Prepare bot for public use #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Continuous Build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| jobs: | |
| documentation: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| - name: Check hyperlinks | |
| uses: gaurav-nelson/github-action-markdown-link-check@v1 | |
| lint-build: | |
| runs-on: ubuntu-latest | |
| name: Build, lint and test | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v3 | |
| with: | |
| version: 8.x | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| cache: 'pnpm' | |
| - name: Install Dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Build | |
| run: pnpm run build | |
| - name: Lint | |
| run: pnpm run prettier:check && pnpm run eslint:check | |
| - name: Lint Typescript | |
| run: pnpm run tsc | |
| required-checks-passed: | |
| name: All required checks passed | |
| runs-on: ubuntu-latest | |
| needs: [documentation, lint-build] | |
| steps: | |
| - run: exit 0 | |
| tag-and-release: | |
| name: Tag and release | |
| runs-on: ubuntu-latest | |
| needs: required-checks-passed | |
| # Only build images on pushes to main, not pull requests | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Clone repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ secrets.GH_ACCESS_TOKEN }} | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v3 | |
| with: | |
| version: 9 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20.x' | |
| cache: 'pnpm' | |
| - name: Configure Git credentials | |
| run: | | |
| git config --global user.name 'Aaron Scheiner' | |
| git config --global user.email 'blue@aquarat.co.uk' | |
| - name: Install Dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Get package.json version | |
| id: get-version | |
| run: echo "version=$(cat package.json | jq -r '.version' | sed 's/^/v/')" >> $GITHUB_OUTPUT | |
| - name: Validate tag | |
| id: validate-tag | |
| run: test "$(git tag -l '${{ steps.get-version.outputs.version }}' | awk '{print $NF}')" = "${{ steps.get-version.outputs.version }}" || echo "new-tag=true" >> $GITHUB_OUTPUT | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-1 | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Tag and release on Github | |
| if: ${{ steps.validate-tag.outputs.new-tag }} | |
| run: pnpm run release:tag | |
| env: | |
| GH_ACCESS_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }} | |
| - name: Build and push Docker image to ECR | |
| if: ${{ steps.validate-tag.outputs.new-tag }} | |
| run: pnpm run release:push | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| GH_ACCESS_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }} | |
| - name: Logout of Amazon ECR | |
| if: always() | |
| run: docker logout ${{ steps.login-ecr.outputs.registry }} |