Merge pull request #186 from noctua84/dependabot/npm_and_yarn/ejs-3.1.10 #70

Workflow file for this run

	# Main workflow for this application to provide continuous integration steps like
	# - check for dependency updates (ncu)
	# - coverage
	# - build
	# - release and changelog automation
	name: CI Pipeline

	# settings when the pipeline is triggered
	on:
	push:
	branches:
	- main

	# allow manual runs
	workflow_dispatch:

	# permissions for this workflow
	permissions:
	contents: write
	pull-requests: write
	packages: write

	# The jobs, this workflow runs
	jobs:
	check_dependencies:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 18

	- name: Install dependencies
	run: npm install

	- name: Check for package updates
	run: npx ncu -d -u

	- name: Reinstall dependencies
	id: reinstall_dependencies
	run: npm ci \|\| echo "reinstall_failed=true" >> "$GITHUB_OUTPUT"

	- name: Check if package.json has changed
	id: check_package_json
	if: steps.reinstall_dependencies.outputs.reinstall_failed != 'true'
	run: git diff --quiet HEAD -- package.json \|\| echo "changed=true" >> "$GITHUB_OUTPUT"

	- name: Persist changes in package.json
	if: steps.check_package_json.outputs.changed == 'true'
	run: \|
	git add package.json package-lock.json
	git config user.name "GitHub Actions"
	git config user.email "[email protected]"
	git commit -m "chore: Update dependencies"
	git push

	coverage:
	name: Coverage Report (CodeCov)
	runs-on: ubuntu-latest

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 18

	- name: Install Dependencies
	run: npm ci

	- name: Create Coverage Report
	run: npm run test:cov

	- name: Upload Coverage Report
	uses: codecov/codecov-action@v3
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	fail_ci_if_error: true

	sonarcloud:
	name: SonarCloud
	runs-on: ubuntu-latest

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 18

	- name: Install Dependencies
	run: npm ci

	- name: SonarCloud Scan
	uses: sonarsource/sonarcloud-github-action@master
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

	build:
	runs-on: ubuntu-latest
	needs: [ check_dependencies ]

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Check for dependency updates
	id: check_updates
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	current_sha=$(git rev-parse HEAD)
	latest_sha=$(curl --silent --header "Authorization: token $GITHUB_TOKEN" \
	https://api.github.com/repos/${{ github.repository }}/commits/${{ github.head_ref }} \
	\| jq -r '.sha')
	if [[ "$current_sha" != "$latest_sha" ]]; then
	echo "updated=true" >> "$GITHUB_OUTPUT"
	fi

	- name: Pull latest changes
	if: steps.check_updates.outputs.updated == 'true'
	run: git pull

	- name: Set up Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 18

	- name: Install dependencies
	run: npm ci

	- name: Build the application
	run: npm run build

	release-please:
	needs:
	- build

	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Check for dependency updates
	id: check_updates
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	current_sha=$(git rev-parse HEAD)
	latest_sha=$(curl --silent --header "Authorization: token $GITHUB_TOKEN" \
	https://api.github.com/repos/${{ github.repository }}/commits/${{ github.head_ref }} \
	\| jq -r '.sha')
	if [[ "$current_sha" != "$latest_sha" ]]; then
	echo "updated=true" >> "$GITHUB_OUTPUT"
	fi

	- name: Pull latest changes
	if: steps.check_updates.outputs.updated == 'true'
	run: git pull

	- name: Create Release and Changelog
	id: create_release
	uses: google-github-actions/release-please-action@v4
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	release-type: node

	- name: Add Label to Release-PR
	id: add_label
	uses: actions/github-script@v7
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	result-encoding: string
	retries: 3
	script: \|
	const script = require('./.github/scripts/addLabelToRelease.js');
	await script({ github, context, core });

	- name: Check PR Status
	id: check_pr_status
	if: steps.add_label.outputs.labelAdded == 'true'
	uses: actions/github-script@v7
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	result-encoding: string
	retries: 3
	script: \|
	const script = require('./.github/scripts/checkPrStatus.js');
	await script({ github, context, core });

	- name: Merge Release PR
	if: steps.check_pr_status.outputs.ready == 'true'
	uses: pascalgn/[email protected]
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	MERGE_DELETE_BRANCH: "true"
	MERGE_RETRIES: 3
	MERGE_RETRY_SLEEP: 100
	LOG: "DEBUG"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #186 from noctua84/dependabot/npm_and_yarn/ejs-3.1.10 #70

Workflow file

Merge pull request #186 from noctua84/dependabot/npm_and_yarn/ejs-3.1.10 #70

Jobs

Run details

Workflow file for this run