Skip to content

feat: 🎸 persist webhook state with repository #1376

feat: 🎸 persist webhook state with repository

feat: 🎸 persist webhook state with repository #1376

Workflow file for this run

name: CI
on:
workflow_dispatch:
push:
branches:
- master
- alpha
pull_request:
types:
- assigned
- opened
- synchronize
- reopened
jobs:
lint:
name: Linting
runs-on: ubuntu-latest
env:
CI: true
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 1
- uses: actions/setup-node@v3
with:
node-version: '18.x'
cache: 'yarn'
- name: install dependencies
run: yarn --frozen-lockfile
- name: lint
run: yarn lint
build:
name: Building
runs-on: ubuntu-latest
env:
CI: true
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 1
- uses: actions/setup-node@v3
with:
node-version: '18.x'
cache: 'yarn'
- name: install dependencies
run: yarn --frozen-lockfile
- name: build
run: yarn build
test:
name: Testing
runs-on: ubuntu-latest
env:
CI: true
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 1
- uses: actions/setup-node@v3
with:
node-version: '18.x'
cache: 'yarn'
- name: install dependencies
run: yarn --frozen-lockfile
- name: test
run: yarn test:cov
release:
name: Building and releasing project
runs-on: ubuntu-latest
needs: [lint, build, test]
if: github.event_name == 'push'
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
fetch-depth: 1
- uses: actions/setup-node@v3
with:
node-version: '18.x'
cache: 'yarn'
- name: install dependencies
run: yarn --frozen-lockfile
- name: Setup SSH signing key
run: |
echo "$SSH_KEY_PRIVATE" | tr -d '\r' > /tmp/id_ed25519
echo $SSH_KEY_PUBLIC > /tmp/id_ed25519.pub
chmod 600 /tmp/id_ed25519
eval "$(ssh-agent -s)"
ssh-add /tmp/id_ed25519
git config --global gpg.format ssh
git config --global commit.gpgsign true
git config --global user.signingkey /tmp/id_ed25519.pub
mkdir -p ~/.config/git
echo "${{ vars.RB_EMAIL }} $SSH_KEY_PUBLIC" > ~/.config/git/allowed_signers
git config --global gpg.ssh.allowedSignersFile ~/.config/git/allowed_signers
shell: bash
env:
SSH_KEY_PRIVATE: ${{ secrets.SSH_PRIVATE_KEY }}
SSH_KEY_PUBLIC: ${{ vars.SSH_PUBLIC_KEY }}
- name: release
env:
GH_TOKEN: ${{ secrets.GH_RELEASE_BOT_PAT }}
GIT_AUTHOR_NAME: ${{ vars.RB_NAME }}
GIT_AUTHOR_EMAIL: ${{ vars.RB_EMAIL }}
GIT_COMMITTER_NAME: ${{ vars.RB_COMMITTER_NAME }}
GIT_COMMITTER_EMAIL: ${{ vars.RB_COMMITTER_EMAIL }}
run: yarn semantic-release
- name: Clear SSH key
run: |
shred /tmp/id_ed25519
check-fast-forward:
name: Check if fast forwarding is possible
runs-on: ubuntu-latest
needs: [lint, build, test]
if: github.event_name == 'pull_request'
permissions:
contents: read
# We appear to need write permission for both pull-requests and
# issues in order to post a comment to a pull request.
pull-requests: write
issues: write
steps:
- name: Checking if fast forwarding is possible
uses: sequoia-pgp/fast-forward@v1
with:
merge: false
# To reduce the workflow's verbosity, use 'on-error'
# to only post a comment when an error occurs, or 'never' to
# never post a comment. (In all cases the information is
# still available in the step's summary.)
comment: never
# TODO @polymath-eric: add SonarCloud step when the account confusion is sorted