"
fi
# Check to see if the version tag already exists
# If it does, print a message and exit with an error code
if [ $(git tag --list "$V") ]; then
echo "Version tag already exists. Did you bump the version number?"
exit 1
fi
# Create an RC release if
# 1) This PR is a release branch that hasn't been merged to main.
# 2) This is a feature branch being merged into the main branch.
if ${{(! github.event.pull_request.merged && contains(github.head_ref, 'release/')) || (github.event.pull_request.merged && !contains(github.head_ref, 'release/'))}}; then
V="${V}-$(git tag --list ${V}* | wc -l)"
echo "RC Version: $V"
fi
CL=${V#v}
CL=${CL%-*}
echo "version=${V}" >> $GITHUB_OUTPUT
echo "cl_version=${CL}" >> $GITHUB_OUTPUT
echo "commit=${COMMIT}" >> $GITHUB_OUTPUT
- run: 'git tag --list ${V}*'
- name: Get Artifacts
uses: actions/download-artifact@v4
with:
pattern: package-*
merge-multiple: true
path: extension
#- name: Get SBOM
# uses: actions/download-artifact@v4
# with:
# name: software-bom
# path: sbom
- name: Get Changelog for this Tag
id: changelog
uses: coditory/changelog-parser@v1
with:
version: ${{steps.lasttag.outputs.cl_version}}
- name: Create Release
uses: ncipollo/release-action@v1
with:
name: ${{steps.lasttag.outputs.version}}
#artifacts: "extension/*.vsix,sbom/**/*"
artifacts: "extension/*.vsix"
body: |
## Features Requests / Bugs
If you find issues or have a feature request, please enter a [new issue on GitHub](${{github.server_url}}/${{github.repository}}/issues/new).
## Installation
View the installation instructions in the [README](${{github.server_url}}/${{github.repository}}/blob/main/README.md)
## Changelog
${{steps.changelog.outputs.description}}
prerelease: ${{ (! github.event.pull_request.merged) || (github.event.pull_request.merged && ! contains(github.head_ref, 'release/')) }}
commit: ${{steps.lasttag.outputs.commit}}
makeLatest: true
tag: ${{steps.lasttag.outputs.version}}